simon/dog-and-duck
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
dog-and-duck/docs/codox/Using_ActivityPub.html
Simon Brooke 25c86b80fa
Collections validation written, refactoring done, existing tests pass. 
New tests have yet to be written for collections functionality.
2022-12-27 20:28:27 +00:00

38 lines
13 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html PUBLIC ""
"">
<html><head><meta charset="UTF-8" /><title>Using ActivityPub</title><link rel="stylesheet" type="text/css" href="css/default.css" /><link rel="stylesheet" type="text/css" href="css/highlight.css" /><script type="text/javascript" src="js/highlight.min.js"></script><script type="text/javascript" src="js/jquery.min.js"></script><script type="text/javascript" src="js/page_effects.js"></script><script>hljs.initHighlightingOnLoad();</script></head><body><div id="header"><h2>Generated by <a href="https://github.com/weavejester/codox">Codox</a></h2><h1><a href="index.html"><span class="project-title"><span class="project-name">Dog-and-duck</span> <span class="project-version">0.1.0-SNAPSHOT</span></span></a></h1></div><div class="sidebar primary"><h3 class="no-link"><span class="inner">Project</span></h3><ul class="index-link"><li class="depth-1 "><a href="index.html"><div class="inner">Index</div></a></li></ul><h3 class="no-link"><span class="inner">Topics</span></h3><ul><li class="depth-1 current"><a href="Using_ActivityPub.html"><div class="inner"><span>Using ActivityPub</span></div></a></li><li class="depth-1 "><a href="Validation_Faults.html"><div class="inner"><span>Validation Faults in ActivityPub documents</span></div></a></li><li class="depth-1 "><a href="intro.html"><div class="inner"><span>Introduction</span></div></a></li></ul><h3 class="no-link"><span class="inner">Namespaces</span></h3><ul><li class="depth-1"><div class="no-link"><div class="inner"><span class="tree"><span class="top"></span><span class="bottom"></span></span><span>clj-activitypub</span></div></div></li><li class="depth-2 branch"><a href="clj-activitypub.core.html"><div class="inner"><span class="tree"><span class="top"></span><span class="bottom"></span></span><span>core</span></div></a></li><li class="depth-2"><div class="no-link"><div class="inner"><span class="tree"><span class="top"></span><span class="bottom"></span></span><span>internal</span></div></div></li><li class="depth-3 branch"><a href="clj-activitypub.internal.crypto.html"><div class="inner"><span class="tree"><span class="top"></span><span class="bottom"></span></span><span>crypto</span></div></a></li><li class="depth-3 branch"><a href="clj-activitypub.internal.http-util.html"><div class="inner"><span class="tree"><span class="top"></span><span class="bottom"></span></span><span>http-util</span></div></a></li><li class="depth-3"><a href="clj-activitypub.internal.thread-cache.html"><div class="inner"><span class="tree"><span class="top"></span><span class="bottom"></span></span><span>thread-cache</span></div></a></li><li class="depth-2"><a href="clj-activitypub.webfinger.html"><div class="inner"><span class="tree" style="top: -114px;"><span class="top" style="height: 123px;"></span><span class="bottom"></span></span><span>webfinger</span></div></a></li><li class="depth-1"><div class="no-link"><div class="inner"><span class="tree" style="top: -207px;"><span class="top" style="height: 216px;"></span><span class="bottom"></span></span><span>dog-and-duck</span></div></div></li><li class="depth-2"><div class="no-link"><div class="inner"><span class="tree"><span class="top"></span><span class="bottom"></span></span><span>quack</span></div></div></li><li class="depth-3"><a href="dog-and-duck.quack.picky.html"><div class="inner"><span class="tree"><span class="top"></span><span class="bottom"></span></span><span>picky</span></div></a></li><li class="depth-4 branch"><a href="dog-and-duck.quack.picky.collections.html"><div class="inner"><span class="tree"><span class="top"></span><span class="bottom"></span></span><span>collections</span></div></a></li><li class="depth-4 branch"><a href="dog-and-duck.quack.picky.constants.html"><div class="inner"><span class="tree"><span class="top"></span><span class="bottom"></span></span><span>constants</span></div></a></li><li class="depth-4 branch"><a href="dog-and-duck.quack.picky.control-variables.html"><div class="inner"><span class="tree"><span class="top"></span><span class="bottom"></span></span><span>control-variables</span></div></a></li><li class="depth-4 branch"><a href="dog-and-duck.quack.picky.fault-messages.html"><div