GKaszewski/k-ap
1
0
Fork 0
Code Issues 11 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: GKaszewski:fad95f055091c4c79cffc1e7acd85fd3dff77f04
Branches Tags
GKaszewski:master
GKaszewski:v0.3.1 GKaszewski:v0.3.0 GKaszewski:v0.1.10 GKaszewski:v0.1.9 GKaszewski:v0.1.8 GKaszewski:v0.1.7 GKaszewski:v0.1.6 GKaszewski:v0.1.5 GKaszewski:v0.1.4 GKaszewski:v0.1.3 GKaszewski:v0.1.2 GKaszewski:v0.1.1 GKaszewski:v0.1.0
..
compare: GKaszewski:v0.1.2
Branches Tags
GKaszewski:master
GKaszewski:v0.3.1 GKaszewski:v0.3.0 GKaszewski:v0.1.10 GKaszewski:v0.1.9 GKaszewski:v0.1.8 GKaszewski:v0.1.7 GKaszewski:v0.1.6 GKaszewski:v0.1.5 GKaszewski:v0.1.4 GKaszewski:v0.1.3 GKaszewski:v0.1.2 GKaszewski:v0.1.1 GKaszewski:v0.1.0

5 Commits
fad95f0550 ... v0.1.2

Author SHA1 Message Date
Gabriel
767b1e69d4 feat: add followers/following collection json methods 2026-05-17 22:58:30 +02:00
Gabriel
72cda57dd9 feat: add broadcast_create_note, broadcast_update_note, base_url() accessor 2026-05-17 22:56:57 +02:00
Gabriel
7927aec05e gitignore 2026-05-17 22:54:03 +02:00
Gabriel
1021861e2b clean up 2026-05-17 22:53:45 +02:00
Gabriel
fc01619a25 feat: k-ap public API, no ap_ports 2026-05-17 22:31:23 +02:00
52 changed files with 2651 additions and 5916 deletions
Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -1,3 +1,2 @@
/target /target
Cargo.lock Cargo.lock
docs/

146
CHANGELOG.md
View File

@@ -1,146 +0,0 @@
# Changelog
## [0.3.0] — unreleased
### Breaking changes
**Builder API** — the service builder no longer takes positional arguments. All repos are named setters:
```rust
// Before (0.2.x)
ActivityPubService::builder(repo, user_repo, handler, "https://example.com")
// After (0.3.0)
ActivityPubService::builder("https://example.com")
.activity_repo(db.clone())
.follow_repo(db.clone())
.actor_repo(db.clone())
.blocklist_repo(db.clone())
.user_repo(db.clone())
.content_reader(db.clone())
.object_handler(db.clone())
.build()
.await?
```
**`FederationRepository` split into 4 focused traits** — implement each independently or all on one struct:
| Old | New |
|-----|-----|
| `FederationRepository` (34 methods) | `ActivityRepository` (2) |
| | `FollowRepository` (18) |
| | `ActorRepository` (6) |
| | `BlocklistRepository` (8) |
**`ApObjectHandler` split into read/write traits:**
| Old | New |
|-----|-----|
| `ApObjectHandler::get_local_objects_for_user` | removed (dead code) |
| `ApObjectHandler::get_local_objects_page` | `ApContentReader::get_local_objects_page` |
| `ApObjectHandler::count_local_posts` | `ApContentReader::count_local_posts` |
| `ApObjectHandler` (callbacks) | `ApObjectHandler` (9 callbacks, unchanged) |
`ApContentReader` also has a new optional method with a default empty impl:
- `get_featured_objects(user_id) -> Vec<Url>` — override to expose pinned posts
**`broadcast_create_note` and `broadcast_update_note` — new `mentioned_inboxes` parameter:**
```rust
// Before
service.broadcast_create_note(user_id, note_json, ApVisibility::Public).await?;
// After — pass inboxes of mentioned non-followers, or vec![] if none
service.broadcast_create_note(user_id, note_json, ApVisibility::Public, mentioned_inboxes).await?;
```
**`ApUser::also_known_as` changed from `Option<String>` to `Vec<String>`** — stores all aliases, not just the first.
**`LookedUpActor::also_known_as` changed from `Option<String>` to `Vec<String>`.**
**`backfill_outbox` renamed to `import_remote_outbox`** — clarifies direction: imports content FROM a remote server into your instance, distinct from `run_backfill_for_follower` which sends your content TO a new follower.
**`FollowRepository` — two new required methods:**
- `count_accepted_followers(user_id) -> usize` — DB-side count, replaces loading all followers into memory
- `get_accepted_followers_page(user_id, offset, limit) -> Vec<RemoteActor>` — DB-side paginated listing
**`ActorRepository` — one new required method:**
- `remove_announce(activity_id, actor_url)` — called when `Undo(Announce)` is received
---
### New features
**`ApVisibility`** — controls `to`/`cc` addressing and delivery scope for Create/Update:
- `Public``to: [AS_PUBLIC], cc: [followers]`
- `FollowersOnly``to: [followers], cc: []`
- `Private` — no delivery at all
**Mention delivery**`broadcast_create_note` and `broadcast_update_note` accept `mentioned_inboxes: Vec<Url>`. Delivery goes to followers + mentioned non-followers, deduplicated.
**`ApUser::discoverable: bool`** — serialized as `discoverable` in actor JSON (was hard-coded `true`).
**`ApUser::actor_type: ApActorType`** — serialized as the AP actor type (was hard-coded `Person`).
**`ApUser::featured_url: Option<Url>`** — serialized as `featured` in actor JSON. The library serves `GET /users/{id}/featured` automatically.
**`GET /users/{id}/featured` route** — serves an `OrderedCollection` of pinned posts via `ApContentReader::get_featured_objects`. Default is an empty collection.
**`router()` no longer registers `GET /users/{id}`, `/followers`, or `/following`** — these paths need content negotiation (AP JSON vs UI JSON) which k-ap can't do. Your application owns those routes and calls `actor_json`, `followers_collection_json`, `following_collection_json` to produce the AP response. See README for the pattern.
**`FederationEvent::BackfillRequested`** — when an `EventPublisher` is configured, `accept_follower` publishes this event instead of spawning an in-process task. Process it by calling `run_backfill_for_follower`.
**`run_backfill_for_follower(owner_user_id, follower_inbox_url)`** — public method for workers processing `BackfillRequested` events.
**`ApObjectHandler::on_announce_removed`** — called when `Undo(Announce)` is received for a locally-authored object. Default is a no-op — override to update boost counts.
**`ApObjectHandler::on_announce_of_remote`** — called when a remote actor boosts a non-local object. Default is a no-op.
**`count_accepted_followers` / `get_accepted_followers_page`** — service methods now use DB-side queries via the new `FollowRepository` methods instead of loading all followers into memory.
---
### Bug fixes
**`AddActivity` used activity ID instead of object ID** — `on_create` was receiving the Add activity's `id` instead of `object["id"]`. Now matches `CreateActivity` behaviour.
**`Undo(Announce)` was silently ignored** — now removes the announce record from `ActorRepository` and calls `on_announce_removed`. Announce counts no longer drift.
**`Move` re-follows blocked the inbox handler** — re-follow HTTP requests are now spawned in the background so the inbox handler returns immediately.
**`alsoKnownAs` truncated to first alias** — `from_json` now stores all aliases from the incoming actor JSON.
**`Move` alsoKnownAs check now verifies all aliases** — previously only checked the first one.
**Block check before actor HTTP fetch**`FollowActivity::receive` now checks per-actor blocks before calling `dereference()`, preventing SSRF from blocked actors.
---
### Other improvements
- 1 MB `DefaultBodyLimit` on inbox routes — prevents memory exhaustion from oversized payloads
- 4xx error responses now use generic messages — internal details are only logged, never sent to clients
- Actor JSON includes W3C security vocabulary in `@context` — required for public key resolution by strict implementations
- WebFinger response includes `aliases` field
- Outbox `last` link added to root `OrderedCollection`
- Outbox count uses `count_local_posts()` — no longer loads all objects to count them
- Backfill uses cursor-based `get_local_objects_page` — no longer loads all posts into memory
- All inbound activities are deduplicated by activity `id` via `ActivityRepository`
- Mentions extracted from `tag` arrays in `Create`/`Update` and dispatched via `on_mention`
- Cross-server `Announce` dispatched via `on_announce_of_remote` instead of silently dropped
- `discoverable`, `actor_type`, `featured_url`, `manually_approves_followers` all configurable per-user
- `delivery_max_attempts` and `delivery_initial_delay_secs` configurable via builder
- `Makefile` with `check`, `fmt`, `clippy`, `test`, `fix` targets
---
## [0.1.10] — 2024 (previous release)
Initial public extraction from `thoughts` and `movies-diary`.
- `FederationRepository`, `ApUserRepository`, `ApObjectHandler` — single-struct trait interface
- Inbound: Follow, Accept, Reject, Undo, Create, Update, Delete, Announce, Like, Add, Block, Move
- Outbound broadcasts: Create, Update, Delete, Announce, Like, Move, actor update
- WebFinger, NodeInfo 2.0, shared inbox, follower/following collections
- Signed WebFinger resolution for actor lookup
- Account migration (Move) with alsoKnownAs verification and re-follow

17
Cargo.lock generated
View File

@@ -1368,7 +1368,7 @@ dependencies = [
[[package]] [[package]]
name = "k-ap" name = "k-ap"
version = "0.3.0" version = "0.1.0"
dependencies = [ dependencies = [
"activitypub_federation", "activitypub_federation",
"anyhow", "anyhow",
@@ -1384,7 +1384,6 @@ dependencies = [
"tracing", "tracing",
"url", "url",
"uuid", "uuid",
"zeroize",
] ]
[[package]] [[package]]
@@ -3231,20 +3230,6 @@ name = "zeroize"
version = "1.8.2" version = "1.8.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b97154e67e32c85465826e8bcc1c59429aaaf107c1e4a9e53c8d8ccd5eff88d0" checksum = "b97154e67e32c85465826e8bcc1c59429aaaf107c1e4a9e53c8d8ccd5eff88d0"
dependencies = [
"zeroize_derive",
]
[[package]]
name = "zeroize_derive"
version = "1.4.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "85a5b4158499876c763cb03bc4e49185d3cccbabb15b33c627f7884f43db852e"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.117",
]
[[package]] [[package]]
name = "zerotrie" name = "zerotrie"

3
Cargo.toml
View File

@@ -1,6 +1,6 @@
[package] [package]
name = "k-ap" name = "k-ap"
version = "0.3.0" version = "0.1.0"
edition = "2024" edition = "2024"
description = "Generic ActivityPub protocol layer" description = "Generic ActivityPub protocol layer"
license = "MIT" license = "MIT"
@@ -21,4 +21,3 @@ reqwest = { version = "0.13", features = ["json"] }
url = { version = "2", features = ["serde"] } url = { version = "2", features = ["serde"] }
enum_delegate = "0.2" enum_delegate = "0.2"
activitypub_federation = "0.7.0-beta.11" activitypub_federation = "0.7.0-beta.11"
zeroize = { version = "1", features = ["derive"] }

28
Makefile
View File

@@ -1,28 +0,0 @@
.DEFAULT_GOAL := check
# Run the full local check suite — same order as CI would.
check: fmt-check clippy test
@echo "✅ All checks passed"
# Apply rustfmt to all files.
fmt:
cargo fmt
# Check formatting without modifying files (CI-safe).
fmt-check:
cargo fmt --check
# Run Clippy and treat warnings as errors.
clippy:
cargo clippy -- -D warnings
# Run the test suite.
test:
cargo test
# Apply fmt + clippy auto-fixes in one shot.
fix:
cargo fmt
cargo clippy --fix --allow-dirty --allow-staged
.PHONY: check fmt fmt-check clippy test fix

313
README.md
View File

@@ -1,313 +0,0 @@
# k-ap
Generic ActivityPub protocol layer for Rust services. Extracted from the `thoughts` and `movies-diary` projects.
Wraps [`activitypub_federation`](https://crates.io/crates/activitypub_federation) and provides the plumbing that every AP-enabled service needs: actor management, inbox/outbox routing, follower tracking, WebFinger, NodeInfo, and HTTP signature handling.
Not domain-specific — no opinions about what your content type looks like.
## Add as dependency
Via the private Gitea registry (recommended):
```toml
[dependencies]
k-ap = { version = "0.3.0", registry = "gitea" }
```
Configure the registry in `.cargo/config.toml`:
```toml
[registries.gitea]
index = "sparse+https://git.gabrielkaszewski.dev/api/packages/GKaszewski/cargo/"
```
Or via git if you don't have registry access:
```toml
[dependencies]
k-ap = { git = "https://git.gabrielkaszewski.dev/GKaszewski/k-ap.git", tag = "v0.3.0" }
```
## What you implement
Seven focused traits wire your data layer into `k-ap`. Implement them all on a single database struct by cloning the `Arc`, or use separate structs for different backends.
```rust
// Activity deduplication — idempotency for inbound deliveries
impl ActivityRepository for MyDb { ... }
// Follower / following graph + account migration
impl FollowRepository for MyDb { ... }
// Local keypairs, remote actor cache, boost (Announce) tracking
impl ActorRepository for MyDb { ... }
// Domain and per-user actor blocklists
impl BlocklistRepository for MyDb { ... }
// User lookup by id / username
impl ApUserRepository for MyDb { ... }
// Read side — provides local content to the library (outbox, backfill, featured)
impl ApContentReader for MyDb { ... }
// Write side — called when the inbox receives AP activities
impl ApObjectHandler for MyDb { ... }
```
## Wire up the service
```rust
use std::sync::Arc;
use k_ap::ActivityPubService;
let db = Arc::new(MyDb::new(...));
let service = ActivityPubService::builder("https://example.com")
.activity_repo(db.clone())
.follow_repo(db.clone())
.actor_repo(db.clone())
.blocklist_repo(db.clone())
.user_repo(db.clone())
.content_reader(db.clone())
.object_handler(db.clone())
.allow_registration(false)
.software_name("my-app")
.build()
.await?;
// Mount the AP routes onto your axum router
let router = Router::new().merge(service.router());
```
## What the service handles for you
`service.router()` registers only the routes k-ap fully owns:
| Route | Description |
|-------|-------------|
| `POST /inbox` | Shared inbox — HTTP signature verification + dispatch, 1 MB limit |
| `POST /users/{id}/inbox` | Per-user inbox — same |
| `GET /users/{id}/outbox` | Cursor-based `OrderedCollection` |
| `GET /users/{id}/featured` | Pinned posts `OrderedCollection` |
| `GET /.well-known/webfinger` | JRD with `aliases` field |
| `GET /.well-known/nodeinfo` | NodeInfo well-known redirect |
| `GET /nodeinfo/2.0` | NodeInfo 2.0 |
**Not registered by `router()`:** `GET /users/{id}`, `GET /users/{id}/followers`, `GET /users/{id}/following`.
These paths are dual-purpose in real applications — they must serve both AP JSON (`application/activity+json`) and the app's own UI JSON (content negotiation). k-ap can't do the UI half, so your application owns the route and calls k-ap's helper methods to produce the AP response:
```rust
// In your axum actor handler — serve AP JSON or UI JSON based on Accept header
async fn actor_handler(Path(username): Path<String>, headers: HeaderMap, ...) {
if wants_ap_json(&headers) {
let json = service.actor_json(&user.id.to_string()).await?;
return ap_json_response(json);
}
// ... serve UI response
}
// Similarly for followers/following:
let json = service.followers_collection_json(user_id, page).await?;
let json = service.following_collection_json(user_id, page).await?;
```
## ApUser fields
Your `ApUserRepository` returns `ApUser`. All fields control how the actor is serialized:
```rust
ApUser {
id: uuid,
username: String,
display_name: Option<String>,
bio: Option<String>,
avatar_url: Option<Url>,
banner_url: Option<Url>,
also_known_as: Vec<String>, // all known aliases, for account migration
profile_url: Option<Url>,
featured_url: Option<Url>, // pinned posts collection URL
attachment: Vec<ApProfileField>, // profile metadata (PropertyValue)
manually_approves_followers: bool, // controls manuallyApprovesFollowers in AP JSON
discoverable: bool, // controls discoverable in AP JSON
actor_type: ApActorType, // Person / Service / Application / Organization / Group
}
```
## Broadcast with visibility
```rust
use k_ap::ApVisibility;
// Resolve the inboxes of any mentioned non-followers first, then pass them in.
// The library delivers to followers + mentioned actors, deduplicated.
let mentioned = vec![
service.lookup_actor_by_handle("@bob@mastodon.social").await?.outbox_url.unwrap(),
// ...or resolve inbox URLs directly
];
// Public — to: [AS_PUBLIC], cc: [followers]; delivered to followers + mentioned
service.broadcast_create_note(user_id, note_json, ApVisibility::Public, mentioned).await?;
// Followers only — to: [followers], cc: []; delivered to followers + mentioned
service.broadcast_create_note(user_id, note_json, ApVisibility::FollowersOnly, vec![]).await?;
// Private — no delivery at all; library returns immediately
service.broadcast_create_note(user_id, note_json, ApVisibility::Private, vec![]).await?;
service.broadcast_update_note(user_id, note_json, ApVisibility::Public, vec![]).await?;
service.broadcast_delete_to_followers(user_id, ap_id).await?;
// Announce / Undo Announce
service.broadcast_announce_to_followers(user_id, object_ap_id).await?;
service.broadcast_undo_announce_to_followers(user_id, object_ap_id).await?;
// Like / Unlike to a single remote inbox
service.broadcast_like_to_inbox(user_id, object_ap_id, inbox_url).await?;
service.broadcast_undo_like_to_inbox(user_id, object_ap_id, inbox_url).await?;
// Actor profile update to all followers
service.broadcast_actor_update(user_id).await?;
// Account migration — sends Move to all followers; set alsoKnownAs first
service.broadcast_move(user_id, new_actor_url).await?;
```
## Follow management
```rust
// Outbound follows (resolves handle via signed WebFinger request)
service.follow(local_user_id, "@user@remote.example").await?;
service.unfollow(local_user_id, remote_actor_url).await?;
// Inbound follow requests — full flow (DB update + AP delivery + backfill)
service.accept_follower(local_user_id, remote_actor_url).await?;
service.reject_follower(local_user_id, remote_actor_url).await?;
// Inbound follow requests — DB only (no AP delivery)
// Use when delivering Accept/Reject from a separate worker process
service.mark_follower_accepted(local_user_id, remote_actor_url).await?;
service.mark_follower_rejected(local_user_id, remote_actor_url).await?;
// Querying followers (DB-side filtering — efficient for large accounts)
let count: usize = service.count_accepted_followers(user_id).await?;
let page: Vec<RemoteActor> = service.get_accepted_followers_page(user_id, 0, 20).await?;
```
## Async delivery and backfill via EventPublisher
By default, outbound delivery and backfill run in the same process via `tokio::spawn`.
Implement `EventPublisher` to route them through your job queue so workers can process them separately:
```rust
impl EventPublisher for MyQueue {
async fn publish(&self, event: FederationEvent) -> anyhow::Result<()> {
match event {
FederationEvent::DeliveryRequested { inbox, activity, signing_actor_id } => {
// Persist and enqueue; your worker calls deliver_to_inbox
self.enqueue_delivery(inbox, activity, signing_actor_id).await?;
}
FederationEvent::DeliveryFailed { inbox, error, .. } => {
tracing::error!(%inbox, %error, "permanent delivery failure");
}
FederationEvent::BackfillRequested { owner_user_id, follower_inbox_url } => {
// Enqueue; your worker calls run_backfill_for_follower
self.enqueue_backfill(owner_user_id, follower_inbox_url).await?;
}
}
Ok(())
}
}
// Worker: execute a delivery task from the queue
service.deliver_to_inbox(inbox, activity_json, signing_actor_id).await?;
// Worker: send local content to a new follower's inbox
service.run_backfill_for_follower(owner_user_id, follower_inbox_url).await?;
```
## Remote outbox import
Import a remote actor's post history (e.g. after a local user follows them):
```rust
// Fetches pages from outbox_url and calls ApObjectHandler::on_create for each.
// Distinct from run_backfill_for_follower which sends YOUR content TO a follower.
service.import_remote_outbox(outbox_url, actor_url).await?;
```
## Actor lookup
```rust
// Resolve a handle via WebFinger using a signed HTTP request.
// Works with strict instances (e.g. Threads) that require HTTP signatures.
let actor: LookedUpActor = service.lookup_actor_by_handle("@user@remote.example").await?;
```
## Pinned posts (featured collection)
Override `get_featured_objects` in your `ApContentReader` to expose pinned posts.
The library serves them at `GET /users/{id}/featured` automatically. Default is empty.
```rust
impl ApContentReader for MyDb {
async fn get_featured_objects(&self, user_id: uuid::Uuid) -> anyhow::Result<Vec<Url>> {
Ok(self.get_pinned_post_urls(user_id).await?)
}
// ...other methods
}
```
Set `featured_url` in `ApUser` to point to the endpoint — the library includes it in actor JSON:
```rust
ApUser {
featured_url: Some("https://example.com/users/{id}/featured".parse()?),
// ...
}
```
## Inbound activity handling
Handled out of the box:
`Follow`, `Accept`, `Reject`, `Undo` (Follow, Like, Announce, Add, Block), `Create`, `Update`, `Delete`, `Announce`, `Like`, `Add`, `Block`, `Move`
- All activities are deduplicated by `id` — safe against retried deliveries.
- Mentions are extracted from `tag` arrays and dispatched via `ApObjectHandler::on_mention`.
- `Undo(Announce)` removes the boost record from `ActorRepository` and calls `on_announce_removed`.
- `Move` verifies all `alsoKnownAs` aliases on the target, migrates follower records, and re-follows in a background task (non-blocking).
- Actor types accepted: `Person`, `Service`, `Application`, `Organization`, `Group`.
## Key public types
| Type | Description |
|------|-------------|
| `ActivityPubService` | Central service — build once, share via `Arc` |
| `ActivityRepository` | Trait: activity ID deduplication (2 methods) |
| `FollowRepository` | Trait: follower/following graph + migration (18 methods) |
| `ActorRepository` | Trait: keypairs, remote actor cache, announce tracking (6 methods) |
| `BlocklistRepository` | Trait: domain and actor blocklists (8 methods) |
| `ApUserRepository` | Trait: user lookup (3 methods) |
| `ApContentReader` | Trait: outbox/backfill/featured content (3 methods, 1 with default) |
| `ApObjectHandler` | Trait: inbound activity callbacks (9 methods, 2 with defaults) |
| `ApVisibility` | `Public` / `FollowersOnly` / `Private` |
| `ApActorType` | `Person` / `Service` / `Application` / `Organization` / `Group` |
| `FederationEvent` | `DeliveryRequested` / `DeliveryFailed` / `BackfillRequested` |
| `EventPublisher` | Trait: hook for job queue integration |
| `LookedUpActor` | Resolved remote actor from `lookup_actor_by_handle` |
| `RemoteActor` | Cached federated actor record |
| `Follower` / `FollowerStatus` | Follower with `Pending`/`Accepted`/`Rejected` state |
| `ApUser` | AP-serializable local user |
| `ApFederationConfig` | Wraps the `activitypub_federation` config |
| `Error` | AP-layer error type |
## Local development
```bash
make check # fmt --check + clippy -D warnings + tests (use before committing)
make fmt # apply rustfmt
make fix # fmt + clippy --fix
```

