akkoma/lib/pleroma/web/mastodon_api/websocket_handler.ex

# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only

defmodule Pleroma.Web.MastodonAPI.WebsocketHandler do
  require Logger

  alias Pleroma.Repo
  alias Pleroma.User
  alias Pleroma.Web.OAuth.Token
  alias Pleroma.Web.Streamer

  @behaviour :cowboy_websocket

  # Client ping period.
  @tick :timer.seconds(30)
  # Cowboy timeout period.
  @timeout :timer.seconds(60)
  # Hibernate every X messages
  @hibernate_every 100

  def init(%{qs: qs} = req, state) do
    with params <- Enum.into(:cow_qs.parse_qs(qs), %{}),
         sec_websocket <- :cowboy_req.header("sec-websocket-protocol", req, nil),
         access_token <- Map.get(params, "access_token"),
         {:ok, user, oauth_token} <- authenticate_request(access_token, sec_websocket),
         {:ok, topic} <- Streamer.get_topic(params["stream"], user, oauth_token, params) do
      req =
        if sec_websocket do
          :cowboy_req.set_resp_header("sec-websocket-protocol", sec_websocket, req)
        else
          req
        end

      {:cowboy_websocket, req,
       %{
         user: user,
         topic: topic,
         count: 0,
         timer: nil,
         subscriptions: [],
         oauth_token: oauth_token
       }, %{idle_timeout: @timeout}}
    else
      {:error, :bad_topic} ->
        Logger.debug("#{__MODULE__} bad topic #{inspect(req)}")
        req = :cowboy_req.reply(404, req)
        {:ok, req, state}

      {:error, :unauthorized} ->
        Logger.debug("#{__MODULE__} authentication error: #{inspect(req)}")
        req = :cowboy_req.reply(401, req)
        {:ok, req, state}
    end
  end

  def websocket_init(state) do
    Logger.debug(
      "#{__MODULE__} accepted websocket connection for user #{(state.user || %{id: "anonymous"}).id}, topic #{state.topic}"
    )

    Streamer.add_socket(state.topic, state.oauth_token)
    {:ok, %{state | timer: timer()}}
  end

  # Client's Pong frame.
  def websocket_handle(:pong, state) do
    if state.timer, do: Process.cancel_timer(state.timer)
    {:ok, %{state | timer: timer()}}
  end

  # We only receive pings for now
  def websocket_handle(:ping, state), do: {:ok, state}

  def websocket_handle({:text, ping}, state) when ping in ~w[ping PING] do
    if state.timer, do: Process.cancel_timer(state.timer)
    {:reply, {:text, "pong"}, %{state | timer: timer()}}
  end

  def websocket_handle({:text, text}, state) do
    with {:ok, json} <- Jason.decode(text) do
      websocket_handle({:json, json}, state)
    else
      _ ->
        Logger.error("#{__MODULE__} received text frame: #{text}")
        {:ok, state}
    end
  end

  def websocket_handle(
        {:json, %{"type" => "subscribe", "stream" => stream_name}},
        %{user: user, oauth_token: token} = state
      ) do
    with {:ok, topic} <- Streamer.get_topic(stream_name, user, token, %{}) do
      new_subscriptions =
        [topic | Map.get(state, :subscriptions, [])]
        |> Enum.uniq()

      {:ok, _topic} = Streamer.add_socket(topic, user)

      {:ok, Map.put(state, :subscriptions, new_subscriptions)}
    else
      _ ->
        Logger.error("#{__MODULE__} received invalid topic: #{stream_name}")
        {:ok, state}
    end
  end

  def websocket_handle(frame, state) do
    Logger.error("#{__MODULE__} received frame: #{inspect(frame)}")
    {:ok, state}
  end

  def websocket_info({:render_with_user, view, template, item, topic}, state) do
    user = %User{} = User.get_cached_by_ap_id(state.user.ap_id)

    unless Streamer.filtered_by_user?(user, item) do
      websocket_info({:text, view.render(template, item, user, topic)}, %{state | user: user})
    else
      {:ok, state}
    end
  end

  def websocket_info({:text, message}, state) do
    # If the websocket processed X messages, force an hibernate/GC.
    # We don't hibernate at every message to balance CPU usage/latency with RAM usage.
    if state.count > @hibernate_every do
      {:reply, {:text, message}, %{state | count: 0}, :hibernate}
    else
      {:reply, {:text, message}, %{state | count: state.count + 1}}
    end
  end

