Initial commit for new v2

app/activitypub.py

@@ -0,0 +1,276 @@
+import enum
+import json
+import mimetypes
+from typing import Any
+
+import httpx
+
+from app import config
+from app.httpsig import auth
+from app.key import get_pubkey_as_pem
+
+RawObject = dict[str, Any]
+AS_CTX = "https://www.w3.org/ns/activitystreams"
+AS_PUBLIC = "https://www.w3.org/ns/activitystreams#Public"
+
+ACTOR_TYPES = ["Application", "Group", "Organization", "Person", "Service"]
+
+
+class VisibilityEnum(str, enum.Enum):
+    PUBLIC = "public"
+    UNLISTED = "unlisted"
+    DIRECT = "direct"
+
+
+MICROBLOGPUB = {
+    "@context": [
+        "https://www.w3.org/ns/activitystreams",
+        "https://w3id.org/security/v1",
+        {
+            "Hashtag": "as:Hashtag",
+            "PropertyValue": "schema:PropertyValue",
+            "manuallyApprovesFollowers": "as:manuallyApprovesFollowers",
+            "ostatus": "http://ostatus.org#",
+            "schema": "http://schema.org",
+            "sensitive": "as:sensitive",
+            "toot": "http://joinmastodon.org/ns#",
+            "totalItems": "as:totalItems",
+            "value": "schema:value",
+            "Emoji": "toot:Emoji",
+        },
+    ]
+}
+
+DEFAULT_CTX = COLLECTION_CTX = [
+    "https://www.w3.org/ns/activitystreams",
+    "https://w3id.org/security/v1",
+    {
+        # AS ext
+        "Hashtag": "as:Hashtag",
+        "sensitive": "as:sensitive",
+        "manuallyApprovesFollowers": "as:manuallyApprovesFollowers",
+        # toot
+        "toot": "http://joinmastodon.org/ns#",
+        # "featured": "toot:featured",
+        # schema
+        "schema": "http://schema.org#",
+        "PropertyValue": "schema:PropertyValue",
+        "value": "schema:value",
+    },
+]
+
+ME = {
+    "@context": DEFAULT_CTX,
+    "type": "Person",
+    "id": config.ID,
+    "following": config.BASE_URL + "/following",
+    "followers": config.BASE_URL + "/followers",
+    # "featured": ID + "/featured",
+    "inbox": config.BASE_URL + "/inbox",
+    "outbox": config.BASE_URL + "/outbox",
+    "preferredUsername": config.USERNAME,
+    "name": config.CONFIG.name,
+    "summary": config.CONFIG.summary,
+    "endpoints": {},
+    "url": config.ID,
+    "manuallyApprovesFollowers": False,
+    "attachment": [],
+    "icon": {
+        "mediaType": mimetypes.guess_type(config.CONFIG.icon_url)[0],
+        "type": "Image",
+        "url": config.CONFIG.icon_url,
+    },
+    "publicKey": {
+        "id": f"{config.ID}#main-key",
+        "owner": config.ID,
+        "publicKeyPem": get_pubkey_as_pem(),
+    },
+    "alsoKnownAs": [],
+}
+
+
+class NotAnObjectError(Exception):
+    def __init__(self, url: str, resp: httpx.Response | None = None) -> None:
+        message = f"{url} is not an AP activity"
+        super().__init__(message)
+        self.url = url
+        self.resp = resp
+
+
+def fetch(url: str, params: dict[str, Any] | None = None) -> dict[str, Any]:
+    resp = httpx.get(
+        url,
+        headers={
+            "User-Agent": config.USER_AGENT,
+            "Accept": config.AP_CONTENT_TYPE,
+        },
+        params=params,
+        follow_redirects=True,
+    )
+    resp.raise_for_status()
+    try:
+        return resp.json()
+    except json.JSONDecodeError:
+        raise NotAnObjectError(url, resp)
+
+
+def parse_collection(  # noqa: C901
+    url: str | None = None,
+    payload: RawObject | None = None,
+    level: int = 0,
+) -> list[RawObject]:
+    """Resolve/fetch a `Collection`/`OrderedCollection`."""
+    if level > 3:
+        raise ValueError("recursion limit exceeded")
+
+    # Go through all the pages
+    out: list[RawObject] = []
+    if url:
+        payload = fetch(url)
+    if not payload:
+        raise ValueError("must at least prove a payload or an URL")
+
+    ap_type = payload.get("type")
+    if not ap_type:
+        raise ValueError(f"Missing type: {payload=}")
+
+    if level == 0 and ap_type not in ["Collection", "OrderedCollection"]:
+        raise ValueError(f"Unexpected type {ap_type}")
+
+    if payload["type"] in ["Collection", "OrderedCollection"]:
+        if "orderedItems" in payload:
+            return payload["orderedItems"]
+        if "items" in payload:
+            return payload["items"]
+        if "first" in payload:
+            if isinstance(payload["first"], str):
+                out.extend(parse_collection(url=payload["first"], level=level + 1))
+            else:
+                if "orderedItems" in payload["first"]:
+                    out.extend(payload["first"]["orderedItems"])
+                if "items" in payload["first"]:
+                    out.extend(payload["first"]["items"])
+                n = payload["first"].get("next")
+                if n:
+                    out.extend(parse_collection(url=n, level=level + 1))
+        return out
+
+    while payload:
+        if ap_type in ["CollectionPage", "OrderedCollectionPage"]:
+            if "orderedItems" in payload:
+                out.extend(payload["orderedItems"])
+            if "items" in payload:
+                out.extend(payload["items"])
+            n = payload.get("next")
+            if n is None:
+                break
+            payload = fetch(n)
+        else:
+            raise ValueError("unexpected activity type {}".format(payload["type"]))
+
+    return out
+
+
+def as_list(val: Any | list[Any]) -> list[Any]:
+    if isinstance(val, list):
+        return val
+
+    return [val]
+
+
+def get_id(val: str | dict[str, Any]) -> str:
+    if isinstance(val, dict):
+        val = val["id"]
+
+    if not isinstance(val, str):
+        raise ValueError(f"Invalid ID type: {val}")
+
+    return val
+
+
+def object_visibility(ap_activity: RawObject) -> VisibilityEnum:
+    to = as_list(ap_activity.get("to", []))
+    cc = as_list(ap_activity.get("cc", []))
+    if AS_PUBLIC in to:
+        return VisibilityEnum.PUBLIC
+    elif AS_PUBLIC in cc:
+        return VisibilityEnum.UNLISTED
+    else:
+        return VisibilityEnum.DIRECT
+
+
+def get_actor_id(activity: RawObject) -> str:
+    if activity["type"] in ["Note", "Article", "Video"]:
+        attributed_to = as_list(activity["attributedTo"])
+        return get_id(attributed_to[0])
+    else:
+        return get_id(activity["actor"])
+
+
+def wrap_object(activity: RawObject) -> RawObject:
+    return {
+        "@context": AS_CTX,
+        "actor": config.ID,
+        "to": activity.get("to", []),
+        "cc": activity.get("cc", []),
+        "id": activity["id"] + "/activity",
+        "object": remove_context(activity),
+        "published": activity["published"],
+        "type": "Create",
+    }
+
+
+def wrap_object_if_needed(raw_object: RawObject) -> RawObject:
+    if raw_object["type"] in ["Note"]:
+        return wrap_object(raw_object)
+
+    return raw_object
+
+
+def unwrap_activity(activity: RawObject) -> RawObject:
+    # FIXME(ts): other types to unwrap?
+    if activity["type"] == "Create":
+        unwrapped_object = activity["object"]
+
+        # Sanity check, ensure the wrapped object actor matches the activity
+        if get_actor_id(unwrapped_object) != get_actor_id(activity):
+            raise ValueError(
+                f"Unwrapped object actor does not match activity: {activity}"
+            )
+        return unwrapped_object
+
+    return activity
+
+
+def remove_context(raw_object: RawObject) -> RawObject:
+    if "@context" not in raw_object:
+        return raw_object
+    a = dict(raw_object)
+    del a["@context"]
+    return a
+
+
+def get(url: str, params: dict[str, Any] | None = None) -> dict[str, Any]:
+    resp = httpx.get(
+        url,
+        headers={"User-Agent": config.USER_AGENT, "Accept": config.AP_CONTENT_TYPE},
+        params=params,
+        follow_redirects=True,
+        auth=auth,
+    )
+    resp.raise_for_status()
+    return resp.json()
+
+
+def post(url: str, payload: dict[str, Any]) -> httpx.Response:
+    resp = httpx.post(
+        url,
+        headers={
+            "User-Agent": config.USER_AGENT,
+            "Content-Type": config.AP_CONTENT_TYPE,
+        },
+        json=payload,
+        auth=auth,
+    )
+    resp.raise_for_status()
+    return resp

app/actor.py

@@ -0,0 +1,190 @@
+import typing
+from dataclasses import dataclass
+from urllib.parse import urlparse
+
+from sqlalchemy.orm import Session
+from sqlalchemy.orm import joinedload
+
+from app import activitypub as ap
+
+if typing.TYPE_CHECKING:
+    from app.models import Actor as ActorModel
+
+
+def _handle(raw_actor: ap.RawObject) -> str:
+    ap_id = ap.get_id(raw_actor["id"])
+    domain = urlparse(ap_id)
+    if not domain.hostname:
+        raise ValueError(f"Invalid actor ID {ap_id}")
+
+    return f'@{raw_actor["preferredUsername"]}@{domain.hostname}'  # type: ignore
+
+
+class Actor:
+    @property
+    def ap_actor(self) -> ap.RawObject:
+        raise NotImplementedError()
+
+    @property
+    def ap_id(self) -> str:
+        return ap.get_id(self.ap_actor["id"])
+
+    @property
+    def name(self) -> str | None:
+        return self.ap_actor.get("name")
+
+    @property
+    def summary(self) -> str | None:
+        return self.ap_actor.get("summary")
+
+    @property
+    def url(self) -> str | None:
+        return self.ap_actor.get("url") or self.ap_actor["id"]
+
+    @property
+    def preferred_username(self) -> str:
+        return self.ap_actor["preferredUsername"]
+
+    @property
+    def handle(self) -> str:
+        return _handle(self.ap_actor)
+
+    @property
+    def ap_type(self) -> str:
+        raise NotImplementedError()
+
+    @property
+    def inbox_url(self) -> str:
+        return self.ap_actor["inbox"]
+
+    @property
+    def shared_inbox_url(self) -> str | None:
+        return self.ap_actor.get("endpoints", {}).get("sharedInbox")
+
+    @property
+    def icon_url(self) -> str | None:
+        return self.ap_actor.get("icon", {}).get("url")
+
+    @property
+    def icon_media_type(self) -> str | None:
+        return self.ap_actor.get("icon", {}).get("mediaType")
+
+    @property
+    def public_key_as_pem(self) -> str:
+        return self.ap_actor["publicKey"]["publicKeyPem"]
+
+    @property
+    def public_key_id(self) -> str:
+        return self.ap_actor["publicKey"]["id"]
+
+
+class RemoteActor(Actor):
+    def __init__(self, ap_actor: ap.RawObject) -> None:
+        if (ap_type := ap_actor.get("type")) not in ap.ACTOR_TYPES:
+            raise ValueError(f"Unexpected actor type: {ap_type}")
+
+        self._ap_actor = ap_actor
+        self._ap_type = ap_type
+
+    @property
+    def ap_actor(self) -> ap.RawObject:
+        return self._ap_actor
+
+    @property
+    def ap_type(self) -> str:
+        return self._ap_type
+
+    @property
+    def is_from_db(self) -> bool:
+        return False
+
+
+LOCAL_ACTOR = RemoteActor(ap_actor=ap.ME)
+
+
+def save_actor(db: Session, ap_actor: ap.RawObject) -> "ActorModel":
+    from app import models
+
+    if ap_type := ap_actor.get("type") not in ap.ACTOR_TYPES:
+        raise ValueError(f"Invalid type {ap_type} for actor {ap_actor}")
+
+    actor = models.Actor(
+        ap_id=ap_actor["id"],
+        ap_actor=ap_actor,
+        ap_type=ap_actor["type"],
+        handle=_handle(ap_actor),
+    )
+    db.add(actor)
+    db.commit()
+    db.refresh(actor)
+    return actor
+
+
+def fetch_actor(db: Session, actor_id: str) -> "ActorModel":
+    from app import models
+
+    existing_actor = (
+        db.query(models.Actor).filter(models.Actor.ap_id == actor_id).one_or_none()
+    )
+    if existing_actor:
+        return existing_actor
+
+    ap_actor = ap.get(actor_id)
+    return save_actor(db, ap_actor)
+
+
+@dataclass
+class ActorMetadata:
+    ap_actor_id: str
+    is_following: bool
+    is_follower: bool
+    is_follow_request_sent: bool
+    outbox_follow_ap_id: str | None
+    inbox_follow_ap_id: str | None
+
+
+ActorsMetadata = dict[str, ActorMetadata]
+
+
+def get_actors_metadata(
+    db: Session,
+    actors: list["ActorModel"],
+) -> ActorsMetadata:
+    from app import models
+
+    ap_actor_ids = [actor.ap_id for actor in actors]
+    followers = {
+        follower.ap_actor_id: follower.inbox_object.ap_id
+        for follower in db.query(models.Follower)
+        .filter(models.Follower.ap_actor_id.in_(ap_actor_ids))
+        .options(joinedload(models.Follower.inbox_object))
+        .all()
+    }
+    following = {
+        following.ap_actor_id
+        for following in db.query(models.Following.ap_actor_id)
+        .filter(models.Following.ap_actor_id.in_(ap_actor_ids))
+        .all()
+    }
+    sent_follow_requests = {
+        follow_req.ap_object["object"]: follow_req.ap_id
+        for follow_req in db.query(
+            models.OutboxObject.ap_object, models.OutboxObject.ap_id
+        )
+        .filter(
+            models.OutboxObject.ap_type == "Follow",
+            models.OutboxObject.undone_by_outbox_object_id.is_(None),
+        )
+        .all()
+    }
+    idx: ActorsMetadata = {}
+    for actor in actors:
+        idx[actor.ap_id] = ActorMetadata(
+            ap_actor_id=actor.ap_id,
+            is_following=actor.ap_id in following,
+            is_follower=actor.ap_id in followers,
+            is_follow_request_sent=actor.ap_id in sent_follow_requests,
+            outbox_follow_ap_id=sent_follow_requests.get(actor.ap_id),
+            inbox_follow_ap_id=followers.get(actor.ap_id),
+        )
+    return idx

