Add verify methods back in, some more fixes

2023-03-09 21:43:32 +01:00
62 changed files with 2444 additions and 5944 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -0,0 +1,63 @@
 ---
 kind: pipeline
 name: amd64
 platform:
  os: linux
  arch: amd64
 steps:
  - name: cargo fmt
    image: rustdocker/rust:nightly
    commands:
      - /root/.cargo/bin/cargo fmt -- --check
  - name: cargo check
    image: rust:1.65-bullseye
    environment:
      CARGO_HOME: .cargo
    commands:
      - cargo check --all-features --all-targets
  - name: cargo clippy
    image: rust:1.65-bullseye
    environment:
      CARGO_HOME: .cargo
    commands:
      - rustup component add clippy
      - cargo clippy --all-targets --all-features --
        -D warnings -D deprecated -D clippy::perf -D clippy::complexity
        -D clippy::dbg_macro -D clippy::inefficient_to_string
        -D clippy::items-after-statements -D clippy::implicit_clone
        -D clippy::wildcard_imports -D clippy::cast_lossless
        -D clippy::manual_string_new -D clippy::redundant_closure_for_method_calls
      - cargo clippy --all-features -- -D clippy::unwrap_used
  - name: cargo test
    image: rust:1.65-bullseye
    environment:
      CARGO_HOME: .cargo
    commands:
      - cargo test --all-features --no-fail-fast
  - name: cargo doc
    image: rust:1.65-bullseye
    environment:
      CARGO_HOME: .cargo
    commands:
      - cargo doc --all-features
  - name: cargo run actix example
    image: rust:1.65-bullseye
    environment:
      CARGO_HOME: .cargo
    commands:
      - cargo run --example local_federation actix-web
  - name: cargo run axum example
    image: rust:1.65-bullseye
    environment:
      CARGO_HOME: .cargo
    commands:
      - cargo run --example local_federation axum
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@ -1 +0,0 @@
 * @Nutomic @dessalines
--- a/.gitignore
+++ b/.gitignore
@ -1,12 +1,2 @@
 /target
 /.idea
 perf.data*
 flamegraph.svg
 # direnv
 /.direnv
 /.envrc
 # nix flake
 /flake.nix
 /flake.lock
--- a/.rustfmt.toml
+++ b/.rustfmt.toml
@ -1,4 +1,4 @@
-edition = "2021"
+edition="2021"
-imports_layout = "HorizontalVertical"
+imports_layout="HorizontalVertical"
-imports_granularity = "Crate"
+imports_granularity="Crate"
-reorder_imports = true
+reorder_imports=true
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@ -1,56 +0,0 @@
 variables:
  - &rust_image "rust:1.91-bullseye"
 steps:
  cargo_fmt:
    image: rustdocker/rust:nightly
    commands:
      - /root/.cargo/bin/cargo fmt -- --check
    when:
      - event: pull_request
  cargo_clippy:
    image: *rust_image
    environment:
      CARGO_HOME: .cargo
    commands:
      - rustup component add clippy
      - cargo clippy --all-targets --all-features
    when:
      - event: pull_request
  cargo_test:
    image: *rust_image
    environment:
      CARGO_HOME: .cargo
    commands:
      - cargo test --all-features --no-fail-fast
    when:
      - event: pull_request
  cargo_doc:
    image: *rust_image
    environment:
      CARGO_HOME: .cargo
    commands:
      - cargo doc --all-features
    when:
      - event: pull_request
  cargo_run_actix_example:
    image: *rust_image
    environment:
      CARGO_HOME: .cargo
    commands:
      - cargo run --example local_federation actix-web
    when:
      - event: pull_request
  cargo_run_axum_example:
    image: *rust_image
    environment:
      CARGO_HOME: .cargo
    commands:
      - cargo run --example local_federation axum
    when:
      - event: pull_request
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/Cargo.toml
+++ b/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "activitypub_federation"
-version = "0.7.0-beta.11"
+version = "0.4.0-rc2"
 edition = "2021"
 description = "High-level Activitypub framework"
 keywords = ["activitypub", "activitystreams", "federation", "fediverse"]
@ -8,91 +8,57 @@ license = "AGPL-3.0"
 repository = "https://github.com/LemmyNet/activitypub-federation-rust"
 documentation = "https://docs.rs/activitypub_federation/"
 [features]
 default = ["actix-web", "axum"]
 actix-web = ["dep:actix-web", "dep:http02"]
 axum = ["dep:axum", "dep:tower"]
 axum-original-uri = ["dep:axum", "axum/original-uri"]
 [lints.clippy]
 perf = { level = "deny", priority = -1 }
 complexity = { level = "deny", priority = -1 }
 dbg_macro = "deny"
 inefficient_to_string = "deny"
 items-after-statements = "deny"
 implicit_clone = "deny"
 wildcard_imports = "deny"
 cast_lossless = "deny"
 manual_string_new = "deny"
 redundant_closure_for_method_calls = "deny"
 unwrap_used = "deny"
 [dependencies]
-chrono = { version = "0.4.42", features = ["clock"], default-features = false }
+chrono = { version = "0.4.23", features = ["clock"], default-features = false }
-serde = { version = "1.0.228", features = ["derive"] }
+serde = { version = "1.0.147", features = ["derive"] }
-async-trait = "0.1.89"
+async-trait = "0.1.58"
-url = { version = "2.5.8", features = ["serde"] }
+url = { version = "2.3.1", features = ["serde"] }
-serde_json = { version = "1.0.149", features = ["preserve_order"] }
+serde_json = { version = "1.0.87", features = ["preserve_order"] }
-reqwest = { version = "0.13.1", default-features = false, features = [
+anyhow = "1.0.66"
-  "json",
+reqwest = { version = "0.11.12", features = ["json", "stream"] }
-  "stream",
+reqwest-middleware = "0.2.0"
-] }
+tracing = "0.1.37"
-reqwest-middleware = "0.5.0"
+base64 = "0.13.1"
-tracing = "0.1.44"
+openssl = "0.10.42"
-base64 = "0.22.1"
+once_cell = "1.16.0"
-rand = "0.8.5"
+http = "0.2.8"
-rsa = "0.9.10"
+sha2 = "0.10.6"
-http = "1.4.0"
+background-jobs = "0.13.0"
-sha2 = { version = "0.10.9", features = ["oid"] }
+thiserror = "1.0.37"
-thiserror = "2.0.17"
+derive_builder = "0.12.0"
-derive_builder = "0.20.2"
+itertools = "0.10.5"
-itertools = "0.14.0"
+dyn-clone = "1.0.9"
 dyn-clone = "1.0.20"
 enum_delegate = "0.2.0"
-httpdate = "1.0.3"
+httpdate = "1.0.2"
-http-signature-normalization-reqwest = { version = "0.14.0", default-features = false, features = [
+http-signature-normalization-reqwest = { version = "0.7.1", default-features = false, features = ["sha-2", "middleware"] }
-  "sha-2",
+http-signature-normalization = "0.6.0"
-  "middleware",
+actix-rt = "2.7.0"
-  "default-spawner",
+bytes = "1.3.0"
-] }
+futures-core = { version = "0.3.25", default-features = false }
-http-signature-normalization = "0.7.0"
+pin-project-lite = "0.2.9"
-bytes = "1.11.0"
+activitystreams-kinds = "0.2.1"
-futures-core = { version = "0.3.31", default-features = false }
+regex = { version = "1.7.1", default-features = false, features = ["std"] }
 pin-project-lite = "0.2.16"
 activitystreams-kinds = "0.3.0"
 regex = { version = "1.12.2", default-features = false, features = [
  "std",
  "unicode",
 ] }
 tokio = { version = "1.49.0", features = [
  "sync",
  "rt",
  "rt-multi-thread",
  "time",
 ] }
 futures = "0.3.31"
 moka = { version = "0.12.12", features = ["future"] }
 either = "1.15.0"
 # Actix-web
-actix-web = { version = "4.12.1", default-features = false, optional = true }
+actix-web = { version = "4.2.1", default-features = false, optional = true }
 http02 = { package = "http", version = "0.2.12", optional = true }
 # Axum
-axum = { version = "0.8.8", features = [
+axum = { version = "0.6.0", features = ["json", "headers"], default-features = false, optional = true }
-  "json",
+tower = { version = "0.4.13", optional = true }
-], default-features = false, optional = true }
+hyper = { version = "0.14", optional = true }
-tower = { version = "0.5.2", optional = true }
+displaydoc = "0.2.3"
 [features]
 default = ["actix-web", "axum"]
 actix-web = ["dep:actix-web"]
 axum = ["dep:axum", "dep:tower", "dep:hyper"]
 [dev-dependencies]
-anyhow = "1.0.100"
+rand = "0.8.5"
-axum = { version = "0.8.8", features = ["macros"] }
+env_logger = "0.9.3"
-axum-extra = { version = "0.12.5", features = ["typed-header"] }
+tower-http = { version = "0.3", features = ["map-request-body", "util"] }
-env_logger = "0.11.8"
+axum = { version = "0.6.0", features = ["http1", "tokio", "query"], default-features = false }
-tokio = { version = "1.49.0", features = ["full"] }
+axum-macros = "0.3.4"
 reqwest = { version = "0.13.1",features = [
  "rustls"
 ] }
 [profile.dev]
 strip = "symbols"
@ -105,8 +71,3 @@ path = "examples/local_federation/main.rs"
 [[example]]
 name = "live_federation"
 path = "examples/live_federation/main.rs"
 # Speedup RSA key generation
 # https://github.com/RustCrypto/RSA/blob/master/README.md#example
 [profile.dev.package.num-bigint-dig]
 opt-level = 3
--- a/README.md
+++ b/README.md
@ -2,7 +2,7 @@ Activitypub-Federation
 ===
 [![Crates.io](https://img.shields.io/crates/v/activitypub-federation.svg)](https://crates.io/crates/activitypub-federation)
 [![Documentation](https://shields.io/docsrs/activitypub_federation)](https://docs.rs/activitypub-federation/)
-[![Build Status](https://woodpecker.join-lemmy.org/api/badges/LemmyNet/activitypub-federation-rust/status.svg)](https://drone.join-lemmy.org/LemmyNet/activitypub-federation-rust)
+[![Build Status](https://drone.join-lemmy.org/api/badges/LemmyNet/activitypub-federation-rust/status.svg)](https://drone.join-lemmy.org/LemmyNet/activitypub-federation-rust)
 <!-- be sure to keep this file in sync with docs/01_intro.md -->
@ -10,7 +10,7 @@ A high-level framework for [ActivityPub](https://www.w3.org/TR/activitypub/) fed
 The ActivityPub protocol is a decentralized social networking protocol. It allows web servers to exchange data using JSON over HTTP. Data can be fetched on demand, and also delivered directly to inboxes for live updates.
-Activitypub has the potential to form the basis of the next generation of social media. This is because it has a number of major advantages compared to existing platforms and alternative technologies:
+While Activitypub is not in widespread use yet, is has the potential to form the basis of the next generation of social media. This is because it has a number of major advantages compared to existing platforms and alternative technologies:
 - **Interoperability**: Imagine being able to comment under a Youtube video directly from twitter.com, and having the comment shown under the video on youtube.com. Or following a Subreddit from Facebook. Such functionality is already available on the equivalent Fediverse platforms, thanks to common usage of Activitypub.
 - **Ease of use**: From a user perspective, decentralized social media works almost identically to existing websites: a website with email and password based login. Unlike pure peer-to-peer networks, it is not necessary to handle private keys or install any local software.
@ -18,7 +18,7 @@ Activitypub has the potential to form the basis of the next generation of social
 - **Censorship resistance**: Current social media platforms are under the control of a few corporations and are actively being censored as revealed by the [Twitter Files](https://jordansather.substack.com/p/running-list-of-all-twitter-files). This would be much more difficult on a federated network, as it would require the cooperation of every single instance administrator. Additionally, users who are affected by censorship can create their own websites and stay connected with the network.
 - **Low barrier to entry**: All it takes to host a federated website are a small server, a domain and a TLS certificate. All of this is easily in the reach of individual hobbyists. There is also some technical knowledge needed, but this can be avoided with managed hosting platforms.
-[Visit the documentation](https://docs.rs/activitypub_federation) for a full guide that explains how to create a federated project from scratch.
+[Visit the documentation](https://docs.rs/activitypub_federation/0.3.5/activitypub_federation/) for a full guide that explains how to create a federated project from scratch.
 Feel free to open an issue if you have any questions regarding this crate. You can also join the Matrix channel [#activitystreams](https://matrix.to/#/%23activitystreams:matrix.asonix.dog) for discussion about Activitypub in Rust. Additionally check out [Socialhub forum](https://socialhub.activitypub.rocks/) for general ActivityPub development.
--- a/docs/02_overview.md
+++ b/docs/02_overview.md
@ -10,12 +10,3 @@ There are two examples included to see how the library altogether:
 - `live_federation`: A minimal application which can be deployed on a server and federate with other platforms such as Mastodon. For this it needs run at the root of a (sub)domain which is available over HTTPS. Edit `main.rs` to configure the server domain and your Fediverse handle. Once started, it will automatically send a message to you and log any incoming messages.
 To see how this library is used in production, have a look at the [Lemmy federation code](https://github.com/LemmyNet/lemmy/tree/main/crates/apub).
 ### Security
 This framework does not inherently perform data sanitization upon receiving federated activity data. 
 Please, never place implicit trust in the security of data received from the Fediverse. Always keep in mind that malicious entities can be easily created through anonymous fediverse handles.
 When implementing our crate in your application, ensure to incorporate data sanitization and validation measures before storing the received data in your database and using it in your user interface. This would significantly reduce the risk of malicious data or actions affecting your application's security and performance.
 This framework is designed to simplify your development process, but it's your responsibility to ensure the security of your application. Always follow best practices for data handling, sanitization, and security. 
--- a/docs/03_federating_users.md
+++ b/docs/03_federating_users.md
@ -65,7 +65,7 @@ Besides we also need a second struct to represent the data which gets stored in
 ```rust
 # use url::Url;
-# use chrono::{DateTime, Utc};
+# use chrono::NaiveDateTime;
 pub struct DbUser {
    pub id: i32,
@ -73,18 +73,18 @@ pub struct DbUser {
    pub display_name: String,
    pub password_hash: Option<String>,
    pub email: Option<String>,
-    pub federation_id: Url,
+    pub apub_id: Url,
    pub inbox: Url,
    pub outbox: Url,
    pub local: bool,
    pub public_key: String,
    pub private_key: Option<String>,
-    pub last_refreshed_at: DateTime<Utc>,
+    pub last_refreshed_at: NaiveDateTime,
 }
 ```
-Field names and other details of this type can be chosen freely according to your requirements. It only matters that the required data is being stored. Its important that this struct doesn't represent only local users who registered directly on our website, but also remote users that are registered on other instances and federated to us. The `local` column helps to easily distinguish both. It can also be distinguished from the domain of the `federation_id` URL, but that would be a much more expensive operation. All users have a `public_key`, but only local users have a `private_key`. On the other hand, `password_hash` and `email` are only present for local users. inbox` and `outbox` URLs need to be stored because each implementation is free to choose its own format for them, so they can't be regenerated on the fly.
+Field names and other details of this type can be chosen freely according to your requirements. It only matters that the required data is being stored. Its important that this struct doesn't represent only local users who registered directly on our website, but also remote users that are registered on other instances and federated to us. The `local` column helps to easily distinguish both. It can also be distinguished from the domain of the `apub_id` URL, but that would be a much more expensive operation. All users have a `public_key`, but only local users have a `private_key`. On the other hand, `password_hash` and `email` are only present for local users. inbox` and `outbox` URLs need to be stored because each implementation is free to choose its own format for them, so they can't be regenerated on the fly.
-In larger projects it makes sense to split this data in two. One for data relevant to local users (`password_hash`, `email` etc.) and one for data that is shared by both local and federated users (`federation_id`, `public_key` etc).
+In larger projects it makes sense to split this data in two. One for data relevant to local users (`password_hash`, `email` etc.) and one for data that is shared by both local and federated users (`apub_id`, `public_key` etc).
-Finally we need to implement the traits [Object](crate::traits::Object) and [Actor](crate::traits::Actor) for `DbUser`. These traits are used to convert between `Person` and `DbUser` types. [Object::from_json](crate::traits::Object::from_json) must store the received object in database, so that it can later be retrieved without network calls using [Object::read_from_id](crate::traits::Object::read_from_id). Refer to the documentation for more details.
+Finally we need to implement the traits [ApubObject](crate::traits::ApubObject) and [Actor](crate::traits::Actor) for `DbUser`. These traits are used to convert between `Person` and `DbUser` types. [ApubObject::from_apub](crate::traits::ApubObject::from_apub) must store the received object in database, so that it can later be retrieved without network calls using [ApubObject::read_from_apub_id](crate::traits::ApubObject::read_from_apub_id). Refer to the documentation for more details.