  # Ping tick. We don't re-queue a timer there, it is instead queued when :pong is received.
  # As we hibernate there, reset the count to 0.
  # If the client misses :pong, Cowboy will automatically timeout the connection after
  # `@idle_timeout`.
  def websocket_info(:tick, state) do
    {:reply, :ping, %{state | timer: nil, count: 0}, :hibernate}
  end

  def websocket_info(:close, state) do
    {:stop, state}
  end

  # State can be `[]` only in case we terminate before switching to websocket,
  # we already log errors for these cases in `init/1`, so just do nothing here
  def terminate(_reason, _req, []), do: :ok

  def terminate(reason, _req, state) do
    Logger.debug(
      "#{__MODULE__} terminating websocket connection for user #{(state.user || %{id: "anonymous"}).id}, topic #{state.topic || "?"}: #{inspect(reason)}"
    )

    Streamer.remove_socket(state.topic)
    :ok
  end

  # Public streams without authentication.
  defp authenticate_request(nil, nil) do
    {:ok, nil, nil}
  end

  # Authenticated streams.
  defp authenticate_request(access_token, sec_websocket) do
    token = access_token || sec_websocket

    with true <- is_bitstring(token),
         oauth_token = %Token{user_id: user_id} <- Repo.get_by(Token, token: token),
         user = %User{} <- User.get_cached_by_id(user_id) do
      {:ok, user, oauth_token}
    else
      _ -> {:error, :unauthorized}
    end
  end

  defp timer do
    Process.send_after(self(), :tick, @tick)
  end
end
add license boilerplate to pleroma core 2018-12-23 20:04:54 +00:00			`# Pleroma: A lightweight social networking server`
Bump Copyright to 2021 grep -rl '# Copyright © .* Pleroma' * \| xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;' 2021-01-13 06:49:20 +00:00			`# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>`
add license boilerplate to pleroma core 2018-12-23 20:04:54 +00:00			`# SPDX-License-Identifier: AGPL-3.0-only`

Cowboy handler for Mastodon WebSocket 2018-12-17 13:39:59 +00:00			`defmodule Pleroma.Web.MastodonAPI.WebsocketHandler do`
			`require Logger`

de-group alias/es 2019-02-09 15:16:26 +00:00			`alias Pleroma.Repo`
			`alias Pleroma.User`
[Credo] fix Credo.Check.Readability.AliasOrder 2019-03-05 02:52:23 +00:00			`alias Pleroma.Web.OAuth.Token`
Revert "Merge branch 'revert-4fabf83a' into 'develop'" This reverts commit fe7fd331263007e0fb2877ef7370a09a9704da36, reversing changes made to 4fabf83ad01352442906d79187aeab4c777f4df8. 2019-09-16 10:03:37 +00:00			`alias Pleroma.Web.Streamer`
Cowboy handler for Mastodon WebSocket 2018-12-17 13:39:59 +00:00
mastodon api: websocket: update code for cowboy 2.x 2019-02-28 15:17:01 +00:00			`@behaviour :cowboy_websocket`
Cowboy handler for Mastodon WebSocket 2018-12-17 13:39:59 +00:00
Fix streamer timeout (closes #1753). Cowboy handles automatically responding to the client's ping, but doesn't automatically send a :ping frame to the client. 2020-05-11 14:28:53 +00:00			`# Client ping period.`
			`@tick :timer.seconds(30)`
Streamer rework 2020-05-07 09:13:32 +00:00			`# Cowboy timeout period.`
Fix streamer timeout (closes #1753). Cowboy handles automatically responding to the client's ping, but doesn't automatically send a :ping frame to the client. 2020-05-11 14:28:53 +00:00			`@timeout :timer.seconds(60)`
Streamer rework 2020-05-07 09:13:32 +00:00			`# Hibernate every X messages`
			`@hibernate_every 100`

