zelo72
/
documentation
mirror of https://github.com/mastodon/documentation
1
0
Fork 0
Code Issues 6 Releases Wiki Activity
documentation/content/en/spec/activitypub.md

12 KiB
Raw Blame History

title description menu
ActivityPub A decentralized social networking protocol based upon the ActivityStreams 2.0 data format and JSON-LD.
docs
weight parent
10 spec

{{< hint style="warning" >}} Sample payloads will be added at a future date. {{< /hint >}}

Status federation

{{< caption-link url="https://github.com/tootsuite/mastodon/blob/master/app/lib/activitypub/activity.rb" caption="app/lib/activitypub/activity.rb" >}}

Supported activities for statuses

  • Create = transformed into a status and saved into database
  • Delete = removes a status from the database
  • Like = transformed into a favourite on a status
  • Announce = transformed into a boost on a status
  • Flag = transformed into a report to the moderation team.
  • Update = only supported on polls. Used to refresh vote count.
  • Undo = undo a previous Like or Announce.

Payloads

The first-class Object types supported by Mastodon are Note and Question.

  • Notes are transformed into regular statuses.
  • Questions are transformed into a poll status.

Some other Object types are converted as best as possible. The transformer uses content if available, or name if not, in order to generate status text. The url will be appended. The summary property will be used as the CW text. The icon will be used as a thumbnail.

  • Article
  • Page
  • Image
  • Audio
  • Video
  • Event

Profile federation

Supported activities for profiles

  • Follow = Indicate interest in receiving status updates from a profile.
  • Accept/Reject = used to approve or deny Follow activities. Unlocked accounts will automatically reply with an Accept, while locked accounts can manually choose whether to approve or deny a follow request.
  • Add/Remove = manage pinned posts and featured collections.
  • Block = Signal to a remote server that they should hide your profile from that user. Not guaranteed.
  • Flag = report user
  • Update = refresh account details
  • Move = migrate followers from one account to another. Requires alsoKnownAs to be set in both directions.
  • Delete = remove an account from the database, as well as all of their statuses.
  • Undo = undo a previous Follow, Accept Follow, or Block.

Properties used

Property Interpretation
preferredUsername Used for Webfinger lookup. Must be unique on the domain, and must correspond to a Webfinger acct: URI.
name Used as profile display name.
summary Used as profile bio.
type Assumed to be Person. If type is Application or Service, it will be interpreted as a bot flag.
url Used as profile link.
icon Used as profile avatar.
image Used as profile header.
manuallyApprovesFollowers Will be shown as a locked account.
discoverable Will be shown in the profile directory. See Discoverability flag.
publicKey Required for signatures. See Public key.
featured Pinned posts. See Featured collection.
attachment Used for profile fields. See Profile metadata and Identity proofs.
alsoKnownAs Required for Move activity.

HTML sanitization

{{< caption-link url="https://github.com/tootsuite/mastodon/blob/master/app/lib/sanitize_config.rb" caption="app/lib/sanitize_config.rb" >}}

Mastodon sanitizes incoming HTML in order to not break assumptions for API client developers. Supported elements include <p>, <span>, <br>, and <a>. Unsupported elements will be converted to <p>.The sanitizer will keep classes if they begin with microformats prefixes or are semantic classes:

  • h-*
  • p-*
  • u-*
  • dt-*
  • e-*
  • mention
  • hashtag
  • ellipsis
  • invisible

JSON-LD Namespacing

{{< caption-link url="https://github.com/tootsuite/mastodon/blob/master/app/lib/activitypub/adapter.rb" caption="app/lib/activitypub/adapter.rb" >}}

Mastodon extensions `toot:`

Contains definitions for Mastodon features.

  • toot:Emoji
  • toot:IdentityProof
  • toot:blurhash
  • toot:focalPoint
  • toot:featured
  • toot:discoverable
  • toot:votersCount

ActivityStreams extensions `as:`

Contains ActivityStreams extended properties that have been proposed but not officially adopted yet.

