davrot/forgejo_backup
1
0
Fork 0
mirror of https://codeberg.org/davrot/forgejo.git synced 2025-06-23 17:00:03 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(activitiypub): enable HTTP signatures on all ActivityPub endpoints (#7035)

Browse source 
- Set the right keyID and use the right signing keys for outgoing requests.
- Verify the HTTP signature of all incoming requests, except for the server actor.
- Caches keys of incoming requests for users and servers actors.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7035
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: famfo <famfo@famfo.xyz>
Co-committed-by: famfo <famfo@famfo.xyz>
This commit is contained in:
famfo 2025-04-03 15:24:15 +00:00 committed by David Rotermund
parent 376c2aec8a
commit 4c18778bbf
22 changed files with 681 additions and 122 deletions
Download patch file Download diff file Expand all files Collapse all files

5
models/user/user.go
View file

@ -311,11 +311,6 @@ func (u *User) HTMLURL() string {
return setting.AppURL + url.PathEscape(u.Name)
}
// APActorID returns the IRI to the api endpoint of the user
func (u *User) APActorID() string {
return fmt.Sprintf("%vapi/v1/activitypub/user-id/%v", setting.AppURL, url.PathEscape(fmt.Sprintf("%v", u.ID)))
}
// OrganisationLink returns the organization sub page link.
func (u *User) OrganisationLink() string {
return setting.AppSubURL + "/org/" + url.PathEscape(u.Name)