class="inner"><span class="tree"><span class="top"></span><span class="bottom"></span></span><span>fault-messages</span></div></a></li><li class="depth-4 branch"><a href="dog-and-duck.quack.picky.required-properties.html"><div class="inner"><span class="tree"><span class="top"></span><span class="bottom"></span></span><span>required-properties</span></div></a></li><li class="depth-4"><a href="dog-and-duck.quack.picky.utils.html"><div class="inner"><span class="tree"><span class="top"></span><span class="bottom"></span></span><span>utils</span></div></a></li><li class="depth-3"><a href="dog-and-duck.quack.quack.html"><div class="inner"><span class="tree" style="top: -207px;"><span class="top" style="height: 216px;"></span><span class="bottom"></span></span><span>quack</span></div></a></li><li class="depth-2"><div class="no-link"><div class="inner"><span class="tree" style="top: -269px;"><span class="top" style="height: 278px;"></span><span class="bottom"></span></span><span>scratch</span></div></div></li><li class="depth-3 branch"><a href="dog-and-duck.scratch.core.html"><div class="inner"><span class="tree"><span class="top"></span><span class="bottom"></span></span><span>core</span></div></a></li><li class="depth-3 branch"><a href="dog-and-duck.scratch.parser.html"><div class="inner"><span class="tree"><span class="top"></span><span class="bottom"></span></span><span>parser</span></div></a></li><li class="depth-3"><a href="dog-and-duck.scratch.scratch.html"><div class="inner"><span class="tree"><span class="top"></span><span class="bottom"></span></span><span>scratch</span></div></a></li><li class="depth-2"><div class="no-link"><div class="inner"><span class="tree" style="top: -114px;"><span class="top" style="height: 123px;"></span><span class="bottom"></span></span><span>utils</span></div></div></li><li class="depth-3"><a href="dog-and-duck.utils.process.html"><div class="inner"><span class="tree"><span class="top"></span><span class="bottom"></span></span><span>process</span></div></a></li></ul></div><div class="document" id="content"><div class="doc"><div class="markdown"><h1><a href="#using-activitypub" name="using-activitypub"></a>Using ActivityPub</h1>
<h2><a href="#introduction" name="introduction"></a>Introduction</h2>
<p>I do not know what I am doing; I am learning, and playing. Nothing in this document should be treated as good advice; it simply relates to the current state of my knowledge.</p>
<h2><a href="#what-happens-when-you-post-a-new-item-to-an-activitypub-server" name="what-happens-when-you-post-a-new-item-to-an-activitypub-server"></a>What happens when you post a new item to an ActivityPub server</h2>
<p>Your client issues a POST request to your outbox URI, with the object youre posting as payload. It <a href="https://www.w3.org/TR/activitypub/#create-activity-outbox"><em>should</em></a> be wrapped in a <code>Create</code> activity, but the spec <a href="https://www.w3.org/TR/activitypub/#object-without-create">makes clear that</a>:</p>
<blockquote>
<p>The server MUST accept a valid [ActivityStreams] object that isnt a subtype of Activity in the POST request to the outbox</p>
</blockquote>
<p>If no <code>Create</code> wrapper is present, the server creates one before further processing the request.</p>
<p>The <code>Create</code> wrapper, or, if that is missing, the object itself, <em>may</em> have properties <code>to</code>, <code>bto</code>, <code>cc</code>, <code>bcc</code>, and <code>audience</code>.</p>
<p>The <code>to</code>, <code>bto</code>, <code>cc</code>, and <code>bcc</code> properties are all expected to be either URIs of actors, or URIs of collections of actors. The behaviour of your local ActivityPub server in response to these properties is similar: it sends a POST request to the <code>inbox</code> URI associated with each actor URI.</p>
<p>Theres one magic URI, "<a href="https://www.w3.org/ns/activitystreams#Public" "="">https://www.w3.org/ns/activitystreams#Public"</a>. If this is specified in any of the above fields (including <code>audience</code>), then the wrapped object is sent to the outboxes of each actor on your <code>followers</code> list; but also, it is recognised by other ActivityPub servers as a public post, and will thus appear in their Federated feed as well as in the individual feeds your followers and of people directly addressed.</p>
<h3><a href="#things-i-dont-yet-understand-about-create" name="things-i-dont-yet-understand-about-create"></a>Things I dont yet understand about Create</h3>
