iceshrimp/packages/backend/src/remote/activitypub/request.ts

import config from "@/config/index.js";
import { getUserKeypair } from "@/misc/keypair-store.js";
import type { User } from "@/models/entities/user.js";
import { getResponse } from "../../misc/fetch.js";
import { createSignedPost, createSignedGet } from "./ap-request.js";
import { apLogger } from "@/remote/activitypub/logger.js";

export default async (user: { id: User["id"] }, url: string, object: any) => {
	const body = JSON.stringify(object);

	const keypair = await getUserKeypair(user.id);

	const req = createSignedPost({
		key: {
			privateKeyPem: keypair.privateKey,
			keyId: `${config.url}/users/${user.id}#main-key`,
		},
		url,
		body,
		additionalHeaders: {
			"User-Agent": config.userAgent,
		},
	});

	await getResponse({
		url,
		method: req.request.method,
		headers: req.request.headers,
		body,
	});
};

/**
 * Get AP object with http-signature
 * @param user http-signature user
 * @param url URL to fetch
 * @param redirects whether or not to accept redirects
 */
export async function signedGet(url: string, user: { id: User["id"] }, redirects: boolean = true) {
	apLogger.debug(`Running signedGet on url: ${url}`);
	const keypair = await getUserKeypair(user.id);

	const req = createSignedGet({
		key: {
			privateKeyPem: keypair.privateKey,
			keyId: `${config.url}/users/${user.id}#main-key`,
		},
		url,
		additionalHeaders: {
			"User-Agent": config.userAgent,
		},
	});

	const res = await getResponse({
		url,
		method: req.request.method,
		headers: req.request.headers,
		redirect: redirects ? "manual" : "error"
	});

	if (redirects && [301,302,307,308].includes(res.status)) {
		const newUrl = res.headers.get('location');
		if (!newUrl) throw new Error('signedGet got redirect but no target location');
		apLogger.debug(`signedGet is redirecting to ${newUrl}`);
		return signedGet(newUrl, user, false);
	}

	const contentType = res.headers.get('content-type');
	if (contentType == null || (contentType !== 'application/activity+json' && !contentType.startsWith('application/activity+json;') && contentType !== 'application/ld+json' && !contentType.startsWith('application/ld+json;')))
		throw new Error(`signedGet response had unexpected content-type: ${contentType}`);

