Social features / ActivityPub federation (#1629)

* Support webfinger requests for the live account. Closes https://github.com/owncast/owncast/issues/1193 * Support for actor requests. Returns response for live actor. Closes https://github.com/owncast/owncast/issues/1203 * Handle follow and unfollow requests. Closes https://github.com/owncast/owncast/issues/1191 and https://github.com/owncast/owncast/issues/1205 and https://github.com/owncast/owncast/issues/1206 and https://github.com/owncast/owncast/issues/1194 * Add basic support for sending out text activities. For https://github.com/owncast/owncast/issues/1192 * Some error handling and passing of dynamic local account names. * Add hardcoded example image attachment to test post * Centralize the map of accounts and inboxes * No longer disable the preview generator based on YP toggle * Send a federated message to followers when stream starts. For https://github.com/owncast/owncast/issues/1192 * Placeholder for attaching tags * Add image description * Save and get to outbox persistence. Return using outbox endpoint for actor * Pass payloads to be handled through the gochan * Handle undo follow requests explitly, not all undo requests * Add API for manually sending simple federated messages. Closes #1215 * Verify inbox requests. Closes #1321 * Add route to fetch a single AP object by ID. For #1329 * Add responses to fediverse nodeinfo requests * Set and get federation config values for admin * Handle host-meta requests * Do not send out message if disabled. Use saved go live message. * Require AP-compatible content types for AP-related requests * Rename ap models to apmodels for clarity * Change how content type matching takes place. * io -> ioutil * Add stub delete activity callback * Handle likes and announces to surface engagement in chat. Part of #1229 * Append url to go live posts * Do not require specific content types for nodeinfo requests * Add follow engagement chat message via AP * add owncast user-agent to requests * Set note visibility to public (for now) * Fix saving/fetching a single object * Add support for x-nodeinfo2 responses * Point to the dev admin branch for ap * Bundle in dev admin for testing * Add error logging * Add AP middleware back * Point to the new external compatible logo endpoint * Clean up more AP logging to help testing * Tweak go live text and link hashtags * Fix bug in fetching init time * Send update actor activities when server details/profile is updated * Add federation config overview to web client config * Add additional actor properties * Make the AP middleware checking more flexible when looking at types * First pass at remote fediverse follow flow. For #1371 * Added a basic AP actor followers endpoint * WIP client followers API * Add profile-page reference to webfinger response * Add aliases to webfinger response * Fix content-type returned to be expected activitypub+json * First pass at followers api * Point at local dev copy of go-fed/activity * Add custom toot Hashtag objects to posts * Store additional user details to followers table * Fix AP followers endpoint. Closes #1204 * Add owncast hashtag as an invisible tag to go live posts * Reject AP requests when it is disabled * Add actor util for generating full account user from person object * Verify inbox requests before performing any other work * Accept actor update requests * Fix linter errors in federation branch * Migrate AP SQL to sqlc for type safe queries * Use the @unclearParadigm REST parameter helper * Fix verifying post ID on AP engagement * WIP privacy/request approval * Style the remote follow modal * First pass at a followers list component w/ mock data. #1370 * Revert "Use the @unclearParadigm REST parameter helper" This reverts commit c8af8a413f6f53e7d1a15a7d823ff28be2db3c23. * Fix get followers API * Add support for requiring approval. Closes https://github.com/owncast/owncast/issues/1208 * Handle Applications as Actors partly for PeerTube support * add temp todo list * check route on load, this might change later * style followers * account for just 1 tab case * Remove mock data. Allow showing follow button even when there are no external actions defined * Point to actual followers API * Support fallback img for follower views * Remove duplicate verification. Add some additional verbose logging * Bundle dev admin * Add type to host-meta webfinger template response * Tweak remote follow modal content * WIP federation followers refactor * Do not send pointer to middleware * Update admin * Add setting for toggling displaying fediverse engagement. Closes #1404 * Add in-development admin * Do not enable cors on admin followers api * Add db migration for updating messages table * Enable empty string go live messages to disable * Remove debug messages * Rework some ActivityPub handling. Create new Actor->Person handling. Create new Actor->Service handling. Add engagement handlers to send chat events and store event objects. Store inbound activities to new ap_inbound_activities table. * Support federated engagement events. Store them in the messages table and surface them via chat events. * Support federated event engatement in the chat * Tweak web UI followers handling * Point go.mod at remote fork instead of local * Update admin * Merged in develop. Couple fixes * Update dev admin * Update fedi engagement posts. - Fix incorrect action text. - Add