X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FProtocol%2FActivityPub.php;h=95542ba966200b9fb14aa261f11013814e0468cc;hb=c083ae047c4259dcfa1c61a3795679bbf1b08d8c;hp=c064ffa39634fa594b9dabcf19380dadec242690;hpb=355346298bc99c97fa98157701c3fe7ef4905e5c;p=friendica.git diff --git a/src/Protocol/ActivityPub.php b/src/Protocol/ActivityPub.php index c064ffa396..95542ba966 100644 --- a/src/Protocol/ActivityPub.php +++ b/src/Protocol/ActivityPub.php @@ -46,13 +46,13 @@ use Friendica\Util\LDSignature; * - Object Types: Person, Tombstome * * Transmitter: - * - Activities: Like, Dislike, Update, Delete - * - Object Tyoes: Article, Announce, Person, Tombstone + * - Activities: Like, Dislike, Update, Delete, Announce + * - Object Tyoes: Article, Person, Tombstone * * General: - * - Message distribution - * - Endpoints: Outbox, Object, Follower, Following + * - Endpoints: Outbox, Follower, Following * - General cleanup + * - Queueing unsucessful deliveries */ class ActivityPub { @@ -122,27 +122,76 @@ class ActivityPub return $data; } + private static function fetchPermissionBlockFromConversation($item) + { + if (empty($item['thr-parent'])) { + return []; + } + + $condition = ['item-uri' => $item['thr-parent'], 'protocol' => Conversation::PARCEL_ACTIVITYPUB]; + $conversation = DBA::selectFirst('conversation', ['source'], $condition); + if (!DBA::isResult($conversation)) { + return []; + } + + $activity = json_decode($conversation['source'], true); + + $actor = JsonLD::fetchElement($activity, 'actor', 'id'); + $profile = ActivityPub::fetchprofile($actor); + + $item_profile = ActivityPub::fetchprofile($item['owner-link']); + + $permissions = []; + + $elements = ['to', 'cc', 'bto', 'bcc']; + foreach ($elements as $element) { + if (empty($activity[$element])) { + continue; + } + if (is_string($activity[$element])) { + $activity[$element] = [$activity[$element]]; + } + foreach ($activity[$element] as $receiver) { + if ($receiver == $profile['followers'] && !empty($item_profile['followers'])) { + $receiver = $item_profile['followers']; + } + if ($receiver != $item['owner-link']) { + $permissions[$element][] = $receiver; + } + } + } + return $permissions; + } + public static function createPermissionBlockForItem($item) { $data = ['to' => [], 'cc' => []]; + $data = array_merge($data, self::fetchPermissionBlockFromConversation($item)); + + $actor_profile = ActivityPub::fetchprofile($item['author-link']); + $terms = Term::tagArrayFromItemId($item['id']); + $contacts[$item['author-link']] = $item['author-link']; + if (!$item['private']) { $data['to'][] = self::PUBLIC; - $data['cc'][] = System::baseUrl() . '/followers/' . $item['author-nick']; + if (!empty($actor_profile['followers'])) { + $data['cc'][] = $actor_profile['followers']; + } foreach ($terms as $term) { if ($term['type'] != TERM_MENTION) { continue; } $profile = self::fetchprofile($term['url']); - if (!empty($profile)) { + if (!empty($profile) && empty($contacts[$profile['url']])) { $data['cc'][] = $profile['url']; + $contacts[$profile['url']] = $profile['url']; } } } else { - //$data['cc'][] = System::baseUrl() . '/followers/' . $item['author-nick']; $receiver_list = Item::enumeratePermissions($item); $mentioned = []; @@ -155,84 +204,84 @@ class ActivityPub if (!empty($cid) && in_array($cid, $receiver_list)) { $contact = DBA::selectFirst('contact', ['url'], ['id' => $cid, 'network' => Protocol::ACTIVITYPUB]); $data['to'][] = $contact['url']; + $contacts[$contact['url']] = $contact['url']; } } foreach ($receiver_list as $receiver) { $contact = DBA::selectFirst('contact', ['url'], ['id' => $receiver, 'network' => Protocol::ACTIVITYPUB]); - $data['cc'][] = $contact['url']; + if (empty($contacts[$contact['url']])) { + $data['cc'][] = $contact['url']; + $contacts[$contact['url']] = $contact['url']; + } + } + } + + $parents = Item::select(['author-link', 'owner-link'], ['parent' => $item['parent']]); + while ($parent = Item::fetch($parents)) { + $profile = self::fetchprofile($parent['author-link']); + if (!empty($profile) && empty($contacts[$profile['url']])) { + $data['cc'][] = $profile['url']; + $contacts[$profile['url']] = $profile['url']; } - if (empty($data['to'])) { - $data['to'] = $data['cc']; - $data['cc'] = []; + $profile = self::fetchprofile($parent['owner-link']); + if (!empty($profile) && empty($contacts[$profile['url']])) { + $data['cc'][] = $profile['url']; + $contacts[$profile['url']] = $profile['url']; } } + DBA::close($parents); + + if (empty($data['to'])) { + $data['to'] = $data['cc']; + $data['cc'] = []; + } return $data; } - public static function fetchTargetInboxes($item) + public static function fetchTargetInboxes($item, $uid) { + $permissions = self::createPermissionBlockForItem($item); + if (empty($permissions)) { + return []; + } + $inboxes = []; - $terms = Term::tagArrayFromItemId($item['id']); - if (!