	return await res.json();
}
refactor: :art: rome 2023-01-13 05:40:33 +01:00			`import config from "@/config/index.js";`
			`import { getUserKeypair } from "@/misc/keypair-store.js";`
			`import type { User } from "@/models/entities/user.js";`
			`import { getResponse } from "../../misc/fetch.js";`
			`import { createSignedPost, createSignedGet } from "./ap-request.js";`
Add signature to remote note lookup 2023-06-28 01:02:28 +02:00			`import { apLogger } from "@/remote/activitypub/logger.js";`
HTTPリクエストのKeep-AliveとPrxoy対応など (#5226) * DriveのKeep-Alive, Proxy と APのProxy対応 * request系でKeep-Aliveするように * fix lookup-dns-cache.d.ts * remove debug output 2019-07-28 02:49:02 +02:00
refactor: :art: rome 2023-01-13 05:40:33 +01:00			`export default async (user: { id: User["id"] }, url: string, object: any) => {`
Refactor request (#7814) * status code * Test ap-request.ts https://github.com/mei23/crytest/blob/4397fc5e70536e4175fe56e974ca83b8047bef3a/test/ap-request.ts * tune 2021-10-16 10:16:24 +02:00			`const body = JSON.stringify(object);`
Add host/digest to HTTP signature 2018-08-30 13:52:35 +02:00
perf(server): Cache user keypair 2021-03-22 07:14:54 +01:00			`const keypair = await getUserKeypair(user.id);`
Use PostgreSQL instead of MongoDB (#4572) * wip * Update note.ts * Update timeline.ts * Update core.ts * wip * Update generate-visibility-query.ts * wip * wip * wip * wip * wip * Update global-timeline.ts * wip * wip * wip * Update vote.ts * wip * wip * Update create.ts * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * Update files.ts * wip * wip * Update CONTRIBUTING.md * wip * wip * wip * wip * wip * wip * wip * wip * Update read-notification.ts * wip * wip * wip * wip * wip * wip * wip * Update cancel.ts * wip * wip * wip * Update show.ts * wip * wip * Update gen-id.ts * Update create.ts * Update id.ts * wip * wip * wip * wip * wip * wip * wip * Docker: Update files about Docker (#4599) * Docker: Use cache if files used by `yarn install` was not updated This patch reduces the number of times to installing node_modules. For example, `yarn install` step will be skipped when only ".config/default.yml" is updated. * Docker: Migrate MongoDB to Postgresql Misskey uses Postgresql as a database instead of Mongodb since version 11. * Docker: Uncomment about data persistence This patch will save a lot of databases. * wip * wip * wip * Update activitypub.ts * wip * wip * wip * Update logs.ts * wip * Update drive-file.ts * Update register.ts * wip * wip * Update mentions.ts * wip * wip * wip * Update recommendation.ts * wip * Update index.ts * wip * Update recommendation.ts * Doc: Update docker.ja.md and docker.en.md (#1) (#4608) Update how to set up misskey. * wip * :v: * wip * Update note.ts * Update postgre.ts * wip * wip * wip * wip * Update add-file.ts * wip * wip * wip * Clean up * Update logs.ts * wip * :pizza: * wip * Ad notes * wip * Update api-visibility.ts * Update note.ts * Update add-file.ts * tests * tests * Update postgre.ts * Update utils.ts * wip * wip * Refactor * wip * Refactor * wip * wip * Update show-users.ts * Update update-instance.ts * wip * Update feed.ts * Update outbox.ts * Update outbox.ts * Update user.ts * wip * Update list.ts * Update update-hashtag.ts * wip * Update update-hashtag.ts * Refactor * Update update.ts * wip * wip * :v: * clean up * docs * Update push.ts * wip * Update api.ts * wip * :v: * Update make-pagination-query.ts * :v: * Delete hashtags.ts * Update instances.ts * Update instances.ts * Update create.ts * Update search.ts * Update reversi-game.ts * Update signup.ts * Update user.ts * id * Update example.yml * :art: * objectid * fix * reversi * reversi * Fix bug of chart engine * Add test of chart engine * Improve test * Better testing * Improve chart engine * Refactor * Add test of chart engine * Refactor * Add chart test * Fix bug * コミットし忘れ * Refactoring * :v: * Add tests * Add test * Extarct note tests * Refactor * 存在しないユーザーにメンションできなくなっていた問題を修正 * Fix bug * Update update-meta.ts * Fix bug * Update mention.vue * Fix bug * Update meta.ts * Update CONTRIBUTING.md * Fix bug * Fix bug * Fix bug * Clean up * Clean up * Update notification.ts * Clean up * Add mute tests * Add test * Refactor * Add test * Fix test * Refactor * Refactor * Add tests * Update utils.ts * Update utils.ts * Fix test * Update package.json * Update update.ts * Update manifest.ts * Fix bug * Fix bug * Add test * :art: * Update endpoint permissions * Updaye permisison * Update person.ts #4299 * データベースと同期しないように * Fix bug * Fix bug * Update reversi-game.ts * Use a feature of Node v11.7.0 to extract a public key (#4644) * wip * wip * :v: * Refactoring #1540 * test * test * test * test * test * test * test * Fix bug * Fix test * :sushi: * wip * #4471 * Add test for #4335 * Refactor * Fix test * Add tests * :clock4: * Fix bug * Add test * Add test * rename * Fix bug 2019-04-07 14:50:36 +02:00
Refactor request (#7814) * status code * Test ap-request.ts https://github.com/mei23/crytest/blob/4397fc5e70536e4175fe56e974ca83b8047bef3a/test/ap-request.ts * tune 2021-10-16 10:16:24 +02:00			`const req = createSignedPost({`
			`key: {`
			`privateKeyPem: keypair.privateKey,`
fix lint 2021-12-09 15:58:30 +01:00			keyId: `${config.url}/users/${user.id}#main-key`,
Refactor request (#7814) * status code * Test ap-request.ts https://github.com/mei23/crytest/blob/4397fc5e70536e4175fe56e974ca83b8047bef3a/test/ap-request.ts * tune 2021-10-16 10:16:24 +02:00			`},`
			`url,`
			`body,`
			`additionalHeaders: {`
refactor: :art: rome 2023-01-13 05:40:33 +01:00			`"User-Agent": config.userAgent,`
fix lint 2021-12-09 15:58:30 +01:00			`},`
Refactor request (#7814) * status code * Test ap-request.ts https://github.com/mei23/crytest/blob/4397fc5e70536e4175fe56e974ca83b8047bef3a/test/ap-request.ts * tune 2021-10-16 10:16:24 +02:00			`});`
ActivityPubのHTTPリクエストの強化 (#2820) * Fix error handling in AP deliver * Set timeout to resolver * Tune looks 2018-10-04 18:58:41 +02:00
Refactor request (#7814) * status code * Test ap-request.ts https://github.com/mei23/crytest/blob/4397fc5e70536e4175fe56e974ca83b8047bef3a/test/ap-request.ts * tune 2021-10-16 10:16:24 +02:00			`await getResponse({`
			`url,`
			`method: req.request.method,`
			`headers: req.request.headers,`
			`body,`
ActivityPubのHTTPリクエストの強化 (#2820) * Fix error handling in AP deliver * Set timeout to resolver * Tune looks 2018-10-04 18:58:41 +02:00			`});`
Fix bug 2019-03-08 11:45:01 +01:00			`};`
ActivityPubでリモートのオブジェクトをGETするときのリクエストをHTTP Signatureで署名するオプション (#6731) * Sign ActivityPub GET * Fix v12, v12.48.0 UI bug 2020-10-17 18:46:40 +02:00
			`/**`
			`* Get AP object with http-signature`
			`* @param user http-signature user`
			`* @param url URL to fetch`
[backend] Permit redirects for AP object lookups 2023-10-11 20:23:00 +02:00			`* @param redirects whether or not to accept redirects`
ActivityPubでリモートのオブジェクトをGETするときのリクエストをHTTP Signatureで署名するオプション (#6731) * Sign ActivityPub GET * Fix v12, v12.48.0 UI bug 2020-10-17 18:46:40 +02:00			`*/`
[backend] Permit redirects for AP object lookups 2023-10-11 20:23:00 +02:00			`export async function signedGet(url: string, user: { id: User["id"] }, redirects: boolean = true) {`
Fix AP resolver history on reuse for authorized fetch 2023-06-28 02:01:55 +02:00			apLogger.debug(`Running signedGet on url: ${url}`);
perf(server): Cache user keypair 2021-03-22 07:14:54 +01:00			`const keypair = await getUserKeypair(user.id);`
ActivityPubでリモートのオブジェクトをGETするときのリクエストをHTTP Signatureで署名するオプション (#6731) * Sign ActivityPub GET * Fix v12, v12.48.0 UI bug 2020-10-17 18:46:40 +02:00
Refactor request (#7814) * status code * Test ap-request.ts https://github.com/mei23/crytest/blob/4397fc5e70536e4175fe56e974ca83b8047bef3a/test/ap-request.ts * tune 2021-10-16 10:16:24 +02:00			`const req = createSignedGet({`
			`key: {`
			`privateKeyPem: keypair.privateKey,`
fix lint 2021-12-09 15:58:30 +01:00			keyId: `${config.url}/users/${user.id}#main-key`,
ActivityPubでリモートのオブジェクトをGETするときのリクエストをHTTP Signatureで署名するオプション (#6731) * Sign ActivityPub GET * Fix v12, v12.48.0 UI bug 2020-10-17 18:46:40 +02:00			`},`
Refactor request (#7814) * status code * Test ap-request.ts https://github.com/mei23/crytest/blob/4397fc5e70536e4175fe56e974ca83b8047bef3a/test/ap-request.ts * tune 2021-10-16 10:16:24 +02:00			`url,`
			`additionalHeaders: {`
refactor: :art: rome 2023-01-13 05:40:33 +01:00			`"User-Agent": config.userAgent,`
fix lint 2021-12-09 15:58:30 +01:00			`},`
ActivityPubでリモートのオブジェクトをGETするときのリクエストをHTTP Signatureで署名するオプション (#6731) * Sign ActivityPub GET * Fix v12, v12.48.0 UI bug 2020-10-17 18:46:40 +02:00			`});`

