forked from gitea/gitea
activitypub: add the public key to Person (#14186)
Refs: https://github.com/go-gitea/gitea/issues/14186 Signed-off-by: Loïc Dachary <loic@dachary.org>
This commit is contained in:
parent
4951af4d99
commit
678a56fbf8
|
@ -13,6 +13,7 @@ import (
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"code.gitea.io/gitea/modules/setting"
|
"code.gitea.io/gitea/modules/setting"
|
||||||
|
"github.com/go-fed/activity/pub"
|
||||||
"github.com/go-fed/activity/streams"
|
"github.com/go-fed/activity/streams"
|
||||||
"github.com/go-fed/activity/streams/vocab"
|
"github.com/go-fed/activity/streams/vocab"
|
||||||
|
|
||||||
|
@ -22,8 +23,10 @@ import (
|
||||||
func TestActivityPubPerson(t *testing.T) {
|
func TestActivityPubPerson(t *testing.T) {
|
||||||
onGiteaRun(t, func(*testing.T, *url.URL) {
|
onGiteaRun(t, func(*testing.T, *url.URL) {
|
||||||
setting.Federation.Enabled = true
|
setting.Federation.Enabled = true
|
||||||
|
setting.Database.LogSQL = true
|
||||||
defer func() {
|
defer func() {
|
||||||
setting.Federation.Enabled = false
|
setting.Federation.Enabled = false
|
||||||
|
setting.Database.LogSQL = false
|
||||||
}()
|
}()
|
||||||
|
|
||||||
username := "user2"
|
username := "user2"
|
||||||
|
@ -41,11 +44,41 @@ func TestActivityPubPerson(t *testing.T) {
|
||||||
ctx := context.Background()
|
ctx := context.Background()
|
||||||
err := resolver.Resolve(ctx, m)
|
err := resolver.Resolve(ctx, m)
|
||||||
assert.Equal(t, err, nil)
|
assert.Equal(t, err, nil)
|
||||||
assert.Equal(t, person.GetTypeName(), "Person")
|
assert.Equal(t, "Person", person.GetTypeName())
|
||||||
assert.Equal(t, person.GetActivityStreamsName().Begin().GetXMLSchemaString(), username)
|
assert.Equal(t, username, person.GetActivityStreamsName().Begin().GetXMLSchemaString())
|
||||||
assert.Regexp(t, fmt.Sprintf("activitypub/user/%s$", username), person.GetJSONLDId().GetIRI().String())
|
keyId := person.GetJSONLDId().GetIRI().String()
|
||||||
|
assert.Regexp(t, fmt.Sprintf("activitypub/user/%s$", username), keyId)
|
||||||
assert.Regexp(t, fmt.Sprintf("activitypub/user/%s/outbox$", username), person.GetActivityStreamsOutbox().GetIRI().String())
|
assert.Regexp(t, fmt.Sprintf("activitypub/user/%s/outbox$", username), person.GetActivityStreamsOutbox().GetIRI().String())
|
||||||
assert.Regexp(t, fmt.Sprintf("activitypub/user/%s/inbox$", username), person.GetActivityStreamsInbox().GetIRI().String())
|
assert.Regexp(t, fmt.Sprintf("activitypub/user/%s/inbox$", username), person.GetActivityStreamsInbox().GetIRI().String())
|
||||||
|
|
||||||
|
pkp := person.GetW3IDSecurityV1PublicKey()
|
||||||
|
publicKeyId := keyId + "/#main-key"
|
||||||
|
var pkpFound vocab.W3IDSecurityV1PublicKey
|
||||||
|
for pkpIter := pkp.Begin(); pkpIter != pkp.End(); pkpIter = pkpIter.Next() {
|
||||||
|
if !pkpIter.IsW3IDSecurityV1PublicKey() {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
pkValue := pkpIter.Get()
|
||||||
|
var pkId *url.URL
|
||||||
|
pkId, err = pub.GetId(pkValue)
|
||||||
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
assert.Equal(t, pkId.String(), publicKeyId)
|
||||||
|
if pkId.String() != publicKeyId {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
pkpFound = pkValue
|
||||||
|
break
|
||||||
|
}
|
||||||
|
assert.NotNil(t, pkpFound)
|
||||||
|
|
||||||
|
pkPemProp := pkpFound.GetW3IDSecurityV1PublicKeyPem()
|
||||||
|
assert.NotNil(t, pkPemProp)
|
||||||
|
assert.True(t, pkPemProp.IsXMLSchemaString())
|
||||||
|
|
||||||
|
pubKeyPem := pkPemProp.Get()
|
||||||
|
assert.Regexp(t, "^-----BEGIN PUBLIC KEY-----", pubKeyPem)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -9,12 +9,38 @@ import (
|
||||||
"net/url"
|
"net/url"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
|
"code.gitea.io/gitea/models"
|
||||||
|
"code.gitea.io/gitea/modules/activitypub"
|
||||||
"code.gitea.io/gitea/modules/context"
|
"code.gitea.io/gitea/modules/context"
|
||||||
"code.gitea.io/gitea/modules/setting"
|
"code.gitea.io/gitea/modules/setting"
|
||||||
"code.gitea.io/gitea/routers/api/v1/user"
|
"code.gitea.io/gitea/routers/api/v1/user"
|
||||||
"github.com/go-fed/activity/streams"
|
"github.com/go-fed/activity/streams"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// hack waiting on https://github.com/go-gitea/gitea/pull/16834
|
||||||
|
func GetPublicKey(user *models.User) (string, error) {
|
||||||
|
