server/api/users/:uuid/inbox/index.ts

import { apiRoute, applyConfig } from "@/api";
import { createRoute } from "@hono/zod-openapi";
import { getLogger } from "@logtape/logtape";
import type { Entity } from "@versia/federation/types";
import { Instance, User } from "@versia/kit/db";
import { z } from "zod";
import { InboxProcessor } from "~/classes/inbox/processor";
import { ErrorSchema } from "~/types/api";

export const meta = applyConfig({
    auth: {
        required: false,
    },
    ratelimits: {
        duration: 60,
        max: 500,
    },
    route: "/users/:uuid/inbox",
});

export const schemas = {
    param: z.object({
        uuid: z.string().uuid(),
    }),
    header: z.object({
        "x-signature": z.string().optional(),
        "x-nonce": z.string().optional(),
        "x-signed-by": z.string().url().or(z.string().startsWith("instance ")),
        authorization: z.string().optional(),
    }),
    body: z.any(),
};

const route = createRoute({
    method: "post",
    path: "/users/{uuid}/inbox",
    summary: "Receive federation inbox",
    request: {
        params: schemas.param,
        headers: schemas.header,
        body: {
            content: {
                "application/json": {
                    schema: schemas.body,
                },
            },
        },
    },
    responses: {
        200: {
            description: "Request processed",
        },
        201: {
            description: "Request accepted",
        },
        400: {
            description: "Bad request",
            content: {
                "application/json": {
                    schema: ErrorSchema,
                },
            },
        },
        401: {
            description: "Signature could not be verified",
            content: {
                "application/json": {
                    schema: ErrorSchema,
                },
            },
        },
        403: {
            description: "Cannot view users from remote instances",
            content: {
                "application/json": {
                    schema: ErrorSchema,
                },
            },
        },
        404: {
            description: "Not found",
            content: {
                "application/json": {
                    schema: ErrorSchema,
                },
            },
        },
        500: {
            description: "Internal server error",
            content: {
                "application/json": {
                    schema: z.object({
                        error: z.string(),
                        message: z.string(),
                    }),
                },
            },
        },
    },
});

export default apiRoute((app) =>
    app.openapi(route, async (context) => {
        const {
            "x-signature": signature,
            "x-nonce": nonce,
            "x-signed-by": signedBy,
            authorization,
        } = context.req.valid("header");

        const logger = getLogger(["federation", "inbox"]);
        const body: Entity = await context.req.valid("json");

        const sender = await User.resolve(signedBy);

        if (!(sender || signedBy.startsWith("instance "))) {
            return context.json(
                { error: `Couldn't resolve sender URI ${signedBy}` },
                404,
            );
        }

        if (sender?.isLocal()) {
            return context.json(
                {
                    error: "Cannot process federation requests from local users",
                },
                400,
            );
        }

        const remoteInstance = sender
            ? await Instance.fromUser(sender)
            : await Instance.resolveFromHost(signedBy.split(" ")[1]);

        if (!remoteInstance) {
            return context.json(
                { error: "Could not resolve the remote instance." },
                500,
            );
        }

        const processor = new InboxProcessor(
            context,
            body,
            remoteInstance,
            {
                signature,
                nonce,
                authorization,
            },
            logger,
        );

        return await processor.process();
    }),
);
refactor(federation): :recycle: Move incoming federation handling to custom class 2024-11-01 20:42:32 +01:00			`import { apiRoute, applyConfig } from "@/api";`
refactor(api): :recycle: More OpenAPI refactoring work 2024-09-16 15:29:09 +02:00			`import { createRoute } from "@hono/zod-openapi";`
refactor(federation): :recycle: Move incoming federation handling to custom class 2024-11-01 20:42:32 +01:00			`import { getLogger } from "@logtape/logtape";`
			`import type { Entity } from "@versia/federation/types";`
refactor(federation): :recycle: Correctly handle bridge requests and instance signatures in user inboxes 2024-11-23 23:02:18 +01:00			`import { Instance, User } from "@versia/kit/db";`
refactor(api): :recycle: Move to Hono for HTTP 2024-05-06 09:16:33 +02:00			`import { z } from "zod";`
refactor(federation): :recycle: Move incoming federation handling to custom class 2024-11-01 20:42:32 +01:00			`import { InboxProcessor } from "~/classes/inbox/processor";`
refactor(api): :recycle: More OpenAPI refactoring work 2024-09-16 15:29:09 +02:00			`import { ErrorSchema } from "~/types/api";`
refactor(api): :recycle: Move to Hono for HTTP 2024-05-06 09:16:33 +02:00
			`export const meta = applyConfig({`
			`auth: {`
			`required: false,`
			`},`
			`ratelimits: {`
			`duration: 60,`
			`max: 500,`
			`},`
fix(federation): :ambulance: Correct user inbox endpoint API route 2024-05-17 09:51:49 +02:00			`route: "/users/:uuid/inbox",`
refactor(api): :recycle: Move to Hono for HTTP 2024-05-06 09:16:33 +02:00			`});`

