From d34884fc6dd493319ca4dee5cdf099f90216bf73 Mon Sep 17 00:00:00 2001 From: Fabien O'Carroll Date: Thu, 18 Apr 2024 02:21:10 +0700 Subject: [PATCH] Moved ActivityPub API to frontend URL ref https://linear.app/tryghost/issue/MOM-48 This required some structural changes to our NestJS setup so that we can mount it on multiple parts of the Ghost express app. We've used the RouterModule to allow adding submodules that are mounted on different paths, and we've had to be explicit about the base path for each module. We've also had to switch back to using the Module decorator, because RouterModule doesn't work with DynamicModule definitions. Now that the NestJS app has knowledge of the full path, we need to "reset" the url & baseUrl when passing the request into NestJS so that it can correctly match the path. This is probably needed for the frontend too, for subdirs, but that causes further issues - as this in prototype stage, we'll look later Another issue is that NestJS replaces the express app instance with its own, which isn't an issue for the Admin API (though we've fixed it anyway for consistency), but did cause problems for the frontend, because the express app is where view engine and directory information is stored. The fix for this is to save a reference to the original ghost express application, and reattach it to the request if it is not handled by Nest Now that we have the Nest app mounted on the frontend, we're able to have it handle the /.well-known/webfinger route with a proper controller, which is nice! --- ghost/core/core/boot.js | 2 +- ghost/core/core/frontend/web/site.js | 29 ++++++++++--------- .../server/web/api/endpoints/admin/app.js | 11 ++++++- .../admin/controllers/example.controller.ts | 9 +++++- .../admin/controllers/webfinger.controller.ts | 17 +++++++++++ .../src/nestjs/modules/activitypub.module.ts | 20 +++++++++++++ .../src/nestjs/modules/admin-api.module.ts | 27 +++++------------ ghost/ghost/src/nestjs/modules/app.module.ts | 29 ++++++++++--------- 8 files changed, 93 insertions(+), 51 deletions(-) create mode 100644 ghost/ghost/src/http/admin/controllers/webfinger.controller.ts create mode 100644 ghost/ghost/src/nestjs/modules/activitypub.module.ts diff --git a/ghost/core/core/boot.js b/ghost/core/core/boot.js index 3644e39c97..a11fad8a26 100644 --- a/ghost/core/core/boot.js +++ b/ghost/core/core/boot.js @@ -389,7 +389,7 @@ async function initNestDependencies() { const GhostNestApp = require('@tryghost/ghost'); const providers = []; const urlUtils = require('./shared/url-utils'); - const activityPubBaseUrl = new URL('activitypub', urlUtils.urlFor('api', {type: 'admin'}, true)); + const activityPubBaseUrl = new URL('activitypub', urlUtils.urlFor('home', true)); providers.push({ provide: 'logger', useValue: require('@tryghost/logging') diff --git a/ghost/core/core/frontend/web/site.js b/ghost/core/core/frontend/web/site.js index cbe9fadfa6..554e5f7bf4 100644 --- a/ghost/core/core/frontend/web/site.js +++ b/ghost/core/core/frontend/web/site.js @@ -50,6 +50,21 @@ module.exports = function setupSiteApp(routerConfig) { // enable CORS headers (allows admin client to hit front-end when configured on separate URLs) siteApp.use(mw.cors); + siteApp.use(async (req, res, next) => { + if (labs.isSet('NestPlayground') || labs.isSet('ActivityPub')) { + const originalExpressApp = req.app; + const app = await GhostNestApp.getApp(); + + const instance = app.getHttpAdapter().getInstance(); + instance(req, res, function (err) { + req.app = originalExpressApp; + next(err); + }); + return; + } + return next(); + }); + siteApp.use(offersService.middleware); siteApp.use(linkRedirects.service.handleRequest); @@ -103,20 +118,6 @@ module.exports = function setupSiteApp(routerConfig) { // Recommendations