action icons. * Set public as to instead of cc for ap msg * Updated styling for federated actions in chat * Add support for blocking federated domains. Closes #1209 * Force checking of https in verify step * Update dev admin * Return user scopes in chat history api. Closes #1586 * Update dev admin * Add AP outbound request worker pool. Closes #1571 * Disable (temporarily?) owncast tag on AP posts * Consolidate creating activity+notes in outbound AP messages * Add inbox worker pool. Closes #1570 * Update dev admin bundle * Clean up some logs * Re-enable inbound verfication * Save full IRI to outbox instead of path * Reject if full IRI is not found in outbox * Use full ActivityPub user account in chat event * Fix and expand follower APIs - Add missing IDs to AP follower endpoints - Split AP follower endpoints into initial request and pages. - Support pagination in AP requests. * Include IRI in error message * Hide chat toggle when chat is hidden. Closes #1606 * Updates to followers pagination * Set default go live message * Remove log * indirect -> direct import * Updates for inbound federated event handling. - Keep track of existing events and reject duplicates. - Change what is sent to chat for surfing federated engagement. - Keep track if outbound events are automated "go live" events or not. * Update chat federated engagement. * Update dev admin. * Move from being a person to a bot (service). Closes #1619 * Only set server init date if not already set * Only save notes to outbox able * Rework private-mode followers/approvals * API for returning a list of federated actions for #1573 * Fix too-small follower cells and jumpy tabs. Closes #1616 and closes #1516 * Fix shortcuts getting fired on inputs. Fixes #1489 and #1201 * Add spinner, autoclose + other fixes to follow modal. Fixes #1593 * Fix fetching a single object by IRI * SendFederationMessage -> SendFederatedMessage * Autolink and create tag objects from manual posts. Closes #1620 * Update dev admin bundle * Handle engagement from non-automated/live posts * Reject federated engagement actions if they do not match a local post * Update dev admin bundle * A bunch of cleanup * Fix unused assignments and logic * Remove unused function * Add content warning and sentive content flag if stream is NSFW. Closes #1624 * Disable fetching objects by IRI when in private mode. Closes #1623 * Update the error message of the remote follow dialog. closes #1622 * Update dev admin * Fix NREs throwing in test content * Fix query that wasn't properly filtering out hidden messages * Test against user being disabled instead of message visibility * Fix automated test NRE * Update comment * Adjust federated engagement chat views. Closes #1617 * Add additional index to users table * Add support for removing followers/requests. Closes #1630 * Reject federated actions from blocked actors. #1631 * Use fallback avatar if it fails to load. Closes #1635 * Fix styling of follower list. Closes #1636 * Add basic blurb stating they should follow the server. Closes #1641 * Update dev admin * Set default go live message in migration. Closes #1642 * Reset the messages table on 0.0.11 schema migration * Fix js error with moderation actions. Closes #1621 * Add a bit more clarification on follow modal. Closes #1599 * Remove todos * Split out actor and domain blocking checks * Check for errors on default values being set * Clean up actor rejection due to being blocked * Update dev admin * Add colon to error to make it easier to read * Remove markdown rendering of go live message. Reorganize text. Remove content warning. Closes #1645 * Break out the sort+render messages logic so it can be fired on visibility change. Closes #1643 * Do not send profile updates if federation is disabled * Save follow references to inbound activities table * Update dev admin * Add blocked actor test * Remove the overloaded term of Follow from social links * Fix test running in memory only * Remove "just" in engagement messags * Replace star with heart for like action. * Update dev admin * Explicitly set cc as public * Remove overly using the stream name in fediverse engagement messages * Some federated/follow UI tweaks * Remove explicit cc and bcc as they are not required * Explicitly set the audience * Remove extra margin * Add Join Fediverse button to follow modal. Closes #1651 * Do not allow multiple follows to send multiple events. Closes #1650 * Give events a min height * Do not allow old posts to be liked/shared. Closes #1652 * Remove value from log message * Alert followers on private mode toggle * Ignore clicks to follow button if disabled * Remove underline from action buttons * Add moderator icon to join message * Update admin * Post-merge remove unused var * Remove pointing at feature branch Co-authored-by: Ginger Wong <omqmail@gmail.com>
2022-01-12 13:53:10 -08:00
parent c51d9cdbf4
commit 045a0a2afd
174 changed files with 7295 additions and 404 deletions
--- a/activitypub/controllers/actors.go
+++ b/activitypub/controllers/actors.go
@@ -0,0 +1,58 @@
+package controllers
+
+import (
+	"net/http"
+	"strings"
+
+	log "github.com/sirupsen/logrus"
+
+	"github.com/owncast/owncast/activitypub/apmodels"
+	"github.com/owncast/owncast/activitypub/crypto"
+	"github.com/owncast/owncast/activitypub/requests"
+	"github.com/owncast/owncast/core/data"
+)
+
+// ActorHandler handles requests for a single actor.
