Move: support same-server domain migrations (#1530)

* first pass from AI generation. Needs work

* reign in the chaos

* move logic into models

* Move constructor to below properties

* Update function name

* Don't show `movedTo` on the same ID

* DRY old domain handling

* Add options to delete list on uninstall

Updates blog user option to retain naming convention.

* Register user option

* Move actor saving inline

* changelog

* Remove all followers on `Move` to allow the new Actor to be re-followed

* lint lol

* Fix indent after merge

* Combine conditional on host

* Fix unit test

* First pass at testing change_domain

* Revert "lint lol"

This reverts commit c50a441.

* Revert "Remove all followers on `Move` to allow the new Actor to be re-followed"

This reverts commit 1d8948f.

* Encapsulate domain check

* Remove unused defaults

* Hook in with feature flag

* Add filters and handle username in callback

* Remove unused import

* Add unit tests for old actors

* Update reason for pre_update_option hook.

* Instantiate old actors through filters

* Remove unused import

* use query instead of Http client

* store check

* simplify code

* call action before sending an Activity to inboxes

* check class attribute before generation an id

* make old domain request setable

* Account for old domain in two more places

* Fix json creation on update_option_home

* Fix tests

* fix phpcs

* use \WP_Error

* Domain -> Host

* global namespace

* replace `get_collection` with `get_all`

Even if `get_collection` is returning the correct result, it is very specific to the API endpoint and might change over time, so we should not rely on it here.

---------

Co-authored-by: Konstantin Obenland <[email protected]>
Co-authored-by: Matthias Pfefferle <[email protected]>

Author: 3 people

.github/changelog/add-same-server-domain-move

@@ -0,0 +1,4 @@
+Significance: major
+Type: added
+
+Support same-server domain migrations ⏩

activitypub.php

@@ -76,6 +76,7 @@ function plugin_init() {
 	\add_action( 'init', array( __NAMESPACE__ . '\Mailer', 'init' ) );
 	\add_action( 'init', array( __NAMESPACE__ . '\Mention', 'init' ) );
 	\add_action( 'init', array( __NAMESPACE__ . '\Migration', 'init' ), 1 );
+	\add_action( 'init', array( __NAMESPACE__ . '\Move', 'init' ) );
 	\add_action( 'init', array( __NAMESPACE__ . '\Options', 'init' ) );
 	\add_action( 'init', array( __NAMESPACE__ . '\Scheduler', 'init' ) );
 

includes/class-activitypub.php

@@ -762,6 +762,15 @@ public static function register_user_meta() {
 			)
 		);
 
+		\register_meta(
+			'user',
+			$blog_prefix . 'activitypub_old_host_data',
+			array(
+				'description' => 'Actor object for the user on the old host.',
+				'single'      => true,
+			)
+		);
+
 		\register_meta(
 			'user',
 			$blog_prefix . 'activitypub_moved_to',

includes/class-dispatcher.php

@@ -203,6 +203,15 @@ private static function send_to_inboxes( $inboxes, $outbox_item_id ) {
 		$actor   = Outbox::get_actor( \get_post( $outbox_item_id ) );
 		$retries = array();
 
+		/**
+		 * Fires before sending an Activity to inboxes.
+		 *
+		 * @param string $json           The ActivityPub Activity JSON.
+		 * @param array  $inboxes        The inboxes to send to.
+		 * @param int    $outbox_item_id The Outbox item ID.
+		 */
+		\do_action( 'activitypub_pre_send_to_inboxes', $json, $inboxes, $outbox_item_id );
+
 		foreach ( $inboxes as $inbox ) {
 			$result = safe_remote_post( $inbox, $json, $actor->get__id() );
 

includes/class-move.php

@@ -10,13 +10,42 @@
 use Activitypub\Activity\Actor;
 use Activitypub\Activity\Activity;
 use Activitypub\Collection\Actors;
+use Activitypub\Model\Blog;
+use Activitypub\Model\User;
 
