mirror of
https://github.com/superseriousbusiness/gotosocial
synced 2025-06-05 21:59:39 +02:00
Add Accept
header negotiation to relevant API endpoints (#337)
* start centralizing negotiation logic for API * swagger document nodeinfo endpoint * go fmt * document negotiate function * use content negotiation * tidy up negotiation logic * negotiate content throughout client api * swagger * remove attachment on Content * add accept header to test requests
This commit is contained in:
@@ -19,20 +19,42 @@
|
||||
package nodeinfo
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"net/http"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/sirupsen/logrus"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api"
|
||||
)
|
||||
|
||||
// NodeInfoGETHandler returns a compliant nodeinfo response to node info queries.
|
||||
// See: https://nodeinfo.diaspora.software/
|
||||
// NodeInfoGETHandler swagger:operation GET /nodeinfo/2.0 nodeInfoGet
|
||||
//
|
||||
// Returns a compliant nodeinfo response to node info queries.
|
||||
//
|
||||
// See: https://nodeinfo.diaspora.software/schema.html
|
||||
//
|
||||
// ---
|
||||
// tags:
|
||||
// - nodeinfo
|
||||
//
|
||||
// produces:
|
||||
// - application/json; profile="http://nodeinfo.diaspora.software/ns/schema/2.0#"
|
||||
//
|
||||
// responses:
|
||||
// '200':
|
||||
// schema:
|
||||
// "$ref": "#/definitions/nodeinfo"
|
||||
func (m *Module) NodeInfoGETHandler(c *gin.Context) {
|
||||
l := logrus.WithFields(logrus.Fields{
|
||||
"func": "NodeInfoGETHandler",
|
||||
"user-agent": c.Request.UserAgent(),
|
||||
})
|
||||
|
||||
if _, err := api.NegotiateAccept(c, api.JSONAcceptHeaders...); err != nil {
|
||||
c.JSON(http.StatusNotAcceptable, gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
|
||||
ni, err := m.processor.GetNodeInfo(c.Request.Context(), c.Request)
|
||||
if err != nil {
|
||||
l.Debugf("error with get node info request: %s", err)
|
||||
@@ -40,5 +62,10 @@ func (m *Module) NodeInfoGETHandler(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
c.JSON(http.StatusOK, ni)
|
||||
b, jsonErr := json.Marshal(ni)
|
||||
if jsonErr != nil {
|
||||
c.JSON(http.StatusInternalServerError, gin.H{"error": jsonErr.Error()})
|
||||
}
|
||||
|
||||
c.Data(http.StatusOK, `application/json; profile="http://nodeinfo.diaspora.software/ns/schema/2.0#"`, b)
|
||||
}
|
||||
|
@@ -23,16 +23,37 @@ import (
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/sirupsen/logrus"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api"
|
||||
)
|
||||
|
||||
// NodeInfoWellKnownGETHandler returns a well known response to a query to /.well-known/nodeinfo,
|
||||
// directing (but not redirecting...) callers to the NodeInfoGETHandler.
|
||||
// NodeInfoWellKnownGETHandler swagger:operation GET /.well-known/nodeinfo nodeInfoWellKnownGet
|
||||
//
|
||||
// Directs callers to /nodeinfo/2.0.