mastodon websocket: bring back infinity timeout 2019-02-28 16:23:24 +00:00			`def init(%{qs: qs} = req, state) do`
Expand and authorize streams in Streamer directly 2020-05-12 16:04:47 +00:00			`with params <- Enum.into(:cow_qs.parse_qs(qs), %{}),`
MastoAPI Streaming: Keep compatibility with access_token 2019-07-06 18:26:08 +00:00			`sec_websocket <- :cowboy_req.header("sec-websocket-protocol", req, nil),`
Expand and authorize streams in Streamer directly 2020-05-12 16:04:47 +00:00			`access_token <- Map.get(params, "access_token"),`
[#2074] OAuth scope checking in Streaming API. 2020-09-19 16:16:55 +00:00			`{:ok, user, oauth_token} <- authenticate_request(access_token, sec_websocket),`
			`{:ok, topic} <- Streamer.get_topic(params["stream"], user, oauth_token, params) do`
Add `Sec-WebSocket-Protocol` to response header 2019-10-15 10:10:22 +00:00			`req =`
Apply suggestion to lib/pleroma/web/mastodon_api/websocket_handler.ex 2019-10-18 04:36:37 +00:00			`if sec_websocket do`
Add `Sec-WebSocket-Protocol` to response header 2019-10-15 10:10:22 +00:00			`:cowboy_req.set_resp_header("sec-websocket-protocol", sec_websocket, req)`
			`else`
			`req`
			`end`

API compatibility with fedibird, frontend config (#163) Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/163 2022-08-17 00:22:59 +00:00			`{:cowboy_websocket, req,`
			`%{`
			`user: user,`
			`topic: topic,`
			`count: 0,`
			`timer: nil,`
			`subscriptions: [],`
			`oauth_token: oauth_token`
			`}, %{idle_timeout: @timeout}}`
Cowboy handler for Mastodon WebSocket 2018-12-17 13:39:59 +00:00			`else`
Expand and authorize streams in Streamer directly 2020-05-12 16:04:47 +00:00			`{:error, :bad_topic} ->`
			`Logger.debug("#{__MODULE__} bad topic #{inspect(req)}")`
Websocket handler: fix never matching code on failed auth `:cowboy_req.reply` does not return tuples since 2.0, see https://ninenines.eu/docs/en/cowboy/2.4/manual/cowboy_req.reply/ 2020-09-10 18:26:52 +00:00			`req = :cowboy_req.reply(404, req)`
mastodon websocket: return errors using ok, not stop 2019-02-28 16:23:55 +00:00			`{:ok, req, state}`
Cowboy handler for Mastodon WebSocket 2018-12-17 13:39:59 +00:00
Expand and authorize streams in Streamer directly 2020-05-12 16:04:47 +00:00			`{:error, :unauthorized} ->`
			`Logger.debug("#{__MODULE__} authentication error: #{inspect(req)}")`
Websocket handler: fix never matching code on failed auth `:cowboy_req.reply` does not return tuples since 2.0, see https://ninenines.eu/docs/en/cowboy/2.4/manual/cowboy_req.reply/ 2020-09-10 18:26:52 +00:00			`req = :cowboy_req.reply(401, req)`
mastodon websocket: return errors using ok, not stop 2019-02-28 16:23:55 +00:00			`{:ok, req, state}`
Cowboy handler for Mastodon WebSocket 2018-12-17 13:39:59 +00:00			`end`
			`end`

mastodon api: websocket: update code for cowboy 2.x 2019-02-28 15:17:01 +00:00			`def websocket_init(state) do`
Streamer rework 2020-05-07 09:13:32 +00:00			`Logger.debug(`
CI: Bump lint stage to elixir-1.12 Elixir 1.12 changed formatting rules, this allows to avoid having to rollback to run `mix format` 2021-10-06 06:08:21 +00:00			`"#{__MODULE__} accepted websocket connection for user #{(state.user \|\| %{id: "anonymous"}).id}, topic #{state.topic}"`
Streamer rework 2020-05-07 09:13:32 +00:00			`)`

Disconnect streaming sessions when token is revoked Use Websockex to replace websocket_client Test that server will disconnect websocket upon token revocation Lint Execute session disconnect in background Refactor streamer test allow multi-streams rebase websocket change 2022-08-19 17:19:38 +00:00			`Streamer.add_socket(state.topic, state.oauth_token)`
Fix streamer timeout (closes #1753). Cowboy handles automatically responding to the client's ping, but doesn't automatically send a :ping frame to the client. 2020-05-11 14:28:53 +00:00			`{:ok, %{state \| timer: timer()}}`
			`end`