--- a/docs/04_federating_posts.md
+++ b/docs/04_federating_posts.md
@ -25,4 +25,4 @@ The most important fields are:
 - `attributedTo`: ID of the user who created this post
 - `to`, `cc`: Who the object is for. The special "public" URL indicates that everyone can view it.  It also gets delivered to followers of the LemmyDev account.
-Just like for `Person` before, we need to implement a protocol type and a database type, then implement trait `Object`. See the example for details.
+Just like for `Person` before, we need to implement a protocol type and a database type, then implement trait `ApubObject`. See the example for details.
--- a/docs/05_configuration.md
+++ b/docs/05_configuration.md
@ -5,13 +5,12 @@ Next we need to do some configuration. Most importantly we need to specify the d
 ```
 # use activitypub_federation::config::FederationConfig;
 # let db_connection = ();
-# tokio::runtime::Runtime::new().unwrap().block_on(async {
+# let _ = actix_rt::System::new();
 let config = FederationConfig::builder()
    .domain("example.com")
    .app_data(db_connection)
-    .build().await?;
+    .build()?;
 # Ok::<(), anyhow::Error>(())
 # }).unwrap()
 ```
-`debug` is necessary to test federation with http and localhost URLs, but it should never be used in production. `url_verifier` can be used to implement a domain blacklist.
+`debug` is necessary to test federation with http and localhost URLs, but it should never be used in production. The `worker_count` value can be adjusted depending on the instance size. A lower value saves resources on a small instance, while a higher value is necessary on larger instances to keep up with send jobs. `url_verifier` can be used to implement a domain blacklist.
--- a/docs/06_http_endpoints_axum.md
+++ b/docs/06_http_endpoints_axum.md
@ -6,50 +6,51 @@ The next step is to allow other servers to fetch our actors and objects. For thi
 # use std::net::SocketAddr;
 # use activitypub_federation::config::FederationConfig;
 # use activitypub_federation::protocol::context::WithContext;
-# use activitypub_federation::axum::json::FederationJson;
+# use activitypub_federation::axum::json::ApubJson;
 # use anyhow::Error;
 # use activitypub_federation::traits::tests::Person;
-# use activitypub_federation::config::Data;
+# use activitypub_federation::config::RequestData;
 # use activitypub_federation::traits::tests::DbConnection;
 # use axum::extract::Path;
-# use activitypub_federation::config::FederationMiddleware;
+# use activitypub_federation::config::ApubMiddleware;
 # use axum::routing::get;
-# use crate::activitypub_federation::traits::Object;
+# use crate::activitypub_federation::traits::ApubObject;
-# use axum_extra::headers::ContentType;
+# use axum::headers::ContentType;
-# use activitypub_federation::FEDERATION_CONTENT_TYPE;
+# use activitypub_federation::APUB_JSON_CONTENT_TYPE;
-# use axum_extra::TypedHeader;
+# use axum::TypedHeader;
 # use axum::response::IntoResponse;
 # use http::HeaderMap;
-# async fn generate_user_html(_: String, _: Data<DbConnection>) -> axum::response::Response { todo!() }
+# async fn generate_user_html(_: String, _: RequestData<DbConnection>) -> axum::response::Response { todo!() }
-#[tokio::main]
+#[actix_rt::main]
 async fn main() -> Result<(), Error> {
    let data = FederationConfig::builder()
        .domain("example.com")
        .app_data(DbConnection)
-        .build().await?;
+        .build()?;
    let app = axum::Router::new()
        .route("/user/:name", get(http_get_user))
-        .layer(FederationMiddleware::new(data));
+        .layer(ApubMiddleware::new(data));
    let addr = SocketAddr::from(([127, 0, 0, 1], 3000));
    let listener = tokio::net::TcpListener::bind(addr).await?;
    tracing::debug!("listening on {}", addr);
-    axum::serve(listener, app.into_make_service()).await?;
+    axum::Server::bind(&addr)
        .serve(app.into_make_service())
        .await?;
    Ok(())
 }
 async fn http_get_user(
    header_map: HeaderMap,
    Path(name): Path<String>,
-    data: Data<DbConnection>,
+    data: RequestData<DbConnection>,
 ) -> impl IntoResponse {
    let accept = header_map.get("accept").map(|v| v.to_str().unwrap());
-    if accept == Some(FEDERATION_CONTENT_TYPE) {
+    if accept == Some(APUB_JSON_CONTENT_TYPE) {
-        let db_user = data.read_local_user(&name).await.unwrap();
+        let db_user = data.read_local_user(name).await.unwrap();
-        let json_user = db_user.into_json(&data).await.unwrap();
+        let apub_user = db_user.into_apub(&data).await.unwrap();
-        FederationJson(WithContext::new_default(json_user)).into_response()
+        ApubJson(WithContext::new_default(apub_user)).into_response()
    }
    else {
        generate_user_html(name, data).await
@ -59,7 +60,7 @@ async fn http_get_user(
 There are a couple of things going on here. Like before we are constructing the federation config with our domain and application data. We pass this to a middleware to make it available in request handlers, then listening on a port with the axum webserver.
-The `http_get_user` method allows retrieving a user profile from `/user/:name`. It checks the `accept` header, and compares it to the one used by Activitypub (`application/activity+json`). If it matches, the user is read from database and converted to Activitypub json format. The `context` field is added (`WithContext` for `json-ld` compliance), and it is converted to a JSON response with header `content-type: application/activity+json` using `FederationJson`. It can now be retrieved with the command `curl -H 'Accept: application/activity+json' ...` introduced earlier, or with `ObjectId`.
+The `http_get_user` method allows retrieving a user profile from `/user/:name`. It checks the `accept` header, and compares it to the one used by Activitypub (`application/activity+json`). If it matches, the user is read from database and converted to Activitypub json format. The `context` field is added (`WithContext` for `json-ld` compliance), and it is converted to a JSON response with header `content-type: application/activity+json` using `ApubJson`. It can now be retrieved with the command `curl -H 'Accept: application/activity+json' ...` introduced earlier, or with `ObjectId`.
 If the `accept` header doesn't match, it renders the user profile as HTML for viewing in a web browser.
@ -70,7 +71,7 @@ To do this we can implement the following HTTP handler which must be bound to pa
 ```rust
 # use serde::Deserialize;
 # use axum::{extract::Query, Json};
-# use activitypub_federation::config::Data;
+# use activitypub_federation::config::RequestData;
 # use activitypub_federation::fetch::webfinger::Webfinger;
 # use anyhow::Error;
 # use activitypub_federation::traits::tests::DbConnection;
@ -84,10 +85,10 @@ struct WebfingerQuery {
 async fn webfinger(
    Query(query): Query<WebfingerQuery>,
-    data: Data<DbConnection>,
+    data: RequestData<DbConnection>,
 ) -> Result<Json<Webfinger>, Error> {
    let name = extract_webfinger_name(&query.resource, &data)?;
    let db_user = data.read_local_user(name).await?;
-    Ok(Json(build_webfinger_response(query.resource, db_user.federation_id)))
+    Ok(Json(build_webfinger_response(query.resource, db_user.apub_id)))
 }
 ```
--- a/docs/07_fetching_data.md
+++ b/docs/07_fetching_data.md
@ -7,20 +7,21 @@ After setting up our structs, implementing traits and initializing configuration
 # use activitypub_federation::traits::tests::DbUser;
 # use activitypub_federation::config::FederationConfig;
 # let db_connection = activitypub_federation::traits::tests::DbConnection;
-# tokio::runtime::Runtime::new().unwrap().block_on(async {
+# let _ = actix_rt::System::new();
 # actix_rt::Runtime::new().unwrap().block_on(async {
 let config = FederationConfig::builder()
    .domain("example.com")
    .app_data(db_connection)
-    .build().await?;
+    .build()?;
-let user_id = ObjectId::<DbUser>::parse("https://mastodon.social/@LemmyDev")?;
+let user_id = ObjectId::<DbUser>::new("https://mastodon.social/@LemmyDev")?;
 let data = config.to_request_data();
 let user = user_id.dereference(&data).await;
 assert!(user.is_ok());
 # Ok::<(), anyhow::Error>(())
-# }).unwrap()
+}).unwrap()
 ```
-`dereference` retrieves the object JSON at the given URL, and uses serde to convert it to `Person`. It then calls your method `Object::from_json` which inserts it in the database and returns a `DbUser` struct. `request_data` contains the federation config as well as a counter of outgoing HTTP requests. If this counter exceeds the configured maximum, further requests are aborted in order to avoid recursive fetching which could allow for a denial of service attack.
+`dereference` retrieves the object JSON at the given URL, and uses serde to convert it to `Person`. It then calls your method `ApubObject::from_apub` which inserts it in the database and returns a `DbUser` struct. `request_data` contains the federation config as well as a counter of outgoing HTTP requests. If this counter exceeds the configured maximum, further requests are aborted in order to avoid recursive fetching which could allow for a denial of service attack.
 After dereferencing a remote object, it is stored in the local database and can be retrieved using [ObjectId::dereference_local](crate::fetch::object_id::ObjectId::dereference_local) without any network requests. This is important for performance reasons and for searching.
@ -31,12 +32,13 @@ We can similarly dereference a user over webfinger with the following method. It
 # use activitypub_federation::fetch::webfinger::webfinger_resolve_actor;
 # use activitypub_federation::traits::tests::DbUser;
 # let db_connection = DbConnection;
-# tokio::runtime::Runtime::new().unwrap().block_on(async {
+# let _ = actix_rt::System::new();
-# let config = FederationConfig::builder().domain("example.com").app_data(db_connection).build().await?;
+# actix_rt::Runtime::new().unwrap().block_on(async {
 # let config = FederationConfig::builder().domain("example.com").app_data(db_connection).build()?;
 # let data = config.to_request_data();
-let user: DbUser = webfinger_resolve_actor("ruud@lemmy.world", &data).await?;
+let user: DbUser = webfinger_resolve_actor("nutomic@lemmy.ml", &data).await?;
 # Ok::<(), anyhow::Error>(())
 # }).unwrap();
 ```
-Note that webfinger queries don't contain a leading `@`. It is possible that there are multiple Activitypub IDs returned for a single webfinger query in case of multiple actors with the same name (for example Lemmy permits group and person with the same name). In this case `webfinger_resolve_actor` automatically loops and returns the first item which can be dereferenced successfully to the given type.
+Note that webfinger queries don't contain a leading `@`. It is possible tha there are multiple Activitypub IDs returned for a single webfinger query in case of multiple actors with the same name (for example Lemmy permits group and person with the same name). In this case `webfinger_resolve_actor` automatically loops and returns the first item which can be dereferenced successfully to the given type.
--- a/docs/08_receiving_activities.md
+++ b/docs/08_receiving_activities.md
@ -1,6 +1,6 @@
 ## Sending and receiving activities
-Activitypub propagates actions across servers using `Activities`. For this each actor has an inbox and a public/private key pair. We already defined a `Person` actor with keypair. Whats left is to define an activity. This is similar to the way we defined `Person` and `Note` structs before. In this case we need to implement the [Activity](trait@crate::traits::Activity) trait.
+Activitypub propagates actions across servers using `Activities`. For this each actor has an inbox and a public/private key pair. We already defined a `Person` actor with keypair. Whats left is to define an activity. This is similar to the way we defined `Person` and `Note` structs before. In this case we need to implement the [ActivityHandler](trait@crate::traits::ActivityHandler) trait.
 ```
 # use serde::{Deserialize, Serialize};
@ -10,8 +10,8 @@ Activitypub propagates actions across servers using `Activities`. For this each
 # use activitypub_federation::fetch::object_id::ObjectId;
 # use activitypub_federation::traits::tests::{DbConnection, DbUser};
 # use activitystreams_kinds::activity::FollowType;
-# use activitypub_federation::traits::Activity;
+# use activitypub_federation::traits::ActivityHandler;
-# use activitypub_federation::config::Data;
+# use activitypub_federation::config::RequestData;
 # async fn send_accept() -> Result<(), Error> { Ok(()) }
 #[derive(Deserialize, Serialize, Clone, Debug)]
@ -25,7 +25,7 @@ pub struct Follow {
 }
 #[async_trait]
-impl Activity for Follow {
+impl ActivityHandler for Follow {
    type DataType = DbConnection;
    type Error = Error;
@ -37,11 +37,11 @@ impl Activity for Follow {
        self.actor.inner()
    }
-    async fn verify(&self,  _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
+    async fn verify(&self,  _data: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
        Ok(())
    }
-    async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
+    async fn receive(self, data: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
        let actor = self.actor.dereference(data).await?;
        let followed = self.object.dereference(data).await?;
        data.add_follower(followed, actor).await?;
@ -57,22 +57,22 @@ Next its time to setup the actual HTTP handler for the inbox. For this we first
 ```
 # use axum::response::IntoResponse;
 # use activitypub_federation::axum::inbox::{ActivityData, receive_activity};
-# use activitypub_federation::config::Data;
+# use activitypub_federation::config::RequestData;
 # use activitypub_federation::protocol::context::WithContext;
-# use activitypub_federation::traits::Activity;
+# use activitypub_federation::traits::ActivityHandler;
 # use activitypub_federation::traits::tests::{DbConnection, DbUser, Follow};
 # use serde::{Deserialize, Serialize};
 # use url::Url;
 #[derive(Deserialize, Serialize, Debug)]
 #[serde(untagged)]
-#[enum_delegate::implement(Activity)]
+#[enum_delegate::implement(ActivityHandler)]
 pub enum PersonAcceptedActivities {
    Follow(Follow),
 }
 async fn http_post_user_inbox(
-    data: Data<DbConnection>,
+    data: RequestData<DbConnection>,
    activity_data: ActivityData,
 ) -> impl IntoResponse {
    receive_activity::<WithContext<PersonAcceptedActivities>, DbUser, DbConnection>(
--- a/docs/09_sending_activities.md
+++ b/docs/09_sending_activities.md
@ -4,72 +4,44 @@ To send an activity we need to initialize our previously defined struct, and pic
 ```
 # use activitypub_federation::config::FederationConfig;
-# use activitypub_federation::activity_queue::queue_activity;
+# use activitypub_federation::activity_queue::send_activity;
 # use activitypub_federation::http_signatures::generate_actor_keypair;
 # use activitypub_federation::traits::Actor;
 # use activitypub_federation::fetch::object_id::ObjectId;
 # use activitypub_federation::traits::tests::{DB_USER, DbConnection, Follow};
-# tokio::runtime::Runtime::new().unwrap().block_on(async {
+# let _ = actix_rt::System::new();
 # actix_rt::Runtime::new().unwrap().block_on(async {
 # let db_connection = DbConnection;
 # let config = FederationConfig::builder()
 #     .domain("example.com")
 #     .app_data(db_connection)
-#     .build().await?;
+#     .build()?;
 # let data = config.to_request_data();
 # let sender = DB_USER.clone();
 # let recipient = DB_USER.clone();
 // Each actor has a keypair. Generate it on signup and store it in the database.
 let keypair = generate_actor_keypair()?;
 let activity = Follow {
-    actor: ObjectId::parse("https://lemmy.ml/u/nutomic")?,
+    actor: ObjectId::new("https://lemmy.ml/u/nutomic")?,
-    object: recipient.federation_id.clone().into(),
+    object: recipient.apub_id.clone().into(),
    kind: Default::default(),
    id: "https://lemmy.ml/activities/321".try_into()?
 };
 let inboxes = vec![recipient.shared_inbox_or_inbox()];
-
+send_activity(activity, keypair.private_key, inboxes, &data).await?;
 queue_activity(&activity, &sender, inboxes, &data).await?;
 # Ok::<(), anyhow::Error>(())
 # }).unwrap()
 ```
-The list of inboxes gets deduplicated (important for shared inbox). All inboxes on the local domain and those which fail the [crate::config::UrlVerifier] check are excluded from delivery. For each remaining inbox a background tasks is created. It signs the HTTP header with the given private key. Finally the activity is delivered to the inbox.
+The list of inboxes gets deduplicated (important for shared inbox). All inboxes on the local
-
+domain and those which fail the [crate::config::UrlVerifier] check are excluded from delivery.
-It is possible that delivery fails because the target instance is temporarily unreachable. In this case the task is scheduled for retry after a certain waiting time. For each task delivery is retried up to 3 times after the initial attempt. The retry intervals are as follows:
+For each remaining inbox a background tasks is created. It signs the HTTP header with the given
 private key. Finally the activity is delivered to the inbox.
 It is possible that delivery fails because the target instance is temporarily unreachable. In
 this case the task is scheduled for retry after a certain waiting time. For each task delivery
 is retried up to 3 times after the initial attempt. The retry intervals are as follows:
 - one minute, in case of service restart
 - one hour, in case of instance maintenance
 - 2.5 days, in case of major incident with rebuild from backup
 In case [crate::config::FederationConfigBuilder::debug] is enabled, no background thread is used but activities are sent directly on the foreground. This makes it easier to catch delivery errors and avoids complicated steps to await delivery in tests.
