search

superseriousbusiness / gotosocial

Fast, fun, small ActivityPub server.
https://docs.gotosocial.org
GNU Affero General Public License v3.0
3.67k stars 311 forks source link

[bug] Relax unique `URL` requirement for accounts #1820

Open natsukagami opened 1 year ago

natsukagami commented 1 year ago

Describe the bug with a clear and concise description of what the bug is.

Writefreely instances with single_user mode enabled will WebFinger the only user and the internal instance account with the same URL.

This is giving GtS a hard time trying to follow the blog, since it cannot create a new account: GtS assumes and enforces that each account has an unique URL field.

Writefreely's webfinger output, from the discussion on the Matrix channel (on the now deceased Writefreely instance https://write.nkagami.me) 

{
  "@context": [
    "https://www.w3.org/ns/activitystreams",
    "https://w3id.org/security/v1"
  ],
  "type": "Person",
  "id": "https://write.nkagami.me/api/collections/write.nkagami.me",
  "inbox": "https://write.nkagami.me/api/collections/write.nkagami.me/inbox",
  "outbox": "https://write.nkagami.me/api/collections/write.nkagami.me/outbox",
  "preferredUsername": "[write.nkagami.me](http://write.nkagami.me/)",
  "url": "https://write.nkagami.me/",
  "name": "[write.nkagami.me](http://write.nkagami.me/)",
  "icon": {
    "type": "Image",
    "mediaType": "image/png",
    "url": "https://write.nkagami.me/img/avatars/w.png"
  },
  "following": "https://write.nkagami.me/api/collections/write.nkagami.me/following",
  "followers": "https://write.nkagami.me/api/collections/write.nkagami.me/followers",
  "summary": "",
  "publicKey": {
    "id": "https://write.nkagami.me/api/collections/write.nkagami.me#main-key",
    "owner": "https://write.nkagami.me/api/collections/write.nkagami.me",
    "publicKeyPem": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbnZQaGV26xR2r4UGAdV\nFaDPgB590G12a1GW07hjRKdmszMa25uizBOwbOFqEpzYligCjbBHxMds0ay4/8LY\nAmLgnry85Li4Si5s0nDoqlZ/tFEHevyRdapJoMQ4rL0/VyQw/HKwLggGlB3AP0qy\ngjAddmuCd1dWwT0zvfluC+9oCr2C7l2Xc/r4mWIBSSO3Fs4xBnnUQ4KTMT9aQFAe\nYE2rz7N0hAKnwrxzZ6efWiIbBrES+vCtWrLUHrCJFSYmQJ737lTpPhissAQqZQ/r\nL5hont4feM+s8F103F/za9Uafyzn7rB4sNB8hkRXJm8qJpBrVXIF+IMjmINQMFIB\n7wIDAQAB\n-----END PUBLIC KEY-----\n"
  },
  "endpoints": {}
}
{
  "@context": [
    "https://www.w3.org/ns/activitystreams",
    "https://w3id.org/security/v1"
  ],
  "type": "Person",
  "id": "https://write.nkagami.me/api/collections/zumi",
  "inbox": "https://write.nkagami.me/api/collections/zumi/inbox",
  "outbox": "https://write.nkagami.me/api/collections/zumi/outbox",
  "preferredUsername": "zumi",
  "url": "https://write.nkagami.me/",
  "name": "Zumi's Writings",
  "icon": {
    "type": "Image",
    "mediaType": "image/png",
    "url": "https://write.nkagami.me/img/avatars/z.png"
  },
  "following": "https://write.nkagami.me/api/collections/zumi/following",
  "followers": "https://write.nkagami.me/api/collections/zumi/followers",
  "summary": "Just random Zumi Zoom things",
  "publicKey": {
    "id": "https://write.nkagami.me/api/collections/zumi#main-key",
    "owner": "https://write.nkagami.me/api/collections/zumi",
    "publicKeyPem": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjE2k2xEHwYskBx/3I2D\nbKg+08qbA7W54AvpqQb2V/ZwEQUDJecP43CcDJox4IxwrDHo1H++8VimCkUM6Xf8\nrWSoRLgOyetWrbx0yko/5GV5S7njsd9tGOdInHRjmaseH6jOIpSc3aXyxaUdWUdP\n+SKb3iuPC39pZOXfqLCzPtCBuKOJvLuYOBQaD7eh1bWi8+u9kBjAUXh+eUDFQqMl\nS6KC9DrA8imAEsafq4vju2PoaptxX0aWvl9SeQ0NMb3evAKwmxcNe4Y347h1Np8F\n/kL/mTsb6BPnxxwz0GWumEtjlGb6ze0si/dukYi2goyeyuVCQ2wLsiCdMt/fiqDp\nFwIDAQAB\n-----END PUBLIC KEY-----\n"
  },
  "endpoints": {}
}

What's your GoToSocial Version?

v0.9.0-rc1

GoToSocial Arch

amd64 Binary

What happened?

GtS is returning a 401 at this point

https://github.com/superseriousbusiness/gotosocial/blob/c7702c47bb887a220233fd92d80a1084a25f2a27/internal/processing/fedi/user.go#L60

(Probably would be nice to have a log written down here as well :D)

What you expected to happen?

No response

How to reproduce it?

No response

Anything else we need to know?

No response

tsmethurst commented 1 year ago

Thanks for writing this up!

tsmethurst commented 1 year ago

Just jotting this down now while it's on my mind:

Currently we have a db function that selects account by URL, and assumes that account URL is unique. Currently, this function is called in two places -- here and here.

Once we relax the URL unique requirement, it is possible that the db SELECT call will return more than one account, so we'll need to adjust the above function calls to also anticipate this. For the search one, it's fine if the 'GetAccountByURL' call returns more than one account, since we can just return multiple results via the search then.

For the other one, it's a bit more complicated since it's used to dereference an account from remote, and there's not really a way of knowing which account will be returned, or which account the caller actually wants.

Not sure right now how to resolve this, just something to bear in mind when we make this change :)

kvibber commented 3 months ago

Just to add another data point in terms of places this causes problems: Bridgy Fed's general and bluesky-specific opt-in bots share the same URL but different URIs/IDs, so if a GTS instance has already seen one, it can't add the second with this current constraint.