Plume
/
Plume
8
17
Fork 23
Code Issues 175 Pull Requests 9 Releases 8 Wiki Activity

Labels Milestones

New Issue

Follow activity rejected (federation) #107

Closed
opened 6 years ago by redmatrix · 6 comments
redmatrix commented 6 years ago (Migrated from github.com)

Follow activity to plume was rejected with 502. Formatting of key and signature blobs below is messed up from pasting but is correct in the original. This would have also been signed in the header with an HTTP signature. If this assists debugging any, at least one other project failed in a similar way when presented with an inline object for the actor instead of a simple url.

Otherwise the timestamp is 2018-07-02T02:08:18Z

{
  "@context":[
    "https://www.w3.org/ns/activitystreams",
    "https://w3id.org/security/v1",
    "https://hz.macgirvin.com/apschema/v1.2"
  ],
  "id":"https://hz.macgirvin.com/follow/295",
  "type":"Follow",
  "actor":{
    "type":"Person",
    "id":"https://hz.macgirvin.com/channel/ziggy",
    "preferredUsername":"ziggy",
    "name":"ziggy",
    "icon":{
      "type":"Image",
      "mediaType":"image/png",
      "url":"https://hz.macgirvin.com/photo/profile/l/8",
      "height":300,
      "width":300
    },
    "url":{
      "type":"Link",
      "mediaType":"text/html",
      "href":"https://hz.macgirvin.com/channel/ziggy"
    },
    "inbox":"https://hz.macgirvin.com/inbox/ziggy",
    "outbox":"https://hz.macgirvin.com/outbox/ziggy",
    "followers":"https://hz.macgirvin.com/followers/ziggy",
    "following":"https://hz.macgirvin.com/following/ziggy",
    "endpoints":{
      "sharedInbox":"https://hz.macgirvin.com/inbox"
    },
    "publicKey":{
      "id":"https://hz.macgirvin.com/channel/ziggy/public_key_pem",
      "owner":"https://hz.macgirvin.com/channel/ziggy",
      "publicKeyPem":"-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAs+/jJyGbcVyWHa5ZRrJz\nfbXoc1Ws43RHbdd3zVLuUyJl0zGzgtuzvqLCrxYkJKiDwKWL+cLv7NLYV6Iw0sJk\non1lRqugrUAPy\
PSkqUNEstVO/Bxy01Lp80aUKF+wNB721qvdd8xP64VEsovehCfv\n94m64GkDca+EEZqybQHH+sFq2tjV/yo/RlCfnc2ezE/Nv/EWAH0q13zK9cGYmb4z\nCkexJHbHKD59SsWFBmOWs+qJp5Hzettb5ZGaNPDYi9xThXM/93kpUKF9mC/RAIm3\n2J3Ec9F2lM\
JGG8gGkQhSsnogJIzg0mYUINWnHe1wNHt7FfsHv+hgfixoldwvWtON\nP38OpjB3X/DZHAfeh+wKxIjJrN6PcyahUPwCni6Cw0PEQrKVoWddL6GNb9FZmWAwJTbWYaUEUc98Uue2aD02Yo7jqcxEG3Empmw3dyL9a58HO3TvdfplHwar1U0566ot\niop5W4O\
yWzci9quIhaen1C+zKmhziHIC1VykWIeFFyNQF9vg2D2qB/ALs1RKTX1M\n91Ld1qO1TGyFR9L8jES8T38kYbT0EvO5LkkFbfl3XHnGHTfX1kipmkkkoE1NtWNc\nm3frIqRJpYKGTOj1/UvPO5+7V4bvw1LbFBlNNbtAH83yvqIUfooaUhoUDLIzaC8T\nBZbG\
XMm2Ksrr/2y2yYx6eS0CAwEAAQ==\n-----END PUBLIC KEY-----\n"
    },
    "nomadicLocations":[
      {
