From 4ca7c6c32862191d8836c48ddc299caf8677ddce Mon Sep 17 00:00:00 2001
From: Daniel Supernault <danielsupernault@gmail.com>
Date: Tue, 13 Aug 2024 00:00:51 -0600
Subject: [PATCH] Add preliminary Authorize Interaction support

---
 .../AuthorizeInteractionController.php        | 37 +++++++++++++++++++
 app/Http/Controllers/FederationController.php |  4 ++
 app/Util/Lexer/RestrictedNames.php            |  3 ++
 app/Util/Webfinger/Webfinger.php              | 15 ++++++--
 routes/web.php                                |  3 +-
 5 files changed, 57 insertions(+), 5 deletions(-)
 create mode 100644 app/Http/Controllers/AuthorizeInteractionController.php

diff --git a/app/Http/Controllers/AuthorizeInteractionController.php b/app/Http/Controllers/AuthorizeInteractionController.php
new file mode 100644
index 000000000..701ee06f1
--- /dev/null
+++ b/app/Http/Controllers/AuthorizeInteractionController.php
@@ -0,0 +1,37 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Util\ActivityPub\Helpers;
+use Illuminate\Http\Request;
+
+class AuthorizeInteractionController extends Controller
+{
+    public function get(Request $request)
+    {
+        $request->validate([
+            'uri' => 'required|url',
+        ]);
+
+        abort_unless((bool) config_cache('federation.activitypub.enabled'), 404);
+
+        $uri = Helpers::validateUrl($request->input('uri'), true);
+        abort_unless($uri, 404);
+
+        if (! $request->user()) {
+            return redirect('/login?next='.urlencode($uri));
+        }
+
+        $status = Helpers::statusFetch($uri);
+        if ($status && isset($status['id'])) {
+            return redirect('/i/web/post/'.$status['id']);
+        }
+
+        $profile = Helpers::profileFetch($uri);
+        if ($profile && isset($profile['id'])) {
+            return redirect('/i/web/profile/'.$profile['id']);
+        }
+
+        return redirect('/i/web');
+    }
+}
diff --git a/app/Http/Controllers/FederationController.php b/app/Http/Controllers/FederationController.php
index 5738292f1..15570eb6b 100644
--- a/app/Http/Controllers/FederationController.php
+++ b/app/Http/Controllers/FederationController.php
@@ -66,6 +66,10 @@ class FederationController extends Controller
                         'type' => 'application/activity+json',
                         'href' => 'https://'.$domain.'/i/actor',
                     ],
+                    [
+                        'rel' => 'http://ostatus.org/schema/1.0/subscribe',
+                        'template' => 'https://'.$domain.'/authorize_interaction?uri={uri}',
+                    ],
                 ],
             ];
 
diff --git a/app/Util/Lexer/RestrictedNames.php b/app/Util/Lexer/RestrictedNames.php
index 9d88b0da1..0974f2a9c 100644
--- a/app/Util/Lexer/RestrictedNames.php
+++ b/app/Util/Lexer/RestrictedNames.php
@@ -83,6 +83,9 @@ class RestrictedNames
         'admin',
         'administrator',
 
+        // Federation
+        'authorize_interaction',
+
         // Static Assets
         'assets',
         'public',
diff --git a/app/Util/Webfinger/Webfinger.php b/app/Util/Webfinger/Webfinger.php
index c900358e6..3897fc162 100644
--- a/app/Util/Webfinger/Webfinger.php
+++ b/app/Util/Webfinger/Webfinger.php
@@ -5,8 +5,11 @@ namespace App\Util\Webfinger;
 class Webfinger
 {
     protected $user;
+
     protected $subject;
+
     protected $aliases;
+
     protected $links;
 
     public function __construct($user)
@@ -30,17 +33,17 @@ class Webfinger
         ];
         $this->links = [
             [
-                'rel'  => 'http://webfinger.net/rel/profile-page',
+                'rel' => 'http://webfinger.net/rel/profile-page',
                 'type' => 'text/html',
                 'href' => $user->url(),
             ],
             [
-                'rel'  => 'http://schemas.google.com/g/2010#updates-from',
+                'rel' => 'http://schemas.google.com/g/2010#updates-from',
                 'type' => 'application/atom+xml',
                 'href' => $user->permalink('.atom'),
             ],
             [
-                'rel'  => 'self',
+                'rel' => 'self',
                 'type' => 'application/activity+json',
                 'href' => $user->permalink(),
             ],
@@ -49,6 +52,10 @@ class Webfinger
                 'type' => $avatarType,
                 'href' => $avatar,
             ],
+            [
+                'rel' => 'http://ostatus.org/schema/1.0/subscribe',
+                'template' => 'https://'.config_cache('pixelfed.domain.app').'/authorize_interaction?uri={uri}',
+            ],
         ];
     }
 
@@ -57,7 +64,7 @@ class Webfinger
         return [
             'subject' => $this->subject,
             'aliases' => $this->aliases,
-            'links'   => $this->links,
+            'links' => $this->links,
         ];
     }
 }
diff --git a/routes/web.php b/routes/web.php
index 00e9e201a..16d05b22a 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -5,6 +5,7 @@ Route::domain(config('pixelfed.domain.app'))->middleware(['validemail', 'twofact
     Route::redirect('/home', '/')->name('home');
     Route::get('web/directory', 'LandingController@directoryRedirect');
     Route::get('web/explore', 'LandingController@exploreRedirect');
+    Route::get('authorize_interaction', 'AuthorizeInteractionController@get');
 
     Auth::routes();
     Route::get('auth/raw/mastodon/start', 'RemoteAuthController@startRedirect');
@@ -67,7 +68,7 @@ Route::domain(config('pixelfed.domain.app'))->middleware(['validemail', 'twofact
         Route::get('lang/{locale}', 'SiteController@changeLocale');
         Route::get('restored', 'AccountController@accountRestored');
 
-        Route::get('verify-email', 'AccountController@verifyEmail');
+        Route::get('verify-email', 'AccountController@verifyEmail')->name('account.verify_email');
         Route::post('verify-email', 'AccountController@sendVerifyEmail');
         Route::get('verify-email/request', 'InternalApiController@requestEmailVerification');
         Route::post('verify-email/request', 'InternalApiController@requestEmailVerificationStore');