~mariusor/fedbox-spammy

cfce1a3ea614f99a53ee069c9a6e94927bd1117d — Marius Orcsik 6 months ago 3ee905c
Improve signing of the Activity requests
3 files changed, 34 insertions(+), 19 deletions(-)

M cmd/main.go
M go.mod
M spammer.go
M cmd/main.go => cmd/main.go +10 -1
@@ 71,6 71,10 @@ func main() {
	st := make(chan bool)

	go ticker(st)
	defer func() {
		st <- true
	}()

	var actors map[ap.IRI]ap.Item
	var errs []error
	var objects map[ap.IRI]ap.Item


@@ 84,6 88,11 @@ func main() {
	actors, _ = spammy.LoadActors(ap.IRI(*serv), *concurrent)
	fmt.Printf("\nLoaded %d actors\n", len(actors))

	if len(actors) == 0 {
		fmt.Printf("\nLoaded %d actors\n", len(actors))
		os.Exit(1)
	}

	objects, errs = spammy.CreateRandomObjects(DefaultObjectCount, *concurrent, actors)
	fmt.Printf("\nCreated %d objects (%d errors)\n", len(objects), len(errs))
	for _, err := range errs {


@@ 95,7 104,7 @@ func main() {

	activities, errs := spammy.CreateRandomActivities(DefaultActivitiesCount, *concurrent, objects, actors)
	fmt.Printf("\nExecuted %d activities (%d errors)\n", len(activities), len(errs))
	st <- true

	for _, err := range errs {
		fmt.Fprintf(os.Stderr, "\t%s\n", err)
	}

M go.mod => go.mod +1 -1
@@ 3,7 3,7 @@ module github.com/mariusor/spammy
go 1.18

require (
	git.sr.ht/~mariusor/lw v0.0.0-20240313142800-531789c76b6d
	git.sr.ht/~mariusor/lw v0.0.0-20240323171419-d538df4af052
	github.com/go-ap/activitypub v0.0.0-20240323154407-e2e30475b980
	github.com/go-ap/client v0.0.0-20240323154701-a45ab836e28a
	github.com/go-ap/errors v0.0.0-20240304112515-6077fa9c17b0

M spammer.go => spammer.go +23 -17
@@ 302,8 302,7 @@ func RandomActivity(ob ap.Item, parent ap.Item) *ap.Activity {
	if ob != nil {
		act.Object = ob
	}
	act.AttributedTo = parent
	act.Actor = ap.FlattenToIRI(parent)
	act.Actor = parent
	act.To = ap.ItemCollection{ap.Followers.Of(act.Actor)}
	act.Bto = ap.ItemCollection{Application.ID}
	act.CC = ap.ItemCollection{ServiceIRI, Application.ID, ap.PublicNS}


@@ 337,23 336,32 @@ func LoadIRIs(iris ...string) (ap.ItemCollection, error) {
	return result, nil
}

func GetToken(actor *ap.Actor) *oauth2.Token {
func emptySignFn(_ *http.Request) error {
	return nil
}

func SignAs(actor *ap.Actor) client.RequestSignFn {
	if ap.IsNil(actor) {
		return nil
		return emptySignFn
	}

	m.RLock()
	defer m.RUnlock()

	t, ok := tokens[actor.GetLink()]
	if ok {
		return t
	if !ok {
		if t, _ = AuthenticateActor(context.TODO(), actor); t != nil {
			tokens[actor.GetLink()] = t
		}
	}
	if t, _ = AuthenticateActor(context.TODO(), actor); t != nil {
		tokens[actor.GetLink()] = t
		return t
	if t == nil {
		return emptySignFn
	}
	return func(req *http.Request) error {
		t.SetAuthHeader(req)
		req.Header.Set("X-Actor-ID", actor.ID.String())
		return nil
	}
	return nil
}

var (


@@ 362,7 370,6 @@ var (
)

func AuthenticateActor(ctx context.Context, actor *ap.Actor) (*oauth2.Token, error) {
	handle := actor.PreferredUsername.String()
	pw := OAuthSecret
	if !actor.ID.Equals(Application.ID, true) {
		pw = DefaultPw


@@ 372,7 379,7 @@ func AuthenticateActor(ctx context.Context, actor *ap.Actor) (*oauth2.Token, err

	conf := config(actor)

	tok, err := conf.PasswordCredentialsToken(ctx, handle, pw)
	tok, err := conf.PasswordCredentialsToken(ctx, actor.ID.String(), pw)
	if err != nil {
		return nil, err
	}


@@ 468,14 475,10 @@ func ExecActivity(ctx context.Context, activity ap.Item) (ap.Item, error) {
		return nil, errors.Errorf("invalid author Actor for activity: %+v", activity)
	}

	tok := GetToken(author)
	f := client.New(
		client.SkipTLSValidation(true),
		client.WithLogger(Logger),
		client.WithSignFn(func(req *http.Request) error {
			tok.SetAuthHeader(req)
			return nil
		}),
		client.WithSignFn(SignAs(author)),
	)

	iri, ff, err := f.CtxToCollection(dtx, ap.Outbox.Of(author).GetLink(), activity)


@@ 706,6 709,9 @@ func LoadActors(server ap.IRI, c int) (map[ap.IRI]ap.Item, []error) {
				return nil
			}
			return ap.OnActor(ob, func(act *ap.Actor) error {
				m.RLock()
				defer m.RUnlock()

				result[ob.GetLink()] = act
				return nil
			})