<ol>
<li>Is the entire new object transmitted in the Create transmission to each addressee, or only its (URI) <code>id</code> value?</li>
<li>What happens if an addressees home server is down at the time the object is posted? Is it queued for them and subsequently retried until it is delivered, or is it dropped?</li>
<li>When multiple actors on one host server are addressed in a Create request, is the <code>inbox</code> URI for each actor individually posted to, or is there one postmaster endpoint on the server which can be addressed, from which the post can then be distributed to the particular actors inboxes?</li>
<li>What is the response your local server makes to your client? Does it contain the <code>id</code> of the object created, or is that <code>id</code> generated by the client in the first place?</li>
<li>If an item doesnt have the magic public URL among its addressees, is an attempt to GET that item checked for whether the originator of the request is one of the explicit addressees? Or is such a request simply refused 401 <code>not authorised</code>?</li>
</ol>
<p>Obviously if the outbox being posted to is not the outbox of the duly authenticated and authorised logged in user, the attempt to post to an outbox must fail with a 401 <code>not authorised</code> response.</p>
<h2><a href="#what-happens-when-you-post-an-update-activity-regarding-an-existing-item" name="what-happens-when-you-post-an-update-activity-regarding-an-existing-item"></a>What happens when you post an Update activity regarding an existing item</h2>
<p>Your client issues a POST request to your outbox URI, with the <code>Update</code> activity object as payload. The Update activity will have in its <code>object</code> field a partially specified copy of the object to be updated, containing only the <code>id</code> value and the values of those fields to be changed. Your local server will update its stored representation of the object.</p>
<p>I am not clear whether it will retransmit the Update to users addressed in the Create object. I see messages of the form [user] edited a post in my Notifications feed on Mastodon, so it seems so.</p>
<h2><a href="#what-happens-when-you-post-a-delete-activity-regarding-an-existing-item" name="what-happens-when-you-post-a-delete-activity-regarding-an-existing-item"></a>What happens when you post a Delete activity regarding an existing item</h2>
<p>Your client issues a POST request to your outbox URI, with the <code>Delete</code> activity object as payload. The Delete activity object has in its <code>object</code> value (probably?) only the <code>id</code> value of the object to be deleted, or, at most, a <code>Link</code> object having that has that <code>id</code> value as its <code>href</code> value.</p>
<p>The Delete object is NOT retransmitted to the addressees of the original create request. Instead, your server will either:</p>
<ol>
<li>Return a 404 reponse to all subsequent requests for the object, or</li>
<li>Return a 410 Gone response, having as payload a <code>Tombstone</code> object.</li>
</ol>
<h3><a href="#the-tombstone-object" name="the-tombstone-object"></a>The Tombstone object</h3>
<p>The Tombstone object is a means of acknowledging that the requested object did once exist. It is an ActivityStreams object with the same <code>id</code> value as the original (deleted) object,the <code>type</code> value <code>Tombstone</code>, and the following fields: <code>published</code>, <code>deleted</code>, and (presumably optionally) <code>updated</code>. The values of these fields are timestamps (? or in the case of <code>updated</code>, perhaps lists of timestamps?)</p>
<h2><a href="#what-i-dont-yet-understand-about-this-whole-lifecycle" name="what-i-dont-yet-understand-about-this-whole-lifecycle"></a>What I dont yet understand about this whole lifecycle</h2>
<p>If were pushing entire objects which may include media attachments to the inboxes of many recipients who may never choose to read them, that feels like a lot of wasted bandwidth. However, if were pushing only ids or links of posts which are not public, that feels like a major security headache in verifying that the requestors are indeed verified recipients.</p>
<p>Again, the fact that Mastodon is able to show me [user] edited a post items in my notifications seems to imply that updates of the complete edited object are being pushed out to all recipients inboxes, and again that seems expensive.</p></div></div></div></body></html>
Reference in a new issue View git blame Copy permalink