summaryrefslogtreecommitdiff
path: root/src/server/activitypub
diff options
context:
space:
mode:
Diffstat (limited to 'src/server/activitypub')
-rw-r--r--src/server/activitypub/inbox.ts42
-rw-r--r--src/server/activitypub/index.ts12
-rw-r--r--src/server/activitypub/user.ts62
3 files changed, 116 insertions, 0 deletions
diff --git a/src/server/activitypub/inbox.ts b/src/server/activitypub/inbox.ts
new file mode 100644
index 0000000000..0d4af7c492
--- /dev/null
+++ b/src/server/activitypub/inbox.ts
@@ -0,0 +1,42 @@
+import * as bodyParser from 'body-parser';
+import * as express from 'express';
+import { parseRequest, verifySignature } from 'http-signature';
+import User, { IRemoteAccount } from '../../models/user';
+import queue from '../../queue';
+
+const app = express();
+app.disable('x-powered-by');
+app.use(bodyParser.json());
+
+app.get('/@:user/inbox', async (req, res) => {
+ let parsed;
+
+ try {
+ parsed = parseRequest(req);
+ } catch (exception) {
+ return res.sendStatus(401);
+ }
+
+ const user = await User.findOne({
+ host: { $ne: null },
+ account: { publicKey: { id: parsed.keyId } }
+ });
+
+ if (user === null) {
+ return res.sendStatus(401);
+ }
+
+ if (!verifySignature(parsed, (user.account as IRemoteAccount).publicKey.publicKeyPem)) {
+ return res.sendStatus(401);
+ }
+
+ queue.create('http', {
+ type: 'performActivityPub',
+ actor: user._id,
+ outbox: req.body,
+ }).save();
+
+ return res.sendStatus(200);
+});
+
+export default app;
diff --git a/src/server/activitypub/index.ts b/src/server/activitypub/index.ts
new file mode 100644
index 0000000000..07ff407a76
--- /dev/null
+++ b/src/server/activitypub/index.ts
@@ -0,0 +1,12 @@
+import * as express from 'express';
+
+import user from './user';
+import inbox from './inbox';
+
+const app = express();
+app.disable('x-powered-by');
+
+app.use(user);
+app.use(inbox);
+
+export default app;
diff --git a/src/server/activitypub/user.ts b/src/server/activitypub/user.ts
new file mode 100644
index 0000000000..488de93a92
--- /dev/null
+++ b/src/server/activitypub/user.ts
@@ -0,0 +1,62 @@
+import * as express from 'express';
+import config from '../../conf';
+import { extractPublic } from '../../crypto_key';
+import parseAcct from '../../common/user/parse-acct';
+import User, { ILocalAccount } from '../../models/user';
+
+const app = express();
+app.disable('x-powered-by');
+
+app.get('/@:user', async (req, res, next) => {
+ const accepted = req.accepts(['html', 'application/activity+json', 'application/ld+json']);
+ if (!(['application/activity+json', 'application/ld+json'] as Array<any>).includes(accepted)) {
+ return next();
+ }
+
+ const { username, host } = parseAcct(req.params.user);
+ if (host !== null) {
+ return res.sendStatus(422);
+ }
+
+ const user = await User.findOne({
+ usernameLower: username.toLowerCase(),
+ host: null
+ });
+ if (user === null) {
+ return res.sendStatus(404);
+ }
+
+ const id = `${config.url}/@${user.username}`;
+
+ if (username !== user.username) {
+ return res.redirect(id);
+ }
+
+ res.json({
+ '@context': [
+ 'https://www.w3.org/ns/activitystreams',
+ 'https://w3id.org/security/v1'
+ ],
+ type: 'Person',
+ id,
+ inbox: `${id}/inbox`,
+ preferredUsername: user.username,
+ name: user.name,
+ summary: user.description,
+ icon: user.avatarId && {
+ type: 'Image',
+ url: `${config.drive_url}/${user.avatarId}`
+ },
+ image: user.bannerId && {
+ type: 'Image',
+ url: `${config.drive_url}/${user.bannerId}`
+ },
+ publicKey: {
+ type: 'Key',
+ owner: id,
+ publicKeyPem: extractPublic((user.account as ILocalAccount).keypair)
+ }
+ });
+});
+
+export default app;
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-04 05:19:59 +0000