libervia-backend: libervia/backend/plugins/plugin_comp_ap_gateway/http

comparison libervia/backend/plugins/plugin_comp_ap_gateway/http_server.py @ 4259:49019947cc76

component AP Gateway: implement HTTP GET signature.

author	Goffi <goffi@goffi.org>
date	Wed, 05 Jun 2024 22:34:09 +0200
parents	5f2d496c633f
children	0d7bb4df2343

comparison

equal deleted inserted replaced

-:ba28ca268f4a
+:49019947cc76
 request.write(json.dumps(resp).encode())
 request.finish()
 async def handle_undo_activity(
 self,
+requestor_actor_id: str,
 request: "HTTPRequest",
 data: dict,
 account_jid: jid.JID,
 node: Optional[str],
 ap_account: str,
 ap_url: str,
 signing_actor: str
 ) -> None:
 if node is None:
 node = self.apg._m.namespace
-client = await self.apg.get_virtual_client(signing_actor)
+client = await self.apg.get_virtual_client(requestor_actor_id, signing_actor)
 object_ = data.get("object")
 if isinstance(object_, str):
 # we check first if it's not a cached object
 ap_cache_key = f"{ST_AP_CACHE}{object_}"
 value = await self.apg.client._ap_storage.get(ap_cache_key)
 if value is not None:
 objects = [value]
 # because we'll undo the activity, we can remove it from cache
 await self.apg.client._ap_storage.remove(ap_cache_key)
 else:
-objects = await self.apg.ap_get_list(data, "object")
+objects = await self.apg.ap_get_list(requestor_actor_id, data, "object")
 for obj in objects:
 type_ = obj.get("type")
-actor = await self.apg.ap_get_sender_actor(obj)
+actor = await self.apg.ap_get_sender_actor(requestor_actor_id, obj)
 if actor != signing_actor:
 log.warning(f"ignoring object not attributed to signing actor: {data}")
 continue
 if type_ == "Follow":
 else:
 log.warning(f"Unmanaged undo type: {type_!r}")
 async def handle_follow_activity(
 self,
+requestor_actor_id: str,
 request: "HTTPRequest",
 data: dict,
 account_jid: jid.JID,
 node: Optional[str],
 ap_account: str,
 ap_url: str,
 signing_actor: str
 ) -> None:
 if node is None:
 node = self.apg._m.namespace
-client = await self.apg.get_virtual_client(signing_actor)
+client = await self.apg.get_virtual_client(requestor_actor_id, signing_actor)
 try:
 subscription = await self.apg._p.subscribe(
 client,
 account_jid,
 node,
 await self.apg.sign_and_post(inbox, actor_id, accept_data)
 await self.apg._c.synchronise(client, account_jid, node, resync=False)
 async def handle_accept_activity(
 self,
+requestor_actor_id: str,
 request: "HTTPRequest",
 data: dict,
 account_jid: jid.JID,
 node: Optional[str],
 ap_account: str,
 ap_url: str,
 signing_actor: str
 ) -> None:
 if node is None:
 node = self.apg._m.namespace
-client = await self.apg.get_virtual_client(signing_actor)
+client = await self.apg.get_virtual_client(requestor_actor_id, signing_actor)
-objects = await self.apg.ap_get_list(data, "object")
+objects = await self.apg.ap_get_list(requestor_actor_id, data, "object")
 for obj in objects:
 type_ = obj.get("type")
 if type_ == "Follow":
 follow_node = await self.apg.host.memory.storage.get_pubsub_node(
 client, client.jid, node, with_subscriptions=True
 else:
 log.warning(f"Unmanaged accept type: {type_!r}")
 async def handle_delete_activity(
 self,
+requestor_actor_id: str,
 request: "HTTPRequest",
 data: dict,
 account_jid: Optional[jid.JID],
 node: Optional[str],
 ap_account: Optional[str],
 ap_url: str,
 signing_actor: str
 ):
 if node is None:
 node = self.apg._m.namespace
-client = await self.apg.get_virtual_client(signing_actor)
+client = await self.apg.get_virtual_client(requestor_actor_id, signing_actor)
-objects = await self.apg.ap_get_list(data, "object")
+objects = await self.apg.ap_get_list(requestor_actor_id, data, "object")
 for obj in objects:
 await self.apg.new_ap_delete_item(client, account_jid, node, obj)
 async def handle_new_ap_items(
 self,
+requestor_actor_id: str,
 request: "HTTPRequest",
 data: dict,
 account_jid: Optional[jid.JID],
 node: Optional[str],
 signing_actor: str,
 log.error(
 '"_repeated" field already present in given AP item, this should not '
 f"happen. Ignoring object from {signing_actor}\n{data}"
 )
