summaryrefslogtreecommitdiff
path: root/internal/federation/federation.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/federation/federation.go')
-rw-r--r--internal/federation/federation.go232
1 files changed, 208 insertions, 24 deletions
diff --git a/internal/federation/federation.go b/internal/federation/federation.go
index fb3541913..a2aba3fcf 100644
--- a/internal/federation/federation.go
+++ b/internal/federation/federation.go
@@ -44,76 +44,260 @@ type Federator struct {
db db.DB
}
-// AuthenticateGetInbox determines whether the request is for a GET call to the Actor's Inbox.
-func (f *Federator) AuthenticateGetInbox(ctx context.Context, w http.ResponseWriter, r *http.Request) (context.Context, bool, error) {
- // TODO
- // use context.WithValue() and context.Value() to set and get values through here
- return nil, false, nil
-}
-
-// AuthenticateGetOutbox determines whether the request is for a GET call to the Actor's Outbox.
-func (f *Federator) AuthenticateGetOutbox(ctx context.Context, w http.ResponseWriter, r *http.Request) (context.Context, bool, error) {
- // TODO
- return nil, false, nil
-}
-
-// GetOutbox returns a proper paginated view of the Outbox for serving in a response.
-func (f *Federator) GetOutbox(ctx context.Context, r *http.Request) (vocab.ActivityStreamsOrderedCollectionPage, error) {
- // TODO
- return nil, nil
-}
-
-// NewTransport returns a new pub.Transport for federating with peer software.
-func (f *Federator) NewTransport(ctx context.Context, actorBoxIRI *url.URL, gofedAgent string) (pub.Transport, error) {
- // TODO
- return nil, nil
-}
+/*
+ GO FED FEDERATING PROTOCOL INTERFACE
+ FederatingProtocol contains behaviors an application needs to satisfy for the
+ full ActivityPub S2S implementation to be supported by this library.
+ It is only required if the client application wants to support the server-to-
+ server, or federating, protocol.
+ It is passed to the library as a dependency injection from the client
+ application.
+*/
+// PostInboxRequestBodyHook callback after parsing the request body for a federated request
+// to the Actor's inbox.
+//
+// Can be used to set contextual information based on the Activity
+// received.
+//
+// Only called if the Federated Protocol is enabled.
+//
+// Warning: Neither authentication nor authorization has taken place at
+// this time. Doing anything beyond setting contextual information is
+// strongly discouraged.
+//
+// If an error is returned, it is passed back to the caller of
+// PostInbox. In this case, the DelegateActor implementation must not
+// write a response to the ResponseWriter as is expected that the caller
+// to PostInbox will do so when handling the error.
func (f *Federator) PostInboxRequestBodyHook(ctx context.Context, r *http.Request, activity pub.Activity) (context.Context, error) {
// TODO
return nil, nil
}
+// AuthenticatePostInbox delegates the authentication of a POST to an
+// inbox.
+//
+// If an error is returned, it is passed back to the caller of
+// PostInbox. In this case, the implementation must not write a
+// response to the ResponseWriter as is expected that the client will
+// do so when handling the error. The 'authenticated' is ignored.
+//
+// If no error is returned, but authentication or authorization fails,
+// then authenticated must be false and error nil. It is expected that
+// the implementation handles writing to the ResponseWriter in this
+// case.
+//
+// Finally, if the authentication and authorization succeeds, then
+// authenticated must be true and error nil. The request will continue
+// to be processed.
func (f *Federator) AuthenticatePostInbox(ctx context.Context, w http.ResponseWriter, r *http.Request) (context.Context, bool, error) {
// TODO
return nil, false, nil
}
+// Blocked should determine whether to permit a set of actors given by
+// their ids are able to interact with this particular end user due to
+// being blocked or other application-specific logic.
+//
+// If an error is returned, it is passed back to the caller of
+// PostInbox.
+//
+// If no error is returned, but authentication or authorization fails,
+// then blocked must be true and error nil. An http.StatusForbidden
+// will be written in the wresponse.
+//
+// Finally, if the authentication and authorization succeeds, then
+// blocked must be false and error nil. The request will continue
+// to be processed.
func (f *Federator) Blocked(ctx context.Context, actorIRIs []*url.URL) (bool, error) {
// TODO
return false, nil
}
+// FederatingCallbacks returns the application logic that handles
+// ActivityStreams received from federating peers.
+//
+// Note that certain types of callbacks will be 'wrapped' with default
+// behaviors supported natively by the library. Other callbacks
+// compatible with streams.TypeResolver can be specified by 'other'.
+//
+// For example, setting the 'Create' field in the
+// FederatingWrappedCallbacks lets an application dependency inject
+// additional behaviors they want to take place, including the default
+// behavior supplied by this library. This is guaranteed to be compliant
+// with the ActivityPub Social protocol.
+//
+// To override the default behavior, instead supply the function in
+// 'other', which does not guarantee the application will be compliant
+// with the ActivityPub Social Protocol.
+//
+// Applications are not expected to handle every single ActivityStreams
+// type and extension. The unhandled ones are passed to DefaultCallback.
func (f *Federator) FederatingCallbacks(ctx context.Context) (pub.FederatingWrappedCallbacks, []interface{}, error) {
// TODO
return pub.FederatingWrappedCallbacks{}, nil, nil
}
+// DefaultCallback is called for types that go-fed can deserialize but
+// are not handled by the application's callbacks returned in the
+// Callbacks method.
+//
+// Applications are not expected to handle every single ActivityStreams
+// type and extension, so the unhandled ones are passed to
+// DefaultCallback.
func (f *Federator) DefaultCallback(ctx context.Context, activity pub.Activity) error {
// TODO
return nil
}
+// MaxInboxForwardingRecursionDepth determines how deep to search within
+// an activity to determine if inbox forwarding needs to occur.
