summaryrefslogtreecommitdiffstats
path: root/users
diff options
context:
space:
mode:
Diffstat (limited to 'users')
-rw-r--r--users/admin.py13
-rw-r--r--users/models/domain.py12
-rw-r--r--users/models/follow.py114
-rw-r--r--users/models/inbox_message.py18
-rw-r--r--users/shortcuts.py5
-rw-r--r--users/tasks/__init__.py0
-rw-r--r--users/tasks/follow.py62
-rw-r--r--users/views/identity.py15
8 files changed, 157 insertions, 82 deletions
diff --git a/users/admin.py b/users/admin.py
index f2b807c..d8f2931 100644
--- a/users/admin.py
+++ b/users/admin.py
@@ -1,6 +1,6 @@
from django.contrib import admin
-from users.models import Domain, Follow, Identity, User, UserEvent
+from users.models import Domain, Follow, Identity, InboxMessage, User, UserEvent
@admin.register(Domain)
@@ -26,3 +26,14 @@ class IdentityAdmin(admin.ModelAdmin):
@admin.register(Follow)
class FollowAdmin(admin.ModelAdmin):
list_display = ["id", "source", "target", "state"]
+
+
+@admin.register(InboxMessage)
+class InboxMessageAdmin(admin.ModelAdmin):
+ list_display = ["id", "state", "message_type"]
+ actions = ["reset_state"]
+
+ @admin.action(description="Reset State")
+ def reset_state(self, request, queryset):
+ for instance in queryset:
+ instance.transition_perform("received")
diff --git a/users/models/domain.py b/users/models/domain.py
index 4ac6ee9..a3815ee 100644
--- a/users/models/domain.py
+++ b/users/models/domain.py
@@ -81,3 +81,15 @@ class Domain(models.Model):
def __str__(self):
return self.domain
+
+ def save(self, *args, **kwargs):
+ # Ensure that we are not conflicting with other domains
+ if Domain.objects.filter(service_domain=self.domain).exists():
+ raise ValueError(
+ f"Domain {self.domain} is already a service domain elsewhere!"
+ )
+ if self.service_domain:
+ if Domain.objects.filter(domain=self.service_domain).exists():
+ raise ValueError(
+ f"Service domain {self.service_domain} is already a domain elsewhere!"
+ )
diff --git a/users/models/follow.py b/users/models/follow.py
index 6f62481..94ad40f 100644
--- a/users/models/follow.py
+++ b/users/models/follow.py
@@ -2,24 +2,110 @@ from typing import Optional
from django.db import models
+from core.ld import canonicalise
+from core.signatures import HttpSignature
from stator.models import State, StateField, StateGraph, StatorModel
class FollowStates(StateGraph):
unrequested = State(try_interval=30)
- requested = State(try_interval=24 * 60 * 60)
- accepted = State()
-
- unrequested.transitions_to(requested)
- requested.transitions_to(accepted)
+ local_requested = State(try_interval=24 * 60 * 60)
+ remote_requested = State(try_interval=24 * 60 * 60)
+ accepted = State(externally_progressed=True)
+ undone_locally = State(try_interval=60 * 60)
+ undone_remotely = State()
+
+ unrequested.transitions_to(local_requested)
+ unrequested.transitions_to(remote_requested)
+ local_requested.transitions_to(accepted)
+ remote_requested.transitions_to(accepted)
+ accepted.transitions_to(undone_locally)
+ undone_locally.transitions_to(undone_remotely)
@classmethod
async def handle_unrequested(cls, instance: "Follow"):
- print("Would have tried to follow on", instance)
+ # Re-retrieve the follow with more things linked
+ follow = await Follow.objects.select_related(
+ "source", "source__domain", "target"
+ ).aget(pk=instance.pk)
+ # Remote follows should not be here
+ if not follow.source.local:
+ return cls.remote_requested
+ # Construct the request
+ request = canonicalise(
+ {
+ "@context": "https://www.w3.org/ns/activitystreams",
+ "id": follow.uri,
+ "type": "Follow",
+ "actor": follow.source.actor_uri,
+ "object": follow.target.actor_uri,
+ }
+ )
+ # Sign it and send it
+ await HttpSignature.signed_request(
+ follow.target.inbox_uri, request, follow.source
+ )
+ return cls.local_requested
+
+ @classmethod
+ async def handle_local_requested(cls, instance: "Follow"):
+ # TODO: Resend follow requests occasionally
+ pass
+
+ @classmethod
+ async def handle_remote_requested(cls, instance: "Follow"):
+ # Re-retrieve the follow with more things linked
+ follow = await Follow.objects.select_related(
+ "source", "source__domain", "target"
