go-fed / apcore Goto Github PK
View Code? Open in Web Editor NEWGolang ActivityPub Server Framework
License: GNU Affero General Public License v3.0
Golang ActivityPub Server Framework
License: GNU Affero General Public License v3.0
DB models support creating tables, but doesn't have a way currently to execute additional statements for creation of indices, etc.
Right now, the server uses a plain http.Client
. Investigate its options and implement the appropriate configurations/defaults.
I think a reference is in the httpsig library, just copy/paste it over for comment completeness sake.
This entails:
app.Application
to add and modify arbitrary payloadsapp.Application
to modify existing payloads (ex: pub.OnFollow
behavior)OnFollow
for the S2S behaviorUpon server startup, re-launch the failed outbound deliveries. Will probably require a modification of the table to support counting # of attempts made and time of last attempt, to skip retrying really old attempts.
The oauth2 library is at this time v4.1.2
and apcore is using v3
.
Should be as simple as go mod init
This way, you can guarantee that a specific version of, for example, go-fed is used.
Potential features for v1:
Line 6 in d66d825
This version of go-fed/activity
doesn't have the required github.com/go-fed/activity/streams/vocab
package.
To update to the latest master, run go get github.com/go-fed/activity@master
in the apcore
directory.
go-fed/activity
requestedLines 303 to 305 in d66d825
This string is backwards. Trivial fix.
user
and db_name
in "do you have a password" prompt(side note: it would also be nice to be able to remember the password/lack of password in the config, even if it had to be added manually)
Line 148 in d66d825
This always crashes because c
is nil
and the database config can't be guessed by the ini package.
Proposed fix:
diff --git a/config.go b/config.go
index 3d9cc38..14e11d7 100644
--- a/config.go
+++ b/config.go
@@ -145,6 +145,10 @@ func loadConfigFile(filename string, a Application, debug bool) (c *config, err
if err != nil {
return
}
+ c, err = defaultConfig(cfg.Section("database").Key("db_database_kind").String())
+ if err != nil {
+ return
+ }
err = cfg.MapTo(c)
if err != nil {
return
it seems the current executable code path doesn't get any further than this, so I'll stop the review here for now
As mentioned in #36, an internal proxy is needed to manage the first party login page of applications using apcore
. This means the underlying auth used is uniform for third and first parties, we can just provide a slightly different user experience for the first-party.
This page is a 404:
https://github.com/go-fed/activity/tree/v0.4.0/streams/vocab
you can go get github.com/go-fed/activity@master
to update to the untagged latest version.
Be sure to add a configuration option to enable/disable it.
Such as the recursion flags (currently in Application interface, which need to be removed).
I know golang has a thing where you can go:
type S2SApp interface {
...
}
type C2SApp interface {
...
}
type Application interface {
S2SApp
C2SApp
}
Instead go-fed requires we implement a C2SEnabled/S2SEnabled function. I was thinking of making an AP server that had a GUI interface with no C2S at all, but because Application piles C2S and S2S functions all into one interface, it doesn't matter whether I return false from C2SEnabled. I still have to implement stubs for all the client to server functions, login, oauth, etc, and it still listens to URLs like /login
for no reason.
if(C2SEnabled(app))
could always be written more like if(app.(C2SApp) !== nil)
unless I seriously misunderstand the Go language, which is entirely possible.
Write PostgreSQL dialect SQL statements for apcore prepared statements.
There's quite a few.
Have keyboard interrupt call "stop".
Either:
preferredUsername
in the users model, for webfinger guarantees, orpreferredUsername
uniqueness.Our users are not tied to preferredUsername
so theoretically it should be changeable, but the webfinger integration is the only point where that may not be true.
Use prompting and services
to initialize an administrative user in the database.
In a federated context, the go-fed library uses mutexes associated with specific IRIs before running associated business logic. However, this still doesn't prevent sql transactional conflicts at the service
layer since it is not aware of mutexes. This can lead to transactional conflicts, which are not currently addressed. There are some different ways of approaching this:
service
aware of the mutexes to lock in advance. I don't like this due to the open-ended nature of client code, which can lead to a leaky abstraction via opaque deadlocks. No fun for anyone.Contexts
can map 1 request to 1 tx. So a tx conflict is simply a matter of re-trying all the logic since that mapping is instantiated.go-fed/activity
to be transaction-aware instead of mutex-based, but as seen above, we can in theory make our implementation of go-fed/activity
tx-based instead of mutex-based. I'm not confident a refactor of go-fed/activity
to be tx-based would permit the lightweight mutex-based approach (which has its own benefits like enabling lightweight apps such as the testsuite).It's labelled as a feature enhancement right now because it should result in a stability improvement in case of high sustained QPS / burst of QPS.
The oauth2
server framework does not support passing Context types around its signatures, so need to engineer a way to properly ensure that the request context is propagating through. Since it relies on database calls, it would be nice for OAuth2 requests to properly be cancelled when incoming requests are also cancelled. Without doing this, database calls will wastefully complete for cancelled requests.
Enforce the configuration's outbound rate-limit of outbound requests.
This entails:
app.Application
to add and modify arbitrary payloadsapp.Application
to modify existing payloadsFully encapsulate the go-fed/activity/pub
library. Don't leak it out.
I don't know if the oauth2 server library is using PKCE under the hood, per the Oauth 2.1 recommendations.
Not straightforward since ActivityStreams id
usually contains the scheme, so will need to make clear that no cross-over is possible (ex: cannot use debug mode on a productionized server creating data on a server serving https
protocol). Lookups and the like will fail. This design choice should not be mistaken as a protection, because any new data will be created with http
which would pollute the db, for any debugging/non-debugging mode.
So flipping that flag deserves a big ol' warning & confirmation.
For Cookie Auth and Encryption signing, in the config prompt.
From the APConf 2020 talk by Aaron Parecki it sounds like dynamic scope support would be very useful for ActivityPub related servers. I don't believe it is finalized yet, need more investigation.
Read in the database connection secret from config, not from stdin.
Be sure to add a configuration option to enable/disable it.
Have each config definition be able to self-validate. Ensure it is being called at config load time. Move the validation (ex: in server.go) into these functions.
Add a single special actor supporting server-level behavior.
Investigate how other software supports this actor and conform to their conventions, if possible.
When the database returns nothing, we need to return an error in such a case.
We then need to propagate that up to the handlers to properly render the "not found" page.
Currently, I don't think they're that great.
Probably need a division between:
And the resolution
would be the triple of (role, acl, data).
Ensure other parts of the oauth2 server library conform to the OAuth 2.1 spec, which is more of a compilation of best practices and learnings from OAuth2.
The major differences from OAuth 2.0 are listed below.
- PKCE is required for all OAuth clients using the authorization code flow
- Redirect URIs must be compared using exact string matching
- The Implicit grant (response_type=token) is omitted from this specification
- The Resource Owner Password Credentials grant is omitted from this specification
- Bearer token usage omits the use of bearer tokens in the query string of URIs
- Refresh tokens for public clients must either be sender-constrained or one-time use
Reviewing the go-fed/activity
integration, in common
there is the issue where the common utility function authenticateGetRequest
is hardcoded to ask for the GetInbox
scope, and never the GetOutbox
scope. Both auths for GetInbox
and GetOutbox
call into this helper, so the GetOutbox
is incorrect.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.