app/admin.py

@@ -0,0 +1,286 @@
+from fastapi import APIRouter
+from fastapi import Cookie
+from fastapi import Depends
+from fastapi import Form
+from fastapi import Request
+from fastapi import UploadFile
+from fastapi.exceptions import HTTPException
+from fastapi.responses import RedirectResponse
+from sqlalchemy.orm import Session
+from sqlalchemy.orm import joinedload
+
+from app import activitypub as ap
+from app import boxes
+from app import models
+from app import templates
+from app.actor import get_actors_metadata
+from app.boxes import get_inbox_object_by_ap_id
+from app.boxes import send_follow
+from app.config import generate_csrf_token
+from app.config import session_serializer
+from app.config import verify_csrf_token
+from app.config import verify_password
+from app.database import get_db
+from app.lookup import lookup
+
+
+def user_session_or_redirect(
+    request: Request,
+    session: str | None = Cookie(default=None),
+) -> None:
+    _RedirectToLoginPage = HTTPException(
+        status_code=302,
+        headers={"Location": request.url_for("login")},
+    )
+
+    if not session:
+        raise _RedirectToLoginPage
+
+    try:
+        loaded_session = session_serializer.loads(session, max_age=3600 * 12)
+    except Exception:
+        raise _RedirectToLoginPage
+
+    if not loaded_session.get("is_logged_in"):
+        raise _RedirectToLoginPage
+
+    return None
+
+
+router = APIRouter(
+    dependencies=[Depends(user_session_or_redirect)],
+)
+unauthenticated_router = APIRouter()
+
+
+@router.get("/")
+def admin_index(
+    request: Request,
+    db: Session = Depends(get_db),
+) -> templates.TemplateResponse:
+    return templates.render_template(db, request, "index.html", {"request": request})
+
+
+@router.get("/lookup")
+def get_lookup(
+    request: Request,
+    query: str | None = None,
+    db: Session = Depends(get_db),
+) -> templates.TemplateResponse:
+    ap_object = None
+    actors_metadata = {}
+    if query:
+        ap_object = lookup(db, query)
+        if ap_object.ap_type in ap.ACTOR_TYPES:
+            actors_metadata = get_actors_metadata(db, [ap_object])
+        else:
+            actors_metadata = get_actors_metadata(db, [ap_object.actor])
+        print(ap_object)
+    return templates.render_template(
+        db,
+        request,
+        "lookup.html",
+        {
+            "query": query,
+            "ap_object": ap_object,
+            "actors_metadata": actors_metadata,
+        },
+    )
+
+
+@router.get("/new")
+def admin_new(
+    request: Request,
+    query: str | None = None,
+    db: Session = Depends(get_db),
+) -> templates.TemplateResponse:
+    return templates.render_template(
+        db,
+        request,
+        "admin_new.html",
+        {},
+    )
+
+
+@router.get("/stream")
+def stream(
+    request: Request,
+    db: Session = Depends(get_db),
+) -> templates.TemplateResponse:
+    stream = (
+        db.query(models.InboxObject)
+        .filter(
+            models.InboxObject.ap_type.in_(["Note", "Article", "Video", "Announce"]),
+            models.InboxObject.is_hidden_from_stream.is_(False),
+            models.InboxObject.undone_by_inbox_object_id.is_(None),
+        )
+        .options(
+            # joinedload(models.InboxObject.relates_to_inbox_object),
+            joinedload(models.InboxObject.relates_to_outbox_object),
+        )
+        .order_by(models.InboxObject.ap_published_at.desc())
+        .limit(20)
+        .all()
+    )
+    return templates.render_template(
+        db,
+        request,
+        "admin_stream.html",
+        {
+            "stream": stream,
+        },
+    )
+
+
+@router.get("/notifications")
+def get_notifications(
+    request: Request, db: Session = Depends(get_db)
+) -> templates.TemplateResponse:
+    notifications = (
+        db.query(models.Notification)
+        .options(
+            joinedload(models.Notification.actor),
+            joinedload(models.Notification.inbox_object),
+            joinedload(models.Notification.outbox_object),
+        )
+        .order_by(models.Notification.created_at.desc())
+        .all()
+    )
+    actors_metadata = get_actors_metadata(
+        db, [notif.actor for notif in notifications if notif.actor]
+    )
+
+    for notif in notifications:
+        notif.is_new = False
+    db.commit()
+
+    return templates.render_template(
+        db,
+        request,
+        "notifications.html",
+        {
+            "notifications": notifications,
+            "actors_metadata": actors_metadata,
+        },
+    )
+
+
+@router.post("/actions/follow")
+def admin_actions_follow(
+    request: Request,
+    ap_actor_id: str = Form(),
+    redirect_url: str = Form(),
+    csrf_check: None = Depends(verify_csrf_token),
+    db: Session = Depends(get_db),
+) -> RedirectResponse:
+    print(f"Following {ap_actor_id}")
+    send_follow(db, ap_actor_id)
+    return RedirectResponse(redirect_url, status_code=302)
+
+
+@router.post("/actions/like")
+def admin_actions_like(
+    request: Request,
+    ap_object_id: str = Form(),
+    redirect_url: str = Form(),
+    csrf_check: None = Depends(verify_csrf_token),
+    db: Session = Depends(get_db),
+) -> RedirectResponse:
+    boxes.send_like(db, ap_object_id)
+    return RedirectResponse(redirect_url, status_code=302)
+
+
+@router.post("/actions/undo")
+def admin_actions_undo(
+    request: Request,
+    ap_object_id: str = Form(),
+    redirect_url: str = Form(),
+    csrf_check: None = Depends(verify_csrf_token),
+    db: Session = Depends(get_db),
+) -> RedirectResponse:
+    boxes.send_undo(db, ap_object_id)
+    return RedirectResponse(redirect_url, status_code=302)
+
+
+@router.post("/actions/announce")
+def admin_actions_announce(
+    request: Request,
+    ap_object_id: str = Form(),
+    redirect_url: str = Form(),
+    csrf_check: None = Depends(verify_csrf_token),
+    db: Session = Depends(get_db),
+) -> RedirectResponse:
+    boxes.send_announce(db, ap_object_id)
+    return RedirectResponse(redirect_url, status_code=302)
+
+
+@router.post("/actions/bookmark")
+def admin_actions_bookmark(
+    request: Request,
+    ap_object_id: str = Form(),
+    redirect_url: str = Form(),
+    csrf_check: None = Depends(verify_csrf_token),
+    db: Session = Depends(get_db),
+) -> RedirectResponse:
+    inbox_object = get_inbox_object_by_ap_id(db, ap_object_id)
+    if not inbox_object:
+        raise ValueError("Should never happen")
+    inbox_object.is_bookmarked = True
+    db.commit()
+    return RedirectResponse(redirect_url, status_code=302)
+
+
+@router.post("/actions/new")
+async def admin_actions_new(
+    request: Request,
+    files: list[UploadFile],
+    content: str = Form(),
+    redirect_url: str = Form(),
+    csrf_check: None = Depends(verify_csrf_token),
+    db: Session = Depends(get_db),
+) -> RedirectResponse:
+    # XXX: for some reason, no files restuls in an empty single file
+    if len(files) >= 1 and files[0].filename:
+        print("Got files")
+    public_id = boxes.send_create(db, content)
+    return RedirectResponse(
+        request.url_for("outbox_by_public_id", public_id=public_id),
+        status_code=302,
+    )
+
+
+@unauthenticated_router.get("/login")
+def login(
+    request: Request,
+    db: Session = Depends(get_db),
+) -> templates.TemplateResponse:
+    return templates.render_template(
+        db,
+        request,
+        "login.html",
+        {"csrf_token": generate_csrf_token()},
+    )
+
+
+@unauthenticated_router.post("/login")
+def login_validation(
+    request: Request,
+    password: str = Form(),
+    csrf_check: None = Depends(verify_csrf_token),
+) -> RedirectResponse:
+    if not verify_password(password):
+        raise HTTPException(status_code=401)
+
+    resp = RedirectResponse("/admin", status_code=302)
+    resp.set_cookie("session", session_serializer.dumps({"is_logged_in": True}))  # type: ignore  # noqa: E501
+
+    return resp
+
+
+@router.get("/logout")
+def logout(
+    request: Request,
+) -> RedirectResponse:
+    resp = RedirectResponse(request.url_for("index"), status_code=302)
+    resp.set_cookie("session", session_serializer.dumps({"is_logged_in": False}))  # type: ignore  # noqa: E501
+    return resp

app/ap_object.py

@@ -0,0 +1,183 @@
+import hashlib
+from datetime import datetime
+from typing import Any
+
+import pydantic
+from dateutil.parser import isoparse
+from markdown import markdown
+
+from app import activitypub as ap
+from app import opengraph
+from app.actor import LOCAL_ACTOR
+from app.actor import Actor
+from app.actor import RemoteActor
+
+
+class Object:
+    @property
+    def is_from_db(self) -> bool:
+        return False
+
+    @property
+    def ap_type(self) -> str:
+        return self.ap_object["type"]
+
+    @property
+    def ap_object(self) -> ap.RawObject:
+        raise NotImplementedError
+
+    @property
+    def ap_id(self) -> str:
+        return ap.get_id(self.ap_object["id"])
+
+    @property
+    def ap_actor_id(self) -> str:
+        return ap.get_actor_id(self.ap_object)
+
+    @property
+    def ap_published_at(self) -> datetime | None:
+        # TODO: default to None? or now()?
+        if "published" in self.ap_object:
+            return isoparse(self.ap_object["published"])
+        elif "created" in self.ap_object:
+            return isoparse(self.ap_object["created"])
+        return None
+
+    @property
+    def actor(self) -> Actor:
+        raise NotImplementedError()
+
+    @property
+    def visibility(self) -> ap.VisibilityEnum:
+        return ap.object_visibility(self.ap_object)
+
+    @property
+    def context(self) -> str | None:
+        return self.ap_object.get("context")
+
+    @property
+    def sensitive(self) -> bool:
+        return self.ap_object.get("sensitive", False)
+
+    @property
+    def attachments(self) -> list["Attachment"]:
+        attachments = [
+            Attachment.parse_obj(obj) for obj in self.ap_object.get("attachment", [])
+        ]
+
+        # Also add any video Link (for PeerTube compat)
+        if self.ap_type == "Video":
+            for link in ap.as_list(self.ap_object.get("url", [])):
+                if (isinstance(link, dict)) and link.get("type") == "Link":
+                    if link.get("mediaType", "").startswith("video"):
+                        attachments.append(
+                            Attachment(
+                                type="Video",
+                                mediaType=link["mediaType"],
+                                url=link["href"],
+                            )
+                        )
+                        break
+
+        return attachments
+
+    @property
+    def url(self) -> str | None:
+        obj_url = self.ap_object.get("url")
+        if isinstance(obj_url, str):
+            return obj_url
+        elif obj_url:
+            for u in ap.as_list(obj_url):
+                if u["mediaType"] == "text/html":
+                    return u["href"]
+
+        return None
+
+    @property
+    def content(self) -> str | None:
+        content = self.ap_object.get("content")
+        if not content:
+            return None
+
+        # PeerTube returns the content as markdown
+        if self.ap_object.get("mediaType") == "text/markdown":
+            return markdown(content, extensions=["mdx_linkify"])
+
+        return content
+
+    @property
+    def permalink_id(self) -> str:
+        return (
+            "permalink-"
+            + hashlib.md5(
+                self.ap_id.encode(),
+                usedforsecurity=False,
+            ).hexdigest()
+        )
+
+    @property
+    def activity_object_ap_id(self) -> str | None:
+        if "object" in self.ap_object:
+            return ap.get_id(self.ap_object["object"])
+
+        return None
+
+    @property
+    def in_reply_to(self) -> str | None:
+        return self.ap_object.get("inReplyTo")
+
+
+def _to_camel(string: str) -> str:
+    cased = "".join(word.capitalize() for word in string.split("_"))
+    return cased[0:1].lower() + cased[1:]
+
+
+class BaseModel(pydantic.BaseModel):
+    class Config:
+        alias_generator = _to_camel
+
+
+class Attachment(BaseModel):
+    type: str
+    media_type: str
+    name: str | None
+    url: str
+
+
+class RemoteObject(Object):
+    def __init__(self, raw_object: ap.RawObject, actor: Actor | None = None):
+        self._raw_object = raw_object
+        self._actor: Actor
+
+        # Pre-fetch the actor
+        actor_id = ap.get_actor_id(raw_object)
+        if actor_id == LOCAL_ACTOR.ap_id:
+            self._actor = LOCAL_ACTOR
+        elif actor:
+            if actor.ap_id != actor_id:
+                raise ValueError(
+                    f"Invalid actor, got {actor.ap_id}, " f"expected {actor_id}"
+                )
+            self._actor = actor
+        else:
+            self._actor = RemoteActor(
+                ap_actor=ap.fetch(ap.get_actor_id(raw_object)),
+            )
+
+        self._og_meta = None
+        if self.ap_type == "Note":
+            self._og_meta = opengraph.og_meta_from_note(self._raw_object)
+
+    @property
+    def og_meta(self) -> list[dict[str, Any]] | None:
+        if self._og_meta:
+            return [og_meta.dict() for og_meta in self._og_meta]
+        return None
+
+    @property
+    def ap_object(self) -> ap.RawObject:
+        return self._raw_object
+
+    @property
+    def actor(self) -> Actor:
+        return self._actor