|
||||
//
|
||||
// eg. `{"links":[{"rel":"http://nodeinfo.diaspora.software/ns/schema/2.0","href":"http://example.org/nodeinfo/2.0"}]}`
|
||||
// See: https://nodeinfo.diaspora.software/protocol.html
|
||||
//
|
||||
// ---
|
||||
// tags:
|
||||
// - nodeinfo
|
||||
//
|
||||
// produces:
|
||||
// - application/json
|
||||
//
|
||||
// responses:
|
||||
// '200':
|
||||
// schema:
|
||||
// "$ref": "#/definitions/wellKnownResponse"
|
||||
func (m *Module) NodeInfoWellKnownGETHandler(c *gin.Context) {
|
||||
l := logrus.WithFields(logrus.Fields{
|
||||
"func": "NodeInfoWellKnownGETHandler",
|
||||
"user-agent": c.Request.UserAgent(),
|
||||
"func": "NodeInfoWellKnownGETHandler",
|
||||
})
|
||||
|
||||
if _, err := api.NegotiateAccept(c, api.JSONAcceptHeaders...); err != nil {
|
||||
c.JSON(http.StatusNotAcceptable, gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
|
||||
niRel, err := m.processor.GetNodeInfoRel(c.Request.Context(), c.Request)
|
||||
if err != nil {
|
||||
l.Debugf("error with get node info rel request: %s", err)
|
||||
|
@@ -20,19 +20,11 @@ package user
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/util"
|
||||
)
|
||||
|
||||
// ActivityPubAcceptHeaders represents the Accept headers mentioned here:
|
||||
// https://www.w3.org/TR/activitypub/#retrieving-objects
|
||||
var ActivityPubAcceptHeaders = []string{
|
||||
`application/activity+json`,
|
||||
`application/ld+json; profile="https://www.w3.org/ns/activitystreams"`,
|
||||
}
|
||||
|
||||
// transferContext transfers the signature verifier and signature from the gin context to the request context
|
||||
func transferContext(c *gin.Context) context.Context {
|
||||
ctx := c.Request.Context()
|
||||
@@ -50,14 +42,6 @@ func transferContext(c *gin.Context) context.Context {
|
||||
return ctx
|
||||
}
|
||||
|
||||
func negotiateFormat(c *gin.Context) (string, error) {
|
||||
format := c.NegotiateFormat(ActivityPubAcceptHeaders...)
|
||||
if format == "" {
|
||||
return "", fmt.Errorf("no format can be offered for Accept headers %s", c.Request.Header.Get("Accept"))
|
||||
}
|
||||
return format, nil
|
||||
}
|
||||
|
||||
// SwaggerCollection represents an activitypub collection.
|
||||
// swagger:model swaggerCollection
|
||||
type SwaggerCollection struct {
|
||||
|
@@ -25,6 +25,7 @@ import (
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/sirupsen/logrus"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api"
|
||||
)
|
||||
|
||||
// FollowersGETHandler returns a collection of URIs for followers of the target user, formatted so that other AP servers can understand it.
|
||||
@@ -40,9 +41,9 @@ func (m *Module) FollowersGETHandler(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
format, err := negotiateFormat(c)
|
||||
format, err := api.NegotiateAccept(c, api.ActivityPubAcceptHeaders...)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusNotAcceptable, gin.H{"error": fmt.Sprintf("could not negotiate format with given Accept header(s): %s", err)})
|
||||
c.JSON(http.StatusNotAcceptable, gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
l.Tracef("negotiated format: %s", format)
|
||||
|
@@ -25,6 +25,7 @@ import (
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/sirupsen/logrus"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api"
|
||||
)
|
||||
|
||||
// FollowingGETHandler returns a collection of URIs for accounts that the target user follows, formatted so that other AP servers can understand it.
|
||||
@@ -40,9 +41,9 @@ func (m *Module) FollowingGETHandler(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
format, err := negotiateFormat(c)
|
||||
format, err := api.NegotiateAccept(c, api.ActivityPubAcceptHeaders...)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusNotAcceptable, gin.H{"error": fmt.Sprintf("could not negotiate format with given Accept header(s): %s", err)})
|
||||
c.JSON(http.StatusNotAcceptable, gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
l.Tracef("negotiated format: %s", format)
|
||||
|
@@ -26,6 +26,7 @@ import (
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/sirupsen/logrus"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api"