  • as:Hashtag
  • as:alsoKnownAs
  • as:manuallyApprovesFollowers
  • as:movedTo
  • as:sensitive

W3ID Security Vocabulary `sec:`

Contains properties used for HTTPS Signatures and Linked Data Signatures. Also used for identity proofs. See Security for more information.

  • sec:publicKey
  • sec:publicKeyPem
  • sec:owner
  • sec:signature
  • sec:signatureValue

W3ID Identity

Contains a collection of terms from various namespaces, used for Linked Data Signatures.

  • dc:creator
  • dc:created
  • sec:signature
  • sec:signatureValue

schema.org extensions `schema:`

Contains properties used for profile metadata.

  • schema:PropertyValue
  • schema:value

Extensions

Public key

Public keys are used for HTTPS Signatures and Linked Data Signatures. This is implemented using an extra property publicKey on actor objects. See Security for more information. Example:

{
  "@context": [
    "https://www.w3.org/ns/activitystreams",
    "https://w3id.org/security/v1"
  ],
  "id": "https://mastodon.social/users/Gargron",
  "type": "Person",
  "publicKey": {
    "id": "https://mastodon.social/users/Gargron#main-key",
    "owner": "https://mastodon.social/users/Gargron",
    "publicKeyPem": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXc4vkECU2/CeuSo1wtn\nFoim94Ne1jBMYxTZ9wm2YTdJq1oiZKif06I2fOqDzY/4q/S9uccrE9Bkajv1dnkO\nVm31QjWlhVpSKynVxEWjVBO5Ienue8gND0xvHIuXf87o61poqjEoepvsQFElA5ym\novljWGSA/jpj7ozygUZhCXtaS2W5AD5tnBQUpcO0lhItYPYTjnmzcc4y2NbJV8hz\n2s2G8qKv8fyimE23gY1XrPJg+cRF+g4PqFXujjlJ7MihD9oqtLGxbu7o1cifTn3x\nBfIdPythWu5b4cujNsB3m3awJjVmx+MHQ9SugkSIYXV0Ina77cTNS0M2PYiH1PFR\nTwIDAQAB\n-----END PUBLIC KEY-----\n"
  }
}

Featured collection

What is known in Mastodon as “pinned toots”, or statuses that are always featured at the top of peoples profiles, is implemented using an extra property featured on the actor object that points to a Collection of objects. Example:

{
  "@context": [
    "https://www.w3.org/ns/activitystreams",
    {
      "toot": "http://joinmastodon.org/ns#",
      "featured": {
        "@id": "toot:featured",
        "@type": "@id"
      }
    }
  ],

  "id": "https://example.com/@alice",
  "type": "Person",
  "featured": "https://example.com/@alice/collections/featured"
}

Custom emojis

Mastodon supports arbitrary emojis, that is, small images uploaded by admins and invokable via shortcodes. For this, an Emoji type is used. These emojis are listed in the tag property just like Mention and Hashtag objects, since they are entities that affect how the text is rendered. Example:

{
  "@context": [
    "https://www.w3.org/ns/activitystreams",
    {
      "toot": "http://joinmastodon.org/ns#",
      "Emoji": "toot:Emoji"
    }
  ],

  "id": "https://example.com/@alice/hello-world",
  "type": "Note",
  "content": "Hello world :kappa:",
  "tag": [
    {
      "id": "https://example.com/emoji/123",
      "type": "Emoji",
      "name": ":kappa:",
      "icon": {
        "type": "Image",
        "mediaType": "image/png",
        "url": "https://example.com/files/kappa.png"
      }
    }
  ]
}

Focal points

Mastodon supports setting a focal point on uploaded images, so that wherever that image is displayed, the focal point stays in view. This is implemented using an extra property focalPoint on Image objects. The property is simply an array of two floating points between -1.0 and 1.0, with 0,0 being the center of the image, the first value being x -1.0 is the left edge, +1.0 is the right edge and the second value being y -1.0 is the bottom edge, +1.0 is the top edge. See Focal points for more information. Example:

{
  "@context": [
    "https://www.w3.org/ns/activitystreams",
    {
      "toot": "http://joinmastodon.org/ns#",
      "focalPoint": {
        "@container": "@list",
        "@id": "toot:focalPoint"
      }
    }
  ],

  "id": "https://example.com/@alice/hello-world",
  "type": "Note",
  "content": "A picture attached!",
  "attachment": [
    {
      "type": "Image",
      "mediaType": "image/png",
      "url": "https://example.com/files/cats.png",
      "focalPoint": [
        -0.55,
        0.43
      ]
    }
  ]
}

Blurhash

Mastodon generates colorful preview thumbnails for attachments. This is implemented using an extra property blurhash on Image objects. The property is a string generated by the BlurHash algorithm. Example:

{
  "@context": [
    "https://www.w3.org/ns/activitystreams",
    {
      "toot": "http://joinmastodon.org/ns#",
      "blurhash": "toot:blurhash"
    }
  ],

  "id": "https://example.com/@alice/hello-world",
  "type": "Note",
  "content": "A picture attached!",
  "attachment": [
    {
      "type": "Image",
      "mediaType": "image/png",
      "url": "https://example.com/files/cats.png",
      "blurhash": "UBL_:rOpGG-oBUNG,qRj2so|=eE1w^n4S5NH"
    }
  ]
}

Profile metadata

Mastodon supports arbitrary profile fields containing name-value pairs. This is implemented using the attachment property on actor objects, with objects in the array having a type of PropertyValue and a value property, both from the schema.org namespace. Example:

{
  "@context": [
    "https://www.w3.org/ns/activitystreams",
    {
      "PropertyValue": "schema:PropertyValue",
      "value": "schema:value"
    }
  ],
  "id": "https://mastodon.social/users/Gargron",
  "type": "Person",
  "attachment": [
    {
      "type": "PropertyValue",
      "name": "Patreon",
      "value": "<a href=\"https://www.patreon.com/mastodon\" rel=\"me nofollow noopener noreferrer\" target=\"_blank\"><span class=\"invisible\">https://www.</span><span class=\"\">patreon.com/mastodon</span><span class=\"invisible\"></span}"
    },
    {
      "type": "PropertyValue",
      "name": "Homepage",
      "value": "<a href=\"https://zeonfederated.com\" rel=\"me nofollow noopener noreferrer\" target=\"_blank\"><span class=\"invisible\">https://</span><span class=\"\">zeonfederated.com</span><span class=\"invisible\"></span}"
    }
  ]
}

Identity proofs

Mastodon supports integration with identity providers to prove that a profile is linked to a certain identity. This is implemented using the attachment property on actor objects, with objects in the array having a type of IdentityProof from the Mastodon namespace. The object also includes signatureAlgorithm and signatureValue from the W3ID Security Vocabulary namespace. Example:

{
  "@context": [
    "https://www.w3.org/ns/activitystreams",
    "https://w3id.org/security/v1",
    {
      "toot": "http://joinmastodon.org/ns#",
      "IdentityProof": "toot:IdentityProof"
    }
  ],
  "id": "https://mastodon.social/users/Gargron",
  "type": "Person",
  "attachment": [
    {
      "type": "IdentityProof",
      "name": "gargron",
      "signatureAlgorithm": "keybase",
      "signatureValue": "5cfc20c7018f2beefb42a68836da59a792e55daa4d118498c9b1898de7e845690f"
    }
  ]
}

Discoverability flag

Mastodon allows users to opt-in or opt-out of discoverability features like the profile directory. This flag may also be used as an indicator of the user's preferences toward being included in external discovery services, such as search engines or other indexing tools. If you are implementing such a tool, it is recommended that you respect this property if it is present. This is implemented using an extra property discoverable on objects. Example:

{
  "@context": [
    "https://www.w3.org/ns/activitystreams",
    {
      "toot": "http://joinmastodon.org/ns#",
      "discoverable": "toot:discoverable"
    }
  ],
  "id": "https://mastodon.social/users/Gargron",
  "type": "Person",
  "discoverable": true
}