Some issues with the tutorial and also with the blog example

[carvilsi]

Hi,

Please I'm having some issues with the tutorial and also with the blog example.

• Version of fedify: 0.8.0 and also main branch from repo
• Version of Deno: deno 1.43.5 (release, x86_64-unknown-linux-gnu) v8 12.4.254.13 typescript 5.4.5
• OS: Arch Linux 6.8.9-arch1-2 x86_64
• The steps to reproduce the bug: Follow the usage section at README file for blog example, also the first issue also applies following the tutorial. Using ngrok.
• The expected behavior: For the first issue the expected behavior is that I could allow to follow the created user from activitypub.academy. For the second issue the expected behavior could be to be able to see the posts from my user at activitypub.academy site.
• The actual behavior: Not possible to follow the fedify user from activitypub.academy getting 401 Unauthorized and Failed to verify; Date is too far in the future.. For the other issue is not possible to see the new published entry at the blog, with next error:

  15:37:36.004 ERR fedify·federation·outbox 
  Failed to send activity 
  "http://b083-46-222-34-78.ngrok-free.app/posts/018f9bcb-cbae-73b1-8a2e-de3c7eb017a9#activity" 
  to "https://activitypub.academy/inbox" (401 "Unauthorized"):
  ""

For the first issue after cloning the repo and doing some debug I was able to fix it increasing the seconds for the verify function at httpsig/mod.ts. Maybe my internet connection is little bit slow and also I'm using ngrok, could be this the reason? Is it necessary the check about the date?

Any clue about the second issue?

Thanks.

[dahlia]

First of all, thank you for reporting the bug.

The reason Fedify checks a Date header is to protect against replay attacks, and while it's not impossible to not check it, it does seem like the time window is tight. We should either increase the window to be more generous, or make the time window value configurable.

[dahlia]

Maybe my internet connection is little bit slow and also I'm using ngrok, could be this the reason?

Or maybe your system clock is out of sync?

[dahlia]

Okay, the main branch has now the twice longer time window than before. You could also configure it by passing signatureTimeWindow option to Federation() constructor, e.g.:

new Federation({
  signatureTimeWindow: { minutes: 5 },
});

@carvilsi Could you give it a try?

[carvilsi]

Thanks for your quick replay.

I checked the system clock and is sync.

I tried right now and just with the change about increasing the time window it worked like a charm for the two issues. No problem to follow and neither to see the posts from the blog on the activitypub.academy timeline.

I think that the possibility to configure signatureTimeWindow it's very nice.

Going to close the issue, if you do not mind.

Thanks :pray:

[dahlia]

Good to hear it works for you, thank you!