+ ).aget(pk=instance.pk)
+ # Send an accept
+ request = canonicalise(
+ {
+ "@context": "https://www.w3.org/ns/activitystreams",
+ "id": follow.target.actor_uri + f"follow/{follow.pk}/#accept",
+ "type": "Follow",
+ "actor": follow.source.actor_uri,
+ "object": {
+ "id": follow.uri,
+ "type": "Follow",
+ "actor": follow.source.actor_uri,
+ "object": follow.target.actor_uri,
+ },
+ }
+ )
+ # Sign it and send it
+ await HttpSignature.signed_request(
+ follow.source.inbox_uri,
+ request,
+ identity=follow.target,
+ )
+ return cls.accepted
@classmethod
- async def handle_requested(cls, instance: "Follow"):
- print("Would have tried to requested on", instance)
+ async def handle_undone_locally(cls, instance: "Follow"):
+ follow = Follow.objects.select_related(
+ "source", "source__domain", "target"
+ ).get(pk=instance.pk)
+ # Construct the request
+ request = canonicalise(
+ {
+ "@context": "https://www.w3.org/ns/activitystreams",
+ "id": follow.uri + "#undo",
+ "type": "Undo",
+ "actor": follow.source.actor_uri,
+ "object": {
+ "id": follow.uri,
+ "type": "Follow",
+ "actor": follow.source.actor_uri,
+ "object": follow.target.actor_uri,
+ },
+ }
+ )
+ # Sign it and send it
+ await HttpSignature.signed_request(
+ follow.target.inbox_uri, request, follow.source
+ )
+ return cls.undone_remotely
class Follow(StatorModel):
@@ -83,11 +169,17 @@ class Follow(StatorModel):
follow = cls.maybe_get(source=source, target=target)
if follow is None:
follow = Follow.objects.create(source=source, target=target, uri=uri)
- if follow.state == FollowStates.fresh:
- follow.transition_perform(FollowStates.requested)
+ if follow.state == FollowStates.unrequested:
+ follow.transition_perform(FollowStates.remote_requested)
@classmethod
def remote_accepted(cls, source, target):
+ print(f"accepted follow source {source} target {target}")
follow = cls.maybe_get(source=source, target=target)
- if follow and follow.state == FollowStates.requested:
+ print(f"accepting follow {follow}")
+ if follow and follow.state in [
+ FollowStates.unrequested,
+ FollowStates.local_requested,
+ ]:
follow.transition_perform(FollowStates.accepted)
+ print("accepted")
diff --git a/users/models/inbox_message.py b/users/models/inbox_message.py
index 0dbdc3a..54b05e9 100644
--- a/users/models/inbox_message.py
+++ b/users/models/inbox_message.py
@@ -13,7 +13,7 @@ class InboxMessageStates(StateGraph):
@classmethod
async def handle_received(cls, instance: "InboxMessage"):
- type = instance.message["type"].lower()
+ type = instance.message_type
if type == "follow":
await instance.follow_request()
elif type == "accept":
@@ -30,6 +30,7 @@ class InboxMessageStates(StateGraph):
raise ValueError(f"Cannot handle activity of type undo.{inner_type}")
else:
raise ValueError(f"Cannot handle activity of type {type}")
+ return cls.processed
class InboxMessage(StatorModel):
@@ -60,10 +61,17 @@ class InboxMessage(StatorModel):
"""
Handles an incoming acceptance of one of our follow requests
"""
- Follow.remote_accepted(
- source=Identity.by_actor_uri_with_create(self.message["actor"]),
- target=Identity.by_actor_uri(self.message["object"]),
- )
+ target = Identity.by_actor_uri_with_create(self.message["actor"])
+ source = Identity.by_actor_uri(self.message["object"]["actor"])
+ if source is None:
+ raise ValueError(
+ f"Follow-Accept has invalid source {self.message['object']['actor']}"
+ )
+ Follow.remote_accepted(source=source, target=target)
+
+ @property
+ def message_type(self):
+ return self.message["type"].lower()
async def follow_undo(self):
"""
diff --git a/users/shortcuts.py b/users/shortcuts.py
index 8e20a09..0726218 100644
--- a/users/shortcuts.py
+++ b/users/shortcuts.py
@@ -19,7 +19,10 @@ def by_handle_or_404(request, handle, local=True, fetch=False) -> Identity:
else:
username, domain = handle.split("@", 1)
# Resolve the domain to the display domain
- domain = Domain.get_remote_domain(domain).domain
+ domain_instance = Domain.get_domain(domain)
+ if domain_instance is None:
+ domain_instance = Domain.get_remote_domain(domain)
+ domain = domain_instance.domain
identity = Identity.by_username_and_domain(
username,