 In some cases you may want to bypass the builtin activity queue, and implement your own. For example to specify different retry intervals, or to persist retries across application restarts. You can do it with the following code:
 ```rust
 # use activitypub_federation::config::FederationConfig;
 # use activitypub_federation::activity_sending::SendActivityTask;
 # use activitypub_federation::http_signatures::generate_actor_keypair;
 # use activitypub_federation::traits::Actor;
 # use activitypub_federation::fetch::object_id::ObjectId;
 # use activitypub_federation::traits::tests::{DB_USER, DbConnection, Follow};
 # tokio::runtime::Runtime::new().unwrap().block_on(async {
 # let db_connection = DbConnection;
 # let config = FederationConfig::builder()
 #     .domain("example.com")
 #     .app_data(db_connection)
 #     .build().await?;
 # let data = config.to_request_data();
 # let sender = DB_USER.clone();
 # let recipient = DB_USER.clone();
 let activity = Follow {
    actor: ObjectId::parse("https://lemmy.ml/u/nutomic")?,
    object: recipient.federation_id.clone().into(),
    kind: Default::default(),
    id: "https://lemmy.ml/activities/321".try_into()?
 };
 let inboxes = vec![recipient.shared_inbox_or_inbox()];
 let sends = SendActivityTask::prepare(&activity, &sender, inboxes, &data).await?;
 for send in sends {
 send.sign_and_send(&data).await?;
 }
 # Ok::<(), anyhow::Error>(())
 # }).unwrap()
 ```
--- a/docs/10_fetching_objects_with_unknown_type.md
+++ b/docs/10_fetching_objects_with_unknown_type.md
@ -5,76 +5,68 @@ It is sometimes necessary to fetch from a URL, but we don't know the exact type
 ```no_run
 # use activitypub_federation::traits::tests::{DbUser, DbPost};
 # use activitypub_federation::fetch::object_id::ObjectId;
-# use activitypub_federation::traits::Object;
+# use activitypub_federation::traits::ApubObject;
 # use activitypub_federation::config::FederationConfig;
 # use serde::{Deserialize, Serialize};
 # use activitypub_federation::traits::tests::DbConnection;
-# use activitypub_federation::config::Data;
+# use activitypub_federation::config::RequestData;
 # use url::Url;
 # use activitypub_federation::traits::tests::{Person, Note};
 #[derive(Debug)]
 pub enum SearchableDbObjects {
    User(DbUser),
    Post(DbPost)
 }
-#[derive(Deserialize, Serialize, Debug)]
+#[derive(Deserialize, Serialize)]
 #[serde(untagged)]
-pub enum SearchableObjects {
+pub enum SearchableApubObjects {
    Person(Person),
    Note(Note)
 }
 #[async_trait::async_trait]
-impl Object for SearchableDbObjects {
+impl ApubObject for SearchableDbObjects {
    type DataType = DbConnection;
-    type Kind = SearchableObjects;
+    type ApubType = SearchableApubObjects;
    type Error = anyhow::Error;
-    fn id(&self) -> Url {
+    async fn read_from_apub_id(
        match self {
            SearchableDbObjects::User(p) => p.federation_id.clone(),
            SearchableDbObjects::Post(n) => n.federation_id.clone(),
        }
    }
    async fn read_from_id(
        object_id: Url,
-        data: &Data<Self::DataType>,
+        data: &RequestData<Self::DataType>,
    ) -> Result<Option<Self>, Self::Error> {
        Ok(None)
    }
-    async fn into_json(
+    async fn into_apub(
        self,
-        data: &Data<Self::DataType>,
+        data: &RequestData<Self::DataType>,
-    ) -> Result<Self::Kind, Self::Error> {
+    ) -> Result<Self::ApubType, Self::Error> {
        unimplemented!();
    }
-    async fn verify(json: &Self::Kind, expected_domain: &Url, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
+    async fn verify(apub: &Self::ApubType, expected_domain: &Url, _data: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
        Ok(())
    }
-    async fn from_json(
+    async fn from_apub(
-        json: Self::Kind,
+        apub: Self::ApubType,
-        data: &Data<Self::DataType>,
+        data: &RequestData<Self::DataType>,
    ) -> Result<Self, Self::Error> {
        use SearchableDbObjects::*;
-        match json {
+        match apub {
-            SearchableObjects::Person(p) => Ok(User(DbUser::from_json(p, data).await?)),
+            SearchableApubObjects::Person(p) => Ok(User(DbUser::from_apub(p, data).await?)),
-            SearchableObjects::Note(n) => Ok(Post(DbPost::from_json(n, data).await?)),
+            SearchableApubObjects::Note(n) => Ok(Post(DbPost::from_apub(n, data).await?)),
        }
    }
 }
-#[tokio::main]
+#[actix_rt::main]
 async fn main() -> Result<(), anyhow::Error> {
-    # let config = FederationConfig::builder().domain("example.com").app_data(DbConnection).build().await.unwrap();
+    # let config = FederationConfig::builder().domain("example.com").app_data(DbConnection).build().unwrap();
    # let data = config.to_request_data();
    let query = "https://example.com/id/413";
-    let query_result = ObjectId::<SearchableDbObjects>::parse(query)?
+    let query_result = ObjectId::<SearchableDbObjects>::new(query)?
        .dereference(&data)
        .await?;
    match query_result {
--- a/examples/live_federation/activities/create_post.rs
+++ b/examples/live_federation/activities/create_post.rs
@ -6,12 +6,12 @@ use crate::{
    DbPost,
 };
 use activitypub_federation::{
-    activity_sending::SendActivityTask,
+    activity_queue::send_activity,
-    config::Data,
+    config::RequestData,
    fetch::object_id::ObjectId,
    kinds::activity::CreateType,
    protocol::{context::WithContext, helpers::deserialize_one_or_many},
-    traits::{Activity, Object},
+    traits::{ActivityHandler, ApubObject},
 };
 use serde::{Deserialize, Serialize};
 use url::Url;
@ -29,7 +29,11 @@ pub struct CreatePost {
 }
 impl CreatePost {
-    pub async fn send(note: Note, inbox: Url, data: &Data<DatabaseHandle>) -> Result<(), Error> {
+    pub async fn send(
        note: Note,
        inbox: Url,
        data: &RequestData<DatabaseHandle>,
    ) -> Result<(), Error> {
        print!("Sending reply to {}", &note.attributed_to);
        let create = CreatePost {
            actor: note.attributed_to.clone(),
@ -39,18 +43,17 @@ impl CreatePost {
            id: generate_object_id(data.domain())?,
        };
        let create_with_context = WithContext::new_default(create);
-        let sends =
+        let private_key = data
-            SendActivityTask::prepare(&create_with_context, &data.local_user(), vec![inbox], data)
+            .local_user()
-                .await?;
+            .private_key
-        for send in sends {
+            .expect("local user always has private key");
-            send.sign_and_send(data).await?;
+        send_activity(create_with_context, private_key, vec![inbox], data).await?;
        }
        Ok(())
    }
 }
 #[async_trait::async_trait]
-impl Activity for CreatePost {
+impl ActivityHandler for CreatePost {
    type DataType = DatabaseHandle;
    type Error = crate::error::Error;
@ -62,13 +65,13 @@ impl Activity for CreatePost {
        self.actor.inner()
    }
-    async fn verify(&self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
+    async fn verify(&self, data: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
        DbPost::verify(&self.object, &self.id, data).await?;
        Ok(())
    }
-    async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
+    async fn receive(self, data: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
-        DbPost::from_json(self.object, data).await?;
+        DbPost::from_apub(self.object, data).await?;
        Ok(())
    }
 }
--- a/examples/live_federation/http.rs
+++ b/examples/live_federation/http.rs
@ -6,19 +6,19 @@ use crate::{
 use activitypub_federation::{
    axum::{
        inbox::{receive_activity, ActivityData},
-        json::FederationJson,
+        json::ApubJson,
    },
-    config::Data,
+    config::RequestData,
    fetch::webfinger::{build_webfinger_response, extract_webfinger_name, Webfinger},
    protocol::context::WithContext,
-    traits::Object,
+    traits::ApubObject,
 };
 use axum::{
    debug_handler,
    extract::{Path, Query},
    response::{IntoResponse, Response},
    Json,
 };
 use axum_macros::debug_handler;
 use http::StatusCode;
 use serde::Deserialize;
@ -31,16 +31,16 @@ impl IntoResponse for Error {
 #[debug_handler]
 pub async fn http_get_user(
    Path(name): Path<String>,
-    data: Data<DatabaseHandle>,
+    data: RequestData<DatabaseHandle>,
-) -> Result<FederationJson<WithContext<Person>>, Error> {
+) -> Result<ApubJson<WithContext<Person>>, Error> {
    let db_user = data.read_user(&name)?;
-    let json_user = db_user.into_json(&data).await?;
+    let apub_user = db_user.into_apub(&data).await?;
-    Ok(FederationJson(WithContext::new_default(json_user)))
+    Ok(ApubJson(WithContext::new_default(apub_user)))
 }
 #[debug_handler]
 pub async fn http_post_user_inbox(
-    data: Data<DatabaseHandle>,
+    data: RequestData<DatabaseHandle>,
    activity_data: ActivityData,
 ) -> impl IntoResponse {
    receive_activity::<WithContext<PersonAcceptedActivities>, DbUser, DatabaseHandle>(
@ -58,10 +58,10 @@ pub struct WebfingerQuery {
 #[debug_handler]
 pub async fn webfinger(
    Query(query): Query<WebfingerQuery>,
-    data: Data<DatabaseHandle>,
+    data: RequestData<DatabaseHandle>,
 ) -> Result<Json<Webfinger>, Error> {
    let name = extract_webfinger_name(&query.resource, &data)?;
-    let db_user = data.read_user(name)?;
+    let db_user = data.read_user(&name)?;
    Ok(Json(build_webfinger_response(
        query.resource,
        db_user.ap_id.into_inner(),
--- a/examples/live_federation/main.rs
+++ b/examples/live_federation/main.rs
@ -1,12 +1,10 @@
 #![allow(clippy::unwrap_used)]
 use crate::{
    database::Database,
    http::{http_get_user, http_post_user_inbox, webfinger},
    objects::{person::DbUser, post::DbPost},
    utils::generate_object_id,
 };
-use activitypub_federation::config::{FederationConfig, FederationMiddleware};
+use activitypub_federation::config::{ApubMiddleware, FederationConfig};
 use axum::{
    routing::{get, post},
    Router,
@ -30,7 +28,7 @@ const DOMAIN: &str = "example.com";
 const LOCAL_USER_NAME: &str = "alison";
 const BIND_ADDRESS: &str = "localhost:8003";
-#[tokio::main]
+#[actix_rt::main]
 async fn main() -> Result<(), Error> {
    env_logger::builder()
        .filter_level(LevelFilter::Warn)
@ -49,23 +47,23 @@ async fn main() -> Result<(), Error> {
    let config = FederationConfig::builder()
        .domain(DOMAIN)
        .app_data(database)
-        .build()
+        .build()?;
        .await?;
    info!("Listen with HTTP server on {BIND_ADDRESS}");
    let config = config.clone();
    let app = Router::new()
-        .route("/{user}", get(http_get_user))
+        .route("/:user", get(http_get_user))
-        .route("/{user}/inbox", post(http_post_user_inbox))
+        .route("/:user/inbox", post(http_post_user_inbox))
        .route("/.well-known/webfinger", get(webfinger))
-        .layer(FederationMiddleware::new(config));
+        .layer(ApubMiddleware::new(config));
    let addr = BIND_ADDRESS
        .to_socket_addrs()?
        .next()
        .expect("Failed to lookup domain name");
-    let listener = tokio::net::TcpListener::bind(addr).await?;
+    axum::Server::bind(&addr)
-    axum::serve(listener, app.into_make_service()).await?;
+        .serve(app.into_make_service())
        .await?;
    Ok(())
 }
--- a/examples/live_federation/objects/person.rs
+++ b/examples/live_federation/objects/person.rs
@ -1,13 +1,13 @@
 use crate::{activities::create_post::CreatePost, database::DatabaseHandle, error::Error};
 use activitypub_federation::{
-    config::Data,
+    config::RequestData,
    fetch::object_id::ObjectId,
    http_signatures::generate_actor_keypair,
    kinds::actor::PersonType,
    protocol::{public_key::PublicKey, verification::verify_domains_match},
-    traits::{Activity, Actor, Object},
+    traits::{ActivityHandler, Actor, ApubObject},
 };
-use chrono::{DateTime, Utc};
+use chrono::{Local, NaiveDateTime};
 use serde::{Deserialize, Serialize};
 use std::fmt::Debug;
 use url::Url;
@ -21,7 +21,7 @@ pub struct DbUser {
    pub public_key: String,
    // exists only for local users
    pub private_key: Option<String>,
-    last_refreshed_at: DateTime<Utc>,
+    last_refreshed_at: NaiveDateTime,
    pub followers: Vec<Url>,
    pub local: bool,
 }
@ -29,7 +29,7 @@ pub struct DbUser {
 /// List of all activities which this actor can receive.