			`# Client's Pong frame.`
			`def websocket_handle(:pong, state) do`
			`if state.timer, do: Process.cancel_timer(state.timer)`
			`{:ok, %{state \| timer: timer()}}`
mastodon api: websocket: update code for cowboy 2.x 2019-02-28 15:17:01 +00:00			`end`

websocket handler: Do not log client ping frames as errors 2020-09-10 10:47:53 +00:00			`# We only receive pings for now`
			`def websocket_handle(:ping, state), do: {:ok, state}`

API compatibility with fedibird, frontend config (#163) Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/163 2022-08-17 00:22:59 +00:00			`def websocket_handle({:text, ping}, state) when ping in ~w[ping PING] do`
add bubble timeline (#100) Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/100 2022-07-22 14:55:38 +00:00			`if state.timer, do: Process.cancel_timer(state.timer)`
			`{:reply, {:text, "pong"}, %{state \| timer: timer()}}`
			`end`

API compatibility with fedibird, frontend config (#163) Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/163 2022-08-17 00:22:59 +00:00			`def websocket_handle({:text, text}, state) do`
			`with {:ok, json} <- Jason.decode(text) do`
			`websocket_handle({:json, json}, state)`
			`else`
			`_ ->`
			`Logger.error("#{__MODULE__} received text frame: #{text}")`
			`{:ok, state}`
			`end`
			`end`

			`def websocket_handle(`
			`{:json, %{"type" => "subscribe", "stream" => stream_name}},`
			`%{user: user, oauth_token: token} = state`
			`) do`
			`with {:ok, topic} <- Streamer.get_topic(stream_name, user, token, %{}) do`
			`new_subscriptions =`
			`[topic \| Map.get(state, :subscriptions, [])]`
			`\|> Enum.uniq()`

			`{:ok, _topic} = Streamer.add_socket(topic, user)`

			`{:ok, Map.put(state, :subscriptions, new_subscriptions)}`
			`else`
			`_ ->`
			`Logger.error("#{__MODULE__} received invalid topic: #{stream_name}")`
			`{:ok, state}`
			`end`
			`end`

Fix streamer timeout (closes #1753). Cowboy handles automatically responding to the client's ping, but doesn't automatically send a :ping frame to the client. 2020-05-11 14:28:53 +00:00			`def websocket_handle(frame, state) do`
			`Logger.error("#{__MODULE__} received frame: #{inspect(frame)}")`
mastodon api: websocket: update code for cowboy 2.x 2019-02-28 15:17:01 +00:00			`{:ok, state}`
Cowboy handler for Mastodon WebSocket 2018-12-17 13:39:59 +00:00			`end`

API compatibility with fedibird, frontend config (#163) Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/163 2022-08-17 00:22:59 +00:00			`def websocket_info({:render_with_user, view, template, item, topic}, state) do`
Streamer rework 2020-05-07 09:13:32 +00:00			`user = %User{} = User.get_cached_by_ap_id(state.user.ap_id)`
Cowboy handler for Mastodon WebSocket 2018-12-17 13:39:59 +00:00
Streamer rework 2020-05-07 09:13:32 +00:00			`unless Streamer.filtered_by_user?(user, item) do`
API compatibility with fedibird, frontend config (#163) Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/163 2022-08-17 00:22:59 +00:00			`websocket_info({:text, view.render(template, item, user, topic)}, %{state \| user: user})`
Streamer rework 2020-05-07 09:13:32 +00:00			`else`
			`{:ok, state}`
			`end`
Cowboy handler for Mastodon WebSocket 2018-12-17 13:39:59 +00:00			`end`

mastodon api: websocket: update code for cowboy 2.x 2019-02-28 15:17:01 +00:00			`def websocket_info({:text, message}, state) do`
Streamer rework 2020-05-07 09:13:32 +00:00			`# If the websocket processed X messages, force an hibernate/GC.`
			`# We don't hibernate at every message to balance CPU usage/latency with RAM usage.`
			`if state.count > @hibernate_every do`
			`{:reply, {:text, message}, %{state \| count: 0}, :hibernate}`
			`else`
			`{:reply, {:text, message}, %{state \| count: state.count + 1}}`
			`end`
Cowboy handler for Mastodon WebSocket 2018-12-17 13:39:59 +00:00			`end`