			`export const schemas = {`
			`param: z.object({`
			`uuid: z.string().uuid(),`
			`}),`
			`header: z.object({`
refactor(federation): :recycle: Correctly handle bridge requests and instance signatures in user inboxes 2024-11-23 23:02:18 +01:00			`"x-signature": z.string().optional(),`
			`"x-nonce": z.string().optional(),`
			`"x-signed-by": z.string().url().or(z.string().startsWith("instance ")),`
feat(federation): :sparkles: Add bridge tokens, federation request debugging 2024-05-22 02:59:03 +02:00			`authorization: z.string().optional(),`
refactor(api): :recycle: Move to Hono for HTTP 2024-05-06 09:16:33 +02:00			`}),`
fix(federation): :bug: Fix federation bug with already consumed body 2024-05-17 10:37:06 +02:00			`body: z.any(),`
refactor(api): :recycle: Move to Hono for HTTP 2024-05-06 09:16:33 +02:00			`};`

refactor(api): :recycle: More OpenAPI refactoring work 2024-09-16 15:29:09 +02:00			`const route = createRoute({`
			`method: "post",`
			`path: "/users/{uuid}/inbox",`
			`summary: "Receive federation inbox",`
			`request: {`
			`params: schemas.param,`
			`headers: schemas.header,`
			`body: {`
			`content: {`
			`"application/json": {`
			`schema: schemas.body,`
			`},`
			`},`
			`},`
			`},`
			`responses: {`
			`200: {`
			`description: "Request processed",`
			`},`
			`201: {`
			`description: "Request accepted",`
			`},`
			`400: {`
			`description: "Bad request",`
			`content: {`
			`"application/json": {`
			`schema: ErrorSchema,`
			`},`
			`},`
			`},`
			`401: {`
			`description: "Signature could not be verified",`
			`content: {`
			`"application/json": {`
			`schema: ErrorSchema,`
			`},`
			`},`
			`},`
			`403: {`
			`description: "Cannot view users from remote instances",`
			`content: {`
			`"application/json": {`
			`schema: ErrorSchema,`
			`},`
			`},`
			`},`
			`404: {`
			`description: "Not found",`
			`content: {`
			`"application/json": {`
			`schema: ErrorSchema,`
			`},`
			`},`
			`},`
			`500: {`
			`description: "Internal server error",`
			`content: {`
			`"application/json": {`
			`schema: z.object({`
			`error: z.string(),`
			`message: z.string(),`
feat(federation): :sparkles: Add bridge tokens, federation request debugging 2024-05-22 02:59:03 +02:00			`}),`
refactor(api): :recycle: More OpenAPI refactoring work 2024-09-16 15:29:09 +02:00			`},`
			`},`
			`},`
			`},`
			`});`
feat(federation): :sparkles: Add bridge support to Lysand 2024-05-17 19:56:13 +02:00
refactor(api): :recycle: More OpenAPI refactoring work 2024-09-16 15:29:09 +02:00			`export default apiRoute((app) =>`
			`app.openapi(route, async (context) => {`
			`const {`
			`"x-signature": signature,`
			`"x-nonce": nonce,`
			`"x-signed-by": signedBy,`
			`authorization,`
			`} = context.req.valid("header");`

refactor(federation): :recycle: Move incoming federation handling to custom class 2024-11-01 20:42:32 +01:00			`const logger = getLogger(["federation", "inbox"]);`
refactor(api): :recycle: More OpenAPI refactoring work 2024-09-16 15:29:09 +02:00			`const body: Entity = await context.req.valid("json");`

			`const sender = await User.resolve(signedBy);`

refactor(federation): :recycle: Correctly handle bridge requests and instance signatures in user inboxes 2024-11-23 23:02:18 +01:00			`if (!(sender \|\| signedBy.startsWith("instance "))) {`
refactor(federation): :recycle: Refactor user inbox API to reduce complexity 2024-10-28 13:13:50 +01:00			`return context.json(`
refactor(federation): :recycle: Correctly handle bridge requests and instance signatures in user inboxes 2024-11-23 23:02:18 +01:00			{ error: `Couldn't resolve sender URI ${signedBy}` },
refactor(federation): :recycle: Refactor user inbox API to reduce complexity 2024-10-28 13:13:50 +01:00			`404,`
			`);`
			`}`

refactor(api): :recycle: More OpenAPI refactoring work 2024-09-16 15:29:09 +02:00			`if (sender?.isLocal()) {`
			`return context.json(`
refactor(federation): :recycle: Correctly handle bridge requests and instance signatures in user inboxes 2024-11-23 23:02:18 +01:00			`{`
			`error: "Cannot process federation requests from local users",`
			`},`
refactor(api): :recycle: More OpenAPI refactoring work 2024-09-16 15:29:09 +02:00			`400,`
			`);`
			`}`

refactor(federation): :recycle: Correctly handle bridge requests and instance signatures in user inboxes 2024-11-23 23:02:18 +01:00			`const remoteInstance = sender`
			`? await Instance.fromUser(sender)`
			`: await Instance.resolveFromHost(signedBy.split(" ")[1]);`

			`if (!remoteInstance) {`
			`return context.json(`
			`{ error: "Could not resolve the remote instance." },`
			`500,`
			`);`
			`}`

refactor(federation): :recycle: Move incoming federation handling to custom class 2024-11-01 20:42:32 +01:00			`const processor = new InboxProcessor(`
			`context,`
			`body,`
refactor(federation): :recycle: Correctly handle bridge requests and instance signatures in user inboxes 2024-11-23 23:02:18 +01:00			`remoteInstance,`
refactor(federation): :recycle: Move incoming federation handling to custom class 2024-11-01 20:42:32 +01:00			`{`
refactor(federation): :recycle: Refactor user inbox API to reduce complexity 2024-10-28 13:13:50 +01:00			`signature,`
			`nonce,`
refactor(federation): :recycle: Move incoming federation handling to custom class 2024-11-01 20:42:32 +01:00			`authorization,`
refactor(federation): :recycle: Refactor user inbox API to reduce complexity 2024-10-28 13:13:50 +01:00			`},`
refactor(federation): :recycle: Move incoming federation handling to custom class 2024-11-01 20:42:32 +01:00			`logger,`
refactor(federation): :recycle: Refactor user inbox API to reduce complexity 2024-10-28 13:13:50 +01:00			`);`

refactor(federation): :recycle: Move incoming federation handling to custom class 2024-11-01 20:42:32 +01:00			`return await processor.process();`
			`}),`
			`);`