gotosocial/internal/processing/admin/debug_apurl.go

// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program.  If not, see <http://www.gnu.org/licenses/>.

package admin

import (
	"context"
	"io"
	"net/http"
	"net/url"

	apimodel "code.superseriousbusiness.org/gotosocial/internal/api/model"
	apiutil "code.superseriousbusiness.org/gotosocial/internal/api/util"
	"code.superseriousbusiness.org/gotosocial/internal/gtscontext"
	"code.superseriousbusiness.org/gotosocial/internal/gtserror"
	"code.superseriousbusiness.org/gotosocial/internal/gtsmodel"
)

// DebugAPUrl performs a GET to the given url, using the
// signature of the given admin account. The GET will
// have Accept set to the ActivityPub content types.
//
// Only urls with schema http or https are allowed.
//
// Calls to blocked domains are not allowed, not only
// because it's unfair to call them when they can't
// call us, but because it probably won't work anyway
// if they try to dereference the calling account.
//
// Errors returned from this function should be fairly
// verbose, to help with debugging.
func (p *Processor) DebugAPUrl(
	ctx context.Context,
	adminAcct *gtsmodel.Account,
	urlStr string,
) (*apimodel.DebugAPUrlResponse, gtserror.WithCode) {
	// Validate URL.
	if urlStr == "" {
		err := gtserror.New("empty URL")
		return nil, gtserror.NewErrorBadRequest(err, err.Error())
	}

	url, err := url.Parse(urlStr)
	if err != nil {
		err := gtserror.Newf("invalid URL: %w", err)
		return nil, gtserror.NewErrorBadRequest(err, err.Error())
	}

	if url == nil || (url.Scheme != "http" && url.Scheme != "https") {
		err = gtserror.New("invalid URL scheme, acceptable schemes are http or https")
		return nil, gtserror.NewErrorBadRequest(err, err.Error())
	}

	// Ensure URL not blocked.
	blocked, err := p.state.DB.IsDomainBlocked(ctx, url.Host)
	if err != nil {
		err = gtserror.Newf("db error checking for domain block: %w", err)
		return nil, gtserror.NewErrorInternalError(err, err.Error())
	}

	if blocked {
		err = gtserror.Newf("target domain %s is blocked", url.Host)
		return nil, gtserror.NewErrorBadRequest(err, err.Error())
	}

	// All looks fine. Prepare the transport and (signed) GET request.
	tsport, err := p.transport.NewTransportForUsername(ctx, adminAcct.Username)
	if err != nil {
		err = gtserror.Newf("error creating transport: %w", err)
		return nil, gtserror.NewErrorInternalError(err, err.Error())
	}

	req, err := http.NewRequestWithContext(
		// Caller will want a snappy
		// response so don't retry.
		gtscontext.SetFastFail(ctx),
		http.MethodGet, urlStr, nil,
	)
	if err != nil {
		err = gtserror.Newf("error creating request: %w", err)
		return nil, gtserror.NewErrorUnprocessableEntity(err, err.Error())
	}

	req.Header.Add("Accept", string(apiutil.AppActivityLDJSON)+","+string(apiutil.AppActivityJSON))
	req.Header.Add("Accept-Charset", "utf-8")

	// Perform the HTTP request,
	// and return everything.
	rsp, err := tsport.GET(req)
	if err != nil {
		err = gtserror.Newf("error doing dereference: %w", err)
		return nil, gtserror.NewErrorUnprocessableEntity(err, err.Error())
	}
	defer rsp.Body.Close()

	b, err := io.ReadAll(rsp.Body)
	if err != nil {
		err := gtserror.Newf("error reading response body bytes: %w", err)
		return nil, gtserror.NewErrorUnprocessableEntity(err, err.Error())
	}

	debugResponse := &apimodel.DebugAPUrlResponse{
		RequestURL:      urlStr,
		RequestHeaders:  req.Header,
		ResponseHeaders: rsp.Header,
		ResponseCode:    rsp.StatusCode,
		ResponseBody:    string(b),
	}

	return debugResponse, nil
}
[feature] Add `/api/v1/admin/debug/apurl` endpoint (#2359) 2023-11-27 15:02:52 +01:00			`// GoToSocial`
			`// Copyright (C) GoToSocial Authors admin@gotosocial.org`
			`// SPDX-License-Identifier: AGPL-3.0-or-later`
			`//`
			`// This program is free software: you can redistribute it and/or modify`
			`// it under the terms of the GNU Affero General Public License as published by`
			`// the Free Software Foundation, either version 3 of the License, or`
			`// (at your option) any later version.`
			`//`
			`// This program is distributed in the hope that it will be useful,`
			`// but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`// GNU Affero General Public License for more details.`
			`//`
			`// You should have received a copy of the GNU Affero General Public License`
			`// along with this program. If not, see <http://www.gnu.org/licenses/>.`

			`package admin`

			`import (`
			`"context"`
			`"io"`
			`"net/http"`
			`"net/url"`

[feature] Move to code.superseriousbusiness.org 2025-04-26 15:34:10 +02:00			`apimodel "code.superseriousbusiness.org/gotosocial/internal/api/model"`
			`apiutil "code.superseriousbusiness.org/gotosocial/internal/api/util"`
			`"code.superseriousbusiness.org/gotosocial/internal/gtscontext"`
			`"code.superseriousbusiness.org/gotosocial/internal/gtserror"`
			`"code.superseriousbusiness.org/gotosocial/internal/gtsmodel"`
[feature] Add `/api/v1/admin/debug/apurl` endpoint (#2359) 2023-11-27 15:02:52 +01:00			`)`

