From de8b8e9cf15e5d0d084fbcdf73f5d637617c7744 Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Tue, 9 Feb 2021 14:41:58 -0600
Subject: [PATCH 01/20] Add a function to lookup client app details by the
 app_id

---
 lib/pleroma/web/o_auth/app.ex | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/lib/pleroma/web/o_auth/app.ex b/lib/pleroma/web/o_auth/app.ex
index 382750010..083b5ce09 100644
--- a/lib/pleroma/web/o_auth/app.ex
+++ b/lib/pleroma/web/o_auth/app.ex
@@ -146,4 +146,14 @@ def errors(changeset) do
         Map.put(acc, key, error)
     end)
   end
+
+  @spec get_app_by_id(pos_integer()) :: {:ok, map()}
+  def get_app_by_id(app_id) do
+    query =
+      __MODULE__
+      |> where([a], a.id == ^app_id)
+      |> select([a], %{name: a.client_name, website: a.website})
+
+    Repo.one!(query)
+  end
 end

From 3dc7e89c54ea3d2bf7e81d99ac4efac37cd00e6c Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Tue, 9 Feb 2021 18:07:15 -0600
Subject: [PATCH 02/20] Ensure we capture the application details into the
 object

---
 lib/pleroma/web/common_api/activity_draft.ex  |  1 +
 .../controllers/status_controller.ex          | 20 +++++++++++++++----
 2 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/lib/pleroma/web/common_api/activity_draft.ex b/lib/pleroma/web/common_api/activity_draft.ex
index fb059c27c..d7dcdad90 100644
--- a/lib/pleroma/web/common_api/activity_draft.ex
+++ b/lib/pleroma/web/common_api/activity_draft.ex
@@ -190,6 +190,7 @@ defp object(draft) do
       Utils.make_note_data(draft)
       |> Map.put("emoji", emoji)
       |> Map.put("source", draft.status)
+      |> Map.put("application", draft.params[:application])
 
     %__MODULE__{draft | object: object}
   end
diff --git a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
index 4cf2ee35c..47a5bbd60 100644
--- a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
@@ -132,13 +132,15 @@ def index(%{assigns: %{user: user}} = conn, %{ids: ids} = params) do
   # Creates a scheduled status when `scheduled_at` param is present and it's far enough
   def create(
         %{
-          assigns: %{user: user},
+          assigns: %{user: user, token: %{app_id: app_id}},
           body_params: %{status: _, scheduled_at: scheduled_at} = params
         } = conn,
         _
       )
       when not is_nil(scheduled_at) do
-    params = Map.put(params, :in_reply_to_status_id, params[:in_reply_to_id])
+    params =
+      Map.put(params, :in_reply_to_status_id, params[:in_reply_to_id])
+      |> add_application(app_id)
 
     attrs = %{
       params: Map.new(params, fn {key, value} -> {to_string(key), value} end),
@@ -161,8 +163,14 @@ def create(
   end
 
   # Creates a regular status
-  def create(%{assigns: %{user: user}, body_params: %{status: _} = params} = conn, _) do
-    params = Map.put(params, :in_reply_to_status_id, params[:in_reply_to_id])
+  def create(
+        %{assigns: %{user: user, token: %{app_id: app_id}}, body_params: %{status: _} = params} =
+          conn,
+        _
+      ) do
+    params =
+      Map.put(params, :in_reply_to_status_id, params[:in_reply_to_id])
+      |> add_application(app_id)
 
     with {:ok, activity} <- CommonAPI.post(user, params) do
       try_render(conn, "show.json",
@@ -414,4 +422,8 @@ def bookmarks(%{assigns: %{user: user}} = conn, params) do
       as: :activity
     )
   end
+
+  defp add_application(params, app_id) do
+    params |> Map.put(:application, Pleroma.Web.OAuth.App.get_app_by_id(app_id))
+  end
 end

From 981349f21d401da55168fdb00b245e3dccea1afd Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Tue, 9 Feb 2021 18:19:20 -0600
Subject: [PATCH 03/20] Enable rendering of the client application data details