        "id":"https://hz.macgirvin.com/locs/ziggy",
        "type":"nomadicLocation",
        "locationAddress":"acct:ziggy@hz.macgirvin.com",
        "locationPrimary":true,
        "locationDeleted":false
      },
      {
        "id":"https://z2.macgirvin.com/locs/ziggy",
        "type":"nomadicLocation",
        "locationAddress":"acct:ziggy@z2.macgirvin.com",
        "locationPrimary":false,
        "locationDeleted":false
      }
    ]
  },
  "object":"https://baptiste.gelez.xyz/~/Topcat",
  "to":[
    "https://baptiste.gelez.xyz/~/Topcat"
  ],
  "signature":{
    "@context":[
      "https://www.w3.org/ns/activitystreams",
      "https://w3id.org/security/v1"
    ],
    "type":"RsaSignature2017",
    "nonce":"642b4dd0b1dfd0e0890726886dfbab54ca2c1978da06de2a3903947017e8ec23",
    "creator":"https://hz.macgirvin.com/channel/ziggy/public_key_pem",
    "created":"2018-07-02T02:08:14Z",
    "signatureValue":"sF1iL4t8AzMEtUFEY9/DI6tvBeszAvX1GTIMr2qbg0YsENt28g5QUsOFf0Q2GmYJwWvohj0A+tvxzv8b18T7weu5WpsnNaRpMx9MlM05tEKgR6an/DVZ2Tqa9TAoP//uI0OJEdSgBZqCkYT/AeuFkzqlDsuNx/YkpwunQ4aJWBnbN\
ZD6NPDKzis7nRG9mbJtHd75OMj5/s0rhbmcnB3cS3OVPrN1HgF93piXrYx6ew657bOnoLywJOiL00zX6Gr3hkb5A9vxSCxpwgwRiPhDDYAiKRjCQlLFloowXHaGxLxtaWxJVlq4UgQNMqbwu3tJ7Y7uY6zBZJ+RkO2JHibLezOGFFQJ2hvxMHKtMhFgxzG3A6PB\
Xh77GZYZjA+RjT+NrNV+eFgDUoQb8zVdvZgMX51MpbGuh9Io5ou28dLWzkVTQT7FnSaLo9cR+gwiYHnFEOZ+DBcMwXFZfpX7VdAKtqNvYB9OHjqYil7hj/p+pj+KaUznvGnMOk7NjZo+Bqe2nHUwi4yOGTimgzRHfREuYjQKY6wbkpsnLm5vZXWVAR+R+yfMJ+K\
fZLeFetaWK+YBHStJubCHbFQANCXf+OaE3KCCOEqjD31ZapCyxh9bXZGDjHyJe9h8aaLIgApn0s5adfKxJYBf9LT7p9uus9JDDy5BePGepT+XdxJIgxECyro="
  }
}
Follow activity to plume was rejected with 502. Formatting of key and signature blobs below is messed up from pasting but is correct in the original. This would have also been signed in the header with an HTTP signature. If this assists debugging any, at least one other project failed in a similar way when presented with an inline object for the actor instead of a simple url. Otherwise the timestamp is 2018-07-02T02:08:18Z ```` { "@context":[ "https://www.w3.org/ns/activitystreams", "https://w3id.org/security/v1", "https://hz.macgirvin.com/apschema/v1.2" ], "id":"https://hz.macgirvin.com/follow/295", "type":"Follow", "actor":{ "type":"Person", "id":"https://hz.macgirvin.com/channel/ziggy", "preferredUsername":"ziggy", "name":"ziggy", "icon":{ "type":"Image", "mediaType":"image/png", "url":"https://hz.macgirvin.com/photo/profile/l/8", "height":300, "width":300 }, "url":{ "type":"Link", "mediaType":"text/html", "href":"https://hz.macgirvin.com/channel/ziggy" }, "inbox":"https://hz.macgirvin.com/inbox/ziggy", "outbox":"https://hz.macgirvin.com/outbox/ziggy", "followers":"https://hz.macgirvin.com/followers/ziggy", "following":"https://hz.macgirvin.com/following/ziggy", "endpoints":{ "sharedInbox":"https://hz.macgirvin.com/inbox" }, "publicKey":{ "id":"https://hz.macgirvin.com/channel/ziggy/public_key_pem", "owner":"https://hz.macgirvin.com/channel/ziggy", "publicKeyPem":"-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAs+/jJyGbcVyWHa5ZRrJz\nfbXoc1Ws43RHbdd3zVLuUyJl0zGzgtuzvqLCrxYkJKiDwKWL+cLv7NLYV6Iw0sJk\non1lRqugrUAPy\ PSkqUNEstVO/Bxy01Lp80aUKF+wNB721qvdd8xP64VEsovehCfv\n94m64GkDca+EEZqybQHH+sFq2tjV/yo/RlCfnc2ezE/Nv/EWAH0q13zK9cGYmb4z\nCkexJHbHKD59SsWFBmOWs+qJp5Hzettb5ZGaNPDYi9xThXM/93kpUKF9mC/RAIm3\n2J3Ec9F2lM\ JGG8gGkQhSsnogJIzg0mYUINWnHe1wNHt7FfsHv+hgfixoldwvWtON\nP38OpjB3X/DZHAfeh+wKxIjJrN6PcyahUPwCni6Cw0PEQrKVoWddL6GNb9FZmWAwJTbWYaUEUc98Uue2aD02Yo7jqcxEG3Empmw3dyL9a58HO3TvdfplHwar1U0566ot\niop5W4O\ yWzci9quIhaen1C+zKmhziHIC1VykWIeFFyNQF9vg2D2qB/ALs1RKTX1M\n91Ld1qO1TGyFR9L8jES8T38kYbT0EvO5LkkFbfl3XHnGHTfX1kipmkkkoE1NtWNc\nm3frIqRJpYKGTOj1/UvPO5+7V4bvw1LbFBlNNbtAH83yvqIUfooaUhoUDLIzaC8T\nBZbG\ XMm2Ksrr/2y2yYx6eS0CAwEAAQ==\n-----END PUBLIC KEY-----\n" }, "nomadicLocations":[ { "id":"https://hz.macgirvin.com/locs/ziggy", "type":"nomadicLocation", "locationAddress":"acct:ziggy@hz.macgirvin.com", "locationPrimary":true, "locationDeleted":false }, { "id":"https://z2.macgirvin.com/locs/ziggy", "type":"nomadicLocation", "locationAddress":"acct:ziggy@z2.macgirvin.com", "locationPrimary":false, "locationDeleted":false } ] }, "object":"https://baptiste.gelez.xyz/~/Topcat", "to":[ "https://baptiste.gelez.xyz/~/Topcat" ], "signature":{ "@context":[ "https://www.w3.org/ns/activitystreams", "https://w3id.org/security/v1" ], "type":"RsaSignature2017", "nonce":"642b4dd0b1dfd0e0890726886dfbab54ca2c1978da06de2a3903947017e8ec23", "creator":"https://hz.macgirvin.com/channel/ziggy/public_key_pem", "created":"2018-07-02T02:08:14Z", "signatureValue":"sF1iL4t8AzMEtUFEY9/DI6tvBeszAvX1GTIMr2qbg0YsENt28g5QUsOFf0Q2GmYJwWvohj0A+tvxzv8b18T7weu5WpsnNaRpMx9MlM05tEKgR6an/DVZ2Tqa9TAoP//uI0OJEdSgBZqCkYT/AeuFkzqlDsuNx/YkpwunQ4aJWBnbN\ ZD6NPDKzis7nRG9mbJtHd75OMj5/s0rhbmcnB3cS3OVPrN1HgF93piXrYx6ew657bOnoLywJOiL00zX6Gr3hkb5A9vxSCxpwgwRiPhDDYAiKRjCQlLFloowXHaGxLxtaWxJVlq4UgQNMqbwu3tJ7Y7uY6zBZJ+RkO2JHibLezOGFFQJ2hvxMHKtMhFgxzG3A6PB\ Xh77GZYZjA+RjT+NrNV+eFgDUoQb8zVdvZgMX51MpbGuh9Io5ou28dLWzkVTQT7FnSaLo9cR+gwiYHnFEOZ+DBcMwXFZfpX7VdAKtqNvYB9OHjqYil7hj/p+pj+KaUznvGnMOk7NjZo+Bqe2nHUwi4yOGTimgzRHfREuYjQKY6wbkpsnLm5vZXWVAR+R+yfMJ+K\ fZLeFetaWK+YBHStJubCHbFQANCXf+OaE3KCCOEqjD31ZapCyxh9bXZGDjHyJe9h8aaLIgApn0s5adfKxJYBf9LT7p9uus9JDDy5BePGepT+XdxJIgxECyro=" } } ````
👍 2
elegaanz commented 6 years ago (Migrated from github.com)