+//
+// Zero or negative numbers indicate infinite recursion.
func (f *Federator) MaxInboxForwardingRecursionDepth(ctx context.Context) int {
// TODO
return 0
}
+// MaxDeliveryRecursionDepth determines how deep to search within
+// collections owned by peers when they are targeted to receive a
+// delivery.
+//
+// Zero or negative numbers indicate infinite recursion.
func (f *Federator) MaxDeliveryRecursionDepth(ctx context.Context) int {
// TODO
return 0
}
+// FilterForwarding allows the implementation to apply business logic
+// such as blocks, spam filtering, and so on to a list of potential
+// Collections and OrderedCollections of recipients when inbox
+// forwarding has been triggered.
+//
+// The activity is provided as a reference for more intelligent
+// logic to be used, but the implementation must not modify it.
func (f *Federator) FilterForwarding(ctx context.Context, potentialRecipients []*url.URL, a pub.Activity) ([]*url.URL, error) {
// TODO
return nil, nil
}
+// GetInbox returns the OrderedCollection inbox of the actor for this
+// context. It is up to the implementation to provide the correct
+// collection for the kind of authorization given in the request.
+//
+// AuthenticateGetInbox will be called prior to this.
+//
+// Always called, regardless whether the Federated Protocol or Social
+// API is enabled.
func (f *Federator) GetInbox(ctx context.Context, r *http.Request) (vocab.ActivityStreamsOrderedCollectionPage, error) {
// TODO
return nil, nil
}
+/*
+ GOFED COMMON BEHAVIOR INTERFACE
+ Contains functions required for both the Social API and Federating Protocol.
+ It is passed to the library as a dependency injection from the client
+ application.
+*/
+
+// AuthenticateGetInbox delegates the authentication of a GET to an
+// inbox.
+//
+// Always called, regardless whether the Federated Protocol or Social
+// API is enabled.
+//
+// If an error is returned, it is passed back to the caller of
+// GetInbox. In this case, the implementation must not write a
+// response to the ResponseWriter as is expected that the client will
+// do so when handling the error. The 'authenticated' is ignored.
+//
+// If no error is returned, but authentication or authorization fails,
+// then authenticated must be false and error nil. It is expected that
+// the implementation handles writing to the ResponseWriter in this
+// case.
+//
+// Finally, if the authentication and authorization succeeds, then
+// authenticated must be true and error nil. The request will continue
+// to be processed.
+func (f *Federator) AuthenticateGetInbox(ctx context.Context, w http.ResponseWriter, r *http.Request) (context.Context, bool, error) {
+ // TODO
+ // use context.WithValue() and context.Value() to set and get values through here
+ return nil, false, nil
+}
+
+// AuthenticateGetOutbox delegates the authentication of a GET to an
+// outbox.
+//
+// Always called, regardless whether the Federated Protocol or Social
+// API is enabled.
+//
+// If an error is returned, it is passed back to the caller of
+// GetOutbox. In this case, the implementation must not write a
+// response to the ResponseWriter as is expected that the client will
+// do so when handling the error. The 'authenticated' is ignored.
+//
+// If no error is returned, but authentication or authorization fails,
+// then authenticated must be false and error nil. It is expected that
+// the implementation handles writing to the ResponseWriter in this
+// case.
+//
+// Finally, if the authentication and authorization succeeds, then
+// authenticated must be true and error nil. The request will continue
+// to be processed.
+func (f *Federator) AuthenticateGetOutbox(ctx context.Context, w http.ResponseWriter, r *http.Request) (context.Context, bool, error) {
+ // TODO
+ return nil, false, nil
+}
+
+// GetOutbox returns the OrderedCollection inbox of the actor for this
+// context. It is up to the implementation to provide the correct
+// collection for the kind of authorization given in the request.
+//
+// AuthenticateGetOutbox will be called prior to this.
+//
+// Always called, regardless whether the Federated Protocol or Social
+// API is enabled.
+func (f *Federator) GetOutbox(ctx context.Context, r *http.Request) (vocab.ActivityStreamsOrderedCollectionPage, error) {
+ // TODO
+ return nil, nil
+}
+
+// NewTransport returns a new Transport on behalf of a specific actor.
+//
+// The actorBoxIRI will be either the inbox or outbox of an actor who is
+// attempting to do the dereferencing or delivery. Any authentication
+// scheme applied on the request must be based on this actor. The
+// request must contain some sort of credential of the user, such as a
+// HTTP Signature.
+//
+// The gofedAgent passed in should be used by the Transport
+// implementation in the User-Agent, as well as the application-specific
+// user agent string. The gofedAgent will indicate this library's use as
+// well as the library's version number.
+//
+// Any server-wide rate-limiting that needs to occur should happen in a
+// Transport implementation. This factory function allows this to be
+// created, so peer servers are not DOS'd.
+//
+// Any retry logic should also be handled by the Transport
+// implementation.
+//
+// Note that the library will not maintain a long-lived pointer to the
+// returned Transport so that any private credentials are able to be
+// garbage collected.
+func (f *Federator) NewTransport(ctx context.Context, actorBoxIRI *url.URL, gofedAgent string) (pub.Transport, error) {
+ // TODO
+ return nil, nil
+}
+
+/*
+ GOFED CLOCK INTERFACE
+ Determines the time.
+*/
+
+// Now returns the current time.
func (f *Federator) Now() time.Time {
return time.Now()
}
generated by cgit v1.2.3 (git 2.46.0) at 2025-07-13 14:50:50 +0000