+func ActorHandler(w http.ResponseWriter, r *http.Request) {
+	if !data.GetFederationEnabled() {
+		w.WriteHeader(http.StatusMethodNotAllowed)
+		return
+	}
+
+	pathComponents := strings.Split(r.URL.Path, "/")
+	accountName := pathComponents[3]
+
+	if _, valid := data.GetFederatedInboxMap()[accountName]; !valid {
+		// User is not valid
+		w.WriteHeader(http.StatusNotFound)
+		return
+	}
+
+	// If this request is for an actor's inbox then pass
+	// the request to the inbox controller.
+	if len(pathComponents) == 5 && pathComponents[4] == "inbox" {
+		InboxHandler(w, r)
+		return
+	} else if len(pathComponents) == 5 && pathComponents[4] == "outbox" {
+		OutboxHandler(w, r)
+		return
+	} else if len(pathComponents) == 5 && pathComponents[4] == "followers" {
+		// followers list
+		FollowersHandler(w, r)
+		return
+	} else if len(pathComponents) == 5 && pathComponents[4] == "following" {
+		// following list (none)
+		w.WriteHeader(http.StatusNotFound)
+		return
+	}
+
+	actorIRI := apmodels.MakeLocalIRIForAccount(accountName)
+	publicKey := crypto.GetPublicKey(actorIRI)
+	person := apmodels.MakeServiceForAccount(accountName)
+
+	if err := requests.WriteStreamResponse(person, w, publicKey); err != nil {
+		log.Errorln("unable to write stream response for actor handler", err)
+		w.WriteHeader(http.StatusInternalServerError)
+		return
+	}
+}
--- a/activitypub/controllers/followers.go
+++ b/activitypub/controllers/followers.go
@@ -0,0 +1,166 @@
+package controllers
+
+import (
+	"fmt"
+	"net/http"
+	"net/url"
+	"strconv"
+	"strings"
+
+	"github.com/pkg/errors"
+	log "github.com/sirupsen/logrus"
+
+	"github.com/go-fed/activity/streams"
+	"github.com/go-fed/activity/streams/vocab"
+	"github.com/owncast/owncast/activitypub/apmodels"
+	"github.com/owncast/owncast/activitypub/crypto"
+	"github.com/owncast/owncast/activitypub/persistence"
+	"github.com/owncast/owncast/activitypub/requests"
+	"github.com/owncast/owncast/core/data"
+)
+
+const (
+	followersPageSize = 50
+)
+
+// FollowersHandler will return the list of remote followers on the Fediverse.
+func FollowersHandler(w http.ResponseWriter, r *http.Request) {
+	if r.Method != "GET" {
+		w.WriteHeader(http.StatusMethodNotAllowed)
+		return
+	}
+
+	var response interface{}
+	var err error
+	if r.URL.Query().Get("page") != "" {
+		response, err = getFollowersPage(r.URL.Query().Get("page"), r)
+	} else {
+		response, err = getInitialFollowersRequest(r)
+	}
+
+	if response == nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		return
+	}
+
+	if err != nil {
+		_, _ = w.Write([]byte(err.Error()))
+		w.WriteHeader(http.StatusInternalServerError)
+		return
+	}
+
+	pathComponents := strings.Split(r.URL.Path, "/")
+	accountName := pathComponents[3]
+	actorIRI := apmodels.MakeLocalIRIForAccount(accountName)
+	publicKey := crypto.GetPublicKey(actorIRI)
+
+	if err := requests.WriteStreamResponse(response.(vocab.Type), w, publicKey); err != nil {
+		log.Errorln("unable to write stream response for followers handler", err)
+	}
+}
+
+func getInitialFollowersRequest(r *http.Request) (vocab.ActivityStreamsOrderedCollection, error) {
+	followerCount, _ := persistence.GetFollowerCount()
+	collection := streams.NewActivityStreamsOrderedCollection()
+	idProperty := streams.NewJSONLDIdProperty()
+	id, err := createPageURL(r, nil)
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to create followers page property")
+	}
+	idProperty.SetIRI(id)
+	collection.SetJSONLDId(idProperty)
+
+	totalItemsProperty := streams.NewActivityStreamsTotalItemsProperty()
+	totalItemsProperty.Set(int(followerCount))
+	collection.SetActivityStreamsTotalItems(totalItemsProperty)
+
+	first := streams.NewActivityStreamsFirstProperty()