well-known siteApp.use(mw.servePublicFile('built', '.well-known/recommendations.json', 'application/json', config.get('caching:publicAssets:maxAge'), {disableServerCache: true})); - siteApp.get('/.well-known/webfinger', async function (req, res, next) { - if (!labs.isSet('ActivityPub')) { - return next(); - } - const webfingerService = await GhostNestApp.resolve('WebFingerService'); - - try { - const result = await webfingerService.getResource(req.query.resource); - res.json(result); - } catch (err) { - next(err); - } - }); - // setup middleware for internal apps // @TODO: refactor this to be a proper app middleware hook for internal apps config.get('apps:internal').forEach((appName) => { diff --git a/ghost/core/core/server/web/api/endpoints/admin/app.js b/ghost/core/core/server/web/api/endpoints/admin/app.js index 1930a4c51f..b458efc94f 100644 --- a/ghost/core/core/server/web/api/endpoints/admin/app.js +++ b/ghost/core/core/server/web/api/endpoints/admin/app.js @@ -37,8 +37,17 @@ module.exports = function setupApiApp() { apiApp.use(async (req, res, next) => { if (labs.isSet('NestPlayground') || labs.isSet('ActivityPub')) { + const originalExpressApp = req.app; const app = await GhostNestApp.getApp(); - app.getHttpAdapter().getInstance()(req, res, next); + + const instance = app.getHttpAdapter().getInstance(); + instance(Object.assign({}, req, { + url: req.originalUrl, + baseUrl: '' + }), res, function (err) { + req.app = originalExpressApp; + next(err); + }); return; } return next(); diff --git a/ghost/ghost/src/http/admin/controllers/example.controller.ts b/ghost/ghost/src/http/admin/controllers/example.controller.ts index a7c5540c46..748b3af2bd 100644 --- a/ghost/ghost/src/http/admin/controllers/example.controller.ts +++ b/ghost/ghost/src/http/admin/controllers/example.controller.ts @@ -8,11 +8,18 @@ import { Controller, Get, - Param + Param, + UseGuards, + UseInterceptors } from '@nestjs/common'; import {Roles} from '../../../common/decorators/permissions.decorator'; import {ExampleService} from '../../../core/example/example.service'; +import {LocationHeaderInterceptor} from '../../../nestjs/interceptors/location-header.interceptor'; +import {AdminAPIAuthentication} from '../../../nestjs/guards/admin-api-authentication.guard'; +import {PermissionsGuard} from '../../../nestjs/guards/permissions.guard'; +@UseInterceptors(LocationHeaderInterceptor) +@UseGuards(AdminAPIAuthentication, PermissionsGuard) @Controller('greetings') export class ExampleController { constructor(private readonly service: ExampleService) {} diff --git a/ghost/ghost/src/http/admin/controllers/webfinger.controller.ts b/ghost/ghost/src/http/admin/controllers/webfinger.controller.ts new file mode 100644 index 0000000000..68552ebc91 --- /dev/null +++ b/ghost/ghost/src/http/admin/controllers/webfinger.controller.ts @@ -0,0 +1,17 @@ +import {Controller, Get, Query} from '@nestjs/common'; +import {WebFingerService} from '../../../core/activitypub/webfinger.service'; + +@Controller('.well-known/webfinger') +export class WebFingerController { + constructor( + private readonly service: WebFingerService + ) {} + + @Get('') + async getResource(@Query('resource') resource: unknown) { + if (typeof resource !