$item['private']) { - $contacts = DBA::select('contact', ['notify', 'batch'], ['uid' => $item['uid'], - 'rel' => [Contact::FOLLOWER, Contact::FRIEND], 'network' => Protocol::ACTIVITYPUB]); - while ($contact = DBA::fetch($contacts)) { - $contact = defaults($contact, 'batch', $contact['notify']); - $inboxes[$contact] = $contact; - } - DBA::close($contacts); + $item_profile = ActivityPub::fetchprofile($item['owner-link']); - foreach ($terms as $term) { - if ($term['type'] != TERM_MENTION) { - continue; - } - $profile = self::fetchprofile($term['url']); - if (!empty($profile)) { - $target = defaults($profile, 'sharedinbox', $profile['inbox']); - $inboxes[$target] = $target; - } + $elements = ['to', 'cc', 'bto', 'bcc']; + foreach ($elements as $element) { + if (empty($permissions[$element])) { + continue; } - } else { - $receiver_list = Item::enumeratePermissions($item); - - $mentioned = []; - - foreach ($terms as $term) { - if ($term['type'] != TERM_MENTION) { - continue; - } - $cid = Contact::getIdForURL($term['url'], $item['uid']); - if (!empty($cid) && in_array($cid, $receiver_list)) { - $contact = DBA::selectFirst('contact', ['url'], ['id' => $cid, 'network' => Protocol::ACTIVITYPUB]); - $profile = self::fetchprofile($contact['url']); - if (!empty($profile['network'])) { + foreach ($permissions[$element] as $receiver) { + if ($receiver == $item_profile['followers']) { + $contacts = DBA::select('contact', ['notify', 'batch'], ['uid' => $uid, + 'rel' => [Contact::FOLLOWER, Contact::FRIEND], 'network' => Protocol::ACTIVITYPUB]); + while ($contact = DBA::fetch($contacts)) { + $contact = defaults($contact, 'batch', $contact['notify']); + $inboxes[$contact] = $contact; + } + DBA::close($contacts); + } else { + $profile = self::fetchprofile($receiver); + if (!empty($profile)) { $target = defaults($profile, 'sharedinbox', $profile['inbox']); $inboxes[$target] = $target; } } } - - foreach ($receiver_list as $receiver) { - $contact = DBA::selectFirst('contact', ['url'], ['id' => $receiver, 'network' => Protocol::ACTIVITYPUB]); - $profile = self::fetchprofile($contact['url']); - if (!empty($profile['network'])) { - $target = defaults($profile, 'sharedinbox', $profile['inbox']); - $inboxes[$target] = $target; - } - } } - $profile = self::fetchprofile($item['author-link']); - if (!empty($profile['sharedinbox'])) { - unset($inboxes[$profile['sharedinbox']]); + if (!empty($item_profile['sharedinbox'])) { + unset($inboxes[$item_profile['sharedinbox']]); } - if (!empty($profile['inbox'])) { - unset($inboxes[$profile['inbox']]); + if (!empty($item_profile['inbox'])) { + unset($inboxes[$item_profile['inbox']]); } return $inboxes; @@ -261,8 +310,8 @@ class ActivityPub 'conversation' => 'ostatus:conversation', 'inReplyToAtomUri' => 'ostatus:inReplyToAtomUri']]]; - $data['type'] = 'Create'; $data['id'] = $item['uri'] . '#activity'; + $data['type'] = 'Create'; $data['actor'] = $item['author-link']; $data['published'] = DateTimeFormat::utc($item["created"]."+00:00", DateTimeFormat::ATOM); @@ -271,9 +320,12 @@ class ActivityPub $data['updated'] = DateTimeFormat::utc($item["edited"]."