My friend is working on adding ActivityPub support to his blog platform (BDServer) so people can follow/comment from Mastodon, Lemmy, etc.

Current status: Lemmy and Misskey can find and follow his account (@[email protected]), but Mastodon can’t find it at all, even though he sees proper ActivityPub requests hitting his server.

The technical details are pretty gnarly - RSA signature verification, HTTP header recreation, multi-threading issues. He wrote up the full journey here: Please Help Me With Activity Pub

If anyone has ActivityPub experience or wants to take a look at the code (Python), we have a Matrix room for BDServer development. Any insights on why different platforms behave differently would be super helpful.

https://matrix.to/#/#bdserver:tchncs.de

Source code: ActivityPub.py

  • irelephant [he/him]@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    21 hours ago

    I just took another look at it,

    Comparing it to another random note, the to and cc fields are supposed to be arrays, rather than just a string.

    Its also missing a url field, which is supposed to link to the user-facing url of the post.

    cc: @[email protected]

    • Blender Dumbass@lm.madiator.cloud
      link
      fedilink
      English
      arrow-up
      0
      ·
      6 days ago

      Seems like somebody mentioned the account on the fediverse that started a chain reaction of various instances requesting a bunch of stuff. Which made it to Mastodon.social too. It still doesn’t work though.

      The server is written in python and the idea is to make it deploy-able without needing to install anything extra. So I’m trying to implement my own activity pub.

  • flamingos-cant@feddit.uk
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    6 days ago

    I’m not the most knowledgeable about Mastodon’s APub implementation, but having a look at the Actor of that profile, it might be because it’s invalid JSON-LD. Now, Mastodon doesn’t actually do proper JSON-LD checks, you can follow PieFed profiles from Mastodon and they don’t produce proper JSON-LD, but they do include "https://w3id.org/security/v1" in their @context, and doing a code search of Mastodon’s source code does show some checks for if that’s included.

    Lemmy’s I am familiar with and irrc it doesn’t even check if @context is present.