 /**
  * ActivityPub (Account) Move Class
  *
  * @author Matthias Pfefferle
  */
 class Move {
+
+	/**
+	 * Initialize the Move class.
+	 */
+	public static function init() {
+		/**
+		 * Filter to enable automatically moving Fediverse accounts when the domain changes.
+		 *
+		 * @param bool $domain_moves_enabled Whether domain moves are enabled.
+		 */
+		$domain_moves_enabled = apply_filters( 'activitypub_enable_primary_domain_moves', false );
+
+		if ( $domain_moves_enabled ) {
+			// Add the filter to change the domain.
+			\add_filter( 'update_option_home', array( self::class, 'change_domain' ), 10, 2 );
+
+			if ( get_option( 'activitypub_old_host' ) ) {
+				\add_action( 'activitypub_construct_model_actor', array( self::class, 'maybe_initiate_old_user' ) );
+				\add_action( 'activitypub_pre_send_to_inboxes', array( self::class, 'pre_send_to_inboxes' ) );
+
+				if ( ! is_user_type_disabled( 'blog' ) ) {
+					\add_filter( 'activitypub_pre_get_by_username', array( self::class, 'old_blog_username' ), 10, 2 );
+				}
+			}
+		}
+	}
+
 	/**
 	 * Move an ActivityPub account from one location to another.
 	 *
@@ -161,4 +190,124 @@ private static function update_blog_also_known_as( $from ) {
 
 		\update_option( 'activitypub_blog_user_also_known_as', $also_known_as );
 	}
+
+	/**
+	 * Change domain for all ActivityPub Actors.
+	 *
+	 * This method handles domain migration according to the ActivityPub Data Portability spec.
+	 * It stores the old host and calls Move::internally for each available profile.
+	 * It also caches the JSON representation of the old Actor for future lookups.
+	 *
+	 * @param string $from The old domain.
+	 * @param string $to   The new domain.
+	 *
+	 * @return array Array of results from Move::internally calls.
+	 */
+	public static function change_domain( $from, $to ) {
+		// Get all actors that need to be migrated.
+		$actors = Actors::get_all();
+
+		$results   = array();
+		$to_host   = \wp_parse_url( $to, \PHP_URL_HOST );
+		$from_host = \wp_parse_url( $from, \PHP_URL_HOST );
+
+		// Store the old host for future reference.
+		\update_option( 'activitypub_old_host', $from_host );
+
+		// Process each actor.
+		foreach ( $actors as $actor ) {
+			$actor_id = $actor->get_id();
+
+			// Replace the new host with the old host in the actor ID.
+			$old_actor_id = str_replace( $to_host, $from_host, $actor_id );
+
+			// Call Move::internally for this actor.
+			$result = self::internally( $old_actor_id, $actor_id );
+
+			if ( \is_wp_error( $result ) ) {
+				// Log the error and continue with the next actor.
+				Debug::write_log( 'Error moving actor: ' . $actor_id . ' - ' . $result->get_error_message() );
+				continue;
+			}
+
+			$json = str_replace( $to_host, $from_host, $actor->to_json() );
+
+			// Save the current actor data after migration.
+			if ( $actor instanceof Blog ) {
+				\update_option( 'activitypub_blog_user_old_host_data', $json, false );
+			} else {
+				\update_user_option( $actor->get__id(), 'activitypub_old_host_data', $json, false );
+			}
+
+			$results[] = array(
+				'actor'  => $actor_id,
+				'result' => $result,
+			);
+		}
+
+		return $results;
+	}
+
+	/**
+	 * Maybe initiate old user.
+	 *
+	 * This method checks if the current request domain matches the old host.
+	 * If it does, it retrieves the cached data for the user and populates the instance.
+	 *
+	 * @param Blog|User $instance The Blog or User instance to populate.
+	 */
+	public static function maybe_initiate_old_user( $instance ) {
+		if ( ! Query::get_instance()->is_old_host_request() ) {
+			return;
+		}
+
+		if ( $instance instanceof Blog ) {
+			$cached_data = \get_option( 'activitypub_blog_user_old_host_data' );
+		} elseif ( $instance instanceof User ) {
+			$cached_data = \get_user_option( 'activitypub_old_host_data', $instance->get__id() );
+		}
+
+		if ( ! empty( $cached_data ) ) {
+			$instance->from_json( $cached_data );
+		}
+	}
+
+	/**
+	 * Pre-send to inboxes.
+	 *
+	 * @param string $json The ActivityPub Activity JSON.
+	 */
+	public static function pre_send_to_inboxes( $json ) {
+		$json = json_decode( $json, true );
+
+		if ( 'Move' !== $json['type'] ) {
+			return;
+		}
+
+		if ( is_same_domain( $json['object'] ) ) {
+			return;
+		}
+
+		Query::get_instance()->set_old_host_request();
+	}
+
+	/**
+	 * Filter to return the old blog username.
+	 *
+	 * @param null   $pre      The pre-existing value.
+	 * @param string $username The username to check.
+	 *
+	 * @return Blog|null The old blog instance or null.
+	 */
+	public static function old_blog_username( $pre, $username ) {
+		$old_host = \get_option( 'activitypub_old_host' );
+
+		// Special case for Blog Actor on old host.
+		if ( $old_host === $username && Query::get_instance()->is_old_host_request() ) {
+			// Return a new Blog instance which will load the cached data in its constructor.
+			$pre = new Blog();
+		}
+
+		return $pre;
+	}
 }