+	page := "1"
+	firstIRI, err := createPageURL(r, &page)
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to create first page property")
+	}
+
+	first.SetIRI(firstIRI)
+	collection.SetActivityStreamsFirst(first)
+
+	return collection, nil
+}
+
+func getFollowersPage(page string, r *http.Request) (vocab.ActivityStreamsOrderedCollectionPage, error) {
+	pageInt, err := strconv.Atoi(page)
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to parse page number")
+	}
+
+	followerCount, err := persistence.GetFollowerCount()
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to get follower count")
+	}
+
+	followers, err := persistence.GetFederationFollowers(followersPageSize, (pageInt-1)*followersPageSize)
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to get federation followers")
+	}
+
+	collectionPage := streams.NewActivityStreamsOrderedCollectionPage()
+	idProperty := streams.NewJSONLDIdProperty()
+	id, err := createPageURL(r, &page)
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to create followers page ID")
+	}
+	idProperty.SetIRI(id)
+	collectionPage.SetJSONLDId(idProperty)
+
+	orderedItems := streams.NewActivityStreamsOrderedItemsProperty()
+
+	for _, follower := range followers {
+		u, _ := url.Parse(follower.ActorIRI)
+		orderedItems.AppendIRI(u)
+	}
+	collectionPage.SetActivityStreamsOrderedItems(orderedItems)
+
+	partOf := streams.NewActivityStreamsPartOfProperty()
+	partOfIRI, err := createPageURL(r, nil)
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to create partOf property for followers page")
+	}
+
+	partOf.SetIRI(partOfIRI)
+	collectionPage.SetActivityStreamsPartOf(partOf)
+
+	if pageInt*followersPageSize < int(followerCount) {
+		next := streams.NewActivityStreamsNextProperty()
+		nextPage := fmt.Sprintf("%d", pageInt+1)
+		nextIRI, err := createPageURL(r, &nextPage)
+		if err != nil {
+			return nil, errors.Wrap(err, "unable to create next page property")
+		}
+
+		next.SetIRI(nextIRI)
+		collectionPage.SetActivityStreamsNext(next)
+	}
+
+	return collectionPage, nil
+}
+
+func createPageURL(r *http.Request, page *string) (*url.URL, error) {
+	domain := data.GetServerURL()
+	if domain == "" {
+		return nil, errors.New("unable to get server URL")
+	}
+
+	pageURL, err := url.Parse(domain)
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to parse server URL")
+	}
+
+	if page != nil {
+		query := pageURL.Query()
+		query.Add("page", *page)
+		pageURL.RawQuery = query.Encode()
+	}
+	pageURL.Path = r.URL.Path
+
+	return pageURL, nil
+}
--- a/activitypub/controllers/inbox.go
+++ b/activitypub/controllers/inbox.go
@@ -0,0 +1,56 @@
+package controllers
+
+import (
+	"io"
+	"net/http"
+	"strings"
+
+	"github.com/owncast/owncast/activitypub/apmodels"
+	"github.com/owncast/owncast/activitypub/inbox"
+	"github.com/owncast/owncast/core/data"
+
+	log "github.com/sirupsen/logrus"
+)
+
+// InboxHandler handles inbound federated requests.
+func InboxHandler(w http.ResponseWriter, r *http.Request) {
+	if r.Method == http.MethodPost {
+		acceptInboxRequest(w, r)
+	} else {
+		w.WriteHeader(http.StatusMethodNotAllowed)
+	}
+}
+
+func acceptInboxRequest(w http.ResponseWriter, r *http.Request) {
+	if !data.GetFederationEnabled() {
+		w.WriteHeader(http.StatusMethodNotAllowed)
+		return
+	}
+
+	urlPathComponents := strings.Split(r.URL.Path, "/")
+	var forLocalAccount string
+	if len(urlPathComponents) == 5 {
+		forLocalAccount = urlPathComponents[3]
+	} else {
+		log.Errorln("Unable to determine username from url path")
+		w.WriteHeader(http.StatusNotFound)
+		return
+	}
+
+	// The account this request is for must match the account name we have set
+	// for federation.
