kevadesu/forgejo
1
0
Fork 1
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-08-05 10:46:45 +02:00
Code Issues Projects Releases Packages Wiki Activity
23405 commits 18 branches 254 tags 364 MiB
Commit graph

7 commits

Author SHA1 Message Date
Michael Jerger
388e4eb44b fix: assorted ActivityPub code only refactors (#8708) 
Fix parts of issue #8221 and part of PR #4767

Is linked to https://codeberg.org/forgejo/forgejo/pulls/8274

The commit 555f6e57ad fixes timeout forgejo/forgejo#8274 (Kommentar)

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8708
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
Co-committed-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
 2025-07-28 15:17:29 +02:00
Earl Warren
b2c8a1cfd3 Revert "fix: assorted ActivityPub code only refactors (#8274)" (#8705) 
This reverts commit e271c24100.

It was an experiment to verify that adding a delay to the test make a difference. But it does not so... reverting.

@jerger before engaging in a refactor, it is necessary to get to the bottom of this:

- Find the root cause of those failures
- Fix it in a minimal way

Refs https://codeberg.org/forgejo/forgejo/pulls/8274#issuecomment-5987215

---

- https://codeberg.org/forgejo/forgejo/actions/runs/92182/jobs/9
- https://codeberg.org/forgejo/forgejo/actions/runs/92182/jobs/10

```
--- FAIL: TestFederationHttpSigValidation (11.34s)
    testlogger.go:411: 2025/07/28 00:23:46 ...les/storage/local.go:33:NewLocalStorage() [I] Creating new Local Storage at /workspace/forgejo/forgejo/tests/gitea-lfs-meta
    testlogger.go:411: 2025/07/28 00:23:52 ...ypub/reqsignature.go:76:func1() [W] verifyHttpSignatures failed: neither "Signature" nor "Authorization" have signature parameters
    testlogger.go:411: 2025/07/28 00:23:52 ...eb/routing/logger.go:102:func1() [I] router: completed GET http://127.0.0.1:3002/api/v1/activitypub/user-id/2 for test-mock:12345, 400 Bad Request in 5.3ms @ activitypub/reqsignature.go:74(activitypub.ReqHTTPUserOrInstanceSignature)
    testlogger.go:411: 2025/07/28 00:23:52 ...ces/auth/httpsign.go:70:Verify() [W] Failed authentication attempt from 127.0.0.1:43244
    testlogger.go:411: 2025/07/28 00:23:55 ...eb/routing/logger.go:68:func1() [W] router: slow      GET /api/v1/activitypub/user-id/2 for 127.0.0.1:43244, elapsed 3684.7ms @ activitypub/reqsignature.go:74(activitypub.ReqHTTPUserOrInstanceSignature)
    --- FAIL: TestFederationHttpSigValidation/SignedRequest (5.01s)
        api_federation_httpsig_test.go:50:
            	Error Trace:	/workspace/forgejo/forgejo/tests/integration/api_federation_httpsig_test.go:50
            	Error:      	Received unexpected error:
            	            	Get "http://127.0.0.1:3002/api/v1/activitypub/user-id/2": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
            	Test:       	TestFederationHttpSigValidation/SignedRequest
    --- FAIL: TestFederationHttpSigValidation/ValidateCaches (0.00s)
        api_federation_httpsig_test.go:64:
            	Error Trace:	/workspace/forgejo/forgejo/tests/integration/api_federation_httpsig_test.go:64
            	Error:      	Expected value not to be nil.
            	Test:       	TestFederationHttpSigValidation/ValidateCaches
    test_utils.go:247: PrepareTestEnv:Process "GET: /api/v1/activitypub/user-id/2" cancelled
panic: runtime error: invalid memory address or nil pointer dereference [recovered]
	panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x4cc464a]
```

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8705
Reviewed-by: jerger <jerger@noreply.codeberg.org>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
 2025-07-28 10:55:04 +02:00
Michael Jerger
e271c24100 fix: assorted ActivityPub code only refactors (#8274) 
Fix parts of issue https://codeberg.org/forgejo/forgejo/issues/8221
and PR https://codeberg.org/forgejo/forgejo/pulls/4767

- PostgreSQL
- TestActivityPubPerson/SignedRequestValidation

```
    --- FAIL: TestActivityPubPerson/SignedRequestValidation (5.01s)
        api_activitypub_person_test.go:51:
            	Error Trace:	/workspace/forgejo/forgejo/tests/integration/api_activitypub_person_test.go:51
            	Error:      	Received unexpected error:
            	            	Get "http://127.0.0.1:3002/api/v1/activitypub/user-id/2": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
            	Test:       	TestActivityPubPerson/SignedRequestValidation
    testlogger.go:411: 2025/06/24 00:12:27 ...eb/routing/logger.go:102:func1() [I] router: completed GET /api/v1/activitypub/user-id/2 for 127.0.0.1:50456, 200 OK in 5032.2ms @ activitypub/person.go:21(activitypub.Person)
```

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8274
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
Co-committed-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
 2025-07-25 18:01:43 +02:00
Michael Jerger
c69e8cde7a chore(ci): temporarily disable flaky ActivityPub related tests (#8395) 
As discussed in forgejo/forgejo#8274

A workaround till analysis of test timeouts helped us to fix the root cause.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8395
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
Co-committed-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
 2025-07-07 14:29:57 +02:00
Michael Jerger
6f501b1fdf Improved signature handling & instance actor (#8275)
Some checks are pending
/ release (push) Waiting to run
testing-integration / test-unit (push) Waiting to run
testing-integration / test-sqlite (push) Waiting to run
testing / test-e2e (push) Blocked by required conditions
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
This PR is part of https://codeberg.org/forgejo/forgejo/pulls/4767

It improves the signature handling:
1. move logic to a service (might be used from other services as well)
2. make a clear difference between ` ReqHTTPUserSignature` and `ReqHTTPUserOrInstanceSignature`
3. improve test ability (activitypub/client & distant_federation_server_mock

Adjust instance actor
1. name &
2. webfinger

## Strategy for next PRs is

Integration tests are in the driving seat.

I will step by step add integration tests form original PR and add code required by the integration test changes.

## Meta

Proposal howto process large PRs can be discussed here: https://codeberg.org/forgejo-contrib/federation/pulls/37

Current state with rendered diagrams can be found here: https://codeberg.org/meissa/federation/src/branch/merge-large-pr/doc/merge-large-pr.md

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8275
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
Co-committed-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
 2025-07-01 19:49:00 +02:00
zam
f6a5b783d2 add port and schema to federation host (#7203) 
## Checklist

The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).

### Tests

- I added test coverage for Go changes...
  - [x] in their respective `*_test.go` for unit tests.
  - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server.

### Documentation

- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [ ] I did not document these changes and I do not expect someone else to do it.

### Release notes

- [ ] I do not want this change to show in the release notes.
- [ ] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.

Co-authored-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7203
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: zam <mirco.zachmann@meissa.de>
Co-committed-by: zam <mirco.zachmann@meissa.de>
 2025-04-16 08:07:51 +00:00
famfo
77b0275572 feat(activitiypub): enable HTTP signatures on all ActivityPub endpoints (#7035) 
- Set the right keyID and use the right signing keys for outgoing requests.
- Verify the HTTP signature of all incoming requests, except for the server actor.
- Caches keys of incoming requests for users and servers actors.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7035
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: famfo <famfo@famfo.xyz>
Co-committed-by: famfo <famfo@famfo.xyz>
 2025-04-03 15:24:15 +00:00