871
src/activities.rs Normal file
View File

@@ -0,0 +1,871 @@
use activitypub_federation::{
config::Data,
fetch::object_id::ObjectId,
kinds::activity::{
AcceptType, CreateType, DeleteType, FollowType, RejectType, UndoType, UpdateType,
},
protocol::verification::verify_domains_match,
traits::Activity,
};
use serde::{Deserialize, Serialize};
use url::Url;
#[derive(Clone, Default, Debug, Serialize, Deserialize)]
#[serde(rename = "Announce")]
pub struct AnnounceType;
#[derive(Clone, Debug, Deserialize, Serialize)]
#[serde(rename = "Like")]
pub struct LikeType;
impl Default for LikeType {
fn default() -> Self {
Self
}
}
use crate::actors::DbActor;
use crate::data::FederationData;
use crate::error::Error;
use crate::repository::{FollowerStatus, FollowingStatus};
// --- Follow ---
#[derive(Debug, Clone, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct FollowActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: FollowType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: ObjectId<DbActor>,
}
#[async_trait::async_trait]
impl Activity for FollowActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
let target_url = self.object.inner();
let target_domain = match (target_url.host_str(), target_url.port()) {
(Some(host), Some(port)) => format!("{}:{}", host, port),
(Some(host), None) => host.to_string(),
_ => {
return Err(Error::bad_request(anyhow::anyhow!(
"invalid follow target URL"
)));
}
};
if target_domain != data.domain {
return Err(Error::bad_request(anyhow::anyhow!(
"follow target is not a local actor"
)));
}
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
let domain = self.actor().host_str().unwrap_or("");
if data.federation_repo.is_domain_blocked(domain).await? {
tracing::info!(actor = %self.actor(), "ignoring activity from blocked domain");
return Ok(());
}
let _follower = self.actor.dereference(data).await?;
let local_actor = self.object.dereference(data).await?;
if data
.federation_repo
.is_actor_blocked(local_actor.user_id, self.actor.inner().as_str())
.await?
{
tracing::info!(actor = %self.actor.inner(), "ignoring follow from blocked actor");
return Ok(());
}
data.federation_repo
.add_follower(
local_actor.user_id,
self.actor.inner().as_str(),
FollowerStatus::Pending,
self.id.as_str(),
)
.await?;
tracing::info!(
follower = %self.actor.inner(),
local_user = %local_actor.user_id,
"follow request pending approval"
);
Ok(())
}
}
// --- Accept ---
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct AcceptActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: AcceptType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: FollowActivity,
}
#[async_trait::async_trait]
impl Activity for AcceptActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if self.actor.inner() != self.object.object.inner() {
return Err(Error::bad_request(anyhow::anyhow!(
"Accept actor does not match Follow target"
)));
}
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
let domain = self.actor().host_str().unwrap_or("");
if data.federation_repo.is_domain_blocked(domain).await? {
tracing::info!(actor = %self.actor(), "ignoring activity from blocked domain");
return Ok(());
}
let local_user_id = crate::urls::extract_user_id_from_url(self.object.actor.inner())
.ok_or_else(|| Error::bad_request(anyhow::anyhow!("invalid actor URL in Follow")))?;
data.federation_repo
.update_following_status(
local_user_id,
self.actor.inner().as_str(),
FollowingStatus::Accepted,
)
.await?;
tracing::info!(remote_actor = %self.actor.inner(), "follow accepted by remote");
Ok(())
}
}
// --- Reject ---
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct RejectActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: RejectType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: FollowActivity,
}
#[async_trait::async_trait]
impl Activity for RejectActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if self.actor.inner() != self.object.object.inner() {
return Err(Error::bad_request(anyhow::anyhow!(
"Reject actor does not match Follow target"
)));
}
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
let domain = self.actor().host_str().unwrap_or("");
if data.federation_repo.is_domain_blocked(domain).await? {
tracing::info!(actor = %self.actor(), "ignoring activity from blocked domain");
return Ok(());
}
if let Some(user_id) = crate::urls::extract_user_id_from_url(self.object.actor.inner()) {
data.federation_repo
.remove_following(user_id, self.actor.inner().as_str())
.await?;
}
tracing::info!(actor = %self.actor.inner(), "follow rejected");
Ok(())
}
}
// --- Undo ---
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct UndoActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: UndoType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: serde_json::Value,
}
#[async_trait::async_trait]
impl Activity for UndoActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
// The actor undoing must be the same as the actor in the wrapped activity.
if let Some(inner_actor) = self.object.get("actor").and_then(|v| v.as_str())
&& inner_actor != self.actor.inner().as_str()
{
return Err(Error::bad_request(anyhow::anyhow!(
"Undo actor does not match inner activity actor"
)));
}
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
let domain = self.actor().host_str().unwrap_or("");
if data.federation_repo.is_domain_blocked(domain).await? {
tracing::info!(actor = %self.actor(), "ignoring Undo from blocked domain");
return Ok(());
}
let obj_type = self
.object
.get("type")
.and_then(|t| t.as_str())
.unwrap_or("");
match obj_type {
"Follow" => {
if let Some(obj_url) = self.object.get("object").and_then(|o| o.as_str())
&& let Ok(url) = Url::parse(obj_url)
&& let Some(user_id) = crate::urls::extract_user_id_from_url(&url)
{
data.federation_repo
.remove_follower(user_id, self.actor.inner().as_str())
.await?;
}
data.object_handler
.on_actor_removed(self.actor.inner())
.await
.map_err(|e| Error::from(anyhow::anyhow!(e)))?;
tracing::info!(actor = %self.actor.inner(), "unfollowed");
}
"Add" => {
let ap_id_str = self
.object
.get("object")
.and_then(|o| o.get("id"))
.and_then(|id| id.as_str())
.or_else(|| self.object.get("id").and_then(|id| id.as_str()));
if let Some(ap_id_str) = ap_id_str
&& let Ok(ap_id) = Url::parse(ap_id_str)
{
data.object_handler
.on_delete(&ap_id, self.actor.inner())
.await
.map_err(|e| Error::from(anyhow::anyhow!(e)))?;
tracing::info!(ap_id = %ap_id_str, "undo Add (watchlist remove)");
}
}
"Like" => {
if let Some(obj_url_str) = self.object.get("object").and_then(|o| o.as_str())
&& let Ok(obj_url) = Url::parse(obj_url_str)
&& obj_url.host_str().unwrap_or("") == data.domain
{
data.object_handler
.on_unlike(&obj_url, self.actor.inner())
.await
.unwrap_or_else(|e| {
tracing::warn!(error = %e, "failed to process unlike");
});
}
tracing::info!(actor = %self.actor.inner(), "received Undo(Like)");
}
other => {
tracing::debug!(kind = %other, "ignoring Undo of unknown activity type");
}
}
Ok(())
}
}
// --- Create ---
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct CreateActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: CreateType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: serde_json::Value,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) to: Vec<String>,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) cc: Vec<String>,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) bto: Vec<String>,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) bcc: Vec<String>,
}
#[async_trait::async_trait]
impl Activity for CreateActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if let Some(attributed_to) = self.object.get("attributedTo").and_then(|v| v.as_str())
&& let Ok(attributed_url) = Url::parse(attributed_to)
&& &attributed_url != self.actor.inner()
{
return Err(Error::bad_request(anyhow::anyhow!(
"Create actor does not match object attributedTo"
)));
}
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
let domain = self.actor().host_str().unwrap_or("");
if data.federation_repo.is_domain_blocked(domain).await? {
tracing::info!(actor = %self.actor(), "ignoring activity from blocked domain");
return Ok(());
}
// Use the Note's own id, not the Create activity id (which ends in /activity).
// Delete activities reference the Note id, so they must match.
let ap_id = self
.object
.get("id")
.and_then(|v| v.as_str())
.and_then(|s| Url::parse(s).ok())
.unwrap_or_else(|| self.id.clone());
let actor_url = self.actor.inner().clone();
data.object_handler
.on_create(&ap_id, &actor_url, self.object)
.await
.map_err(|e| Error::from(anyhow::anyhow!(e)))?;
tracing::info!(actor = %actor_url, "received create activity");
Ok(())
}
}
// --- Delete ---
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct DeleteActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: DeleteType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: serde_json::Value,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) to: Vec<String>,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) cc: Vec<String>,
}
#[async_trait::async_trait]
impl Activity for DeleteActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
let actor_domain = self.actor.inner().host_str().unwrap_or("");
let object_domain = match &self.object {
serde_json::Value::String(s) => Url::parse(s)
.ok()
.and_then(|u| u.host_str().map(|h| h.to_string()))
.unwrap_or_default(),
serde_json::Value::Object(o) => o
.get("id")
.and_then(|v| v.as_str())
.and_then(|s| Url::parse(s).ok())
.and_then(|u| u.host_str().map(|h| h.to_string()))
.unwrap_or_default(),
_ => String::new(),
};
if !object_domain.is_empty() && actor_domain != object_domain {
return Err(Error::bad_request(anyhow::anyhow!(
"Delete actor domain does not match object domain"
)));
}
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
let domain = self.actor().host_str().unwrap_or("");
if data.federation_repo.is_domain_blocked(domain).await? {
tracing::info!(actor = %self.actor(), "ignoring activity from blocked domain");
return Ok(());
}
let actor_url = self.actor.inner().clone();
// Extract object URL — handles plain string and Tombstone {"id":"...","type":"Tombstone"}
let object_url_str = match &self.object {
serde_json::Value::String(s) => s.clone(),
serde_json::Value::Object(o) => o
.get("id")
.and_then(|v| v.as_str())
.map(|s| s.to_string())
.unwrap_or_default(),
_ => String::new(),
};
let Ok(object_url) = Url::parse(&object_url_str) else {
tracing::warn!(actor = %actor_url, "Delete activity has unparseable object, ignoring");
return Ok(());
};
// Actor self-deletion: Mastodon sends Delete(actor_url) when an account is deleted.
if object_url == *self.actor.inner() {
data.object_handler
.on_actor_removed(&actor_url)
.await
.map_err(|e| Error::from(anyhow::anyhow!(e)))?;
tracing::info!(actor = %actor_url, "received Delete(actor) — remote account deleted");
return Ok(());
}
// Normal note deletion.
data.object_handler
.on_delete(&object_url, &actor_url)
.await
.map_err(|e| Error::from(anyhow::anyhow!(e)))?;
tracing::info!(object = %object_url, "received Delete(note)");
Ok(())
}
}
// --- Update ---
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct UpdateActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: UpdateType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: serde_json::Value,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) to: Vec<String>,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) cc: Vec<String>,
}
#[async_trait::async_trait]
impl Activity for UpdateActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if let Some(attributed_to) = self.object.get("attributedTo").and_then(|v| v.as_str())
&& let Ok(attributed_url) = Url::parse(attributed_to)
&& &attributed_url != self.actor.inner()
{
return Err(Error::bad_request(anyhow::anyhow!(
"Update actor does not match object attributedTo"
)));
}
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
let domain = self.actor().host_str().unwrap_or("");
if data.federation_repo.is_domain_blocked(domain).await? {
tracing::info!(actor = %self.actor(), "ignoring activity from blocked domain");
return Ok(());
}
let ap_id = self
.object
.get("id")
.and_then(|v| v.as_str())
.and_then(|s| Url::parse(s).ok())
.unwrap_or_else(|| self.id.clone());
let actor_url = self.actor.inner().clone();
data.object_handler
.on_update(&ap_id, &actor_url, self.object)
.await
.map_err(|e| Error::from(anyhow::anyhow!(e)))?;
tracing::info!(actor = %actor_url, "received update activity");
Ok(())
}
}
// --- Announce ---
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct AnnounceActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: AnnounceType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: Url,
pub(crate) published: Option<chrono::DateTime<chrono::Utc>>,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) to: Vec<String>,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) cc: Vec<String>,
}
#[async_trait::async_trait]
impl Activity for AnnounceActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
verify_domains_match(&self.id, self.actor.inner())?;
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
let domain = self.actor().host_str().unwrap_or("");
if data.federation_repo.is_domain_blocked(domain).await? {
tracing::info!(actor = %self.actor(), "ignoring activity from blocked domain");
return Ok(());
}
let object_domain = self.object.host_str().unwrap_or("");
if object_domain != data.domain {
tracing::debug!(
actor = %self.actor.inner(),
object = %self.object,
"received Announce of non-local object — skipped (cross-server boost not supported)"
);
return Ok(());
}
data.federation_repo
.add_announce(
self.id.as_str(),
self.object.as_str(),
self.actor.inner().as_str(),
self.published.unwrap_or_else(chrono::Utc::now),
)
.await?;
data.object_handler
.on_announce_received(&self.object, self.actor.inner())
.await
.unwrap_or_else(|e| {
tracing::warn!(error = %e, "failed to process announce notification");
});
tracing::info!(actor = %self.actor.inner(), object = %self.object, "received announce");
Ok(())
}
}
// --- Like ---
#[derive(Clone, Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct LikeActivity {
pub id: Url,
#[serde(rename = "type")]
pub kind: LikeType,
pub actor: ObjectId<DbActor>,
pub object: Url,
}
#[async_trait::async_trait]
impl Activity for LikeActivity {
type DataType = FederationData;
type Error = crate::error::Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
verify_domains_match(&self.id, self.actor.inner())?;
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
let domain = self.actor().host_str().unwrap_or("");
if data.federation_repo.is_domain_blocked(domain).await? {
tracing::info!(actor = %self.actor(), "ignoring Like from blocked domain");
return Ok(());
}
// Only process if the liked object is on our instance.
if self.object.host_str().unwrap_or("") != data.domain {
return Ok(());
}
data.object_handler
.on_like(&self.object, self.actor.inner())
.await
.map_err(|e| crate::error::Error::from(anyhow::anyhow!(e)))?;
tracing::info!(actor = %self.actor.inner(), object = %self.object, "received like");
Ok(())
}
}
// --- Add ---
#[derive(Clone, Default, Debug, Serialize, Deserialize)]
#[serde(rename = "Add")]
pub struct AddType;
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct AddActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: AddType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: serde_json::Value,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) to: Vec<String>,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) cc: Vec<String>,
}
#[async_trait::async_trait]
impl Activity for AddActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if let Some(attributed_to) = self.object.get("attributedTo").and_then(|v| v.as_str())
&& let Ok(attributed_url) = Url::parse(attributed_to)
&& &attributed_url != self.actor.inner()
{
return Err(Error::bad_request(anyhow::anyhow!(
"Add actor does not match object attributedTo"
)));
}
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
let domain = self.actor().host_str().unwrap_or("");
if data.federation_repo.is_domain_blocked(domain).await? {
tracing::info!(actor = %self.actor(), "ignoring Add from blocked domain");
return Ok(());
}
let ap_id = self.id.clone();
let actor_url = self.actor.inner().clone();
data.object_handler
.on_create(&ap_id, &actor_url, self.object)
.await
.map_err(|e| Error::from(anyhow::anyhow!(e)))?;
tracing::info!(actor = %actor_url, "received Add activity");
Ok(())
}
}
// --- Block ---
#[derive(Clone, Default, Debug, Serialize, Deserialize)]
#[serde(rename = "Block")]
pub struct BlockType;
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct BlockActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: BlockType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: Url,
}
#[async_trait::async_trait]
impl Activity for BlockActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
verify_domains_match(&self.id, self.actor.inner())?;
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
let domain = self.actor().host_str().unwrap_or("");
if data.federation_repo.is_domain_blocked(domain).await? {
tracing::info!(actor = %self.actor(), "ignoring activity from blocked domain");
return Ok(());
}
if let Some(local_user_id) = crate::urls::extract_user_id_from_url(&self.object) {
let _ = data
.federation_repo
.remove_following(local_user_id, self.actor.inner().as_str())
.await;
let _ = data
.federation_repo
.remove_follower(local_user_id, self.actor.inner().as_str())
.await;
}
tracing::info!(actor = %self.actor.inner(), "received block — removed following and follower");
Ok(())
}
}
// --- Move (account migration) ---
#[derive(Clone, Default, Debug, Serialize, Deserialize)]
#[serde(rename = "Move")]
pub struct MoveType;
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct MoveActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: MoveType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: Url,
pub(crate) target: Url,
}
#[async_trait::async_trait]
impl Activity for MoveActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if &self.object != self.actor.inner() {
return Err(Error::bad_request(anyhow::anyhow!(
"Move object must be the actor itself"
)));
}
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
let domain = self.actor().host_str().unwrap_or("");
if data.federation_repo.is_domain_blocked(domain).await? {
return Ok(());
}
tracing::info!(
actor = %self.actor.inner(),
target = %self.target,
"received Move (account migration) — target noted"
);
Ok(())
}
}
// --- Inbox dispatch enum ---
#[derive(Debug, Deserialize, Serialize)]
#[serde(tag = "type")]
#[enum_delegate::implement(Activity)]
pub enum InboxActivities {
#[serde(rename = "Follow")]
Follow(FollowActivity),
#[serde(rename = "Accept")]
Accept(AcceptActivity),
#[serde(rename = "Reject")]
Reject(RejectActivity),
#[serde(rename = "Undo")]
Undo(UndoActivity),
#[serde(rename = "Create")]
Create(CreateActivity),
#[serde(rename = "Delete")]
Delete(DeleteActivity),
#[serde(rename = "Update")]
Update(UpdateActivity),
#[serde(rename = "Announce")]
Announce(AnnounceActivity),
#[serde(rename = "Add")]
Add(AddActivity),
#[serde(rename = "Block")]
Block(BlockActivity),
#[serde(rename = "Like")]
Like(LikeActivity),
#[serde(rename = "Move")]
Move(MoveActivity),
}

62
src/activities/accept.rs
View File

@@ -1,62 +0,0 @@
use activitypub_federation::{
config::Data, fetch::object_id::ObjectId, kinds::activity::AcceptType, traits::Activity,
};
use serde::{Deserialize, Serialize};
use url::Url;
use crate::actors::DbActor;
use crate::data::FederationData;
use crate::error::Error;
use crate::repository::FollowingStatus;
use super::follow::FollowActivity;
use super::helpers::check_guards;
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct AcceptActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: AcceptType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: FollowActivity,
}
#[async_trait::async_trait]
impl Activity for AcceptActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if self.actor.inner() != self.object.object.inner() {
return Err(Error::bad_request(anyhow::anyhow!(
"Accept actor does not match Follow target"
)));
}
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if check_guards(&self.id, self.actor.inner(), data).await? {
return Ok(());
}
let local_user_id = crate::urls::extract_user_id_from_url(self.object.actor.inner())
.ok_or_else(|| Error::bad_request(anyhow::anyhow!("invalid actor URL in Follow")))?;
data.follow_repo
.update_following_status(
local_user_id,
self.actor.inner().as_str(),
FollowingStatus::Accepted,
)
.await?;
tracing::info!(remote_actor = %self.actor.inner(), "follow accepted by remote");
Ok(())
}
}

73
src/activities/add.rs
View File

@@ -1,73 +0,0 @@
use activitypub_federation::{config::Data, fetch::object_id::ObjectId, traits::Activity};
use serde::{Deserialize, Serialize};
use url::Url;
use crate::actors::DbActor;
use crate::data::FederationData;
use crate::error::Error;
use super::helpers::check_guards;
#[derive(Clone, Default, Debug, Serialize, Deserialize)]
#[serde(rename = "Add")]
pub struct AddType;
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct AddActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: AddType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: serde_json::Value,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) to: Vec<String>,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) cc: Vec<String>,
}
#[async_trait::async_trait]
impl Activity for AddActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if let Some(attributed_to) = self.object.get("attributedTo").and_then(|v| v.as_str())
&& let Ok(attributed_url) = Url::parse(attributed_to)
&& &attributed_url != self.actor.inner()
{
return Err(Error::bad_request(anyhow::anyhow!(
"Add actor does not match object attributedTo"
)));
}
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if check_guards(&self.id, self.actor.inner(), data).await? {
return Ok(());
}
// Use the object's own id as the stable AP identifier, falling back to
// the activity id only if the object has no id field.
let ap_id = self
.object
.get("id")
.and_then(|v| v.as_str())
.and_then(|s| Url::parse(s).ok())
.unwrap_or_else(|| self.id.clone());
let actor_url = self.actor.inner().clone();
data.object_handler
.on_create(&ap_id, &actor_url, self.object)
.await
.map_err(|e| Error::from(anyhow::anyhow!(e)))?;
tracing::info!(actor = %actor_url, "received Add activity");
Ok(())
}
}

81
src/activities/announce.rs
View File

@@ -1,81 +0,0 @@
use activitypub_federation::{
config::Data, fetch::object_id::ObjectId, protocol::verification::verify_domains_match,
traits::Activity,
};
use serde::{Deserialize, Serialize};
use url::Url;
use crate::actors::DbActor;
use crate::data::FederationData;
use crate::error::Error;
use super::helpers::check_guards;
#[derive(Clone, Default, Debug, Serialize, Deserialize)]
#[serde(rename = "Announce")]
pub struct AnnounceType;
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct AnnounceActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: AnnounceType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: Url,
pub(crate) published: Option<chrono::DateTime<chrono::Utc>>,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) to: Vec<String>,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) cc: Vec<String>,
}
#[async_trait::async_trait]
impl Activity for AnnounceActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
verify_domains_match(&self.id, self.actor.inner())?;
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if check_guards(&self.id, self.actor.inner(), data).await? {
return Ok(());
}
if self.object.host_str().unwrap_or("") != data.domain {
data.object_handler
.on_announce_of_remote(&self.object, self.actor.inner())
.await
.unwrap_or_else(
|e| tracing::warn!(error = %e, "failed to process cross-server announce"),
);
tracing::debug!(actor = %self.actor.inner(), object = %self.object, "received Announce of non-local object");
return Ok(());
}
data.actor_repo
.add_announce(
self.id.as_str(),
self.object.as_str(),
self.actor.inner().as_str(),
self.published.unwrap_or_else(chrono::Utc::now),
)
.await?;
data.object_handler
.on_announce_received(&self.object, self.actor.inner())
.await
.unwrap_or_else(
|e| tracing::warn!(error = %e, "failed to process announce notification"),
);
tracing::info!(actor = %self.actor.inner(), object = %self.object, "received announce");
Ok(())
}
}

62
src/activities/block.rs
View File

@@ -1,62 +0,0 @@
use activitypub_federation::{
config::Data, fetch::object_id::ObjectId, protocol::verification::verify_domains_match,
traits::Activity,
};
use serde::{Deserialize, Serialize};
use url::Url;
use crate::actors::DbActor;
use crate::data::FederationData;
use crate::error::Error;
use super::helpers::check_guards;
#[derive(Clone, Default, Debug, Serialize, Deserialize)]
#[serde(rename = "Block")]
pub struct BlockType;
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct BlockActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: BlockType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: Url,
}
#[async_trait::async_trait]
impl Activity for BlockActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
verify_domains_match(&self.id, self.actor.inner())?;
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if check_guards(&self.id, self.actor.inner(), data).await? {
return Ok(());
}
if let Some(local_user_id) = crate::urls::extract_user_id_from_url(&self.object) {
let _ = data
.follow_repo
.remove_following(local_user_id, self.actor.inner().as_str())
.await;
let _ = data
.follow_repo
.remove_follower(local_user_id, self.actor.inner().as_str())
.await;
}
tracing::info!(actor = %self.actor.inner(), "received block — removed following and follower");
Ok(())
}
}

74
src/activities/create.rs
View File

@@ -1,74 +0,0 @@
use activitypub_federation::{
config::Data, fetch::object_id::ObjectId, kinds::activity::CreateType, traits::Activity,
};
use serde::{Deserialize, Serialize};
use url::Url;
use crate::actors::DbActor;
use crate::data::FederationData;
use crate::error::Error;
use super::helpers::{check_guards, extract_and_dispatch_mentions};
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct CreateActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: CreateType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: serde_json::Value,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) to: Vec<String>,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) cc: Vec<String>,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) bto: Vec<String>,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) bcc: Vec<String>,
}
#[async_trait::async_trait]
impl Activity for CreateActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if let Some(attributed_to) = self.object.get("attributedTo").and_then(|v| v.as_str())
&& let Ok(attributed_url) = Url::parse(attributed_to)
&& &attributed_url != self.actor.inner()
{
return Err(Error::bad_request(anyhow::anyhow!(
"Create actor does not match object attributedTo"
)));
}
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if check_guards(&self.id, self.actor.inner(), data).await? {
return Ok(());
}
let ap_id = self
.object
.get("id")
.and_then(|v| v.as_str())
.and_then(|s| Url::parse(s).ok())
.unwrap_or_else(|| self.id.clone());
let actor_url = self.actor.inner().clone();
extract_and_dispatch_mentions(&ap_id, &actor_url, &self.object, data).await;
data.object_handler
.on_create(&ap_id, &actor_url, self.object)
.await
.map_err(|e| Error::from(anyhow::anyhow!(e)))?;
tracing::info!(actor = %actor_url, "received create activity");
Ok(())
}
}

95
src/activities/delete.rs
View File

@@ -1,95 +0,0 @@
use activitypub_federation::{
config::Data, fetch::object_id::ObjectId, kinds::activity::DeleteType, traits::Activity,
};
use serde::{Deserialize, Serialize};
use url::Url;
use crate::actors::DbActor;
use crate::data::FederationData;
use crate::error::Error;
use super::helpers::check_guards;
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct DeleteActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: DeleteType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: serde_json::Value,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) to: Vec<String>,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) cc: Vec<String>,
}
#[async_trait::async_trait]
impl Activity for DeleteActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
let actor_domain = self.actor.inner().host_str().unwrap_or("");
let object_domain = match &self.object {
serde_json::Value::String(s) => Url::parse(s)
.ok()
.and_then(|u| u.host_str().map(|h| h.to_string()))
.unwrap_or_default(),
serde_json::Value::Object(o) => o
.get("id")
.and_then(|v| v.as_str())
.and_then(|s| Url::parse(s).ok())
.and_then(|u| u.host_str().map(|h| h.to_string()))
.unwrap_or_default(),
_ => String::new(),
};
if !object_domain.is_empty() && actor_domain != object_domain {
return Err(Error::bad_request(anyhow::anyhow!(
"Delete actor domain does not match object domain"
)));
}
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if check_guards(&self.id, self.actor.inner(), data).await? {
return Ok(());
}
let actor_url = self.actor.inner().clone();
let object_url_str = match &self.object {
serde_json::Value::String(s) => s.clone(),
serde_json::Value::Object(o) => o
.get("id")
.and_then(|v| v.as_str())
.map(|s| s.to_string())
.unwrap_or_default(),
_ => String::new(),
};
let Ok(object_url) = Url::parse(&object_url_str) else {
tracing::warn!(actor = %actor_url, "Delete has unparseable object, ignoring");
return Ok(());
};
if object_url == *self.actor.inner() {
data.object_handler
.on_actor_removed(&actor_url)
.await
.map_err(|e| Error::from(anyhow::anyhow!(e)))?;
tracing::info!(actor = %actor_url, "received Delete(actor) — remote account deleted");
return Ok(());
}
data.object_handler
.on_delete(&object_url, &actor_url)
.await
.map_err(|e| Error::from(anyhow::anyhow!(e)))?;
tracing::info!(object = %object_url, "received Delete(note)");
Ok(())
}
}

98
src/activities/follow.rs
View File

@@ -1,98 +0,0 @@
use activitypub_federation::{
config::Data, fetch::object_id::ObjectId, kinds::activity::FollowType, traits::Activity,
};
use serde::{Deserialize, Serialize};
use url::Url;
use crate::actors::DbActor;
use crate::data::FederationData;
use crate::error::Error;
use crate::repository::FollowerStatus;
use super::helpers::check_guards;
#[derive(Debug, Clone, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct FollowActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: FollowType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: ObjectId<DbActor>,
}
#[async_trait::async_trait]
impl Activity for FollowActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
let target_url = self.object.inner();
let target_domain = match (target_url.host_str(), target_url.port()) {
(Some(host), Some(port)) => format!("{}:{}", host, port),
(Some(host), None) => host.to_string(),
_ => {
return Err(Error::bad_request(anyhow::anyhow!(
"invalid follow target URL"
)));
}
};
if target_domain == data.domain {
return Ok(());
}
if let Some(uuid) = crate::urls::extract_user_id_from_url(target_url)
&& data
.user_repo
.find_by_id(uuid)
.await
.ok()
.flatten()
.is_some()
{
tracing::debug!(target = %target_url, "accepting follow for migrated actor URL");
return Ok(());
}
Err(Error::bad_request(anyhow::anyhow!(
"follow target is not a local actor"
)))
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if check_guards(&self.id, self.actor.inner(), data).await? {
return Ok(());
}
// Actor block checked BEFORE any outbound HTTP fetch.
if let Some(target_user_id) = crate::urls::extract_user_id_from_url(self.object.inner())
&& data
.blocklist_repo
.is_actor_blocked(target_user_id, self.actor.inner().as_str())
.await?
{
tracing::info!(actor = %self.actor.inner(), "ignoring follow from blocked actor");
return Ok(());
}
let _follower = self.actor.dereference(data).await?;
let local_actor = self.object.dereference(data).await?;
data.follow_repo
.add_follower(
local_actor.user_id,
self.actor.inner().as_str(),
FollowerStatus::Pending,
self.id.as_str(),
)
.await?;
tracing::info!(
follower = %self.actor.inner(),
local_user = %local_actor.user_id,
"follow request pending approval"
);
Ok(())
}
}

