When deduplicating IRIs in a user's inbox, the library tries to
dereference the IRI to... obtain the ID. I must have added this when I
had no idea what I was doing. Oh my god, everyone's going to know I am
dumb! Quick, don't read this commit message, I'll just finish typing
this sentence over here.
Well, it's fixed now.
This helps ensure that the code to detect specific ActivityStream types
continues to live in the code-generation algorithms, reducing
maintenance burdens.
Non Interface Behavior Changes:
- Robust header detection for ActivityPub requests
- No more panic because of a Bto access after a Bcc condition
- PostOutbox Undo activities now required to have matching actors
Interface Behavior Changes:
- PostOutbox activities themselves are now passed to App.Set
- Authentication/Authorization in a SocialAPIVerifier no longer
shadowed and ignored.
- Add activities can now fetch remote objects (not permanent)
The behavior changes are justified as having been broken bugs that would
have not met a developer's expectations. So including them as part of
the next release maintains major version 0 behavior compatibility.
He who fights with monsters should be careful lest he thereby become a monster.
And if thou gaze long into an abyss, the abyss will also gaze into thee.
This also incorporates some interface changes to permit both HTTP
Signatures and other forms of authentication and authorization when
accessing data. This means support for something like OAuth2 should be
doable in conjunction with HTTP Signatures.
Tests are broken; this commit should not be used as a build point.
Also, bugfix the time.Now calls to use the federator's clock instead.
This is how it should have been done in the beginning, but is necessary
for the tests since the HTTP Signatures by default sign the dates in the
headers. And I noticed said dates were being populated by time.Now
instead of the mock-able Clock.
We simply prevent adding a duplicate likes, liked, following, or
follower based on the IRI of the element being added to the collection.
Adds corresponding black box tests.
Note that this deduplication does not cover the inbox.
These generally include improving the handling of OrderedCollections and
IRIs. Note that improvement to setting IRI'd fetches from the
implementing application were made.
Improve the handing of AutoAccept and AutoReject follows. If there are
no owned objects in the Activity, we prevent sending the automatic reply
in case the implemented application is not checking for ownership of the
object of the original Follow activity.
Note that some other tests were impacted due to a change to keep
modifications to collections on objects/actors at parity when calling
get and set on the App.
Fix normalizing the recipents between the object and the activity. Also
allow the handlers to adjust what gets placed in the outbox, since the
client-to-server API allows the server to modify the object before being
delivered.
Also refactored the likes/liked add-to-collections logic so that they
are also applicable for following and followers collections. This code
is still as ugly as sin.
This was uncovered during writing tests where both the Social and
Federative APIs are enabled. The actorObject interface was overused
partially due to my earlier confusion; the introduction of the internal
actor interface resolved this.
Finally, the HttpClient interface was introduced to be able to mock out
calls in testing. It may also prove useful for future applications using
this library.