 raise exceptions.DataError("unexpected field in item")
-client = await self.apg.get_virtual_client(signing_actor)
+client = await self.apg.get_virtual_client(requestor_actor_id, signing_actor)
-objects = await self.apg.ap_get_list(data, "object")
+objects = await self.apg.ap_get_list(requestor_actor_id, data, "object")
 for obj in objects:
 if node is None:
 if obj.get("type") == TYPE_EVENT:
 node = self.apg._events.namespace
 else:
 node = self.apg._m.namespace
-sender = await self.apg.ap_get_sender_actor(obj)
+sender = await self.apg.ap_get_sender_actor(requestor_actor_id, obj)
 if repeated:
 # we don't check sender when item is repeated, as it should be different
 # from post author in this case
-sender_jid = await self.apg.get_jid_from_id(sender)
+sender_jid = await self.apg.get_jid_from_id(
-repeater_jid = await self.apg.get_jid_from_id(signing_actor)
+requestor_actor_id,
+sender
+)
+repeater_jid = await self.apg.get_jid_from_id(
+requestor_actor_id,
+signing_actor
+)
 repeated_item_id = obj["id"]
 if self.apg.is_local_url(repeated_item_id):
 # the repeated object is from XMPP, we need to parse the URL to find
 # the right ID
 url_type, url_args = self.apg.parse_apurl(repeated_item_id)
 await self.apg.new_ap_item(client, account_jid, node, obj)
 async def handle_create_activity(
 self,
+requestor_actor_id: str,
 request: "HTTPRequest",
 data: dict,
 account_jid: Optional[jid.JID],
 node: Optional[str],
 ap_account: Optional[str],
 ap_url: str,
 signing_actor: str
 ):
-await self.handle_new_ap_items(request, data, account_jid, node, signing_actor)
+await self.handle_new_ap_items(
+requestor_actor_id, request, data, account_jid, node, signing_actor
+)
 async def handle_update_activity(
 self,
+requestor_actor_id: str,
 request: "HTTPRequest",
 data: dict,
 account_jid: Optional[jid.JID],
 node: Optional[str],
 ap_account: Optional[str],
 ap_url: str,
 signing_actor: str
 ):
 # Update is the same as create: the item ID stays the same, thus the item will be
 # overwritten
-await self.handle_new_ap_items(request, data, account_jid, node, signing_actor)
+await self.handle_new_ap_items(
+requestor_actor_id, request, data, account_jid, node, signing_actor
+)
 async def handle_announce_activity(
 self,
+requestor_actor_id: str,
 request: "HTTPRequest",
 data: dict,
 account_jid: Optional[jid.JID],
 node: Optional[str],
 ap_account: Optional[str],
 ap_url: str,
 signing_actor: str
 ):
 # we create a new item
 await self.handle_new_ap_items(
+requestor_actor_id,
 request,
 data,
 account_jid,
 node,
 signing_actor,
 client, author_jid, attachment_node, [item_elt]
 )
 async def handle_like_activity(
 self,
+requestor_actor_id: str,
 request: "HTTPRequest",
 data: dict,
 account_jid: Optional[jid.JID],
 node: Optional[str],
 ap_account: Optional[str],
 ap_url: str,
 signing_actor: str
 ) -> None:
-client = await self.apg.get_virtual_client(signing_actor)
+client = await self.apg.get_virtual_client(requestor_actor_id, signing_actor)
 await self.handle_attachment_item(client, data, {"noticed": True})
 async def handle_emojireact_activity(
 self,
+requestor_actor_id: str,
 request: "HTTPRequest",
 data: dict,
 account_jid: Optional[jid.JID],
 node: Optional[str],
 ap_account: Optional[str],
 ap_url: str,
 signing_actor: str
 ) -> None:
-client = await self.apg.get_virtual_client(signing_actor)
+client = await self.apg.get_virtual_client(requestor_actor_id, signing_actor)
 await self.handle_attachment_item(client, data, {
 "reactions": {"operation": "update", "add": [data["content"]]}
 })
 async def handle_join_activity(
 self,
+requestor_actor_id: str,
 request: "HTTPRequest",
 data: dict,
 account_jid: Optional[jid.JID],
 node: Optional[str],
 ap_account: Optional[str],
 ap_url: str,
 signing_actor: str
 ) -> None:
-client = await self.apg.get_virtual_client(signing_actor)
+client = await self.apg.get_virtual_client(requestor_actor_id, signing_actor)
 await self.handle_attachment_item(client, data, {"rsvp": {"attending": "yes"}})
 async def handle_leave_activity(
 self,
+requestor_actor_id: str,
 request: "HTTPRequest",
 data: dict,