+00:00", DateTimeFormat::ATOM); } + $data['context_id'] = $item['parent']; + $data['context'] = self::createConversationURLFromItem($item); + $data = array_merge($data, ActivityPub::createPermissionBlockForItem($item)); - $data['object'] = self::createNote($item); + $data['object'] = self::createObjectTypeFromItem($item); $owner = User::getOwnerDataById($item['uid']); @@ -294,7 +346,7 @@ class ActivityPub 'conversation' => 'ostatus:conversation', 'inReplyToAtomUri' => 'ostatus:inReplyToAtomUri']]]; - $data = array_merge($data, self::createNote($item)); + $data = array_merge($data, self::createObjectTypeFromItem($item)); return $data; @@ -317,45 +369,63 @@ class ActivityPub $tags[] = ['type' => 'Mention', 'href' => $term['url'], 'name' => $mention]; } } - return $tags; } - public static function createNote($item) + private static function createConversationURLFromItem($item) { + $conversation = DBA::selectFirst('conversation', ['conversation-uri'], ['item-uri' => $item['parent-uri']]); + if (DBA::isResult($conversation) && !empty($conversation['conversation-uri'])) { + $conversation_uri = $conversation['conversation-uri']; + } else { + $conversation_uri = $item['parent-uri']; + } + return $conversation_uri; + } + + private static function createObjectTypeFromItem($item) + { + if (!empty($item['title'])) { + $type = 'Article'; + } else { + $type = 'Note'; + } + $data = []; - $data['type'] = 'Note'; $data['id'] = $item['uri']; + $data['type'] = $type; + $data['summary'] = null; // Ignore by now if ($item['uri'] != $item['thr-parent']) { $data['inReplyTo'] = $item['thr-parent']; - } - - $conversation = DBA::selectFirst('conversation', ['conversation-uri'], ['item-uri' => $item['parent-uri']]); - if (DBA::isResult($conversation) && !empty($conversation['conversation-uri'])) { - $conversation_uri = $conversation['conversation-uri']; } else { - $conversation_uri = $item['parent-uri']; + $data['inReplyTo'] = null; } - $data['context'] = $data['conversation'] = $conversation_uri; - $data['actor'] = $item['author-link']; - $data = array_merge($data, ActivityPub::createPermissionBlockForItem($item)); $data['published'] = DateTimeFormat::utc($item["created"]."+00:00", DateTimeFormat::ATOM); if ($item["created"] != $item["edited"]) { $data['updated'] = DateTimeFormat::utc($item["edited"]."+00:00", DateTimeFormat::ATOM); } + $data['url'] = $item['plink']; $data['attributedTo'] = $item['author-link']; - $data['name'] = BBCode::convert($item['title'], false, 7); + $data['actor'] = $item['author-link']; + $data['sensitive'] = false; // - Query NSFW + $data['context_id'] = $item['parent']; + $data['conversation'] = $data['context'] = self::createConversationURLFromItem($item); + + if (!empty($item['title'])) { + $data['name'] = BBCode::convert($item['title'], false, 7); + } + $data['content'] = BBCode::convert($item['body'], false, 7); $data['source'] = ['content' => $item['body'], 'mediaType' => "text/bbcode"]; - $data['summary'] = ''; // Ignore by now - $data['sensitive'] = false; // - Query NSFW - //$data['emoji'] = []; // Ignore by now - $data['tag'] = self::createTagList($item); $data['attachment'] = []; // @ToDo + $data['tag'] = self::createTagList($item); + $data = array_merge($data, ActivityPub::createPermissionBlockForItem($item)); + + //$data['emoji'] = []; // Ignore by now return $data; } @@ -628,21 +698,48 @@ class ActivityPub public static function processInbox($body, $header, $uid) { - logger('Incoming message for user ' . $uid, LOGGER_DEBUG); - - if (!HTTPSignature::verifyAP($body, $header)) { - logger('Invalid signature, message will be discarded.', LOGGER_DEBUG); + $http_signer = HTTPSignature::getSigner($body, $header); + if (empty($http_signer)) { + logger('Invalid HTTP signature, message will be discarded.', LOGGER_DEBUG); return; + } else { + logger('HTTP signature is signed by ' . $http_signer, LOGGER_DEBUG); } $activity = json_decode($body, true); - if (!is_array($activity)) { + $actor = JsonLD::fetchElement($activity, 'actor', 'id'); + logger('Message for user ' . $uid . ' is from actor ' . $actor, LOGGER_DEBUG); + + if (empty($activity)) { logger('Invalid body.', LOGGER_DEBUG); return; } - self::processActivity($activity, $body, $uid); + if (LDSignature::isSigned($activity)) { + $ld_signer = LDSignature::getSigner($activity); + if (!empty($ld_signer && ($actor == $http_signer))) { + logger('The HTTP and the JSON-LD signature belong to ' . $ld_signer, LOGGER_DEBUG); + $trust_source = true; + } elseif (!empty($ld_signer)) { + logger('JSON-LD signature is signed by ' . $ld_signer, LOGGER_DEBUG); + $trust_source = true; + } elseif ($actor == $http_signer) { + logger('Bad JSON-LD signature, but HTTP signer fits the actor.', LOGGER_DEBUG); + $trust_source = true; + } else { + logger('Invalid JSON-LD signature and the HTTP signer is different.', LOGGER_DEBUG); + $trust_source = false; + } + } elseif ($actor == $http_signer) { + logger('Trusting post without JSON-LD signature, The actor fits the HTTP signer.', LOGGER_DEBUG); + $trust_source = true; + } else { + logger('No JSON-LD signature, different actor.', LOGGER_DEBUG); + $trust_source = false; + } + + self::processActivity($activity, $body, $uid, $trust_source); } public static function fetchOutbox($url, $uid) @@ -664,11 +761,11 @@ class ActivityPub } foreach ($items as $activity) { - self::processActivity($activity, '', $uid); + self::processActivity($activity, '', $uid, true); } } - private static function prepareObjectData($activity, $uid) + private static function prepareObjectData($activity, $uid, $trust_source) { $actor = JsonLD::fetchElement($activity, 'actor', 'id'); if (empty($actor)) { @@ -688,23 +785,6 @@ class ActivityPub logger('Receivers: ' . json_encode($receivers), LOGGER_DEBUG); - $unsigned = true; - - if (LDSignature::isSigned($activity)) { - if (!LDSignature::isVerified($activity)) { - logger('Invalid signature. Quitting here.', LOGGER_DEBUG); - return []; - } - logger('Valid signature.', LOGGER_DEBUG); - $unsigned = false; - } elseif (!in_array(0, $receivers)) { - /// @todo Add some checks to only accept unsigned private posts directly from the actor - $unsigned = false; - logger('Private post without signature.', LOGGER_DEBUG); - } else { - logger('Public post without signature. Object data will be fetched.', LOGGER_DEBUG); - } - if (is_string($activity['object'])) { $object_url = $activity['object']; } elseif (!empty($activity['object']['id'])) { @@ -716,7 +796,7 @@ class ActivityPub // Fetch the content only on activities where this matters if (in_array($activity['type'], ['Create', 'Update', 'Announce'])) { - $object_data = self::fetchObject($object_url, $activity['object'], $unsigned); + $object_data = self::fetchObject($object_url, $activity['object'], $trust_source); if (empty($object_data)) { logger("Object data couldn't be processed", LOGGER_DEBUG); return []; @@ -752,7 +832,7 @@ class ActivityPub return $object_data; } - private static function processActivity($activity, $body = '', $uid = null) + private static function processActivity($activity, $body = '', $uid = null, $trust_source = false) { if (empty($activity['type'])) { logger('Empty type', LOGGER_DEBUG); @@ -778,7 +858,7 @@ class ActivityPub logger('Processing activity: ' . $activity['type'], LOGGER_DEBUG); - $object_data = self::prepareObjectData($activity, $uid); + $object_data = self::prepareObjectData($activity, $uid, $trust_source); if (empty($object_data)) { logger('No object data found', LOGGER_DEBUG); return; @@ -829,6 +909,15 @@ class ActivityPub { $receivers = []; + // When it is an answer, we inherite the receivers from the parent + $replyto = JsonLD::fetchElement($activity, 'inReplyTo', 'id'); + if (!empty($replyto)) { + $parents = Item::select(['uid'], ['uri' => $replyto]); + while ($parent = Item::fetch($parents)) { + $receivers['uid:' . $parent['uid']] = $parent['uid']; + } + } + if (!empty($actor)) { $profile = self::fetchprofile($actor); $followers = defaults($profile, 'followers', ''); @@ -911,14 +1000,15 @@ class ActivityPub return $object_data; } - private static function fetchObject($object_url, $object = [], $unsigned = true) + private static function fetchObject($object_url, $object = [], $trust_source = false) { - if ($unsigned) { + if (!$trust_source || is_string($object)) { $data = self::fetchContent($object_url); if (empty($data)) { logger('Empty content for ' . $object_url . ', check if content is available locally.', LOGGER_DEBUG); $data = $object_url; - $data = $object; + } else { + logger('Fetched content for ' . $object_url, LOGGER_DEBUG); } } else { logger('Using original object for url ' . $object_url, LOGGER_DEBUG); @@ -932,7 +1022,7 @@ class ActivityPub return false; } logger('Using already stored item for url ' . $object_url, LOGGER_DEBUG); - $data = self::createNote($item); + $data = self::createObjectTypeFromItem($item); } if (empty($data['type'])) { @@ -1211,6 +1301,7 @@ class ActivityPub $activity['object'] = $object; $activity['published'] = $object['published']; $activity['type'] = 'Create'; + self::processActivity($activity); logger('Activity ' . $url . ' had been fetched and processed.'); }