app/boxes.py

@@ -0,0 +1,684 @@
+"""Actions related to the AP inbox/outbox."""
+import uuid
+from urllib.parse import urlparse
+
+import httpx
+from dateutil.parser import isoparse
+from loguru import logger
+from sqlalchemy.exc import IntegrityError
+from sqlalchemy.orm import Session
+from sqlalchemy.orm import joinedload
+
+from app import activitypub as ap
+from app import config
+from app import models
+from app.actor import LOCAL_ACTOR
+from app.actor import RemoteActor
+from app.actor import fetch_actor
+from app.actor import save_actor
+from app.ap_object import RemoteObject
+from app.config import BASE_URL
+from app.config import ID
+from app.database import now
+from app.process_outgoing_activities import new_outgoing_activity
+from app.source import markdownify
+
+
+def allocate_outbox_id() -> str:
+    return uuid.uuid4().hex
+
+
+def outbox_object_id(outbox_id) -> str:
+    return f"{BASE_URL}/o/{outbox_id}"
+
+
+def save_outbox_object(
+    db: Session,
+    public_id: str,
+    raw_object: ap.RawObject,
+    relates_to_inbox_object_id: int | None = None,
+    relates_to_outbox_object_id: int | None = None,
+    source: str | None = None,
+) -> models.OutboxObject:
+    ra = RemoteObject(raw_object)
+
+    outbox_object = models.OutboxObject(
+        public_id=public_id,
+        ap_type=ra.ap_type,
+        ap_id=ra.ap_id,
+        ap_context=ra.context,
+        ap_object=ra.ap_object,
+        visibility=ra.visibility,
+        og_meta=ra.og_meta,
+        relates_to_inbox_object_id=relates_to_inbox_object_id,
+        relates_to_outbox_object_id=relates_to_outbox_object_id,
+        activity_object_ap_id=ra.activity_object_ap_id,
+        is_hidden_from_homepage=True if ra.in_reply_to else False,
+    )
+    db.add(outbox_object)
+    db.commit()
+    db.refresh(outbox_object)
+
+    return outbox_object
+
+
+def send_like(db: Session, ap_object_id: str) -> None:
+    inbox_object = get_inbox_object_by_ap_id(db, ap_object_id)
+    if not inbox_object:
+        raise ValueError(f"{ap_object_id} not found in the inbox")
+
+    like_id = allocate_outbox_id()
+    like = {
+        "@context": ap.AS_CTX,
+        "id": outbox_object_id(like_id),
+        "type": "Like",
+        "actor": ID,
+        "object": ap_object_id,
+    }
+    outbox_object = save_outbox_object(
+        db, like_id, like, relates_to_inbox_object_id=inbox_object.id
+    )
+    if not outbox_object.id:
+        raise ValueError("Should never happen")
+
+    inbox_object.liked_via_outbox_object_ap_id = outbox_object.ap_id
+    db.commit()
+
+    new_outgoing_activity(db, inbox_object.actor.inbox_url, outbox_object.id)
+
+
+def send_announce(db: Session, ap_object_id: str) -> None:
+    inbox_object = get_inbox_object_by_ap_id(db, ap_object_id)
+    if not inbox_object:
+        raise ValueError(f"{ap_object_id} not found in the inbox")
+
+    announce_id = allocate_outbox_id()
+    announce = {
+        "@context": ap.AS_CTX,
+        "id": outbox_object_id(announce_id),
+        "type": "Announce",
+        "actor": ID,
+        "object": ap_object_id,
+        "to": [ap.AS_PUBLIC],
+        "cc": [
+            f"{BASE_URL}/followers",
+            inbox_object.ap_actor_id,
+        ],
+    }
+    outbox_object = save_outbox_object(
+        db, announce_id, announce, relates_to_inbox_object_id=inbox_object.id
+    )
+    if not outbox_object.id:
+        raise ValueError("Should never happen")
+
+    inbox_object.announced_via_outbox_object_ap_id = outbox_object.ap_id
+    db.commit()
+
+    recipients = _compute_recipients(db, announce)
+    for rcp in recipients:
+        new_outgoing_activity(db, rcp, outbox_object.id)
+
+
+def send_follow(db: Session, ap_actor_id: str) -> None:
+    actor = fetch_actor(db, ap_actor_id)
+
+    follow_id = allocate_outbox_id()
+    follow = {
+        "@context": ap.AS_CTX,
+        "id": outbox_object_id(follow_id),
+        "type": "Follow",
+        "actor": ID,
+        "object": ap_actor_id,
+    }
+
+    outbox_object = save_outbox_object(db, follow_id, follow)
+    if not outbox_object.id:
+        raise ValueError("Should never happen")
+
+    new_outgoing_activity(db, actor.inbox_url, outbox_object.id)
+
+
+def send_undo(db: Session, ap_object_id: str) -> None:
+    outbox_object_to_undo = get_outbox_object_by_ap_id(db, ap_object_id)
+    if not outbox_object_to_undo:
+        raise ValueError(f"{ap_object_id} not found in the outbox")
+
+    if outbox_object_to_undo.ap_type not in ["Follow", "Like", "Announce"]:
+        raise ValueError(
+            f"Cannot build Undo for {outbox_object_to_undo.ap_type} activity"
+        )
+
+    undo_id = allocate_outbox_id()
+    undo = {
+        "@context": ap.AS_CTX,
+        "id": outbox_object_id(undo_id),
+        "type": "Undo",
+        "actor": ID,
+        "object": ap.remove_context(outbox_object_to_undo.ap_object),
+    }
+
+    outbox_object = save_outbox_object(
+        db,
+        undo_id,
+        undo,
+        relates_to_outbox_object_id=outbox_object_to_undo.id,
+    )
+    if not outbox_object.id:
+        raise ValueError("Should never happen")
+
+    outbox_object_to_undo.undone_by_outbox_object_id = outbox_object.id
+
+    if outbox_object_to_undo.ap_type == "Follow":
+        if not outbox_object_to_undo.activity_object_ap_id:
+            raise ValueError("Should never happen")
+        followed_actor = fetch_actor(db, outbox_object_to_undo.activity_object_ap_id)
+        new_outgoing_activity(
+            db,
+            followed_actor.inbox_url,
+            outbox_object.id,
+        )
+        # Also remove the follow from the following collection
+        db.query(models.Following).filter(
+            models.Following.ap_actor_id == followed_actor.ap_id
+        ).delete()
+        db.commit()
+    elif outbox_object_to_undo.ap_type == "Like":
+        liked_object_ap_id = outbox_object_to_undo.activity_object_ap_id
+        if not liked_object_ap_id:
+            raise ValueError("Should never happen")
+        liked_object = get_inbox_object_by_ap_id(db, liked_object_ap_id)
+        if not liked_object:
+            raise ValueError(f"Cannot find liked object {liked_object_ap_id}")
+        liked_object.liked_via_outbox_object_ap_id = None
+
+        # Send the Undo to the liked object's actor
+        new_outgoing_activity(
+            db,
+            liked_object.actor.inbox_url,  # type: ignore
+            outbox_object.id,
+        )
+    elif outbox_object_to_undo.ap_type == "Announce":
+        announced_object_ap_id = outbox_object_to_undo.activity_object_ap_id
+        if not announced_object_ap_id:
+            raise ValueError("Should never happen")
+        announced_object = get_inbox_object_by_ap_id(db, announced_object_ap_id)
+        if not announced_object:
+            raise ValueError(f"Cannot find announced object {announced_object_ap_id}")
+        announced_object.announced_via_outbox_object_ap_id = None
+
+        # Send the Undo to the original recipients
+        recipients = _compute_recipients(db, outbox_object.ap_object)
+        for rcp in recipients:
+            new_outgoing_activity(db, rcp, outbox_object.id)
+    else:
+        raise ValueError("Should never happen")
+
+
+def send_create(db: Session, source: str) -> str:
+    note_id = allocate_outbox_id()
+    published = now().replace(microsecond=0).isoformat().replace("+00:00", "Z")
+    context = f"{ID}/contexts/" + uuid.uuid4().hex
+    content, tags = markdownify(db, source)
+    note = {
+        "@context": ap.AS_CTX,
+        "type": "Note",
+        "id": outbox_object_id(note_id),
+        "attributedTo": ID,
+        "content": content,
+        "to": [ap.AS_PUBLIC],
+        "cc": [f"{BASE_URL}/followers"],
+        "published": published,
+        "context": context,
+        "conversation": context,
+        "url": outbox_object_id(note_id),
+        "tag": tags,
+        "summary": None,
+        "inReplyTo": None,
+        "sensitive": False,
+    }
+    outbox_object = save_outbox_object(db, note_id, note, source=source)
+    if not outbox_object.id:
+        raise ValueError("Should never happen")
+
+    for tag in tags:
+        if tag["type"] == "Hashtag":
+            tagged_object = models.TaggedOutboxObject(
+                tag=tag["name"][1:],
+                outbox_object_id=outbox_object.id,
+            )
+            db.add(tagged_object)
+    db.commit()
+
+    recipients = _compute_recipients(db, note)
+    for rcp in recipients:
+        new_outgoing_activity(db, rcp, outbox_object.id)
+
+    return note_id
+
+
+def _compute_recipients(db: Session, ap_object: ap.RawObject) -> set[str]:
+    _recipients = []
+    for field in ["to", "cc", "bto", "bcc"]:
+        if field in ap_object:
+            _recipients.extend(ap.as_list(ap_object[field]))
+
+    recipients = set()
+    for r in _recipients:
+        if r in [ap.AS_PUBLIC, ID]:
+            continue
+
+        # If we got a local collection, assume it's a collection of actors
+        if r.startswith(BASE_URL):
+            for raw_actor in fetch_collection(db, r):
+                actor = RemoteActor(raw_actor)
+                recipients.add(actor.shared_inbox_url or actor.inbox_url)
+
+            continue
+
+        # Is it a known actor?
+        known_actor = (
+            db.query(models.Actor).filter(models.Actor.ap_id == r).one_or_none()
+        )
+        if known_actor:
+            recipients.add(known_actor.shared_inbox_url or actor.inbox_url)
+            continue
+
+        # Fetch the object
+        raw_object = ap.fetch(r)
+        if raw_object.get("type") in ap.ACTOR_TYPES:
+            saved_actor = save_actor(db, raw_object)
+            recipients.add(saved_actor.shared_inbox_url or saved_actor.inbox_url)
+        else:
+            # Assume it's a collection of actors
+            for raw_actor in ap.parse_collection(payload=raw_object):
+                actor = RemoteActor(raw_actor)
+                recipients.add(actor.shared_inbox_url or actor.inbox_url)
+
+    return recipients
+
+
+def get_inbox_object_by_ap_id(db: Session, ap_id: str) -> models.InboxObject | None:
+    return (
+        db.query(models.InboxObject)
+        .filter(models.InboxObject.ap_id == ap_id)
+        .one_or_none()
+    )
+
+
+def get_outbox_object_by_ap_id(db: Session, ap_id: str) -> models.OutboxObject | None:
+    return (
+        db.query(models.OutboxObject)
+        .filter(models.OutboxObject.ap_id == ap_id)
+        .one_or_none()
+    )
+
+
+def _handle_delete_activity(
+    db: Session,
+    from_actor: models.Actor,
+    ap_object_to_delete: models.InboxObject,
+) -> None:
+    if from_actor.ap_id != ap_object_to_delete.actor.ap_id:
+        logger.warning(
+            "Actor mismatch between the activity and the object: "
+            f"{from_actor.ap_id}/{ap_object_to_delete.actor.ap_id}"
+        )
+        return
+
+    # TODO(ts): do we need to delete related activities? should we keep
+    # bookmarked objects with a deleted flag?
+    logger.info(f"Deleting {ap_object_to_delete.ap_type}/{ap_object_to_delete.ap_id}")
+    db.delete(ap_object_to_delete)
+    db.flush()
+
+
+def _handle_follow_follow_activity(
+    db: Session,
+    from_actor: models.Actor,
+    inbox_object: models.InboxObject,
+) -> None:
+    follower = models.Follower(
+        actor_id=from_actor.id,
+        inbox_object_id=inbox_object.id,
+        ap_actor_id=from_actor.ap_id,
+    )
+    try:
+        db.add(follower)
+        db.flush()
+    except IntegrityError:
+        pass  # TODO update the existing followe
+
+    # Reply with an Accept
+    reply_id = allocate_outbox_id()
+    reply = {
+        "@context": ap.AS_CTX,
+        "id": outbox_object_id(reply_id),
+        "type": "Accept",
+        "actor": ID,
+        "object": inbox_object.ap_id,
+    }
+    outbox_activity = save_outbox_object(db, reply_id, reply)
+    if not outbox_activity.id:
+        raise ValueError("Should never happen")
+    new_outgoing_activity(db, from_actor.inbox_url, outbox_activity.id)
+
+    notif = models.Notification(
+        notification_type=models.NotificationType.NEW_FOLLOWER,
+        actor_id=from_actor.id,
+    )
+    db.add(notif)
+
+
+def _handle_undo_activity(
+    db: Session,
+    from_actor: models.Actor,
+    undo_activity: models.InboxObject,
+    ap_activity_to_undo: models.InboxObject,
+) -> None:
+    if from_actor.ap_id != ap_activity_to_undo.actor.ap_id:
+        logger.warning(
+            "Actor mismatch between the activity and the object: "
+            f"{from_actor.ap_id}/{ap_activity_to_undo.actor.ap_id}"
+        )
+        return
+
+    ap_activity_to_undo.undone_by_inbox_object_id = undo_activity.id
+
+    if ap_activity_to_undo.ap_type == "Follow":
+        logger.info(f"Undo follow from {from_actor.ap_id}")
+        db.query(models.Follower).filter(
+            models.Follower.inbox_object_id == ap_activity_to_undo.id
+        ).delete()
+        notif = models.Notification(
+            notification_type=models.NotificationType.UNFOLLOW,
+            actor_id=from_actor.id,
+        )
+        db.add(notif)
+
+    elif ap_activity_to_undo.ap_type == "Like":
+        if not ap_activity_to_undo.activity_object_ap_id:
+            raise ValueError("Like without object")
+        liked_obj = get_outbox_object_by_ap_id(
+            db,
+            ap_activity_to_undo.activity_object_ap_id,
+        )
+        if not liked_obj:
+            logger.warning(
+                "Cannot find liked object: "
+                f"{ap_activity_to_undo.activity_object_ap_id}"
+            )
+            return
+
+        liked_obj.likes_count = models.OutboxObject.likes_count - 1
+        notif = models.Notification(
+            notification_type=models.NotificationType.UNDO_LIKE,
+            actor_id=from_actor.id,
+            outbox_object_id=liked_obj.id,
+            inbox_object_id=ap_activity_to_undo.id,
+        )
+        db.add(notif)
+
+    elif ap_activity_to_undo.ap_type == "Announce":
+        if not ap_activity_to_undo.activity_object_ap_id:
+            raise ValueError("Announce witout object")
+        announced_obj_ap_id = ap_activity_to_undo.activity_object_ap_id
+        logger.info(
+            f"Undo for announce {ap_activity_to_undo.ap_id}/{announced_obj_ap_id}"
+        )
+        if announced_obj_ap_id.startswith(BASE_URL):
+            announced_obj_from_outbox = get_outbox_object_by_ap_id(
+                db, announced_obj_ap_id
+            )
+            if announced_obj_from_outbox:
+                logger.info("Found in the oubox")
+                announced_obj_from_outbox.announces_count = (
+                    models.OutboxObject.announces_count - 1
+                )
+                notif = models.Notification(
+                    notification_type=models.NotificationType.UNDO_ANNOUNCE,
+                    actor_id=from_actor.id,
+                    outbox_object_id=announced_obj_from_outbox.id,
+                    inbox_object_id=ap_activity_to_undo.id,
+                )
+                db.add(notif)
+
+        # FIXME(ts): what to do with ap_activity_to_undo? flag? delete?
+    else:
+        logger.warning(f"Don't know how to undo {ap_activity_to_undo.ap_type} activity")
+
+    # commit will be perfomed in save_to_inbox
+
+
+def _handle_create_activity(
+    db: Session,
+    from_actor: models.Actor,
+    created_object: models.InboxObject,
+) -> None:
+    logger.info("Processing Create activity")
+    tags = created_object.ap_object.get("tag")
+
+    if not tags:
+        logger.info("No tags to process")
+        return None
+
+    if not isinstance(tags, list):
+        logger.info(f"Invalid tags: {tags}")
+        return None
+
+    for tag in tags:
+        if tag.get("name") == LOCAL_ACTOR.handle or tag.get("href") == LOCAL_ACTOR.url:
+            notif = models.Notification(
+                notification_type=models.NotificationType.MENTION,
+                actor_id=from_actor.id,
+                inbox_object_id=created_object.id,
+            )
+            db.add(notif)
+
+
+def save_to_inbox(db: Session, raw_object: ap.RawObject) -> None:
+    try:
+        actor = fetch_actor(db, raw_object["actor"])
+    except httpx.HTTPStatusError:
+        logger.exception("Failed to fetch actor")
+        # XXX: Delete 410 when we never seen the actor
+        return
+
+    ap_published_at = now()
+    if "published" in raw_object:
+        ap_published_at = isoparse(raw_object["published"])
+
+    ra = RemoteObject(ap.unwrap_activity(raw_object), actor=actor)
+    relates_to_inbox_object: models.InboxObject | None = None
+    relates_to_outbox_object: models.OutboxObject | None = None
+    if ra.activity_object_ap_id:
+        if ra.activity_object_ap_id.startswith(BASE_URL):
+            relates_to_outbox_object = get_outbox_object_by_ap_id(
+                db,
+                ra.activity_object_ap_id,
+            )
+        else:
+            relates_to_inbox_object = get_inbox_object_by_ap_id(
+                db,
+                ra.activity_object_ap_id,
+            )
+
+    inbox_object = models.InboxObject(
+        server=urlparse(ra.ap_id).netloc,
+        actor_id=actor.id,
+        ap_actor_id=actor.ap_id,
+        ap_type=ra.ap_type,
+        ap_id=ra.ap_id,
+        ap_context=ra.context,
+        ap_published_at=ap_published_at,
+        ap_object=ra.ap_object,
+        visibility=ra.visibility,
+        relates_to_inbox_object_id=relates_to_inbox_object.id
+        if relates_to_inbox_object
+        else None,
+        relates_to_outbox_object_id=relates_to_outbox_object.id
+        if relates_to_outbox_object
+        else None,
+        activity_object_ap_id=ra.activity_object_ap_id,
+        # Hide replies from the stream
+        is_hidden_from_stream=True if ra.in_reply_to else False,
+    )
+
+    db.add(inbox_object)
+    db.flush()
+    db.refresh(inbox_object)
+
+    if ra.ap_type == "Create":
+        _handle_create_activity(db, actor, inbox_object)
+    elif ra.ap_type == "Update":
+        pass
+    elif ra.ap_type == "Delete":
+        if relates_to_inbox_object:
+            _handle_delete_activity(db, actor, relates_to_inbox_object)
+        else:
+            # TODO(ts): handle delete actor
+            logger.info(
+                f"Received a Delete for an unknown object: {ra.activity_object_ap_id}"
+            )
+    elif ra.ap_type == "Follow":
+        _handle_follow_follow_activity(db, actor, inbox_object)
+    elif ra.ap_type == "Undo":
+        if relates_to_inbox_object:
+            _handle_undo_activity(db, actor, inbox_object, relates_to_inbox_object)
+        else:
+            logger.info("Received Undo for an unknown activity")
+    elif ra.ap_type in ["Accept", "Reject"]:
+        if not relates_to_outbox_object:
+            logger.info(
+                f"Received {raw_object['type']} for an unknown activity: "
+                f"{ra.activity_object_ap_id}"
+            )
+        else:
+            if relates_to_outbox_object.ap_type == "Follow":
+                following = models.Following(
+                    actor_id=actor.id,
+                    outbox_object_id=relates_to_outbox_object.id,
+                    ap_actor_id=actor.ap_id,
+                )
+                db.add(following)
+            else:
+                logger.info(
+                    "Received an Accept for an unsupported activity: "
+                    f"{relates_to_outbox_object.ap_type}"
+                )
+    elif ra.ap_type == "Like":
+        if not relates_to_outbox_object:
+            logger.info(
+                f"Received a like for an unknown activity: {ra.activity_object_ap_id}"
+            )
+        else:
+            relates_to_outbox_object.likes_count = models.OutboxObject.likes_count + 1
+
+            notif = models.Notification(
+                notification_type=models.NotificationType.LIKE,
+                actor_id=actor.id,
+                outbox_object_id=relates_to_outbox_object.id,
+                inbox_object_id=inbox_object.id,
+            )
+            db.add(notif)
+    elif raw_object["type"] == "Announce":
+        if relates_to_outbox_object:
+            # This is an announce for a local object
+            relates_to_outbox_object.announces_count = (
+                models.OutboxObject.announces_count + 1
+            )
+
+            notif = models.Notification(
+                notification_type=models.NotificationType.ANNOUNCE,
+                actor_id=actor.id,
+                outbox_object_id=relates_to_outbox_object.id,
+                inbox_object_id=inbox_object.id,
+            )
+            db.add(notif)
+        else:
+            # This is announce for a maybe unknown object
+            if relates_to_inbox_object:
+                logger.info("Nothing to do, we already know about this object")
+            else:
+                # Save it as an inbox object
+                if not ra.activity_object_ap_id:
+                    raise ValueError("Should never happen")
+                announced_raw_object = ap.fetch(ra.activity_object_ap_id)
+                announced_actor = fetch_actor(db, ap.get_actor_id(announced_raw_object))
+                announced_object = RemoteObject(announced_raw_object, announced_actor)
+                announced_inbox_object = models.InboxObject(
+                    server=urlparse(announced_object.ap_id).netloc,
+                    actor_id=announced_actor.id,
+                    ap_actor_id=announced_actor.ap_id,
+                    ap_type=announced_object.ap_type,
+                    ap_id=announced_object.ap_id,
+                    ap_context=announced_object.context,
+                    ap_published_at=announced_object.ap_published_at,
+                    ap_object=announced_object.ap_object,
+                    visibility=announced_object.visibility,
+                    is_hidden_from_stream=True,
+                )
+                db.add(announced_inbox_object)
+                db.flush()
+                inbox_object.relates_to_inbox_object_id = announced_inbox_object.id
+    elif ra.ap_type in ["Like", "Announce"]:
+        if not relates_to_outbox_object:
+            logger.info(
+                f"Received {ra.ap_type} for an unknown activity: "
+                f"{ra.activity_object_ap_id}"
+            )
+        else:
+            if ra.ap_type == "Like":
+                # TODO(ts): notification
+                relates_to_outbox_object.likes_count = (
+                    models.OutboxObject.likes_count + 1
+                )
+
+                notif = models.Notification(
+                    notification_type=models.NotificationType.LIKE,
+                    actor_id=actor.id,
+                    outbox_object_id=relates_to_outbox_object.id,
+                    inbox_object_id=inbox_object.id,
+                )
+                db.add(notif)
+            elif raw_object["type"] == "Announce":
+                # TODO(ts): notification
+                relates_to_outbox_object.announces_count = (
+                    models.OutboxObject.announces_count + 1
+                )
+
+                notif = models.Notification(
+                    notification_type=models.NotificationType.ANNOUNCE,
+                    actor_id=actor.id,
+                    outbox_object_id=relates_to_outbox_object.id,
+                    inbox_object_id=inbox_object.id,
+                )
+                db.add(notif)
+            else:
+                raise ValueError("Should never happpen")
+
+    else:
+        logger.warning(f"Received an unknown {inbox_object.ap_type} object")
+
+    db.commit()
+
+
+def public_outbox_objects_count(db: Session) -> int:
+    return (
+        db.query(models.OutboxObject)
+        .filter(
+            models.OutboxObject.visibility == ap.VisibilityEnum.PUBLIC,
+            models.OutboxObject.is_deleted.is_(False),
+        )
+        .count()
+    )
+
+
+def fetch_collection(db: Session, url: str) -> list[ap.RawObject]:
+    if url.startswith(config.BASE_URL):
+        if url == config.BASE_URL + "/followers":
+            q = db.query(models.Follower).options(joinedload(models.Follower.actor))
+            return [follower.actor.ap_actor for follower in q.all()]
+        else:
+            raise ValueError(f"internal collection for {url}) not supported")
+
+    return ap.parse_collection(url)