---
 lib/pleroma/web/mastodon_api/views/status_view.ex | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/lib/pleroma/web/mastodon_api/views/status_view.ex b/lib/pleroma/web/mastodon_api/views/status_view.ex
index 2cd6732fe..e4f623b97 100644
--- a/lib/pleroma/web/mastodon_api/views/status_view.ex
+++ b/lib/pleroma/web/mastodon_api/views/status_view.ex
@@ -180,10 +180,7 @@ def render(
       media_attachments: reblogged[:media_attachments] || [],
       mentions: mentions,
       tags: reblogged[:tags] || [],
-      application: %{
-        name: "Web",
-        website: nil
-      },
+      application: activity_object.data["application"],
       language: nil,
       emojis: [],
       pleroma: %{
@@ -348,10 +345,7 @@ def render("show.json", %{activity: %{data: %{"object" => _object}} = activity}
       poll: render(PollView, "show.json", object: object, for: opts[:for]),
       mentions: mentions,
       tags: build_tags(tags),
-      application: %{
-        name: "Web",
-        website: nil
-      },
+      application: object.data["application"],
       language: nil,
       emojis: build_emojis(object.data["emoji"]),
       pleroma: %{

From 4540e08a6a19cea753e1271ebc9f79bf2e4c47ce Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Tue, 9 Feb 2021 18:51:59 -0600
Subject: [PATCH 04/20] Rendering fallback for when we don't have valid data
 available

---
 lib/pleroma/web/mastodon_api/views/status_view.ex | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/pleroma/web/mastodon_api/views/status_view.ex b/lib/pleroma/web/mastodon_api/views/status_view.ex
index e4f623b97..38960c256 100644
--- a/lib/pleroma/web/mastodon_api/views/status_view.ex
+++ b/lib/pleroma/web/mastodon_api/views/status_view.ex
@@ -180,7 +180,7 @@ def render(
       media_attachments: reblogged[:media_attachments] || [],
       mentions: mentions,
       tags: reblogged[:tags] || [],
-      application: activity_object.data["application"],
+      application: activity_object.data["application"] || %{name: "Web", website: nil},
       language: nil,
       emojis: [],
       pleroma: %{
@@ -345,7 +345,7 @@ def render("show.json", %{activity: %{data: %{"object" => _object}} = activity}
       poll: render(PollView, "show.json", object: object, for: opts[:for]),
       mentions: mentions,
       tags: build_tags(tags),
-      application: object.data["application"],
+      application: object.data["application"] || %{name: "Web", website: nil},
       language: nil,
       emojis: build_emojis(object.data["emoji"]),
       pleroma: %{

From 09b8378646122053e418e08d2cb35d154c01e52c Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Thu, 11 Feb 2021 14:15:25 -0600
Subject: [PATCH 05/20] %Token{} may not be in the conn, so avoid breaking the
 ability to post statuses in that scenario.

---
 .../mastodon_api/controllers/status_controller.ex   | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
index 47a5bbd60..6eb518684 100644
--- a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
@@ -132,7 +132,7 @@ def index(%{assigns: %{user: user}} = conn, %{ids: ids} = params) do
   # Creates a scheduled status when `scheduled_at` param is present and it's far enough
   def create(
         %{
-          assigns: %{user: user, token: %{app_id: app_id}},
+          assigns: %{user: user},
           body_params: %{status: _, scheduled_at: scheduled_at} = params
         } = conn,
         _
@@ -140,7 +140,7 @@ def create(
       when not is_nil(scheduled_at) do
     params =
       Map.put(params, :in_reply_to_status_id, params[:in_reply_to_id])
-      |> add_application(app_id)
+      |> add_application(conn)
 
     attrs = %{
       params: Map.new(params, fn {key, value} -> {to_string(key), value} end),
@@ -164,13 +164,12 @@ def create(
 
   # Creates a regular status
   def create(
-        %{assigns: %{user: user, token: %{app_id: app_id}}, body_params: %{status: _} = params} =
-          conn,
+        %{assigns: %{user: user}, body_params: %{status: _} = params} = conn,
         _
       ) do
     params =
       Map.put(params, :in_reply_to_status_id, params[:in_reply_to_id])
-      |> add_application(app_id)
+      |> add_application(conn)
 
     with {:ok, activity} <- CommonAPI.post(user, params) do
       try_render(conn, "show.json",
@@ -423,7 +422,9 @@ def bookmarks(%{assigns: %{user: user}} = conn, params) do
     )
   end
 
-  defp add_application(params, app_id) do
+  defp add_application(params, %{assigns: %{token: %{app_id: app_id}}} = _conn) do
     params |> Map.put(:application, Pleroma.Web.OAuth.App.get_app_by_id(app_id))
   end
+
+  defp add_application(params, _), do: Map.put(params, :application, %{name: "Web", website: nil})
 end

