fedify icon indicating copy to clipboard operation
fedify copied to clipboard
Published 5 days ago verified publisher icon fedify-dev

Add `-A`/`--authorized-fetch` option to `fedify inbox` command

Open dahlia opened this issue 7 months ago • 8 comments

Description

Add an option to make the ephemeral ActivityPub server created by fedify inbox run in AUTHORIZED_FETCH mode, where HTTP Signatures are required for all incoming requests.

Implementation details

  • Add -A/--authorized-fetch flag to the fedify inbox command
  • When enabled, verify HTTP Signatures on all incoming requests
  • Return 401 Unauthorized responses for requests without valid signatures
  • Log signature verification failures with details for debugging
  • Update help text and documentation to explain the option

Benefits

This feature will help developers:

  • Test HTTP Signatures implementation in a controlled environment
  • Debug issues related to authorized fetch requirements
  • Verify server's ability to handle secured federation connections
  • Simulate behavior of instances like Mastodon that enforce HTTP Signatures

dahlia avatar May 09 '25 05:05 dahlia

I'd like to work on this issue.

w8385 avatar Jul 29 '25 10:07 w8385

@w8385 Assigned it to you!

dahlia avatar Jul 29 '25 14:07 dahlia

Hi @w8385! It's been about two months since you took on this issue. I was wondering how the implementation of the -A/--authorized-fetch option for the fedify inbox command is going?

This seems like a relatively straightforward CLI enhancement. If you've started working on it or have any code ready, feel free to open a draft PR and I can help with feedback! If you're stuck on anything or need clarification about the implementation, please let me know. 😊

dahlia avatar Sep 20 '25 05:09 dahlia

I’m sorry for the delay. I’ve looked into this issue occasionally, but haven’t been able to focus on it at all in the past few weeks. If you could grant me an extra week, I’ll resume working on it.

w8385 avatar Sep 21 '25 05:09 w8385

Got it!

dahlia avatar Sep 21 '25 06:09 dahlia

I've changed the milestone for this issue from Fedify 1.9 to Fedify 2.0. This is because the CLI is being rewritten in Fedify 2.0, and adding a new feature to the CLI in Fedify 1.9 would make it difficult to port. @w8385 When you work on this, please make sure to base your work on the next branch, not the main branch.

dahlia avatar Oct 06 '25 14:10 dahlia

Thanks for letting me know! I’ll make sure to base my work on the next branch as per your note.

w8385 avatar Oct 07 '25 12:10 w8385

@w8385 This issue has been assigned for over two weeks without updates. Please provide a status update, or unassign yourself if you're unable to continue working on it.

github-actions[bot] avatar Oct 22 '25 01:10 github-actions[bot]