explorer.php 18 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465
  1. <?php
  2. /**
  3. * GNU social - a federating social network
  4. *
  5. * ActivityPubPlugin implementation for GNU Social
  6. *
  7. * LICENCE: This program is free software: you can redistribute it and/or modify
  8. * it under the terms of the GNU Affero General Public License as published by
  9. * the Free Software Foundation, either version 3 of the License, or
  10. * (at your option) any later version.
  11. *
  12. * This program is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU Affero General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU Affero General Public License
  18. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  19. *
  20. * @category Plugin
  21. * @package GNUsocial
  22. * @author Diogo Cordeiro <diogo@fc.up.pt>
  23. * @copyright 2018 Free Software Foundation http://fsf.org
  24. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  25. * @link https://www.gnu.org/software/social/
  26. */
  27. if (!defined('GNUSOCIAL')) {
  28. exit(1);
  29. }
  30. /**
  31. * ActivityPub's own Explorer
  32. *
  33. * Allows to discovery new (or the same) Profiles (both local or remote)
  34. *
  35. * @category Plugin
  36. * @package GNUsocial
  37. * @author Diogo Cordeiro <diogo@fc.up.pt>
  38. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  39. * @link http://www.gnu.org/software/social/
  40. */
  41. class Activitypub_explorer
  42. {
  43. private $discovered_actor_profiles = [];
  44. /**
  45. * Shortcut function to get a single profile from its URL.
  46. *
  47. * @author Diogo Cordeiro <diogo@fc.up.pt>
  48. * @param string $url
  49. * @return Profile
  50. * @throws Exception
  51. */
  52. public static function get_profile_from_url($url)
  53. {
  54. $discovery = new Activitypub_explorer;
  55. // Get valid Actor object
  56. $actor_profile = $discovery->lookup($url);
  57. if (!empty($actor_profile)) {
  58. return $actor_profile[0];
  59. }
  60. throw new Exception('Invalid Actor.');
  61. }
  62. /**
  63. * Get every profile from the given URL
  64. * This function cleans the $this->discovered_actor_profiles array
  65. * so that there is no erroneous data
  66. *
  67. * @author Diogo Cordeiro <diogo@fc.up.pt>
  68. * @param string $url User's url
  69. * @return array of Profile objects
  70. */
  71. public function lookup($url)
  72. {
  73. if (in_array($url, ACTIVITYPUB_PUBLIC_TO)) {
  74. return [];
  75. }
  76. common_debug('ActivityPub Explorer: Started now looking for '.$url);
  77. $this->discovered_actor_profiles = [];
  78. return $this->_lookup($url);
  79. }
  80. /**
  81. * Get every profile from the given URL
  82. * This is a recursive function that will accumulate the results on
  83. * $discovered_actor_profiles array
  84. *
  85. * @author Diogo Cordeiro <diogo@fc.up.pt>
  86. * @param string $url User's url
  87. * @return array of Profile objects
  88. */
  89. private function _lookup($url)
  90. {
  91. // First check if we already have it locally and, if so, return it
  92. // If the local fetch fails: grab it remotely, store locally and return
  93. if (! ($this->grab_local_user($url) || $this->grab_remote_user($url))) {
  94. throw new Exception('User not found.');
  95. }
  96. return $this->discovered_actor_profiles;
  97. }
  98. /**
  99. * This ensures that we are using a valid ActivityPub URI
  100. *
  101. * @author Diogo Cordeiro <diogo@fc.up.pt>
  102. * @param string $url
  103. * @return boolean success state (related to the response)
  104. * @throws Exception (If the HTTP request fails)
  105. */
  106. private function ensure_proper_remote_uri($url)
  107. {
  108. $client = new HTTPClient();
  109. $headers = [];
  110. $headers[] = 'Accept: application/ld+json; profile="https://www.w3.org/ns/activitystreams"';
  111. $headers[] = 'User-Agent: GNUSocialBot v0.1 - https://gnu.io/social';
  112. $response = $client->get($url, $headers);
  113. $res = json_decode($response->getBody(), true);
  114. if (self::validate_remote_response($res)) {
  115. $this->temp_res = $res;
  116. return true;
  117. } else {
  118. common_debug('ActivityPub Explorer: Invalid potential remote actor while ensuring URI: '.$url. '. He returned the following: '.json_encode($res, JSON_UNESCAPED_SLASHES));
  119. }
  120. return false;
  121. }
  122. /**
  123. * Get a local user profile from its URL and joins it on
  124. * $this->discovered_actor_profiles
  125. *
  126. * @author Diogo Cordeiro <diogo@fc.up.pt>
  127. * @param string $uri Actor's uri
  128. * @return boolean success state
  129. */
  130. private function grab_local_user($uri, $online = false)
  131. {
  132. if ($online) {
  133. common_debug('ActivityPub Explorer: Searching locally for '.$uri. ' with online resources.');
  134. } else {
  135. common_debug('ActivityPub Explorer: Searching locally for '.$uri. ' offline.');
  136. }
  137. // Ensure proper remote URI
  138. // If an exception occurs here it's better to just leave everything
  139. // break than to continue processing
  140. if ($online && $this->ensure_proper_remote_uri($uri)) {
  141. $uri = $this->temp_res["id"];
  142. }
  143. // Try standard ActivityPub route
  144. // Is this a known filthy little mudblood?