+	if forLocalAccount != data.GetFederationUsername() {
+		w.WriteHeader(http.StatusNotFound)
+		return
+	}
+
+	data, err := io.ReadAll(r.Body)
+	if err != nil {
+		log.Errorln("Unable to read inbox request payload", err)
+		return
+	}
+
+	inboxRequest := apmodels.InboxRequest{Request: r, ForLocalAccount: forLocalAccount, Body: data}
+	inbox.AddToQueue(inboxRequest)
+	w.WriteHeader(http.StatusAccepted)
+}
--- a/activitypub/controllers/nodeinfo.go
+++ b/activitypub/controllers/nodeinfo.go
@@ -0,0 +1,285 @@
+package controllers
+
+import (
+	"fmt"
+	"net/http"
+	"net/url"
+
+	"github.com/owncast/owncast/activitypub/apmodels"
+	"github.com/owncast/owncast/activitypub/crypto"
+	"github.com/owncast/owncast/activitypub/persistence"
+	"github.com/owncast/owncast/activitypub/requests"
+	"github.com/owncast/owncast/config"
+	"github.com/owncast/owncast/core/data"
+	log "github.com/sirupsen/logrus"
+)
+
+// NodeInfoController returns the V1 node info response.
+func NodeInfoController(w http.ResponseWriter, r *http.Request) {
+	type links struct {
+		Rel  string `json:"rel"`
+		Href string `json:"href"`
+	}
+
+	type response struct {
+		Links []links `json:"links"`
+	}
+
+	if !data.GetFederationEnabled() {
+		w.WriteHeader(http.StatusMethodNotAllowed)
+		return
+	}
+
+	serverURL := data.GetServerURL()
+	if serverURL == "" {
+		w.WriteHeader(http.StatusNotFound)
+		return
+	}
+
+	v2, err := url.Parse(serverURL)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		return
+	}
+
+	v2.Path = "nodeinfo/2.0"
+
+	res := response{
+		Links: []links{
+			{
+				Rel:  "http://nodeinfo.diaspora.software/ns/schema/2.0",
+				Href: v2.String(),
+			},
+		},
+	}
+	if err := writeResponse(res, w); err != nil {
+		log.Errorln(err)
+	}
+}
+
+// NodeInfoV2Controller returns the V2 node info response.
+func NodeInfoV2Controller(w http.ResponseWriter, r *http.Request) {
+	type software struct {
+		Name    string `json:"name"`
+		Version string `json:"version"`
+	}
+	type users struct {
+		Total          int `json:"total"`
+		ActiveMonth    int `json:"activeMonth"`
+		ActiveHalfyear int `json:"activeHalfyear"`
+	}
+	type usage struct {
+		Users      users `json:"users"`
+		LocalPosts int   `json:"localPosts"`
+	}
+	type response struct {
+		Version           string   `json:"version"`
+		Software          software `json:"software"`
+		Protocols         []string `json:"protocols"`
+		Usage             usage    `json:"usage"`
+		OpenRegistrations bool     `json:"openRegistrations"`
+	}
+
+	if !data.GetFederationEnabled() {
+		w.WriteHeader(http.StatusMethodNotAllowed)
+		return
+	}
+
+	localPostCount, _ := persistence.GetLocalPostCount()
+
+	res := response{
+		Version: "2.0",
+		Software: software{
+			Name:    "Owncast",
+			Version: config.VersionNumber,
+		},
+		Usage: usage{
+			Users: users{
+				Total:          1,
+				ActiveMonth:    1,
+				ActiveHalfyear: 1,
+			},
+			LocalPosts: int(localPostCount),
+		},
+		OpenRegistrations: false,
+		Protocols:         []string{"activitypub"},
+	}
+
+	if err := writeResponse(res, w); err != nil {
+		log.Errorln(err)
+	}
+}
+
+// XNodeInfo2Controller returns the x-nodeinfo2.