 account_jid: Optional[jid.JID],
 node: Optional[str],
 ap_account: Optional[str],
 ap_url: str,
 signing_actor: str
 ) -> None:
-client = await self.apg.get_virtual_client(signing_actor)
+client = await self.apg.get_virtual_client(requestor_actor_id, signing_actor)
 await self.handle_attachment_item(client, data, {"rsvp": {"attending": "no"}})
 async def ap_actor_request(
 self,
 request: "HTTPRequest",
 "last": url_last_page,
 }
 async def ap_inbox_request(
 self,
+requestor_actor_id: str,
 request: "HTTPRequest",
 data: Optional[dict],
 account_jid: Optional[jid.JID],
 node: Optional[str],
 ap_account: Optional[str],
 signing_actor: Optional[str]
 ) -> None:
 assert data is not None
 if signing_actor is None:
 raise exceptions.InternalError("signing_actor must be set for inbox requests")
-await self.check_signing_actor(data, signing_actor)
+await self.check_signing_actor(requestor_actor_id, data, signing_actor)
 activity_type = (data.get("type") or "").lower()
 if not activity_type in ACTIVITY_TYPES_LOWER:
 return self.response_code(
 request,
 http.UNSUPPORTED_MEDIA_TYPE,
 http.UNSUPPORTED_MEDIA_TYPE,
 f"{activity_type.title()} activity is not yet supported"
 )
 else:
 await method(
-request, data, account_jid, node, ap_account, ap_url, signing_actor
+requestor_actor_id, request, data, account_jid, node, ap_account, ap_url,
+signing_actor
 )
 async def ap_followers_request(
 self,
 request: "HTTPRequest",
 for k,v in request.getAllHeaders().items()
 )
 to_log.append(f"  headers:\n{headers}")
 return to_log
+def get_requestor_actor_id(
+self,
+data: dict|None = None,
+uri_extra_args: list[str]|None = None
+) -> str:
+"""Find the actor ID of the requestor.
+The requestor here is actually the local actor which will do the requests to
+achieve the task (e.g. retrieve external actor data), not the requestor of the
+received AP request.
+It will notably be used as requestor actor ID to sign HTTP requests. We need to
+sign GET request too to access instance checking HTTP GET signature (e.g. Mastodon
+instances set in "secure mode").
+We look for the destinee of the request and check if it's a local actor, and
+default to a generic one if we can't find it.
+Destinee is first checked in data if any, otherwise in request URI.
+@param data: parsed JSON data of original AP request, if any.
+@param uri_extra_args: arguments of the AP request as returned by
+[self.apg.parse_apurl]. It is most of time the destinee of the request.
+@return: requestor_actor_id to use to sign HTTP request needed to answer the
+original request.
+"""
+# We first check for destinee in data.
+if data:
+try:
+for to_ in data["to"]:
+if self.apg.is_local_url(to_):
+url_type, url_args = self.apg.parse_apurl(to_)
+if url_type != TYPE_ACTOR or not url_args:
+continue
+ap_account = url_args[0]
+if (
+not ap_account.endswith(f"@{self.apg.public_url}")
+or ap_account.count("@") != 1
+):
+continue
+return to_
+except KeyError:
+pass
+# If nothing relevant, we try URI arguments.
+if uri_extra_args:
+ap_account = uri_extra_args[0]
+if (
+ap_account.endswith(f"@{self.apg.public_url}")
+and ap_account.count("@") == 1
+):
+return self.apg.build_apurl(TYPE_ACTOR, ap_account)
+# Still nothing, we'll have to use a generic actor.
+log.warning(
+"Can't find destinee in \"to\" field, using generic requestor for signature."
+)
+return self.apg.build_apurl(
+TYPE_ACTOR, f"libervia@{self.apg.public_url}"
+)
 async def ap_request(
 self,
 request: "HTTPRequest",
-data: Optional[dict] = None,
+data: dict|None = None,
-signing_actor: Optional[str] = None
+signing_actor: str|None = None,
+requestor_actor_id: str|None = None,
 ) -> None:
 if self.apg.verbose:
 to_log = self._get_to_log(request, data)
 path = request.path.decode()
 ap_url = parse.urljoin(
 f"https://{self.apg.public_url}",
 path
 )
 request_type, extra_args = self.apg.parse_apurl(ap_url)
 header_accept = request.getHeader("accept") or ""
 if ((MEDIA_TYPE_AP not in header_accept
 and MEDIA_TYPE_AP_ALT not in header_accept
 and request_type in self.apg.html_redirect)):