  145. $aprofile = self::get_aprofile_by_url($uri);
  146. if ($aprofile instanceof Activitypub_profile) {
  147. $profile = $aprofile->local_profile();
  148. common_debug('ActivityPub Explorer: Found a local Aprofile for '.$uri);
  149. // We found something!
  150. $this->discovered_actor_profiles[]= $profile;
  151. unset($this->temp_res); // IMPORTANT to avoid _dangerous_ noise in the Explorer system
  152. return true;
  153. } else {
  154. common_debug('ActivityPub Explorer: Unable to find a local Aprofile for '.$uri.' - looking for a Profile instead.');
  155. // Well, maybe it is a pure blood?
  156. // Iff, we are in the same instance:
  157. $ACTIVITYPUB_BASE_ACTOR_URI_length = strlen(ACTIVITYPUB_BASE_ACTOR_URI);
  158. if (substr($uri, 0, $ACTIVITYPUB_BASE_ACTOR_URI_length) == ACTIVITYPUB_BASE_ACTOR_URI) {
  159. try {
  160. $profile = Profile::getByID(intval(substr($uri, $ACTIVITYPUB_BASE_ACTOR_URI_length)));
  161. common_debug('ActivityPub Explorer: Found a Profile for '.$uri);
  162. // We found something!
  163. $this->discovered_actor_profiles[]= $profile;
  164. unset($this->temp_res); // IMPORTANT to avoid _dangerous_ noise in the Explorer system
  165. return true;
  166. } catch (Exception $e) {
  167. // Let the exception go on its merry way.
  168. common_debug('ActivityPub Explorer: Unable to find a Profile for '.$uri);
  169. }
  170. }
  171. }
  172. // If offline grabbing failed, attempt again with online resources
  173. if (!$online) {
  174. common_debug('ActivityPub Explorer: Will try everything again with online resources against: '.$uri);
  175. return $this->grab_local_user($uri, true);
  176. }
  177. return false;
  178. }
  179. /**
  180. * Get a remote user(s) profile(s) from its URL and joins it on
  181. * $this->discovered_actor_profiles
  182. *
  183. * @author Diogo Cordeiro <diogo@fc.up.pt>
  184. * @param string $url User's url
  185. * @return boolean success state
  186. */
  187. private function grab_remote_user($url)
  188. {
  189. common_debug('ActivityPub Explorer: Trying to grab a remote actor for '.$url);
  190. if (!isset($this->temp_res)) {
  191. $client = new HTTPClient();
  192. $headers = [];
  193. $headers[] = 'Accept: application/ld+json; profile="https://www.w3.org/ns/activitystreams"';
  194. $headers[] = 'User-Agent: GNUSocialBot v0.1 - https://gnu.io/social';
  195. $response = $client->get($url, $headers);
  196. $res = json_decode($response->getBody(), true);
  197. } else {
  198. $res = $this->temp_res;
  199. unset($this->temp_res);
  200. }
  201. if (isset($res['type']) && $res['type'] === 'OrderedCollection' && isset($res['first'])) { // It's a potential collection of actors!!!