+func XNodeInfo2Controller(w http.ResponseWriter, r *http.Request) {
+	type Organization struct {
+		Name    string `json:"name"`
+		Contact string `json:"contact"`
+	}
+	type Server struct {
+		BaseURL  string `json:"baseUrl"`
+		Version  string `json:"version"`
+		Name     string `json:"name"`
+		Software string `json:"software"`
+	}
+	type Services struct {
+		Outbound []string `json:"outbound"`
+		Inbound  []string `json:"inbound"`
+	}
+	type Users struct {
+		ActiveWeek     int `json:"activeWeek"`
+		Total          int `json:"total"`
+		ActiveMonth    int `json:"activeMonth"`
+		ActiveHalfyear int `json:"activeHalfyear"`
+	}
+	type Usage struct {
+		Users         Users `json:"users"`
+		LocalPosts    int   `json:"localPosts"`
+		LocalComments int   `json:"localComments"`
+	}
+	type response struct {
+		Organization      Organization `json:"organization"`
+		Server            Server       `json:"server"`
+		Services          Services     `json:"services"`
+		Protocols         []string     `json:"protocols"`
+		Version           string       `json:"version"`
+		OpenRegistrations bool         `json:"openRegistrations"`
+		Usage             Usage        `json:"usage"`
+	}
+
+	if !data.GetFederationEnabled() {
+		w.WriteHeader(http.StatusMethodNotAllowed)
+		return
+	}
+
+	serverURL := data.GetServerURL()
+	if serverURL == "" {
+		w.WriteHeader(http.StatusNotFound)
+		return
+	}
+
+	localPostCount, _ := persistence.GetLocalPostCount()
+
+	res := &response{
+		Organization: Organization{
+			Name:    data.GetServerName(),
+			Contact: serverURL,
+		},
+		Server: Server{
+			BaseURL:  serverURL,
+			Version:  config.VersionNumber,
+			Name:     "owncast",
+			Software: "owncast",
+		},
+		Services: Services{
+			Inbound:  []string{"activitypub"},
+			Outbound: []string{"activitypub"},
+		},
+		Protocols: []string{"activitypub"},
+		Version:   config.VersionNumber,
+		Usage: Usage{
+			Users: Users{
+				ActiveWeek:     1,
+				Total:          1,
+				ActiveMonth:    1,
+				ActiveHalfyear: 1,
+			},
+
+			LocalPosts:    int(localPostCount),
+			LocalComments: 0,
+		},
+	}
+
+	if err := writeResponse(res, w); err != nil {
+		log.Errorln(err)
+	}
+}
+
+// InstanceV1Controller returns the v1 instance details.
+func InstanceV1Controller(w http.ResponseWriter, r *http.Request) {
+	type Stats struct {
+		UserCount   int `json:"user_count"`
+		StatusCount int `json:"status_count"`
+		DomainCount int `json:"domain_count"`
+	}
+	type response struct {
+		URI              string   `json:"uri"`
+		Title            string   `json:"title"`
+		ShortDescription string   `json:"short_description"`
+		Description      string   `json:"description"`
+		Version          string   `json:"version"`
+		Stats            Stats    `json:"stats"`
+		Thumbnail        string   `json:"thumbnail"`
+		Languages        []string `json:"languages"`
+		Registrations    bool     `json:"registrations"`
+		ApprovalRequired bool     `json:"approval_required"`
+		InvitesEnabled   bool     `json:"invites_enabled"`
+	}
+
+	if !data.GetFederationEnabled() {
+		w.WriteHeader(http.StatusMethodNotAllowed)
+		return
+	}
+
+	serverURL := data.GetServerURL()
+	if serverURL == "" {
+		w.WriteHeader(http.StatusNotFound)
+		return
+	}
+
+	thumbnail, err := url.Parse(serverURL)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		return
+	}
+
+	thumbnail.Path = "/logo/external"
+	localPostCount, _ := persistence.GetLocalPostCount()
+
+	res := response{
+		URI:              serverURL,
+		Title:            data.GetServerName(),
+		ShortDescription: data.GetServerSummary(),
+		Description:      data.GetServerSummary(),
+		Version:          config.GetReleaseString(),
+		Stats: Stats{
+			UserCount:   1,
+			StatusCount: int(localPostCount),
+			DomainCount: 0,
+		},
+		Thumbnail:        thumbnail.String(),
+		Registrations:    false,
+		ApprovalRequired: false,
+		InvitesEnabled:   false,
+	}
+
+	if err := writeResponse(res, w); err != nil {
+		log.Errorln(err)
+	}
+}
+
+func writeResponse(payload interface{}, w http.ResponseWriter) error {
+	accountName := data.GetDefaultFederationUsername()
+	actorIRI := apmodels.MakeLocalIRIForAccount(accountName)
+	publicKey := crypto.GetPublicKey(actorIRI)
+
+	return requests.WritePayloadResponse(payload, w, publicKey)
+}
+
+// HostMetaController points to webfinger.