 # this is not a AP request, and we have a redirections for it
 content = web_util.redirectTo(target_url.encode(), request)
 request.write(content)
 request.finish()
 return
+if requestor_actor_id is None:
+requestor_actor_id = self.get_requestor_actor_id(
+data, extra_args
+)
 if len(extra_args) == 0:
 if request_type != "shared_inbox":
 raise exceptions.DataError(f"Invalid request type: {request_type!r}")
 ret_data = await self.ap_inbox_request(
-request, data, None, None, None, ap_url, signing_actor
+requestor_actor_id, request, data, None, None, None, ap_url, signing_actor
 )
 elif request_type == "avatar":
 if len(extra_args) != 1:
 raise exceptions.DataError("avatar argument expected in URL")
 avatar_filename = extra_args[0]
 request.method.decode().upper(), []
 ):
 raise exceptions.DataError(f"Invalid request type: {request_type!r}")
 method = getattr(self, f"ap_{request_type}_request")
 ret_data = await method(
-request, data, account_jid, node, ap_account, ap_url, signing_actor
+requestor_actor_id, request, data, account_jid, node, ap_account, ap_url, signing_actor
 )
 if ret_data is not None:
 request.setHeader("content-type", CONTENT_TYPE_AP)
 request.write(json.dumps(ret_data).encode())
 if self.apg.verbose:
 request.finish()
 return
 else:
 request.content.seek(0)
+requestor_actor_id = self.get_requestor_actor_id(data)
 try:
 if data["type"] == "Delete" and data["actor"] == data["object"]:
 # we don't handle actor deletion
 request.setResponseCode(http.ACCEPTED)
 log.debug(f"ignoring actor deletion ({data['actor']})")
 return
 except KeyError:
 pass
 try:
-signing_actor = await self.check_signature(request)
+signing_actor = await self.check_signature(requestor_actor_id, request)
 except exceptions.EncryptionError as e:
 if self.apg.verbose:
 to_log = self._get_to_log(request)
 to_log.append(f"  body: {request.content.read()!r}")
 request.content.seek(0)
 return
 self._seen_digest.append(digest)
 # default response code, may be changed, e.g. in case of exception
 try:
-return await self.ap_request(request, data, signing_actor)
+return await self.ap_request(
+request, data, signing_actor, requestor_actor_id=requestor_actor_id
+)
 except Exception as e:
 self._on_request_error(failure.Failure(e), request)
-async def check_signing_actor(self, data: dict, signing_actor: str) -> None:
+async def check_signing_actor(
+self,
+requestor_actor_id: str,
+data: dict,
+signing_actor: str
+) -> None:
 """That that signing actor correspond to actor declared in data
+@param requestor_actor_id: ID of the actor doing the request.
 @param data: request payload
 @param signing_actor: actor ID of the signing entity, as returned by
 check_signature
 @raise exceptions.NotFound: no actor found in data
 @raise exceptions.EncryptionError: signing actor doesn't match actor in data
 """
-actor = await self.apg.ap_get_sender_actor(data)
+actor = await self.apg.ap_get_sender_actor(requestor_actor_id, data)
 if signing_actor != actor:
 raise exceptions.EncryptionError(
 f"signing actor ({signing_actor}) doesn't match actor in data ({actor})"
 )
-async def check_signature(self, request: "HTTPRequest") -> str:
+async def check_signature(
+self,
+requestor_actor_id: str,
+request: "HTTPRequest"
+) -> str:
 """Check and validate HTTP signature
+@param requestor_actor_id: ID of the actor doing the request.
 @return: id of the signing actor
 @raise exceptions.EncryptionError: signature is not present or doesn't match
 """
 signature = request.getHeader("Signature")
 if created > limit_ts:
 raise exceptions.EncryptionError("Signature has expired")
 try:
 return await self.apg.check_signature(
+requestor_actor_id,
 sign_data["signature"],
 key_id,
 headers
 )
 except exceptions.EncryptionError:
 log.debug(
 "Using workaround for (request-target) encoding bug in signature, "
 "see https://github.com/mastodon/mastodon/issues/18871"
 )
 return await self.apg.check_signature(
+requestor_actor_id,
 sign_data["signature"],
 key_id,
 headers
 )

Mercurial > libervia-backend

comparison libervia/backend/plugins/plugin_comp_ap_gateway/http_server.py @ 4259:49019947cc76