|
||||
)
|
||||
|
||||
// OutboxGETHandler swagger:operation GET /users/{username}/outbox s2sOutboxGet
|
||||
@@ -113,9 +114,9 @@ func (m *Module) OutboxGETHandler(c *gin.Context) {
|
||||
maxID = maxIDString
|
||||
}
|
||||
|
||||
format, err := negotiateFormat(c)
|
||||
format, err := api.NegotiateAccept(c, api.ActivityPubAcceptHeaders...)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusNotAcceptable, gin.H{"error": fmt.Sprintf("could not negotiate format with given Accept header(s): %s", err)})
|
||||
c.JSON(http.StatusNotAcceptable, gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
l.Tracef("negotiated format: %s", format)
|
||||
|
@@ -54,6 +54,7 @@ func (suite *OutboxGetTestSuite) TestGetOutbox() {
|
||||
recorder := httptest.NewRecorder()
|
||||
ctx, _ := gin.CreateTestContext(recorder)
|
||||
ctx.Request = httptest.NewRequest(http.MethodGet, targetAccount.OutboxURI, nil) // the endpoint we're hitting
|
||||
ctx.Request.Header.Set("accept", "application/activity+json")
|
||||
ctx.Request.Header.Set("Signature", signedRequest.SignatureHeader)
|
||||
ctx.Request.Header.Set("Date", signedRequest.DateHeader)
|
||||
|
||||
@@ -108,6 +109,7 @@ func (suite *OutboxGetTestSuite) TestGetOutboxFirstPage() {
|
||||
recorder := httptest.NewRecorder()
|
||||
ctx, _ := gin.CreateTestContext(recorder)
|
||||
ctx.Request = httptest.NewRequest(http.MethodGet, targetAccount.OutboxURI+"?page=true", nil) // the endpoint we're hitting
|
||||
ctx.Request.Header.Set("accept", "application/activity+json")
|
||||
ctx.Request.Header.Set("Signature", signedRequest.SignatureHeader)
|
||||
ctx.Request.Header.Set("Date", signedRequest.DateHeader)
|
||||
|
||||
@@ -162,6 +164,7 @@ func (suite *OutboxGetTestSuite) TestGetOutboxNextPage() {
|
||||
recorder := httptest.NewRecorder()
|
||||
ctx, _ := gin.CreateTestContext(recorder)
|
||||
ctx.Request = httptest.NewRequest(http.MethodGet, targetAccount.OutboxURI+"?page=true&max_id=01F8MHAMCHF6Y650WCRSCP4WMY", nil) // the endpoint we're hitting
|
||||
ctx.Request.Header.Set("accept", "application/activity+json")
|
||||
ctx.Request.Header.Set("Signature", signedRequest.SignatureHeader)
|
||||
ctx.Request.Header.Set("Date", signedRequest.DateHeader)
|
||||
|
||||
|
@@ -25,6 +25,7 @@ import (
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/sirupsen/logrus"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api"
|
||||
)
|
||||
|
||||
// PublicKeyGETHandler should be served at eg https://example.org/users/:username/main-key.
|
||||
@@ -44,9 +45,9 @@ func (m *Module) PublicKeyGETHandler(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
format, err := negotiateFormat(c)
|
||||
format, err := api.NegotiateAccept(c, api.ActivityPubAcceptHeaders...)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusNotAcceptable, gin.H{"error": fmt.Sprintf("could not negotiate format with given Accept header(s): %s", err)})
|
||||
c.JSON(http.StatusNotAcceptable, gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
l.Tracef("negotiated format: %s", format)
|
||||
|
@@ -26,6 +26,7 @@ import (
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/sirupsen/logrus"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api"
|
||||
)
|
||||
|
||||
// StatusRepliesGETHandler swagger:operation GET /users/{username}/statuses/{status}/replies s2sRepliesGet
|
||||
@@ -131,9 +132,9 @@ func (m *Module) StatusRepliesGETHandler(c *gin.Context) {
|
||||
minID = minIDString
|
||||
}
|
||||
|
||||
format, err := negotiateFormat(c)
|
||||
format, err := api.NegotiateAccept(c, api.ActivityPubAcceptHeaders...)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusNotAcceptable, gin.H{"error": fmt.Sprintf("could not negotiate format with given Accept header(s): %s", err)})
|
||||
c.JSON(http.StatusNotAcceptable, gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
l.Tracef("negotiated format: %s", format)
|
||||
|
@@ -57,6 +57,7 @@ func (suite *RepliesGetTestSuite) TestGetReplies() {
|
||||
recorder := httptest.NewRecorder()
|
||||
ctx, _ := gin.CreateTestContext(recorder)
|
||||