app/config.py

@@ -0,0 +1,93 @@
+import os
+from pathlib import Path
+
+import bcrypt
+import pydantic
+import tomli
+from fastapi import Form
+from fastapi import HTTPException
+from fastapi import Request
+from itsdangerous import TimedSerializer
+from itsdangerous import TimestampSigner
+
+ROOT_DIR = Path().parent.resolve()
+
+_CONFIG_FILE = os.getenv("MICROBLOGPUB_CONFIG_FILE", "me.toml")
+
+VERSION = "2.0"
+USER_AGENT = f"microblogpub/{VERSION}"
+AP_CONTENT_TYPE = "application/activity+json"
+
+
+class Config(pydantic.BaseModel):
+    domain: str
+    username: str
+    admin_password: bytes
+    name: str
+    summary: str
+    https: bool
+    icon_url: str
+    secret: str
+    debug: bool = False
+
+    # Config items to make tests easier
+    sqlalchemy_database_url: str | None = None
+    key_path: str | None = None
+
+
+def load_config() -> Config:
+    try:
+        return Config.parse_obj(
+            tomli.loads((ROOT_DIR / "data" / _CONFIG_FILE).read_text())
+        )
+    except FileNotFoundError:
+        raise ValueError("Please run the configuration wizard")
+
+
+def is_activitypub_requested(req: Request) -> bool:
+    accept_value = req.headers.get("accept")
+    if not accept_value:
+        return False
+    for val in {
+        "application/ld+json",
+        "application/activity+json",
+    }:
+        if accept_value.startswith(val):
+            return True
+
+    return False
+
+
+def verify_password(pwd: str) -> bool:
+    return bcrypt.checkpw(pwd.encode(), CONFIG.admin_password)
+
+
+CONFIG = load_config()
+DOMAIN = CONFIG.domain
+_SCHEME = "https" if CONFIG.https else "http"
+ID = f"{_SCHEME}://{DOMAIN}"
+USERNAME = CONFIG.username
+BASE_URL = ID
+DEBUG = CONFIG.debug
+DB_PATH = ROOT_DIR / "data" / "microblogpub.db"
+SQLALCHEMY_DATABASE_URL = CONFIG.sqlalchemy_database_url or f"sqlite:///{DB_PATH}"
+KEY_PATH = (
+    (ROOT_DIR / CONFIG.key_path) if CONFIG.key_path else ROOT_DIR / "data" / "key.pem"
+)
+
+
+session_serializer = TimedSerializer(CONFIG.secret, salt="microblogpub.login")
+csrf_signer = TimestampSigner(
+    os.urandom(16).hex(),
+    salt=os.urandom(16).hex(),
+)
+
+
+def generate_csrf_token() -> str:
+    return csrf_signer.sign(os.urandom(16).hex()).decode()
+
+
+def verify_csrf_token(csrf_token: str = Form()) -> None:
+    if not csrf_signer.validate(csrf_token, max_age=600):
+        raise HTTPException(status_code=403, detail="CSRF error")
+    return None

app/database.py

@@ -0,0 +1,29 @@
+import datetime
+from typing import Any
+from typing import Generator
+
+from sqlalchemy import create_engine
+from sqlalchemy.ext.declarative import declarative_base
+from sqlalchemy.orm import Session
+from sqlalchemy.orm import sessionmaker
+
+from app.config import SQLALCHEMY_DATABASE_URL
+
+engine = create_engine(
+    SQLALCHEMY_DATABASE_URL, connect_args={"check_same_thread": False}
+)
+SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
+
+Base: Any = declarative_base()
+
+
+def now() -> datetime.datetime:
+    return datetime.datetime.now(datetime.timezone.utc)
+
+
+def get_db() -> Generator[Session, None, None]:
+    db = SessionLocal()
+    try:
+        yield db
+    finally:
+        db.close()

app/highlight.py

@@ -0,0 +1,27 @@
+from functools import lru_cache
+
+from bs4 import BeautifulSoup  # type: ignore
+from pygments import highlight as phighlight  # type: ignore
+from pygments.formatters import HtmlFormatter  # type: ignore
+from pygments.lexers import guess_lexer  # type: ignore
+
+_FORMATTER = HtmlFormatter(style="vim")
+
+HIGHLIGHT_CSS = _FORMATTER.get_style_defs()
+
+
+@lru_cache(256)
+def highlight(html: str) -> str:
+    soup = BeautifulSoup(html, "html5lib")
+    for code in soup.find_all("code"):
+        if not code.parent.name == "pre":
+            continue
+        lexer = guess_lexer(code.text)
+        tag = BeautifulSoup(
+            phighlight(code.text, lexer, _FORMATTER), "html5lib"
+        ).body.next
+        pre = code.parent
+        pre.replaceWith(tag)
+    out = soup.body
+    out.name = "div"
+    return str(out)

app/httpsig.py

@@ -0,0 +1,182 @@
+"""Implements HTTP signature for Flask requests.
+
+Mastodon instances won't accept requests that are not signed using this scheme.
+
+"""
+import base64
+import hashlib
+import typing
+from dataclasses import dataclass
+from datetime import datetime
+from functools import lru_cache
+from typing import Any
+from typing import Dict
+from typing import Optional
+
+import fastapi
+import httpx
+from Crypto.Hash import SHA256
+from Crypto.Signature import PKCS1_v1_5
+from loguru import logger
+
+from app import config
+from app.key import Key
+from app.key import get_key
+
+
+def _build_signed_string(
+    signed_headers: str, method: str, path: str, headers: Any, body_digest: str | None
+) -> str:
+    out = []
+    for signed_header in signed_headers.split(" "):
+        if signed_header == "(request-target)":
+            out.append("(request-target): " + method.lower() + " " + path)
+        elif signed_header == "digest" and body_digest:
+            out.append("digest: " + body_digest)
+        else:
+            out.append(signed_header + ": " + headers[signed_header])
+    return "\n".join(out)
+
+
+def _parse_sig_header(val: Optional[str]) -> Optional[Dict[str, str]]:
+    if not val:
+        return None
+    out = {}
+    for data in val.split(","):
+        k, v = data.split("=", 1)
+        out[k] = v[1 : len(v) - 1]  # noqa: black conflict
+    return out
+
+
+def _verify_h(signed_string, signature, pubkey):
+    signer = PKCS1_v1_5.new(pubkey)
+    digest = SHA256.new()
+    digest.update(signed_string.encode("utf-8"))
+    return signer.verify(digest, signature)
+
+
+def _body_digest(body: bytes) -> str:
+    h = hashlib.new("sha256")
+    h.update(body)  # type: ignore
+    return "SHA-256=" + base64.b64encode(h.digest()).decode("utf-8")
+
+
+@lru_cache(32)
+def _get_public_key(key_id: str) -> Key:
+    from app import activitypub as ap
+
+    actor = ap.fetch(key_id)
+    if actor["type"] == "Key":
+        # The Key is not embedded in the Person
+        k = Key(actor["owner"], actor["id"])
+        k.load_pub(actor["publicKeyPem"])
+    else:
+        k = Key(actor["id"], actor["publicKey"]["id"])
+        k.load_pub(actor["publicKey"]["publicKeyPem"])
+
+    # Ensure the right key was fetch
+    if key_id != k.key_id():
+        raise ValueError(
+            f"failed to fetch requested key {key_id}: got {actor['publicKey']['id']}"
+        )
+
+    return k
+
+
+@dataclass(frozen=True)
+class HTTPSigInfo:
+    has_valid_signature: bool
+    signed_by_ap_actor_id: str | None = None
+
+
+async def httpsig_checker(
+    request: fastapi.Request,
+) -> HTTPSigInfo:
+    body = await request.body()
+
+    hsig = _parse_sig_header(request.headers.get("Signature"))
+    if not hsig:
+        logger.info("No HTTP signature found")
+        return HTTPSigInfo(has_valid_signature=False)
+
+    logger.debug(f"hsig={hsig}")
+    signed_string = _build_signed_string(
+        hsig["headers"],
+        request.method,
+        request.url.path,
+        request.headers,
+        _body_digest(body) if body else None,
+    )
+
+    try:
+        k = _get_public_key(hsig["keyId"])
+    except Exception:
+        logger.exception(f'Failed to fetch HTTP sig key {hsig["keyId"]}')
+        return HTTPSigInfo(has_valid_signature=False)
+
+    httpsig_info = HTTPSigInfo(
+        has_valid_signature=_verify_h(
+            signed_string, base64.b64decode(hsig["signature"]), k.pubkey
+        ),
+        signed_by_ap_actor_id=k.owner,
+    )
+    logger.info(f"Valid HTTP signature for {httpsig_info.signed_by_ap_actor_id}")
+    return httpsig_info
+
+
+async def enforce_httpsig(
+    request: fastapi.Request,
+    httpsig_info: HTTPSigInfo = fastapi.Depends(httpsig_checker),
+) -> HTTPSigInfo:
+    if not httpsig_info.has_valid_signature:
+        logger.warning(f"Invalid HTTP sig {httpsig_info=}")
+        body = await request.body()
+        logger.info(f"{body=}")
+        raise fastapi.HTTPException(status_code=401, detail="Invalid HTTP sig")
+
+    return httpsig_info
+
+
+class HTTPXSigAuth(httpx.Auth):
+    def __init__(self, key: Key) -> None:
+        self.key = key
+
+    def auth_flow(
+        self, r: httpx.Request
+    ) -> typing.Generator[httpx.Request, httpx.Response, None]:
+        logger.info(f"keyid={self.key.key_id()}")
+
+        bodydigest = None
+        if r.content:
+            bh = hashlib.new("sha256")
+            bh.update(r.content)
+            bodydigest = "SHA-256=" + base64.b64encode(bh.digest()).decode("utf-8")
+
+        date = datetime.utcnow().strftime("%a, %d %b %Y %H:%M:%S GMT")
+        r.headers["Date"] = date
+        if bodydigest:
+            r.headers["Digest"] = bodydigest
+            sigheaders = "(request-target) user-agent host date digest content-type"
+        else:
+            sigheaders = "(request-target) user-agent host date accept"
+
+        to_be_signed = _build_signed_string(
+            sigheaders, r.method, r.url.path, r.headers, bodydigest
+        )
+        if not self.key.privkey:
+            raise ValueError("Should never happen")
+        signer = PKCS1_v1_5.new(self.key.privkey)
+        digest = SHA256.new()
+        digest.update(to_be_signed.encode("utf-8"))
+        sig = base64.b64encode(signer.sign(digest)).decode()
+
+        key_id = self.key.key_id()
+        sig_value = f'keyId="{key_id}",algorithm="rsa-sha256",headers="{sigheaders}",signature="{sig}"'  # noqa: E501
+        logger.debug(f"signed request {sig_value=}")
+        r.headers["Signature"] = sig_value
+        yield r
+
+
+k = Key(config.ID, f"{config.ID}#main-key")
+k.load(get_key())
+auth = HTTPXSigAuth(k)

app/key.py

@@ -0,0 +1,84 @@
+import base64
+from typing import Any
+
+from Crypto.PublicKey import RSA
+from Crypto.Util import number
+
+from app.config import KEY_PATH
+
+
+def key_exists() -> bool:
+    return KEY_PATH.exists()
+
+
+def generate_key() -> None:
+    if key_exists():
+        raise ValueError(f"Key at {KEY_PATH} already exists")
+    k = RSA.generate(2048)
+    privkey_pem = k.exportKey("PEM").decode("utf-8")
+    KEY_PATH.write_text(privkey_pem)
+
+
+def get_pubkey_as_pem() -> str:
+    text = KEY_PATH.read_text()
+    return RSA.import_key(text).public_key().export_key("PEM").decode("utf-8")
+
+
+def get_key() -> str:
+    return KEY_PATH.read_text()
+
+
+class Key(object):
+    DEFAULT_KEY_SIZE = 2048
+
+    def __init__(self, owner: str, id_: str | None = None) -> None:
+        self.owner = owner
+        self.privkey_pem: str | None = None
+        self.pubkey_pem: str | None = None
+        self.privkey: RSA.RsaKey | None = None
+        self.pubkey: RSA.RsaKey | None = None
+        self.id_ = id_
+
+    def load_pub(self, pubkey_pem: str) -> None:
+        self.pubkey_pem = pubkey_pem
+        self.pubkey = RSA.importKey(pubkey_pem)
+
+    def load(self, privkey_pem: str) -> None:
+        self.privkey_pem = privkey_pem
+        self.privkey = RSA.importKey(self.privkey_pem)
+        self.pubkey_pem = self.privkey.publickey().exportKey("PEM").decode("utf-8")
+
+    def new(self) -> None:
+        k = RSA.generate(self.DEFAULT_KEY_SIZE)
+        self.privkey_pem = k.exportKey("PEM").decode("utf-8")
+        self.pubkey_pem = k.publickey().exportKey("PEM").decode("utf-8")
+        self.privkey = k
+
+    def key_id(self) -> str:
+        return self.id_ or f"{self.owner}#main-key"
+
+    def to_dict(self) -> dict[str, Any]:
+        return {
+            "id": self.key_id(),
+            "owner": self.owner,
+            "publicKeyPem": self.pubkey_pem,
+            "type": "Key",
+        }
+
+    @classmethod
+    def from_dict(cls, data):
+        try:
+            k = cls(data["owner"], data["id"])
+            k.load_pub(data["publicKeyPem"])
+        except KeyError:
+            raise ValueError(f"bad key data {data!r}")
+        return k
+
+    def to_magic_key(self) -> str:
+        mod = base64.urlsafe_b64encode(
+            number.long_to_bytes(self.privkey.n)  # type: ignore
+        ).decode("utf-8")
+        pubexp = base64.urlsafe_b64encode(
+            number.long_to_bytes(self.privkey.e)  # type: ignore
+        ).decode("utf-8")
+        return f"data:application/magic-public-key,RSA.{mod}.{pubexp}"