			`// DebugAPUrl performs a GET to the given url, using the`
			`// signature of the given admin account. The GET will`
			`// have Accept set to the ActivityPub content types.`
			`//`
			`// Only urls with schema http or https are allowed.`
			`//`
			`// Calls to blocked domains are not allowed, not only`
			`// because it's unfair to call them when they can't`
			`// call us, but because it probably won't work anyway`
			`// if they try to dereference the calling account.`
			`//`
			`// Errors returned from this function should be fairly`
			`// verbose, to help with debugging.`
			`func (p *Processor) DebugAPUrl(`
			`ctx context.Context,`
			`adminAcct *gtsmodel.Account,`
			`urlStr string,`
			`) (*apimodel.DebugAPUrlResponse, gtserror.WithCode) {`
			`// Validate URL.`
			`if urlStr == "" {`
			`err := gtserror.New("empty URL")`
			`return nil, gtserror.NewErrorBadRequest(err, err.Error())`
			`}`

			`url, err := url.Parse(urlStr)`
			`if err != nil {`
			`err := gtserror.Newf("invalid URL: %w", err)`
			`return nil, gtserror.NewErrorBadRequest(err, err.Error())`
			`}`

			`if url == nil \|\| (url.Scheme != "http" && url.Scheme != "https") {`
			`err = gtserror.New("invalid URL scheme, acceptable schemes are http or https")`
			`return nil, gtserror.NewErrorBadRequest(err, err.Error())`
			`}`

			`// Ensure URL not blocked.`
			`blocked, err := p.state.DB.IsDomainBlocked(ctx, url.Host)`
			`if err != nil {`
			`err = gtserror.Newf("db error checking for domain block: %w", err)`
			`return nil, gtserror.NewErrorInternalError(err, err.Error())`
			`}`

			`if blocked {`
			`err = gtserror.Newf("target domain %s is blocked", url.Host)`
			`return nil, gtserror.NewErrorBadRequest(err, err.Error())`
			`}`

			`// All looks fine. Prepare the transport and (signed) GET request.`
[chore] media and emoji refactoring (#3000) * start updating media manager interface ready for storing attachments / emoji right away * store emoji and media as uncached immediately, then (re-)cache on Processing{}.Load() * remove now unused media workers * fix tests and issues * fix another test! * fix emoji activitypub uri setting behaviour, fix remainder of test compilation issues * fix more tests * fix (most of) remaining tests, add debouncing to repeatedly failing media / emojis * whoops, rebase issue * remove kim's whacky experiments * do some reshuffling, ensure emoji uri gets set * ensure marked as not cached on cleanup * tweaks to media / emoji processing to handle context canceled better * ensure newly fetched emojis actually get set in returned slice * use different varnames to be a bit more obvious * move emoji refresh rate limiting to dereferencer * add exported dereferencer functions for remote media, use these for recaching in processor * add check for nil attachment in updateAttachment() * remove unused emoji and media fields + columns * see previous commit * fix old migrations expecting image_updated_at to exists (from copies of old models) * remove freshness checking code (seems to be broken...) * fix error arg causing nil ptr exception * finish documentating functions with comments, slight tweaks to media / emoji deref error logic * remove some extra unneeded boolean checking * finish writing documentation (code comments) for exported media manager methods * undo changes to migration snapshot gtsmodels, updated failing migration to have its own snapshot * move doesColumnExist() to util.go in migrations package 2024-06-26 15:01:16 +00:00			`tsport, err := p.transport.NewTransportForUsername(ctx, adminAcct.Username)`
[feature] Add `/api/v1/admin/debug/apurl` endpoint (#2359) 2023-11-27 15:02:52 +01:00			`if err != nil {`
			`err = gtserror.Newf("error creating transport: %w", err)`
			`return nil, gtserror.NewErrorInternalError(err, err.Error())`
			`}`

			`req, err := http.NewRequestWithContext(`
			`// Caller will want a snappy`
			`// response so don't retry.`
			`gtscontext.SetFastFail(ctx),`
			`http.MethodGet, urlStr, nil,`
			`)`
			`if err != nil {`
			`err = gtserror.Newf("error creating request: %w", err)`
			`return nil, gtserror.NewErrorUnprocessableEntity(err, err.Error())`
			`}`

			`req.Header.Add("Accept", string(apiutil.AppActivityLDJSON)+","+string(apiutil.AppActivityJSON))`
			`req.Header.Add("Accept-Charset", "utf-8")`

			`// Perform the HTTP request,`
			`// and return everything.`
			`rsp, err := tsport.GET(req)`
			`if err != nil {`
			`err = gtserror.Newf("error doing dereference: %w", err)`
			`return nil, gtserror.NewErrorUnprocessableEntity(err, err.Error())`
			`}`
			`defer rsp.Body.Close()`

			`b, err := io.ReadAll(rsp.Body)`
			`if err != nil {`
			`err := gtserror.Newf("error reading response body bytes: %w", err)`
			`return nil, gtserror.NewErrorUnprocessableEntity(err, err.Error())`
			`}`

			`debugResponse := &apimodel.DebugAPUrlResponse{`
			`RequestURL: urlStr,`
			`RequestHeaders: req.Header,`
			`ResponseHeaders: rsp.Header,`
			`ResponseCode: rsp.StatusCode,`
			`ResponseBody: string(b),`
			`}`

			`return debugResponse, nil`
			`}`