86
src/activities/helpers.rs
View File

@@ -1,86 +0,0 @@
use activitypub_federation::config::Data;
use url::Url;
use crate::data::FederationData;
use crate::error::Error;
/// Returns `true` if the activity was already processed.
/// Marks it processed before returning `false`.
/// On repo error, skips the check rather than silently dropping the activity.
pub(crate) async fn already_processed(activity_id: &Url, data: &Data<FederationData>) -> bool {
let id = activity_id.as_str();
match data.activity_repo.is_activity_processed(id).await {
Ok(true) => {
tracing::debug!(activity_id = id, "duplicate activity, skipping");
true
}
Ok(false) => {
if let Err(e) = data.activity_repo.mark_activity_processed(id).await {
tracing::warn!(activity_id = id, error = %e, "failed to mark activity processed");
}
false
}
Err(e) => {
tracing::warn!(error = %e, "idempotency check failed, processing anyway");
false
}
}
}
/// Returns `true` when the activity should be skipped:
/// already processed, or the sender's domain is blocked.
/// Call this at the top of every `receive()` impl.
pub(crate) async fn check_guards(
id: &Url,
actor: &Url,
data: &Data<FederationData>,
) -> Result<bool, Error> {
if already_processed(id, data).await {
return Ok(true);
}
let domain = actor.host_str().unwrap_or("");
if data.blocklist_repo.is_domain_blocked(domain).await? {
tracing::info!(actor = %actor, "ignoring activity from blocked domain");
return Ok(true);
}
Ok(false)
}
/// Parse `object["tag"]` for `Mention` entries and notify each tagged local user.
/// Failures are logged and never propagated — a broken mention must not fail the activity.
pub(crate) async fn extract_and_dispatch_mentions(
ap_id: &Url,
actor_url: &Url,
object: &serde_json::Value,
data: &Data<FederationData>,
) {
let Some(tags) = object.get("tag").and_then(|t| t.as_array()) else {
return;
};
for tag in tags {
if tag.get("type").and_then(|v| v.as_str()) != Some("Mention") {
continue;
}
let Some(href) = tag.get("href").and_then(|v| v.as_str()) else {
continue;
};
let Ok(href_url) = Url::parse(href) else {
continue;
};
let Some(mentioned_user_id) = crate::urls::extract_user_id_from_url(&href_url) else {
continue;
};
if let Err(e) = data
.object_handler
.on_mention(ap_id, mentioned_user_id, actor_url)
.await
{
tracing::warn!(
ap_id = %ap_id,
mentioned_user = %mentioned_user_id,
error = %e,
"failed to dispatch mention notification"
);
}
}
}

65
src/activities/like.rs
View File

@@ -1,65 +0,0 @@
use activitypub_federation::{
config::Data, fetch::object_id::ObjectId, protocol::verification::verify_domains_match,
traits::Activity,
};
use serde::{Deserialize, Serialize};
use url::Url;
use crate::actors::DbActor;
use crate::data::FederationData;
use crate::error::Error;
use super::helpers::check_guards;
#[derive(Clone, Debug, Deserialize, Serialize)]
#[serde(rename = "Like")]
pub struct LikeType;
impl Default for LikeType {
fn default() -> Self {
Self
}
}
#[derive(Clone, Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct LikeActivity {
pub id: Url,
#[serde(rename = "type")]
pub kind: LikeType,
pub actor: ObjectId<DbActor>,
pub object: Url,
}
#[async_trait::async_trait]
impl Activity for LikeActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
verify_domains_match(&self.id, self.actor.inner())?;
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if check_guards(&self.id, self.actor.inner(), data).await? {
return Ok(());
}
if self.object.host_str().unwrap_or("") != data.domain {
return Ok(());
}
data.object_handler
.on_like(&self.object, self.actor.inner())
.await
.map_err(|e| Error::from(anyhow::anyhow!(e)))?;
tracing::info!(actor = %self.actor.inner(), object = %self.object, "received like");
Ok(())
}
}

60
src/activities/mod.rs
View File

@@ -1,60 +0,0 @@
mod accept;
mod add;
mod announce;
mod block;
mod create;
mod delete;
mod follow;
pub(crate) mod helpers;
mod like;
mod move_act;
mod reject;
mod undo;
mod update;
pub use accept::AcceptActivity;
pub use add::{AddActivity, AddType};
pub use announce::{AnnounceActivity, AnnounceType};
pub use block::{BlockActivity, BlockType};
pub use create::CreateActivity;
pub use delete::DeleteActivity;
pub use follow::FollowActivity;
pub use like::{LikeActivity, LikeType};
pub use move_act::{MoveActivity, MoveType};
pub use reject::RejectActivity;
pub use undo::UndoActivity;
pub use update::UpdateActivity;
use activitypub_federation::config::Data;
use serde::{Deserialize, Serialize};
use url::Url;
#[derive(Debug, Deserialize, Serialize)]
#[serde(tag = "type")]
#[enum_delegate::implement(activitypub_federation::traits::Activity)]
pub enum InboxActivities {
#[serde(rename = "Follow")]
Follow(FollowActivity),
#[serde(rename = "Accept")]
Accept(AcceptActivity),
#[serde(rename = "Reject")]
Reject(RejectActivity),
#[serde(rename = "Undo")]
Undo(UndoActivity),
#[serde(rename = "Create")]
Create(CreateActivity),
#[serde(rename = "Delete")]
Delete(DeleteActivity),
#[serde(rename = "Update")]
Update(UpdateActivity),
#[serde(rename = "Announce")]
Announce(AnnounceActivity),
#[serde(rename = "Add")]
Add(AddActivity),
#[serde(rename = "Block")]
Block(BlockActivity),
#[serde(rename = "Like")]
Like(LikeActivity),
#[serde(rename = "Move")]
Move(MoveActivity),
}

141
src/activities/move_act.rs
View File

@@ -1,141 +0,0 @@
use activitypub_federation::{
activity_sending::SendActivityTask, config::Data, fetch::object_id::ObjectId,
protocol::context::WithContext, traits::Activity,
};
use serde::{Deserialize, Serialize};
use url::Url;
use crate::actors::DbActor;
use crate::data::FederationData;
use crate::error::Error;
use super::follow::FollowActivity;
use super::helpers::check_guards;
#[derive(Clone, Default, Debug, Serialize, Deserialize)]
#[serde(rename = "Move")]
pub struct MoveType;
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct MoveActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: MoveType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: Url,
pub(crate) target: Url,
}
#[async_trait::async_trait]
impl Activity for MoveActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if &self.object != self.actor.inner() {
return Err(Error::bad_request(anyhow::anyhow!(
"Move object must be the actor itself"
)));
}
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if check_guards(&self.id, self.actor.inner(), data).await? {
return Ok(());
}
let target = ObjectId::<DbActor>::from(self.target.clone())
.dereference(data)
.await
.map_err(|e| Error::from(anyhow::anyhow!("{e}")))?;
// Verify the new actor claims the old identity via alsoKnownAs.
// The spec allows multiple aliases; check all of them.
let old_url = self.object.as_str();
if !target.also_known_as.iter().any(|a| a == old_url) {
return Err(Error::bad_request(anyhow::anyhow!(
"Move target alsoKnownAs does not reference old actor"
)));
}
let affected = data
.follow_repo
.migrate_follower_actor(old_url, self.target.as_str())
.await
.map_err(|e| Error::from(anyhow::anyhow!("{e}")))?;
let affected_count = affected.len();
// Spawn re-follows in the background — do NOT await them inside receive()
// to avoid blocking the inbox handler while making outbound HTTP requests.
let target_inbox = target.inbox_url.clone();
let target_url = self.target.clone();
let base_url = data.base_url.clone();
let data_clone = data.clone();
tokio::spawn(async move {
for local_user_id in &affected {
let local_actor =
match crate::actors::get_local_actor(*local_user_id, &data_clone).await {
Ok(a) => a,
Err(e) => {
tracing::warn!(
error = %e,
%local_user_id,
"Move: failed to load local actor"
);
continue;
}
};
let follow_id = match crate::urls::activity_url(&base_url) {
Ok(u) => u,
Err(e) => {
tracing::warn!(error = %e, "Move: failed to generate follow activity URL");
continue;
}
};
let follow = FollowActivity {
id: follow_id,
kind: Default::default(),
actor: ObjectId::from(local_actor.ap_id.clone()),
object: ObjectId::from(target_url.clone()),
};
let sends = match SendActivityTask::prepare(
&WithContext::new_default(follow),
&local_actor,
vec![target_inbox.clone()],
&data_clone,
)
.await
{
Ok(s) => s,
Err(e) => {
tracing::warn!(error = %e, "Move: failed to prepare re-follow");
continue;
}
};
for send in sends {
if let Err(e) = send.sign_and_send(&data_clone).await {
tracing::warn!(
error = %e,
%local_user_id,
"Move: re-follow delivery failed"
);
}
}
}
});
tracing::info!(
actor = %self.actor.inner(),
target = %self.target,
affected = affected_count,
"received Move — migrated follower relationships, re-follows spawned"
);
Ok(())
}
}

57
src/activities/reject.rs
View File

@@ -1,57 +0,0 @@
use activitypub_federation::{
config::Data, fetch::object_id::ObjectId, kinds::activity::RejectType, traits::Activity,
};
use serde::{Deserialize, Serialize};
use url::Url;
use crate::actors::DbActor;
use crate::data::FederationData;
use crate::error::Error;
use super::follow::FollowActivity;
use super::helpers::check_guards;
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct RejectActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: RejectType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: FollowActivity,
}
#[async_trait::async_trait]
impl Activity for RejectActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if self.actor.inner() != self.object.object.inner() {
return Err(Error::bad_request(anyhow::anyhow!(
"Reject actor does not match Follow target"
)));
}
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if check_guards(&self.id, self.actor.inner(), data).await? {
return Ok(());
}
if let Some(user_id) = crate::urls::extract_user_id_from_url(self.object.actor.inner()) {
data.follow_repo
.remove_following(user_id, self.actor.inner().as_str())
.await?;
}
tracing::info!(actor = %self.actor.inner(), "follow rejected");
Ok(())
}
}

144
src/activities/undo.rs
View File

@@ -1,144 +0,0 @@
use activitypub_federation::{
config::Data, fetch::object_id::ObjectId, kinds::activity::UndoType, traits::Activity,
};
use serde::{Deserialize, Serialize};
use url::Url;
use crate::actors::DbActor;
use crate::data::FederationData;
use crate::error::Error;
use super::helpers::check_guards;
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct UndoActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: UndoType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: serde_json::Value,
}
#[async_trait::async_trait]
impl Activity for UndoActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if let Some(inner_actor) = self.object.get("actor").and_then(|v| v.as_str())
&& inner_actor != self.actor.inner().as_str()
{
return Err(Error::bad_request(anyhow::anyhow!(
"Undo actor does not match inner activity actor"
)));
}
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if check_guards(&self.id, self.actor.inner(), data).await? {
return Ok(());
}
let obj_type = self
.object
.get("type")
.and_then(|t| t.as_str())
.unwrap_or("");
match obj_type {
"Follow" => {
if let Some(obj_url) = self.object.get("object").and_then(|o| o.as_str())
&& let Ok(url) = Url::parse(obj_url)
&& let Some(user_id) = crate::urls::extract_user_id_from_url(&url)
{
data.follow_repo
.remove_follower(user_id, self.actor.inner().as_str())
.await?;
}
data.object_handler
.on_actor_removed(self.actor.inner())
.await
.map_err(|e| Error::from(anyhow::anyhow!(e)))?;
tracing::info!(actor = %self.actor.inner(), "unfollowed");
}
"Add" => {
let ap_id_str = self
.object
.get("object")
.and_then(|o| o.get("id"))
.and_then(|id| id.as_str())
.or_else(|| self.object.get("id").and_then(|id| id.as_str()));
if let Some(ap_id_str) = ap_id_str
&& let Ok(ap_id) = Url::parse(ap_id_str)
{
data.object_handler
.on_delete(&ap_id, self.actor.inner())
.await
.map_err(|e| Error::from(anyhow::anyhow!(e)))?;
tracing::info!(ap_id = %ap_id_str, "undo Add (watchlist remove)");
}
}
"Like" => {
if let Some(obj_url_str) = self.object.get("object").and_then(|o| o.as_str())
&& let Ok(obj_url) = Url::parse(obj_url_str)
&& obj_url.host_str().unwrap_or("") == data.domain
{
data.object_handler
.on_unlike(&obj_url, self.actor.inner())
.await
.unwrap_or_else(|e| tracing::warn!(error = %e, "failed to process unlike"));
}
tracing::info!(actor = %self.actor.inner(), "received Undo(Like)");
}
"Announce" => {
// Remove the boost record so announce counts stay accurate.
let activity_id = self.object.get("id").and_then(|v| v.as_str()).unwrap_or("");
let object_url_str = self
.object
.get("object")
.and_then(|v| v.as_str())
.unwrap_or("");
if !activity_id.is_empty()
&& let Err(e) = data
.actor_repo
.remove_announce(activity_id, self.actor.inner().as_str())
.await
{
tracing::warn!(error = %e, activity_id, "failed to remove announce record");
}
if let Ok(obj_url) = Url::parse(object_url_str)
&& obj_url.host_str().unwrap_or("") == data.domain
{
data.object_handler
.on_announce_removed(&obj_url, self.actor.inner())
.await
.unwrap_or_else(|e| {
tracing::warn!(error = %e, "failed to process Undo(Announce)");
});
}
tracing::info!(actor = %self.actor.inner(), "received Undo(Announce)");
}
"Block" => {
// Remote actor unblocked a local user. No automatic relationship
// restoration — the blocked user would need to re-follow manually.
tracing::info!(
actor = %self.actor.inner(),
"received Undo(Block) — no automatic action taken"
);
}
other => {
tracing::debug!(kind = %other, "ignoring Undo of unknown activity type");
}
}
Ok(())
}
}

70
src/activities/update.rs
View File

@@ -1,70 +0,0 @@
use activitypub_federation::{
config::Data, fetch::object_id::ObjectId, kinds::activity::UpdateType, traits::Activity,
};
use serde::{Deserialize, Serialize};
use url::Url;
use crate::actors::DbActor;
use crate::data::FederationData;
use crate::error::Error;
use super::helpers::{check_guards, extract_and_dispatch_mentions};
#[derive(Debug, Deserialize, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct UpdateActivity {
pub(crate) id: Url,
#[serde(rename = "type", default)]
pub(crate) kind: UpdateType,
pub(crate) actor: ObjectId<DbActor>,
pub(crate) object: serde_json::Value,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) to: Vec<String>,
#[serde(skip_serializing_if = "Vec::is_empty", default)]
pub(crate) cc: Vec<String>,
}
#[async_trait::async_trait]
impl Activity for UpdateActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
self.actor.inner()
}
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if let Some(attributed_to) = self.object.get("attributedTo").and_then(|v| v.as_str())
&& let Ok(attributed_url) = Url::parse(attributed_to)
&& &attributed_url != self.actor.inner()
{
return Err(Error::bad_request(anyhow::anyhow!(
"Update actor does not match object attributedTo"
)));
}
Ok(())
}
async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
if check_guards(&self.id, self.actor.inner(), data).await? {
return Ok(());
}
let ap_id = self
.object
.get("id")
.and_then(|v| v.as_str())
.and_then(|s| Url::parse(s).ok())
.unwrap_or_else(|| self.id.clone());
let actor_url = self.actor.inner().clone();
extract_and_dispatch_mentions(&ap_id, &actor_url, &self.object, data).await;
data.object_handler
.on_update(&ap_id, &actor_url, self.object)
.await
.map_err(|e| Error::from(anyhow::anyhow!(e)))?;
tracing::info!(actor = %actor_url, "received update activity");
Ok(())
}
}

17
src/actor_handler.rs
View File

@@ -6,19 +6,20 @@ use axum::extract::Path;
use crate::actors::{Person, get_local_actor}; use crate::actors::{Person, get_local_actor};
use crate::data::FederationData; use crate::data::FederationData;
use crate::error::Error; use crate::error::Error;
use crate::urls::actor_ap_context;
/// Serves the AP actor JSON for a local user.
/// The path parameter is the user's UUID (matching the canonical actor URL).
pub async fn actor_handler( pub async fn actor_handler(
Path(user_id_str): Path<String>, Path(username): Path<String>,
data: Data<FederationData>, data: Data<FederationData>,
) -> Result<FederationJson<WithContext<Person>>, Error> { ) -> Result<FederationJson<WithContext<Person>>, Error> {
let user_id = uuid::Uuid::parse_str(&user_id_str) let ap_user = data
.map_err(|_| Error::not_found(anyhow::anyhow!("user not found")))?; .user_repo
.find_by_username(&username)
.await
.map_err(Error::from)?
.ok_or_else(|| Error::bad_request(anyhow::anyhow!("user not found")))?;
let db_actor = get_local_actor(user_id, &data).await?; let db_actor = get_local_actor(ap_user.id, &data).await?;
let person = db_actor.into_json(&data).await?; let person = db_actor.into_json(&data).await?;
Ok(FederationJson(WithContext::new(person, actor_ap_context()))) Ok(FederationJson(WithContext::new_default(person)))
} }

148
src/actors.rs
View File

@@ -2,27 +2,24 @@ use activitypub_federation::{
config::Data, config::Data,
fetch::object_id::ObjectId, fetch::object_id::ObjectId,
http_signatures::generate_actor_keypair, http_signatures::generate_actor_keypair,
kinds::actor::PersonType,
protocol::{public_key::PublicKey, verification::verify_domains_match}, protocol::{public_key::PublicKey, verification::verify_domains_match},
traits::{Actor, Object}, traits::{Actor, Object},
}; };
use chrono::{DateTime, Utc}; use chrono::{DateTime, Utc};
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use url::Url; use url::Url;
use zeroize::Zeroizing;
use crate::data::FederationData; use crate::data::FederationData;
use crate::error::Error; use crate::error::Error;
use crate::repository::RemoteActor; use crate::repository::RemoteActor;
use crate::user::{ApActorType, ApProfileField}; use crate::user::ApProfileField;
#[derive(Debug, Clone)] #[derive(Debug, Clone)]
pub struct DbActor { pub struct DbActor {
pub user_id: uuid::Uuid, pub user_id: uuid::Uuid,
pub username: String, pub username: String,
pub display_name: Option<String>,
pub public_key_pem: String, pub public_key_pem: String,
/// Private key PEM. Only populated for local actors during signing.
/// Cleared automatically when `DbActor` is dropped.
pub private_key_pem: Option<String>, pub private_key_pem: Option<String>,
pub inbox_url: Url, pub inbox_url: Url,
pub shared_inbox_url: Option<Url>, pub shared_inbox_url: Option<Url>,
@@ -34,13 +31,9 @@ pub struct DbActor {
pub bio: Option<String>, pub bio: Option<String>,
pub avatar_url: Option<Url>, pub avatar_url: Option<Url>,
pub banner_url: Option<Url>, pub banner_url: Option<Url>,
pub also_known_as: Vec<String>, pub also_known_as: Option<String>,
pub profile_url: Option<Url>, pub profile_url: Option<Url>,
pub attachment: Vec<ApProfileField>, pub attachment: Vec<ApProfileField>,
pub manually_approves_followers: bool,
pub discoverable: bool,
pub actor_type: ApActorType,
pub featured_url: Option<Url>,
} }
#[derive(Debug, Clone, Deserialize, Serialize)] #[derive(Debug, Clone, Deserialize, Serialize)]
@@ -68,19 +61,14 @@ pub struct ProfileFieldObject {
#[serde(rename_all = "camelCase")] #[serde(rename_all = "camelCase")]
pub struct Person { pub struct Person {
#[serde(rename = "type")] #[serde(rename = "type")]
kind: ApActorType, kind: PersonType,
id: ObjectId<DbActor>, id: ObjectId<DbActor>,
#[serde(default)]
preferred_username: String, preferred_username: String,
inbox: Url, inbox: Url,
#[serde(default)] outbox: Url,
outbox: Option<Url>, followers: Url,
#[serde(default)] following: Url,
followers: Option<Url>, public_key: PublicKey,
#[serde(default)]
following: Option<Url>,
pub public_key: PublicKey,
#[serde(default)]
name: Option<String>, name: Option<String>,
#[serde(skip_serializing_if = "Option::is_none")] #[serde(skip_serializing_if = "Option::is_none")]
summary: Option<String>, summary: Option<String>,
@@ -90,7 +78,6 @@ pub struct Person {
url: Option<Url>, url: Option<Url>,
#[serde(skip_serializing_if = "Option::is_none")] #[serde(skip_serializing_if = "Option::is_none")]
discoverable: Option<bool>, discoverable: Option<bool>,
#[serde(default)]
manually_approves_followers: bool, manually_approves_followers: bool,
#[serde(skip_serializing_if = "Option::is_none", default)] #[serde(skip_serializing_if = "Option::is_none", default)]
updated: Option<DateTime<Utc>>, updated: Option<DateTime<Utc>>,
@@ -102,8 +89,6 @@ pub struct Person {
also_known_as: Vec<String>, also_known_as: Vec<String>,
#[serde(skip_serializing_if = "Vec::is_empty", default)] #[serde(skip_serializing_if = "Vec::is_empty", default)]
attachment: Vec<ProfileFieldObject>, attachment: Vec<ProfileFieldObject>,
#[serde(skip_serializing_if = "Option::is_none")]
featured: Option<Url>,
} }
struct ActorUrls { struct ActorUrls {
@@ -140,21 +125,17 @@ pub async fn get_local_actor(
.map_err(Error::from)? .map_err(Error::from)?
.ok_or_else(|| Error::not_found(anyhow::anyhow!("user not found: {}", user_id)))?; .ok_or_else(|| Error::not_found(anyhow::anyhow!("user not found: {}", user_id)))?;
let (public_key, private_key) = match data.actor_repo.get_local_actor_keypair(user_id).await? { let (public_key, private_key) = match data
.federation_repo
.get_local_actor_keypair(user_id)
.await?
{
Some(kp) => kp, Some(kp) => kp,
None => { None => {
let kp = generate_actor_keypair()?; let kp = generate_actor_keypair()?;
// Zeroize the private key after storing it so the plaintext doesn't data.federation_repo
// linger in memory beyond this scope. .save_local_actor_keypair(user_id, kp.public_key.clone(), kp.private_key.clone())
let private_zeroized = Zeroizing::new(kp.private_key.clone());
data.actor_repo
.save_local_actor_keypair(
user_id,
kp.public_key.clone(),
private_zeroized.clone().to_string(),
)
.await?; .await?;
drop(private_zeroized);
(kp.public_key, kp.private_key) (kp.public_key, kp.private_key)
} }
}; };
@@ -171,7 +152,6 @@ pub async fn get_local_actor(
Ok(DbActor { Ok(DbActor {
user_id, user_id,
username: user.username, username: user.username,
display_name: user.display_name,
public_key_pem: public_key, public_key_pem: public_key,
private_key_pem: Some(private_key), private_key_pem: Some(private_key),
inbox_url, inbox_url,
@@ -187,18 +167,9 @@ pub async fn get_local_actor(
also_known_as: user.also_known_as, also_known_as: user.also_known_as,
profile_url: user.profile_url, profile_url: user.profile_url,
attachment: user.attachment, attachment: user.attachment,
manually_approves_followers: user.manually_approves_followers,
discoverable: user.discoverable,
actor_type: user.actor_type,
featured_url: user.featured_url,
}) })
} }
fn apex_domain(url: &Url) -> String {
let host = url.host_str().unwrap_or("");
host.strip_prefix("www.").unwrap_or(host).to_owned()
}
#[async_trait::async_trait] #[async_trait::async_trait]
impl Object for DbActor { impl Object for DbActor {
type DataType = FederationData; type DataType = FederationData;
@@ -226,7 +197,10 @@ impl Object for DbActor {
_ => return Ok(None), _ => return Ok(None),
}; };
let keypair = data.actor_repo.get_local_actor_keypair(user_id).await?; let keypair = data
.federation_repo
.get_local_actor_keypair(user_id)
.await?;
let (public_key, private_key) = match keypair { let (public_key, private_key) = match keypair {
Some(kp) => (kp.0, Some(kp.1)), Some(kp) => (kp.0, Some(kp.1)),
@@ -244,8 +218,7 @@ impl Object for DbActor {
Ok(Some(DbActor { Ok(Some(DbActor {
user_id, user_id,
username: user.username.clone(), username: user.username,
display_name: user.display_name,
public_key_pem: public_key, public_key_pem: public_key,
private_key_pem: private_key, private_key_pem: private_key,
inbox_url, inbox_url,
@@ -255,16 +228,12 @@ impl Object for DbActor {
following_url, following_url,
ap_id, ap_id,
last_refreshed_at: Utc::now(), last_refreshed_at: Utc::now(),
bio: user.bio, bio: None,
avatar_url: user.avatar_url, avatar_url: None,
banner_url: user.banner_url, banner_url: None,
also_known_as: user.also_known_as, also_known_as: None,
profile_url: user.profile_url, profile_url: None,
attachment: user.attachment, attachment: vec![],
manually_approves_followers: user.manually_approves_followers,
discoverable: user.discoverable,
actor_type: user.actor_type,
featured_url: user.featured_url,
})) }))
} }
@@ -283,7 +252,8 @@ impl Object for DbActor {
kind: "Image".to_string(), kind: "Image".to_string(),
url, url,
}); });
let also_known_as = self.also_known_as; let profile_url = self.profile_url;
let also_known_as: Vec<String> = self.also_known_as.into_iter().collect();
let attachment: Vec<ProfileFieldObject> = self let attachment: Vec<ProfileFieldObject> = self
.attachment .attachment
.into_iter() .into_iter()
@@ -298,26 +268,25 @@ impl Object for DbActor {
Url::parse(&format!("{}/inbox", data.base_url)).expect("base_url is always valid"); Url::parse(&format!("{}/inbox", data.base_url)).expect("base_url is always valid");
Ok(Person { Ok(Person {
kind: self.actor_type, kind: Default::default(),
id: self.ap_id.clone().into(), id: self.ap_id.clone().into(),
preferred_username: self.username.clone(), preferred_username: self.username.clone(),
inbox: self.inbox_url.clone(), inbox: self.inbox_url.clone(),
outbox: Some(self.outbox_url.clone()), outbox: self.outbox_url.clone(),
followers: Some(self.followers_url.clone()), followers: self.followers_url.clone(),
following: Some(self.following_url.clone()), following: self.following_url.clone(),
public_key, public_key,
name: self.display_name.or_else(|| Some(self.username.clone())), name: Some(self.username.clone()),
summary: self.bio.clone(), summary: self.bio.clone(),
icon, icon,
url: self.profile_url, url: profile_url,
discoverable: Some(self.discoverable), discoverable: Some(true),
manually_approves_followers: self.manually_approves_followers, manually_approves_followers: true,
updated: Some(self.last_refreshed_at), updated: Some(self.last_refreshed_at),
endpoints: Some(Endpoints { shared_inbox }), endpoints: Some(Endpoints { shared_inbox }),
image, image,
also_known_as, also_known_as,
attachment, attachment,
featured: self.featured_url,
}) })
} }
@@ -326,26 +295,11 @@ impl Object for DbActor {
expected_domain: &Url, expected_domain: &Url,
_data: &Data<Self::DataType>, _data: &Data<Self::DataType>,
) -> Result<(), Self::Error> { ) -> Result<(), Self::Error> {
if verify_domains_match(json.id.inner(), expected_domain).is_ok() { verify_domains_match(json.id.inner(), expected_domain)?;
return Ok(()); Ok(())
}
if apex_domain(json.id.inner()) == apex_domain(expected_domain) {
tracing::debug!(
actor_id = %json.id.inner(),
expected = %expected_domain,
"domain verified via www-apex equivalence"
);
return Ok(());
}
verify_domains_match(json.id.inner(), expected_domain).map_err(Error::from)
} }
async fn from_json(json: Self::Kind, data: &Data<Self::DataType>) -> Result<Self, Self::Error> { async fn from_json(json: Self::Kind, data: &Data<Self::DataType>) -> Result<Self, Self::Error> {
tracing::debug!(
actor_id = %json.id.inner(),
username = %json.preferred_username,
"ingesting remote actor"
);
let shared_inbox_url = json.endpoints.as_ref().map(|e| e.shared_inbox.to_string()); let shared_inbox_url = json.endpoints.as_ref().map(|e| e.shared_inbox.to_string());
let actor = RemoteActor { let actor = RemoteActor {
url: json.id.inner().to_string(), url: json.id.inner().to_string(),
@@ -354,9 +308,9 @@ impl Object for DbActor {
shared_inbox_url, shared_inbox_url,
display_name: json.name.clone(), display_name: json.name.clone(),
avatar_url: json.icon.as_ref().map(|i| i.url.to_string()), avatar_url: json.icon.as_ref().map(|i| i.url.to_string()),
outbox_url: json.outbox.as_ref().map(|u| u.to_string()), outbox_url: Some(json.outbox.to_string()),
}; };
data.actor_repo.upsert_remote_actor(actor).await?; data.federation_repo.upsert_remote_actor(actor).await?;
let url_str = json.id.inner().to_string(); let url_str = json.id.inner().to_string();
let user_id = uuid::Uuid::new_v5(&uuid::Uuid::NAMESPACE_URL, url_str.as_bytes()); let user_id = uuid::Uuid::new_v5(&uuid::Uuid::NAMESPACE_URL, url_str.as_bytes());
@@ -366,23 +320,13 @@ impl Object for DbActor {
.endpoints .endpoints
.as_ref() .as_ref()
.and_then(|e| Url::parse(e.shared_inbox.as_str()).ok()); .and_then(|e| Url::parse(e.shared_inbox.as_str()).ok());
let fallback = |suffix: &str| { let outbox_url = json.outbox.clone();
Url::parse(&format!("{}{}", ap_id, suffix)).unwrap_or_else(|_| ap_id.clone()) let followers_url = json.followers.clone();
}; let following_url = json.following.clone();
let outbox_url = json.outbox.clone().unwrap_or_else(|| fallback("/outbox"));
let followers_url = json
.followers
.clone()
.unwrap_or_else(|| fallback("/followers"));
let following_url = json
.following
.clone()
.unwrap_or_else(|| fallback("/following"));
Ok(DbActor { Ok(DbActor {
user_id, user_id,
username: json.preferred_username.clone(), username: json.preferred_username.clone(),
display_name: json.name.clone(),
public_key_pem: json.public_key.public_key_pem, public_key_pem: json.public_key.public_key_pem,
private_key_pem: None, private_key_pem: None,
inbox_url, inbox_url,
@@ -395,7 +339,7 @@ impl Object for DbActor {
bio: json.summary.clone(), bio: json.summary.clone(),
avatar_url: json.icon.as_ref().map(|i| i.url.clone()), avatar_url: json.icon.as_ref().map(|i| i.url.clone()),
banner_url: json.image.as_ref().map(|i| i.url.clone()), banner_url: json.image.as_ref().map(|i| i.url.clone()),
also_known_as: json.also_known_as, also_known_as: json.also_known_as.into_iter().next(),
profile_url: json.url.clone(), profile_url: json.url.clone(),
attachment: json attachment: json
.attachment .attachment
@@ -405,10 +349,6 @@ impl Object for DbActor {
value: f.value.clone(), value: f.value.clone(),
}) })
.collect(), .collect(),
manually_approves_followers: json.manually_approves_followers,
discoverable: json.discoverable.unwrap_or(false),
actor_type: json.kind,
featured_url: json.featured,
}) })
} }
} }