Fix streamer timeout (closes #1753). Cowboy handles automatically responding to the client's ping, but doesn't automatically send a :ping frame to the client. 2020-05-11 14:28:53 +00:00			`# Ping tick. We don't re-queue a timer there, it is instead queued when :pong is received.`
			`# As we hibernate there, reset the count to 0.`
			`# If the client misses :pong, Cowboy will automatically timeout the connection after`
			# `@idle_timeout`.
			`def websocket_info(:tick, state) do`
			`{:reply, :ping, %{state \| timer: nil, count: 0}, :hibernate}`
			`end`

Disconnect streaming sessions when token is revoked Use Websockex to replace websocket_client Test that server will disconnect websocket upon token revocation Lint Execute session disconnect in background Refactor streamer test allow multi-streams rebase websocket change 2022-08-19 17:19:38 +00:00			`def websocket_info(:close, state) do`
			`{:stop, state}`
			`end`

Websocket handler: do not raise if handler is terminated before switching protocols Closes #2131 2020-09-10 10:48:24 +00:00			# State can be `[]` only in case we terminate before switching to websocket,
			# we already log errors for these cases in `init/1`, so just do nothing here
			`def terminate(_reason, _req, []), do: :ok`

mastodon api: websocket: update code for cowboy 2.x 2019-02-28 15:17:01 +00:00			`def terminate(reason, _req, state) do`
Cowboy handler for Mastodon WebSocket 2018-12-17 13:39:59 +00:00			`Logger.debug(`
CI: Bump lint stage to elixir-1.12 Elixir 1.12 changed formatting rules, this allows to avoid having to rollback to run `mix format` 2021-10-06 06:08:21 +00:00			`"#{__MODULE__} terminating websocket connection for user #{(state.user \|\| %{id: "anonymous"}).id}, topic #{state.topic \|\| "?"}: #{inspect(reason)}"`
Cowboy handler for Mastodon WebSocket 2018-12-17 13:39:59 +00:00			`)`

Streamer rework 2020-05-07 09:13:32 +00:00			`Streamer.remove_socket(state.topic)`
Cowboy handler for Mastodon WebSocket 2018-12-17 13:39:59 +00:00			`:ok`
			`end`

			`# Public streams without authentication.`
Expand and authorize streams in Streamer directly 2020-05-12 16:04:47 +00:00			`defp authenticate_request(nil, nil) do`
[#2074] OAuth scope checking in Streaming API. 2020-09-19 16:16:55 +00:00			`{:ok, nil, nil}`
Cowboy handler for Mastodon WebSocket 2018-12-17 13:39:59 +00:00			`end`

			`# Authenticated streams.`
Expand and authorize streams in Streamer directly 2020-05-12 16:04:47 +00:00			`defp authenticate_request(access_token, sec_websocket) do`
			`token = access_token \|\| sec_websocket`
MastoAPI Streaming: Keep compatibility with access_token 2019-07-06 18:26:08 +00:00
			`with true <- is_bitstring(token),`
[#2074] OAuth scope checking in Streaming API. 2020-09-19 16:16:55 +00:00			`oauth_token = %Token{user_id: user_id} <- Repo.get_by(Token, token: token),`
Use `User.get_cached*` everywhere 2019-04-22 07:20:43 +00:00			`user = %User{} <- User.get_cached_by_id(user_id) do`
[#2074] OAuth scope checking in Streaming API. 2020-09-19 16:16:55 +00:00			`{:ok, user, oauth_token}`
Cowboy handler for Mastodon WebSocket 2018-12-17 13:39:59 +00:00			`else`
Expand and authorize streams in Streamer directly 2020-05-12 16:04:47 +00:00			`_ -> {:error, :unauthorized}`
Cowboy handler for Mastodon WebSocket 2018-12-17 13:39:59 +00:00			`end`
			`end`

Fix streamer timeout (closes #1753). Cowboy handles automatically responding to the client's ping, but doesn't automatically send a :ping frame to the client. 2020-05-11 14:28:53 +00:00			`defp timer do`
			`Process.send_after(self(), :tick, @tick)`
			`end`
Cowboy handler for Mastodon WebSocket 2018-12-17 13:39:59 +00:00			`end`