includes/class-query.php

@@ -48,6 +48,13 @@ class Query {
 	 */
 	private $is_activitypub_request;
 
+	/**
+	 * Whether the current request is from the old host.
+	 *
+	 * @var bool
+	 */
+	private $is_old_host_request;
+
 	/**
 	 * The constructor.
 	 */
@@ -305,4 +312,40 @@ public function is_activitypub_request() {
 
 		return false;
 	}
+
+	/**
+	 * Check if the current request is from the old host.
+	 *
+	 * @return bool True if the request is from the old host, false otherwise.
+	 */
+	public function is_old_host_request() {
+		if ( isset( $this->is_old_host_request ) ) {
+			return $this->is_old_host_request;
+		}
+
+		$old_host = \get_option( 'activitypub_old_host' );
+
+		if ( ! $old_host ) {
+			$this->is_old_host_request = false;
+			return false;
+		}
+
+		$request_host = isset( $_SERVER['HTTP_HOST'] ) ? \sanitize_text_field( \wp_unslash( $_SERVER['HTTP_HOST'] ) ) : '';
+		$referer_host = isset( $_SERVER['HTTP_REFERER'] ) ? \wp_parse_url( \sanitize_text_field( \wp_unslash( $_SERVER['HTTP_REFERER'] ) ), PHP_URL_HOST ) : '';
+
+		// Check if the domain matches either the request domain or referer.
+		$check                     = $old_host === $request_host || $old_host === $referer_host;
+		$this->is_old_host_request = $check;
+
+		return $check;
+	}
+
+	/**
+	 * Fake an old host request.
+	 *
+	 * @param bool $state Optional. The state to set. Default true.
+	 */
+	public function set_old_host_request( $state = true ) {
+		$this->is_old_host_request = $state;
+	}
 }

includes/class-signature.php

@@ -267,17 +267,11 @@ public static function verify_http_signature( $request ) {
 			$headers['(request-target)'][0] = strtolower( $headers['request_method'][0] ) . ' ' . $headers['request_uri'][0];
 		}
 