== 'string') { + throw new Error('Bad Request'); + } + return await this.service.getResource(resource); + } +} diff --git a/ghost/ghost/src/nestjs/modules/activitypub.module.ts b/ghost/ghost/src/nestjs/modules/activitypub.module.ts new file mode 100644 index 0000000000..81ba321842 --- /dev/null +++ b/ghost/ghost/src/nestjs/modules/activitypub.module.ts @@ -0,0 +1,20 @@ +import {Module} from '@nestjs/common'; +import {ActorRepositoryInMemory} from '../../db/in-memory/actor.repository.in-memory'; +import {ActivityPubController} from '../../http/admin/controllers/activitypub.controller'; +import {WebFingerService} from '../../core/activitypub/webfinger.service'; +import {JSONLDService} from '../../core/activitypub/jsonld.service'; +import {WebFingerController} from '../../http/admin/controllers/webfinger.controller'; + +@Module({ + controllers: [ActivityPubController, WebFingerController], + exports: [], + providers: [ + { + provide: 'ActorRepository', + useClass: ActorRepositoryInMemory + }, + WebFingerService, + JSONLDService + ] +}) +export class ActivityPubModule {} diff --git a/ghost/ghost/src/nestjs/modules/admin-api.module.ts b/ghost/ghost/src/nestjs/modules/admin-api.module.ts index 2b70bf05b8..ce04e7517f 100644 --- a/ghost/ghost/src/nestjs/modules/admin-api.module.ts +++ b/ghost/ghost/src/nestjs/modules/admin-api.module.ts @@ -1,30 +1,17 @@ -import {DynamicModule} from '@nestjs/common'; +import {Module} from '@nestjs/common'; import {ExampleController} from '../../http/admin/controllers/example.controller'; import {ExampleService} from '../../core/example/example.service'; import {ExampleRepositoryInMemory} from '../../db/in-memory/example.repository.in-memory'; -import {ActorRepositoryInMemory} from '../../db/in-memory/actor.repository.in-memory'; -import {ActivityPubController} from '../../http/admin/controllers/activitypub.controller'; -import {WebFingerService} from '../../core/activitypub/webfinger.service'; -import {JSONLDService} from '../../core/activitypub/jsonld.service'; -class AdminAPIModuleClass {} - -export const AdminAPIModule: DynamicModule = { - module: AdminAPIModuleClass, - controllers: [ExampleController, ActivityPubController], - exports: [ExampleService, 'WebFingerService'], +@Module({ + controllers: [ExampleController], + exports: [ExampleService], providers: [ ExampleService, { provide: 'ExampleRepository', useClass: ExampleRepositoryInMemory - }, { - provide: 'ActorRepository', - useClass: ActorRepositoryInMemory - }, { - provide: 'WebFingerService', - useClass: WebFingerService - }, - JSONLDService + } ] -}; +}) +export class AdminAPIModule {} diff --git a/ghost/ghost/src/nestjs/modules/app.module.ts b/ghost/ghost/src/nestjs/modules/app.module.ts index db7e997e9a..40fad9d9aa 100644 --- a/ghost/ghost/src/nestjs/modules/app.module.ts +++ b/ghost/ghost/src/nestjs/modules/app.module.ts @@ -1,19 +1,29 @@ import {DynamicModule} from '@nestjs/common'; -import {APP_FILTER, APP_GUARD, APP_INTERCEPTOR} from '@nestjs/core'; +import {APP_FILTER, RouterModule} from '@nestjs/core'; import {AdminAPIModule} from './admin-api.module'; import {NotFoundFallthroughExceptionFilter} from '../filters/not-found-fallthrough.filter'; import {ExampleListener} from '../../listeners/example.listener'; -import {AdminAPIAuthentication} from '../guards/admin-api-authentication.guard'; -import {PermissionsGuard} from '../guards/permissions.guard'; -import {LocationHeaderInterceptor} from '../interceptors/location-header.interceptor'; import {GlobalExceptionFilter} from '../filters/global-exception.filter'; +import {ActivityPubModule} from './activitypub.module'; class AppModuleClass {} export const AppModule: DynamicModule = { global: true, module: AppModuleClass, - imports: [AdminAPIModule], + imports: [ + RouterModule.register([ + { + path: 'ghost/api/admin', + module: AdminAPIModule + }, { + path: '', + module: ActivityPubModule + } + ]), + AdminAPIModule, + ActivityPubModule + ], exports: [], controllers: [], providers: [ @@ -24,15 +34,6 @@ export const AppModule: DynamicModule = { }, { provide: APP_FILTER, useClass: NotFoundFallthroughExceptionFilter - }, { - provide: APP_GUARD, - useClass: AdminAPIAuthentication - }, { - provide: APP_GUARD, - useClass: PermissionsGuard - }, { - provide: APP_INTERCEPTOR, - useClass: LocationHeaderInterceptor } ] };