Refactor request (#7814) * status code * Test ap-request.ts https://github.com/mei23/crytest/blob/4397fc5e70536e4175fe56e974ca83b8047bef3a/test/ap-request.ts * tune 2021-10-16 10:16:24 +02:00			`const res = await getResponse({`
			`url,`
			`method: req.request.method,`
fix lint 2021-12-09 15:58:30 +01:00			`headers: req.request.headers,`
[backend] Permit redirects for AP object lookups 2023-10-11 20:23:00 +02:00			`redirect: redirects ? "manual" : "error"`
ActivityPubでリモートのオブジェクトをGETするときのリクエストをHTTP Signatureで署名するオプション (#6731) * Sign ActivityPub GET * Fix v12, v12.48.0 UI bug 2020-10-17 18:46:40 +02:00			`});`

[backend] Permit redirects for AP object lookups 2023-10-11 20:23:00 +02:00			`if (redirects && [301,302,307,308].includes(res.status)) {`
			`const newUrl = res.headers.get('location');`
			`if (!newUrl) throw new Error('signedGet got redirect but no target location');`
			apLogger.debug(`signedGet is redirecting to ${newUrl}`);
			`return signedGet(newUrl, user, false);`
			`}`

[backend] Verify response content type when fetching remote activities 2024-02-16 18:22:38 +01:00			`const contentType = res.headers.get('content-type');`
			`if (contentType == null \|\| (contentType !== 'application/activity+json' && !contentType.startsWith('application/activity+json;') && contentType !== 'application/ld+json' && !contentType.startsWith('application/ld+json;')))`
			throw new Error(`signedGet response had unexpected content-type: ${contentType}`);

Refactor request (#7814) * status code * Test ap-request.ts https://github.com/mei23/crytest/blob/4397fc5e70536e4175fe56e974ca83b8047bef3a/test/ap-request.ts * tune 2021-10-16 10:16:24 +02:00			`return await res.json();`
ActivityPubでリモートのオブジェクトをGETするときのリクエストをHTTP Signatureで署名するオプション (#6731) * Sign ActivityPub GET * Fix v12, v12.48.0 UI bug 2020-10-17 18:46:40 +02:00			`}`