From 7c508319a57f3ba50ddae03dc72aa83d1cd044cf Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Thu, 11 Feb 2021 14:19:53 -0600
Subject: [PATCH 06/20] Prefer naming this put_application because we're
 putting it into the params map

---
 .../web/mastodon_api/controllers/status_controller.ex     | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
index 6eb518684..a54357f93 100644
--- a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
@@ -140,7 +140,7 @@ def create(
       when not is_nil(scheduled_at) do
     params =
       Map.put(params, :in_reply_to_status_id, params[:in_reply_to_id])
-      |> add_application(conn)
+      |> put_application(conn)
 
     attrs = %{
       params: Map.new(params, fn {key, value} -> {to_string(key), value} end),
@@ -169,7 +169,7 @@ def create(
       ) do
     params =
       Map.put(params, :in_reply_to_status_id, params[:in_reply_to_id])
-      |> add_application(conn)
+      |> put_application(conn)
 
     with {:ok, activity} <- CommonAPI.post(user, params) do
       try_render(conn, "show.json",
@@ -422,9 +422,9 @@ def bookmarks(%{assigns: %{user: user}} = conn, params) do
     )
   end
 
-  defp add_application(params, %{assigns: %{token: %{app_id: app_id}}} = _conn) do
+  defp put_application(params, %{assigns: %{token: %{app_id: app_id}}} = _conn) do
     params |> Map.put(:application, Pleroma.Web.OAuth.App.get_app_by_id(app_id))
   end
 
-  defp add_application(params, _), do: Map.put(params, :application, %{name: "Web", website: nil})
+  defp put_application(params, _), do: Map.put(params, :application, %{name: "Web", website: nil})
 end

From 6dc0b13cf850c4aee7c9f84df0f97467434e6d2b Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Thu, 11 Feb 2021 14:22:58 -0600
Subject: [PATCH 07/20] Revert to original formatting for these function defs

---
 .../web/mastodon_api/controllers/status_controller.ex        | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
index a54357f93..c8f6a2994 100644
--- a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
@@ -163,10 +163,7 @@ def create(
   end
 
   # Creates a regular status
-  def create(
-        %{assigns: %{user: user}, body_params: %{status: _} = params} = conn,
-        _
-      ) do
+  def create(%{assigns: %{user: user}, body_params: %{status: _} = params} = conn, _) do
     params =
       Map.put(params, :in_reply_to_status_id, params[:in_reply_to_id])
       |> put_application(conn)

From c1d78328ee38fb2bc6c6f56c26588557f27365a9 Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Thu, 11 Feb 2021 14:27:52 -0600
Subject: [PATCH 08/20] Consistency

---
 lib/pleroma/web/mastodon_api/controllers/status_controller.ex | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
index c8f6a2994..ec3e79ea7 100644
--- a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
@@ -420,7 +420,7 @@ def bookmarks(%{assigns: %{user: user}} = conn, params) do
   end
 
   defp put_application(params, %{assigns: %{token: %{app_id: app_id}}} = _conn) do
-    params |> Map.put(:application, Pleroma.Web.OAuth.App.get_app_by_id(app_id))
+    Map.put(params, :application, Pleroma.Web.OAuth.App.get_app_by_id(app_id))
   end
 
   defp put_application(params, _), do: Map.put(params, :application, %{name: "Web", website: nil})

From 333ff527fd44bce06b7c7e7450494ea929017b56 Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Thu, 11 Feb 2021 15:07:21 -0600
Subject: [PATCH 09/20] Validate client application metadata is retained in the
 object

---
 .../controllers/status_controller_test.exs      | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs b/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs
index dcd1e6d5b..fada7c25c 100644
--- a/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs
+++ b/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs
@@ -357,6 +357,23 @@ test "posting a direct status", %{conn: conn} do
       assert activity.data["to"] == [user2.ap_id]
       assert activity.data["cc"] == []
     end
+
+    test "preserves client application metadata", %{conn: conn} do
+      result =
+        conn
+        |> put_req_header("content-type", "application/json")
+        |> post("/api/v1/statuses", %{
+          "status" => "cofe is my copilot"
+        })
+
+      assert %{
+               "content" => "cofe is my copilot",
+               "application" => %{
+                 "name" => "Some client 0",
+                 "website" => "https://example.com"
+               }
+             } = json_response_and_validate_schema(result, 200)
+    end
   end
 
   describe "posting scheduled statuses" do

From 4b979538bcc0861ed81b6af72bbe48af07425c18 Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Thu, 11 Feb 2021 15:10:53 -0600
Subject: [PATCH 10/20] Document the application metadata is now retained as
 part of the post.