111
src/content.rs
View File

@@ -2,20 +2,17 @@ use async_trait::async_trait;
use chrono::{DateTime, Utc}; use chrono::{DateTime, Utc};
use url::Url; use url::Url;
/// Read side — the library queries this when sending content outward.
/// Implement on the same struct as [`ApObjectHandler`] if you prefer a single
/// database type.
#[async_trait] #[async_trait]
pub trait ApContentReader: Send + Sync { pub trait ApObjectHandler: Send + Sync {
/// Newest-first page of locally-authored objects for `user_id`, published /// Returns (ap_id, serialized object) for all local content owned by this user.
/// strictly before `before` (pass `None` for the first page). /// Used by outbox (count) and backfill (delivery). Must only return locally-authored content.
/// Returns `(ap_id, object_json, published_at)` tuples. async fn get_local_objects_for_user(
/// &self,
/// Used by the outbox endpoint and by backfill when a new follower is user_id: uuid::Uuid,
/// accepted. Implementations MUST: ) -> anyhow::Result<Vec<(Url, serde_json::Value)>>;
/// - Return objects in descending `published_at` order.
/// - Exclude deleted and draft content. /// Returns up to `limit` objects ordered newest-first, published before `before`.
/// - Be consistent across pages (no duplicates, no gaps). /// Returns (ap_id, object_json, published_at).
async fn get_local_objects_page( async fn get_local_objects_page(
&self, &self,
user_id: uuid::Uuid, user_id: uuid::Uuid,
@@ -23,38 +20,7 @@ pub trait ApContentReader: Send + Sync {
limit: usize, limit: usize,
) -> anyhow::Result<Vec<(Url, serde_json::Value, DateTime<Utc>)>>; ) -> anyhow::Result<Vec<(Url, serde_json::Value, DateTime<Utc>)>>;
/// Total locally-authored posts across all users. Used by NodeInfo. /// Incoming Create activity — persist remote content.
async fn count_local_posts(&self) -> anyhow::Result<u64>;
/// AP URLs of pinned (featured) objects for this user, in display order.
///
/// Served at `GET /users/{id}/featured` as an `OrderedCollection`.
/// Mastodon and Pleroma follow this link from the actor's `featured` field.
///
/// Defaults to an empty list — override to expose pinned posts.
async fn get_featured_objects(&self, user_id: uuid::Uuid) -> anyhow::Result<Vec<url::Url>> {
let _ = user_id;
Ok(vec![])
}
}
/// Write side — the library calls these when processing inbound AP activities.
///
/// All methods are called after HTTP signature verification has passed.
/// Returning `Err` propagates a 500 back to the remote server, which will
/// trigger a retry from well-behaved implementations. Return `Ok(())` to
/// silently accept an activity you don't want to act on.
///
/// **Idempotency:** Methods may be called more than once for the same activity
/// (e.g. under a race during duplicate delivery). Implementations should be
/// idempotent — prefer upsert over insert.
#[async_trait]
pub trait ApObjectHandler: Send + Sync {
/// A remote actor published new content.
///
/// `ap_id` is the stable URL of the object (e.g. the Note URL, not the
/// Create activity URL). Store or index the `object` JSON as appropriate
/// for your domain.
async fn on_create( async fn on_create(
&self, &self,
ap_id: &Url, ap_id: &Url,
@@ -62,10 +28,7 @@ pub trait ApObjectHandler: Send + Sync {
object: serde_json::Value, object: serde_json::Value,
) -> anyhow::Result<()>; ) -> anyhow::Result<()>;
/// A remote actor edited existing content. /// Incoming Update activity — update existing remote content.
///
/// `ap_id` matches a previously received `on_create` call. Update the
/// stored object.
async fn on_update( async fn on_update(
&self, &self,
ap_id: &Url, ap_id: &Url,
@@ -73,55 +36,33 @@ pub trait ApObjectHandler: Send + Sync {
object: serde_json::Value, object: serde_json::Value,
) -> anyhow::Result<()>; ) -> anyhow::Result<()>;
/// A remote actor deleted an object previously delivered via `on_create`. /// Incoming Delete activity — remove specific remote content.
async fn on_delete(&self, ap_id: &Url, actor_url: &Url) -> anyhow::Result<()>; async fn on_delete(&self, ap_id: &Url, actor_url: &Url) -> anyhow::Result<()>;
/// A remote actor was deleted or has unfollowed all local users. /// Actor unfollowed/was removed — clean up all their remote content.
///
/// Remove all content and state associated with `actor_url` from local
/// storage. Called for `Delete(actor)` and for `Undo(Follow)`.
async fn on_actor_removed(&self, actor_url: &Url) -> anyhow::Result<()>; async fn on_actor_removed(&self, actor_url: &Url) -> anyhow::Result<()>;
/// A remote actor liked a locally-authored object. /// Called when a remote actor likes a local thought.
/// `object_url` is the AP URL of the liked note (e.g. `{base}/thoughts/{uuid}`).
/// `actor_url` is the AP URL of the remote actor who sent the Like.
async fn on_like(&self, object_url: &Url, actor_url: &Url) -> anyhow::Result<()>; async fn on_like(&self, object_url: &Url, actor_url: &Url) -> anyhow::Result<()>;
/// A remote actor removed their like from a locally-authored object. /// Called when a remote actor boosts (Announce) a local thought.
async fn on_unlike(&self, object_url: &Url, actor_url: &Url) -> anyhow::Result<()>; /// `object_url` is the AP URL of the announced note.
/// `actor_url` is the AP URL of the remote actor who sent the Announce.
/// A remote actor boosted (Announced) a **locally-authored** object.
///
/// `object_url` is your local object's AP URL. The boost count is tracked
/// separately in [`crate::repository::ActorRepository::count_announces`].
async fn on_announce_received(&self, object_url: &Url, actor_url: &Url) -> anyhow::Result<()>; async fn on_announce_received(&self, object_url: &Url, actor_url: &Url) -> anyhow::Result<()>;
/// A remote actor removed their boost (`Undo(Announce)`) of a locally-authored /// Called when a remote actor removes a Like from a local thought.
/// object. Use this to decrement boost counts or update UI. async fn on_unlike(&self, object_url: &Url, actor_url: &Url) -> anyhow::Result<()>;
///
/// Has a default no-op implementation — override to handle undone boosts.
async fn on_announce_removed(&self, object_url: &Url, actor_url: &Url) -> anyhow::Result<()> {
let _ = (object_url, actor_url);
Ok(())
}
/// A remote actor boosted an object hosted on a **different server**. /// Called when an inbound Note tags a local user with a Mention.
///
/// Use this to surface cross-server boosts in local feeds. Called instead
/// of `on_announce_received` when the announced object URL is external.
/// Failures are logged and swallowed — they do not fail the activity.
async fn on_announce_of_remote(&self, object_url: &Url, actor_url: &Url) -> anyhow::Result<()>;
/// A local user was tagged (Mentioned) in an inbound Create or Update.
///
/// Called for every `{"type":"Mention","href":"<local-actor-url>"}` tag
/// found in inbound activities. Use this to send in-app notifications.
/// The note content is also delivered independently via `on_create`.
///
/// Failures are logged and swallowed — a broken notification must not
/// cause the activity to be rejected.
async fn on_mention( async fn on_mention(
&self, &self,
thought_ap_id: &Url, thought_ap_id: &Url,
mentioned_user_uuid: uuid::Uuid, mentioned_user_uuid: uuid::Uuid,
actor_url: &Url, actor_url: &Url,
) -> anyhow::Result<()>; ) -> anyhow::Result<()>;
/// Total number of locally-authored posts across all users.
async fn count_local_posts(&self) -> anyhow::Result<u64>;
} }

68
src/data.rs
View File

@@ -1,79 +1,33 @@
use std::sync::Arc; use std::sync::Arc;
use crate::content::{ApContentReader, ApObjectHandler}; use crate::content::ApObjectHandler;
use crate::repository::{ use crate::repository::FederationRepository;
ActivityRepository, ActorRepository, BlocklistRepository, FollowRepository,
};
use crate::user::ApUserRepository; use crate::user::ApUserRepository;
/// Typed event emitted by the federation layer. /// Minimal event-publishing abstraction — project-specific implementations
/// /// are wired in by the consuming crate via `FederationData::new`.
/// **Delivery:** When an [`EventPublisher`] is configured, outbound activities
/// are published as [`FederationEvent::DeliveryRequested`] instead of being sent
/// directly. Process them by calling
/// [`crate::service::ActivityPubService::deliver_to_inbox`].
///
/// **Backfill:** When a follower is accepted and an [`EventPublisher`] is
/// configured, [`FederationEvent::BackfillRequested`] is published instead of
/// spawning an in-process task. Process it by calling
/// [`crate::service::ActivityPubService::run_backfill_for_follower`].
///
/// Without a publisher, both fall back to `tokio::spawn`.
#[derive(Debug, Clone)]
pub enum FederationEvent {
/// An outbound activity must be delivered to `inbox`.
/// Call `ActivityPubService::deliver_to_inbox(inbox, activity, signing_actor_id)`.
DeliveryRequested {
inbox: url::Url,
activity: serde_json::Value,
signing_actor_id: uuid::Uuid,
},
/// Delivery to `inbox` failed permanently after all in-process retries.
DeliveryFailed {
inbox: url::Url,
activity: serde_json::Value,
signing_actor_id: uuid::Uuid,
error: String,
},
/// A new follower was accepted and their inbox needs backfilling.
/// Call `ActivityPubService::run_backfill_for_follower(owner_user_id, follower_inbox_url)`.
BackfillRequested {
owner_user_id: uuid::Uuid,
follower_inbox_url: String,
},
}
/// Receives typed federation events.
#[async_trait::async_trait] #[async_trait::async_trait]
pub trait EventPublisher: Send + Sync { pub trait EventPublisher: Send + Sync {
async fn publish(&self, event: FederationEvent) -> anyhow::Result<()>; async fn publish(&self, event: &str) -> anyhow::Result<()>;
} }
#[derive(Clone)] #[derive(Clone)]
pub struct FederationData { pub struct FederationData {
pub(crate) activity_repo: Arc<dyn ActivityRepository>, pub(crate) federation_repo: Arc<dyn FederationRepository>,
pub(crate) follow_repo: Arc<dyn FollowRepository>,
pub(crate) actor_repo: Arc<dyn ActorRepository>,
pub(crate) blocklist_repo: Arc<dyn BlocklistRepository>,
pub(crate) user_repo: Arc<dyn ApUserRepository>, pub(crate) user_repo: Arc<dyn ApUserRepository>,
pub(crate) content_reader: Arc<dyn ApContentReader>,
pub(crate) object_handler: Arc<dyn ApObjectHandler>, pub(crate) object_handler: Arc<dyn ApObjectHandler>,
pub(crate) base_url: String, pub(crate) base_url: String,
pub(crate) domain: String, pub(crate) domain: String,
pub(crate) allow_registration: bool, pub(crate) allow_registration: bool,
pub(crate) software_name: String, pub(crate) software_name: String,
#[allow(dead_code)]
pub(crate) event_publisher: Option<Arc<dyn EventPublisher>>, pub(crate) event_publisher: Option<Arc<dyn EventPublisher>>,
} }
impl FederationData { impl FederationData {
#[allow(clippy::too_many_arguments)]
pub fn new( pub fn new(
activity_repo: Arc<dyn ActivityRepository>, federation_repo: Arc<dyn FederationRepository>,
follow_repo: Arc<dyn FollowRepository>,
actor_repo: Arc<dyn ActorRepository>,
blocklist_repo: Arc<dyn BlocklistRepository>,
user_repo: Arc<dyn ApUserRepository>, user_repo: Arc<dyn ApUserRepository>,
content_reader: Arc<dyn ApContentReader>,
object_handler: Arc<dyn ApObjectHandler>, object_handler: Arc<dyn ApObjectHandler>,
base_url: String, base_url: String,
allow_registration: bool, allow_registration: bool,
@@ -88,12 +42,8 @@ impl FederationData {
.unwrap_or("") .unwrap_or("")
.to_string(); .to_string();
Self { Self {
activity_repo, federation_repo,
follow_repo,
actor_repo,
blocklist_repo,
user_repo, user_repo,
content_reader,
object_handler, object_handler,
base_url, base_url,
domain, domain,

13
src/error.rs
View File

@@ -33,18 +33,15 @@ where
impl axum::response::IntoResponse for Error { impl axum::response::IntoResponse for Error {
fn into_response(self) -> axum::response::Response { fn into_response(self) -> axum::response::Response {
let status = self.1; let status = self.1;
// Always log the real error internally; never expose it to the client.
if status.is_server_error() { if status.is_server_error() {
tracing::error!(error = %self.0, status = status.as_u16(), "federation error"); tracing::error!(error = %self.0, status = status.as_u16(), "federation error");
} else { } else {
tracing::debug!(error = %self.0, status = status.as_u16(), "federation client error"); tracing::debug!(error = %self.0, status = status.as_u16(), "federation response");
} }
let body = match status { let body = if status.is_server_error() {
StatusCode::NOT_FOUND => "not found", "internal server error".to_string()
StatusCode::BAD_REQUEST => "bad request", } else {
StatusCode::UNAUTHORIZED => "unauthorized", self.0.to_string()
StatusCode::FORBIDDEN => "forbidden",
_ => "internal server error",
}; };
(status, body).into_response() (status, body).into_response()
} }

42
src/featured_handler.rs
View File

@@ -1,42 +0,0 @@
use activitypub_federation::{axum::json::FederationJson, config::Data};
use axum::extract::Path;
use serde_json::json;
use crate::data::FederationData;
use crate::error::Error;
use crate::urls::AP_CONTEXT;
/// Serves the `featured` (pinned posts) `OrderedCollection` for a local user.
///
/// Remote servers follow the `featured` link from the actor JSON and expect
/// an `OrderedCollection` whose `orderedItems` are the AP URLs of pinned objects.
/// The handler calls [`ApContentReader::get_featured_objects`] — override that
/// method to expose your pinned posts.
pub async fn featured_handler(
Path(user_id_str): Path<String>,
data: Data<FederationData>,
) -> Result<FederationJson<serde_json::Value>, Error> {
let user_id = uuid::Uuid::parse_str(&user_id_str)
.map_err(|_| Error::not_found(anyhow::anyhow!("user not found")))?;
data.user_repo
.find_by_id(user_id)
.await
.map_err(Error::from)?
.ok_or_else(|| Error::not_found(anyhow::anyhow!("user not found")))?;
let featured_url = format!("{}/users/{}/featured", data.base_url, user_id_str);
let items = data
.content_reader
.get_featured_objects(user_id)
.await
.map_err(|e| Error::from(anyhow::anyhow!("{}", e)))?;
Ok(FederationJson(json!({
"@context": AP_CONTEXT,
"type": "OrderedCollection",
"id": featured_url,
"totalItems": items.len(),
"orderedItems": items.iter().map(|u| u.as_str()).collect::<Vec<_>>(),
})))
}

9
src/federation.rs
View File

@@ -18,15 +18,6 @@ impl UrlVerifier for PermissiveVerifier {
pub struct ApFederationConfig(pub FederationConfig<FederationData>); pub struct ApFederationConfig(pub FederationConfig<FederationData>);
impl ApFederationConfig { impl ApFederationConfig {
/// Create a new federation config.
///
/// **HTTP signature / Digest behavior:**
/// - Production (`debug = false`): strict normalization + **requires `Digest` header** on every
/// inbound POST. All major AP implementations (Mastodon, Pleroma, Pixelfed) include it.
/// - Debug (`debug = true`): relaxes Digest requirement, disables signature verification,
/// and accepts any URL. **Never use in production.**
///
/// Outbound signing always uses Mastodon compat mode regardless of this flag.
pub async fn new(data: FederationData, debug: bool) -> anyhow::Result<Self> { pub async fn new(data: FederationData, debug: bool) -> anyhow::Result<Self> {
let config = if debug { let config = if debug {
FederationConfig::builder() FederationConfig::builder()

8
src/followers_handler.rs
View File

@@ -33,8 +33,8 @@ async fn collection_handler(
); );
let total = match collection_type { let total = match collection_type {
"followers" => data.follow_repo.count_followers(user_id).await, "followers" => data.federation_repo.count_followers(user_id).await,
_ => data.follow_repo.count_following(user_id).await, _ => data.federation_repo.count_following(user_id).await,
} }
.map_err(Error::from)?; .map_err(Error::from)?;
@@ -44,7 +44,7 @@ async fn collection_handler(
let items: Vec<String> = match collection_type { let items: Vec<String> = match collection_type {
"followers" => data "followers" => data
.follow_repo .federation_repo
.get_followers_page(user_id, offset as u32, AP_PAGE_SIZE) .get_followers_page(user_id, offset as u32, AP_PAGE_SIZE)
.await .await
.map_err(Error::from)? .map_err(Error::from)?
@@ -52,7 +52,7 @@ async fn collection_handler(
.map(|f| f.actor.url) .map(|f| f.actor.url)
.collect(), .collect(),
_ => data _ => data
.follow_repo .federation_repo
.get_following_page(user_id, offset as u32, AP_PAGE_SIZE) .get_following_page(user_id, offset as u32, AP_PAGE_SIZE)
.await .await
.map_err(Error::from)? .map_err(Error::from)?