app/lookup.py

@@ -0,0 +1,40 @@
+import mf2py  # type: ignore
+from sqlalchemy.orm import Session
+
+from app import activitypub as ap
+from app import webfinger
+from app.actor import Actor
+from app.actor import fetch_actor
+from app.ap_object import RemoteObject
+
+
+def lookup(db: Session, query: str) -> Actor | RemoteObject:
+    if query.startswith("@"):
+        query = webfinger.get_actor_url(query)  # type: ignore  # None check below
+
+        if not query:
+            raise ap.NotAnObjectError(query)
+
+    try:
+        ap_obj = ap.fetch(query)
+    except ap.NotAnObjectError as not_an_object_error:
+        resp = not_an_object_error.resp
+        if not resp:
+            raise ap.NotAnObjectError(query)
+
+        alternate_obj = None
+        if resp.headers.get("content-type", "").startswith("text/html"):
+            for alternate in mf2py.parse(doc=resp.text).get("alternates", []):
+                if alternate.get("type") == "application/activity+json":
+                    alternate_obj = ap.fetch(alternate["url"])
+
+        if alternate_obj:
+            ap_obj = alternate_obj
+        else:
+            raise
+
+    if ap_obj["type"] in ap.ACTOR_TYPES:
+        actor = fetch_actor(db, ap_obj["id"])
+        return actor
+    else:
+        return RemoteObject(ap_obj)

app/main.py

@@ -0,0 +1,558 @@
+import base64
+import os
+import sys
+import time
+from datetime import datetime
+from typing import Any
+from typing import Type
+
+import httpx
+from dateutil.parser import isoparse
+from fastapi import Depends
+from fastapi import FastAPI
+from fastapi import Request
+from fastapi import Response
+from fastapi.exceptions import HTTPException
+from fastapi.responses import PlainTextResponse
+from fastapi.responses import StreamingResponse
+from fastapi.staticfiles import StaticFiles
+from loguru import logger
+from sqlalchemy.orm import Session
+from sqlalchemy.orm import joinedload
+from starlette.background import BackgroundTask
+from starlette.responses import JSONResponse
+
+from app import activitypub as ap
+from app import admin
+from app import config
+from app import httpsig
+from app import models
+from app import templates
+from app.actor import LOCAL_ACTOR
+from app.actor import get_actors_metadata
+from app.boxes import public_outbox_objects_count
+from app.boxes import save_to_inbox
+from app.config import BASE_URL
+from app.config import DEBUG
+from app.config import DOMAIN
+from app.config import ID
+from app.config import USER_AGENT
+from app.config import USERNAME
+from app.config import is_activitypub_requested
+from app.database import get_db
+from app.templates import is_current_user_admin
+
+# TODO(ts):
+#
+# Next:
+# - show likes/announces counter for outbox activities
+# - update actor support
+# - replies support
+# - file upload + place/exif extraction (or not) support
+# - custom emoji support
+# - hash config/profile to detect when to send Update actor
+#
+# - [ ] block support
+# - [ ] make the media proxy authenticated
+# - [ ] prevent SSRF (urlutils from little-boxes)
+# - [ ] Dockerization
+# - [ ] Webmentions
+# - [ ] custom emoji
+# - [ ] poll/questions support
+# - [ ] cleanup tasks
+# - notifs:
+#   - MENTIONED
+#   - LIKED
+#   - ANNOUNCED
+#   - FOLLOWED
+#   - UNFOLLOWED
+#   - POLL_ENDED
+
+app = FastAPI(docs_url=None, redoc_url=None)
+app.mount("/static", StaticFiles(directory="app/static"), name="static")
+app.include_router(admin.router, prefix="/admin")
+app.include_router(admin.unauthenticated_router, prefix="/admin")
+
+logger.configure(extra={"request_id": "no_req_id"})
+logger.remove()
+logger_format = (
+    "<green>{time:YYYY-MM-DD HH:mm:ss.SSS}</green> | "
+    "<level>{level: <8}</level> | "
+    "<cyan>{name}</cyan>:<cyan>{function}</cyan>:<cyan>{line}</cyan> | "
+    "{extra[request_id]} - <level>{message}</level>"
+)
+logger.add(sys.stdout, format=logger_format)
+
+
+@app.middleware("http")
+async def request_middleware(request, call_next):
+    start_time = time.perf_counter()
+    request_id = os.urandom(8).hex()
+    with logger.contextualize(request_id=request_id):
+        logger.info(
+            f"{request.client.host}:{request.client.port} - "
+            f"{request.method} {request.url}"
+        )
+        try:
+            response = await call_next(request)
+            response.headers["X-Request-ID"] = request_id
+            response.headers["Server"] = "microblogpub"
+            elapsed_time = time.perf_counter() - start_time
+            logger.info(f"status_code={response.status_code} {elapsed_time=:.2f}s")
+            return response
+        except Exception:
+            logger.exception("Request failed")
+            raise
+
+
+@app.middleware("http")
+async def add_security_headers(request: Request, call_next):
+    response = await call_next(request)
+    response.headers["referrer-policy"] = "no-referrer, strict-origin-when-cross-origin"
+    response.headers["x-content-type-options"] = "nosniff"
+    response.headers["x-xss-protection"] = "1; mode=block"
+    response.headers["x-frame-options"] = "SAMEORIGIN"
+    # TODO(ts): disallow inline CSS?
+    response.headers["content-security-policy"] = (
+        "default-src 'self'" + " style-src 'self' 'unsafe-inline';"
+    )
+    if not DEBUG:
+        response.headers[
+            "strict-transport-security"
+        ] = "max-age=63072000; includeSubdomains"
+    return response
+
+
+DEFAULT_CTX = COLLECTION_CTX = [
+    "https://www.w3.org/ns/activitystreams",
+    "https://w3id.org/security/v1",
+    {
+        # AS ext
+        "Hashtag": "as:Hashtag",
+        "sensitive": "as:sensitive",
+        "manuallyApprovesFollowers": "as:manuallyApprovesFollowers",
+        # toot
+        "toot": "http://joinmastodon.org/ns#",
+        # "featured": "toot:featured",
+        # schema
+        "schema": "http://schema.org#",
+        "PropertyValue": "schema:PropertyValue",
+        "value": "schema:value",
+    },
+]
+
+
+class ActivityPubResponse(JSONResponse):
+    media_type = "application/activity+json"
+
+
+@app.get("/")
+def index(
+    request: Request,
+    db: Session = Depends(get_db),
+    _: httpsig.HTTPSigInfo = Depends(httpsig.httpsig_checker),
+) -> templates.TemplateResponse | ActivityPubResponse:
+    if is_activitypub_requested(request):
+        return ActivityPubResponse(LOCAL_ACTOR.ap_actor)
+
+    outbox_objects = (
+        db.query(models.OutboxObject)
+        .filter(
+            models.OutboxObject.visibility == ap.VisibilityEnum.PUBLIC,
+            models.OutboxObject.is_deleted.is_(False),
+            models.OutboxObject.is_hidden_from_homepage.is_(False),
+        )
+        .order_by(models.OutboxObject.ap_published_at.desc())
+        .limit(20)
+        .all()
+    )
+
+    return templates.render_template(
+        db,
+        request,
+        "index.html",
+        {"request": request, "objects": outbox_objects},
+    )
+
+
+def _build_followx_collection(
+    db: Session,
+    model_cls: Type[models.Following | models.Follower],
+    path: str,
+    page: bool | None,
+    next_cursor: str | None,
+) -> ap.RawObject:
+    total_items = db.query(model_cls).count()
+
+    if not page and not next_cursor:
+        return {
+            "@context": ap.AS_CTX,
+            "id": ID + path,
+            "first": ID + path + "?page=true",
+            "type": "OrderedCollection",
+            "totalItems": total_items,
+        }
+
+    q = db.query(model_cls).order_by(model_cls.created_at.desc())  # type: ignore
+    if next_cursor:
+        q = q.filter(model_cls.created_at < _decode_cursor(next_cursor))  # type: ignore
+    q = q.limit(20)
+
+    items = [followx for followx in q.all()]
+    next_cursor = None
+    if (
+        items
+        and db.query(model_cls)
+        .filter(model_cls.created_at < items[-1].created_at)
+        .count()
+        > 0
+    ):
+        next_cursor = _encode_cursor(items[-1].created_at)
+
+    collection_page = {
+        "@context": ap.AS_CTX,
+        "id": (
+            ID + path + "?page=true"
+            if not next_cursor
+            else ID + path + f"?next_cursor={next_cursor}"
+        ),
+        "partOf": ID + path,
+        "type": "OrderedCollectionPage",
+        "orderedItems": [item.ap_actor_id for item in items],
+    }
+    if next_cursor:
+        collection_page["next"] = ID + path + f"?next_cursor={next_cursor}"
+
+    return collection_page
+
+
+def _encode_cursor(val: datetime) -> str:
+    return base64.urlsafe_b64encode(val.isoformat().encode()).decode()
+
+
+def _decode_cursor(cursor: str) -> datetime:
+    return isoparse(base64.urlsafe_b64decode(cursor).decode())
+
+
+@app.get("/followers")
+def followers(
+    request: Request,
+    page: bool | None = None,
+    next_cursor: str | None = None,
+    prev_cursor: str | None = None,
+    db: Session = Depends(get_db),
+    _: httpsig.HTTPSigInfo = Depends(httpsig.httpsig_checker),
+) -> ActivityPubResponse | templates.TemplateResponse:
+    if is_activitypub_requested(request):
+        return ActivityPubResponse(
+            _build_followx_collection(
+                db=db,
+                model_cls=models.Follower,
+                path="/followers",
+                page=page,
+                next_cursor=next_cursor,
+            )
+        )
+
+    followers = (
+        db.query(models.Follower)
+        .options(joinedload(models.Follower.actor))
+        .order_by(models.Follower.created_at.desc())
+        .limit(20)
+        .all()
+    )
+
+    # TODO: support next_cursor/prev_cursor
+    actors_metadata = {}
+    if is_current_user_admin(request):
+        actors_metadata = get_actors_metadata(
+            db,
+            [f.actor for f in followers],
+        )
+
+    return templates.render_template(
+        db,
+        request,
+        "followers.html",
+        {
+            "followers": followers,
+            "actors_metadata": actors_metadata,
+        },
+    )
+
+
+@app.get("/following")
+def following(
+    request: Request,
+    page: bool | None = None,
+    next_cursor: str | None = None,
+    prev_cursor: str | None = None,
+    db: Session = Depends(get_db),
+    _: httpsig.HTTPSigInfo = Depends(httpsig.httpsig_checker),
+) -> ActivityPubResponse | templates.TemplateResponse:
+    if is_activitypub_requested(request):
+        return ActivityPubResponse(
+            _build_followx_collection(
+                db=db,
+                model_cls=models.Following,
+                path="/following",
+                page=page,
+                next_cursor=next_cursor,
+            )
+        )
+
+    q = (
+        db.query(models.Following)
+        .options(joinedload(models.Following.actor))
+        .order_by(models.Following.created_at.desc())
+        .limit(20)
+    )
+    following = q.all()
+
+    # TODO: support next_cursor/prev_cursor
+    actors_metadata = {}
+    if is_current_user_admin(request):
+        actors_metadata = get_actors_metadata(
+            db,
+            [f.actor for f in following],
+        )
+
+    return templates.render_template(
+        db,
+        request,
+        "following.html",
+        {
+            "following": following,
+            "actors_metadata": actors_metadata,
+        },
+    )
+
+
+@app.get("/outbox")
+def outbox(
+    db: Session = Depends(get_db),
+    _: httpsig.HTTPSigInfo = Depends(httpsig.httpsig_checker),
+) -> ActivityPubResponse:
+    outbox_objects = (
+        db.query(models.OutboxObject)
+        .filter(
+            models.OutboxObject.visibility == ap.VisibilityEnum.PUBLIC,
+            models.OutboxObject.is_deleted.is_(False),
+        )
+        .order_by(models.OutboxObject.ap_published_at.desc())
+        .limit(20)
+        .all()
+    )
+    return ActivityPubResponse(
+        {
+            "@context": DEFAULT_CTX,
+            "id": f"{ID}/outbox",
+            "type": "OrderedCollection",
+            "totalItems": len(outbox_objects),
+            "orderedItems": [
+                ap.remove_context(ap.wrap_object_if_needed(a.ap_object))
+                for a in outbox_objects
+            ],
+        }
+    )
+
+
+@app.get("/o/{public_id}")
+def outbox_by_public_id(
+    public_id: str,
+    request: Request,
+    db: Session = Depends(get_db),
+    _: httpsig.HTTPSigInfo = Depends(httpsig.httpsig_checker),
+) -> ActivityPubResponse | templates.TemplateResponse:
+    # TODO: ACL?
+    maybe_object = (
+        db.query(models.OutboxObject)
+        .filter(
+            models.OutboxObject.public_id == public_id,
+            # models.OutboxObject.is_deleted.is_(False),
+        )
+        .one_or_none()
+    )
+    if not maybe_object:
+        raise HTTPException(status_code=404)
+    #
+    if is_activitypub_requested(request):
+        return ActivityPubResponse(maybe_object.ap_object)
+
+    return templates.render_template(
+        db,
+        request,
+        "object.html",
+        {
+            "outbox_object": maybe_object,
+        },
+    )
+
+
+@app.get("/o/{public_id}/activity")
+def outbox_activity_by_public_id(
+    public_id: str,
+    db: Session = Depends(get_db),
+    _: httpsig.HTTPSigInfo = Depends(httpsig.httpsig_checker),
+) -> ActivityPubResponse:
+    # TODO: ACL?
+    maybe_object = (
+        db.query(models.OutboxObject)
+        .filter(models.OutboxObject.public_id == public_id)
+        .one_or_none()
+    )
+    if not maybe_object:
+        raise HTTPException(status_code=404)
+
+    return ActivityPubResponse(ap.wrap_object(maybe_object.ap_object))
+
+
+@app.get("/t/{tag}")
+def tag_by_name(
+    tag: str,
+    request: Request,
+    db: Session = Depends(get_db),
+    _: httpsig.HTTPSigInfo = Depends(httpsig.httpsig_checker),
+) -> ActivityPubResponse | templates.TemplateResponse:
+    # TODO(ts): implement HTML version
+    # if is_activitypub_requested(request):
+    return ActivityPubResponse(
+        {
+            "@context": ap.AS_CTX,
+            "id": BASE_URL + f"/t/{tag}",
+            "type": "OrderedCollection",
+            "totalItems": 0,
+            "orderedItems": [],
+        }
+    )
+
+
+@app.post("/inbox")
+async def inbox(
+    request: Request,
+    db: Session = Depends(get_db),
+    httpsig_info: httpsig.HTTPSigInfo = Depends(httpsig.enforce_httpsig),
+) -> Response:
+    logger.info(f"headers={request.headers}")
+    payload = await request.json()
+    logger.info(f"{payload=}")
+    save_to_inbox(db, payload)
+    return Response(status_code=204)
+
+
+@app.get("/.well-known/webfinger")
+def wellknown_webfinger(resource: str) -> JSONResponse:
+    """Exposes/servers WebFinger data."""
+    if resource not in [f"acct:{USERNAME}@{DOMAIN}", ID]:
+        raise HTTPException(status_code=404)
+
+    out = {
+        "subject": f"acct:{USERNAME}@{DOMAIN}",
+        "aliases": [ID],
+        "links": [
+            {
+                "rel": "http://webfinger.net/rel/profile-page",
+                "type": "text/html",
+                "href": ID,
+            },
+            {"rel": "self", "type": "application/activity+json", "href": ID},
+            {
+                "rel": "http://ostatus.org/schema/1.0/subscribe",
+                "template": DOMAIN + "/authorize_interaction?uri={uri}",
+            },
+        ],
+    }
+
+    return JSONResponse(out, media_type="application/jrd+json; charset=utf-8")
+
+
+@app.get("/.well-known/nodeinfo")
+async def well_known_nodeinfo() -> dict[str, Any]:
+    return {
+        "links": [
+            {
+                "rel": "http://nodeinfo.diaspora.software/ns/schema/2.1",
+                "href": f"{BASE_URL}/nodeinfo",
+            }
+        ]
+    }
+
+
+@app.get("/nodeinfo")
+def nodeinfo(
+    db: Session = Depends(get_db),
+):
+    local_posts = public_outbox_objects_count(db)
+    return JSONResponse(
+        {
+            "version": "2.1",
+            "software": {
+                "name": "microblogpub",
+                "version": config.VERSION,
+                "repository": "https://github.com/tsileo/microblog.pub",
+            },
+            "protocols": ["activitypub"],
+            "services": {"inbound": [], "outbound": []},
+            "openRegistrations": False,
+            "usage": {"users": {"total": 1}, "localPosts": local_posts},
+            "metadata": {
+                "nodeName": LOCAL_ACTOR.handle,
+            },
+        },
+        media_type=(
+            "application/json; "
+            "profile=http://nodeinfo.diaspora.software/ns/schema/2.1#"
+        ),
+    )
+
+
+proxy_client = httpx.AsyncClient()
+
+
+@app.get("/proxy/media/{encoded_url}")
+async def serve_proxy_media(request: Request, encoded_url: str) -> StreamingResponse:
+    # Decode the base64-encoded URL
+    url = base64.urlsafe_b64decode(encoded_url).decode()
+    # Request the URL (and filter request headers)
+    proxy_req = proxy_client.build_request(
+        request.method,
+        url,
+        headers=[
+            (k, v)
+            for (k, v) in request.headers.raw
+            if k.lower()
+            not in [b"host", b"cookie", b"x-forwarded-for", b"x-real-ip", b"user-agent"]
+        ]
+        + [(b"user-agent", USER_AGENT.encode())],
+    )
+    proxy_resp = await proxy_client.send(proxy_req, stream=True)
+    # Filter the headers
+    proxy_resp_headers = [
+        (k, v)
+        for (k, v) in proxy_resp.headers.items()
+        if k.lower()
+        in [
+            "content-length",
+            "content-type",
+            "content-range",
+            "accept-ranges" "etag",
+            "cache-control",
+            "expires",
+            "date",
+            "last-modified",
+        ]
+    ]
+    return StreamingResponse(
+        proxy_resp.aiter_raw(),
+        status_code=proxy_resp.status_code,
+        headers=dict(proxy_resp_headers),
+        background=BackgroundTask(proxy_resp.aclose),
+    )
+
+
+@app.get("/robots.txt", response_class=PlainTextResponse)
+async def robots_file():
+    return """User-agent: *
+Disallow: /followers
+Disallow: /following
+Disallow: /admin"""