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index bbd898bdf..69b9e2c52 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -53,6 +53,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - Ability to define custom HTTP headers per each frontend
 - MRF (`NoEmptyPolicy`): New MRF Policy which will deny empty statuses or statuses of only mentions from being created by local users
 - New users will receive a simple email confirming their registration if no other emails will be dispatched. (e.g., Welcome, Confirmation, or Approval Required)
+- The `application` metadata returned with statuses is no longer hardcoded. Apps that want to display these details will now have valid data for new posts after this change.
 
 <details>
   <summary>API Changes</summary>

From bd3d0e8b57f6a27b8c833d11f4b98d4dbfd846ad Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Thu, 11 Feb 2021 15:53:10 -0600
Subject: [PATCH 11/20] Use a custom oauth token so we can predict and validate
 the client_name and website

---
 .../controllers/status_controller_test.exs        | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs b/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs
index fada7c25c..1ca829544 100644
--- a/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs
+++ b/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs
@@ -358,7 +358,16 @@ test "posting a direct status", %{conn: conn} do
       assert activity.data["cc"] == []
     end
 
-    test "preserves client application metadata", %{conn: conn} do
+    test "preserves client application metadata" do
+      %{user: _user, token: token, conn: conn} = oauth_access(["write:statuses"])
+
+      %Pleroma.Web.OAuth.Token{
+        app: %Pleroma.Web.OAuth.App{
+          client_name: _app_name,
+          website: _app_website
+        }
+      } = token
+
       result =
         conn
         |> put_req_header("content-type", "application/json")
@@ -369,8 +378,8 @@ test "preserves client application metadata", %{conn: conn} do
       assert %{
                "content" => "cofe is my copilot",
                "application" => %{
-                 "name" => "Some client 0",
-                 "website" => "https://example.com"
+                 "name" => app_name,
+                 "website" => app_website
                }
              } = json_response_and_validate_schema(result, 200)
     end

From 9b61df1fb64c49a4ad6277862d1405a27ad1c0da Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Fri, 12 Feb 2021 12:44:45 -0600
Subject: [PATCH 12/20] App is already preloaded into the token, so avoid an
 extra query

---
 .../web/mastodon_api/controllers/status_controller.ex  |  6 ++++--
 lib/pleroma/web/o_auth/app.ex                          | 10 ----------
 2 files changed, 4 insertions(+), 12 deletions(-)

diff --git a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
index ec3e79ea7..db3f248e5 100644
--- a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
@@ -21,6 +21,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusController do
   alias Pleroma.Web.CommonAPI
   alias Pleroma.Web.MastodonAPI.AccountView
   alias Pleroma.Web.MastodonAPI.ScheduledActivityView
+  alias Pleroma.Web.OAuth.Token
   alias Pleroma.Web.Plugs.OAuthScopesPlug
   alias Pleroma.Web.Plugs.RateLimiter
 
@@ -419,8 +420,9 @@ def bookmarks(%{assigns: %{user: user}} = conn, params) do
     )
   end
 
-  defp put_application(params, %{assigns: %{token: %{app_id: app_id}}} = _conn) do
-    Map.put(params, :application, Pleroma.Web.OAuth.App.get_app_by_id(app_id))
+  defp put_application(params, %{assigns: %{token: %Token{} = token}} = _conn) do
+    %{client_name: client_name, website: website} = Repo.preload(token, :app).app
+    Map.put(params, :application, %{name: client_name, website: website})
   end
 
   defp put_application(params, _), do: Map.put(params, :application, %{name: "Web", website: nil})
diff --git a/lib/pleroma/web/o_auth/app.ex b/lib/pleroma/web/o_auth/app.ex
index 083b5ce09..382750010 100644
--- a/lib/pleroma/web/o_auth/app.ex
+++ b/lib/pleroma/web/o_auth/app.ex
@@ -146,14 +146,4 @@ def errors(changeset) do
         Map.put(acc, key, error)
     end)
   end
-
-  @spec get_app_by_id(pos_integer()) :: {:ok, map()}
-  def get_app_by_id(app_id) do
-    query =
-      __MODULE__
-      |> where([a], a.id == ^app_id)
-      |> select([a], %{name: a.client_name, website: a.website})
-
-    Repo.one!(query)
-  end
 end