5
src/inbox.rs
View File

@@ -9,11 +9,6 @@ use crate::actors::DbActor;
use crate::data::FederationData; use crate::data::FederationData;
use crate::error::Error; use crate::error::Error;
/// Idempotency is enforced inside each activity's `receive()` implementation
/// via `FederationRepository::is_activity_processed` /
/// `mark_activity_processed`. HTTP signature verification and JSON-LD
/// processing are handled by `activitypub_federation` middleware before this
/// handler is reached.
pub async fn inbox_handler( pub async fn inbox_handler(
data: Data<FederationData>, data: Data<FederationData>,
activity_data: ActivityData, activity_data: ActivityData,

26
src/lib.rs
View File

@@ -4,7 +4,6 @@ pub mod actors;
pub mod content; pub mod content;
pub mod data; pub mod data;
pub mod error; pub mod error;
pub mod featured_handler;
pub mod federation; pub mod federation;
pub mod followers_handler; pub mod followers_handler;
pub mod inbox; pub mod inbox;
@@ -16,29 +15,14 @@ pub(crate) mod urls;
pub mod user; pub mod user;
pub mod webfinger; pub mod webfinger;
pub use urls::AS_PUBLIC;
pub use activitypub_federation::kinds::object::NoteType; pub use activitypub_federation::kinds::object::NoteType;
pub use content::{ApContentReader, ApObjectHandler}; pub use content::ApObjectHandler;
pub use data::{EventPublisher, FederationData, FederationEvent}; pub use data::FederationData;
pub use error::Error; pub use error::Error;
pub use federation::ApFederationConfig; pub use federation::ApFederationConfig;
pub use repository::{ pub use repository::{
ActivityRepository, ActorRepository, BlockedDomain, BlocklistRepository, FollowRepository, BlockedDomain, FederationRepository, Follower, FollowerStatus, FollowingStatus, RemoteActor,
Follower, FollowerStatus, FollowingStatus, RemoteActor,
}; };
pub use service::ActivityPubService; pub use service::ActivityPubService;
pub use urls::AS_PUBLIC; pub use user::{ApProfileField, ApUser, ApUserRepository};
pub use user::{
ApActorType, ApProfileField, ApUser, ApUserRepository, ApVisibility, LookedUpActor,
};
#[cfg(test)]
#[path = "tests/integration.rs"]
mod integration_tests;
#[cfg(test)]
#[path = "tests/activities.rs"]
mod activity_tests;
#[cfg(test)]
#[path = "tests/broadcast.rs"]
mod broadcast_tests;

2
src/nodeinfo.rs
View File

@@ -60,7 +60,7 @@ pub async fn nodeinfo_well_known_handler(
pub async fn nodeinfo_handler(data: Data<FederationData>) -> Result<Json<NodeInfo>, Error> { pub async fn nodeinfo_handler(data: Data<FederationData>) -> Result<Json<NodeInfo>, Error> {
let user_count = data.user_repo.count_users().await.unwrap_or(0); let user_count = data.user_repo.count_users().await.unwrap_or(0);
let local_posts = data.content_reader.count_local_posts().await.unwrap_or(0); let local_posts = data.object_handler.count_local_posts().await.unwrap_or(0);
Ok(Json(NodeInfo { Ok(Json(NodeInfo {
version: "2.0".to_string(), version: "2.0".to_string(),

23
src/outbox.rs
View File

@@ -27,7 +27,6 @@ pub struct OrderedCollection {
id: String, id: String,
total_items: u64, total_items: u64,
first: String, first: String,
last: String,
} }
#[derive(Serialize, Deserialize)] #[derive(Serialize, Deserialize)]
@@ -39,7 +38,6 @@ pub struct OrderedCollectionPage {
kind: String, kind: String,
id: String, id: String,
part_of: String, part_of: String,
total_items: u64,
ordered_items: Vec<serde_json::Value>, ordered_items: Vec<serde_json::Value>,
#[serde(skip_serializing_if = "Option::is_none")] #[serde(skip_serializing_if = "Option::is_none")]
next: Option<String>, next: Option<String>,
@@ -61,21 +59,11 @@ pub async fn outbox_handler(
let outbox_url = format!("{}/users/{}/outbox", data.base_url, user_id_str); let outbox_url = format!("{}/users/{}/outbox", data.base_url, user_id_str);
// Total count — uses count_local_posts for an aggregated count. For a
// per-user count we use the page length on the first page as an upper bound
// if count_local_posts returns 0. In practice this trait method is called
// infrequently (only on the root collection endpoint).
let total = data
.content_reader
.count_local_posts()
.await
.map_err(|e| Error::from(anyhow::anyhow!("{}", e)))?;
if query.page.unwrap_or(false) { if query.page.unwrap_or(false) {
let before: Option<DateTime<Utc>> = query.before.as_deref().and_then(|s| s.parse().ok()); let before: Option<DateTime<Utc>> = query.before.as_deref().and_then(|s| s.parse().ok());
let items = data let items = data
.content_reader .object_handler
.get_local_objects_page(uuid, before, AP_PAGE_SIZE) .get_local_objects_page(uuid, before, AP_PAGE_SIZE)
.await .await
.map_err(|e| Error::from(anyhow::anyhow!("{}", e)))?; .map_err(|e| Error::from(anyhow::anyhow!("{}", e)))?;
@@ -126,19 +114,24 @@ pub async fn outbox_handler(
kind: "OrderedCollectionPage".to_string(), kind: "OrderedCollectionPage".to_string(),
id: page_id, id: page_id,
part_of: outbox_url, part_of: outbox_url,
total_items: total,
ordered_items, ordered_items,
next, next,
}) })
.into_response()) .into_response())
} else { } else {
let total = data
.object_handler
.get_local_objects_for_user(uuid)
.await
.map_err(|e| Error::from(anyhow::anyhow!("{}", e)))?
.len() as u64;
Ok(axum::Json(OrderedCollection { Ok(axum::Json(OrderedCollection {
context: crate::urls::AP_CONTEXT.to_string(), context: crate::urls::AP_CONTEXT.to_string(),
kind: "OrderedCollection".to_string(), kind: "OrderedCollection".to_string(),
id: outbox_url.clone(), id: outbox_url.clone(),
total_items: total, total_items: total,
first: format!("{}?page=true", outbox_url), first: format!("{}?page=true", outbox_url),
last: format!("{}?page=true&before=1970-01-01T00:00:00.000Z", outbox_url),
}) })
.into_response()) .into_response())
} }

106
src/repository/follow.rs → src/repository.rs
View File

@@ -1,12 +1,45 @@
use anyhow::Result; use anyhow::Result;
use async_trait::async_trait; use async_trait::async_trait;
use super::{Follower, FollowerStatus, FollowingStatus, RemoteActor}; #[derive(Debug, Clone, PartialEq, Eq)]
pub enum FollowerStatus {
Pending,
Accepted,
Rejected,
}
#[derive(Debug, Clone, PartialEq, Eq)]
pub enum FollowingStatus {
Pending,
Accepted,
}
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct RemoteActor {
pub url: String,
pub handle: String,
pub inbox_url: String,
pub shared_inbox_url: Option<String>,
pub display_name: Option<String>,
pub avatar_url: Option<String>,
pub outbox_url: Option<String>,
}
#[derive(Debug, Clone)]
pub struct Follower {
pub actor: RemoteActor,
pub status: FollowerStatus,
}
#[derive(Debug, Clone)]
pub struct BlockedDomain {
pub domain: String,
pub reason: Option<String>,
pub blocked_at: String,
}
/// Manages follower/following relationships and account migration.
#[async_trait] #[async_trait]
pub trait FollowRepository: Send + Sync { pub trait FederationRepository: Send + Sync {
// ── Inbound followers ───────────────────────────────────────────────────
async fn add_follower( async fn add_follower(
&self, &self,
local_user_id: uuid::Uuid, local_user_id: uuid::Uuid,
@@ -32,29 +65,18 @@ pub trait FollowRepository: Send + Sync {
limit: usize, limit: usize,
) -> Result<Vec<Follower>>; ) -> Result<Vec<Follower>>;
async fn count_followers(&self, local_user_id: uuid::Uuid) -> Result<usize>; async fn count_followers(&self, local_user_id: uuid::Uuid) -> Result<usize>;
async fn get_following_page(
&self,
local_user_id: uuid::Uuid,
offset: u32,
limit: usize,
) -> Result<Vec<RemoteActor>>;
async fn update_follower_status( async fn update_follower_status(
&self, &self,
local_user_id: uuid::Uuid, local_user_id: uuid::Uuid,
remote_actor_url: &str, remote_actor_url: &str,
status: FollowerStatus, status: FollowerStatus,
) -> Result<()>; ) -> Result<()>;
async fn get_pending_followers(&self, local_user_id: uuid::Uuid) -> Result<Vec<RemoteActor>>;
/// Return deduplicated inbox URLs (shared_inbox preferred) for accepted
/// followers, excluding blocked actors/domains. DB-side filtering.
async fn get_accepted_follower_inboxes(&self, local_user_id: uuid::Uuid)
-> Result<Vec<String>>;
/// Count of accepted followers only. More efficient than loading all followers
/// and filtering in application memory.
async fn count_accepted_followers(&self, local_user_id: uuid::Uuid) -> Result<usize>;
/// Accepted followers page for display purposes. `offset` is 0-based.
async fn get_accepted_followers_page(
&self,
local_user_id: uuid::Uuid,
offset: u32,
limit: usize,
) -> Result<Vec<RemoteActor>>;
// ── Outbound following ──────────────────────────────────────────────────
async fn add_following( async fn add_following(
&self, &self,
local_user_id: uuid::Uuid, local_user_id: uuid::Uuid,
@@ -68,13 +90,20 @@ pub trait FollowRepository: Send + Sync {
) -> Result<Option<String>>; ) -> Result<Option<String>>;
async fn remove_following(&self, local_user_id: uuid::Uuid, actor_url: &str) -> Result<()>; async fn remove_following(&self, local_user_id: uuid::Uuid, actor_url: &str) -> Result<()>;
async fn get_following(&self, local_user_id: uuid::Uuid) -> Result<Vec<RemoteActor>>; async fn get_following(&self, local_user_id: uuid::Uuid) -> Result<Vec<RemoteActor>>;
async fn get_following_page(
&self,
local_user_id: uuid::Uuid,
offset: u32,
limit: usize,
) -> Result<Vec<RemoteActor>>;
async fn count_following(&self, local_user_id: uuid::Uuid) -> Result<usize>; async fn count_following(&self, local_user_id: uuid::Uuid) -> Result<usize>;
async fn upsert_remote_actor(&self, actor: RemoteActor) -> Result<()>;
async fn get_remote_actor(&self, actor_url: &str) -> Result<Option<RemoteActor>>;
async fn get_local_actor_keypair(
&self,
user_id: uuid::Uuid,
) -> Result<Option<(String, String)>>;
async fn save_local_actor_keypair(
&self,
user_id: uuid::Uuid,
public_key: String,
private_key: String,
) -> Result<()>;
async fn get_pending_followers(&self, local_user_id: uuid::Uuid) -> Result<Vec<RemoteActor>>;
async fn update_following_status( async fn update_following_status(
&self, &self,
local_user_id: uuid::Uuid, local_user_id: uuid::Uuid,
@@ -86,13 +115,20 @@ pub trait FollowRepository: Send + Sync {
local_user_id: uuid::Uuid, local_user_id: uuid::Uuid,
remote_actor_url: &str, remote_actor_url: &str,
) -> Result<Option<String>>; ) -> Result<Option<String>>;
async fn add_announce(
// ── Account migration ───────────────────────────────────────────────────
/// Migrate all follower records from `old_actor_url` to `new_actor_url`.
/// Returns local user IDs that need a re-follow sent.
async fn migrate_follower_actor(
&self, &self,
old_actor_url: &str, activity_id: &str,
new_actor_url: &str, object_url: &str,
) -> Result<Vec<uuid::Uuid>>; actor_url: &str,
announced_at: chrono::DateTime<chrono::Utc>,
) -> Result<()>;
async fn count_announces(&self, object_url: &str) -> Result<usize>;
async fn add_blocked_domain(&self, domain: &str, reason: Option<&str>) -> Result<()>;
async fn remove_blocked_domain(&self, domain: &str) -> Result<()>;
async fn get_blocked_domains(&self) -> Result<Vec<BlockedDomain>>;
async fn is_domain_blocked(&self, domain: &str) -> Result<bool>;
async fn add_blocked_actor(&self, local_user_id: uuid::Uuid, actor_url: &str) -> Result<()>;
async fn remove_blocked_actor(&self, local_user_id: uuid::Uuid, actor_url: &str) -> Result<()>;
async fn get_blocked_actors(&self, local_user_id: uuid::Uuid) -> Result<Vec<String>>;
async fn is_actor_blocked(&self, local_user_id: uuid::Uuid, actor_url: &str) -> Result<bool>;
} }

11
src/repository/activity.rs
View File

@@ -1,11 +0,0 @@
use anyhow::Result;
use async_trait::async_trait;
/// Tracks which inbound AP activity IDs have already been processed.
/// Prevents duplicate handling when remote servers retry delivery.
/// Implementations should enforce a UNIQUE constraint on stored IDs.
#[async_trait]
pub trait ActivityRepository: Send + Sync {
async fn is_activity_processed(&self, activity_id: &str) -> Result<bool>;
async fn mark_activity_processed(&self, activity_id: &str) -> Result<()>;
}

37
src/repository/actor.rs
View File

@@ -1,37 +0,0 @@
use anyhow::Result;
use async_trait::async_trait;
use super::RemoteActor;
/// Manages local actor keypairs, remote actor cache, and Announce tracking.
#[async_trait]
pub trait ActorRepository: Send + Sync {
// ── Local keypairs ──────────────────────────────────────────────────────
async fn get_local_actor_keypair(
&self,
user_id: uuid::Uuid,
) -> Result<Option<(String, String)>>;
async fn save_local_actor_keypair(
&self,
user_id: uuid::Uuid,
public_key: String,
private_key: String,
) -> Result<()>;
// ── Remote actor cache ──────────────────────────────────────────────────
async fn upsert_remote_actor(&self, actor: RemoteActor) -> Result<()>;
async fn get_remote_actor(&self, actor_url: &str) -> Result<Option<RemoteActor>>;
// ── Boost (Announce) tracking ───────────────────────────────────────────
async fn add_announce(
&self,
activity_id: &str,
object_url: &str,
actor_url: &str,
announced_at: chrono::DateTime<chrono::Utc>,
) -> Result<()>;
/// Remove a boost record when a remote actor sends `Undo(Announce)`.
/// Implementations should match by `activity_id` and `actor_url`.
async fn remove_announce(&self, activity_id: &str, actor_url: &str) -> Result<()>;
async fn count_announces(&self, object_url: &str) -> Result<usize>;
}

20
src/repository/blocklist.rs
View File

@@ -1,20 +0,0 @@
use anyhow::Result;
use async_trait::async_trait;
use super::BlockedDomain;
/// Domain and actor-level blocklists.
#[async_trait]
pub trait BlocklistRepository: Send + Sync {
// ── Domain blocklist ────────────────────────────────────────────────────
async fn add_blocked_domain(&self, domain: &str, reason: Option<&str>) -> Result<()>;
async fn remove_blocked_domain(&self, domain: &str) -> Result<()>;
async fn get_blocked_domains(&self) -> Result<Vec<BlockedDomain>>;
async fn is_domain_blocked(&self, domain: &str) -> Result<bool>;
// ── Per-user actor blocklist ────────────────────────────────────────────
async fn add_blocked_actor(&self, local_user_id: uuid::Uuid, actor_url: &str) -> Result<()>;
async fn remove_blocked_actor(&self, local_user_id: uuid::Uuid, actor_url: &str) -> Result<()>;
async fn get_blocked_actors(&self, local_user_id: uuid::Uuid) -> Result<Vec<String>>;
async fn is_actor_blocked(&self, local_user_id: uuid::Uuid, actor_url: &str) -> Result<bool>;
}

46
src/repository/mod.rs
View File

@@ -1,46 +0,0 @@
mod activity;
mod actor;
mod blocklist;
mod follow;
pub use activity::ActivityRepository;
pub use actor::ActorRepository;
pub use blocklist::BlocklistRepository;
pub use follow::FollowRepository;
#[derive(Debug, Clone, PartialEq, Eq)]
pub enum FollowerStatus {
Pending,
Accepted,
Rejected,
}
#[derive(Debug, Clone, PartialEq, Eq)]
pub enum FollowingStatus {
Pending,
Accepted,
}
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct RemoteActor {
pub url: String,
pub handle: String,
pub inbox_url: String,
pub shared_inbox_url: Option<String>,
pub display_name: Option<String>,
pub avatar_url: Option<String>,
pub outbox_url: Option<String>,
}
#[derive(Debug, Clone)]
pub struct Follower {
pub actor: RemoteActor,
pub status: FollowerStatus,
}
#[derive(Debug, Clone)]
pub struct BlockedDomain {
pub domain: String,
pub reason: Option<String>,
pub blocked_at: String,
}

1539
src/service.rs Normal file
View File

File diff suppressed because it is too large Load Diff

254
src/service/backfill.rs
View File

@@ -1,254 +0,0 @@
use activitypub_federation::{
activity_sending::SendActivityTask, fetch::object_id::ObjectId, protocol::context::WithContext,
};
use url::Url;
use crate::{activities::CreateActivity, actors::get_local_actor, federation::ApFederationConfig};
use super::{ActivityPubService, delivery::send_with_retry};
impl ActivityPubService {
/// Fetch a remote actor's outbox and import its content into the local instance.
///
/// This is for importing a **remote actor's history** — for example, when you want
/// to surface an account's past posts after a local user follows them. It fetches
/// pages from `outbox_url` and calls `ApObjectHandler::on_create` for each item.
///
/// This is distinct from [`ActivityPubService::run_backfill_for_follower`], which
/// sends **your** local content to a new follower's inbox.
pub async fn import_remote_outbox(
&self,
outbox_url: &str,
actor_url: &str,
) -> anyhow::Result<()> {
let client = reqwest::Client::builder()
.timeout(std::time::Duration::from_secs(
super::HTTP_FETCH_TIMEOUT_SECS,
))
.build()?;
let data = self.federation_config.to_request_data();
let actor = url::Url::parse(actor_url)?;
let root: serde_json::Value = client
.get(outbox_url)
.header("Accept", "application/activity+json")
.send()
.await?
.json()
.await?;
let first = match root.get("first").and_then(|v| v.as_str()) {
Some(url) => url.to_string(),
None => {
tracing::debug!(outbox = %outbox_url, "outbox has no first page");
return Ok(());
}
};
let mut current_url = first;
let mut visited = std::collections::HashSet::new();
loop {
if !visited.insert(current_url.clone()) {
tracing::warn!(url = %current_url, "backfill: loop detected, stopping");
break;
}
let page: serde_json::Value = match client
.get(&current_url)
.header("Accept", "application/activity+json")
.send()
.await
{
Ok(resp) => match resp.json().await {
Ok(v) => v,
Err(e) => {
tracing::error!(error = %e, "backfill: failed to parse page JSON");
break;
}
},
Err(e) => {
tracing::error!(error = %e, "backfill: HTTP request failed");
break;
}
};
if let Some(items) = page.get("orderedItems").and_then(|v| v.as_array()) {
for item in items {
let activity_type = item.get("type").and_then(|v| v.as_str()).unwrap_or("");
if activity_type != "Create" && activity_type != "Add" {
continue;
}
let Some(object) = item.get("object").filter(|o| o.is_object()).cloned() else {
continue;
};
let Some(ap_id) = object
.get("id")
.and_then(|v| v.as_str())
.and_then(|s| url::Url::parse(s).ok())
else {
continue;
};
if let Err(e) = data.object_handler.on_create(&ap_id, &actor, object).await {
tracing::warn!(ap_id = %ap_id, error = %e, "backfill: failed to process item");
}
}
}
match page.get("next").and_then(|v| v.as_str()) {
Some(next) => current_url = next.to_string(),
None => break,
}
}
tracing::info!(outbox = %outbox_url, pages = visited.len(), "backfill complete");
Ok(())
}
/// Route backfill through [`EventPublisher`] (if configured) or fall back
/// to a fire-and-forget `tokio::spawn`.
///
/// When `EventPublisher` is set, a [`FederationEvent::BackfillRequested`]
/// event is published so the consumer's job queue can process it — allowing
/// backfill to run in a separate worker process rather than in the API server.
/// The worker calls [`ActivityPubService::run_backfill_for_follower`] to execute.
///
/// `pub(crate)` so `service::follow` can call it from `accept_follower`.
pub(crate) fn spawn_backfill(&self, owner_user_id: uuid::Uuid, follower_inbox_url: String) {
let data = self.federation_config.to_request_data();
if let Some(publisher) = data.event_publisher.as_ref() {
let publisher = publisher.clone();
let event = crate::data::FederationEvent::BackfillRequested {
owner_user_id,
follower_inbox_url,
};
tokio::spawn(async move {
if let Err(e) = publisher.publish(event).await {
tracing::warn!(error = %e, "failed to enqueue BackfillRequested event");
}
});
} else {
let config = self.federation_config.clone();
let base_url = self.base_url.clone();
let max_attempts = self.delivery_max_attempts;
let initial_delay = self.delivery_initial_delay_secs;
tokio::spawn(async move {
if let Err(e) = ActivityPubService::run_backfill(
config,
base_url,
owner_user_id,
follower_inbox_url,
max_attempts,
initial_delay,
)
.await
{
tracing::warn!(error = %e, "backfill: task failed");
}
});
}
}
/// Execute backfill for a single follower inbox. Call this from a job-queue
/// consumer that received a [`FederationEvent::BackfillRequested`] event.
///
/// Sends all of `owner_user_id`'s locally-authored content to `follower_inbox_url`,
/// oldest-to-newest, with a small sleep between batches to avoid overwhelming
/// the remote server.
pub async fn run_backfill_for_follower(
&self,
owner_user_id: uuid::Uuid,
follower_inbox_url: String,
) -> anyhow::Result<()> {
ActivityPubService::run_backfill(
self.federation_config.clone(),
self.base_url.clone(),
owner_user_id,
follower_inbox_url,
self.delivery_max_attempts,
self.delivery_initial_delay_secs,
)
.await
}
async fn run_backfill(
config: ApFederationConfig,
base_url: String,
owner_user_id: uuid::Uuid,
follower_inbox_url: String,
max_attempts: u32,
initial_delay: u64,
) -> anyhow::Result<()> {
const BATCH_SIZE: usize = 20;
let data = config.to_request_data();
let local_actor = get_local_actor(owner_user_id, &data)
.await
.map_err(|e| anyhow::anyhow!("{e}"))?;
let inbox = Url::parse(&follower_inbox_url)?;
// Cursor-based pagination via get_local_objects_page (newest-first).
// Avoids loading the entire post history into memory at once.
let mut before: Option<chrono::DateTime<chrono::Utc>> = None;
let (mut success_count, mut failure_count, mut total) = (0usize, 0usize, 0usize);
loop {
let page = data
.content_reader
.get_local_objects_page(owner_user_id, before, BATCH_SIZE)
.await?;
if page.is_empty() {
break;
}
let is_last_page = page.len() < BATCH_SIZE;
// Advance cursor to the oldest timestamp in this page.
before = page.last().map(|(_, _, ts)| *ts);
for (ap_id, object_json, _ts) in &page {
let create_id = Url::parse(&format!(
"{}/activities/create/{}",
base_url,
uuid::Uuid::new_v5(&uuid::Uuid::NAMESPACE_URL, ap_id.as_str().as_bytes())
))?;
let create = CreateActivity {
id: create_id,
kind: Default::default(),
actor: ObjectId::from(local_actor.ap_id.clone()),
object: object_json.clone(),
to: vec![],
cc: vec![],
bto: vec![],
bcc: vec![],
};
let sends = SendActivityTask::prepare(
&WithContext::new_default(create),
&local_actor,
vec![inbox.clone()],
&data,
)
.await?;
total += 1;
if send_with_retry(sends, &data, max_attempts, initial_delay)
.await
.is_empty()
{
success_count += 1;
} else {
failure_count += 1;
}
}
if is_last_page {
break;
}
tokio::time::sleep(std::time::Duration::from_millis(
super::BATCH_FETCH_SLEEP_MS,
))
.await;
}
tracing::info!(
user_id = %owner_user_id,
follower = %follower_inbox_url,
sent = success_count,
failed = failure_count,
total = total,
"backfill complete"
);
Ok(())
}
}