f79f01a should fix this. It has been deployed on https://baptiste.gelez.xyz if you want to test. If it works correctly feel free to close this issue.

f79f01a should fix this. It has been deployed on https://baptiste.gelez.xyz if you want to test. If it works correctly feel free to close this issue.
redmatrix commented 6 years ago (Migrated from github.com)

Unfortunately same result, 502. Timestamp was 2018-07-09T01:53:07Z

I was hopeful because that certainly looked like it would fix an inline author object, but perhaps we are dealing with multiple issues.

Unfortunately same result, 502. Timestamp was 2018-07-09T01:53:07Z I was hopeful because that certainly looked like it would fix an inline author object, but perhaps we are dealing with multiple issues.
👍 1
elegaanz commented 6 years ago (Migrated from github.com)

I fixed some issues, but when Plume tries to fetch the new follower's representation (at https://hub.zilla.tech/channel/baptistegelez in my tests), Hubzilla responds with an empty body. The following header was present in the request, if it helps:

Accept: application/ld+json; profile="https://w3.org/ns/activitystreams", application/ld+json;profile="https://w3.org/ns/activitystreams", application/activity+json, application/ld+json
I fixed some issues, but when Plume tries to fetch the new follower's representation (at `https://hub.zilla.tech/channel/baptistegelez` in my tests), Hubzilla responds with an empty body. The following header was present in the request, if it helps: ``` Accept: application/ld+json; profile="https://w3.org/ns/activitystreams", application/ld+json;profile="https://w3.org/ns/activitystreams", application/activity+json, application/ld+json ```
redmatrix commented 6 years ago (Migrated from github.com)

I see what is happening - that site has "block public access" enabled which is preventing access to some urls unless you're logged in (either locally or as a Zot network guest). It looks like this check happens before the ActivityPub plugin gets called. I try to convince folks that this isn't a good option to combine with federation protocols (GNU-Social won't work either because the public feed is blocked); but this may not be adequately documented. I can change the project code to allow the actor document through - as it doesn't contain sensitive or personal information beyond the connection details; but there may be other content exchanges (fetching activities) that will fail.

[edit: no I just tested this scenario on my test site and the activitypub actor document is allowed , so there seems to be a problem specifically with that site. I'll try another connection test to Plume a bit later on - though it's shaping up to be quite a busy day.]

I see what is happening - that site has "block public access" enabled which is preventing access to some urls unless you're logged in (either locally or as a Zot network guest). It looks like this check happens before the ActivityPub plugin gets called. I try to convince folks that this isn't a good option to combine with federation protocols (GNU-Social won't work either because the public feed is blocked); but this may not be adequately documented. I can change the project code to allow the actor document through - as it doesn't contain sensitive or personal information beyond the connection details; but there may be other content exchanges (fetching activities) that will fail. [edit: no I just tested this scenario on my test site and the activitypub actor document is allowed , so there seems to be a problem specifically with that site. I'll try another connection test to Plume a bit later on - though it's shaping up to be quite a busy day.]
👍 1
redmatrix commented 6 years ago (Migrated from github.com)

OK, it's probably even simpler than that - visit https://hub.zilla.tech/settings/featured and under 'ActivityPub Protocol Settings' select 'Enable the ActivityPub Protocol for this channel' and submit.