 #[derive(Deserialize, Serialize, Debug)]
 #[serde(untagged)]
-#[enum_delegate::implement(Activity)]
+#[enum_delegate::implement(ActivityHandler)]
 pub enum PersonAcceptedActivities {
    CreateNote(CreatePost),
 }
@ -45,7 +45,7 @@ impl DbUser {
            inbox,
            public_key: keypair.public_key,
            private_key: Some(keypair.private_key),
-            last_refreshed_at: Utc::now(),
+            last_refreshed_at: Local::now().naive_local(),
            followers: vec![],
            local: true,
        })
@ -64,22 +64,18 @@ pub struct Person {
 }
 #[async_trait::async_trait]
-impl Object for DbUser {
+impl ApubObject for DbUser {
    type DataType = DatabaseHandle;
-    type Kind = Person;
+    type ApubType = Person;
    type Error = Error;
-    fn id(&self) -> Url {
+    fn last_refreshed_at(&self) -> Option<NaiveDateTime> {
        self.ap_id.inner().clone()
    }
    fn last_refreshed_at(&self) -> Option<DateTime<Utc>> {
        Some(self.last_refreshed_at)
    }
-    async fn read_from_id(
+    async fn read_from_apub_id(
        object_id: Url,
-        data: &Data<Self::DataType>,
+        data: &RequestData<Self::DataType>,
    ) -> Result<Option<Self>, Self::Error> {
        let users = data.users.lock().unwrap();
        let res = users
@ -89,36 +85,40 @@ impl Object for DbUser {
        Ok(res)
    }
-    async fn into_json(self, _data: &Data<Self::DataType>) -> Result<Self::Kind, Self::Error> {
+    async fn into_apub(
        self,
        _data: &RequestData<Self::DataType>,
    ) -> Result<Self::ApubType, Self::Error> {
        let public_key = PublicKey::new(self.ap_id.clone().into_inner(), self.public_key.clone());
        Ok(Person {
            preferred_username: self.name.clone(),
            kind: Default::default(),
            id: self.ap_id.clone(),
-            inbox: self.inbox.clone(),
+            inbox: self.inbox,
-            public_key: self.public_key(),
+            public_key,
        })
    }
    async fn verify(
-        json: &Self::Kind,
+        apub: &Self::ApubType,
        expected_domain: &Url,
-        _data: &Data<Self::DataType>,
+        _data: &RequestData<Self::DataType>,
    ) -> Result<(), Self::Error> {
-        verify_domains_match(json.id.inner(), expected_domain)?;
+        verify_domains_match(apub.id.inner(), expected_domain)?;
        Ok(())
    }
-    async fn from_json(
+    async fn from_apub(
-        json: Self::Kind,
+        apub: Self::ApubType,
-        _data: &Data<Self::DataType>,
+        _data: &RequestData<Self::DataType>,
    ) -> Result<Self, Self::Error> {
        Ok(DbUser {
-            name: json.preferred_username,
+            name: apub.preferred_username,
-            ap_id: json.id,
+            ap_id: apub.id,
-            inbox: json.inbox,
+            inbox: apub.inbox,
-            public_key: json.public_key.public_key_pem,
+            public_key: apub.public_key.public_key_pem,
            private_key: None,
-            last_refreshed_at: Utc::now(),
+            last_refreshed_at: Local::now().naive_local(),
            followers: vec![],
            local: false,
        })
@ -130,11 +130,11 @@ impl Actor for DbUser {
        &self.public_key
    }
    fn private_key_pem(&self) -> Option<String> {
        self.private_key.clone()
    }
    fn inbox(&self) -> Url {
        self.inbox.clone()
    }
    fn id(&self) -> &Url {
        self.ap_id.inner()
    }
 }
--- a/examples/live_federation/objects/post.rs
+++ b/examples/live_federation/objects/post.rs
@ -6,11 +6,11 @@ use crate::{
    objects::person::DbUser,
 };
 use activitypub_federation::{
-    config::Data,
+    config::RequestData,
    fetch::object_id::ObjectId,
    kinds::{object::NoteType, public},
    protocol::{helpers::deserialize_one_or_many, verification::verify_domains_match},
-    traits::{Actor, Object},
+    traits::{Actor, ApubObject},
 };
 use activitystreams_kinds::link::MentionType;
 use serde::{Deserialize, Serialize};
@ -21,6 +21,7 @@ pub struct DbPost {
    pub text: String,
    pub ap_id: ObjectId<DbPost>,
    pub creator: ObjectId<DbUser>,
    pub local: bool,
 }
 #[derive(Deserialize, Serialize, Debug)]
@ -45,53 +46,48 @@ pub struct Mention {
 }
 #[async_trait::async_trait]
-impl Object for DbPost {
+impl ApubObject for DbPost {
    type DataType = DatabaseHandle;
-    type Kind = Note;
+    type ApubType = Note;
    type Error = Error;
-    fn id(&self) -> Url {
+    async fn read_from_apub_id(
        self.ap_id.inner().clone()
    }
    async fn read_from_id(
        _object_id: Url,
-        _data: &Data<Self::DataType>,
+        _data: &RequestData<Self::DataType>,
    ) -> Result<Option<Self>, Self::Error> {
        Ok(None)
    }
-    async fn into_json(self, _data: &Data<Self::DataType>) -> Result<Self::Kind, Self::Error> {
+    async fn into_apub(
-        Ok(Note {
+        self,
-            kind: NoteType::Note,
+        _data: &RequestData<Self::DataType>,
-            id: self.ap_id,
+    ) -> Result<Self::ApubType, Self::Error> {
-            content: self.text,
+        unimplemented!()
            attributed_to: self.creator,
            to: vec![public()],
            tag: vec![],
            in_reply_to: None,
        })
    }
    async fn verify(
-        json: &Self::Kind,
+        apub: &Self::ApubType,
        expected_domain: &Url,
-        _data: &Data<Self::DataType>,
+        _data: &RequestData<Self::DataType>,
    ) -> Result<(), Self::Error> {
-        verify_domains_match(json.id.inner(), expected_domain)?;
+        verify_domains_match(apub.id.inner(), expected_domain)?;
        Ok(())
    }
-    async fn from_json(json: Self::Kind, data: &Data<Self::DataType>) -> Result<Self, Self::Error> {
+    async fn from_apub(
        apub: Self::ApubType,
        data: &RequestData<Self::DataType>,
    ) -> Result<Self, Self::Error> {
        println!(
            "Received post with content {} and id {}",
-            &json.content, &json.id
+            &apub.content, &apub.id
        );
-        let creator = json.attributed_to.dereference(data).await?;
+        let creator = apub.attributed_to.dereference(data).await?;
        let post = DbPost {
-            text: json.content,
+            text: apub.content,
-            ap_id: json.id.clone(),
+            ap_id: apub.id.clone(),
-            creator: json.attributed_to.clone(),
+            creator: apub.attributed_to.clone(),
            local: false,
        };
        let mention = Mention {
@ -104,7 +100,7 @@ impl Object for DbPost {
            attributed_to: data.local_user().ap_id,
            to: vec![public()],
            content: format!("Hello {}", creator.name),
-            in_reply_to: Some(json.id.clone()),
+            in_reply_to: Some(apub.id.clone()),
            tag: vec![mention],
        };
        CreatePost::send(note, creator.shared_inbox_or_inbox(), data).await?;
--- a/examples/local_federation/activities/accept.rs
+++ b/examples/local_federation/activities/accept.rs
@ -1,9 +1,9 @@
 use crate::{activities::follow::Follow, instance::DatabaseHandle, objects::person::DbUser};
 use activitypub_federation::{
-    config::Data,
+    config::RequestData,
    fetch::object_id::ObjectId,
    kinds::activity::AcceptType,
-    traits::Activity,
+    traits::ActivityHandler,
 };
 use serde::{Deserialize, Serialize};
 use url::Url;
@ -30,7 +30,7 @@ impl Accept {
 }
 #[async_trait::async_trait]
-impl Activity for Accept {
+impl ActivityHandler for Accept {
    type DataType = DatabaseHandle;
    type Error = crate::error::Error;
@ -42,11 +42,11 @@ impl Activity for Accept {
        self.actor.inner()
    }
-    async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
+    async fn verify(&self, _data: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
        Ok(())
    }
-    async fn receive(self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
+    async fn receive(self, _data: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
        Ok(())
    }
 }
--- a/examples/local_federation/activities/create_post.rs
+++ b/examples/local_federation/activities/create_post.rs
@ -4,11 +4,11 @@ use crate::{
    DbPost,
 };
 use activitypub_federation::{
-    config::Data,
+    config::RequestData,
    fetch::object_id::ObjectId,
    kinds::activity::CreateType,
    protocol::helpers::deserialize_one_or_many,
-    traits::{Activity, Object},
+    traits::{ActivityHandler, ApubObject},
 };
 use serde::{Deserialize, Serialize};
 use url::Url;
@ -38,7 +38,7 @@ impl CreatePost {
 }
 #[async_trait::async_trait]
-impl Activity for CreatePost {
+impl ActivityHandler for CreatePost {
    type DataType = DatabaseHandle;
    type Error = crate::error::Error;
@ -50,13 +50,13 @@ impl Activity for CreatePost {
        self.actor.inner()
    }
-    async fn verify(&self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
+    async fn verify(&self, data: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
        DbPost::verify(&self.object, &self.id, data).await?;
        Ok(())
    }
-    async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
+    async fn receive(self, data: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
-        DbPost::from_json(self.object, data).await?;
+        DbPost::from_apub(self.object, data).await?;
        Ok(())
    }
 }
--- a/examples/local_federation/activities/follow.rs
+++ b/examples/local_federation/activities/follow.rs
@ -5,10 +5,10 @@ use crate::{
    objects::person::DbUser,
 };
 use activitypub_federation::{
-    config::Data,
+    config::RequestData,
    fetch::object_id::ObjectId,
    kinds::activity::FollowType,
-    traits::{Activity, Actor},
+    traits::{ActivityHandler, Actor},
 };
 use serde::{Deserialize, Serialize};
 use url::Url;
@ -35,7 +35,7 @@ impl Follow {
 }
 #[async_trait::async_trait]
-impl Activity for Follow {
+impl ActivityHandler for Follow {
    type DataType = DatabaseHandle;
    type Error = crate::error::Error;
@ -47,13 +47,13 @@ impl Activity for Follow {
        self.actor.inner()
    }
-    async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
+    async fn verify(&self, _data: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
        Ok(())
    }
    // Ignore clippy false positive: https://github.com/rust-lang/rust-clippy/issues/6446
    #[allow(clippy::await_holding_lock)]
-    async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
+    async fn receive(self, data: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
        // add to followers
        let local_user = {
            let mut users = data.users.lock().unwrap();
@ -67,7 +67,7 @@ impl Activity for Follow {
        let id = generate_object_id(data.domain())?;
        let accept = Accept::new(local_user.ap_id.clone(), self, id.clone());
        local_user
-            .send(accept, vec![follower.shared_inbox_or_inbox()], false, data)
+            .send(accept, vec![follower.shared_inbox_or_inbox()], data)
            .await?;
        Ok(())
    }
--- a/examples/local_federation/actix_web/http.rs
+++ b/examples/local_federation/actix_web/http.rs
@ -4,12 +4,12 @@ use crate::{
    objects::person::{DbUser, PersonAcceptedActivities},
 };
 use activitypub_federation::{
-    actix_web::{inbox::receive_activity, signing_actor},
+    actix_web::inbox::receive_activity,
-    config::{Data, FederationConfig, FederationMiddleware},
+    config::{ApubMiddleware, FederationConfig, RequestData},
    fetch::webfinger::{build_webfinger_response, extract_webfinger_name},
    protocol::context::WithContext,
-    traits::Object,
+    traits::ApubObject,
-    FEDERATION_CONTENT_TYPE,
+    APUB_JSON_CONTENT_TYPE,
 };
 use actix_web::{web, web::Bytes, App, HttpRequest, HttpResponse, HttpServer};
 use anyhow::anyhow;
@ -22,46 +22,28 @@ pub fn listen(config: &FederationConfig<DatabaseHandle>) -> Result<(), Error> {
    let config = config.clone();
    let server = HttpServer::new(move || {
        App::new()
-            .wrap(FederationMiddleware::new(config.clone()))
+            .wrap(ApubMiddleware::new(config.clone()))
            .route("/", web::get().to(http_get_system_user))
            .route("/{user}", web::get().to(http_get_user))
            .route("/{user}/inbox", web::post().to(http_post_user_inbox))
            .route("/.well-known/webfinger", web::get().to(webfinger))
    })
    .bind(hostname)?
    .run();
-    tokio::spawn(server);
+    actix_rt::spawn(server);
    Ok(())
 }
 /// Handles requests to fetch system user json over HTTP
 pub async fn http_get_system_user(data: Data<DatabaseHandle>) -> Result<HttpResponse, Error> {
    let json_user = data.system_user.clone().into_json(&data).await?;
    Ok(HttpResponse::Ok()
        .content_type(FEDERATION_CONTENT_TYPE)
        .json(WithContext::new_default(json_user)))
 }
 /// Handles requests to fetch user json over HTTP
 pub async fn http_get_user(
    request: HttpRequest,
    user_name: web::Path<String>,
-    data: Data<DatabaseHandle>,
+    data: RequestData<DatabaseHandle>,
 ) -> Result<HttpResponse, Error> {
    let signed_by = signing_actor::<DbUser>(&request, None, &data).await?;
    // here, checks can be made on the actor or the domain to which
    // it belongs, to verify whether it is allowed to access this resource
    info!(
        "Fetch user request is signed by system account {}",
        signed_by.id()
    );
    let db_user = data.local_user();
    if user_name.into_inner() == db_user.name {
-        let json_user = db_user.into_json(&data).await?;
+        let apub_user = db_user.into_apub(&data).await?;
        Ok(HttpResponse::Ok()
-            .content_type(FEDERATION_CONTENT_TYPE)
+            .content_type(APUB_JSON_CONTENT_TYPE)
-            .json(WithContext::new_default(json_user)))
+            .json(WithContext::new_default(apub_user)))
    } else {
        Err(anyhow!("Invalid user").into())
    }
@ -71,7 +53,7 @@ pub async fn http_get_user(
 pub async fn http_post_user_inbox(
    request: HttpRequest,
    body: Bytes,
-    data: Data<DatabaseHandle>,
+    data: RequestData<DatabaseHandle>,
 ) -> Result<HttpResponse, Error> {
    receive_activity::<WithContext<PersonAcceptedActivities>, DbUser, DatabaseHandle>(
        request, body, &data,
@ -86,10 +68,10 @@ pub struct WebfingerQuery {
 pub async fn webfinger(
    query: web::Query<WebfingerQuery>,
-    data: Data<DatabaseHandle>,
+    data: RequestData<DatabaseHandle>,
 ) -> Result<HttpResponse, Error> {
    let name = extract_webfinger_name(&query.resource, &data)?;
-    let db_user = data.read_user(name)?;
+    let db_user = data.read_user(&name)?;
    Ok(HttpResponse::Ok().json(build_webfinger_response(
        query.resource.clone(),
        db_user.ap_id.into_inner(),
--- a/examples/local_federation/axum/http.rs
+++ b/examples/local_federation/axum/http.rs
@ -6,21 +6,21 @@ use crate::{
 use activitypub_federation::{
    axum::{
        inbox::{receive_activity, ActivityData},
-        json::FederationJson,
+        json::ApubJson,
    },
-    config::{Data, FederationConfig, FederationMiddleware},
+    config::{ApubMiddleware, FederationConfig, RequestData},
    fetch::webfinger::{build_webfinger_response, extract_webfinger_name, Webfinger},
    protocol::context::WithContext,
-    traits::Object,
+    traits::ApubObject,
 };
 use axum::{
    debug_handler,
    extract::{Path, Query},
    response::IntoResponse,
    routing::{get, post},
    Json,
    Router,
 };
 use axum_macros::debug_handler;
 use serde::Deserialize;
 use std::net::ToSocketAddrs;
 use tracing::info;
@ -29,41 +29,35 @@ pub fn listen(config: &FederationConfig<DatabaseHandle>) -> Result<(), Error> {
    let hostname = config.domain();
    info!("Listening with axum on {hostname}");
    let config = config.clone();
    let app = Router::new()
-        .route("/{user}/inbox", post(http_post_user_inbox))
+        .route("/:user/inbox", post(http_post_user_inbox))
-        .route("/{user}", get(http_get_user))
+        .route("/:user", get(http_get_user))
        .route("/.well-known/webfinger", get(webfinger))
-        .layer(FederationMiddleware::new(config));
+        .layer(ApubMiddleware::new(config));
    let addr = hostname
        .to_socket_addrs()?
        .next()
        .expect("Failed to lookup domain name");
-    let fut = async move {
+    let server = axum::Server::bind(&addr).serve(app.into_make_service());
        let listener = tokio::net::TcpListener::bind(addr).await.unwrap();
        axum::serve(listener, app.into_make_service())
            .await
            .unwrap();
    };
-    tokio::spawn(fut);
+    actix_rt::spawn(server);
    Ok(())
 }
 #[debug_handler]
 async fn http_get_user(
    Path(name): Path<String>,
-    data: Data<DatabaseHandle>,
+    data: RequestData<DatabaseHandle>,
-) -> Result<FederationJson<WithContext<Person>>, Error> {
+) -> Result<ApubJson<WithContext<Person>>, Error> {
    let db_user = data.read_user(&name)?;
-    let json_user = db_user.into_json(&data).await?;
+    let apub_user = db_user.into_apub(&data).await?;
-    Ok(FederationJson(WithContext::new_default(json_user)))
+    Ok(ApubJson(WithContext::new_default(apub_user)))
 }
 #[debug_handler]
 async fn http_post_user_inbox(
-    data: Data<DatabaseHandle>,
+    data: RequestData<DatabaseHandle>,
    activity_data: ActivityData,
 ) -> impl IntoResponse {
    receive_activity::<WithContext<PersonAcceptedActivities>, DbUser, DatabaseHandle>(
@ -81,10 +75,10 @@ struct WebfingerQuery {
 #[debug_handler]
 async fn webfinger(
    Query(query): Query<WebfingerQuery>,
-    data: Data<DatabaseHandle>,
+    data: RequestData<DatabaseHandle>,
 ) -> Result<Json<Webfinger>, Error> {
    let name = extract_webfinger_name(&query.resource, &data)?;
-    let db_user = data.read_user(name)?;
+    let db_user = data.read_user(&name)?;
    Ok(Json(build_webfinger_response(
        query.resource,
        db_user.ap_id.into_inner(),
--- a/examples/local_federation/instance.rs
+++ b/examples/local_federation/instance.rs
@ -11,27 +11,20 @@ use std::{
 };
 use url::Url;
-pub async fn new_instance(
+pub fn new_instance(
    hostname: &str,
    name: String,
 ) -> Result<FederationConfig<DatabaseHandle>, Error> {
    let mut system_user = DbUser::new(hostname, "system".into())?;
    system_user.ap_id = Url::parse(&format!("http://{}/", hostname))?.into();
    let local_user = DbUser::new(hostname, name)?;
    let database = Arc::new(Database {
        system_user: system_user.clone(),
        users: Mutex::new(vec![local_user]),
        posts: Mutex::new(vec![]),
    });
    let config = FederationConfig::builder()
        .domain(hostname)
        .signed_fetch_actor(&system_user)
        .app_data(database)
        .url_verifier(Box::new(MyUrlVerifier()))
        .debug(true)
-        .build()
+        .build()?;
        .await?;
    Ok(config)
 }
@ -39,7 +32,6 @@ pub type DatabaseHandle = Arc<Database>;
 /// Our "database" which contains all known posts and users (local and federated)
 pub struct Database {
    pub system_user: DbUser,
    pub users: Mutex<Vec<DbUser>>,
    pub posts: Mutex<Vec<DbPost>>,
 }
@ -50,11 +42,9 @@ struct MyUrlVerifier();
 #[async_trait]
 impl UrlVerifier for MyUrlVerifier {
-    async fn verify(&self, url: &Url) -> Result<(), activitypub_federation::error::Error> {
+    async fn verify(&self, url: &Url) -> Result<(), &'static str> {
        if url.domain() == Some("malicious.com") {
-            Err(activitypub_federation::error::Error::Other(
+            Err("malicious domain")
                "malicious domain".into(),
            ))
        } else {
            Ok(())
        }
--- a/examples/local_federation/main.rs
+++ b/examples/local_federation/main.rs
@ -1,5 +1,3 @@
 #![allow(clippy::unwrap_used)]
 use crate::{
    instance::{listen, new_instance, Webserver},
    objects::post::DbPost,
@ -7,7 +5,6 @@ use crate::{
 };
 use error::Error;
 use std::{env::args, str::FromStr};
 use tokio::try_join;
 use tracing::log::{info, LevelFilter};
 mod activities;
@ -20,7 +17,7 @@ mod instance;
 mod objects;
 mod utils;
-#[tokio::main]
+#[actix_rt::main]
 async fn main() -> Result<(), Error> {
    env_logger::builder()
        .filter_level(LevelFilter::Warn)
@ -35,10 +32,8 @@ async fn main() -> Result<(), Error> {
        .map(|arg| Webserver::from_str(&arg).unwrap())
        .unwrap_or(Webserver::Axum);
-    let (alpha, beta) = try_join!(
+    let alpha = new_instance("localhost:8001", "alpha".to_string())?;
-        new_instance("localhost:8001", "alpha".to_string()),
+    let beta = new_instance("localhost:8002", "beta".to_string())?;
        new_instance("localhost:8002", "beta".to_string())
    )?;
    listen(&alpha, &webserver)?;
    listen(&beta, &webserver)?;
    info!("Local instances started");
--- a/examples/local_federation/objects/person.rs
+++ b/examples/local_federation/objects/person.rs
@ -6,16 +6,15 @@ use crate::{
    utils::generate_object_id,
 };
 use activitypub_federation::{
-    activity_queue::queue_activity,
+    activity_queue::send_activity,
-    activity_sending::SendActivityTask,
+    config::RequestData,
    config::Data,
    fetch::{object_id::ObjectId, webfinger::webfinger_resolve_actor},
    http_signatures::generate_actor_keypair,
    kinds::actor::PersonType,
    protocol::{context::WithContext, public_key::PublicKey, verification::verify_domains_match},
-    traits::{Activity, Actor, Object},
+    traits::{ActivityHandler, Actor, ApubObject},
 };
-use chrono::{DateTime, Utc};
+use chrono::{Local, NaiveDateTime};
 use serde::{Deserialize, Serialize};
 use std::fmt::Debug;
 use url::Url;
@ -29,7 +28,7 @@ pub struct DbUser {
    public_key: String,
    // exists only for local users
    private_key: Option<String>,
-    last_refreshed_at: DateTime<Utc>,
+    last_refreshed_at: NaiveDateTime,
    pub followers: Vec<Url>,
    pub local: bool,
 }
@ -37,7 +36,7 @@ pub struct DbUser {
 /// List of all activities which this actor can receive.