+func HostMetaController(w http.ResponseWriter, r *http.Request) {
+	serverURL := data.GetServerURL()
+	if serverURL == "" {
+		w.WriteHeader(http.StatusNotFound)
+		return
+	}
+
+	res := fmt.Sprintf(`<?xml version="1.0" encoding="UTF-8"?>
+	<XRD xmlns="http://docs.oasis-open.org/ns/xri/xrd-1.0">
+		<Link rel="lrdd" type="application/json" template="%s/.well-known/webfinger?resource={uri}"/>
+	</XRD>`, serverURL)
+
+	if _, err := w.Write([]byte(res)); err != nil {
+		log.Errorln(err)
+	}
+}
--- a/activitypub/controllers/object.go
+++ b/activitypub/controllers/object.go
@@ -0,0 +1,42 @@
+package controllers
+
+import (
+	"net/http"
+	"strings"
+
+	"github.com/owncast/owncast/activitypub/apmodels"
+	"github.com/owncast/owncast/activitypub/crypto"
+	"github.com/owncast/owncast/activitypub/persistence"
+	"github.com/owncast/owncast/activitypub/requests"
+	"github.com/owncast/owncast/core/data"
+	log "github.com/sirupsen/logrus"
+)
+
+// ObjectHandler handles requests for a single federated ActivityPub object.
+func ObjectHandler(w http.ResponseWriter, r *http.Request) {
+	if !data.GetFederationEnabled() {
+		w.WriteHeader(http.StatusMethodNotAllowed)
+		return
+	}
+
+	// If private federation mode is enabled do not allow access to objects.
+	if data.GetFederationIsPrivate() {
+		w.WriteHeader(http.StatusNotFound)
+		return
+	}
+
+	iri := strings.Join([]string{strings.TrimSuffix(data.GetServerURL(), "/"), r.URL.Path}, "")
+	object, _, _, err := persistence.GetObjectByIRI(iri)
+	if err != nil {
+		w.WriteHeader(http.StatusNotFound)
+		return
+	}
+
+	accountName := data.GetDefaultFederationUsername()
+	actorIRI := apmodels.MakeLocalIRIForAccount(accountName)
+	publicKey := crypto.GetPublicKey(actorIRI)
+
+	if err := requests.WriteResponse([]byte(object), w, publicKey); err != nil {
+		log.Errorln(err)
+	}
+}
--- a/activitypub/controllers/outbox.go
+++ b/activitypub/controllers/outbox.go
@@ -0,0 +1,156 @@
+package controllers
+
+import (
+	"fmt"
+	"net/http"
+	"strconv"
+	"strings"
+
+	"github.com/go-fed/activity/streams"
+	"github.com/go-fed/activity/streams/vocab"
+	"github.com/owncast/owncast/activitypub/apmodels"
+	"github.com/owncast/owncast/activitypub/crypto"
+	"github.com/owncast/owncast/activitypub/persistence"
+	"github.com/owncast/owncast/activitypub/requests"
+	"github.com/pkg/errors"
+	log "github.com/sirupsen/logrus"
+)
+
+const (
+	outboxPageSize = 50
+)
+
+// OutboxHandler will handle requests for the local ActivityPub outbox.
+func OutboxHandler(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodGet {
+		w.WriteHeader(http.StatusMethodNotAllowed)
+		return
+	}
+
+	var response interface{}
+	var err error
+	if r.URL.Query().Get("page") != "" {
+		response, err = getOutboxPage(r.URL.Query().Get("page"), r)
+	} else {
+		response, err = getInitialOutboxHandler(r)
+	}
+
+	if response == nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		return
+	}
+
+	if err != nil {
+		_, _ = w.Write([]byte(err.Error()))
+		w.WriteHeader(http.StatusInternalServerError)
+		return
+	}
+
+	pathComponents := strings.Split(r.URL.Path, "/")
+	accountName := pathComponents[3]
+	actorIRI := apmodels.MakeLocalIRIForAccount(accountName)
+	publicKey := crypto.GetPublicKey(actorIRI)
+
+	if err := requests.WriteStreamResponse(response.(vocab.Type), w, publicKey); err != nil {
+		log.Errorln("unable to write stream response for outbox handler", err)
+	}
+}
+
+// ActorObjectHandler will handle the request for a single ActivityPub object.