ctx.Request = httptest.NewRequest(http.MethodGet, targetStatus.URI+"/replies", nil) // the endpoint we're hitting
|
||||
ctx.Request.Header.Set("accept", "application/activity+json")
|
||||
ctx.Request.Header.Set("Signature", signedRequest.SignatureHeader)
|
||||
ctx.Request.Header.Set("Date", signedRequest.DateHeader)
|
||||
|
||||
@@ -117,6 +118,7 @@ func (suite *RepliesGetTestSuite) TestGetRepliesNext() {
|
||||
recorder := httptest.NewRecorder()
|
||||
ctx, _ := gin.CreateTestContext(recorder)
|
||||
ctx.Request = httptest.NewRequest(http.MethodGet, targetStatus.URI+"/replies?only_other_accounts=false&page=true", nil) // the endpoint we're hitting
|
||||
ctx.Request.Header.Set("accept", "application/activity+json")
|
||||
ctx.Request.Header.Set("Signature", signedRequest.SignatureHeader)
|
||||
ctx.Request.Header.Set("Date", signedRequest.DateHeader)
|
||||
|
||||
@@ -180,6 +182,7 @@ func (suite *RepliesGetTestSuite) TestGetRepliesLast() {
|
||||
recorder := httptest.NewRecorder()
|
||||
ctx, _ := gin.CreateTestContext(recorder)
|
||||
ctx.Request = httptest.NewRequest(http.MethodGet, targetStatus.URI+"/replies?only_other_accounts=false&page=true&min_id=01FF25D5Q0DH7CHD57CTRS6WK0", nil) // the endpoint we're hitting
|
||||
ctx.Request.Header.Set("accept", "application/activity+json")
|
||||
ctx.Request.Header.Set("Signature", signedRequest.SignatureHeader)
|
||||
ctx.Request.Header.Set("Date", signedRequest.DateHeader)
|
||||
|
||||
|
@@ -25,6 +25,7 @@ import (
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/sirupsen/logrus"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api"
|
||||
)
|
||||
|
||||
// StatusGETHandler serves the target status as an activitystreams NOTE so that other AP servers can parse it.
|
||||
@@ -46,9 +47,9 @@ func (m *Module) StatusGETHandler(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
format, err := negotiateFormat(c)
|
||||
format, err := api.NegotiateAccept(c, api.ActivityPubAcceptHeaders...)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusNotAcceptable, gin.H{"error": fmt.Sprintf("could not negotiate format with given Accept header(s): %s", err)})
|
||||
c.JSON(http.StatusNotAcceptable, gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
l.Tracef("negotiated format: %s", format)
|
||||
|
@@ -25,6 +25,7 @@ import (
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/sirupsen/logrus"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api"
|
||||
)
|
||||
|
||||
// UsersGETHandler should be served at https://example.org/users/:username.
|
||||
@@ -48,9 +49,9 @@ func (m *Module) UsersGETHandler(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
format, err := negotiateFormat(c)
|
||||
format, err := api.NegotiateAccept(c, api.ActivityPubAcceptHeaders...)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusNotAcceptable, gin.H{"error": fmt.Sprintf("could not negotiate format with given Accept header(s): %s", err)})
|
||||
c.JSON(http.StatusNotAcceptable, gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
l.Tracef("negotiated format: %s", format)
|
||||
|
@@ -55,6 +55,7 @@ func (suite *UserGetTestSuite) TestGetUser() {
|
||||
recorder := httptest.NewRecorder()
|
||||
ctx, _ := gin.CreateTestContext(recorder)
|
||||
ctx.Request = httptest.NewRequest(http.MethodGet, targetAccount.URI, nil) // the endpoint we're hitting
|
||||
ctx.Request.Header.Set("accept", "application/activity+json")
|
||||
ctx.Request.Header.Set("Signature", signedRequest.SignatureHeader)
|
||||
ctx.Request.Header.Set("Date", signedRequest.DateHeader)
|
||||
|
||||
|
@@ -27,26 +27,54 @@ import (
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/sirupsen/logrus"
|
||||
"github.com/spf13/viper"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/config"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/util"
|
||||
)
|
||||
|
||||
// WebfingerGETRequest handles requests to, for example, https://example.org/.well-known/webfinger?resource=acct:some_user@example.org
|
||||
// WebfingerGETRequest swagger:operation GET /.well-known/webfinger webfingerGet
|
||||
//
|
||||
// Handles webfinger account lookup requests.