 #[derive(Deserialize, Serialize, Debug)]
 #[serde(untagged)]
-#[enum_delegate::implement(Activity)]
+#[enum_delegate::implement(ActivityHandler)]
 pub enum PersonAcceptedActivities {
    Follow(Follow),
    Accept(Accept),
@ -55,7 +54,7 @@ impl DbUser {
            inbox,
            public_key: keypair.public_key,
            private_key: Some(keypair.private_key),
-            last_refreshed_at: Utc::now(),
+            last_refreshed_at: Local::now().naive_local(),
            followers: vec![],
            local: true,
        })
@ -82,69 +81,74 @@ impl DbUser {
        Ok(Url::parse(&format!("{}/followers", self.ap_id.inner()))?)
    }
-    pub async fn follow(&self, other: &str, data: &Data<DatabaseHandle>) -> Result<(), Error> {
+    fn public_key(&self) -> PublicKey {
        PublicKey::new(self.ap_id.clone().into_inner(), self.public_key.clone())
    }
    pub async fn follow(
        &self,
        other: &str,
        data: &RequestData<DatabaseHandle>,
    ) -> Result<(), Error> {
        let other: DbUser = webfinger_resolve_actor(other, data).await?;
        let id = generate_object_id(data.domain())?;
        let follow = Follow::new(self.ap_id.clone(), other.ap_id.clone(), id.clone());
-        self.send(follow, vec![other.shared_inbox_or_inbox()], false, data)
+        self.send(follow, vec![other.shared_inbox_or_inbox()], data)
            .await?;
        Ok(())
    }
-    pub async fn post(&self, post: DbPost, data: &Data<DatabaseHandle>) -> Result<(), Error> {
+    pub async fn post(
        &self,
        post: DbPost,
        data: &RequestData<DatabaseHandle>,
    ) -> Result<(), Error> {
        let id = generate_object_id(data.domain())?;
-        let create = CreatePost::new(post.into_json(data).await?, id.clone());
+        let create = CreatePost::new(post.into_apub(data).await?, id.clone());
        let mut inboxes = vec![];
        for f in self.followers.clone() {
            let user: DbUser = ObjectId::from(f).dereference(data).await?;
            inboxes.push(user.shared_inbox_or_inbox());
        }
-        self.send(create, inboxes, true, data).await?;
+        self.send(create, inboxes, data).await?;
        Ok(())
    }
-    pub(crate) async fn send<A>(
+    pub(crate) async fn send<Activity>(
        &self,
-        activity: A,
+        activity: Activity,
        recipients: Vec<Url>,
-        use_queue: bool,
+        data: &RequestData<DatabaseHandle>,
-        data: &Data<DatabaseHandle>,
+    ) -> Result<(), <Activity as ActivityHandler>::Error>
    ) -> Result<(), Error>
    where
-        A: Activity + Serialize + Debug + Send + Sync,
+        Activity: ActivityHandler + Serialize + Debug + Send + Sync,
-        <A as Activity>::Error: From<anyhow::Error> + From<serde_json::Error>,
+        <Activity as ActivityHandler>::Error: From<anyhow::Error> + From<serde_json::Error>,
    {
        let activity = WithContext::new_default(activity);
-        // Send through queue in some cases and bypass it in others to test both code paths
+        send_activity(
-        if use_queue {
+            activity,
-            queue_activity(&activity, self, recipients, data).await?;
+            self.private_key.clone().unwrap(),
-        } else {
+            recipients,
-            let sends = SendActivityTask::prepare(&activity, self, recipients, data).await?;
+            data,
-            for send in sends {
+        )
-                send.sign_and_send(data).await?;
+        .await?;
            }
        }
        Ok(())
    }
 }
 #[async_trait::async_trait]
-impl Object for DbUser {
+impl ApubObject for DbUser {
    type DataType = DatabaseHandle;
-    type Kind = Person;
+    type ApubType = Person;
    type Error = Error;
-    fn id(&self) -> Url {
+    fn last_refreshed_at(&self) -> Option<NaiveDateTime> {
        self.ap_id.inner().clone()
    }
    fn last_refreshed_at(&self) -> Option<DateTime<Utc>> {
        Some(self.last_refreshed_at)
    }
-    async fn read_from_id(
+    async fn read_from_apub_id(
        object_id: Url,
-        data: &Data<Self::DataType>,
+        data: &RequestData<Self::DataType>,
    ) -> Result<Option<Self>, Self::Error> {
        let users = data.users.lock().unwrap();
        let res = users
@ -154,7 +158,10 @@ impl Object for DbUser {
        Ok(res)
    }
-    async fn into_json(self, _data: &Data<Self::DataType>) -> Result<Self::Kind, Self::Error> {
+    async fn into_apub(
        self,
        _data: &RequestData<Self::DataType>,
    ) -> Result<Self::ApubType, Self::Error> {
        Ok(Person {
            preferred_username: self.name.clone(),
            kind: Default::default(),
@ -165,22 +172,25 @@ impl Object for DbUser {
    }
    async fn verify(
-        json: &Self::Kind,
+        apub: &Self::ApubType,
        expected_domain: &Url,
-        _data: &Data<Self::DataType>,
+        _data: &RequestData<Self::DataType>,
    ) -> Result<(), Self::Error> {
-        verify_domains_match(json.id.inner(), expected_domain)?;
+        verify_domains_match(apub.id.inner(), expected_domain)?;
        Ok(())
    }
-    async fn from_json(json: Self::Kind, data: &Data<Self::DataType>) -> Result<Self, Self::Error> {
+    async fn from_apub(
        apub: Self::ApubType,
        data: &RequestData<Self::DataType>,
    ) -> Result<Self, Self::Error> {
        let user = DbUser {
-            name: json.preferred_username,
+            name: apub.preferred_username,
-            ap_id: json.id,
+            ap_id: apub.id,
-            inbox: json.inbox,
+            inbox: apub.inbox,
-            public_key: json.public_key.public_key_pem,
+            public_key: apub.public_key.public_key_pem,
            private_key: None,
-            last_refreshed_at: Utc::now(),
+            last_refreshed_at: Local::now().naive_local(),
            followers: vec![],
            local: false,
        };
@ -191,12 +201,12 @@ impl Object for DbUser {
 }
 impl Actor for DbUser {
-    fn public_key_pem(&self) -> &str {
+    fn id(&self) -> &Url {
-        &self.public_key
+        self.ap_id.inner()
    }
-    fn private_key_pem(&self) -> Option<String> {
+    fn public_key_pem(&self) -> &str {
-        self.private_key.clone()
+        &self.public_key
    }
    fn inbox(&self) -> Url {
--- a/examples/local_federation/objects/post.rs
+++ b/examples/local_federation/objects/post.rs
@ -1,10 +1,10 @@
 use crate::{error::Error, generate_object_id, instance::DatabaseHandle, objects::person::DbUser};
 use activitypub_federation::{
-    config::Data,
+    config::RequestData,
    fetch::object_id::ObjectId,
    kinds::{object::NoteType, public},
    protocol::{helpers::deserialize_one_or_many, verification::verify_domains_match},
-    traits::Object,
+    traits::ApubObject,
 };
 use serde::{Deserialize, Serialize};
 use url::Url;
@ -42,18 +42,14 @@ pub struct Note {
 }
 #[async_trait::async_trait]
-impl Object for DbPost {
+impl ApubObject for DbPost {
    type DataType = DatabaseHandle;
-    type Kind = Note;
+    type ApubType = Note;
    type Error = Error;
-    fn id(&self) -> Url {
+    async fn read_from_apub_id(
        self.ap_id.inner().clone()
    }
    async fn read_from_id(
        object_id: Url,
-        data: &Data<Self::DataType>,
+        data: &RequestData<Self::DataType>,
    ) -> Result<Option<Self>, Self::Error> {
        let posts = data.posts.lock().unwrap();
        let res = posts
@ -63,7 +59,10 @@ impl Object for DbPost {
        Ok(res)
    }
-    async fn into_json(self, data: &Data<Self::DataType>) -> Result<Self::Kind, Self::Error> {
+    async fn into_apub(
        self,
        data: &RequestData<Self::DataType>,
    ) -> Result<Self::ApubType, Self::Error> {
        let creator = self.creator.dereference_local(data).await?;
        Ok(Note {
            kind: Default::default(),
@ -75,19 +74,22 @@ impl Object for DbPost {
    }
    async fn verify(
-        json: &Self::Kind,
+        apub: &Self::ApubType,
        expected_domain: &Url,
-        _data: &Data<Self::DataType>,
+        _data: &RequestData<Self::DataType>,
    ) -> Result<(), Self::Error> {
-        verify_domains_match(json.id.inner(), expected_domain)?;
+        verify_domains_match(apub.id.inner(), expected_domain)?;
        Ok(())
    }
-    async fn from_json(json: Self::Kind, data: &Data<Self::DataType>) -> Result<Self, Self::Error> {
+    async fn from_apub(
        apub: Self::ApubType,
        data: &RequestData<Self::DataType>,
    ) -> Result<Self, Self::Error> {
        let post = DbPost {
-            text: json.content,
+            text: apub.content,
-            ap_id: json.id,
+            ap_id: apub.id,
-            creator: json.attributed_to,
+            creator: apub.attributed_to,
            local: false,
        };
--- a/src/activity_queue.rs
+++ b/src/activity_queue.rs
@ -3,519 +3,236 @@
 #![doc = include_str!("../docs/09_sending_activities.md")]
 use crate::{
-    activity_sending::{build_tasks, SendActivityTask},
+    config::RequestData,
    config::Data,
    error::Error,
-    traits::{Activity, Actor},
+    http_signatures::sign_request,
    reqwest_shim::ResponseExt,
    traits::ActivityHandler,
    APUB_JSON_CONTENT_TYPE,
 };
-
+use anyhow::anyhow;
-use futures_core::Future;
+use background_jobs::{
-
+    memory_storage::{ActixTimer, Storage},
    ActixJob,
    Backoff,
    Manager,
    MaxRetries,
    WorkerConfig,
 };
 use http::{header::HeaderName, HeaderMap, HeaderValue};
 use httpdate::fmt_http_date;
 use itertools::Itertools;
 use reqwest_middleware::ClientWithMiddleware;
-use serde::Serialize;
+use serde::{Deserialize, Serialize};
 use std::{
-    fmt::{Debug, Display},
+    fmt::Debug,
-    sync::{
+    future::Future,
-        atomic::{AtomicUsize, Ordering},
+    pin::Pin,
-        Arc,
+    time::{Duration, SystemTime},
    },
    time::Duration,
 };
-use tokio::{
+use tracing::{debug, info, warn};
    sync::mpsc::{unbounded_channel, UnboundedSender},
    task::{JoinHandle, JoinSet},
 };
 use tracing::{info, warn};
 use url::Url;
-/// Send a new activity to the given inboxes with automatic retry on failure. Alternatively you
+/// Send a new activity to the given inboxes
 /// can implement your own queue and then send activities using [[crate::activity_sending::SendActivityTask]].
 ///
 /// - `activity`: The activity to be sent, gets converted to json
 /// - `private_key`: Private key belonging to the actor who sends the activity, for signing HTTP
-///   signature. Generated with [crate::http_signatures::generate_actor_keypair].
+///                  signature. Generated with [crate::http_signatures::generate_actor_keypair].
-/// - `inboxes`: List of remote actor inboxes that should receive the activity. Ignores local actor
+/// - `inboxes`: List of actor inboxes that should receive the activity. Should be built by calling
-///   inboxes. Should be built by calling [crate::traits::Actor::shared_inbox_or_inbox]
+///              [crate::traits::Actor::shared_inbox_or_inbox] for each target actor.
-///   for each target actor.
+pub async fn send_activity<Activity, Datatype>(
-pub async fn queue_activity<A, Datatype, ActorType>(
+    activity: Activity,
-    activity: &A,
+    private_key: String,
    actor: &ActorType,
    inboxes: Vec<Url>,
-    data: &Data<Datatype>,
+    data: &RequestData<Datatype>,
-) -> Result<(), Error>
+) -> Result<(), <Activity as ActivityHandler>::Error>
 where
-    A: Activity + Serialize + Debug,
+    Activity: ActivityHandler + Serialize,
    <Activity as ActivityHandler>::Error: From<anyhow::Error> + From<serde_json::Error>,
    Datatype: Clone,
    ActorType: Actor,
 {
    let config = &data.config;
-    let tasks = build_tasks(activity, actor, inboxes, data).await?;
+    let actor_id = activity.actor();
    let activity_id = activity.id();
    let activity_serialized = serde_json::to_string_pretty(&activity)?;
    let inboxes: Vec<Url> = inboxes
        .into_iter()
        .unique()
        .filter(|i| !config.is_local_url(i))
        .collect();
-    for task in tasks {
+    // This field is only optional to make builder work, its always present at this point
-        // Don't use the activity queue if this is in debug mode, send and wait directly
+    let activity_queue = config
        .activity_queue
        .as_ref()
        .expect("Config has activity queue");
    for inbox in inboxes {
        if config.verify_url_valid(&inbox).await.is_err() {
            continue;
        }
        let message = SendActivityTask {
            actor_id: actor_id.clone(),
            activity_id: activity_id.clone(),
            inbox,
            activity: activity_serialized.clone(),
            private_key: private_key.clone(),
            http_signature_compat: config.http_signature_compat,
        };
        if config.debug {
-            if let Err(err) = sign_and_send(
+            let res = do_send(message, &config.client, config.request_timeout).await;
-                &task,
+            // Don't fail on error, as we intentionally do some invalid actions in tests, to verify that
-                &config.client,
+            // they are rejected on the receiving side. These errors shouldn't bubble up to make the API
-                config.request_timeout,
+            // call fail. This matches the behaviour in production.