434
src/service/broadcast.rs
View File

@@ -1,434 +0,0 @@
use activitypub_federation::{
fetch::object_id::ObjectId, protocol::context::WithContext, traits::Object,
};
use url::Url;
use crate::{
activities::{
AddActivity, AnnounceActivity, CreateActivity, DeleteActivity, MoveActivity, UndoActivity,
UpdateActivity,
},
actors::get_local_actor,
urls::activity_url,
user::ApVisibility,
};
use super::ActivityPubService;
impl ActivityPubService {
pub async fn broadcast_announce_to_followers(
&self,
local_user_id: uuid::Uuid,
object_ap_id: url::Url,
) -> anyhow::Result<()> {
let announce_id = url::Url::parse(&format!(
"{}/activities/announce/{}",
self.base_url,
uuid::Uuid::new_v5(
&uuid::Uuid::NAMESPACE_URL,
format!("{}/{}", local_user_id, object_ap_id).as_bytes()
),
))
.map_err(|e| anyhow::anyhow!("{e}"))?;
let data = self.federation_config.to_request_data();
let Some((local_actor, inboxes)) =
self.accepted_follower_inboxes(&data, local_user_id).await?
else {
return Ok(());
};
let announce = AnnounceActivity {
id: announce_id,
kind: Default::default(),
actor: ObjectId::from(local_actor.ap_id.clone()),
object: object_ap_id,
published: Some(chrono::Utc::now()),
to: vec![crate::urls::AS_PUBLIC.to_string()],
cc: vec![local_actor.followers_url.to_string()],
};
let (json, sends, inboxes) = self
.prepare_broadcast(&data, &local_actor, inboxes, announce)
.await?;
self.dispatch_deliveries(&data, &local_actor, inboxes, sends, json)
.await
}
pub async fn broadcast_undo_announce_to_followers(
&self,
local_user_id: uuid::Uuid,
object_ap_id: url::Url,
) -> anyhow::Result<()> {
let announce_id = url::Url::parse(&format!(
"{}/activities/announce/{}",
self.base_url,
uuid::Uuid::new_v5(
&uuid::Uuid::NAMESPACE_URL,
format!("{}/{}", local_user_id, object_ap_id).as_bytes()
),
))
.map_err(|e| anyhow::anyhow!("{e}"))?;
let undo_id = activity_url(&self.base_url).map_err(|e| anyhow::anyhow!("{e}"))?;
let data = self.federation_config.to_request_data();
let Some((local_actor, inboxes)) =
self.accepted_follower_inboxes(&data, local_user_id).await?
else {
return Ok(());
};
let undo = UndoActivity {
id: undo_id,
kind: Default::default(),
actor: ObjectId::from(local_actor.ap_id.clone()),
object: serde_json::json!({"type":"Announce","id":announce_id.to_string(),"actor":local_actor.ap_id.to_string(),"object":object_ap_id.to_string()}),
};
let (json, sends, inboxes) = self
.prepare_broadcast(&data, &local_actor, inboxes, undo)
.await?;
self.dispatch_deliveries(&data, &local_actor, inboxes, sends, json)
.await
}
pub async fn broadcast_like_to_inbox(
&self,
liker_user_id: uuid::Uuid,
object_ap_id: url::Url,
author_inbox_url: url::Url,
) -> anyhow::Result<()> {
let data = self.federation_config.to_request_data();
let local_actor = get_local_actor(liker_user_id, &data)
.await
.map_err(|e| anyhow::anyhow!("{e}"))?;
let like_id = url::Url::parse(&format!(
"{}/activities/like/{}",
self.base_url,
uuid::Uuid::new_v5(
&uuid::Uuid::NAMESPACE_URL,
format!("{}/{}", liker_user_id, object_ap_id).as_bytes()
),
))?;
let like = crate::activities::LikeActivity {
id: like_id,
kind: Default::default(),
actor: ObjectId::from(local_actor.ap_id.clone()),
object: object_ap_id,
};
let (json, sends, inboxes) = self
.prepare_broadcast(&data, &local_actor, vec![author_inbox_url], like)
.await?;
self.dispatch_deliveries(&data, &local_actor, inboxes, sends, json)
.await
}
pub async fn broadcast_undo_like_to_inbox(
&self,
liker_user_id: uuid::Uuid,
object_ap_id: url::Url,
author_inbox_url: url::Url,
) -> anyhow::Result<()> {
let data = self.federation_config.to_request_data();
let local_actor = get_local_actor(liker_user_id, &data)
.await
.map_err(|e| anyhow::anyhow!("{e}"))?;
let like_id = url::Url::parse(&format!(
"{}/activities/like/{}",
self.base_url,
uuid::Uuid::new_v5(
&uuid::Uuid::NAMESPACE_URL,
format!("{}/{}", liker_user_id, object_ap_id).as_bytes()
),
))?;
let undo_id = activity_url(&self.base_url).map_err(|e| anyhow::anyhow!("{e}"))?;
let undo = UndoActivity {
id: undo_id,
kind: Default::default(),
actor: ObjectId::from(local_actor.ap_id.clone()),
object: serde_json::json!({"type":"Like","id":like_id.to_string(),"actor":local_actor.ap_id.to_string(),"object":object_ap_id.to_string()}),
};
let (json, sends, inboxes) = self
.prepare_broadcast(&data, &local_actor, vec![author_inbox_url], undo)
.await?;
self.dispatch_deliveries(&data, &local_actor, inboxes, sends, json)
.await
}
pub async fn broadcast_delete_to_followers(
&self,
local_user_id: uuid::Uuid,
ap_id: Url,
) -> anyhow::Result<()> {
let data = self.federation_config.to_request_data();
let Some((local_actor, inboxes)) =
self.accepted_follower_inboxes(&data, local_user_id).await?
else {
return Ok(());
};
let delete = DeleteActivity {
id: activity_url(&self.base_url).map_err(|e| anyhow::anyhow!("{e}"))?,
kind: Default::default(),
actor: ObjectId::from(local_actor.ap_id.clone()),
object: serde_json::json!({"type": "Tombstone", "id": ap_id.to_string()}),
to: vec![crate::urls::AS_PUBLIC.to_string()],
cc: vec![local_actor.followers_url.to_string()],
};
let (json, sends, inboxes) = self
.prepare_broadcast(&data, &local_actor, inboxes, delete)
.await?;
self.dispatch_deliveries(&data, &local_actor, inboxes, sends, json)
.await
}
pub async fn broadcast_add_to_followers(
&self,
local_user_id: uuid::Uuid,
ap_id: Url,
object: serde_json::Value,
) -> anyhow::Result<()> {
let data = self.federation_config.to_request_data();
let Some((local_actor, inboxes)) =
self.accepted_follower_inboxes(&data, local_user_id).await?
else {
return Ok(());
};
let add = AddActivity {
id: ap_id,
kind: Default::default(),
actor: ObjectId::from(local_actor.ap_id.clone()),
object,
to: vec![crate::urls::AS_PUBLIC.to_string()],
cc: vec![local_actor.followers_url.to_string()],
};
let (json, sends, inboxes) = self
.prepare_broadcast(&data, &local_actor, inboxes, add)
.await?;
self.dispatch_deliveries(&data, &local_actor, inboxes, sends, json)
.await
}
pub async fn broadcast_undo_add_to_followers(
&self,
local_user_id: uuid::Uuid,
watchlist_entry_ap_id: Url,
) -> anyhow::Result<()> {
let data = self.federation_config.to_request_data();
let Some((local_actor, inboxes)) =
self.accepted_follower_inboxes(&data, local_user_id).await?
else {
return Ok(());
};
let undo = UndoActivity {
id: activity_url(&self.base_url).map_err(|e| anyhow::anyhow!("{e}"))?,
kind: Default::default(),
actor: ObjectId::from(local_actor.ap_id.clone()),
object: serde_json::json!({"type":"Add","id":watchlist_entry_ap_id.as_str(),"object":{"id":watchlist_entry_ap_id.as_str()}}),
};
let (json, sends, inboxes) = self
.prepare_broadcast(&data, &local_actor, inboxes, undo)
.await?;
self.dispatch_deliveries(&data, &local_actor, inboxes, sends, json)
.await
}
/// Fan out a Create(Note) activity to accepted followers and any explicitly
/// mentioned actors.
///
/// `visibility` controls `to`/`cc` addressing and whether the note is public:
/// - `Public` / `FollowersOnly`: delivered to followers + `mentioned_inboxes`
/// - `Private`: returns immediately — no delivery to anyone
///
/// `mentioned_inboxes` should contain the inbox URLs of remote actors
/// explicitly tagged in the note who are not already followers. Resolve them
/// via [`ActivityPubService::lookup_actor_by_handle`] before calling. Pass an
/// empty `Vec` if there are no external mentions.
pub async fn broadcast_create_note(
&self,
local_user_id: uuid::Uuid,
note: serde_json::Value,
visibility: ApVisibility,
mentioned_inboxes: Vec<Url>,
) -> anyhow::Result<()> {
if visibility == ApVisibility::Private {
return Ok(());
}
let data = self.federation_config.to_request_data();
let local_actor = crate::actors::get_local_actor(local_user_id, &data)
.await
.map_err(|e| anyhow::anyhow!("{e}"))?;
// Merge follower inboxes with explicitly mentioned actor inboxes,
// deduplicating by string to avoid delivering the same inbox twice.
let follower_inboxes = data
.follow_repo
.get_accepted_follower_inboxes(local_user_id)
.await?;
let mut seen = std::collections::HashSet::new();
let mut inboxes: Vec<Url> = follower_inboxes
.into_iter()
.filter_map(|s| Url::parse(&s).ok())
.filter(|u| seen.insert(u.to_string()))
.collect();
for inbox in mentioned_inboxes {
if seen.insert(inbox.to_string()) {
inboxes.push(inbox);
}
}
if inboxes.is_empty() {
return Ok(());
}
let note_id_str = note["id"].as_str().unwrap_or("");
let create_id = Url::parse(&format!(
"{}/activities/create/{}",
self.base_url,
uuid::Uuid::new_v5(&uuid::Uuid::NAMESPACE_URL, note_id_str.as_bytes())
))
.map_err(|e| anyhow::anyhow!("{e}"))?;
let (to, cc) = visibility_addressing(visibility, &local_actor.followers_url);
let create = CreateActivity {
id: create_id,
kind: Default::default(),
actor: ObjectId::from(local_actor.ap_id.clone()),
object: note,
to,
cc,
bto: vec![],
bcc: vec![],
};
let (json, sends, inboxes) = self
.prepare_broadcast(&data, &local_actor, inboxes, create)
.await?;
self.dispatch_deliveries(&data, &local_actor, inboxes, sends, json)
.await
}
/// Fan out an Update(Note) activity to accepted followers and mentioned actors.
/// See [`broadcast_create_note`] for `mentioned_inboxes` semantics.
pub async fn broadcast_update_note(
&self,
local_user_id: uuid::Uuid,
note: serde_json::Value,
visibility: ApVisibility,
mentioned_inboxes: Vec<Url>,
) -> anyhow::Result<()> {
if visibility == ApVisibility::Private {
return Ok(());
}
let data = self.federation_config.to_request_data();
let local_actor = crate::actors::get_local_actor(local_user_id, &data)
.await
.map_err(|e| anyhow::anyhow!("{e}"))?;
let follower_inboxes = data
.follow_repo
.get_accepted_follower_inboxes(local_user_id)
.await?;
let mut seen = std::collections::HashSet::new();
let mut inboxes: Vec<Url> = follower_inboxes
.into_iter()
.filter_map(|s| Url::parse(&s).ok())
.filter(|u| seen.insert(u.to_string()))
.collect();
for inbox in mentioned_inboxes {
if seen.insert(inbox.to_string()) {
inboxes.push(inbox);
}
}
if inboxes.is_empty() {
return Ok(());
}
let (to, cc) = visibility_addressing(visibility, &local_actor.followers_url);
let update = crate::activities::UpdateActivity {
id: activity_url(&self.base_url).map_err(|e| anyhow::anyhow!("{e}"))?,
kind: Default::default(),
actor: ObjectId::from(local_actor.ap_id.clone()),
object: note,
to,
cc,
};
let (json, sends, inboxes) = self
.prepare_broadcast(&data, &local_actor, inboxes, update)
.await?;
self.dispatch_deliveries(&data, &local_actor, inboxes, sends, json)
.await
}
pub async fn broadcast_actor_update(&self, user_id: uuid::Uuid) -> anyhow::Result<()> {
let data = self.federation_config.to_request_data();
let local_actor = get_local_actor(user_id, &data)
.await
.map_err(|e| anyhow::anyhow!("{e}"))?;
let person = local_actor
.clone()
.into_json(&data)
.await
.map_err(|e| anyhow::anyhow!("{e}"))?;
let person_json =
serde_json::to_value(WithContext::new(person, crate::urls::actor_ap_context()))?;
let update_id = Url::parse(&format!(
"{}/activities/update/{}",
self.base_url,
uuid::Uuid::new_v4()
))?;
let update = UpdateActivity {
id: update_id,
kind: Default::default(),
actor: ObjectId::from(local_actor.ap_id.clone()),
object: person_json,
to: vec![crate::urls::AS_PUBLIC.to_string()],
cc: vec![local_actor.followers_url.to_string()],
};
let Some((_, inboxes)) = self.accepted_follower_inboxes(&data, user_id).await? else {
tracing::info!(%user_id, "no accepted followers, skipping actor update broadcast");
return Ok(());
};
tracing::info!(%user_id, inbox_count = inboxes.len(), "broadcasting actor update");
let (json, sends, inboxes) = self
.prepare_broadcast(&data, &local_actor, inboxes, update)
.await?;
self.dispatch_deliveries(&data, &local_actor, inboxes, sends, json)
.await
}
pub async fn broadcast_move(
&self,
user_id: uuid::Uuid,
new_actor_url: url::Url,
) -> anyhow::Result<()> {
let data = self.federation_config.to_request_data();
let local_actor = get_local_actor(user_id, &data)
.await
.map_err(|e| anyhow::anyhow!("{e}"))?;
let Some((_, inboxes)) = self.accepted_follower_inboxes(&data, user_id).await? else {
tracing::info!(%user_id, "broadcast_move: no accepted followers");
return Ok(());
};
let move_activity = MoveActivity {
id: activity_url(&self.base_url).map_err(|e| anyhow::anyhow!("{e}"))?,
kind: Default::default(),
actor: ObjectId::from(local_actor.ap_id.clone()),
object: local_actor.ap_id.clone(),
target: new_actor_url.clone(),
};
let (json, sends, inboxes) = self
.prepare_broadcast(&data, &local_actor, inboxes, move_activity)
.await?;
self.dispatch_deliveries(&data, &local_actor, inboxes, sends, json)
.await?;
tracing::info!(%user_id, target = %new_actor_url, "broadcast_move: dispatched");
Ok(())
}
}
/// Returns `(to, cc)` addressing for the given visibility.
/// `Private` is handled before calling this (early return in broadcast methods).
pub(crate) fn visibility_addressing(
visibility: ApVisibility,
followers_url: &Url,
) -> (Vec<String>, Vec<String>) {
match visibility {
ApVisibility::Public => (
vec![crate::urls::AS_PUBLIC.to_string()],
vec![followers_url.to_string()],
),
ApVisibility::FollowersOnly => (vec![followers_url.to_string()], vec![]),
ApVisibility::Private => (vec![], vec![]),
}
}

194
src/service/delivery.rs
View File

@@ -1,194 +0,0 @@
use std::fmt::Debug;
use activitypub_federation::{activity_sending::SendActivityTask, traits::Activity};
use serde::Serialize;
use url::Url;
use crate::actors::{DbActor, get_local_actor};
use crate::data::{FederationData, FederationEvent};
use crate::error::Error;
use super::ActivityPubService;
pub(crate) async fn send_with_retry(
sends: Vec<SendActivityTask>,
data: &activitypub_federation::config::Data<FederationData>,
max_attempts: u32,
initial_delay_secs: u64,
) -> Vec<anyhow::Error> {
let mut failures = vec![];
for send in sends {
let mut delay = std::time::Duration::from_secs(initial_delay_secs);
for attempt in 1..=max_attempts {
match send.clone().sign_and_send(data).await {
Ok(()) => break,
Err(e) if attempt < max_attempts => {
tracing::warn!(attempt, error = %e, "delivery failed, retrying");
tokio::time::sleep(delay).await;
delay *= 2;
}
Err(e) => {
tracing::error!(attempt, error = %e, "delivery failed permanently");
failures.push(anyhow::anyhow!(e));
}
}
}
}
failures
}
/// Wraps a pre-serialized AP activity JSON for re-signing via `SendActivityTask::prepare`.
/// Used by `deliver_to_inbox` when a consumer re-presents a persisted queue item.
#[derive(Debug)]
struct RawActivity {
id: Url,
actor_url: Url,
value: serde_json::Value,
}
impl Serialize for RawActivity {
fn serialize<S: serde::Serializer>(&self, s: S) -> Result<S::Ok, S::Error> {
self.value.serialize(s)
}
}
#[async_trait::async_trait]
impl Activity for RawActivity {
type DataType = FederationData;
type Error = Error;
fn id(&self) -> &Url {
&self.id
}
fn actor(&self) -> &Url {
&self.actor_url
}
async fn verify(
&self,
_data: &activitypub_federation::config::Data<Self::DataType>,
) -> Result<(), Self::Error> {
Ok(())
}
async fn receive(
self,
_data: &activitypub_federation::config::Data<Self::DataType>,
) -> Result<(), Self::Error> {
Ok(())
}
}
impl ActivityPubService {
/// Route deliveries to the EventPublisher (one DeliveryRequested event per inbox)
/// or fall back to a fire-and-forget tokio::spawn.
/// `pub(crate)` so sibling modules (broadcast.rs, follow.rs) can call it on `self`.
pub(crate) async fn dispatch_deliveries(
&self,
data: &activitypub_federation::config::Data<FederationData>,
local_actor: &DbActor,
inboxes: Vec<Url>,
sends: Vec<SendActivityTask>,
activity_json: serde_json::Value,
) -> anyhow::Result<()> {
if let Some(publisher) = data.event_publisher.as_ref() {
for inbox in inboxes {
let event = FederationEvent::DeliveryRequested {
inbox,
activity: activity_json.clone(),
signing_actor_id: local_actor.user_id,
};
if let Err(e) = publisher.publish(event).await {
tracing::warn!(error = %e, "failed to enqueue DeliveryRequested event");
}
}
} else {
let data = data.clone();
let max_attempts = self.delivery_max_attempts;
let initial_delay = self.delivery_initial_delay_secs;
tokio::spawn(async move {
let failures = send_with_retry(sends, &data, max_attempts, initial_delay).await;
if !failures.is_empty() {
tracing::warn!(count = failures.len(), "some deliveries failed permanently");
}
});
}
Ok(())
}
/// Deliver a single outbound activity to `inbox`.
/// Call from a job-queue consumer processing a `FederationEvent::DeliveryRequested` event.
pub async fn deliver_to_inbox(
&self,
inbox: url::Url,
activity: serde_json::Value,
signing_actor_id: uuid::Uuid,
) -> anyhow::Result<()> {
let data = self.federation_config.to_request_data();
let actor = get_local_actor(signing_actor_id, &data)
.await
.map_err(|e| anyhow::anyhow!("{e}"))?;
let id = activity
.get("id")
.and_then(|v| v.as_str())
.and_then(|s| Url::parse(s).ok())
.unwrap_or_else(|| actor.ap_id.clone());
let actor_url = activity
.get("actor")
.and_then(|v| v.as_str())
.and_then(|s| Url::parse(s).ok())
.unwrap_or_else(|| actor.ap_id.clone());
let raw = RawActivity {
id,
actor_url,
value: activity.clone(),
};
let sends = SendActivityTask::prepare(&raw, &actor, vec![inbox.clone()], &data).await?;
let failures = send_with_retry(
sends,
&data,
self.delivery_max_attempts,
self.delivery_initial_delay_secs,
)
.await;
if failures.is_empty() {
return Ok(());
}
let error_msg = failures
.iter()
.map(|e| e.to_string())
.collect::<Vec<_>>()
.join("; ");
if let Some(publisher) = data.event_publisher.as_ref() {
let _ = publisher
.publish(FederationEvent::DeliveryFailed {
inbox,
activity,
signing_actor_id,
error: error_msg.clone(),
})
.await;
}
Err(anyhow::anyhow!("delivery failed: {}", error_msg))
}
/// Serialize `activity` to JSON and prepare `SendActivityTask` objects.
/// Returns `(activity_json, sends, inboxes)` so both dispatch paths have what they need.
/// `pub(super)` — visible to all child modules of `service` (broadcast.rs, follow.rs, etc.).
pub(super) async fn prepare_broadcast<A>(
&self,
data: &activitypub_federation::config::Data<FederationData>,
local_actor: &DbActor,
inboxes: Vec<Url>,
activity: A,
) -> anyhow::Result<(serde_json::Value, Vec<SendActivityTask>, Vec<Url>)>
where
A: Activity + Serialize + Debug + Send + Sync,
{
let with_ctx =
activitypub_federation::protocol::context::WithContext::new_default(activity);
let activity_json = serde_json::to_value(&with_ctx)?;
let sends =
SendActivityTask::prepare(&with_ctx, local_actor, inboxes.clone(), data).await?;
Ok((activity_json, sends, inboxes))
}
}

422
src/service/follow.rs
View File

@@ -1,422 +0,0 @@
use activitypub_federation::{fetch::object_id::ObjectId, traits::Actor};
use url::Url;
use crate::{
activities::{AcceptActivity, FollowActivity, RejectActivity, UndoActivity},
actors::get_local_actor,
data::FederationData,
repository::{FollowerStatus, FollowingStatus, RemoteActor},
urls::activity_url,
};
use super::ActivityPubService;
impl ActivityPubService {
pub async fn follow(&self, local_user_id: uuid::Uuid, handle: &str) -> anyhow::Result<()> {
let data = self.federation_config.to_request_data();
let normalized = handle.trim_start_matches('@');
let parts: Vec<&str> = normalized.splitn(2, '@').collect();
if parts.len() == 2 && parts[1] == data.domain {
return self.follow_local(local_user_id, parts[0], &data).await;
}
let remote_actor = self.webfinger_https(handle, &data).await?;
let local_actor = get_local_actor(local_user_id, &data)
.await
.map_err(|e| anyhow::anyhow!("{e}"))?;
let follow_id = activity_url(&self.base_url).map_err(|e| anyhow::anyhow!("{e}"))?;
let follow_id_str = follow_id.to_string();
let remote = RemoteActor {
url: remote_actor.ap_id.to_string(),
handle: format!(
"{}@{}",
remote_actor.username,
remote_actor.ap_id.host_str().unwrap_or("")
),
inbox_url: remote_actor.inbox_url.to_string(),
shared_inbox_url: remote_actor
.shared_inbox_url
.as_ref()
.map(|u| u.to_string()),
display_name: Some(remote_actor.username.clone()),
avatar_url: remote_actor.avatar_url.as_ref().map(|u| u.to_string()),
outbox_url: Some(remote_actor.outbox_url.to_string()),
};
// Save BEFORE delivering — prevents lost state on process restart.
data.follow_repo
.add_following(local_user_id, remote, &follow_id_str)
.await?;
let follow = FollowActivity {
id: Url::parse(&follow_id_str)?,
kind: Default::default(),
actor: ObjectId::from(local_actor.ap_id.clone()),
object: ObjectId::from(remote_actor.ap_id.clone()),
};
let (json, sends, inboxes) = self
.prepare_broadcast(&data, &local_actor, vec![remote_actor.inbox()], follow)
.await?;
self.dispatch_deliveries(&data, &local_actor, inboxes, sends, json)
.await
}
pub async fn unfollow(
&self,
local_user_id: uuid::Uuid,
actor_url_str: &str,
) -> anyhow::Result<()> {
let data = self.federation_config.to_request_data();
if actor_url_str.starts_with(&self.base_url) {
return self
.unfollow_local(local_user_id, actor_url_str, &data)
.await;
}
let remote = data
.actor_repo
.get_remote_actor(actor_url_str)
.await?
.ok_or_else(|| anyhow::anyhow!("remote actor not found: {}", actor_url_str))?;
let local_actor = get_local_actor(local_user_id, &data)
.await
.map_err(|e| anyhow::anyhow!("{e}"))?;
let remote_ap_id = Url::parse(actor_url_str)?;
let inbox = Url::parse(&remote.inbox_url)?;
let follow_id = data
.follow_repo
.get_follow_activity_id(local_user_id, actor_url_str)
.await?
.and_then(|id| Url::parse(&id).ok())
.unwrap_or_else(|| {
activity_url(&self.base_url).unwrap_or_else(|_| remote_ap_id.clone())
});
let follow = FollowActivity {
id: follow_id,
kind: Default::default(),
actor: ObjectId::from(local_actor.ap_id.clone()),
object: ObjectId::from(remote_ap_id),
};
let undo = UndoActivity {
id: activity_url(&self.base_url).map_err(|e| anyhow::anyhow!("{e}"))?,
kind: Default::default(),
actor: ObjectId::from(local_actor.ap_id.clone()),
object: serde_json::to_value(&follow).map_err(|e| anyhow::anyhow!("{e}"))?,
};
let (json, sends, inboxes) = self
.prepare_broadcast(&data, &local_actor, vec![inbox], undo)
.await?;
self.dispatch_deliveries(&data, &local_actor, inboxes, sends, json)
.await?;
data.follow_repo
.remove_following(local_user_id, actor_url_str)
.await?;
data.object_handler
.on_actor_removed(&Url::parse(actor_url_str)?)
.await?;
Ok(())
}
pub async fn accept_follower(
&self,
local_user_id: uuid::Uuid,
remote_actor_url: &str,
) -> anyhow::Result<()> {
let data = self.federation_config.to_request_data();
let local_actor = get_local_actor(local_user_id, &data)
.await
.map_err(|e| anyhow::anyhow!("{e}"))?;
let remote_actor = data
.actor_repo
.get_remote_actor(remote_actor_url)
.await?
.ok_or_else(|| anyhow::anyhow!("remote actor not found"))?;
let follow_id_str = data
.follow_repo
.get_follower_follow_activity_id(local_user_id, remote_actor_url)
.await?
.ok_or_else(|| {
anyhow::anyhow!("follow activity id not found for {}", remote_actor_url)
})?;
let follow = FollowActivity {
id: Url::parse(&follow_id_str)?,
kind: Default::default(),
actor: ObjectId::from(Url::parse(remote_actor_url)?),
object: ObjectId::from(local_actor.ap_id.clone()),
};
let accept = AcceptActivity {
id: activity_url(&self.base_url).map_err(|e| anyhow::anyhow!("{e}"))?,
kind: Default::default(),
actor: ObjectId::from(local_actor.ap_id.clone()),
object: follow,
};
data.follow_repo
.update_follower_status(local_user_id, remote_actor_url, FollowerStatus::Accepted)
.await?;
let inbox = Url::parse(&remote_actor.inbox_url)?;
let (json, sends, inboxes) = self
.prepare_broadcast(&data, &local_actor, vec![inbox], accept)
.await?;
self.dispatch_deliveries(&data, &local_actor, inboxes, sends, json)
.await?;
let target_inbox = remote_actor
.shared_inbox_url
.clone()
.unwrap_or_else(|| remote_actor.inbox_url.clone());
self.spawn_backfill(local_user_id, target_inbox);
Ok(())
}
pub async fn reject_follower(
&self,
local_user_id: uuid::Uuid,
remote_actor_url: &str,
) -> anyhow::Result<()> {
let data = self.federation_config.to_request_data();
let local_actor = get_local_actor(local_user_id, &data)
.await
.map_err(|e| anyhow::anyhow!("{e}"))?;
let remote_actor = data
.actor_repo
.get_remote_actor(remote_actor_url)
.await?
.ok_or_else(|| anyhow::anyhow!("remote actor not found"))?;
let follow = FollowActivity {
id: activity_url(&self.base_url).map_err(|e| anyhow::anyhow!("{e}"))?,
kind: Default::default(),
actor: ObjectId::from(Url::parse(remote_actor_url)?),
object: ObjectId::from(local_actor.ap_id.clone()),
};
let reject = RejectActivity {
id: activity_url(&self.base_url).map_err(|e| anyhow::anyhow!("{e}"))?,
kind: Default::default(),
actor: ObjectId::from(local_actor.ap_id.clone()),
object: follow,
};
let inbox = Url::parse(&remote_actor.inbox_url)?;
let (json, sends, inboxes) = self
.prepare_broadcast(&data, &local_actor, vec![inbox], reject)
.await?;
self.dispatch_deliveries(&data, &local_actor, inboxes, sends, json)
.await?;
data.follow_repo
.remove_follower(local_user_id, remote_actor_url)
.await?;
Ok(())
}
pub async fn get_pending_followers(
&self,
local_user_id: uuid::Uuid,
) -> anyhow::Result<Vec<RemoteActor>> {
let data = self.federation_config.to_request_data();
data.follow_repo.get_pending_followers(local_user_id).await
}
/// Returns one page of accepted followers. Prefer this over `get_accepted_followers`
/// for large accounts — the DB does the filtering rather than loading everything.
pub async fn get_accepted_followers_page(
&self,
local_user_id: uuid::Uuid,
offset: u32,
limit: usize,
) -> anyhow::Result<Vec<RemoteActor>> {
let data = self.federation_config.to_request_data();
data.follow_repo
.get_accepted_followers_page(local_user_id, offset, limit)
.await
}
/// Returns ALL accepted followers. For large accounts use `get_accepted_followers_page`.
pub async fn get_accepted_followers(
&self,
local_user_id: uuid::Uuid,
) -> anyhow::Result<Vec<RemoteActor>> {
let data = self.federation_config.to_request_data();
Ok(data
.follow_repo
.get_followers(local_user_id)
.await?
.into_iter()
.filter(|f| f.status == FollowerStatus::Accepted)
.map(|f| f.actor)
.collect())
}
/// Count of accepted followers — DB-side query, no in-memory filtering.
pub async fn count_accepted_followers(
&self,
local_user_id: uuid::Uuid,
) -> anyhow::Result<usize> {
let data = self.federation_config.to_request_data();
data.follow_repo
.count_accepted_followers(local_user_id)
.await
}
pub async fn get_following(
&self,
local_user_id: uuid::Uuid,
) -> anyhow::Result<Vec<RemoteActor>> {
let data = self.federation_config.to_request_data();
data.follow_repo.get_following(local_user_id).await
}
pub async fn count_following(&self, local_user_id: uuid::Uuid) -> anyhow::Result<usize> {
let data = self.federation_config.to_request_data();
data.follow_repo.count_following(local_user_id).await
}
pub async fn remove_follower(
&self,
local_user_id: uuid::Uuid,
actor_url: &str,
) -> anyhow::Result<()> {
let data = self.federation_config.to_request_data();
data.follow_repo
.remove_follower(local_user_id, actor_url)
.await
}
pub async fn block_actor(
&self,
local_user_id: uuid::Uuid,
actor_url: &str,
) -> anyhow::Result<()> {
let data = self.federation_config.to_request_data();
data.blocklist_repo
.add_blocked_actor(local_user_id, actor_url)
.await?;
let _ = data
.follow_repo
.remove_follower(local_user_id, actor_url)
.await;
let _ = data
.follow_repo
.remove_following(local_user_id, actor_url)
.await;
let local_actor = get_local_actor(local_user_id, &data)
.await
.map_err(|e| anyhow::anyhow!("{e}"))?;
if let Ok(Some(remote_actor)) = data.actor_repo.get_remote_actor(actor_url).await {
let block = crate::activities::BlockActivity {
id: activity_url(&self.base_url).map_err(|e| anyhow::anyhow!("{e}"))?,
kind: Default::default(),
actor: ObjectId::from(local_actor.ap_id.clone()),
object: Url::parse(actor_url)?,
};
let inbox = Url::parse(&remote_actor.inbox_url)?;
let (json, sends, inboxes) = self
.prepare_broadcast(&data, &local_actor, vec![inbox], block)
.await?;
self.dispatch_deliveries(&data, &local_actor, inboxes, sends, json)
.await?;
}
Ok(())
}
pub async fn unblock_actor(
&self,
local_user_id: uuid::Uuid,
actor_url: &str,
) -> anyhow::Result<()> {
let data = self.federation_config.to_request_data();
data.blocklist_repo
.remove_blocked_actor(local_user_id, actor_url)
.await
}
pub async fn get_blocked_actors(
&self,
local_user_id: uuid::Uuid,
) -> anyhow::Result<Vec<RemoteActor>> {
let data = self.federation_config.to_request_data();
let actor_urls = data
.blocklist_repo
.get_blocked_actors(local_user_id)
.await?;
let mut actors = Vec::new();
for url in actor_urls {
let actor = match data.actor_repo.get_remote_actor(&url).await {
Ok(Some(a)) => a,
_ => RemoteActor {
url: url.clone(),
handle: url.clone(),
inbox_url: url.clone(),
shared_inbox_url: None,
display_name: None,
avatar_url: None,
outbox_url: None,
},
};
actors.push(actor);
}
Ok(actors)
}
pub(super) async fn follow_local(
&self,
local_user_id: uuid::Uuid,
target_username: &str,
data: &activitypub_federation::config::Data<FederationData>,
) -> anyhow::Result<()> {
let target = data
.user_repo
.find_by_username(target_username)
.await?
.ok_or_else(|| anyhow::anyhow!("user not found: {}", target_username))?;
if target.id == local_user_id {
return Err(anyhow::anyhow!("cannot follow yourself"));
}
let follower_actor_url = crate::urls::actor_url(&self.base_url, local_user_id).to_string();
let target_actor_url = crate::urls::actor_url(&self.base_url, target.id);
let follow_id = activity_url(&self.base_url)
.map_err(|e| anyhow::anyhow!("{e}"))?
.to_string();
data.follow_repo
.add_follower(
target.id,
&follower_actor_url,
FollowerStatus::Accepted,
&follow_id,
)
.await?;
let target_as_remote = RemoteActor {
url: target_actor_url.to_string(),
handle: format!("{}@{}", target.username, data.domain),
inbox_url: format!("{}/inbox", target_actor_url),
shared_inbox_url: None,
display_name: Some(target.username),
avatar_url: None,
outbox_url: None,
};
data.follow_repo
.add_following(local_user_id, target_as_remote, &follow_id)
.await?;
data.follow_repo
.update_following_status(
local_user_id,
target_actor_url.as_ref(),
FollowingStatus::Accepted,
)
.await?;
tracing::info!(follower = %local_user_id, followee = %target.id, "local follow");
Ok(())
}
pub(super) async fn unfollow_local(
&self,
local_user_id: uuid::Uuid,
target_actor_url: &str,
data: &activitypub_federation::config::Data<FederationData>,
) -> anyhow::Result<()> {
let target_url = Url::parse(target_actor_url)?;
let target_user_id = crate::urls::extract_user_id_from_url(&target_url)
.ok_or_else(|| anyhow::anyhow!("invalid local actor URL: {}", target_actor_url))?;
let local_actor_url = crate::urls::actor_url(&self.base_url, local_user_id).to_string();
data.follow_repo
.remove_follower(target_user_id, &local_actor_url)
.await?;
data.follow_repo
.remove_following(local_user_id, target_actor_url)
.await?;
tracing::info!(follower = %local_user_id, followee = %target_user_id, "local unfollow");
Ok(())
}
}