|
||||
//
|
||||
// For example, a GET to `https://goblin.technology/.well-known/webfinger?resource=acct:tobi@goblin.technology` would return:
|
||||
//
|
||||
// ```
|
||||
// {"subject":"acct:tobi@goblin.technology","aliases":["https://goblin.technology/users/tobi","https://goblin.technology/@tobi"],"links":[{"rel":"http://webfinger.net/rel/profile-page","type":"text/html","href":"https://goblin.technology/@tobi"},{"rel":"self","type":"application/activity+json","href":"https://goblin.technology/users/tobi"}]}
|
||||
// ```
|
||||
//
|
||||
// See: https://webfinger.net/
|
||||
//
|
||||
// ---
|
||||
// tags:
|
||||
// - webfinger
|
||||
//
|
||||
// produces:
|
||||
// - application/json
|
||||
//
|
||||
// responses:
|
||||
// '200':
|
||||
// schema:
|
||||
// "$ref": "#/definitions/wellKnownResponse"
|
||||
func (m *Module) WebfingerGETRequest(c *gin.Context) {
|
||||
l := logrus.WithFields(logrus.Fields{
|
||||
"func": "WebfingerGETRequest",
|
||||
"user-agent": c.Request.UserAgent(),
|
||||
})
|
||||
|
||||
q, set := c.GetQuery("resource")
|
||||
if !set || q == "" {
|
||||
resourceQuery, set := c.GetQuery("resource")
|
||||
if !set || resourceQuery == "" {
|
||||
l.Debug("aborting request because no resource was set in query")
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": "no 'resource' in request query"})
|
||||
return
|
||||
}
|
||||
|
||||
if _, err := api.NegotiateAccept(c, api.JSONAcceptHeaders...); err != nil {
|
||||
c.JSON(http.StatusNotAcceptable, gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
|
||||
// remove the acct: prefix if it's present
|
||||
trimAcct := strings.TrimPrefix(q, "acct:")
|
||||
trimAcct := strings.TrimPrefix(resourceQuery, "acct:")
|
||||
// remove the first @ in @whatever@example.org if it's present
|
||||
namestring := strings.TrimPrefix(trimAcct, "@")
|
||||
|
||||
|
@@ -50,6 +50,7 @@ func (suite *WebfingerGetTestSuite) TestFingerUser() {
|
||||
recorder := httptest.NewRecorder()
|
||||
ctx, _ := gin.CreateTestContext(recorder)
|
||||
ctx.Request = httptest.NewRequest(http.MethodGet, requestPath, nil) // the endpoint we're hitting
|
||||
ctx.Request.Header.Set("accept", "application/json")
|
||||
|
||||
// trigger the function being tested
|
||||
suite.webfingerModule.WebfingerGETRequest(ctx)
|
||||
@@ -83,6 +84,7 @@ func (suite *WebfingerGetTestSuite) TestFingerUserWithDifferentAccountDomainByHo
|
||||
recorder := httptest.NewRecorder()
|
||||
ctx, _ := gin.CreateTestContext(recorder)
|
||||
ctx.Request = httptest.NewRequest(http.MethodGet, requestPath, nil) // the endpoint we're hitting
|
||||
ctx.Request.Header.Set("accept", "application/json")
|
||||
|
||||
// trigger the function being tested
|
||||
suite.webfingerModule.WebfingerGETRequest(ctx)
|
||||
@@ -116,6 +118,7 @@ func (suite *WebfingerGetTestSuite) TestFingerUserWithDifferentAccountDomainByAc
|
||||
recorder := httptest.NewRecorder()
|
||||
ctx, _ := gin.CreateTestContext(recorder)
|
||||
ctx.Request = httptest.NewRequest(http.MethodGet, requestPath, nil) // the endpoint we're hitting
|
||||
ctx.Request.Header.Set("accept", "application/json")
|
||||
|
||||
// trigger the function being tested
|
||||
suite.webfingerModule.WebfingerGETRequest(ctx)
|
||||
@@ -141,6 +144,7 @@ func (suite *WebfingerGetTestSuite) TestFingerUserWithoutAcct() {
|
||||
recorder := httptest.NewRecorder()
|
||||
ctx, _ := gin.CreateTestContext(recorder)
|
||||
ctx.Request = httptest.NewRequest(http.MethodGet, requestPath, nil) // the endpoint we're hitting
|
||||
ctx.Request.Header.Set("accept", "application/json")
|
||||
|
||||
// trigger the function being tested
|
||||
suite.webfingerModule.WebfingerGETRequest(ctx)
|
||||
|
Reference in New Issue
Block a user