-                Default::default(),
+            if let Err(e) = res {
-            )
+                warn!("{}", e);
            .await
            {
                warn!("{err}");
            }
        } else {
-            // This field is only optional to make builder work, its always present at this point
+            activity_queue.queue(message).await?;
-            let activity_queue = config
+            let stats = activity_queue.get_stats().await?;
-                .activity_queue
+            info!(
-                .as_ref()
+                "Activity queue stats: pending: {}, running: {}, dead (this hour): {}, complete (this hour): {}",
-                .expect("Config has activity queue");
+                stats.pending,
-            activity_queue.queue(task).await?;
+                stats.running,
-            let stats = activity_queue.get_stats();
+                stats.dead.this_hour(),
-            let running = stats.running.load(Ordering::Relaxed);
+                stats.complete.this_hour()
-            if running == config.queue_worker_count && config.queue_worker_count != 0 {
+            );
-                warn!("Reached max number of send activity workers ({}). Consider increasing worker count to avoid federation delays", config.queue_worker_count);
+            if stats.running as u64 == config.worker_count {
-                warn!("{:?}", stats);
+                warn!("Maximum number of activitypub workers reached. Consider increasing worker count to avoid federation delays");
            } else {
                info!("{:?}", stats);
            }
        }
    }
    Ok(())
 }
-async fn sign_and_send(
+#[derive(Clone, Debug, Deserialize, Serialize)]
-    task: &SendActivityTask,
+struct SendActivityTask {
    actor_id: Url,
    activity_id: Url,
    activity: String,
    inbox: Url,
    private_key: String,
    http_signature_compat: bool,
 }
 impl ActixJob for SendActivityTask {
    type State = QueueState;
    type Future = Pin<Box<dyn Future<Output = Result<(), anyhow::Error>>>>;
    const NAME: &'static str = "SendActivityTask";
    const MAX_RETRIES: MaxRetries = MaxRetries::Count(3);
    /// This gives the following retry intervals:
    /// - 60s (one minute, for service restart)
    /// - 60min (one hour, for instance maintenance)
    /// - 60h (2.5 days, for major incident with rebuild from backup)
    const BACKOFF: Backoff = Backoff::Exponential(60);
    fn run(self, state: Self::State) -> Self::Future {
        Box::pin(async move { do_send(self, &state.client, state.timeout).await })
    }
 }
 async fn do_send(
    task: SendActivityTask,
    client: &ClientWithMiddleware,
    timeout: Duration,
-    retry_strategy: RetryStrategy,
+) -> Result<(), anyhow::Error> {
-) -> Result<(), Error> {
+    debug!("Sending {} to {}", task.activity_id, task.inbox);
-    retry(
+    let request_builder = client
-        || task.sign_and_send_internal(client, timeout),
+        .post(task.inbox.to_string())
-        retry_strategy,
+        .timeout(timeout)
        .headers(generate_request_headers(&task.inbox));
    let request = sign_request(
        request_builder,
        task.actor_id,
        task.activity,
        task.private_key,
        task.http_signature_compat,
    )
-    .await
+    .await?;
-}
+    let response = client.execute(request).await;
-/// A simple activity queue which spawns tokio workers to send out requests
+    match response {
-/// When creating a queue, it will spawn a task per worker thread
+        Ok(o) if o.status().is_success() => {
-/// Uses an unbounded mpsc queue for communication (i.e, all messages are in memory)
+            info!(
-pub(crate) struct ActivityQueue {
+                "Activity {} delivered successfully to {}",
-    // Stats shared between the queue and workers
+                task.activity_id, task.inbox
    stats: Arc<Stats>,
    sender: UnboundedSender<SendActivityTask>,
    sender_task: JoinHandle<()>,
    retry_sender_task: JoinHandle<()>,
 }
 /// Simple stat counter to show where we're up to with sending messages
 /// This is a lock-free way to share things between tasks
 /// When reading these values it's possible (but extremely unlikely) to get stale data if a worker task is in the middle of transitioning
 #[derive(Default)]
 pub(crate) struct Stats {
    pending: AtomicUsize,
    running: AtomicUsize,
    retries: AtomicUsize,
    dead_last_hour: AtomicUsize,
    completed_last_hour: AtomicUsize,
 }
 impl Debug for Stats {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        write!(
            f,
            "Activity queue stats: pending: {}, running: {}, retries: {}, dead: {}, complete: {}",
            self.pending.load(Ordering::Relaxed),
            self.running.load(Ordering::Relaxed),
            self.retries.load(Ordering::Relaxed),
            self.dead_last_hour.load(Ordering::Relaxed),
            self.completed_last_hour.load(Ordering::Relaxed)
        )
    }
 }
 #[derive(Clone, Copy, Default)]
 struct RetryStrategy {
    /// Amount of time in seconds to back off
    backoff: usize,
    /// Amount of times to retry
    retries: usize,
    /// If this particular request has already been retried, you can add an offset here to increment the count to start
    offset: usize,
    /// Number of seconds to sleep before trying
    initial_sleep: usize,
 }
 /// A tokio spawned worker which is responsible for submitting requests to federated servers
 /// This will retry up to one time with the same signature, and if it fails, will move it to the retry queue.
 /// We need to retry activity sending in case the target instances is temporarily unreachable.
 /// In this case, the task is stored and resent when the instance is hopefully back up. This
 /// list shows the retry intervals, and which events of the target instance can be covered:
 /// - 60s (one minute, service restart) -- happens in the worker w/ same signature
 /// - 60min (one hour, instance maintenance) --- happens in the retry worker
 /// - 60h (2.5 days, major incident with rebuild from backup) --- happens in the retry worker
 async fn worker(
    client: ClientWithMiddleware,
    timeout: Duration,
    message: SendActivityTask,
    retry_queue: UnboundedSender<SendActivityTask>,
    stats: Arc<Stats>,
    strategy: RetryStrategy,
 ) {
    stats.pending.fetch_sub(1, Ordering::Relaxed);
    stats.running.fetch_add(1, Ordering::Relaxed);
    let outcome = sign_and_send(&message, &client, timeout, strategy).await;
    // "Running" has finished, check the outcome
    stats.running.fetch_sub(1, Ordering::Relaxed);
    match outcome {
        Ok(_) => {
            stats.completed_last_hour.fetch_add(1, Ordering::Relaxed);
        }
        Err(_err) => {
            stats.retries.fetch_add(1, Ordering::Relaxed);
            warn!(
                "Sending activity {} to {} to the retry queue to be tried again later",
                message.activity_id, message.inbox
            );
-            // Send to the retry queue.  Ignoring whether it succeeds or not
+            Ok(())
-            retry_queue.send(message).ok();
+        }
        Ok(o) if o.status().is_client_error() => {
            let text = o.text_limited().await.map_err(Error::other)?;
            info!(
                "Activity {} was rejected by {}, aborting: {}",
                task.activity_id, task.inbox, text,
            );
            Ok(())
        }
        Ok(o) => {
            let status = o.status();
            let text = o.text_limited().await.map_err(Error::other)?;
            Err(anyhow!(
                "Queueing activity {} to {} for retry after failure with status {}: {}",
                task.activity_id,
                task.inbox,
                status,
                text,
            ))
        }
        Err(e) => {
            info!(
                "Unable to connect to {}, aborting task {}: {}",
                task.inbox, task.activity_id, e
            );
            Ok(())
        }
    }
 }
-async fn retry_worker(
+fn generate_request_headers(inbox_url: &Url) -> HeaderMap {
-    client: ClientWithMiddleware,
+    let mut host = inbox_url.domain().expect("read inbox domain").to_string();
-    timeout: Duration,
+    if let Some(port) = inbox_url.port() {
-    message: SendActivityTask,
+        host = format!("{}:{}", host, port);
    stats: Arc<Stats>,
    strategy: RetryStrategy,
 ) {
    // Because the times are pretty extravagant between retries, we have to re-sign each time
    let outcome = retry(
        || {
            sign_and_send(
                &message,
                &client,
                timeout,
                RetryStrategy {
                    backoff: 0,
                    retries: 0,
                    offset: 0,
                    initial_sleep: 0,
                },
            )
        },
        strategy,
    )
    .await;
    stats.retries.fetch_sub(1, Ordering::Relaxed);
    match outcome {
        Ok(_) => {
            stats.completed_last_hour.fetch_add(1, Ordering::Relaxed);
        }
        Err(_err) => {
            stats.dead_last_hour.fetch_add(1, Ordering::Relaxed);
        }
    }
    let mut headers = HeaderMap::new();
    headers.insert(
        HeaderName::from_static("content-type"),
        HeaderValue::from_static(APUB_JSON_CONTENT_TYPE),
    );
    headers.insert(
        HeaderName::from_static("host"),
        HeaderValue::from_str(&host).expect("Hostname is valid"),
    );
    headers.insert(
        "date",
        HeaderValue::from_str(&fmt_http_date(SystemTime::now())).expect("Date is valid"),
    );
    headers
 }
 impl ActivityQueue {
    fn new(
        client: ClientWithMiddleware,
        worker_count: usize,
        retry_count: usize,
        timeout: Duration,
        backoff: usize, // This should be 60 seconds by default or 1 second in tests
    ) -> Self {
        let stats: Arc<Stats> = Default::default();
        // This task clears the dead/completed stats every hour
        let hour_stats = stats.clone();
        tokio::spawn(async move {
            let duration = Duration::from_secs(3600);
            loop {
                tokio::time::sleep(duration).await;
                hour_stats.completed_last_hour.store(0, Ordering::Relaxed);
                hour_stats.dead_last_hour.store(0, Ordering::Relaxed);
            }
        });
        let (retry_sender, mut retry_receiver) = unbounded_channel();
        let retry_stats = stats.clone();
        let retry_client = client.clone();
        // The "fast path" retry
        // The backoff should be < 5 mins for this to work otherwise signatures may expire
        // This strategy is the one that is used with the *same* signature
        let strategy = RetryStrategy {
            backoff,
            retries: 1,
            offset: 0,
            initial_sleep: 0,
        };
        // The "retry path" strategy
        // After the fast path fails, a task will sleep up to backoff ^ 2 and then retry again
        let retry_strategy = RetryStrategy {
            backoff,
            retries: 3,
            offset: 2,
            initial_sleep: backoff.pow(2), // wait 60 mins before even trying
        };
        let retry_sender_task = tokio::spawn(async move {
            let mut join_set = JoinSet::new();
            while let Some(message) = retry_receiver.recv().await {
                let retry_task = retry_worker(
                    retry_client.clone(),
                    timeout,
                    message,
                    retry_stats.clone(),
                    retry_strategy,
                );
                if retry_count > 0 {
                    // If we're over the limit of retries, wait for them to finish before spawning
                    while join_set.len() >= retry_count {
                        join_set.join_next().await;
                    }
                    join_set.spawn(retry_task);
                } else {
                    // If the retry worker count is `0` then just spawn and don't use the join_set
                    tokio::spawn(retry_task);
                }
            }
            while !join_set.is_empty() {
                join_set.join_next().await;
            }
        });
        let (sender, mut receiver) = unbounded_channel();
        let sender_stats = stats.clone();
        let sender_task = tokio::spawn(async move {
            let mut join_set = JoinSet::new();
            while let Some(message) = receiver.recv().await {
                let task = worker(
                    client.clone(),
                    timeout,
                    message,
                    retry_sender.clone(),
                    sender_stats.clone(),
                    strategy,
                );
                if worker_count > 0 {
                    // If we're over the limit of workers, wait for them to finish before spawning
                    while join_set.len() >= worker_count {
                        join_set.join_next().await;
                    }
                    join_set.spawn(task);
                } else {
                    // If the worker count is `0` then just spawn and don't use the join_set
                    tokio::spawn(task);
                }
            }
            drop(retry_sender);
            while !join_set.is_empty() {
                join_set.join_next().await;
            }
        });
        Self {
            stats,
            sender,
            sender_task,
            retry_sender_task,
        }
    }
    async fn queue(&self, message: SendActivityTask) -> Result<(), Error> {
        self.stats.pending.fetch_add(1, Ordering::Relaxed);
        self.sender
            .send(message)
            .map_err(|e| Error::ActivityQueueError(e.0.activity_id))?;
        Ok(())
    }
    fn get_stats(&self) -> &Stats {
        &self.stats
    }
    #[allow(unused)]
    // Drops all the senders and shuts down the workers
    pub(crate) async fn shutdown(self, wait_for_retries: bool) -> Result<Arc<Stats>, Error> {
        drop(self.sender);
        self.sender_task.await?;
        if wait_for_retries {
            self.retry_sender_task.await?;
        }
        Ok(self.stats)
    }
 }
 /// Creates an activity queue using tokio spawned tasks
 /// Note: requires a tokio runtime
 pub(crate) fn create_activity_queue(
    client: ClientWithMiddleware,
-    worker_count: usize,
+    worker_count: u64,
    retry_count: usize,
    request_timeout: Duration,
-) -> ActivityQueue {
+    debug: bool,
-    ActivityQueue::new(client, worker_count, retry_count, request_timeout, 60)
+) -> Manager {
    // queue is not used in debug mod, so dont create any workers to avoid log spam
    let worker_count = if debug { 0 } else { worker_count };
    // Configure and start our workers
    WorkerConfig::new_managed(Storage::new(ActixTimer), move |_| QueueState {
        client: client.clone(),
        timeout: request_timeout,
    })
    .register::<SendActivityTask>()
    .set_worker_count("default", worker_count)
    .start()
 }
-/// Retries a future action factory function up to `amount` times with an exponential backoff timer between tries
+#[derive(Clone)]
-async fn retry<T, E: Display + Debug, F: Future<Output = Result<T, E>>, A: FnMut() -> F>(
+struct QueueState {
-    mut action: A,
+    client: ClientWithMiddleware,
-    strategy: RetryStrategy,
+    timeout: Duration,
 ) -> Result<T, E> {
    let mut count = strategy.offset;
    // Do an initial sleep if it's called for
    if strategy.initial_sleep > 0 {
        let sleep_dur = Duration::from_secs(strategy.initial_sleep as u64);
        tokio::time::sleep(sleep_dur).await;
    }
    loop {
        match action().await {
            Ok(val) => return Ok(val),
            Err(err) => {
                if count < strategy.retries {
                    count += 1;
                    let sleep_amt = strategy.backoff.pow(count as u32) as u64;
                    let sleep_dur = Duration::from_secs(sleep_amt);
                    warn!("{err:?}.  Sleeping for {sleep_dur:?} and trying again");
                    tokio::time::sleep(sleep_dur).await;
                    continue;
                } else {
                    return Err(err);
                }
            }
        }
    }
 }
 #[cfg(test)]
 #[allow(clippy::unwrap_used)]
 mod tests {
    use super::*;
    use crate::http_signatures::generate_actor_keypair;
    use axum::extract::State;
    use bytes::Bytes;
    use http::{HeaderMap, StatusCode};
    use std::time::Instant;
    use tracing::debug;
    // This will periodically send back internal errors to test the retry
    async fn dodgy_handler(
        State(state): State<Arc<AtomicUsize>>,
        headers: HeaderMap,
        body: Bytes,
    ) -> Result<(), StatusCode> {
        debug!("Headers:{:?}", headers);
        debug!("Body len:{}", body.len());
        if state.fetch_add(1, Ordering::Relaxed) % 20 == 0 {
            return Err(StatusCode::INTERNAL_SERVER_ERROR);
        }
        Ok(())
    }
    async fn test_server() {
        use axum::{routing::post, Router};
        // We should break every now and then ;)
        let state = Arc::new(AtomicUsize::new(0));
        let app = Router::new()
            .route("/", post(dodgy_handler))
            .with_state(state);
        let listener = tokio::net::TcpListener::bind("0.0.0.0:8002").await.unwrap();
        axum::serve(listener, app.into_make_service())
            .await
            .unwrap();
    }
    #[tokio::test(flavor = "multi_thread")]
    // Queues 100 messages and then asserts that the worker runs them
    async fn test_activity_queue_workers() {
        let num_workers = 64;
        let num_messages: usize = 100;
        tokio::spawn(test_server());
        /*
        // uncomment for debug logs & stats
        use tracing::log::LevelFilter;
        env_logger::builder()
            .filter_level(LevelFilter::Warn)
            .filter_module("activitypub_federation", LevelFilter::Info)
            .format_timestamp(None)
            .init();
        */
        let activity_queue = ActivityQueue::new(
            reqwest::Client::default().into(),
            num_workers,
            num_workers,
            Duration::from_secs(10),
            1,
        );
        let keypair = generate_actor_keypair().unwrap();
        let message = SendActivityTask {
            actor_id: "http://localhost:8002".parse().unwrap(),
            activity_id: "http://localhost:8002/activity".parse().unwrap(),
            activity: "{}".into(),
            inbox: "http://localhost:8002".parse().unwrap(),
            private_key: keypair.private_key().unwrap(),
            http_signature_compat: true,
        };
        let start = Instant::now();
        for _ in 0..num_messages {
            activity_queue.queue(message.clone()).await.unwrap();
        }
        info!("Queue Sent: {:?}", start.elapsed());
        let stats = activity_queue.shutdown(true).await.unwrap();
        info!(
            "Queue Finished.  Num msgs: {}, Time {:?}, msg/s: {:0.0}",
            num_messages,
            start.elapsed(),
            num_messages as f64 / start.elapsed().as_secs_f64()
        );
        assert_eq!(
            stats.completed_last_hour.load(Ordering::Relaxed),
            num_messages
        );
    }
 }
--- a/src/activity_sending.rs
+++ b/src/activity_sending.rs
@ -1,358 +0,0 @@
 //! Queue for signing and sending outgoing activities with retry
 //!