app/models.py

@@ -0,0 +1,288 @@
+import enum
+from typing import Any
+from typing import Optional
+
+from sqlalchemy import JSON
+from sqlalchemy import Boolean
+from sqlalchemy import Column
+from sqlalchemy import DateTime
+from sqlalchemy import Enum
+from sqlalchemy import ForeignKey
+from sqlalchemy import Integer
+from sqlalchemy import String
+from sqlalchemy import UniqueConstraint
+from sqlalchemy.orm import Mapped
+from sqlalchemy.orm import relationship
+
+from app import activitypub as ap
+from app.actor import LOCAL_ACTOR
+from app.actor import Actor as BaseActor
+from app.ap_object import Object as BaseObject
+from app.database import Base
+from app.database import now
+
+
+class Actor(Base, BaseActor):
+    __tablename__ = "actors"
+
+    id = Column(Integer, primary_key=True, index=True)
+    created_at = Column(DateTime(timezone=True), nullable=False, default=now)
+    updated_at = Column(DateTime(timezone=True), nullable=False, default=now)
+
+    ap_id = Column(String, unique=True, nullable=False, index=True)
+    ap_actor: Mapped[ap.RawObject] = Column(JSON, nullable=False)
+    ap_type = Column(String, nullable=False)
+
+    handle = Column(String, nullable=True, index=True)
+
+    @property
+    def is_from_db(self) -> bool:
+        return True
+
+
+class InboxObject(Base, BaseObject):
+    __tablename__ = "inbox"
+
+    id = Column(Integer, primary_key=True, index=True)
+    created_at = Column(DateTime(timezone=True), nullable=False, default=now)
+    updated_at = Column(DateTime(timezone=True), nullable=False, default=now)
+
+    actor_id = Column(Integer, ForeignKey("actors.id"), nullable=False)
+    actor: Mapped[Actor] = relationship(Actor, uselist=False)
+
+    server = Column(String, nullable=False)
+
+    is_hidden_from_stream = Column(Boolean, nullable=False, default=False)
+
+    ap_actor_id = Column(String, nullable=False)
+    ap_type = Column(String, nullable=False)
+    ap_id = Column(String, nullable=False, unique=True, index=True)
+    ap_context = Column(String, nullable=True)
+    ap_published_at = Column(DateTime(timezone=True), nullable=False)
+    ap_object: Mapped[ap.RawObject] = Column(JSON, nullable=False)
+
+    activity_object_ap_id = Column(String, nullable=True)
+
+    visibility = Column(Enum(ap.VisibilityEnum), nullable=False)
+
+    # Used for Like, Announce and Undo activities
+    relates_to_inbox_object_id = Column(
+        Integer,
+        ForeignKey("inbox.id"),
+        nullable=True,
+    )
+    relates_to_inbox_object: Mapped[Optional["InboxObject"]] = relationship(
+        "InboxObject",
+        foreign_keys=relates_to_inbox_object_id,
+        remote_side=id,
+        uselist=False,
+    )
+    relates_to_outbox_object_id = Column(
+        Integer,
+        ForeignKey("outbox.id"),
+        nullable=True,
+    )
+    relates_to_outbox_object: Mapped[Optional["OutboxObject"]] = relationship(
+        "OutboxObject",
+        foreign_keys=[relates_to_outbox_object_id],
+        uselist=False,
+    )
+
+    undone_by_inbox_object_id = Column(Integer, ForeignKey("inbox.id"), nullable=True)
+
+    # Link the oubox AP ID to allow undo without any extra query
+    liked_via_outbox_object_ap_id = Column(String, nullable=True)
+    announced_via_outbox_object_ap_id = Column(String, nullable=True)
+
+    is_bookmarked = Column(Boolean, nullable=False, default=False)
+
+    # FIXME(ts): do we need this?
+    has_replies = Column(Boolean, nullable=False, default=False)
+
+    og_meta: Mapped[list[dict[str, Any]] | None] = Column(JSON, nullable=True)
+
+
+class OutboxObject(Base, BaseObject):
+    __tablename__ = "outbox"
+
+    id = Column(Integer, primary_key=True, index=True)
+    created_at = Column(DateTime(timezone=True), nullable=False, default=now)
+    updated_at = Column(DateTime(timezone=True), nullable=False, default=now)
+
+    is_hidden_from_homepage = Column(Boolean, nullable=False, default=False)
+
+    public_id = Column(String, nullable=False, index=True)
+
+    ap_type = Column(String, nullable=False)
+    ap_id = Column(String, nullable=False, unique=True, index=True)
+    ap_context = Column(String, nullable=True)
+    ap_object: Mapped[ap.RawObject] = Column(JSON, nullable=False)
+
+    activity_object_ap_id = Column(String, nullable=True)
+
+    # Source content for activities (like Notes)
+    source = Column(String, nullable=True)
+
+    ap_published_at = Column(DateTime(timezone=True), nullable=False, default=now)
+    visibility = Column(Enum(ap.VisibilityEnum), nullable=False)
+
+    likes_count = Column(Integer, nullable=False, default=0)
+    announces_count = Column(Integer, nullable=False, default=0)
+    replies_count = Column(Integer, nullable=False, default=0)
+
+    webmentions = Column(JSON, nullable=True)
+
+    og_meta: Mapped[list[dict[str, Any]] | None] = Column(JSON, nullable=True)
+
+    # Never actually delete from the outbox
+    is_deleted = Column(Boolean, nullable=False, default=False)
+
+    # Used for Like, Announce and Undo activities
+    relates_to_inbox_object_id = Column(
+        Integer,
+        ForeignKey("inbox.id"),
+        nullable=True,
+    )
+    relates_to_inbox_object: Mapped[Optional["InboxObject"]] = relationship(
+        "InboxObject",
+        foreign_keys=[relates_to_inbox_object_id],
+        uselist=False,
+    )
+    relates_to_outbox_object_id = Column(
+        Integer,
+        ForeignKey("outbox.id"),
+        nullable=True,
+    )
+    relates_to_outbox_object: Mapped[Optional["OutboxObject"]] = relationship(
+        "OutboxObject",
+        foreign_keys=[relates_to_outbox_object_id],
+        remote_side=id,
+        uselist=False,
+    )
+
+    undone_by_outbox_object_id = Column(Integer, ForeignKey("outbox.id"), nullable=True)
+
+    @property
+    def actor(self) -> BaseActor:
+        return LOCAL_ACTOR
+
+
+class Follower(Base):
+    __tablename__ = "followers"
+
+    id = Column(Integer, primary_key=True, index=True)
+    created_at = Column(DateTime(timezone=True), nullable=False, default=now)
+    updated_at = Column(DateTime(timezone=True), nullable=False, default=now)
+
+    actor_id = Column(Integer, ForeignKey("actors.id"), nullable=False, unique=True)
+    actor = relationship(Actor, uselist=False)
+
+    inbox_object_id = Column(Integer, ForeignKey("inbox.id"), nullable=False)
+    inbox_object = relationship(InboxObject, uselist=False)
+
+    ap_actor_id = Column(String, nullable=False, unique=True)
+
+
+class Following(Base):
+    __tablename__ = "following"
+
+    id = Column(Integer, primary_key=True, index=True)
+    created_at = Column(DateTime(timezone=True), nullable=False, default=now)
+    updated_at = Column(DateTime(timezone=True), nullable=False, default=now)
+
+    actor_id = Column(Integer, ForeignKey("actors.id"), nullable=False, unique=True)
+    actor = relationship(Actor, uselist=False)
+
+    outbox_object_id = Column(Integer, ForeignKey("outbox.id"), nullable=False)
+    outbox_object = relationship(OutboxObject, uselist=False)
+
+    ap_actor_id = Column(String, nullable=False, unique=True)
+
+
+@enum.unique
+class NotificationType(str, enum.Enum):
+    NEW_FOLLOWER = "new_follower"
+    UNFOLLOW = "unfollow"
+    LIKE = "like"
+    UNDO_LIKE = "undo_like"
+    ANNOUNCE = "announce"
+    UNDO_ANNOUNCE = "undo_announce"
+
+    # TODO:
+    MENTION = "mention"
+
+
+class Notification(Base):
+    __tablename__ = "notifications"
+
+    id = Column(Integer, primary_key=True, index=True)
+    created_at = Column(DateTime(timezone=True), nullable=False, default=now)
+    notification_type = Column(Enum(NotificationType), nullable=True)
+    is_new = Column(Boolean, nullable=False, default=True)
+
+    actor_id = Column(Integer, ForeignKey("actors.id"), nullable=True)
+    actor = relationship(Actor, uselist=False)
+
+    outbox_object_id = Column(Integer, ForeignKey("outbox.id"), nullable=True)
+    outbox_object = relationship(OutboxObject, uselist=False)
+
+    inbox_object_id = Column(Integer, ForeignKey("inbox.id"), nullable=True)
+    inbox_object = relationship(InboxObject, uselist=False)
+
+
+class OutgoingActivity(Base):
+    __tablename__ = "outgoing_activities"
+
+    id = Column(Integer, primary_key=True, index=True)
+    created_at = Column(DateTime(timezone=True), nullable=False, default=now)
+
+    recipient = Column(String, nullable=False)
+    outbox_object_id = Column(Integer, ForeignKey("outbox.id"), nullable=False)
+    outbox_object = relationship(OutboxObject, uselist=False)
+
+    tries = Column(Integer, nullable=False, default=0)
+    next_try = Column(DateTime(timezone=True), nullable=True, default=now)
+
+    last_try = Column(DateTime(timezone=True), nullable=True)
+    last_status_code = Column(Integer, nullable=True)
+    last_response = Column(String, nullable=True)
+
+    is_sent = Column(Boolean, nullable=False, default=False)
+    is_errored = Column(Boolean, nullable=False, default=False)
+    error = Column(String, nullable=True)
+
+
+class TaggedOutboxObject(Base):
+    __tablename__ = "tagged_outbox_objects"
+    __table_args__ = (
+        UniqueConstraint("outbox_object_id", "tag", name="uix_tagged_object"),
+    )
+
+    id = Column(Integer, primary_key=True, index=True)
+
+    outbox_object_id = Column(Integer, ForeignKey("outbox.id"), nullable=False)
+    outbox_object = relationship(OutboxObject, uselist=False)
+
+    tag = Column(String, nullable=False, index=True)
+
+
+"""
+class Upload(Base):
+    __tablename__ = "upload"
+
+    filename = Column(String, nullable=False)
+    filehash = Column(String, nullable=False)
+    filesize = Column(Integer, nullable=False)
+
+
+class OutboxObjectAttachment(Base):
+    __tablename__ = "outbox_object_attachment"
+
+    id = Column(Integer, primary_key=True, index=True)
+
+    outbox_object_id = Column(Integer, ForeignKey("outbox.id"), nullable=False)
+    outbox_object = relationship(OutboxObject, uselist=False)
+
+    upload_id = Column(Integer, ForeignKey("upload.id"))
+    upload = relationship(Upload, uselist=False)
+"""

app/opengraph.py

@@ -0,0 +1,90 @@
+import mimetypes
+import re
+from urllib.parse import urlparse
+
+import httpx
+from bs4 import BeautifulSoup  # type: ignore
+from pydantic import BaseModel
+
+from app import activitypub as ap
+from app import config
+from app.urlutils import is_url_valid
+
+
+class OpenGraphMeta(BaseModel):
+    url: str
+    title: str
+    image: str
+    description: str
+    site_name: str
+
+
+def _scrap_og_meta(html: str) -> OpenGraphMeta | None:
+    soup = BeautifulSoup(html, "html5lib")
+    ogs = {
+        og.attrs["property"]: og.attrs.get("content")
+        for og in soup.html.head.findAll(property=re.compile(r"^og"))
+    }
+    raw = {}
+    for field in OpenGraphMeta.__fields__.keys():
+        og_field = f"og:{field}"
+        if not ogs.get(og_field):
+            return None
+
+        raw[field] = ogs[og_field]
+
+    return OpenGraphMeta.parse_obj(raw)
+
+
+def _urls_from_note(note: ap.RawObject) -> set[str]:
+    note_host = urlparse(ap.get_id(note["id"]) or "").netloc
+
+    urls = set()
+    if "content" in note:
+        soup = BeautifulSoup(note["content"], "html5lib")
+        for link in soup.find_all("a"):
+            h = link.get("href")
+            ph = urlparse(h)
+            mimetype, _ = mimetypes.guess_type(h)
+            if (
+                ph.scheme in {"http", "https"}
+                and ph.netloc != note_host
+                and is_url_valid(h)
+                and (
+                    not mimetype
+                    or mimetype.split("/")[0] in ["image", "video", "audio"]
+                )
+            ):
+                urls.add(h)
+
+    return urls
+
+
+def _og_meta_from_url(url: str) -> OpenGraphMeta | None:
+    resp = httpx.get(
+        url,
+        headers={
+            "User-Agent": config.USER_AGENT,
+        },
+        follow_redirects=True,
+    )
+    resp.raise_for_status()
+
+    if not (ct := resp.headers.get("content-type")) or not ct.startswith("text/html"):
+        return None
+
+    return _scrap_og_meta(resp.text)
+
+
+def og_meta_from_note(note: ap.RawObject) -> list[OpenGraphMeta]:
+    og_meta = []
+    urls = _urls_from_note(note)
+    for url in urls:
+        try:
+            maybe_og_meta = _og_meta_from_url(url)
+            if maybe_og_meta:
+                og_meta.append(maybe_og_meta)
+        except httpx.HTTPError:
+            pass
+
+    return og_meta