  202. common_debug('ActivityPub Explorer: Found a collection of actors for '.$url);
  203. $this->travel_collection($res['first']);
  204. return true;
  205. } elseif (self::validate_remote_response($res)) {
  206. common_debug('ActivityPub Explorer: Found a valid remote actor for '.$url);
  207. $this->discovered_actor_profiles[]= $this->store_profile($res);
  208. return true;
  209. } else {
  210. common_debug('ActivityPub Explorer: Invalid potential remote actor while grabbing remotely: '.$url. '. He returned the following: '.json_encode($res, JSON_UNESCAPED_SLASHES));
  211. }
  212. // TODO: Fallback to OStatus
  213. return false;
  214. }
  215. /**
  216. * Save remote user profile in local instance
  217. *
  218. * @author Diogo Cordeiro <diogo@fc.up.pt>
  219. * @param array $res remote response
  220. * @return Profile remote Profile object
  221. */
  222. private function store_profile($res)
  223. {
  224. // ActivityPub Profile
  225. $aprofile = new Activitypub_profile;
  226. $aprofile->uri = $res['id'];
  227. $aprofile->nickname = $res['preferredUsername'];
  228. $aprofile->fullname = isset($res['name']) ? $res['name'] : null;
  229. $aprofile->bio = isset($res['summary']) ? substr(strip_tags($res['summary']), 0, 1000) : null;
  230. $aprofile->inboxuri = $res['inbox'];
  231. $aprofile->sharedInboxuri = isset($res['endpoints']['sharedInbox']) ? $res['endpoints']['sharedInbox'] : $res['inbox'];
  232. $aprofile->do_insert();
  233. $profile = $aprofile->local_profile();
  234. // Public Key
  235. $apRSA = new Activitypub_rsa();
  236. $apRSA->profile_id = $profile->getID();
  237. $apRSA->public_key = $res['publicKey']['publicKeyPem'];
  238. $apRSA->store_keys();
  239. // Avatar
  240. if (isset($res['icon']['url'])) {
  241. try {
  242. $this->update_avatar($profile, $res['icon']['url']);
  243. } catch (Exception $e) {
  244. // Let the exception go, it isn't a serious issue
  245. common_debug('ActivityPub Explorer: An error ocurred while grabbing remote avatar: '.$e->getMessage());
  246. }
  247. }
  248. return $profile;
  249. }
  250. /**
  251. * Download and update given avatar image
  252. *
  253. * @author GNU Social
  254. * @param Profile $profile
  255. * @param string $url
  256. * @return Avatar The Avatar we have on disk.
  257. * @throws Exception in various failure cases
  258. */
  259. public static function update_avatar(Profile $profile, $url)
  260. {
  261. common_debug('ActivityPub Explorer: Started grabbing remote avatar from: '.$url);
  262. if (!filter_var($url, FILTER_VALIDATE_URL)) {
  263. // TRANS: Server exception. %s is a URL.
  264. common_debug('ActivityPub Explorer: Failed because it is an invalid url: '.$url);
  265. throw new ServerException(sprintf('Invalid avatar URL %s.'), $url);
  266. }
  267. // @todo FIXME: This should be better encapsulated
  268. // ripped from oauthstore.php (for old OMB client)
  269. $temp_filename = tempnam(sys_get_temp_dir(), 'listener_avatar');
  270. try {
  271. $imgData = HTTPClient::quickGet($url);
  272. // Make sure it's at least an image file. ImageFile can do the rest.
  273. if (false === getimagesizefromstring($imgData)) {
  274. common_debug('ActivityPub Explorer: Failed because the downloaded avatar: '.$url. 'is not a valid image.');
  275. throw new UnsupportedMediaException('Downloaded avatar was not an image.');
  276. }
  277. file_put_contents($temp_filename, $imgData);
  278. unset($imgData); // No need to carry this in memory.
  279. common_debug('ActivityPub Explorer: Stored dowloaded avatar in: '.$temp_filename);
  280. $id = $profile->getID();
  281. $imagefile = new ImageFile(null, $temp_filename);
  282. $filename = Avatar::filename(
  283. $id,
  284. image_type_to_extension($imagefile->type),
  285. null,
  286. common_timestamp()
  287. );
  288. rename($temp_filename, Avatar::path($filename));
  289. common_debug('ActivityPub Explorer: Moved avatar from: '.$temp_filename.' to '.$filename);
  290. } catch (Exception $e) {
  291. common_debug('ActivityPub Explorer: Something went wrong while processing the avatar from: '.$url.' details: '.$e->getMessage());
  292. unlink($temp_filename);
  293. throw $e;
  294. }
  295. // @todo FIXME: Hardcoded chmod is lame, but seems to be necessary to
  296. // keep from accidentally saving images from command-line (queues)
  297. // that can't be read from web server, which causes hard-to-notice
  298. // problems later on:
  299. //
  300. // http://status.net/open-source/issues/2663
  301. chmod(Avatar::path($filename), 0644);
  302. $profile->setOriginal($filename);
  303. $orig = clone($profile);
  304. $profile->avatar = $url;
  305. $profile->update($orig);
  306. common_debug('ActivityPub Explorer: Seted Avatar from: '.$url.' to profile.');
  307. return Avatar::getUploaded($profile);
  308. }
  309. /**
  310. * Validates a remote response in order to determine whether this
  311. * response is a valid profile or not
  312. *
  313. * @author Diogo Cordeiro <diogo@fc.up.pt>
  314. * @param array $res remote response
  315. * @return boolean success state
  316. */
  317. public static function validate_remote_response($res)
  318. {
  319. if (!isset($res['id'], $res['preferredUsername'], $res['inbox'], $res['publicKey']['publicKeyPem'])) {
  320. return false;
  321. }
  322. return true;
  323. }
  324. /**
  325. * Get a ActivityPub Profile from it's uri
  326. * Unfortunately GNU Social cache is not truly reliable when handling
  327. * potential ActivityPub remote profiles, as so it is important to use
  328. * this hacky workaround (at least for now)
  329. *
  330. * @author Diogo Cordeiro <diogo@fc.up.pt>
  331. * @param string $v URL
  332. * @return boolean|Activitypub_profile false if fails | Aprofile object if successful
  333. */
  334. public static function get_aprofile_by_url($v)
  335. {
  336. $i = Managed_DataObject::getcached("Activitypub_profile", "uri", $v);
  337. if (empty($i)) { // false = cache miss
  338. $i = new Activitypub_profile;
  339. $result = $i->get("uri", $v);
  340. if ($result) {
  341. // Hit!