domain,
diff --git a/users/tasks/__init__.py b/users/tasks/__init__.py
deleted file mode 100644
index e69de29..0000000
--- a/users/tasks/__init__.py
+++ /dev/null
diff --git a/users/tasks/follow.py b/users/tasks/follow.py
deleted file mode 100644
index 0f802cf..0000000
--- a/users/tasks/follow.py
+++ /dev/null
@@ -1,62 +0,0 @@
-from core.ld import canonicalise
-from core.signatures import HttpSignature
-from users.models import Follow
-
-
-async def handle_follow_request(task_handler):
- """
- Request a follow from a remote server
- """
- follow = await Follow.objects.select_related(
- "source", "source__domain", "target"
- ).aget(pk=task_handler.subject)
- # Construct the request
- request = canonicalise(
- {
- "@context": "https://www.w3.org/ns/activitystreams",
- "id": follow.uri,
- "type": "Follow",
- "actor": follow.source.actor_uri,
- "object": follow.target.actor_uri,
- }
- )
- # Sign it and send it
- response = await HttpSignature.signed_request(
- follow.target.inbox_uri, request, follow.source
- )
- if response.status_code >= 400:
- raise ValueError(f"Request error: {response.status_code} {response.content}")
- await Follow.objects.filter(pk=follow.pk).aupdate(requested=True)
-
-
-def send_follow_undo(id):
- """
- Request a follow from a remote server
- """
- follow = Follow.objects.select_related("source", "source__domain", "target").get(
- pk=id
- )
- # Construct the request
- request = canonicalise(
- {
- "@context": "https://www.w3.org/ns/activitystreams",
- "id": follow.uri + "#undo",
- "type": "Undo",
- "actor": follow.source.actor_uri,
- "object": {
- "id": follow.uri,
- "type": "Follow",
- "actor": follow.source.actor_uri,
- "object": follow.target.actor_uri,
- },
- }
- )
- # Sign it and send it
- from asgiref.sync import async_to_sync
-
- response = async_to_sync(HttpSignature.signed_request)(
- follow.target.inbox_uri, request, follow.source
- )
- if response.status_code >= 400:
- raise ValueError(f"Request error: {response.status_code} {response.content}")
- print(response)
diff --git a/users/views/identity.py b/users/views/identity.py
index 3e69dae..0aed7fa 100644
--- a/users/views/identity.py
+++ b/users/views/identity.py
@@ -21,6 +21,10 @@ from users.models import Domain, Follow, Identity, IdentityStates, InboxMessage
from users.shortcuts import by_handle_or_404
+class HttpResponseUnauthorized(HttpResponse):
+ status_code = 401
+
+
class ViewIdentity(TemplateView):
template_name = "identity/view.html"
@@ -188,20 +192,26 @@ class Inbox(View):
if "HTTP_DIGEST" in request.META:
expected_digest = HttpSignature.calculate_digest(request.body)
if request.META["HTTP_DIGEST"] != expected_digest:
+ print("Wrong digest")
return HttpResponseBadRequest("Digest is incorrect")
# Verify date header
if "HTTP_DATE" in request.META:
header_date = parse_http_date(request.META["HTTP_DATE"])
if abs(timezone.now().timestamp() - header_date) > 60:
+ print(
+ f"Date mismatch - they sent {header_date}, now is {timezone.now().timestamp()}"
+ )
return HttpResponseBadRequest("Date is too far away")
# Get the signature details
if "HTTP_SIGNATURE" not in request.META:
+ print("No signature")
return HttpResponseBadRequest("No signature present")
signature_details = HttpSignature.parse_signature(
request.META["HTTP_SIGNATURE"]
)
# Reject unknown algorithms
if signature_details["algorithm"] != "rsa-sha256":
+ print("Unknown sig algo")
return HttpResponseBadRequest("Unknown signature algorithm")
# Create the signature payload
headers_string = HttpSignature.headers_from_request(
@@ -217,13 +227,14 @@ class Inbox(View):
# See if we can fetch it right now
async_to_sync(identity.fetch_actor)()
if not identity.public_key:
+ print("Cannot get actor")
return HttpResponseBadRequest("Cannot retrieve actor")
if not identity.verify_signature(
signature_details["signature"], headers_string
):
- return HttpResponseBadRequest("Bad signature")
+ return HttpResponseUnauthorized("Bad signature")
# Hand off the item to be processed by the queue
- InboxMessage.objects.create(message=document)
+ InboxMessage.objects.create(message=document, state_ready=True)
return HttpResponse(status=202)