 #![doc = include_str!("../docs/09_sending_activities.md")]
 use crate::{
    config::Data,
    error::Error,
    http_signatures::sign_request,
    reqwest_shim::ResponseExt,
    traits::{Activity, Actor},
    FEDERATION_CONTENT_TYPE,
 };
 use bytes::Bytes;
 use futures::StreamExt;
 use http::StatusCode;
 use httpdate::fmt_http_date;
 use itertools::Itertools;
 use reqwest::{
    header::{HeaderMap, HeaderName, HeaderValue},
    Response,
 };
 use reqwest_middleware::ClientWithMiddleware;
 use rsa::{pkcs8::DecodePrivateKey, RsaPrivateKey};
 use serde::Serialize;
 use std::{
    fmt::{Debug, Display},
    time::{Duration, Instant, SystemTime},
 };
 use tracing::{debug, warn};
 use url::Url;
 #[derive(Clone, Debug)]
 /// All info needed to sign and send one activity to one inbox. You should generally use
 /// [[crate::activity_queue::queue_activity]] unless you want implement your own queue.
 pub struct SendActivityTask {
    pub(crate) actor_id: Url,
    pub(crate) activity_id: Url,
    pub(crate) activity: Bytes,
    pub(crate) inbox: Url,
    pub(crate) private_key: RsaPrivateKey,
    pub(crate) http_signature_compat: bool,
 }
 impl Display for SendActivityTask {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        write!(f, "{} to {}", self.activity_id, self.inbox)
    }
 }
 impl SendActivityTask {
    /// Prepare an activity for sending
    ///
    /// - `activity`: The activity to be sent, gets converted to json
    /// - `inboxes`: List of remote actor inboxes that should receive the activity. Ignores local actor
    ///   inboxes. Should be built by calling [crate::traits::Actor::shared_inbox_or_inbox]
    ///   for each target actor.
    pub async fn prepare<A, Datatype, ActorType>(
        activity: &A,
        actor: &ActorType,
        inboxes: Vec<Url>,
        data: &Data<Datatype>,
    ) -> Result<Vec<SendActivityTask>, Error>
    where
        A: Activity + Serialize + Debug,
        Datatype: Clone,
        ActorType: Actor,
    {
        build_tasks(activity, actor, inboxes, data).await
    }
    /// convert a sendactivitydata to a request, signing and sending it
    pub async fn sign_and_send<Datatype: Clone>(&self, data: &Data<Datatype>) -> Result<(), Error> {
        self.sign_and_send_internal(&data.config.client, data.config.request_timeout)
            .await
    }
    pub(crate) async fn sign_and_send_internal(
        &self,
        client: &ClientWithMiddleware,
        timeout: Duration,
    ) -> Result<(), Error> {
        debug!("Sending {} to {}", self.activity_id, self.inbox,);
        let request_builder = client
            .post(self.inbox.to_string())
            .timeout(timeout)
            .headers(generate_request_headers(&self.inbox));
        let request = sign_request(
            request_builder,
            &self.actor_id,
            self.activity.clone(),
            self.private_key.clone(),
            self.http_signature_compat,
        )
        .await?;
        // Send the activity, and log a warning if its too slow.
        let now = Instant::now();
        let response = client.execute(request).await?;
        let elapsed = now.elapsed().as_secs();
        if elapsed > 10 {
            warn!(
                "Sending activity {} to {} took {}s",
                self.activity_id, self.inbox, elapsed
            );
        }
        self.handle_response(response).await
    }
    /// Based on the HTTP status code determines if an activity was delivered successfully. In that case
    /// Ok is returned. Otherwise it returns Err and the activity send should be retried later.
    ///
    /// Equivalent code in mastodon: https://github.com/mastodon/mastodon/blob/v4.2.8/app/helpers/jsonld_helper.rb#L215-L217
    async fn handle_response(&self, response: Response) -> Result<(), Error> {
        match response.status() {
            status if status.is_success() => {
                debug!("Activity {self} delivered successfully");
                Ok(())
            }
            status
                if status.is_client_error()
                    && status != StatusCode::REQUEST_TIMEOUT
                    && status != StatusCode::TOO_MANY_REQUESTS =>
            {
                let text = response.text_limited().await?;
                debug!("Activity {self} was rejected, aborting: {text}");
                Ok(())
            }
            status => {
                let text = response.text_limited().await?;
                Err(Error::Other(format!(
                    "Activity {self} failure with status {status}: {text}",
                )))
            }
        }
    }
 }
 pub(crate) async fn build_tasks<A, Datatype, ActorType>(
    activity: &A,
    actor: &ActorType,
    inboxes: Vec<Url>,
    data: &Data<Datatype>,
 ) -> Result<Vec<SendActivityTask>, Error>
 where
    A: Activity + Serialize + Debug,
    Datatype: Clone,
    ActorType: Actor,
 {
    let config = &data.config;
    let actor_id = activity.actor();
    let activity_id = activity.id();
    let activity_serialized: Bytes = serde_json::to_vec(activity)
        .map_err(|e| Error::SerializeOutgoingActivity(e, format!("{:?}", activity)))?
        .into();
    let private_key = get_pkey_cached(data, actor).await?;
    Ok(futures::stream::iter(
        inboxes
            .into_iter()
            .unique()
            .filter(|i| !config.is_local_url(i)),
    )
    .filter_map(|inbox| async {
        if let Err(err) = config.verify_url_valid(&inbox).await {
            debug!("inbox url invalid, skipping: {inbox}: {err}");
            return None;
        };
        Some(SendActivityTask {
            actor_id: actor_id.clone(),
            activity_id: activity_id.clone(),
            inbox,
            activity: activity_serialized.clone(),
            private_key: private_key.clone(),
            http_signature_compat: config.http_signature_compat,
        })
    })
    .collect()
    .await)
 }
 pub(crate) async fn get_pkey_cached<ActorType>(
    data: &Data<impl Clone>,
    actor: &ActorType,
 ) -> Result<RsaPrivateKey, Error>
 where
    ActorType: Actor,
 {
    let actor_id = actor.id();
    // PKey is internally like an Arc<>, so cloning is ok
    data.config
        .actor_pkey_cache
        .try_get_with_by_ref(&actor_id, async {
            let private_key_pem = actor.private_key_pem().ok_or_else(|| {
                Error::Other(format!(
                    "Actor {actor_id} does not contain a private key for signing"
                ))
            })?;
            // This is a mostly expensive blocking call, we don't want to tie up other tasks while this is happening
            let pkey = tokio::task::spawn_blocking(move || {
                RsaPrivateKey::from_pkcs8_pem(&private_key_pem).map_err(|err| {
                    Error::Other(format!("Could not create private key from PEM data:{err}"))
                })
            })
            .await
            .map_err(|err| Error::Other(format!("Error joining: {err}")))??;
            std::result::Result::<RsaPrivateKey, Error>::Ok(pkey)
        })
        .await
        .map_err(|e| Error::Other(format!("cloned error: {e}")))
 }
 pub(crate) fn generate_request_headers(inbox_url: &Url) -> HeaderMap {
    let mut host = inbox_url.domain().expect("read inbox domain").to_string();
    if let Some(port) = inbox_url.port() {
        host = format!("{}:{}", host, port);
    }
    let mut headers = HeaderMap::new();
    headers.insert(
        HeaderName::from_static("content-type"),
        HeaderValue::from_static(FEDERATION_CONTENT_TYPE),
    );
    headers.insert(
        HeaderName::from_static("host"),
        HeaderValue::from_str(&host).expect("Hostname is valid"),
    );
    headers.insert(
        "date",
        HeaderValue::from_str(&fmt_http_date(SystemTime::now())).expect("Date is valid"),
    );
    headers
 }
 #[cfg(test)]
 #[allow(clippy::unwrap_used)]
 mod tests {
    use super::*;
    use crate::{config::FederationConfig, http_signatures::generate_actor_keypair};
    use std::{
        sync::{atomic::AtomicUsize, Arc},
        time::Instant,
    };
    use tracing::info;
    // This will periodically send back internal errors to test the retry
    async fn dodgy_handler(headers: HeaderMap, body: Bytes) -> Result<(), StatusCode> {
        debug!("Headers:{:?}", headers);
        debug!("Body len:{}", body.len());
        Ok(())
    }
    async fn test_server() {
        use axum::{routing::post, Router};
        // We should break every now and then ;)
        let state = Arc::new(AtomicUsize::new(0));
        let app = Router::new()
            .route("/", post(dodgy_handler))
            .with_state(state);
        let listener = tokio::net::TcpListener::bind("0.0.0.0:8001").await.unwrap();
        axum::serve(listener, app.into_make_service())
            .await
            .unwrap();
    }
    #[tokio::test(flavor = "multi_thread")]
    // Sends 100 messages
    async fn test_activity_sending() -> anyhow::Result<()> {
        let num_messages: usize = 100;
        tokio::spawn(test_server());
        /*
        // uncomment for debug logs & stats
        use tracing::log::LevelFilter;
        env_logger::builder()
            .filter_level(LevelFilter::Warn)
            .filter_module("activitypub_federation", LevelFilter::Info)
            .format_timestamp(None)
            .init();
        */
        let keypair = generate_actor_keypair().unwrap();
        let message = SendActivityTask {
            actor_id: "http://localhost:8001".parse().unwrap(),
            activity_id: "http://localhost:8001/activity".parse().unwrap(),
            activity: "{}".into(),
            inbox: "http://localhost:8001".parse().unwrap(),
            private_key: keypair.private_key().unwrap(),
            http_signature_compat: true,
        };
        let data = FederationConfig::builder()
            .app_data(())
            .domain("localhost")
            .build()
            .await?
            .to_request_data();
        let start = Instant::now();
        for _ in 0..num_messages {
            message.clone().sign_and_send(&data).await?;
        }
        info!("Queue Sent: {:?}", start.elapsed());
        Ok(())
    }
    #[tokio::test]
    async fn test_handle_response() {
        let keypair = generate_actor_keypair().unwrap();
        let message = SendActivityTask {
            actor_id: "http://localhost:8001".parse().unwrap(),
            activity_id: "http://localhost:8001/activity".parse().unwrap(),
            activity: "{}".into(),
            inbox: "http://localhost:8001".parse().unwrap(),
            private_key: keypair.private_key().unwrap(),
            http_signature_compat: true,
        };
        let res = |status| {
            http::Response::builder()
                .status(status)
                .body(vec![])
                .unwrap()
                .into()
        };
        assert!(message.handle_response(res(StatusCode::OK)).await.is_ok());
        assert!(message
            .handle_response(res(StatusCode::BAD_REQUEST))
            .await
            .is_ok());
        assert!(message
            .handle_response(res(StatusCode::MOVED_PERMANENTLY))
            .await
            .is_err());
        assert!(message
            .handle_response(res(StatusCode::REQUEST_TIMEOUT))
            .await
            .is_err());
        assert!(message
            .handle_response(res(StatusCode::TOO_MANY_REQUESTS))
            .await
            .is_err());
        assert!(message
            .handle_response(res(StatusCode::INTERNAL_SERVER_ERROR))
            .await
            .is_err());
    }
 }
--- a/src/actix_web/http_compat.rs
+++ b/src/actix_web/http_compat.rs
@ -1,30 +0,0 @@
 //! Remove these conversion helpers after actix-web upgrades to http 1.0
 use std::str::FromStr;
 pub fn header_value(v: &http02::HeaderValue) -> http::HeaderValue {
    http::HeaderValue::from_bytes(v.as_bytes()).expect("can convert http types")
 }
 pub fn header_map<'a, H>(m: H) -> http::HeaderMap
 where
    H: IntoIterator<Item = (&'a http02::HeaderName, &'a http02::HeaderValue)>,
 {
    let mut new_map = http::HeaderMap::new();
    for (n, v) in m {
        new_map.insert(
            http::HeaderName::from_lowercase(n.as_str().as_bytes())
                .expect("can convert http types"),
            header_value(v),
        );
    }
    new_map
 }
 pub fn method(m: &http02::Method) -> http::Method {
    http::Method::from_bytes(m.as_str().as_bytes()).expect("can convert http types")
 }
 pub fn uri(m: &http02::Uri) -> http::Uri {
    http::Uri::from_str(&m.to_string()).expect("can convert http types")
 }
--- a/src/actix_web/inbox.rs
+++ b/src/actix_web/inbox.rs
@ -1,12 +1,11 @@
 //! Handles incoming activities, verifying HTTP signatures and other checks
 use super::http_compat;
 use crate::{
-    config::Data,
+    config::RequestData,
    error::Error,
-    http_signatures::{verify_body_hash, verify_signature},
+    fetch::object_id::ObjectId,
-    parse_received_activity,
+    http_signatures::{verify_inbox_hash, verify_signature},
-    traits::{Activity, Actor, Object},
+    traits::{ActivityHandler, Actor, ApubObject},
 };
 use actix_web::{web::Bytes, HttpRequest, HttpResponse};
 use serde::de::DeserializeOwned;
@ -14,104 +13,38 @@ use tracing::debug;
 /// Handles incoming activities, verifying HTTP signatures and other checks
 ///
-/// After successful validation, activities are passed to respective [trait@Activity].
+/// After successful validation, activities are passed to respective [trait@ActivityHandler].
-pub async fn receive_activity<A, ActorT, Datatype>(
+pub async fn receive_activity<Activity, ActorT, Datatype>(
    request: HttpRequest,
    body: Bytes,
-    data: &Data<Datatype>,
+    data: &RequestData<Datatype>,
-) -> Result<HttpResponse, <A as Activity>::Error>
+) -> Result<HttpResponse, <Activity as ActivityHandler>::Error>
 where
-    A: Activity<DataType = Datatype> + DeserializeOwned + Send + 'static,
+    Activity: ActivityHandler<DataType = Datatype> + DeserializeOwned + Send + 'static,
-    ActorT: Object<DataType = Datatype> + Actor + Send + Sync + 'static,
+    ActorT: ApubObject<DataType = Datatype> + Actor + Send + 'static,
-    for<'de2> <ActorT as Object>::Kind: serde::Deserialize<'de2>,
+    for<'de2> <ActorT as ApubObject>::ApubType: serde::Deserialize<'de2>,
-    <A as Activity>::Error: From<Error> + From<<ActorT as Object>::Error>,
+    <Activity as ActivityHandler>::Error: From<anyhow::Error>
-    <ActorT as Object>::Error: From<Error>,
+        + From<Error>
        + From<<ActorT as ApubObject>::Error>
        + From<serde_json::Error>,
    <ActorT as ApubObject>::Error: From<Error> + From<anyhow::Error>,
    Datatype: Clone,
 {
-    let (activity, _) = do_stuff::<A, ActorT, Datatype>(request, body, data).await?;
+    verify_inbox_hash(request.headers().get("Digest"), &body)?;
-    do_more_stuff(activity, data).await
+    let activity: Activity = serde_json::from_slice(&body)?;
-}
+    data.config.verify_url_and_domain(&activity).await?;
    let actor = ObjectId::<ActorT>::from(activity.actor().clone())
        .dereference(data)
        .await?;
-/// Workaround required so we can use references for the hook, instead of cloning data.