app/process_outgoing_activities.py

@@ -0,0 +1,138 @@
+import email
+import time
+import traceback
+from datetime import datetime
+from datetime import timedelta
+
+import httpx
+from loguru import logger
+from sqlalchemy.orm import Session
+
+from app import activitypub as ap
+from app import models
+from app.database import SessionLocal
+from app.database import now
+
+_MAX_RETRIES = 16
+
+
+def new_outgoing_activity(
+    db: Session,
+    recipient: str,
+    outbox_object_id: int,
+) -> models.OutgoingActivity:
+    outgoing_activity = models.OutgoingActivity(
+        recipient=recipient,
+        outbox_object_id=outbox_object_id,
+    )
+
+    db.add(outgoing_activity)
+    db.commit()
+    db.refresh(outgoing_activity)
+    return outgoing_activity
+
+
+def _parse_retry_after(retry_after: str) -> datetime | None:
+    try:
+        # Retry-After: 120
+        seconds = int(retry_after)
+    except ValueError:
+        # Retry-After: Wed, 21 Oct 2015 07:28:00 GMT
+        dt_tuple = email.utils.parsedate_tz(retry_after)
+        if dt_tuple is None:
+            return None
+
+        seconds = int(email.utils.mktime_tz(dt_tuple) - time.time())
+
+    return now() + timedelta(seconds=seconds)
+
+
+def _exp_backoff(tries: int) -> datetime:
+    seconds = 2 * (2 ** (tries - 1))
+    return now() + timedelta(seconds=seconds)
+
+
+def _set_next_try(
+    outgoing_activity: models.OutgoingActivity,
+    next_try: datetime | None = None,
+) -> None:
+    if not outgoing_activity.tries:
+        raise ValueError("Should never happen")
+
+    if outgoing_activity.tries == _MAX_RETRIES:
+        outgoing_activity.is_errored = True
+        outgoing_activity.next_try = None
+    else:
+        outgoing_activity.next_try = next_try or _exp_backoff(outgoing_activity.tries)
+
+
+def process_next_outgoing_activity(db: Session) -> bool:
+    q = (
+        db.query(models.OutgoingActivity)
+        .filter(
+            models.OutgoingActivity.next_try <= now(),
+            models.OutgoingActivity.is_errored.is_(False),
+            models.OutgoingActivity.is_sent.is_(False),
+        )
+        .order_by(models.OutgoingActivity.next_try)
+    )
+    q_count = q.count()
+    logger.info(f"{q_count} outgoing activities ready to process")
+    if not q_count:
+        logger.info("No activities to process")
+        return False
+
+    next_activity = q.limit(1).one()
+
+    next_activity.tries = next_activity.tries + 1
+    next_activity.last_try = now()
+
+    payload = ap.wrap_object_if_needed(next_activity.outbox_object.ap_object)
+    logger.info(f"{payload=}")
+    try:
+        resp = ap.post(next_activity.recipient, payload)
+    except httpx.HTTPStatusError as http_error:
+        logger.exception("Failed")
+        next_activity.last_status_code = http_error.response.status_code
+        next_activity.last_response = http_error.response.text
+        next_activity.error = traceback.format_exc()
+
+        if http_error.response.status_code in [429, 503]:
+            retry_after: datetime | None = None
+            if retry_after_value := http_error.response.headers.get("Retry-After"):
+                retry_after = _parse_retry_after(retry_after_value)
+            _set_next_try(next_activity, retry_after)
+        elif 400 <= http_error.response.status_code < 500:
+            logger.info(f"status_code={http_error.response.status_code} not retrying")
+            next_activity.is_errored = True
+            next_activity.next_try = None
+        else:
+            _set_next_try(next_activity)
+    except Exception:
+        logger.exception("Failed")
+        next_activity.error = traceback.format_exc()
+        _set_next_try(next_activity)
+    else:
+        logger.info("Success")
+        next_activity.is_sent = True
+        next_activity.last_status_code = resp.status_code
+        next_activity.last_response = resp.text
+
+    db.commit()
+    return True
+
+
+def loop() -> None:
+    db = SessionLocal()
+    while 1:
+        try:
+            process_next_outgoing_activity(db)
+        except Exception:
+            logger.exception("Failed to process next outgoing activity")
+            raise
+
+        time.sleep(1)
+
+
+if __name__ == "__main__":
+    loop()

app/source.py

@@ -0,0 +1,81 @@
+import re
+
+from markdown import markdown
+from sqlalchemy.orm import Session
+
+from app import models
+from app import webfinger
+from app.actor import fetch_actor
+from app.config import BASE_URL
+
+
+def _set_a_attrs(attrs, new=False):
+    attrs[(None, "target")] = "_blank"
+    attrs[(None, "class")] = "external"
+    attrs[(None, "rel")] = "noopener"
+    attrs[(None, "title")] = attrs[(None, "href")]
+    return attrs
+
+
+_HASHTAG_REGEX = re.compile(r"(#[\d\w]+)")
+_MENTION_REGEX = re.compile(r"@[\d\w_.+-]+@[\d\w-]+\.[\d\w\-.]+")
+
+
+def _hashtagify(db: Session, content: str) -> tuple[str, list[dict[str, str]]]:
+    tags = []
+    hashtags = re.findall(_HASHTAG_REGEX, content)
+    hashtags = sorted(set(hashtags), reverse=True)  # unique tags, longest first
+    for hashtag in hashtags:
+        tag = hashtag[1:]
+        link = f'<a href="{BASE_URL}/t/{tag}" class="mention hashtag" rel="tag">#<span>{tag}</span></a>'  # noqa: E501
+        tags.append(dict(href=f"{BASE_URL}/t/{tag}", name=hashtag, type="Hashtag"))
+        content = content.replace(hashtag, link)
+    return content, tags
+
+
+def _mentionify(
+    db: Session, content: str, hide_domain: bool = False
+) -> tuple[str, list[dict[str, str]]]:
+    tags = []
+    for mention in re.findall(_MENTION_REGEX, content):
+        _, username, domain = mention.split("@")
+        actor = (
+            db.query(models.Actor).filter(models.Actor.handle == mention).one_or_none()
+        )
+        if not actor:
+            actor_url = webfinger.get_actor_url(mention)
+            if not actor_url:
+                # FIXME(ts): raise an error?
+                continue
+            actor = fetch_actor(db, actor_url)
+
+        tags.append(dict(type="Mention", href=actor.url, name=mention))
+
+        d = f"@{domain}"
+        if hide_domain:
+            d = ""
+
+        link = f'<span class="h-card"><a href="{actor.url}" class="u-url mention">@<span>{username}</span>{d}</a></span>'  # noqa: E501
+        content = content.replace(mention, link)
+    return content, tags
+
+
+def markdownify(
+    db: Session,
+    content: str,
+    mentionify: bool = True,
+    hashtagify: bool = True,
+) -> tuple[str, list[dict[str, str]]]:
+    """
+    >>> content, tags = markdownify("Hello")
+
+    """
+    tags = []
+    if hashtagify:
+        content, hashtag_tags = _hashtagify(db, content)
+        tags.extend(hashtag_tags)
+    if mentionify:
+        content, mention_tags = _mentionify(db, content)
+        tags.extend(mention_tags)
+    content = markdown(content, extensions=["mdx_linkify"])
+    return content, tags

app/static/css/.gitignore

@@ -0,0 +1 @@
+*.css

app/templates.py

@@ -0,0 +1,190 @@
+import base64
+from datetime import datetime
+from datetime import timezone
+from functools import lru_cache
+from typing import Any
+from urllib.parse import urlparse
+
+import bleach
+import timeago  # type: ignore
+from bs4 import BeautifulSoup  # type: ignore
+from fastapi import Request
+from fastapi.templating import Jinja2Templates
+from sqlalchemy.orm import Session
+from starlette.templating import _TemplateResponse as TemplateResponse
+
+from app import models
+from app.actor import LOCAL_ACTOR
+from app.ap_object import Attachment
+from app.boxes import public_outbox_objects_count
+from app.config import DEBUG
+from app.config import DOMAIN
+from app.config import VERSION
+from app.config import generate_csrf_token
+from app.config import session_serializer
+from app.database import now
+from app.highlight import HIGHLIGHT_CSS
+from app.highlight import highlight
+
+_templates = Jinja2Templates(directory="app/templates")
+
+
+def _filter_domain(text: str) -> str:
+    hostname = urlparse(text).hostname
+    if not hostname:
+        raise ValueError(f"No hostname for {text}")
+    return hostname
+
+
+def _media_proxy_url(url: str | None) -> str:
+    if not url:
+        return "/static/nopic.png"
+
+    if url.startswith(DOMAIN):
+        return url
+
+    encoded_url = base64.urlsafe_b64encode(url.encode()).decode()
+    return f"/proxy/media/{encoded_url}"
+
+
+def is_current_user_admin(request: Request) -> bool:
+    is_admin = False
+    session_cookie = request.cookies.get("session")
+    if session_cookie:
+        try:
+            loaded_session = session_serializer.loads(
+                session_cookie,
+                max_age=3600 * 12,
+            )
+        except Exception:
+            pass
+        else:
+            is_admin = loaded_session.get("is_logged_in")
+
+    return is_admin
+
+
+def render_template(
+    db: Session,
+    request: Request,
+    template: str,
+    template_args: dict[str, Any] = {},
+) -> TemplateResponse:
+    is_admin = False
+    is_admin = is_current_user_admin(request)
+
+    return _templates.TemplateResponse(
+        template,
+        {
+            "request": request,
+            "debug": DEBUG,
+            "microblogpub_version": VERSION,
+            "is_admin": is_admin,
+            "csrf_token": generate_csrf_token() if is_admin else None,
+            "highlight_css": HIGHLIGHT_CSS,
+            "notifications_count": db.query(models.Notification)
+            .filter(models.Notification.is_new.is_(True))
+            .count()
+            if is_admin
+            else 0,
+            "local_actor": LOCAL_ACTOR,
+            "followers_count": db.query(models.Follower).count(),
+            "following_count": db.query(models.Following).count(),
+            "objects_count": public_outbox_objects_count(db),
+            **template_args,
+        },
+    )
+
+
+# HTML/templates helper
+ALLOWED_TAGS = [
+    "a",
+    "abbr",
+    "acronym",
+    "b",
+    "br",
+    "blockquote",
+    "code",
+    "pre",
+    "em",
+    "i",
+    "li",
+    "ol",
+    "strong",
+    "sup",
+    "sub",
+    "del",
+    "ul",
+    "span",
+    "div",
+    "p",
+    "h1",
+    "h2",
+    "h3",
+    "h4",
+    "h5",
+    "h6",
+    "table",
+    "th",
+    "tr",
+    "td",
+    "thead",
+    "tbody",
+    "tfoot",
+    "colgroup",
+    "caption",
+    "img",
+]
+
+ALLOWED_ATTRIBUTES = {
+    "a": ["href", "title"],
+    "abbr": ["title"],
+    "acronym": ["title"],
+    "img": ["src", "alt", "title"],
+}
+
+
+@lru_cache(maxsize=256)
+def _update_inline_imgs(content):
+    soup = BeautifulSoup(content, "html5lib")
+    imgs = soup.find_all("img")
+    if not imgs:
+        return content
+
+    for img in imgs:
+        if not img.attrs.get("src"):
+            continue
+
+        img.attrs["src"] = _media_proxy_url(img.attrs["src"])
+
+    return soup.find("body").decode_contents()
+
+
+def _clean_html(html: str) -> str:
+    try:
+        return bleach.clean(
+            _update_inline_imgs(highlight(html)),
+            tags=ALLOWED_TAGS,
+            attributes=ALLOWED_ATTRIBUTES,
+            strip=True,
+        )
+    except Exception:
+        raise
+
+
+def _timeago(original_dt: datetime) -> str:
+    dt = original_dt
+    if dt.tzinfo:
+        dt = dt.astimezone(timezone.utc).replace(tzinfo=None)
+    return timeago.format(dt, now().replace(tzinfo=None))
+
+
+def _has_media_type(attachment: Attachment, media_type_prefix: str) -> bool:
+    return attachment.media_type.startswith(media_type_prefix)
+
+
+_templates.env.filters["domain"] = _filter_domain
+_templates.env.filters["media_proxy_url"] = _media_proxy_url
+_templates.env.filters["clean_html"] = _clean_html
+_templates.env.filters["timeago"] = _timeago
+_templates.env.filters["has_media_type"] = _has_media_type

app/templates/admin_new.html

@@ -0,0 +1,13 @@
+{%- import "utils.html" as utils with context -%}
+{% extends "layout.html" %}
+{% block content %}
+
+<form action="{{ request.url_for("admin_actions_new") }}" enctype="multipart/form-data" method="POST">
+    {{ utils.embed_csrf_token() }}
+    {{ utils.embed_redirect_url() }}
+    <textarea name="content" rows="10" cols="50" autofocus="autofocus" designMode="on" style="font-size:1.2em;width:95%;"></textarea>
+    <input name="files" type="file" multiple>
+    <input type="submit" value="Publish">
+</form>
+
+{% endblock %}

app/templates/admin_stream.html

@@ -0,0 +1,25 @@
+{%- import "utils.html" as utils with context -%}
+{% extends "layout.html" %}
+{% block content %}
+
+{% for inbox_object in stream %}
+{% if inbox_object.ap_type == "Announce" %}
+    {% if inbox_object.relates_to_inbox_object_id %}
+    {{ utils.display_object(inbox_object.relates_to_inbox_object) }}
+    {% else %}
+
+    {% endif %}
+
+{% else %}
+{{ utils.display_object(inbox_object) }}
+{% if inbox_object.liked_via_outbox_object_ap_id %}
+{{ utils.admin_undo_button(inbox_object.liked_via_outbox_object_ap_id, "Unlike") }}
+{% else %}
+{{ utils.admin_like_button(inbox_object.ap_id) }}
+{% endif %}
+
+{{ utils.admin_announce_button(inbox_object.ap_id) }}
+{% endif %}
+{% endfor %}
+
+{% endblock %}

app/templates/followers.html

@@ -0,0 +1,12 @@
+{%- import "utils.html" as utils -%}
+{% extends "layout.html" %}
+{% block content %}
+{% include "header.html" %}
+<div id="followers">
+<ul>
+{% for follower in followers %}
+<li>{{ utils.display_actor(follower.actor, actors_metadata) }}</li>
+{% endfor %}
+</ul>
+</div>
+{% endblock %}

app/templates/following.html

@@ -0,0 +1,12 @@
+{%- import "utils.html" as utils with context -%}
+{% extends "layout.html" %}
+{% block content %}
+{% include "header.html" %}
+<div id="following">
+<ul>
+{% for follow in following %}
+<li>{{ utils.display_actor(follow.actor, actors_metadata) }}</li>
+{% endfor %}
+</ul>
+</div>
+{% endblock %}

app/templates/header.html

@@ -0,0 +1,31 @@
+<header id="header">
+
+<div class="h-card p-author">
+<data class="u-photo" value="{{ local_actor.icon_url }}"></data>
+<a href="{{ local_actor.url }}" class="u-url u-uid no-hover title">
+	<span style="font-size:1.1em;">{{ local_actor.name }}</span>
+	<span  style="font-size:0.85em;" class="subtitle-username">{{ local_actor.handle }}</span>
+</a>
+
+<div class="p-note summary">
+{{ local_actor.summary | safe }}
+</div>
+
+</div>
+
+{%- macro header_link(url, text) -%}
+{% set url_for = request.url_for(url) %}
+<a href="{{ url_for }}" {% if request.url == url_for %}class="active"{% endif %}>{{ text }}</a>
+{% endmacro %}
+
+<div style="margin:30px 0;">
+<nav class="flexbox">
+    <ul>
+        <li>{{ header_link("index", "Notes") }} <span>{{ objects_count }}</span></li>
+        <li>{{ header_link("followers", "Followers") }} <span>{{ followers_count }}</span></li>
+        <li>{{ header_link("following", "Following") }} <span>{{ following_count }}</span></li>
+    </ul>
+</nav>
+
+
+</header>