if settings, err := models.GetUserSetting(user.ID, []string{"activitypub_pubPem"}); err != nil {
|
||||||
|
return "", err
|
||||||
|
} else if len(settings) == 0 {
|
||||||
|
if priv, pub, err := activitypub.GenerateKeyPair(); err != nil {
|
||||||
|
return "", err
|
||||||
|
} else {
|
||||||
|
privPem := &models.UserSetting{UserID: user.ID, Name: "activitypub_privPem", Value: priv}
|
||||||
|
if err := models.SetUserSetting(privPem); err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
pubPem := &models.UserSetting{UserID: user.ID, Name: "activitypub_pubPem", Value: pub}
|
||||||
|
if err := models.SetUserSetting(pubPem); err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
return pubPem.Value, nil
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
return settings[0].Value, nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// NodeInfo returns the NodeInfo for the Gitea instance to allow for federation
|
||||||
func Person(ctx *context.APIContext) {
|
func Person(ctx *context.APIContext) {
|
||||||
// swagger:operation GET /activitypub/user/{username} information
|
// swagger:operation GET /activitypub/user/{username} information
|
||||||
// ---
|
// ---
|
||||||
|
@ -31,15 +57,15 @@ func Person(ctx *context.APIContext) {
|
||||||
// "200":
|
// "200":
|
||||||
// "$ref": "#/responses/ActivityPub"
|
// "$ref": "#/responses/ActivityPub"
|
||||||
|
|
||||||
user.GetUserByParamsName(ctx, "username")
|
user := user.GetUserByParamsName(ctx, "username")
|
||||||
username := ctx.Params("username")
|
username := ctx.Params("username")
|
||||||
|
|
||||||
person := streams.NewActivityStreamsPerson()
|
person := streams.NewActivityStreamsPerson()
|
||||||
|
|
||||||
id := streams.NewJSONLDIdProperty()
|
id := streams.NewJSONLDIdProperty()
|
||||||
link := strings.TrimSuffix(setting.AppURL, "/") + strings.TrimSuffix(ctx.Req.URL.EscapedPath(), "/")
|
link := strings.TrimSuffix(setting.AppURL, "/") + strings.TrimSuffix(ctx.Req.URL.EscapedPath(), "/")
|
||||||
url_object, _ := url.Parse(link)
|
idIRI, _ := url.Parse(link)
|
||||||
id.SetIRI(url_object)
|
id.SetIRI(idIRI)
|
||||||
person.SetJSONLDId(id)
|
person.SetJSONLDId(id)
|
||||||
|
|
||||||
name := streams.NewActivityStreamsNameProperty()
|
name := streams.NewActivityStreamsNameProperty()
|
||||||
|
@ -47,7 +73,7 @@ func Person(ctx *context.APIContext) {
|
||||||
person.SetActivityStreamsName(name)
|
person.SetActivityStreamsName(name)
|
||||||
|
|
||||||
ibox := streams.NewActivityStreamsInboxProperty()
|
ibox := streams.NewActivityStreamsInboxProperty()
|
||||||
url_object, _ = url.Parse(link + "/inbox")
|
url_object, _ := url.Parse(link + "/inbox")
|
||||||
ibox.SetIRI(url_object)
|
ibox.SetIRI(url_object)
|
||||||
person.SetActivityStreamsInbox(ibox)
|
person.SetActivityStreamsInbox(ibox)
|
||||||
|
|
||||||
|
@ -56,6 +82,30 @@ func Person(ctx *context.APIContext) {
|
||||||
obox.SetIRI(url_object)
|
obox.SetIRI(url_object)
|
||||||
person.SetActivityStreamsOutbox(obox)
|
person.SetActivityStreamsOutbox(obox)
|
||||||
|
|
||||||
|
publicKeyProp := streams.NewW3IDSecurityV1PublicKeyProperty()
|
||||||
|
|
||||||
|
publicKeyType := streams.NewW3IDSecurityV1PublicKey()
|
||||||
|
|
||||||
|
pubKeyIdProp := streams.NewJSONLDIdProperty()
|
||||||
|
pubKeyIRI, _ := url.Parse(link + "/#main-key")
|
||||||
|
pubKeyIdProp.SetIRI(pubKeyIRI)
|
||||||
|
publicKeyType.SetJSONLDId(pubKeyIdProp)
|
||||||
|
|
||||||
|
ownerProp := streams.NewW3IDSecurityV1OwnerProperty()
|
||||||
|
ownerProp.SetIRI(idIRI)
|
||||||
|
publicKeyType.SetW3IDSecurityV1Owner(ownerProp)
|
||||||
|
|
||||||
|
publicKeyPemProp := streams.NewW3IDSecurityV1PublicKeyPemProperty()
|
||||||
|
if publicKeyPem, err := GetPublicKey(user); err != nil {
|
||||||
|
ctx.Error(http.StatusInternalServerError, "GetPublicKey", err)
|
||||||
|
} else {
|
||||||
|
publicKeyPemProp.Set(publicKeyPem)
|
||||||
|
}
|
||||||
|
publicKeyType.SetW3IDSecurityV1PublicKeyPem(publicKeyPemProp)
|
||||||
|
|
||||||
|
publicKeyProp.AppendW3IDSecurityV1PublicKey(publicKeyType)
|
||||||
|
person.SetW3IDSecurityV1PublicKey(publicKeyProp)
|
||||||
|
|
||||||
var jsonmap map[string]interface{}
|
var jsonmap map[string]interface{}
|
||||||
jsonmap, _ = streams.Serialize(person)
|
jsonmap, _ = streams.Serialize(person)
|
||||||
ctx.JSON(http.StatusOK, jsonmap)
|
ctx.JSON(http.StatusOK, jsonmap)
|
||||||
|
|
Loading…
Reference in New Issue