  342. $i->encache();
  343. } else {
  344. return false;
  345. }
  346. }
  347. return $i;
  348. }
  349. /**
  350. * Given a valid actor profile url returns its inboxes
  351. *
  352. * @author Diogo Cordeiro <diogo@fc.up.pt>
  353. * @param string $url of Actor profile
  354. * @return boolean|array false if fails | array with inbox and shared inbox if successful
  355. */
  356. public static function get_actor_inboxes_uri($url)
  357. {
  358. $client = new HTTPClient();
  359. $headers = [];
  360. $headers[] = 'Accept: application/ld+json; profile="https://www.w3.org/ns/activitystreams"';
  361. $headers[] = 'User-Agent: GNUSocialBot v0.1 - https://gnu.io/social';
  362. $response = $client->get($url, $headers);
  363. if (!$response->isOk()) {
  364. throw new Exception('Invalid Actor URL.');
  365. }
  366. $res = json_decode($response->getBody(), true);
  367. if (self::validate_remote_response($res)) {
  368. return [
  369. 'inbox' => $res['inbox'],
  370. 'sharedInbox' => isset($res['endpoints']['sharedInbox']) ? $res['endpoints']['sharedInbox'] : $res['inbox']
  371. ];
  372. }
  373. return false;
  374. }
  375. /**
  376. * Allows the Explorer to transverse a collection of persons.
  377. *
  378. * @author Diogo Cordeiro <diogo@fc.up.pt>
  379. * @param type $url
  380. * @return boolean
  381. */
  382. private function travel_collection($url)
  383. {
  384. $client = new HTTPClient();
  385. $headers = [];
  386. $headers[] = 'Accept: application/ld+json; profile="https://www.w3.org/ns/activitystreams"';
  387. $headers[] = 'User-Agent: GNUSocialBot v0.1 - https://gnu.io/social';
  388. $response = $client->get($url, $headers);
  389. $res = json_decode($response->getBody(), true);
  390. if (!isset($res['orderedItems'])) {
  391. return false;
  392. }
  393. foreach ($res["orderedItems"] as $profile) {
  394. if ($this->_lookup($profile) == false) {
  395. common_debug('ActivityPub Explorer: Found an invalid actor for '.$profile);
  396. // TODO: Invalid actor found, fallback to OStatus
  397. }
  398. }
  399. // Go through entire collection
  400. if (!is_null($res["next"])) {
  401. $this->_lookup($res["next"]);
  402. }
  403. return true;
  404. }
  405. /**
  406. * Get a remote user array from its URL (this function is only used for
  407. * profile updating and shall not be used for anything else)
  408. *
  409. * @author Diogo Cordeiro <diogo@fc.up.pt>
  410. * @param string $url User's url
  411. * @throws Exception
  412. */
  413. public static function get_remote_user_activity($url)
  414. {
  415. $client = new HTTPClient();
  416. $headers = [];
  417. $headers[] = 'Accept: application/ld+json; profile="https://www.w3.org/ns/activitystreams"';
  418. $headers[] = 'User-Agent: GNUSocialBot v0.1 - https://gnu.io/social';
  419. $response = $client->get($url, $headers);
  420. $res = json_decode($response->getBody(), true);
  421. if (Activitypub_explorer::validate_remote_response($res)) {
  422. common_debug('ActivityPub Explorer: Found a valid remote actor for '.$url);
  423. return $res;
  424. }
  425. throw new Exception('ActivityPub Explorer: Failed to get activity.');
  426. }
  427. }