From 3554a65f45d0e513e5e23e987f6f8fb1da5e8525 Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Fri, 12 Feb 2021 13:05:12 -0600
Subject: [PATCH 13/20] Inject fake application metadata and validate it is
 stripped by transmogrifier

---
 lib/pleroma/constants.ex                              | 3 ++-
 test/pleroma/web/activity_pub/transmogrifier_test.exs | 7 ++++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/lib/pleroma/constants.ex b/lib/pleroma/constants.ex
index a40741ba6..9ee836d5d 100644
--- a/lib/pleroma/constants.ex
+++ b/lib/pleroma/constants.ex
@@ -18,7 +18,8 @@ defmodule Pleroma.Constants do
       "emoji",
       "context_id",
       "deleted_activity_id",
-      "pleroma_internal"
+      "pleroma_internal",
+      "application"
     ]
   )
 
diff --git a/test/pleroma/web/activity_pub/transmogrifier_test.exs b/test/pleroma/web/activity_pub/transmogrifier_test.exs
index 7c97fa8f8..2c99875ff 100644
--- a/test/pleroma/web/activity_pub/transmogrifier_test.exs
+++ b/test/pleroma/web/activity_pub/transmogrifier_test.exs
@@ -202,7 +202,11 @@ test "it strips internal hashtag data" do
     test "it strips internal fields" do
       user = insert(:user)
 
-      {:ok, activity} = CommonAPI.post(user, %{status: "#2hu :firefox:"})
+      {:ok, activity} =
+        CommonAPI.post(user, %{
+          status: "#2hu :firefox:",
+          application: %{name: "TestClient", website: "https://pleroma.social"}
+        })
 
       {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)
 
@@ -213,6 +217,7 @@ test "it strips internal fields" do
       assert is_nil(modified["object"]["announcements"])
       assert is_nil(modified["object"]["announcement_count"])
       assert is_nil(modified["object"]["context_id"])
+      assert is_nil(modified["object"]["application"])
     end
 
     test "it strips internal fields of article" do

From fb2a8e7ccd6cfbfb9bc226998a083405fcebcbe0 Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Fri, 12 Feb 2021 13:15:33 -0600
Subject: [PATCH 14/20] Additional validation so we don't get caught off guard
 with a nil response if CommonAPI ever prevents us from injecting this data

---
 test/pleroma/web/activity_pub/transmogrifier_test.exs | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/test/pleroma/web/activity_pub/transmogrifier_test.exs b/test/pleroma/web/activity_pub/transmogrifier_test.exs
index 2c99875ff..33ccbe2a7 100644
--- a/test/pleroma/web/activity_pub/transmogrifier_test.exs
+++ b/test/pleroma/web/activity_pub/transmogrifier_test.exs
@@ -208,6 +208,12 @@ test "it strips internal fields" do
           application: %{name: "TestClient", website: "https://pleroma.social"}
         })
 
+      # Ensure injected application data made it into the activity
+      # as we don't have a Token to derive it from, otherwise it will
+      # be nil and the test will pass
+      assert %{"application" => %{name: "TestClient", website: "https://pleroma.social"}} =
+               activity.object.data
+
       {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)
 
       assert length(modified["object"]["tag"]) == 2

From d5ef02c7a7905dc2053298045873b365d2411cde Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Thu, 18 Feb 2021 16:35:03 -0600
Subject: [PATCH 15/20] Mastodon makes this field null when posting with
 MastoFE or if you choose to not disclose it, so it's safe to be null by
 default