[I just tested adding the Plume connection and still getting 502 at 2018-07-18T23:16:45Z]

OK, it's probably even simpler than that - visit https://hub.zilla.tech/settings/featured and under 'ActivityPub Protocol Settings' select 'Enable the ActivityPub Protocol for this channel' and submit. [I just tested adding the Plume connection and still getting 502 at 2018-07-18T23:16:45Z]
👍 1
elegaanz commented 6 years ago (Migrated from github.com)

@redmatrix That was the solution! I successfully added a Plume connection from Hubzilla. I'll close this issue, but if it doesn't work on your side feel free to re-open it.

@redmatrix That was the solution! I successfully added a Plume connection from Hubzilla. I'll close this issue, but if it doesn't work on your side feel free to re-open it.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
paginate-search-init
main
s3
fix-delete-user
timeline-cli
blog-title
signature
remove-dup-images
ldap-non-anon
drone-ci
DearRude/force-lang
igalic/go/async-all-mut
go/async
floreal/translations-update
missing-docs
RAOF/fix-arm64-build
epsilon-phase/authorized-fetch
upgrade
improve-the-editor-once-again
igalic/feat/custom-fairing-domains
feature/ldap
test/dotenv_error
fix-mobile-margin
0.7.2
0.7.0
0.2.0-alpha-1
0.3.0-alpha-2
0.4.0-alpha-4
0.5.0
0.6.0
0.7.1
Labels
Apply labels
Clear labels   
A: API

Related to the REST API   
A: Backend

Code running on the server   
A: Federation

Stuff related to Federation   
A: Front-End

Related to the front-end   
A: I18N

Translations, and related code   
A: Meta

More about project management or code than the project itself   
A: Security
   
Build

The building, or installation process of Plume   
C: Bug

Something isn't working   
C: Discussion

We need to talk   
C: Enhancement

New feature or request   
C: Feature

This is a new feature   
Compatibility

Compatibility with different browsers, readers and OS   
Dependency

Related to an external package that Plume uses   
Design

UI/UX related issues and PRs   
Documentation
   
Good first issue

Good for newcomers   
Help welcome

Extra attention is needed   
Mobile

Issues affecting only mobile UX   
Rendering

How elements're rendered out for the end user   
S: Blocked

Something else needs to be fixed first   
S: Duplicate

This issue or pull request already exists   
S: Incomplete

This PR is not complete yet   
S: Instance specific

Issues concern a limited number of instances   
S: Invalid

This doesn't seem right   
S: Needs Voting/Discussion

Need to be discussed by the community (on Loomio)   
S: Ready for review

This PR is ready to be reviewed   
Suggestion

Proposed ideas worth considering   
S: Voted on Loomio

This is issue has been created after a vote on Loomio   
S: Wontfix

This will not be worked on
No Label
A: API
A: Backend
A: Federation
A: Front-End
A: I18N
A: Meta
A: Security
Build
C: Bug
C: Discussion
C: Enhancement
C: Feature
Compatibility
Dependency
Design
Documentation
Good first issue
Help welcome
Mobile
Rendering
S: Blocked
S: Duplicate
S: Incomplete
S: Instance specific
S: Invalid
S: Needs Voting/Discussion
S: Ready for review
Suggestion
S: Voted on Loomio
S: Wontfix
Milestone
Set milestone
Clear milestone
No items
No Milestone
Alpha 1
Assignees
Assign users
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Plume/Plume#107
Write Preview
Loading…
Cancel
Save
There is no content yet.
Delete Branch '%!s(<nil>)'

Deleting a branch is permanent. It CANNOT be undone. Continue?

No
Yes