NodeBB v4.0.0 Beta
-
@[email protected] @[email protected] If not for HTTP signatures, would we be looking toward proofs to guarantee authenticity of received activities?
-
depends what you're trying to assert or prove. signing http messages in general is something that could still be done, if your goal is to assert who made the http request. embedding a signature on a document is fine, if your goal is to assert who authored the document and that the document has not been modified. (or you could limit it to just the content, or some arbitrary metadata, or whatever.)
for any key-based verification methods, you need to be wary of key reuse. it's possible for the keyId to be different, but for the key material to be the same as some other key. you can generally tell that an actor is represented by a key, and then the key can claim to be controlled by that actor, but you don't know if the associated private key is in fact being controlled by other actors unknown to you, or if other actors are represented by the same public key material. so some level of deduplication of public keys may be needed before you can authenticate an identity. of course the "real" problem is that the keys are most likely custodial, and rather than try to discover and enumerate every single actor from a given domain, most implementers just assume that any keyId on a given domain is in reality controlled by the software running on that domain. (the same-origin policy, basically.)
so in conclusion, if you're trying to know that a given identity is behind the request, then the best you can tell right now is that their server is making the request. whereas with stuff like fedcm oidc or fedcm indieauth, the request is happening in the browser.
-
I get the following error trying to upgrade from v3.9.10 on my dev install:
4. Updating NodeBB data store schema... Parsing upgrade scripts... OK | 8 script(s) found, 145 skipped → [2024/2/22] Setting up default configs/privileges re: ActivityPub...Error occurred Error occurred during upgrade: Error: [[error:invalid-data]] at Meta.slugTaken (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/meta/index.js:34:9) at Object.wrapperCallback [as slugTaken] (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/promisify.js:46:11) at generateHandle (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/categories/create.js:153:26) at Object.wrapperCallback [as generateHandle] (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/promisify.js:46:11) at /var/www/vhosts/domain.com/test.domain.com/NodeBB/src/upgrades/4.0.0/activitypub_setup.js:25:36 at Array.map (<anonymous>) at Object.method (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/upgrades/4.0.0/activitypub_setup.js:23:42) at process.processTicksAndRejections (node:internal/process/task_queues:105:5) at async Upgrade.process (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/upgrade.js:161:4) at async Upgrade.run (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/upgrade.js:110:2) -
@Julian here you go:
Parsing upgrade scripts... OK | 1 script(s) found → [2024/2/22] Setting up default configs/privileges re: ActivityPub...[ { name: 'Cookie 7' }, { name: 'TuneTag' }, { name: 'Cookie 5' }, { name: 'News' }, { name: 'Minim' }, { name: 'Cookie 4' }, { name: 'ColorWell' }, { name: 'Cookie 6' }, { name: 'WiFiSpoof' }, { name: 'SessionRestore JS' }, { name: 'Privatus' }, { name: 'USBclean' }, { name: 'SessionRestore' }, { name: 'Hides' }, { name: 'Xliff Editor' }, { name: 'Other apps' }, { name: 'Invisible' }, { name: 'Archived' }, { name: 'Misc' }, { name: null } ] Error occurred 2024-10-03T18:18:47.515Z [4568/1713751] - error: uncaughtException: [[error:invalid-data]] Error: [[error:invalid-data]] at Meta.slugTaken (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/meta/index.js:34:9) at Object.wrapperCallback [as slugTaken] (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/promisify.js:46:11) at generateHandle (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/categories/create.js:153:26) at Object.wrapperCallback [as generateHandle] (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/promisify.js:46:11) at /var/www/vhosts/domain.com/test.domain.com/NodeBB/src/upgrades/4.0.0/activitypub_setup.js:25:36 at Array.map (<anonymous>) at Object.method (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/upgrades/4.0.0/activitypub_setup.js:23:42) at process.processTicksAndRejections (node:internal/process/task_queues:105:5) at async Upgrade.process (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/upgrade.js:161:4) at async Upgrade.runParticular (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/upgrade.js:118:2) {"date":"Thu Oct 03 2024 20:18:47 GMT+0200 (Central European Summer