---
 lib/pleroma/web/api_spec/schemas/status.ex                   | 5 +++--
 .../web/mastodon_api/controllers/status_controller.ex        | 2 +-
 lib/pleroma/web/mastodon_api/views/status_view.ex            | 4 ++--
 test/pleroma/web/mastodon_api/views/status_view_test.exs     | 5 +----
 4 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/lib/pleroma/web/api_spec/schemas/status.ex b/lib/pleroma/web/api_spec/schemas/status.ex
index 61ebd8089..42fa98718 100644
--- a/lib/pleroma/web/api_spec/schemas/status.ex
+++ b/lib/pleroma/web/api_spec/schemas/status.ex
@@ -23,9 +23,10 @@ defmodule Pleroma.Web.ApiSpec.Schemas.Status do
       application: %Schema{
         description: "The application used to post this status",
         type: :object,
+        nullable: true,
         properties: %{
           name: %Schema{type: :string},
-          website: %Schema{type: :string, nullable: true, format: :uri}
+          website: %Schema{type: :string, format: :uri}
         }
       },
       bookmarked: %Schema{type: :boolean, description: "Have you bookmarked this status?"},
@@ -291,7 +292,7 @@ defmodule Pleroma.Web.ApiSpec.Schemas.Status do
         "url" => "http://localhost:4001/users/nick6",
         "username" => "nick6"
       },
-      "application" => %{"name" => "Web", "website" => nil},
+      "application" => nil,
       "bookmarked" => false,
       "card" => nil,
       "content" => "foobar",
diff --git a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
index db3f248e5..2e63c8869 100644
--- a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
@@ -425,5 +425,5 @@ defp put_application(params, %{assigns: %{token: %Token{} = token}} = _conn) do
     Map.put(params, :application, %{name: client_name, website: website})
   end
 
-  defp put_application(params, _), do: Map.put(params, :application, %{name: "Web", website: nil})
+  defp put_application(params, _), do: Map.put(params, :application, nil)
 end
diff --git a/lib/pleroma/web/mastodon_api/views/status_view.ex b/lib/pleroma/web/mastodon_api/views/status_view.ex
index 38960c256..a45650988 100644
--- a/lib/pleroma/web/mastodon_api/views/status_view.ex
+++ b/lib/pleroma/web/mastodon_api/views/status_view.ex
@@ -180,7 +180,7 @@ def render(
       media_attachments: reblogged[:media_attachments] || [],
       mentions: mentions,
       tags: reblogged[:tags] || [],
-      application: activity_object.data["application"] || %{name: "Web", website: nil},
+      application: activity_object.data["application"] || nil,
       language: nil,
       emojis: [],
       pleroma: %{
@@ -345,7 +345,7 @@ def render("show.json", %{activity: %{data: %{"object" => _object}} = activity}
       poll: render(PollView, "show.json", object: object, for: opts[:for]),
       mentions: mentions,
       tags: build_tags(tags),
-      application: object.data["application"] || %{name: "Web", website: nil},
+      application: object.data["application"] || nil,
       language: nil,
       emojis: build_emojis(object.data["emoji"]),
       pleroma: %{
diff --git a/test/pleroma/web/mastodon_api/views/status_view_test.exs b/test/pleroma/web/mastodon_api/views/status_view_test.exs
index ed59cf285..2de3afc4f 100644
--- a/test/pleroma/web/mastodon_api/views/status_view_test.exs
+++ b/test/pleroma/web/mastodon_api/views/status_view_test.exs
@@ -266,10 +266,7 @@ test "a note activity" do
           url: "http://localhost:4001/tag/#{object_data["tag"]}"
         }
       ],
-      application: %{
-        name: "Web",
-        website: nil
-      },
+      application: nil,
       language: nil,
       emojis: [
         %{

From 83301fe61aa3d453b7c12ee1f5465d9802d07370 Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Thu, 18 Feb 2021 16:43:41 -0600
Subject: [PATCH 16/20] Add field to user schema for controlling disclosure of
 client details

---
 lib/pleroma/user.ex                               |  1 +
 ...0210218223811_add_disclose_client_to_users.exs | 15 +++++++++++++++
 2 files changed, 16 insertions(+)
 create mode 100644 priv/repo/migrations/20210218223811_add_disclose_client_to_users.exs

diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex
index 51f5bc8ea..a52089d7b 100644
--- a/lib/pleroma/user.ex
+++ b/lib/pleroma/user.ex
@@ -147,6 +147,7 @@ defmodule Pleroma.User do
     field(:shared_inbox, :string)
     field(:accepts_chat_messages, :boolean, default: nil)
     field(:last_active_at, :naive_datetime)
+    field(:disclose_client, :boolean, default: true)
 
     embeds_one(
       :notification_settings,
diff --git a/priv/repo/migrations/20210218223811_add_disclose_client_to_users.exs b/priv/repo/migrations/20210218223811_add_disclose_client_to_users.exs
new file mode 100644
index 000000000..c6b6fe7b2
--- /dev/null
+++ b/priv/repo/migrations/20210218223811_add_disclose_client_to_users.exs
@@ -0,0 +1,15 @@
+defmodule Pleroma.Repo.Migrations.AddDiscloseClientToUsers do
+  use Ecto.Migration
+
+  def up do
+    alter table(:users) do
+      add(:disclose_client, :boolean, default: true)
+    end
+  end
+
+  def down do
+    alter table(:users) do
+      remove(:disclose_client)
+    end
+  end
+end