-		if ( ! isset( $headers['signature'] ) ) {
-			return new WP_Error( 'activitypub_signature', __( 'Request not signed', 'activitypub' ), array( 'status' => 401 ) );
-		}
-
 		if ( array_key_exists( 'signature', $headers ) ) {
 			$signature_block = self::parse_signature_header( $headers['signature'][0] );
 		} elseif ( array_key_exists( 'authorization', $headers ) ) {
 			$signature_block = self::parse_signature_header( $headers['authorization'][0] );
-		}
-
-		if ( ! isset( $signature_block ) || ! $signature_block ) {
+		} else {
 			return new WP_Error( 'activitypub_signature', __( 'Incompatible request signature. keyId and signature are required', 'activitypub' ), array( 'status' => 401 ) );
 		}
 

includes/collection/class-actors.php

@@ -76,6 +76,17 @@ public static function get_by_id( $user_id ) {
 	 * @return User|Blog|Application|WP_Error The Actor or WP_Error if user not found.
 	 */
 	public static function get_by_username( $username ) {
+		/**
+		 * Filter the username before we do anything else.
+		 *
+		 * @param null   $pre      The pre-existing value.
+		 * @param string $username The username.
+		 */
+		$pre = apply_filters( 'activitypub_pre_get_by_username', null, $username );
+		if ( null !== $pre ) {
+			return $pre;
+		}
+
 		// Check for blog user.
 		if ( Blog::get_default_username() === $username ) {
 			return new Blog();
@@ -110,7 +121,10 @@ public static function get_by_username( $username ) {
 		);
 
 		if ( $user->results ) {
-			return self::get_by_id( $user->results[0] );
+			$actor = self::get_by_id( $user->results[0] );
+			if ( ! \is_wp_error( $actor ) ) {
+				return $actor;
+			}
 		}
 
 		$username = str_replace( array( '*', '%' ), '', $username );
@@ -128,7 +142,10 @@ public static function get_by_username( $username ) {
 		);
 
 		if ( $user->results ) {
-			return self::get_by_id( $user->results[0] );
+			$actor = self::get_by_id( $user->results[0] );
+			if ( ! \is_wp_error( $actor ) ) {
+				return $actor;
+			}
 		}
 
 		return new WP_Error(
@@ -164,6 +181,9 @@ public static function get_by_resource( $uri ) {
 			$scheme = \esc_attr( $match[1] );
 		}
 
+		// @todo: handle old domain URIs here before we serve a new domain below when we shouldn't.
+		// Although maybe passing through to ::get_by_username() is enough?
+
 		switch ( $scheme ) {
 			// Check for http(s) URIs.
 			case 'http':
@@ -217,7 +237,7 @@ public static function get_by_resource( $uri ) {
 				$host       = normalize_host( \substr( \strrchr( $uri, '@' ), 1 ) );
 				$blog_host  = normalize_host( \wp_parse_url( \home_url( '/' ), \PHP_URL_HOST ) );
 
-				if ( $blog_host !== $host ) {
+				if ( $blog_host !== $host && get_option( 'activitypub_old_host' ) !== $host ) {
 					return new WP_Error(
 						'activitypub_wrong_host',
 						\__( 'Resource host does not match blog host', 'activitypub' ),
@@ -299,6 +319,43 @@ public static function get_collection() {
 		return $return;
 	}
 
+	/**
+	 * Get all active Actors including the Blog Actor.
+	 *
+	 * @return array The actor collection.
+	 */
+	public static function get_all() {
+		$return = array();
+
+		if ( ! is_user_type_disabled( 'user' ) ) {
+			$users = \get_users(
+				array(
+					'capability__in' => array( 'activitypub' ),
+				)
+			);
+
+			foreach ( $users as $user ) {
+				$actor = User::from_wp_user( $user->ID );
+
+				if ( \is_wp_error( $actor ) ) {
+					continue;
+				}
+
+				$return[] = $actor;
+			}
+		}
+
+		// Also include the blog actor if active.
+		if ( ! is_user_type_disabled( 'blog' ) ) {
+			$blog_actor = self::get_by_id( self::BLOG_USER_ID );
+			if ( ! \is_wp_error( $blog_actor ) ) {
+				$return[] = $blog_actor;
+			}
+		}
+
+		return $return;
+	}
+
 	/**
 	 * Returns the actor type based on the user ID.
 	 *