Time)","error":{},"exception":true,"os":{"loadavg":[0.21,0.17,0.06],"uptime":2804105.47},"process":{"argv":["/opt/plesk/node/22/bin/node","/var/www/vhosts/domain.com/test.domain.com/NodeBB/nodebb","upgrade","activitypub_setup"],"cwd":"/var/www/vhosts/domain.com/test.domain.com/NodeBB","execPath":"/opt/plesk/node/22/bin/node","gid":1003,"memoryUsage":{"arrayBuffers":869789,"external":4802391,"heapTotal":92000256,"heapUsed":63868520,"rss":177631232},"pid":1713751,"uid":10011,"version":"v22.9.0"},"stack":"Error: [[error:invalid-data]]\n at Meta.slugTaken (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/meta/index.js:34:9)\n at Object.wrapperCallback [as slugTaken] (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/promisify.js:46:11)\n at generateHandle (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/categories/create.js:153:26)\n at Object.wrapperCallback [as generateHandle] (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/promisify.js:46:11)\n at /var/www/vhosts/domain.com/test.domain.com/NodeBB/src/upgrades/4.0.0/activitypub_setup.js:25:36\n at Array.map (<anonymous>)\n at Object.method (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/upgrades/4.0.0/activitypub_setup.js:23:42)\n at process.processTicksAndRejections (node:internal/process/task_queues:105:5)\n at async Upgrade.process (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/upgrade.js:161:4)\n at async Upgrade.runParticular (/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/upgrade.js:118:2)","trace":[{"column":9,"file":"/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/meta/index.js","function":"Meta.slugTaken","line":34,"method":"slugTaken","native":false},{"column":11,"file":"/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/promisify.js","function":"Object.wrapperCallback [as slugTaken]","line":46,"method":"wrapperCallback [as slugTaken]","native":false},{"column":26,"file":"/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/categories/create.js","function":"generateHandle","line":153,"method":null,"native":false},{"column":11,"file":"/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/promisify.js","function":"Object.wrapperCallback [as generateHandle]","line":46,"method":"wrapperCallback [as generateHandle]","native":false},{"column":36,"file":"/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/upgrades/4.0.0/activitypub_setup.js","function":null,"line":25,"method":null,"native":false},{"column":null,"file":null,"function":"Array.map","line":null,"method":"map","native":false},{"column":42,"file":"/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/upgrades/4.0.0/activitypub_setup.js","function":"Object.method","line":23,"method":"method","native":false},{"column":5,"file":"node:internal/process/task_queues","function":"process.processTicksAndRejections","line":105,"method":"processTicksAndRejections","native":false},{"column":4,"file":"/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/upgrade.js","function":"async Upgrade.process","line":161,"method":"process","native":false},{"column":2,"file":"/var/www/vhosts/domain.com/test.domain.com/NodeBB/src/upgrade.js","function":"async Upgrade.runParticular","line":118,"method":"runParticular","native":false}]} $ -
@Julian I filtered out the null names and the upgrade went through:
"use strict"; const db = require("../../database"); const meta = require("../../meta"); const categories = require("../../categories"); const slugify = require("../../slugify"); module.exports = { name: "Setting up default configs/privileges re: ActivityPub", timestamp: Date.UTC(2024, 1, 22), method: async () => { // Disable ActivityPub (upgraded installs have to opt-in to AP) meta.configs.set("activitypubEnabled", 0); // Set default privileges for world category const install = require("../../install"); await install.giveWorldPrivileges(); // Run through all categories and ensure their slugs are unique (incl. users/groups too) const cids = await db.getSortedSetMembers("categories:cid"); const names = await db.getObjectsFields( cids.map((cid) => `category:${cid}`), cids.map(() => "name"), ); const nullIndexes = names .map((element, index) => (element["name"] === null ? index : -1)) // mark null elements .filter((index) => index !== -1); let filteredNames = names.filter(element => element["name"] !== null); let filteredCids = cids.filter((_, index) => !nullIndexes.includes(index)); const handles = await Promise.all( filteredCids.map(async (cid, idx) => { const { name } = filteredNames[idx]; const handle = await categories.generateHandle(slugify(name)); return handle; }), ); await Promise.all([ db.setObjectBulk( filteredCids.map((cid, idx) => [`category:${cid}`, { handle: handles[idx] }]), ), db.sortedSetAdd("categoryhandle:cid", filteredCids, handles), ]); }, };
Copyright © 2024 NodeBB | Contributors