449
src/service/mod.rs
View File

@@ -1,449 +0,0 @@
use std::sync::Arc;
use activitypub_federation::{protocol::context::WithContext, traits::Object};
use axum::{Router, extract::DefaultBodyLimit, routing::get, routing::post};
use url::Url;
use crate::{
actors::{DbActor, get_local_actor},
content::{ApContentReader, ApObjectHandler},
data::FederationData,
featured_handler::featured_handler,
federation::ApFederationConfig,
inbox::inbox_handler,
nodeinfo::{nodeinfo_handler, nodeinfo_well_known_handler},
outbox::outbox_handler,
repository::{
ActivityRepository, ActorRepository, BlockedDomain, BlocklistRepository, FollowRepository,
},
user::ApUserRepository,
webfinger::webfinger_handler,
};
mod backfill;
pub(crate) mod broadcast;
pub(super) mod delivery;
mod follow;
/// Default max delivery retries per inbox (used as the builder default).
pub const DELIVERY_MAX_ATTEMPTS: u32 = 3;
/// Default initial retry backoff in seconds; doubles each attempt.
pub const DELIVERY_INITIAL_DELAY_SECS: u64 = 1;
/// HTTP timeout when fetching remote AP resources.
pub const HTTP_FETCH_TIMEOUT_SECS: u64 = 30;
/// Sleep between backfill send batches.
pub const BATCH_FETCH_SLEEP_MS: u64 = 100;
#[derive(Clone)]
pub struct ActivityPubService {
pub(super) federation_config: ApFederationConfig,
pub(super) base_url: String,
pub(super) delivery_max_attempts: u32,
pub(super) delivery_initial_delay_secs: u64,
}
pub struct ActivityPubServiceBuilder {
activity_repo: Option<Arc<dyn ActivityRepository>>,
follow_repo: Option<Arc<dyn FollowRepository>>,
actor_repo: Option<Arc<dyn ActorRepository>>,
blocklist_repo: Option<Arc<dyn BlocklistRepository>>,
user_repo: Option<Arc<dyn ApUserRepository>>,
content_reader: Option<Arc<dyn ApContentReader>>,
object_handler: Option<Arc<dyn ApObjectHandler>>,
base_url: String,
allow_registration: bool,
software_name: String,
debug: bool,
event_publisher: Option<Arc<dyn crate::data::EventPublisher>>,
delivery_max_attempts: u32,
delivery_initial_delay_secs: u64,
}
impl ActivityPubServiceBuilder {
pub fn activity_repo(mut self, v: Arc<dyn ActivityRepository>) -> Self {
self.activity_repo = Some(v);
self
}
pub fn follow_repo(mut self, v: Arc<dyn FollowRepository>) -> Self {
self.follow_repo = Some(v);
self
}
pub fn actor_repo(mut self, v: Arc<dyn ActorRepository>) -> Self {
self.actor_repo = Some(v);
self
}
pub fn blocklist_repo(mut self, v: Arc<dyn BlocklistRepository>) -> Self {
self.blocklist_repo = Some(v);
self
}
pub fn user_repo(mut self, v: Arc<dyn ApUserRepository>) -> Self {
self.user_repo = Some(v);
self
}
pub fn content_reader(mut self, v: Arc<dyn ApContentReader>) -> Self {
self.content_reader = Some(v);
self
}
pub fn object_handler(mut self, v: Arc<dyn ApObjectHandler>) -> Self {
self.object_handler = Some(v);
self
}
pub fn allow_registration(mut self, v: bool) -> Self {
self.allow_registration = v;
self
}
pub fn software_name(mut self, v: impl Into<String>) -> Self {
self.software_name = v.into();
self
}
pub fn debug(mut self, v: bool) -> Self {
self.debug = v;
self
}
pub fn event_publisher(mut self, v: Arc<dyn crate::data::EventPublisher>) -> Self {
self.event_publisher = Some(v);
self
}
pub fn delivery_max_attempts(mut self, v: u32) -> Self {
self.delivery_max_attempts = v;
self
}
pub fn delivery_initial_delay_secs(mut self, v: u64) -> Self {
self.delivery_initial_delay_secs = v;
self
}
pub async fn build(self) -> anyhow::Result<ActivityPubService> {
let activity_repo = self
.activity_repo
.ok_or_else(|| anyhow::anyhow!("activity_repo required — call .activity_repo(arc)"))?;
let follow_repo = self
.follow_repo
.ok_or_else(|| anyhow::anyhow!("follow_repo required — call .follow_repo(arc)"))?;
let actor_repo = self
.actor_repo
.ok_or_else(|| anyhow::anyhow!("actor_repo required — call .actor_repo(arc)"))?;
let blocklist_repo = self.blocklist_repo.ok_or_else(|| {
anyhow::anyhow!("blocklist_repo required — call .blocklist_repo(arc)")
})?;
let user_repo = self
.user_repo
.ok_or_else(|| anyhow::anyhow!("user_repo required — call .user_repo(arc)"))?;
let content_reader = self.content_reader.ok_or_else(|| {
anyhow::anyhow!("content_reader required — call .content_reader(arc)")
})?;
let object_handler = self.object_handler.ok_or_else(|| {
anyhow::anyhow!("object_handler required — call .object_handler(arc)")
})?;
let data = FederationData::new(
activity_repo,
follow_repo,
actor_repo,
blocklist_repo,
user_repo,
content_reader,
object_handler,
self.base_url.clone(),
self.allow_registration,
self.software_name,
self.event_publisher,
);
let federation_config = ApFederationConfig::new(data, self.debug).await?;
Ok(ActivityPubService {
federation_config,
base_url: self.base_url,
delivery_max_attempts: self.delivery_max_attempts,
delivery_initial_delay_secs: self.delivery_initial_delay_secs,
})
}
}
impl ActivityPubService {
pub fn builder(base_url: impl Into<String>) -> ActivityPubServiceBuilder {
ActivityPubServiceBuilder {
activity_repo: None,
follow_repo: None,
actor_repo: None,
blocklist_repo: None,
user_repo: None,
content_reader: None,
object_handler: None,
base_url: base_url.into(),
allow_registration: false,
software_name: String::new(),
debug: false,
event_publisher: None,
delivery_max_attempts: DELIVERY_MAX_ATTEMPTS,
delivery_initial_delay_secs: DELIVERY_INITIAL_DELAY_SECS,
}
}
pub fn federation_config(&self) -> &ApFederationConfig {
&self.federation_config
}
pub fn request_data(&self) -> activitypub_federation::config::Data<FederationData> {
self.federation_config.to_request_data()
}
pub fn base_url(&self) -> &str {
&self.base_url
}
/// Returns the ActivityPub router.
///
/// Registers only routes that k-ap fully owns:
/// - `POST /inbox` + `POST /users/{id}/inbox` — signature verification + dispatch (1 MB limit)
/// - `GET /users/{id}/outbox` — cursor-paginated OrderedCollection
/// - `GET /users/{id}/featured` — pinned posts OrderedCollection
/// - `GET /.well-known/webfinger`, `GET /.well-known/nodeinfo`, `GET /nodeinfo/2.0`
///
/// **Not registered:** `GET /users/{id}`, `GET /users/{id}/followers`,
/// `GET /users/{id}/following`. Real applications need those paths to serve
/// both AP JSON and their own UI JSON (content negotiation), so they must own
/// the route. Call `actor_json`, `followers_collection_json`, and
/// `following_collection_json` from your own handler to produce the AP response.
pub fn router<S>(&self) -> Router<S>
where
S: Clone + Send + Sync + 'static,
{
Router::new()
.route("/.well-known/nodeinfo", get(nodeinfo_well_known_handler))
.route("/nodeinfo/2.0", get(nodeinfo_handler))
.route("/.well-known/webfinger", get(webfinger_handler))
.route(
"/inbox",
post(inbox_handler).layer(DefaultBodyLimit::max(1024 * 1024)),
)
.route(
"/users/{id}/inbox",
post(inbox_handler).layer(DefaultBodyLimit::max(1024 * 1024)),
)
.route("/users/{id}/outbox", get(outbox_handler))
.route("/users/{id}/featured", get(featured_handler))
.layer(self.federation_config.middleware())
}
pub async fn actor_json(&self, user_id_str: &str) -> anyhow::Result<String> {
let uuid = uuid::Uuid::parse_str(user_id_str)?;
let data = self.federation_config.to_request_data();
let actor = get_local_actor(uuid, &data)
.await
.map_err(|e| anyhow::anyhow!("{e}"))?;
let person = actor
.into_json(&data)
.await
.map_err(|e| anyhow::anyhow!("{e}"))?;
Ok(serde_json::to_string(&WithContext::new(
person,
crate::urls::actor_ap_context(),
))?)
}
pub async fn followers_collection_json(
&self,
user_id: uuid::Uuid,
page: Option<u32>,
) -> anyhow::Result<String> {
const AP_CONTEXT: &str = "https://www.w3.org/ns/activitystreams";
const PAGE_SIZE: usize = 20;
let data = self.federation_config.to_request_data();
let collection_id = format!("{}/users/{}/followers", self.base_url, user_id);
let total = data.follow_repo.count_followers(user_id).await?;
let obj = if let Some(p) = page {
let p = p.max(1);
let offset = (p.saturating_sub(1) as usize) * PAGE_SIZE;
let followers = data
.follow_repo
.get_followers_page(user_id, offset as u32, PAGE_SIZE)
.await?;
let has_next = offset + followers.len() < total;
let items: Vec<String> = followers.into_iter().map(|f| f.actor.url).collect();
let mut obj = serde_json::json!({"@context":AP_CONTEXT,"type":"OrderedCollectionPage","id":format!("{}?page={}",collection_id,p),"partOf":collection_id,"totalItems":total,"orderedItems":items});
if has_next {
obj["next"] = serde_json::json!(format!("{}?page={}", collection_id, p + 1));
}
obj
} else {
serde_json::json!({"@context":AP_CONTEXT,"type":"OrderedCollection","id":collection_id,"totalItems":total,"first":format!("{}?page=1",collection_id)})
};
Ok(serde_json::to_string(&obj)?)
}
pub async fn following_collection_json(
&self,
user_id: uuid::Uuid,
page: Option<u32>,
) -> anyhow::Result<String> {
const AP_CONTEXT: &str = "https://www.w3.org/ns/activitystreams";
const PAGE_SIZE: usize = 20;
let data = self.federation_config.to_request_data();
let collection_id = format!("{}/users/{}/following", self.base_url, user_id);
let total = data.follow_repo.count_following(user_id).await?;
let obj = if let Some(p) = page {
let p = p.max(1);
let offset = (p.saturating_sub(1) as usize) * PAGE_SIZE;
let following = data
.follow_repo
.get_following_page(user_id, offset as u32, PAGE_SIZE)
.await?;
let has_next = offset + following.len() < total;
let items: Vec<String> = following.into_iter().map(|a| a.url).collect();
let mut obj = serde_json::json!({"@context":AP_CONTEXT,"type":"OrderedCollectionPage","id":format!("{}?page={}",collection_id,p),"partOf":collection_id,"totalItems":total,"orderedItems":items});
if has_next {
obj["next"] = serde_json::json!(format!("{}?page={}", collection_id, p + 1));
}
obj
} else {
serde_json::json!({"@context":AP_CONTEXT,"type":"OrderedCollection","id":collection_id,"totalItems":total,"first":format!("{}?page=1",collection_id)})
};
Ok(serde_json::to_string(&obj)?)
}
pub async fn mark_follower_accepted(
&self,
user_id: uuid::Uuid,
actor_url: &str,
) -> anyhow::Result<()> {
let data = self.federation_config.to_request_data();
data.follow_repo
.update_follower_status(
user_id,
actor_url,
crate::repository::FollowerStatus::Accepted,
)
.await
.map_err(|e| anyhow::anyhow!("{e}"))
}
pub async fn mark_follower_rejected(
&self,
user_id: uuid::Uuid,
actor_url: &str,
) -> anyhow::Result<()> {
let data = self.federation_config.to_request_data();
data.follow_repo
.remove_follower(user_id, actor_url)
.await
.map_err(|e| anyhow::anyhow!("{e}"))
}
pub async fn lookup_actor_by_handle(
&self,
handle: &str,
) -> anyhow::Result<crate::user::LookedUpActor> {
tracing::info!(handle, "looking up remote actor");
let data = self.federation_config.to_request_data();
let actor = self
.webfinger_https(handle, &data)
.await
.inspect_err(|e| tracing::warn!(handle, error = %e, "actor lookup failed"))?;
let domain = actor.ap_id.host_str().unwrap_or("").to_string();
tracing::info!(handle = format!("{}@{}", actor.username, domain), ap_url = %actor.ap_id, "remote actor resolved");
Ok(crate::user::LookedUpActor {
handle: format!("{}@{}", actor.username, domain),
display_name: actor.display_name,
bio: actor.bio,
avatar_url: actor.avatar_url,
banner_url: actor.banner_url,
ap_url: actor.ap_id,
outbox_url: Some(actor.outbox_url),
followers_url: Some(actor.followers_url),
following_url: Some(actor.following_url),
also_known_as: actor.also_known_as,
profile_url: actor.profile_url,
attachment: actor.attachment,
})
}
pub async fn add_blocked_domain(
&self,
domain: &str,
reason: Option<&str>,
) -> anyhow::Result<()> {
let data = self.federation_config.to_request_data();
data.blocklist_repo.add_blocked_domain(domain, reason).await
}
pub async fn remove_blocked_domain(&self, domain: &str) -> anyhow::Result<()> {
let data = self.federation_config.to_request_data();
data.blocklist_repo.remove_blocked_domain(domain).await
}
pub async fn get_blocked_domains(&self) -> anyhow::Result<Vec<BlockedDomain>> {
let data = self.federation_config.to_request_data();
data.blocklist_repo.get_blocked_domains().await
}
// ── Private helpers (accessible to child modules via Rust's privacy rules) ─
async fn accepted_follower_inboxes(
&self,
data: &activitypub_federation::config::Data<FederationData>,
local_user_id: uuid::Uuid,
) -> anyhow::Result<Option<(DbActor, Vec<Url>)>> {
let local_actor = get_local_actor(local_user_id, data)
.await
.map_err(|e| anyhow::anyhow!("{e}"))?;
let inbox_strs = data
.follow_repo
.get_accepted_follower_inboxes(local_user_id)
.await?;
if inbox_strs.is_empty() {
return Ok(None);
}
let inboxes: Vec<Url> = inbox_strs.into_iter().filter_map(|s| {
Url::parse(&s).map_err(|e| tracing::warn!(inbox = %s, error = %e, "skipping unparseable inbox URL")).ok()
}).collect();
if inboxes.is_empty() {
return Ok(None);
}
Ok(Some((local_actor, inboxes)))
}
async fn webfinger_https(
&self,
handle: &str,
data: &activitypub_federation::config::Data<FederationData>,
) -> anyhow::Result<DbActor> {
let normalized = handle.trim_start_matches('@');
let at = normalized
.rfind('@')
.ok_or_else(|| anyhow::anyhow!("handle must be user@domain"))?;
let (user, domain_str) = (&normalized[..at], &normalized[at + 1..]);
let wf_url = format!(
"https://{}/.well-known/webfinger?resource=acct:{}@{}",
domain_str, user, domain_str
);
tracing::debug!(handle, wf_url, "resolving webfinger");
let wf: serde_json::Value = reqwest::Client::new()
.get(&wf_url)
.header("Accept", "application/jrd+json, application/json")
.send()
.await?
.json()
.await?;
let self_href = wf["links"]
.as_array()
.and_then(|links| {
links.iter().find(|l| {
l["rel"].as_str() == Some("self")
&& l["type"].as_str() == Some("application/activity+json")
})
})
.and_then(|l| l["href"].as_str())
.ok_or_else(|| anyhow::anyhow!("no self link in WebFinger response"))?
.to_owned();
tracing::debug!(handle, self_href, "webfinger resolved, fetching actor");
let actor: DbActor =
activitypub_federation::fetch::object_id::ObjectId::from(url::Url::parse(&self_href)?)
.dereference(data)
.await
.map_err(|e| anyhow::anyhow!("{e}"))?;
Ok(actor)
}
}
#[cfg(test)]
mod tests {
// Inbox deduplication and broadcast filtering are now tested via repository
// integration tests in the consuming crate. See get_accepted_follower_inboxes.
}

1213
src/tests/activities.rs
View File

File diff suppressed because it is too large Load Diff

103
src/tests/actors.rs
View File

@@ -1,7 +1,5 @@
use super::*; use super::*;
// ── Person AP JSON serialization ──────────────────────────────────────────────
#[test] #[test]
fn person_serializes_with_enriched_fields() { fn person_serializes_with_enriched_fields() {
let person = Person { let person = Person {
@@ -12,10 +10,10 @@ fn person_serializes_with_enriched_fields() {
.into(), .into(),
preferred_username: "alice".to_string(), preferred_username: "alice".to_string(),
inbox: "https://example.com/users/1/inbox".parse().unwrap(), inbox: "https://example.com/users/1/inbox".parse().unwrap(),
outbox: Some("https://example.com/users/1/outbox".parse().unwrap()), outbox: "https://example.com/users/1/outbox".parse().unwrap(),
followers: Some("https://example.com/users/1/followers".parse().unwrap()), followers: "https://example.com/users/1/followers".parse().unwrap(),
following: Some("https://example.com/users/1/following".parse().unwrap()), following: "https://example.com/users/1/following".parse().unwrap(),
public_key: activitypub_federation::protocol::public_key::PublicKey { public_key: PublicKey {
id: "https://example.com/users/1#main-key".to_string(), id: "https://example.com/users/1#main-key".to_string(),
owner: "https://example.com/users/1".parse().unwrap(), owner: "https://example.com/users/1".parse().unwrap(),
public_key_pem: "pem".to_string(), public_key_pem: "pem".to_string(),
@@ -29,14 +27,13 @@ fn person_serializes_with_enriched_fields() {
url: Some("https://example.com/u/alice".parse().unwrap()), url: Some("https://example.com/u/alice".parse().unwrap()),
discoverable: Some(true), discoverable: Some(true),
manually_approves_followers: true, manually_approves_followers: true,
updated: Some(chrono::Utc::now()), updated: Some(Utc::now()),
endpoints: Some(Endpoints { endpoints: Some(Endpoints {
shared_inbox: "https://example.com/inbox".parse().unwrap(), shared_inbox: "https://example.com/inbox".parse().unwrap(),
}), }),
image: None, image: None,
also_known_as: vec![], also_known_as: vec![],
attachment: vec![], attachment: vec![],
featured: Some("https://example.com/users/1/featured".parse().unwrap()),
}; };
let json = serde_json::to_value(&person).unwrap(); let json = serde_json::to_value(&person).unwrap();
assert_eq!(json["discoverable"], true); assert_eq!(json["discoverable"], true);
@@ -49,94 +46,4 @@ fn person_serializes_with_enriched_fields() {
json["endpoints"]["sharedInbox"], json["endpoints"]["sharedInbox"],
"https://example.com/inbox" "https://example.com/inbox"
); );
assert_eq!(json["featured"], "https://example.com/users/1/featured");
}
#[test]
fn person_actor_type_service_serializes_correctly() {
let mut person = minimal_person();
person.kind = crate::user::ApActorType::Service;
let json = serde_json::to_value(&person).unwrap();
assert_eq!(json["type"], "Service");
}
#[test]
fn person_discoverable_false_serializes() {
let mut person = minimal_person();
person.discoverable = Some(false);
let json = serde_json::to_value(&person).unwrap();
assert_eq!(json["discoverable"], false);
}
#[test]
fn person_also_known_as_serializes_as_array() {
let mut person = minimal_person();
person.also_known_as = vec![
"https://old.example/users/alice".to_string(),
"https://other.example/users/alice".to_string(),
];
let json = serde_json::to_value(&person).unwrap();
assert!(
json["alsoKnownAs"].is_array(),
"alsoKnownAs must serialize as a JSON array"
);
assert_eq!(json["alsoKnownAs"].as_array().unwrap().len(), 2);
}
#[test]
fn person_omits_optional_fields_when_none() {
let person = minimal_person();
let json = serde_json::to_value(&person).unwrap();
assert!(
json.get("summary").is_none(),
"null summary should be omitted"
);
assert!(json.get("icon").is_none(), "null icon should be omitted");
assert!(
json.get("featured").is_none(),
"null featured should be omitted"
);
assert!(json.get("url").is_none(), "null url should be omitted");
}
#[test]
fn person_featured_omitted_when_none() {
let mut person = minimal_person();
person.featured = None;
let json = serde_json::to_value(&person).unwrap();
assert!(json.get("featured").is_none());
}
// ── helper ────────────────────────────────────────────────────────────────────
fn minimal_person() -> Person {
Person {
kind: Default::default(),
id: "https://example.com/users/1"
.parse::<url::Url>()
.unwrap()
.into(),
preferred_username: "alice".to_string(),
inbox: "https://example.com/users/1/inbox".parse().unwrap(),
outbox: None,
followers: None,
following: None,
public_key: activitypub_federation::protocol::public_key::PublicKey {
id: "https://example.com/users/1#main-key".to_string(),
owner: "https://example.com/users/1".parse().unwrap(),
public_key_pem: "pem".to_string(),
},
name: None,
summary: None,
icon: None,
url: None,
discoverable: None,
manually_approves_followers: false,
updated: None,
endpoints: None,
image: None,
also_known_as: vec![],
attachment: vec![],
featured: None,
}
} }

