Merge branch 'feature/activitypub-oauth-endpoints' into 'develop'

ActivityPub C2S oauth endpoints See merge request pleroma/pleroma!821
2019-02-14 02:50:06 +00:00 · 2019-02-14 02:50:06 +00:00 · bc9e5e6b65
parent 1ef4741861 64620d8980
commit bc9e5e6b65
4 changed files with 68 additions and 8 deletions
--- a/lib/pleroma/web/activity_pub/views/user_view.ex
+++ b/lib/pleroma/web/activity_pub/views/user_view.ex
@ -12,9 +12,26 @@ defmodule Pleroma.Web.ActivityPub.UserView do
  alias Pleroma.Web.ActivityPub.ActivityPub
  alias Pleroma.Web.ActivityPub.Transmogrifier
  alias Pleroma.Web.ActivityPub.Utils
+  alias Pleroma.Web.Router.Helpers
+  alias Pleroma.Web.Endpoint

  import Ecto.Query

+  def render("endpoints.json", %{user: %User{nickname: nil, local: true} = _user}) do
+    %{"sharedInbox" => Helpers.activity_pub_url(Endpoint, :inbox)}
+  end
+
+  def render("endpoints.json", %{user: %User{local: true} = _user}) do
+    %{
+      "oauthAuthorizationEndpoint" => Helpers.o_auth_url(Endpoint, :authorize),
+      "oauthRegistrationEndpoint" => Helpers.mastodon_api_url(Endpoint, :create_app),
+      "oauthTokenEndpoint" => Helpers.o_auth_url(Endpoint, :token_exchange),
+      "sharedInbox" => Helpers.activity_pub_url(Endpoint, :inbox)
+    }
+  end
+
+  def render("endpoints.json", _), do: %{}
+
  # the instance itself is not a Person, but instead an Application
  def render("user.json", %{user: %{nickname: nil} = user}) do
    {:ok, user} = WebFinger.ensure_keys_present(user)
@ -22,6 +39,8 @@ def render("user.json", %{user: %{nickname: nil} = user}) do
    public_key = :public_key.pem_entry_encode(:SubjectPublicKeyInfo, public_key)
    public_key = :public_key.pem_encode([public_key])

+    endpoints = render("endpoints.json", %{user: user})
+
    %{
      "id" => user.ap_id,
      "type" => "Application",
@ -37,9 +56,7 @@ def render("user.json", %{user: %{nickname: nil} = user}) do
        "owner" => user.ap_id,
        "publicKeyPem" => public_key
      },
-      "endpoints" => %{
-        "sharedInbox" => "#{Pleroma.Web.Endpoint.url()}/inbox"
-      }
+      "endpoints" => endpoints
    }
    |> Map.merge(Utils.make_json_ld_header())
  end
@ -50,6 +67,8 @@ def render("user.json", %{user: user}) do
    public_key = :public_key.pem_entry_encode(:SubjectPublicKeyInfo, public_key)
    public_key = :public_key.pem_encode([public_key])

+    endpoints = render("endpoints.json", %{user: user})
+
    %{
      "id" => user.ap_id,
      "type" => "Person",
@ -67,9 +86,7 @@ def render("user.json", %{user: user}) do
        "owner" => user.ap_id,
        "publicKeyPem" => public_key
      },
-      "endpoints" => %{
-        "sharedInbox" => "#{Pleroma.Web.Endpoint.url()}/inbox"
-      },
+      "endpoints" => endpoints,
      "icon" => %{
        "type" => "Image",
        "url" => User.avatar_url(user)
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@ -468,8 +468,8 @@ defmodule Pleroma.Web.Router do

  scope "/", Pleroma.Web.ActivityPub do
    pipe_through(:activitypub)
-    post("/users/:nickname/inbox", ActivityPubController, :inbox)
    post("/inbox", ActivityPubController, :inbox)
+    post("/users/:nickname/inbox", ActivityPubController, :inbox)
  end

  scope "/.well-known", Pleroma.Web do
--- a/priv/static/schemas/litepub-0.1.jsonld
+++ b/priv/static/schemas/litepub-0.1.jsonld
@ -19,7 +19,11 @@
            "value": "schema:value",
            "sensitive": "as:sensitive",
            "litepub": "http://litepub.social/ns#",
-            "directMessage": "litepub:directMessage"
+            "directMessage": "litepub:directMessage",
+            "oauthRegistrationEndpoint": {
+                "@id": "litepub:oauthRegistrationEndpoint",
+                "@type": "@id"
+            }
        }
    ]
 }
--- a/test/web/activity_pub/views/user_view_test.exs
+++ b/test/web/activity_pub/views/user_view_test.exs
@ -15,4 +15,43 @@ test "Renders a user, including the public key" do

    assert String.contains?(result["publicKey"]["publicKeyPem"], "BEGIN PUBLIC KEY")
  end
+
+  describe "endpoints" do
+    test "local users have a usable endpoints structure" do
+      user = insert(:user)
+      {:ok, user} = Pleroma.Web.WebFinger.ensure_keys_present(user)
+
+      result = UserView.render("user.json", %{user: user})
+
+      assert result["id"] == user.ap_id
+
+      %{
+        "sharedInbox" => _,
+        "oauthAuthorizationEndpoint" => _,
+        "oauthRegistrationEndpoint" => _,
+        "oauthTokenEndpoint" => _
+      } = result["endpoints"]
+    end
+
+    test "remote users have an empty endpoints structure" do
+      user = insert(:user, local: false)
+      {:ok, user} = Pleroma.Web.WebFinger.ensure_keys_present(user)
+
+      result = UserView.render("user.json", %{user: user})
+
+      assert result["id"] == user.ap_id
+      assert result["endpoints"] == %{}
+    end
+
+    test "instance users do not expose oAuth endpoints" do
+      user = insert(:user, nickname: nil, local: true)
+      {:ok, user} = Pleroma.Web.WebFinger.ensure_keys_present(user)
+
+      result = UserView.render("user.json", %{user: user})
+
+      refute result["endpoints"]["oauthAuthorizationEndpoint"]
+      refute result["endpoints"]["oauthRegistrationEndpoint"]
+      refute result["endpoints"]["oauthTokenEndpoint"]
+    end
+  end
 end