From 63739c5a58ccb65dd4a63019b270429d5a462e71 Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Thu, 18 Feb 2021 17:23:17 -0600
Subject: [PATCH 17/20] Tests to validate client disclosure obeys user setting

---
 .../controllers/status_controller.ex          | 10 ++++++---
 .../controllers/status_controller_test.exs    | 22 +++++++++++++++++--
 2 files changed, 27 insertions(+), 5 deletions(-)

diff --git a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
index 2e63c8869..2655d6b6e 100644
--- a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
@@ -420,9 +420,13 @@ def bookmarks(%{assigns: %{user: user}} = conn, params) do
     )
   end
 
-  defp put_application(params, %{assigns: %{token: %Token{} = token}} = _conn) do
-    %{client_name: client_name, website: website} = Repo.preload(token, :app).app
-    Map.put(params, :application, %{name: client_name, website: website})
+  defp put_application(params, %{assigns: %{token: %Token{user: %User{} = user} = token}} = _conn) do
+    if user.disclose_client do
+      %{client_name: client_name, website: website} = Repo.preload(token, :app).app
+      Map.put(params, :application, %{name: client_name, website: website})
+    else
+      Map.put(params, :application, nil)
+    end
   end
 
   defp put_application(params, _), do: Map.put(params, :application, nil)
diff --git a/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs b/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs
index 1ca829544..bae2ad4bf 100644
--- a/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs
+++ b/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs
@@ -358,8 +358,9 @@ test "posting a direct status", %{conn: conn} do
       assert activity.data["cc"] == []
     end
 
-    test "preserves client application metadata" do
-      %{user: _user, token: token, conn: conn} = oauth_access(["write:statuses"])
+    test "discloses application metadata when enabled" do
+      user = insert(:user, disclose_client: true)
+      %{user: _user, token: token, conn: conn} = oauth_access(["write:statuses"], user: user)
 
       %Pleroma.Web.OAuth.Token{
         app: %Pleroma.Web.OAuth.App{
@@ -383,6 +384,23 @@ test "preserves client application metadata" do
                }
              } = json_response_and_validate_schema(result, 200)
     end
+
+    test "hides application metadata when disabled" do
+      user = insert(:user, disclose_client: false)
+      %{user: _user, token: _token, conn: conn} = oauth_access(["write:statuses"], user: user)
+
+      result =
+        conn
+        |> put_req_header("content-type", "application/json")
+        |> post("/api/v1/statuses", %{
+          "status" => "club mate is my wingman"
+        })
+
+      assert %{
+               "content" => "club mate is my wingman",
+               "application" => nil
+             } = json_response_and_validate_schema(result, 200)
+    end
   end
 
   describe "posting scheduled statuses" do

From 26b620d67652b3b7733354c4492465978f53fafb Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Thu, 18 Feb 2021 17:50:46 -0600
Subject: [PATCH 18/20] Permit :disclose_client in changesets

---
 lib/pleroma/user.ex | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex
index a52089d7b..9942617d8 100644
--- a/lib/pleroma/user.ex
+++ b/lib/pleroma/user.ex
@@ -514,7 +514,8 @@ def update_changeset(struct, params \\ %{}) do
         :pleroma_settings_store,
         :is_discoverable,
         :actor_type,
-        :accepts_chat_messages
+        :accepts_chat_messages,
+        :disclose_client
       ]
     )
     |> unique_constraint(:nickname)

From d35b6254b4540394a134e026289a2c09bfe42ddd Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Fri, 26 Feb 2021 18:14:57 -0600
Subject: [PATCH 19/20] Store the client application data in ActivityStreams
 format

