FedBOX¶

FedBOX is a multi-user generic ActivityPub service.

It implements both the Client to Server and Server to Server APIs of the ActivityPub specification.

To provide full functionality for its users it requires at least an OAuth2 server compatible with it.

Getting the source¶

$ git clone https://github.com/go-ap/fedbox
$ cd fedbox

Compiling¶

$ make all

Compiling for a specific storage backend:

$ make STORAGE=sqlite all

Compiling for the production environment:

$ make ENV=prod all

Editing the configuration¶

$ cp .env.dist .env
$ $EDITOR .env

Bootstrapping¶

This step ensures that the storage method we’re using gets initialized.

$ ./bin/fedboxctl storage bootstrap

For some more advanced examples, see the fedboxctl page.

Implementation details¶

Authorize for C2S using OAuth2¶

FedBOX uses a simple OAuth2 login mechanism. For the moment the application developers need to ask for client credentials using the mailing list. They also need to provide the redirect URI that FedBOX returns control to their app.

• The authorize URL: https://federated.id/oauth/authorize
• The token URL is: https://federated.id/oauth/token

The client authorization should be sent as basic auth for this step.

Client to Server (#C2S)¶

I described the client to server capabilities of FedBOX in this document.

Server to Server (#S2S)¶

Currently FedBOX supports only federation with actors specifically mentioned in an Activity’s recipients list. This means that the ones that are addressed to the Activity Streams Public namespace will not be disseminated to other instances.