+func ActorObjectHandler(w http.ResponseWriter, r *http.Request) {
+	object, _, _, err := persistence.GetObjectByIRI(r.URL.Path)
+	if err != nil {
+		w.WriteHeader(http.StatusNotFound)
+		return
+		// controllers.WriteSimpleResponse(w, false, err.Error())
+	}
+
+	if _, err := w.Write([]byte(object)); err != nil {
+		log.Errorln(err)
+	}
+}
+
+func getInitialOutboxHandler(r *http.Request) (vocab.ActivityStreamsOrderedCollection, error) {
+	collection := streams.NewActivityStreamsOrderedCollection()
+
+	idProperty := streams.NewJSONLDIdProperty()
+	id, err := createPageURL(r, nil)
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to create followers page property")
+	}
+	idProperty.SetIRI(id)
+	collection.SetJSONLDId(idProperty)
+
+	totalPosts, err := persistence.GetOutboxPostCount()
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to get outbox post count")
+	}
+	totalItemsProperty := streams.NewActivityStreamsTotalItemsProperty()
+	totalItemsProperty.Set(int(totalPosts))
+	collection.SetActivityStreamsTotalItems(totalItemsProperty)
+
+	first := streams.NewActivityStreamsFirstProperty()
+	page := "1"
+	firstIRI, err := createPageURL(r, &page)
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to create first page property")
+	}
+
+	first.SetIRI(firstIRI)
+	collection.SetActivityStreamsFirst(first)
+
+	return collection, nil
+}
+
+func getOutboxPage(page string, r *http.Request) (vocab.ActivityStreamsOrderedCollectionPage, error) {
+	pageInt, err := strconv.Atoi(page)
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to parse page number")
+	}
+
+	postCount, err := persistence.GetOutboxPostCount()
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to get outbox post count")
+	}
+
+	collectionPage := streams.NewActivityStreamsOrderedCollectionPage()
+	idProperty := streams.NewJSONLDIdProperty()
+	id, err := createPageURL(r, &page)
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to create followers page ID")
+	}
+	idProperty.SetIRI(id)
+	collectionPage.SetJSONLDId(idProperty)
+
+	orderedItems := streams.NewActivityStreamsOrderedItemsProperty()
+
+	outboxItems, err := persistence.GetOutbox(outboxPageSize, (pageInt-1)*outboxPageSize)
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to get federation followers")
+	}
+	orderedItems.AppendActivityStreamsOrderedCollection(outboxItems)
+	collectionPage.SetActivityStreamsOrderedItems(orderedItems)
+
+	partOf := streams.NewActivityStreamsPartOfProperty()
+	partOfIRI, err := createPageURL(r, nil)
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to create partOf property for outbox page")
+	}
+
+	partOf.SetIRI(partOfIRI)
+	collectionPage.SetActivityStreamsPartOf(partOf)
+
+	if pageInt*followersPageSize < int(postCount) {
+		next := streams.NewActivityStreamsNextProperty()
+		nextPage := fmt.Sprintf("%d", pageInt+1)
+		nextIRI, err := createPageURL(r, &nextPage)
+		if err != nil {
+			return nil, errors.Wrap(err, "unable to create next page property")
+		}
+
+		next.SetIRI(nextIRI)
+		collectionPage.SetActivityStreamsNext(next)
+	}
+
+	return collectionPage, nil
+}
--- a/activitypub/controllers/webfinger.go
+++ b/activitypub/controllers/webfinger.go
@@ -0,0 +1,60 @@
+package controllers
+
+import (
+	"encoding/json"
+	"net/http"
+	"strings"
+
+	"github.com/owncast/owncast/activitypub/apmodels"
+	"github.com/owncast/owncast/core/data"
+	"github.com/owncast/owncast/utils"
+	log "github.com/sirupsen/logrus"
+)
+
+// WebfingerHandler will handle webfinger lookup requests.
+func WebfingerHandler(w http.ResponseWriter, r *http.Request) {
+	if !data.GetFederationEnabled() {
+		w.WriteHeader(http.StatusMethodNotAllowed)
+		return
+	}
+
+	resource := r.URL.Query().Get("resource")
+	resourceComponents := strings.Split(resource, ":")
+	account := resourceComponents[1]
+
+	userComponents := strings.Split(account, "@")
+	if len(userComponents) < 2 {
+		return
+	}
+	host := userComponents[1]
+	user := userComponents[0]
+
+	if _, valid := data.GetFederatedInboxMap()[user]; !valid {
+		// User is not valid
+		w.WriteHeader(http.StatusNotFound)
+		log.Println("Webfinger request rejected")
+		return
+	}
+
+	// If the webfinger request doesn't match our server then it
+	// should be rejected.
+	instanceHostString := data.GetServerURL()
+	if instanceHostString == "" {
+		w.WriteHeader(http.StatusNotImplemented)
+		return
+	}
+
+	instanceHostString = utils.GetHostnameFromURLString(instanceHostString)
+	if instanceHostString == "" || instanceHostString != host {
+		w.WriteHeader(http.StatusNotImplemented)
+		return
+	}
+
+	webfingerResponse := apmodels.MakeWebfingerResponse(user, user, host)
+
+	w.Header().Set("Content-Type", "application/jrd+json")
+
+	if err := json.NewEncoder(w).Encode(webfingerResponse); err != nil {
+		log.Errorln("unable to write webfinger response", err)
+	}
+}