57
src/tests/broadcast.rs
View File

@@ -1,57 +0,0 @@
/// Tests for broadcast addressing logic (visibility → to/cc fields).
use url::Url;
use crate::service::broadcast::visibility_addressing;
use crate::urls::AS_PUBLIC;
use crate::user::ApVisibility;
fn followers_url() -> Url {
"https://example.com/users/alice/followers".parse().unwrap()
}
#[test]
fn public_visibility_addresses_public_and_followers() {
let (to, cc) = visibility_addressing(ApVisibility::Public, &followers_url());
assert_eq!(to, vec![AS_PUBLIC.to_string()]);
assert_eq!(cc, vec![followers_url().to_string()]);
}
#[test]
fn followers_only_visibility_addresses_followers_only() {
let (to, cc) = visibility_addressing(ApVisibility::FollowersOnly, &followers_url());
assert_eq!(to, vec![followers_url().to_string()]);
assert!(
cc.is_empty(),
"FollowersOnly must not include AS_PUBLIC in cc"
);
}
#[test]
fn followers_only_excludes_as_public() {
let (to, cc) = visibility_addressing(ApVisibility::FollowersOnly, &followers_url());
assert!(
!to.contains(&AS_PUBLIC.to_string()),
"FollowersOnly must not include AS_PUBLIC in to"
);
assert!(
!cc.contains(&AS_PUBLIC.to_string()),
"FollowersOnly must not include AS_PUBLIC in cc"
);
}
#[test]
fn private_visibility_produces_empty_addressing() {
let (to, cc) = visibility_addressing(ApVisibility::Private, &followers_url());
assert!(to.is_empty());
assert!(cc.is_empty());
}
#[test]
fn public_and_followers_only_differ_in_to() {
let (pub_to, _) = visibility_addressing(ApVisibility::Public, &followers_url());
let (fo_to, _) = visibility_addressing(ApVisibility::FollowersOnly, &followers_url());
assert_ne!(
pub_to, fo_to,
"Public and FollowersOnly must produce different to fields"
);
}

494
src/tests/integration.rs
View File

@@ -1,494 +0,0 @@
// src/tests/integration.rs
/// Integration tests with in-memory trait stubs.
use std::collections::{HashMap, HashSet};
use std::sync::Arc;
use async_trait::async_trait;
use chrono::{DateTime, Utc};
use tokio::sync::Mutex;
use url::Url;
use crate::content::{ApContentReader, ApObjectHandler};
use crate::data::FederationData;
use crate::repository::{
ActivityRepository, ActorRepository, BlockedDomain, BlocklistRepository, FollowRepository,
Follower, FollowerStatus, FollowingStatus, RemoteActor,
};
use crate::user::{ApActorType, ApUser, ApUserRepository};
// ── ActivityRepository ────────────────────────────────────────────────────────
#[derive(Default)]
struct MemActivityRepo {
processed: Mutex<HashSet<String>>,
}
#[async_trait]
impl ActivityRepository for MemActivityRepo {
async fn is_activity_processed(&self, id: &str) -> anyhow::Result<bool> {
Ok(self.processed.lock().await.contains(id))
}
async fn mark_activity_processed(&self, id: &str) -> anyhow::Result<()> {
self.processed.lock().await.insert(id.to_string());
Ok(())
}
}
// ── FollowRepository ──────────────────────────────────────────────────────────
#[derive(Default)]
struct MemFollowRepo;
#[async_trait]
impl FollowRepository for MemFollowRepo {
async fn add_follower(
&self,
_: uuid::Uuid,
_: &str,
_: FollowerStatus,
_: &str,
) -> anyhow::Result<()> {
Ok(())
}
async fn get_follower_follow_activity_id(
&self,
_: uuid::Uuid,
_: &str,
) -> anyhow::Result<Option<String>> {
Ok(None)
}
async fn remove_follower(&self, _: uuid::Uuid, _: &str) -> anyhow::Result<()> {
Ok(())
}
async fn get_followers(&self, _: uuid::Uuid) -> anyhow::Result<Vec<Follower>> {
Ok(vec![])
}
async fn get_followers_page(
&self,
_: uuid::Uuid,
_: u32,
_: usize,
) -> anyhow::Result<Vec<Follower>> {
Ok(vec![])
}
async fn count_followers(&self, _: uuid::Uuid) -> anyhow::Result<usize> {
Ok(0)
}
async fn update_follower_status(
&self,
_: uuid::Uuid,
_: &str,
_: FollowerStatus,
) -> anyhow::Result<()> {
Ok(())
}
async fn get_pending_followers(&self, _: uuid::Uuid) -> anyhow::Result<Vec<RemoteActor>> {
Ok(vec![])
}
async fn get_accepted_follower_inboxes(&self, _: uuid::Uuid) -> anyhow::Result<Vec<String>> {
Ok(vec![])
}
async fn count_accepted_followers(&self, _: uuid::Uuid) -> anyhow::Result<usize> {
Ok(0)
}
async fn get_accepted_followers_page(
&self,
_: uuid::Uuid,
_: u32,
_: usize,
) -> anyhow::Result<Vec<RemoteActor>> {
Ok(vec![])
}
async fn add_following(&self, _: uuid::Uuid, _: RemoteActor, _: &str) -> anyhow::Result<()> {
Ok(())
}
async fn get_follow_activity_id(
&self,
_: uuid::Uuid,
_: &str,
) -> anyhow::Result<Option<String>> {
Ok(None)
}
async fn remove_following(&self, _: uuid::Uuid, _: &str) -> anyhow::Result<()> {
Ok(())
}
async fn get_following(&self, _: uuid::Uuid) -> anyhow::Result<Vec<RemoteActor>> {
Ok(vec![])
}
async fn get_following_page(
&self,
_: uuid::Uuid,
_: u32,
_: usize,
) -> anyhow::Result<Vec<RemoteActor>> {
Ok(vec![])
}
async fn count_following(&self, _: uuid::Uuid) -> anyhow::Result<usize> {
Ok(0)
}
async fn update_following_status(
&self,
_: uuid::Uuid,
_: &str,
_: FollowingStatus,
) -> anyhow::Result<()> {
Ok(())
}
async fn get_following_outbox_url(
&self,
_: uuid::Uuid,
_: &str,
) -> anyhow::Result<Option<String>> {
Ok(None)
}
async fn migrate_follower_actor(&self, _: &str, _: &str) -> anyhow::Result<Vec<uuid::Uuid>> {
Ok(vec![])
}
}
// ── ActorRepository ───────────────────────────────────────────────────────────
#[derive(Default)]
struct MemActorRepo;
#[async_trait]
impl ActorRepository for MemActorRepo {
async fn get_local_actor_keypair(
&self,
_: uuid::Uuid,
) -> anyhow::Result<Option<(String, String)>> {
Ok(None)
}
async fn save_local_actor_keypair(
&self,
_: uuid::Uuid,
_: String,
_: String,
) -> anyhow::Result<()> {
Ok(())
}
async fn upsert_remote_actor(&self, _: RemoteActor) -> anyhow::Result<()> {
Ok(())
}
async fn get_remote_actor(&self, _: &str) -> anyhow::Result<Option<RemoteActor>> {
Ok(None)
}
async fn add_announce(
&self,
_: &str,
_: &str,
_: &str,
_: DateTime<Utc>,
) -> anyhow::Result<()> {
Ok(())
}
async fn remove_announce(&self, _: &str, _: &str) -> anyhow::Result<()> {
Ok(())
}
async fn count_announces(&self, _: &str) -> anyhow::Result<usize> {
Ok(0)
}
}
// ── BlocklistRepository ───────────────────────────────────────────────────────
struct MemBlocklistRepo {
blocked_domains: Mutex<HashSet<String>>,
}
impl MemBlocklistRepo {
fn with_blocked_domains(domains: impl IntoIterator<Item = String>) -> Self {
Self {
blocked_domains: Mutex::new(domains.into_iter().collect()),
}
}
}
impl Default for MemBlocklistRepo {
fn default() -> Self {
Self {
blocked_domains: Mutex::new(HashSet::new()),
}
}
}
#[async_trait]
impl BlocklistRepository for MemBlocklistRepo {
async fn add_blocked_domain(&self, domain: &str, _: Option<&str>) -> anyhow::Result<()> {
self.blocked_domains.lock().await.insert(domain.to_string());
Ok(())
}
async fn remove_blocked_domain(&self, domain: &str) -> anyhow::Result<()> {
self.blocked_domains.lock().await.remove(domain);
Ok(())
}
async fn get_blocked_domains(&self) -> anyhow::Result<Vec<BlockedDomain>> {
Ok(vec![])
}
async fn is_domain_blocked(&self, domain: &str) -> anyhow::Result<bool> {
Ok(self.blocked_domains.lock().await.contains(domain))
}
async fn add_blocked_actor(&self, _: uuid::Uuid, _: &str) -> anyhow::Result<()> {
Ok(())
}
async fn remove_blocked_actor(&self, _: uuid::Uuid, _: &str) -> anyhow::Result<()> {
Ok(())
}
async fn get_blocked_actors(&self, _: uuid::Uuid) -> anyhow::Result<Vec<String>> {
Ok(vec![])
}
async fn is_actor_blocked(&self, _: uuid::Uuid, _: &str) -> anyhow::Result<bool> {
Ok(false)
}
}
// ── ApUserRepository ──────────────────────────────────────────────────────────
struct MemUserRepo {
users: HashMap<uuid::Uuid, ApUser>,
}
impl MemUserRepo {
fn with_user(id: uuid::Uuid, username: &str) -> Self {
let mut users = HashMap::new();
users.insert(
id,
ApUser {
id,
username: username.to_string(),
display_name: None,
bio: None,
avatar_url: None,
banner_url: None,
also_known_as: vec![],
profile_url: None,
attachment: vec![],
manually_approves_followers: true,
discoverable: true,
actor_type: ApActorType::Person,
featured_url: None,
},
);
Self { users }
}
}
#[async_trait]
impl ApUserRepository for MemUserRepo {
async fn find_by_id(&self, id: uuid::Uuid) -> anyhow::Result<Option<ApUser>> {
Ok(self.users.get(&id).cloned())
}
async fn find_by_username(&self, username: &str) -> anyhow::Result<Option<ApUser>> {
Ok(self
.users
.values()
.find(|u| u.username == username)
.cloned())
}
async fn count_users(&self) -> anyhow::Result<usize> {
Ok(self.users.len())
}
}
// ── ApContentReader ───────────────────────────────────────────────────────────
#[derive(Default)]
struct MemContentReader;
#[async_trait]
impl ApContentReader for MemContentReader {
async fn get_local_objects_page(
&self,
_: uuid::Uuid,
_: Option<DateTime<Utc>>,
_: usize,
) -> anyhow::Result<Vec<(Url, serde_json::Value, DateTime<Utc>)>> {
Ok(vec![])
}
async fn count_local_posts(&self) -> anyhow::Result<u64> {
Ok(0)
}
}
// ── ApObjectHandler ───────────────────────────────────────────────────────────
#[derive(Default)]
struct MemHandler {
creates: Mutex<Vec<Url>>,
mentions: Mutex<Vec<(Url, uuid::Uuid)>>,
}
#[async_trait]
impl ApObjectHandler for MemHandler {
async fn on_create(&self, ap_id: &Url, _: &Url, _: serde_json::Value) -> anyhow::Result<()> {
self.creates.lock().await.push(ap_id.clone());
Ok(())
}
async fn on_update(&self, _: &Url, _: &Url, _: serde_json::Value) -> anyhow::Result<()> {
Ok(())
}
async fn on_delete(&self, _: &Url, _: &Url) -> anyhow::Result<()> {
Ok(())
}
async fn on_actor_removed(&self, _: &Url) -> anyhow::Result<()> {
Ok(())
}
async fn on_like(&self, _: &Url, _: &Url) -> anyhow::Result<()> {
Ok(())
}
async fn on_unlike(&self, _: &Url, _: &Url) -> anyhow::Result<()> {
Ok(())
}
async fn on_announce_received(&self, _: &Url, _: &Url) -> anyhow::Result<()> {
Ok(())
}
async fn on_announce_of_remote(&self, _: &Url, _: &Url) -> anyhow::Result<()> {
Ok(())
}
async fn on_mention(&self, ap_id: &Url, user_id: uuid::Uuid, _: &Url) -> anyhow::Result<()> {
self.mentions.lock().await.push((ap_id.clone(), user_id));
Ok(())
}
}
// ── Helper ────────────────────────────────────────────────────────────────────
fn make_data(
activity_repo: Arc<MemActivityRepo>,
follow_repo: Arc<MemFollowRepo>,
actor_repo: Arc<MemActorRepo>,
blocklist_repo: Arc<MemBlocklistRepo>,
user_repo: Arc<MemUserRepo>,
content_reader: Arc<MemContentReader>,
handler: Arc<MemHandler>,
) -> FederationData {
FederationData::new(
activity_repo,
follow_repo,
actor_repo,
blocklist_repo,
user_repo,
content_reader,
handler,
"https://example.com".to_string(),
false,
"test".to_string(),
None,
)
}
// ── Tests ─────────────────────────────────────────────────────────────────────
#[tokio::test]
async fn check_guards_idempotency() {
use crate::activities::helpers::check_guards;
use activitypub_federation::config::FederationConfig;
let activity_repo = Arc::new(MemActivityRepo::default());
let data_inner = make_data(
activity_repo,
Arc::new(MemFollowRepo),
Arc::new(MemActorRepo),
Arc::new(MemBlocklistRepo::default()),
Arc::new(MemUserRepo::with_user(uuid::Uuid::new_v4(), "alice")),
Arc::new(MemContentReader),
Arc::new(MemHandler::default()),
);
let config = FederationConfig::builder()
.domain("example.com")
.app_data(data_inner)
.debug(true)
.build()
.await
.unwrap();
let data = config.to_request_data();
let activity_id: Url = "https://remote.example/activities/abc123".parse().unwrap();
let actor: Url = "https://remote.example/users/bob".parse().unwrap();
let skip = check_guards(&activity_id, &actor, &data).await.unwrap();
assert!(!skip, "first delivery should not be skipped");
let skip = check_guards(&activity_id, &actor, &data).await.unwrap();
assert!(skip, "duplicate delivery should be skipped");
let other_id: Url = "https://remote.example/activities/xyz999".parse().unwrap();
let skip = check_guards(&other_id, &actor, &data).await.unwrap();
assert!(!skip, "different activity should not be skipped");
}
#[tokio::test]
async fn check_guards_blocks_domain() {
use crate::activities::helpers::check_guards;
use activitypub_federation::config::FederationConfig;
let blocklist_repo = Arc::new(MemBlocklistRepo::with_blocked_domains([
"spam.example".to_string()
]));
let data_inner = make_data(
Arc::new(MemActivityRepo::default()),
Arc::new(MemFollowRepo),
Arc::new(MemActorRepo),
blocklist_repo,
Arc::new(MemUserRepo::with_user(uuid::Uuid::new_v4(), "alice")),
Arc::new(MemContentReader),
Arc::new(MemHandler::default()),
);
let config = FederationConfig::builder()
.domain("example.com")
.app_data(data_inner)
.debug(true)
.build()
.await
.unwrap();
let data = config.to_request_data();
let activity_id: Url = "https://spam.example/activities/1".parse().unwrap();
let actor: Url = "https://spam.example/users/evil".parse().unwrap();
let skip = check_guards(&activity_id, &actor, &data).await.unwrap();
assert!(skip, "activity from blocked domain should be skipped");
}
#[tokio::test]
async fn extract_and_dispatch_mentions_notifies_local_users() {
use crate::activities::helpers::extract_and_dispatch_mentions;
use activitypub_federation::config::FederationConfig;
let local_user_id = uuid::Uuid::new_v4();
let handler = Arc::new(MemHandler::default());
let data_inner = make_data(
Arc::new(MemActivityRepo::default()),
Arc::new(MemFollowRepo),
Arc::new(MemActorRepo),
Arc::new(MemBlocklistRepo::default()),
Arc::new(MemUserRepo::with_user(local_user_id, "alice")),
Arc::new(MemContentReader),
handler.clone(),
);
let config = FederationConfig::builder()
.domain("example.com")
.app_data(data_inner)
.debug(true)
.build()
.await
.unwrap();
let data = config.to_request_data();
let ap_id: Url = "https://remote.example/notes/1".parse().unwrap();
let actor_url: Url = "https://remote.example/users/bob".parse().unwrap();
let local_user_url = format!("https://example.com/users/{}", local_user_id);
let object = serde_json::json!({
"type": "Note",
"id": ap_id.as_str(),
"content": "Hello @alice",
"tag": [{"type": "Mention", "href": local_user_url}]
});
extract_and_dispatch_mentions(&ap_id, &actor_url, &object, &data).await;
let mentions = handler.mentions.lock().await;
assert_eq!(mentions.len(), 1);
assert_eq!(mentions[0].0, ap_id);
assert_eq!(mentions[0].1, local_user_id);
}

48
src/tests/service.rs
View File

@@ -1,3 +1,45 @@
// Inbox deduplication (shared_inbox preference, blocked-actor/domain filtering) use super::*;
// is now enforced by the repository implementation via `get_accepted_follower_inboxes`. use crate::repository::{Follower, FollowerStatus, RemoteActor};
// Integration tests for broadcast delivery live in the consuming crate's test suite.
fn make_follower(inbox: &str, shared: Option<&str>) -> Follower {
Follower {
actor: RemoteActor {
url: format!("https://remote/{}", inbox),
handle: "user".to_string(),
inbox_url: inbox.to_string(),
shared_inbox_url: shared.map(|s| s.to_string()),
display_name: None,
avatar_url: None,
outbox_url: None,
},
status: FollowerStatus::Accepted,
}
}
#[test]
fn collect_inboxes_deduplicates_shared() {
let followers = vec![
make_follower(
"https://mastodon.social/users/a/inbox",
Some("https://mastodon.social/inbox"),
),
make_follower(
"https://mastodon.social/users/b/inbox",
Some("https://mastodon.social/inbox"),
),
make_follower("https://other.instance/users/c/inbox", None),
];
let inboxes = collect_inboxes(&followers);
assert_eq!(inboxes.len(), 2);
let strs: Vec<_> = inboxes.iter().map(|u| u.as_str()).collect();
assert!(strs.contains(&"https://mastodon.social/inbox"));
assert!(strs.contains(&"https://other.instance/users/c/inbox"));
}
#[test]
fn collect_inboxes_falls_back_to_individual_inbox() {
let followers = vec![make_follower("https://example.com/users/x/inbox", None)];
let inboxes = collect_inboxes(&followers);
assert_eq!(inboxes.len(), 1);
assert_eq!(inboxes[0].as_str(), "https://example.com/users/x/inbox");
}

18
src/urls.rs
View File

@@ -6,24 +6,6 @@ pub const AS_PUBLIC: &str = "https://www.w3.org/ns/activitystreams#Public";
pub const AP_CONTEXT: &str = "https://www.w3.org/ns/activitystreams"; pub const AP_CONTEXT: &str = "https://www.w3.org/ns/activitystreams";
pub const AP_PAGE_SIZE: usize = 20; pub const AP_PAGE_SIZE: usize = 20;
/// Returns the `@context` array for actor AP JSON.
/// Includes the W3C security vocabulary (needed for `publicKey` resolution)
/// and common Mastodon/Toot extensions (`discoverable`, `featured`, etc.).
/// Activities use `WithContext::new_default` (plain AS context) — only actor
/// JSON needs the security vocab.
pub fn actor_ap_context() -> serde_json::Value {
serde_json::json!([
"https://www.w3.org/ns/activitystreams",
"https://w3id.org/security/v1",
{
"manuallyApprovesFollowers": "as:manuallyApprovesFollowers",
"toot": "http://joinmastodon.org/ns#",
"discoverable": "toot:discoverable",
"featured": {"@id": "toot:featured", "@type": "@id"}
}
])
}
pub fn extract_user_id_from_url(url: &Url) -> Option<uuid::Uuid> { pub fn extract_user_id_from_url(url: &Url) -> Option<uuid::Uuid> {
let path = url.path(); let path = url.path();
path.strip_prefix("/users/") path.strip_prefix("/users/")

60
src/user.rs
View File

@@ -1,5 +1,4 @@
use async_trait::async_trait; use async_trait::async_trait;
use serde::{Deserialize, Serialize};
use url::Url; use url::Url;
#[derive(Debug, Clone)] #[derive(Debug, Clone)]
@@ -8,73 +7,16 @@ pub struct ApProfileField {
pub value: String, pub value: String,
} }
/// Visibility of a federated post.
///
/// Controls the `to`/`cc` addressing fields of outbound Create/Update activities
/// and whether the library fans the activity out to followers at all.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Default)]
pub enum ApVisibility {
/// `to: [AS_PUBLIC], cc: [followers]` — fully public, indexable by search engines.
#[default]
Public,
/// `to: [followers], cc: []` — only followers receive it, not indexed publicly.
FollowersOnly,
/// No federation delivery. The library returns immediately without sending anything.
/// Use when the post should exist only on the local instance.
Private,
}
/// Actor type for AP serialization. Defaults to `Person`.
#[derive(Debug, Clone, Serialize, Deserialize, Default)]
pub enum ApActorType {
#[default]
Person,
Service,
Application,
Organization,
Group,
}
/// Resolved actor data returned by [`crate::service::ActivityPubService::lookup_actor_by_handle`].
/// Fetched via a signed HTTP request so strict instances (e.g. Threads) return full data.
#[derive(Debug, Clone)]
pub struct LookedUpActor {
pub handle: String,
pub display_name: Option<String>,
pub bio: Option<String>,
pub avatar_url: Option<Url>,
pub banner_url: Option<Url>,
pub ap_url: Url,
pub outbox_url: Option<Url>,
pub followers_url: Option<Url>,
pub following_url: Option<Url>,
pub also_known_as: Vec<String>,
pub profile_url: Option<Url>,
pub attachment: Vec<ApProfileField>,
}
#[derive(Debug, Clone)] #[derive(Debug, Clone)]
pub struct ApUser { pub struct ApUser {
pub id: uuid::Uuid, pub id: uuid::Uuid,
pub username: String, pub username: String,
pub display_name: Option<String>,
pub bio: Option<String>, pub bio: Option<String>,
pub avatar_url: Option<Url>, pub avatar_url: Option<Url>,
pub banner_url: Option<Url>, pub banner_url: Option<Url>,
pub also_known_as: Vec<String>, pub also_known_as: Option<String>,
pub profile_url: Option<Url>, pub profile_url: Option<Url>,
pub attachment: Vec<ApProfileField>, pub attachment: Vec<ApProfileField>,
/// If true, incoming Follow requests must be manually approved before the
/// actor is listed as `manuallyApprovesFollowers=true` in AP JSON.
pub manually_approves_followers: bool,
/// Whether this actor should appear in AP directory listings.
/// Serialized as `discoverable` in actor JSON. Defaults to `true`.
pub discoverable: bool,
/// AP actor type serialized in the actor JSON. Defaults to `Person`.
pub actor_type: ApActorType,
/// URL of the `featured` (pinned posts) collection. Set to expose a pinned
/// posts collection in the actor JSON, compatible with Mastodon/Pleroma.
pub featured_url: Option<Url>,
} }
#[async_trait] #[async_trait]

43
src/webfinger.rs
View File

@@ -1,10 +1,13 @@
use activitypub_federation::{config::Data, fetch::webfinger::extract_webfinger_name}; use activitypub_federation::{
config::Data,
fetch::webfinger::{Webfinger, build_webfinger_response, extract_webfinger_name},
};
use axum::{ use axum::{
extract::Query, extract::Query,
http::header, http::header,
response::{IntoResponse, Response}, response::{IntoResponse, Response},
}; };
use serde::{Deserialize, Serialize}; use serde::Deserialize;
use crate::data::FederationData; use crate::data::FederationData;
use crate::error::Error; use crate::error::Error;
@@ -14,23 +17,6 @@ pub struct WebfingerQuery {
resource: String, resource: String,
} }
#[derive(Serialize)]
struct WebfingerLink {
rel: String,
#[serde(rename = "type", skip_serializing_if = "Option::is_none")]
kind: Option<String>,
#[serde(skip_serializing_if = "Option::is_none")]
href: Option<String>,
}
#[derive(Serialize)]
struct WebfingerResponse {
subject: String,
/// Canonical URIs for the same account (acct: URI + AP actor URL).
aliases: Vec<String>,
links: Vec<WebfingerLink>,
}
pub async fn webfinger_handler( pub async fn webfinger_handler(
Query(query): Query<WebfingerQuery>, Query(query): Query<WebfingerQuery>,
data: Data<FederationData>, data: Data<FederationData>,
@@ -45,25 +31,8 @@ pub async fn webfinger_handler(
.ok_or_else(|| Error::not_found(anyhow::anyhow!("user not found")))?; .ok_or_else(|| Error::not_found(anyhow::anyhow!("user not found")))?;
let ap_id = crate::urls::actor_url(&data.base_url, user.id); let ap_id = crate::urls::actor_url(&data.base_url, user.id);
let acct_uri = format!("acct:{}@{}", user.username, data.domain);
let wf = WebfingerResponse {
subject: query.resource.clone(),
aliases: vec![acct_uri, ap_id.to_string()],
links: vec![
WebfingerLink {
rel: "http://webfinger.net/rel/profile-page".to_string(),
kind: Some("text/html".to_string()),
href: Some(ap_id.to_string()),
},
WebfingerLink {
rel: "self".to_string(),
kind: Some("application/activity+json".to_string()),
href: Some(ap_id.to_string()),
},
],
};
let wf: Webfinger = build_webfinger_response(query.resource, ap_id);
let body = serde_json::to_string(&wf).map_err(|e| Error::from(anyhow::anyhow!(e)))?; let body = serde_json::to_string(&wf).map_err(|e| Error::from(anyhow::anyhow!(e)))?;
Ok(([(header::CONTENT_TYPE, "application/jrd+json")], body).into_response()) Ok(([(header::CONTENT_TYPE, "application/jrd+json")], body).into_response())
} }