app/templates/index.html

@@ -0,0 +1,14 @@
+{%- import "utils.html" as utils with context -%}
+{% extends "layout.html" %}
+{% block content %}
+{% include "header.html" %}
+
+{% for outbox_object in objects %}
+{{ outbox_object.likes_count }}
+{{ outbox_object.announces_count }}
+{{ utils.display_object(outbox_object) }}
+{% endfor %}
+
+
+
+{% endblock %}

app/templates/layout.html

@@ -0,0 +1,46 @@
+<!DOCTYPE HTML>
+<html lang="en">
+<head>
+<meta charset="utf-8">
+<meta http-equiv="x-ua-compatible" content="ie=edge">
+<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+<link rel="stylesheet" href="/static/css/main.css">
+<style>
+{{ highlight_css }}
+</style>
+</head>
+<body>
+<div id="main">
+<main>
+{% if is_admin %}
+<div id="admin">
+{% macro admin_link(url, text) %}
+{% set url_for = request.url_for(url) %}
+<a href="{{ url_for }}" {% if request.url == url_for %}class="active"{% endif %}>{{ text }}</a>
+{% endmacro %}
+<div style="margin-bottom:30px;">
+<nav class="flexbox">
+    <ul>
+        <li>Admin</li>
+        <li>{{ admin_link("index", "Public") }}</li>
+        <li>{{ admin_link("admin_new", "New") }}</li>
+        <li>{{ admin_link("stream", "Stream") }}</li>
+        <li>{{ admin_link("get_notifications", "Notifications") }} {% if notifications_count %}({{ notifications_count }}){% endif %}</li>
+        <li>{{ admin_link("get_lookup", "Lookup") }}</li>
+        <li><a href="">Bookmarks</a></li>
+        <li><a href="{{ request.url_for("logout")}}">Logout</a></li>
+    </ul>
+</nav>
+</div>
+
+</div>
+{% endif %}
+{% block content %}{% endblock %}
+</main>
+</div>
+
+<footer class="footer">
+	Powered by <a href="https://microblog.pub">microblog.pub</a> <small class="microblogpub-version"><code>{{ microblogpub_version }}</code></small> (<a href="https://github.com/tsileo/microblog.pub">source code</a>) and the <a href="https://activitypub.rocks/">ActivityPub</a> protocol
+</footer>
+</body>
+</html>

app/templates/login.html

@@ -0,0 +1,13 @@
+{%- import "utils.html" as utils with context -%}
+{% extends "layout.html" %}
+{% block content %}
+<div style="display:grid;height:80%;">
+<div style="margin:auto;">
+<form action="/admin/login" method="POST">
+<input type="hidden" name="csrf_token" value="{{ csrf_token }}">
+<input type="password" name="password">
+<input type="submit" value="Login">
+</form>
+</div>
+</div>
+{% endblock %}

app/templates/lookup.html

@@ -0,0 +1,14 @@
+{%- import "utils.html" as utils with context -%}
+{% extends "layout.html" %}
+{% block content %}
+    <form action="{{ url_for("get_lookup") }}" method="GET">
+        <input type="text" name="query" value="{{ query if query else "" }}">
+        <input type="submit" value="Lookup">
+    </form>
+    {{ actors_metadata }}
+    {% if ap_object and ap_object.ap_type == "Person" %}
+    {{ utils.display_actor(ap_object, actors_metadata) }}
+    {% elif ap_object %}
+    {{ utils.display_object(ap_object) }}
+    {% endif %}
+{% endblock %}

app/templates/notifications.html

@@ -0,0 +1,45 @@
+{%- import "utils.html" as utils with context -%}
+{% extends "layout.html" %}
+{% block content %}
+    <h2>Notifications</h2>
+    <div id="notifications">
+    {%- for notif in notifications %}
+    <div>
+            {%- if notif.notification_type.value == "new_follower" %}
+                <div title="{{ notif.created_at.isoformat() }}">
+                    <a style="font-weight:bold;" href="{{ notif.actor.url }}">{{ notif.actor.name or notif.actor.preferred_username }}</a> followed you
+                </div>
+                {{ utils.display_actor(notif.actor, actors_metadata) }}
+            {% elif notif.notification_type.value == "unfollow" %}
+                <div title="{{ notif.created_at.isoformat() }}">
+                    <a style="font-weight:bold;" href="{{ notif.actor.url }}">{{ notif.actor.name or notif.actor.preferred_username }}</a> unfollowed you
+                </div>
+                {{ utils.display_actor(notif.actor, actors_metadata) }}
+            {% elif notif.notification_type.value == "like" %}
+                <div title="{{ notif.created_at.isoformat() }}">
+                    <a style="font-weight:bold;" href="{{ notif.actor.url }}">{{ notif.actor.name or notif.actor.preferred_username }}</a> liked a post
+                </div>
+                {{ utils.display_object(notif.outbox_object) }}
+           {% elif notif.notification_type.value == "undo_like" %}
+                <div title="{{ notif.created_at.isoformat() }}">
+                    <a style="font-weight:bold;" href="{{ notif.actor.url }}">{{ notif.actor.name or notif.actor.preferred_username }}</a> un-liked a post
+                </div>
+                {{ utils.display_object(notif.outbox_object) }}
+            {% elif notif.notification_type.value == "announce" %}
+                <div title="{{ notif.created_at.isoformat() }}">
+                    <a style="font-weight:bold;" href="{{ notif.actor.url }}">{{ notif.actor.name or notif.actor.preferred_username }}</a> boosted a post
+                </div>
+                {{ utils.display_object(notif.outbox_object) }}
+           {% elif notif.notification_type.value == "undo_announce" %}
+                <div title="{{ notif.created_at.isoformat() }}">
+                    <a style="font-weight:bold;" href="{{ notif.actor.url }}">{{ notif.actor.name or notif.actor.preferred_username }}</a> un-boosted a post
+                </div>
+                {{ utils.display_object(notif.outbox_object) }}
+
+            {% else %}
+            {{ notif }}
+            {%- endif %}
+    </div>
+    {%- endfor %}
+    </div>
+{% endblock %}

app/templates/object.html

@@ -0,0 +1,8 @@
+{%- import "utils.html" as utils with context -%}
+{% extends "layout.html" %}
+{% block content %}
+{% include "header.html" %}
+
+{{ utils.display_object(outbox_object) }}
+
+{% endblock %}

app/templates/utils.html

@@ -0,0 +1,143 @@
+{% macro embed_csrf_token() %}
+<input type="hidden" name="csrf_token" value="{{ csrf_token }}">
+{% endmacro %}
+
+{% macro embed_redirect_url() %}
+<input type="hidden" name="redirect_url" value="{{ request.url }}">
+{% endmacro %}
+
+{% macro admin_follow_button(actor) %}
+<form action="{{ request.url_for("admin_actions_follow") }}" method="POST">
+    {{ embed_csrf_token() }}
+    {{ embed_redirect_url() }}
+    <input type="hidden" name="ap_actor_id" value="{{ actor.ap_id }}">
+    <input type="submit" value="Follow">
+</form>
+{% endmacro %}
+
+{% macro admin_like_button(ap_object_id) %}
+<form action="{{ request.url_for("admin_actions_like") }}" method="POST">
+    {{ embed_csrf_token() }}
+    {{ embed_redirect_url() }}
+    <input type="hidden" name="ap_object_id" value="{{ ap_object_id }}">
+    <input type="submit" value="Like">
+</form>
+{% endmacro %}
+
+{% macro admin_announce_button(ap_object_id) %}
+<form action="{{ request.url_for("admin_actions_announce") }}" method="POST">
+    {{ embed_csrf_token() }}
+    {{ embed_redirect_url() }}
+    <input type="hidden" name="ap_object_id" value="{{ ap_object_id }}">
+    <input type="submit" value="Announce">
+</form>
+{% endmacro %}
+
+{% macro admin_undo_button(ap_object_id, action="Undo") %}
+<form action="{{ request.url_for("admin_actions_undo") }}" method="POST">
+    {{ embed_csrf_token() }}
+    {{ embed_redirect_url() }}
+    <input type="hidden" name="ap_object_id" value="{{ ap_object_id }}">
+    <input type="submit" value="{{ action }}">
+</form>
+{% endmacro %}
+
+{% macro sensitive_button(permalink_id) %}
+<form action=""  method="GET">
+<input type="hidden" name="show_sensitive" value="{{ permalink_id }}">
+{% for k, v in request.query_params.items() %}
+<input type="hidden" name="{{k}}" value="{{v}}">
+{% endfor %}
+<button type="submit">display sensitive content</button>
+</form> 
+{% endmacro %}
+
+{% macro display_actor(actor, actors_metadata) %}
+{{ actors_metadata }}
+{% set metadata = actors_metadata.get(actor.ap_id) %}
+<div style="display: flex;column-gap: 20px;margin:20px 0 10px 0;" class="actor-box">
+    <div style="flex: 0 0 48px;">
+        <img src="{{ actor.icon_url | media_proxy_url }}" style="max-width:45px;">
+    </div>
+    <a href="{{ actor.url }}" style="">
+        <div><strong>{{ actor.name or actor.preferred_username }}</strong></div>
+        <div>{{ actor.handle }}</div>
+    </a>
+</div>
+{% if metadata %}
+<div>
+    <nav class="flexbox">
+    <ul>
+        <li>
+            {% if metadata.is_following %}already following {{ admin_undo_button(metadata.outbox_follow_ap_id, "Unfollow")}}
+            {% elif metadata.is_follow_request_sent %}follow request sent
+            {% else %}
+            {{ admin_follow_button(actor) }}
+            {% endif %}
+        </li>
+        <li>
+            {% if metadata.is_follower %}follows you{% else %}
+            {% endif %}
+        </li>
+    </ul>
+    </nav>
+</div>
+{% endif %}
+
+{% endmacro %}
+
+{% macro display_object(object) %}
+{% if object.ap_type in ["Note", "Article", "Video"] %}
+<div class="activity-wrap" id="{{ object.permalink_id }}">
+  <div class="activity-content">
+      <img src="{% if object.actor.icon_url %}{{ object.actor.icon_url | media_proxy_url }}{% else %}/static/nopic.png{% endif %}" alt="" class="actor-icon">
+    <div class="activity-header">
+        <strong>{{ object.actor.name or object.actor.preferred_username }}</strong>
+        <span>{{ object.actor.handle }}</span>
+        <span class="activity-date" title="{{ object.ap_published_at.isoformat() }}">
+            <a href="{{ object.url }}">{{ object.ap_published_at | timeago }}</a>
+        </span>
+        <div class="activity-main">
+            {{ object.content | clean_html | safe }}
+        </div>
+    </div>
+  </div>
+  {% if object.attachments and object.sensitive and not request.query_params["show_sensitive"] == object.permalink_id %}
+  <div class="activity-attachment">
+  {{ sensitive_button(object.permalink_id )}}
+  </div>
+  {% endif %}
+  {% if object.attachments and (not object.sensitive or (object.sensitive and request.query_params["show_sensitive"] == object.permalink_id)) %}
+  <div class="activity-attachment">
+    {% for attachment in object.attachments %}
+    {% if attachment.type == "Image" or (attachment | has_media_type("image")) %}
+    <img src="{{ attachment.url | media_proxy_url }}"{% if attachment.name %} alt="{{ attachment.name }}"{% endif %} class="attachment">
+    {% elif attachment.type == "Video" or (attachment | has_media_type("video")) %}
+    <video controls preload="metadata"  src="{{ attachment.url | media_proxy_url }}"{% if attachment.name %} title="{{ attachment.name }}"{% endif %} class="attachmeent"></video>
+    {% elif attachment.type == "Audio" or (attachment | has_media_type("audio")) %}
+    <audio controls preload="metadata"  src="{{ attachment.url | media_proxy_url }}"{% if attachment.name%} title="{{ attachment.name }}"{% endif %} style="width:480px;" class="attachment"></audio>
+    {% else %}
+    <a href="{{ attachment.url | media_proxy_url }}"{% if attachment.name %} title="{{ attachment.name }}"{% endif %} class="attachment">{{ attachment.url }}</a>
+    {% endif %}
+    {% endfor %}
+  </div>
+  {% endif %}
+  <div class="activity-bar">
+    <div class="bar-item">
+      <div class="comment-count">33</div>
+    </div>
+    
+    <div class="bar-item">
+      <div class="retweet-count">397</div>
+    </div>
+    
+    <div class="bar-item">
+      <div class="likes-count">
+        2.6k
+      </div>
+    </div>
+    
+  </div>
+</div>
+{% endif %}
+{% endmacro %}

app/urlutils.py

@@ -0,0 +1,61 @@
+import functools
+import ipaddress
+import socket
+from urllib.parse import urlparse
+
+from loguru import logger
+
+from app.config import DEBUG
+
+
+class InvalidURLError(Exception):
+    pass
+
+
+@functools.lru_cache
+def _getaddrinfo(hostname: str, port: int) -> str:
+    try:
+        ip_address = str(ipaddress.ip_address(hostname))
+    except ValueError:
+        try:
+            ip_address = socket.getaddrinfo(hostname, port)[0][4][0]
+            logger.debug(f"DNS lookup: {hostname} -> {ip_address}")
+        except socket.gaierror:
+            logger.exception(f"failed to lookup addr info for {hostname}")
+            raise
+
+    return ip_address
+
+
+def is_url_valid(url: str) -> bool:
+    """Implements basic SSRF protection."""
+    parsed = urlparse(url)
+    if parsed.scheme not in ["http", "https"]:
+        return False
+
+    # XXX in debug mode, we want to allow requests to localhost to test the
+    # federation with local instances
+    if DEBUG:  # pragma: no cover
+        return True
+
+    if not parsed.hostname or parsed.hostname.lower() in ["localhost"]:
+        return False
+
+    ip_address = _getaddrinfo(
+        parsed.hostname, parsed.port or (80 if parsed.scheme == "http" else 443)
+    )
+    logger.debug(f"{ip_address=}")
+
+    if ipaddress.ip_address(ip_address).is_private:
+        logger.info(f"rejecting private URL {url} -> {ip_address}")
+        return False
+
+    return True
+
+
+def check_url(url: str, debug: bool = False) -> None:
+    logger.debug(f"check_url {url=}")
+    if not is_url_valid(url):
+        raise InvalidURLError(f'"{url}" is invalid')
+
+    return None

app/webfinger.py

@@ -0,0 +1,79 @@
+from typing import Any
+from urllib.parse import urlparse
+
+import httpx
+from loguru import logger
+
+from app import activitypub as ap
+
+
+def webfinger(
+    resource: str,
+) -> dict[str, Any] | None:  # noqa: C901
+    """Mastodon-like WebFinger resolution to retrieve the activity stream Actor URL."""
+    logger.info(f"performing webfinger resolution for {resource}")
+    protos = ["https", "http"]
+    if resource.startswith("http://"):
+        protos.reverse()
+        host = urlparse(resource).netloc
+    elif resource.startswith("https://"):
+        host = urlparse(resource).netloc
+    else:
+        if resource.startswith("acct:"):
+            resource = resource[5:]
+        if resource.startswith("@"):
+            resource = resource[1:]
+        _, host = resource.split("@", 1)
+        resource = "acct:" + resource
+
+    is_404 = False
+
+    for i, proto in enumerate(protos):
+        try:
+            url = f"{proto}://{host}/.well-known/webfinger"
+            resp = ap.get(url, params={"resource": resource})
+            break
+        except httpx.HTTPStatusError as http_error:
+            logger.exception("HTTP error")
+            if http_error.response.status_code in [403, 404, 410]:
+                is_404 = True
+                continue
+            raise
+        except httpx.HTTPError:
+            logger.exception("req failed")
+            # If we tried https first and the domain is "http only"
+            if i == 0:
+                continue
+            break
+    if is_404:
+        return None
+
+    return resp
+
+
+def get_remote_follow_template(resource: str) -> str | None:
+    data = webfinger(resource)
+    if data is None:
+        return None
+    for link in data["links"]:
+        if link.get("rel") == "http://ostatus.org/schema/1.0/subscribe":
+            return link.get("template")
+    return None
+
+
+def get_actor_url(resource: str) -> str | None:
+    """Mastodon-like WebFinger resolution to retrieve the activity stream Actor URL.
+
+    Returns:
+        the Actor URL or None if the resolution failed.
+    """
+    data = webfinger(resource)
+    if data is None:
+        return None
+    for link in data["links"]:
+        if (
+            link.get("rel") == "self"
+            and link.get("type") == "application/activity+json"
+        ):
+            return link.get("href")
+    return None