---
 .../web/mastodon_api/controllers/status_controller.ex    | 2 +-
 lib/pleroma/web/mastodon_api/views/status_view.ex        | 8 ++++++--
 test/pleroma/web/activity_pub/transmogrifier_test.exs    | 9 ++++++---
 3 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
index 2655d6b6e..b8a7b2a0a 100644
--- a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
@@ -423,7 +423,7 @@ def bookmarks(%{assigns: %{user: user}} = conn, params) do
   defp put_application(params, %{assigns: %{token: %Token{user: %User{} = user} = token}} = _conn) do
     if user.disclose_client do
       %{client_name: client_name, website: website} = Repo.preload(token, :app).app
-      Map.put(params, :application, %{name: client_name, website: website})
+      Map.put(params, :application, %{type: "Application", name: client_name, url: website})
     else
       Map.put(params, :application, nil)
     end
diff --git a/lib/pleroma/web/mastodon_api/views/status_view.ex b/lib/pleroma/web/mastodon_api/views/status_view.ex
index a45650988..792197a4a 100644
--- a/lib/pleroma/web/mastodon_api/views/status_view.ex
+++ b/lib/pleroma/web/mastodon_api/views/status_view.ex
@@ -180,7 +180,7 @@ def render(
       media_attachments: reblogged[:media_attachments] || [],
       mentions: mentions,
       tags: reblogged[:tags] || [],
-      application: activity_object.data["application"] || nil,
+      application: build_application(activity_object.data["application"]),
       language: nil,
       emojis: [],
       pleroma: %{
@@ -345,7 +345,7 @@ def render("show.json", %{activity: %{data: %{"object" => _object}} = activity}
       poll: render(PollView, "show.json", object: object, for: opts[:for]),
       mentions: mentions,
       tags: build_tags(tags),
-      application: object.data["application"] || nil,
+      application: build_application(object.data["application"]),
       language: nil,
       emojis: build_emojis(object.data["emoji"]),
       pleroma: %{
@@ -534,4 +534,8 @@ defp build_emoji_map(emoji, users, current_user) do
       me: !!(current_user && current_user.ap_id in users)
     }
   end
+
+  @spec build_application(map() | nil) :: map() | nil
+  defp build_application(%{type: _type, name: name, url: url}), do: %{name: name, website: url}
+  defp build_application(_), do: nil
 end
diff --git a/test/pleroma/web/activity_pub/transmogrifier_test.exs b/test/pleroma/web/activity_pub/transmogrifier_test.exs
index 33ccbe2a7..f6a8cbb6f 100644
--- a/test/pleroma/web/activity_pub/transmogrifier_test.exs
+++ b/test/pleroma/web/activity_pub/transmogrifier_test.exs
@@ -205,14 +205,17 @@ test "it strips internal fields" do
       {:ok, activity} =
         CommonAPI.post(user, %{
           status: "#2hu :firefox:",
-          application: %{name: "TestClient", website: "https://pleroma.social"}
+          application: %{type: "Application", name: "TestClient", url: "https://pleroma.social"}
         })
 
       # Ensure injected application data made it into the activity
       # as we don't have a Token to derive it from, otherwise it will
       # be nil and the test will pass
-      assert %{"application" => %{name: "TestClient", website: "https://pleroma.social"}} =
-               activity.object.data
+      assert %{
+               type: "Application",
+               name: "TestClient",
+               url: "https://pleroma.social"
+             } == activity.object.data["application"]
 
       {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)
 

From 0faf8dbef8f0d77fdd42b36ade4d55c42f0ccc8c Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@feld.me>
Date: Sun, 28 Feb 2021 09:04:29 -0600
Subject: [PATCH 20/20] Simplify migration

---
 .../20210218223811_add_disclose_client_to_users.exs       | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/priv/repo/migrations/20210218223811_add_disclose_client_to_users.exs b/priv/repo/migrations/20210218223811_add_disclose_client_to_users.exs
index c6b6fe7b2..37c5776ff 100644
--- a/priv/repo/migrations/20210218223811_add_disclose_client_to_users.exs
+++ b/priv/repo/migrations/20210218223811_add_disclose_client_to_users.exs
@@ -1,15 +1,9 @@
 defmodule Pleroma.Repo.Migrations.AddDiscloseClientToUsers do
   use Ecto.Migration
 
-  def up do
+  def change do
     alter table(:users) do
       add(:disclose_client, :boolean, default: true)
     end
   end
-
-  def down do
-    alter table(:users) do
-      remove(:disclose_client)
-    end
-  end
 end