+    verify_signature(
-pub trait ReceiveActivityHook<A, ActorT, Datatype>
+        request.headers(),
-where
+        request.method(),
-    A: Activity<DataType = Datatype> + DeserializeOwned + Send + Clone + 'static,
+        request.uri(),
-    ActorT: Object<DataType = Datatype> + Actor + Send + Clone + 'static,
+        actor.public_key_pem(),
-    for<'de2> <ActorT as Object>::Kind: serde::Deserialize<'de2>,
+    )?;
    <A as Activity>::Error: From<Error> + From<<ActorT as Object>::Error>,
    <ActorT as Object>::Error: From<Error>,
    Datatype: Clone,
 {
    /// Called when a new activity is recived
    fn hook(
        self,
        activity: &A,
        actor: &ActorT,
        data: &Data<Datatype>,
    ) -> impl std::future::Future<Output = Result<(), <A as Activity>::Error>>;
 }
 /// Same as [receive_activity], only that it calls the provided hook function before
 /// calling activity verify and receive functions.
 pub async fn receive_activity_with_hook<A, ActorT, Datatype>(
    request: HttpRequest,
    body: Bytes,
    hook: impl ReceiveActivityHook<A, ActorT, Datatype>,
    data: &Data<Datatype>,
 ) -> Result<HttpResponse, <A as Activity>::Error>
 where
    A: Activity<DataType = Datatype> + DeserializeOwned + Send + Clone + 'static,
    ActorT: Object<DataType = Datatype> + Actor + Send + Sync + Clone + 'static,
    for<'de2> <ActorT as Object>::Kind: serde::Deserialize<'de2>,
    <A as Activity>::Error: From<Error> + From<<ActorT as Object>::Error>,
    <ActorT as Object>::Error: From<Error>,
    Datatype: Clone,
 {
    let (activity, actor) = do_stuff::<A, ActorT, Datatype>(request, body, data).await?;
    hook.hook(&activity, &actor, data).await?;
    do_more_stuff(activity, data).await
 }
 async fn do_stuff<A, ActorT, Datatype>(
    request: HttpRequest,
    body: Bytes,
    data: &Data<Datatype>,
 ) -> Result<(A, ActorT), <A as Activity>::Error>
 where
    A: Activity<DataType = Datatype> + DeserializeOwned + Send + 'static,
    ActorT: Object<DataType = Datatype> + Actor + Send + Sync + 'static,
    for<'de2> <ActorT as Object>::Kind: serde::Deserialize<'de2>,
    <A as Activity>::Error: From<Error> + From<<ActorT as Object>::Error>,
    <ActorT as Object>::Error: From<Error>,
    Datatype: Clone,
 {
    let digest_header = request
        .headers()
        .get("Digest")
        .map(http_compat::header_value);
    verify_body_hash(digest_header.as_ref(), &body)?;
    let (activity, actor) = parse_received_activity::<A, ActorT, _>(&body, data).await?;
    let headers = http_compat::header_map(request.headers());
    let method = http_compat::method(request.method());
    let uri = http_compat::uri(request.uri());
    verify_signature(&headers, &method, &uri, actor.public_key_pem())?;
    Ok((activity, actor))
 }
 async fn do_more_stuff<A, Datatype>(
    activity: A,
    data: &Data<Datatype>,
 ) -> Result<HttpResponse, <A as Activity>::Error>
 where
    A: Activity<DataType = Datatype> + DeserializeOwned + Send + 'static,
    Datatype: Clone,
 {
    debug!("Receiving activity {}", activity.id().to_string());
    activity.verify(data).await?;
    activity.receive(data).await?;
@ -119,68 +52,30 @@ where
 }
 #[cfg(test)]
 #[allow(clippy::unwrap_used)]
 mod test {
    use super::*;
    use crate::{
        activity_sending::generate_request_headers,
        config::FederationConfig,
        fetch::object_id::ObjectId,
        http_signatures::sign_request,
        traits::tests::{DbConnection, DbUser, Follow, DB_USER_KEYPAIR},
    };
    use actix_web::test::TestRequest;
    use reqwest::Client;
    use reqwest_middleware::ClientWithMiddleware;
    use serde_json::json;
    use url::Url;
-    /// Remove this conversion helper after actix-web upgrades to http 1.0
+    #[actix_rt::test]
-    fn header_pair(
+    async fn test_receive_activity() {
        p: (&http::HeaderName, &http::HeaderValue),
    ) -> (http02::HeaderName, http02::HeaderValue) {
        (
            http02::HeaderName::from_lowercase(p.0.as_str().as_bytes()).unwrap(),
            http02::HeaderValue::from_bytes(p.1.as_bytes()).unwrap(),
        )
    }
    #[tokio::test]
    async fn test_receive_activity_hook() {
        let (body, incoming_request, config) = setup_receive_test().await;
-        let res = receive_activity_with_hook::<Follow, DbUser, DbConnection>(
+        receive_activity::<Follow, DbUser, DbConnection>(
            incoming_request.to_http_request(),
-            body,
+            body.into(),
            Dummy,
            &config.to_request_data(),
        )
-        .await;
+        .await
-        assert_eq!(res.err(), Some(Error::Other("test-error".to_string())));
+        .unwrap();
    }
-    struct Dummy;
+    #[actix_rt::test]
    impl<A, ActorT, Datatype> ReceiveActivityHook<A, ActorT, Datatype> for Dummy
    where
        A: Activity<DataType = Datatype> + DeserializeOwned + Send + Clone + 'static,
        ActorT: Object<DataType = Datatype> + Actor + Send + Clone + 'static,
        for<'de2> <ActorT as Object>::Kind: serde::Deserialize<'de2>,
        <A as Activity>::Error: From<Error> + From<<ActorT as Object>::Error>,
        <ActorT as Object>::Error: From<Error>,
        Datatype: Clone,
    {
        async fn hook(
            self,
            _activity: &A,
            _actor: &ActorT,
            _data: &Data<Datatype>,
        ) -> Result<(), <A as Activity>::Error> {
            // ensure that hook gets called by returning this value
            Err(Error::Other("test-error".to_string()).into())
        }
    }
    #[tokio::test]
    async fn test_receive_activity_invalid_body_signature() {
        let (_, incoming_request, config) = setup_receive_test().await;
        let err = receive_activity::<Follow, DbUser, DbConnection>(
@ -192,97 +87,56 @@ mod test {
        .err()
        .unwrap();
-        assert_eq!(&err, &Error::ActivityBodyDigestInvalid)
+        let e = err.root_cause().downcast_ref::<Error>().unwrap();
        assert_eq!(e, &Error::ActivityBodyDigestInvalid)
    }
-    #[tokio::test]
+    #[actix_rt::test]
    async fn test_receive_activity_invalid_path() {
        let (body, incoming_request, config) = setup_receive_test().await;
        let incoming_request = incoming_request.uri("/wrong");
        let err = receive_activity::<Follow, DbUser, DbConnection>(
            incoming_request.to_http_request(),
-            body,
+            body.into(),
            &config.to_request_data(),
        )
        .await
        .err()
        .unwrap();
-        assert_eq!(&err, &Error::ActivitySignatureInvalid)
+        let e = err.root_cause().downcast_ref::<Error>().unwrap();
        assert_eq!(e, &Error::ActivitySignatureInvalid)
    }
-    #[tokio::test]
+    async fn setup_receive_test() -> (String, TestRequest, FederationConfig<DbConnection>) {
-    async fn test_receive_unparseable_activity() {
+        let request_builder =
-        let (_, _, config) = setup_receive_test().await;
+            ClientWithMiddleware::from(Client::default()).post("https://example.com/inbox");
-
+        let activity = Follow {
-        let actor = Url::parse("http://ds9.lemmy.ml/u/lemmy_alpha").unwrap();
+            actor: ObjectId::new("http://localhost:123").unwrap(),
-        let activity_id = "http://localhost:123/1";
+            object: ObjectId::new("http://localhost:124").unwrap(),
-        let activity = json!({
+            kind: Default::default(),
-          "actor": actor.as_str(),
+            id: "http://localhost:123/1".try_into().unwrap(),
-          "to": ["https://www.w3.org/ns/activitystreams#Public"],
+        };
-          "object": "http://ds9.lemmy.ml/post/1",
+        let body = serde_json::to_string(&activity).unwrap();
          "cc": ["http://enterprise.lemmy.ml/c/main"],
          "type": "Delete",
          "id": activity_id
        }
        );
        let body: Bytes = serde_json::to_vec(&activity).unwrap().into();
        let incoming_request = construct_request(&body, &actor).await;
        // intentionally cause a parse error by using wrong type for deser
        let res = receive_activity::<Follow, DbUser, DbConnection>(
            incoming_request.to_http_request(),
            body,
            &config.to_request_data(),
        )
        .await;
        match res {
            Err(Error::ParseReceivedActivity { err: _, id }) => {
                assert_eq!(activity_id, id.expect("has url").as_str());
            }
            _ => unreachable!(),
        }
    }
    async fn construct_request(body: &Bytes, actor: &Url) -> TestRequest {
        let inbox = "https://example.com/inbox";
        let headers = generate_request_headers(&Url::parse(inbox).unwrap());
        let request_builder = ClientWithMiddleware::from(Client::default())
            .post(inbox)
            .headers(headers);
        let outgoing_request = sign_request(
            request_builder,
-            actor,
+            activity.actor.into_inner(),
-            body.clone(),
+            body.to_string(),
-            DB_USER_KEYPAIR.private_key().unwrap(),
+            DB_USER_KEYPAIR.private_key.clone(),
            false,
        )
        .await
        .unwrap();
        let mut incoming_request = TestRequest::post().uri(outgoing_request.url().path());
        for h in outgoing_request.headers() {
-            incoming_request = incoming_request.append_header(header_pair(h));
+            incoming_request = incoming_request.append_header(h);
        }
        incoming_request
    }
    async fn setup_receive_test() -> (Bytes, TestRequest, FederationConfig<DbConnection>) {
        let activity = Follow {
            actor: ObjectId::parse("http://localhost:123").unwrap(),
            object: ObjectId::parse("http://localhost:124").unwrap(),
            kind: Default::default(),
            id: "http://localhost:123/1".try_into().unwrap(),
        };
        let body: Bytes = serde_json::to_vec(&activity).unwrap().into();
        let incoming_request = construct_request(&body, activity.actor.inner()).await;
        let config = FederationConfig::builder()
            .domain("localhost:8002")
            .app_data(DbConnection)
            .debug(true)
            .build()
            .await
            .unwrap();
        (body, incoming_request, config)
    }
--- a/src/actix_web/middleware.rs
+++ b/src/actix_web/middleware.rs
@ -1,4 +1,4 @@
-use crate::config::{Data, FederationConfig, FederationMiddleware};
+use crate::config::{ApubMiddleware, FederationConfig, RequestData};
 use actix_web::{
    dev::{forward_ready, Payload, Service, ServiceRequest, ServiceResponse, Transform},
    Error,
@ -8,7 +8,7 @@ use actix_web::{
 };
 use std::future::{ready, Ready};
-impl<S, B, T> Transform<S, ServiceRequest> for FederationMiddleware<T>
+impl<S, B, T> Transform<S, ServiceRequest> for ApubMiddleware<T>
 where
    S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error>,
    S::Future: 'static,
@ -17,21 +17,21 @@ where
 {
    type Response = ServiceResponse<B>;
    type Error = Error;
-    type Transform = FederationService<S, T>;
+    type Transform = ApubService<S, T>;
    type InitError = ();
    type Future = Ready<Result<Self::Transform, Self::InitError>>;
    fn new_transform(&self, service: S) -> Self::Future {
-        ready(Ok(FederationService {
+        ready(Ok(ApubService {
            service,
            config: self.0.clone(),
        }))
    }
 }
-/// Passes [FederationConfig] to HTTP handlers, converting it to [Data] in the process
+/// Passes [FederationConfig] to HTTP handlers, converting it to [RequestData] in the process
 #[doc(hidden)]
-pub struct FederationService<S, T: Clone>
+pub struct ApubService<S, T: Clone>
 where
    S: Service<ServiceRequest, Error = Error>,
    S::Future: 'static,
@ -41,7 +41,7 @@ where
    config: FederationConfig<T>,
 }
-impl<S, B, T> Service<ServiceRequest> for FederationService<S, T>
+impl<S, B, T> Service<ServiceRequest> for ApubService<S, T>
 where
    S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error>,
    S::Future: 'static,
@ -61,7 +61,7 @@ where
    }
 }
-impl<T: Clone + 'static> FromRequest for Data<T> {
+impl<T: Clone + 'static> FromRequest for RequestData<T> {
    type Error = Error;
    type Future = Ready<Result<Self, Self::Error>>;
@ -69,7 +69,7 @@ impl<T: Clone + 'static> FromRequest for Data<T> {
        ready(match req.extensions().get::<FederationConfig<T>>() {
            Some(c) => Ok(c.to_request_data()),
            None => Err(actix_web::error::ErrorBadRequest(
-                "Missing extension, did you register FederationMiddleware?",
+                "Missing extension, did you register ApubMiddleware?",
            )),
        })
    }
--- a/src/actix_web/mod.rs
+++ b/src/actix_web/mod.rs
@ -1,40 +1,5 @@
 //! Utilities for using this library with actix-web framework
 mod http_compat;
 pub mod inbox;
 #[doc(hidden)]
 pub mod middleware;
 pub mod response;
 use crate::{
    config::Data,
    error::Error,
    http_signatures::{self, verify_body_hash},
    traits::{Actor, Object},
 };
 use actix_web::{web::Bytes, HttpRequest};
 use serde::Deserialize;
 /// Checks whether the request is signed by an actor of type A, and returns
 /// the actor in question if a valid signature is found.
 pub async fn signing_actor<A>(
    request: &HttpRequest,
    body: Option<Bytes>,
    data: &Data<<A as Object>::DataType>,
 ) -> Result<A, <A as Object>::Error>
 where
    A: Object + Actor + Send + Sync,
    <A as Object>::Error: From<Error>,
    for<'de2> <A as Object>::Kind: Deserialize<'de2>,
 {
    let digest_header = request
        .headers()
        .get("Digest")
        .map(http_compat::header_value);
    verify_body_hash(digest_header.as_ref(), &body.unwrap_or_default())?;
    let headers = http_compat::header_map(request.headers());
    let method = http_compat::method(request.method());
    let uri = http_compat::uri(request.uri());
    http_signatures::signing_actor(&headers, &method, &uri, data).await
 }
--- a/src/actix_web/response.rs
+++ b/src/actix_web/response.rs
@ -1,50 +0,0 @@
 //! Generate HTTP responses for Activitypub ojects
 use crate::{
    protocol::{context::WithContext, tombstone::Tombstone},
    FEDERATION_CONTENT_TYPE,
 };
 use actix_web::HttpResponse;
 use http02::header::VARY;
 use serde::Serialize;
 use serde_json::Value;
 use url::Url;
 /// Generates HTTP response to serve the object for fetching from other instances.
 ///
 /// If possible use [Object.http_response]
 /// which also handles redirects for remote objects and deletions.
 ///
 /// `federation_context` is the value of `@context`.
 pub fn create_http_response<T: Serialize>(
    data: T,
    federation_context: &Value,
 ) -> Result<HttpResponse, serde_json::Error> {
    let json = serde_json::to_string_pretty(&WithContext::new(data, federation_context.clone()))?;
    Ok(HttpResponse::Ok()
        .content_type(FEDERATION_CONTENT_TYPE)
        .insert_header((VARY, "Accept"))
        .body(json))
 }
 pub(crate) fn create_tombstone_response(
    id: Url,
    federation_context: &Value,
 ) -> Result<HttpResponse, serde_json::Error> {
    let tombstone = Tombstone::new(id);
    let json =
        serde_json::to_string_pretty(&WithContext::new(tombstone, federation_context.clone()))?;
    Ok(HttpResponse::Gone()
        .content_type(FEDERATION_CONTENT_TYPE)
        .status(actix_web::http::StatusCode::GONE)
        .insert_header((VARY, "Accept"))
        .body(json))
 }
 pub(crate) fn redirect_remote_object(url: &Url) -> HttpResponse {
    let mut res = HttpResponse::PermanentRedirect();
    res.insert_header((actix_web::http::header::LOCATION, url.as_str()));
    res.finish()
 }
--- a/src/axum/inbox.rs
+++ b/src/axum/inbox.rs
@ -3,14 +3,15 @@
 #![doc = include_str!("../../docs/08_receiving_activities.md")]
 use crate::{
-    config::Data,
+    config::RequestData,
    error::Error,
-    http_signatures::verify_signature,
+    fetch::object_id::ObjectId,
-    parse_received_activity,
+    http_signatures::{verify_inbox_hash, verify_signature},
-    traits::{Activity, Actor, Object},
+    traits::{ActivityHandler, Actor, ApubObject},
 };
 use axum::{
-    body::Body,
+    async_trait,
    body::{Bytes, HttpBody},
    extract::FromRequest,
    http::{Request, StatusCode},
    response::{IntoResponse, Response},
@ -20,20 +21,28 @@ use serde::de::DeserializeOwned;
 use tracing::debug;
 /// Handles incoming activities, verifying HTTP signatures and other checks
-pub async fn receive_activity<A, ActorT, Datatype>(
+pub async fn receive_activity<Activity, ActorT, Datatype>(
    activity_data: ActivityData,
-    data: &Data<Datatype>,
+    data: &RequestData<Datatype>,
-) -> Result<(), <A as Activity>::Error>
+) -> Result<(), <Activity as ActivityHandler>::Error>
 where
-    A: Activity<DataType = Datatype> + DeserializeOwned + Send + 'static,
+    Activity: ActivityHandler<DataType = Datatype> + DeserializeOwned + Send + 'static,
-    ActorT: Object<DataType = Datatype> + Actor + Send + Sync + 'static,
+    ActorT: ApubObject<DataType = Datatype> + Actor + Send + 'static,
-    for<'de2> <ActorT as Object>::Kind: serde::Deserialize<'de2>,
+    for<'de2> <ActorT as ApubObject>::ApubType: serde::Deserialize<'de2>,
-    <A as Activity>::Error: From<Error> + From<<ActorT as Object>::Error>,
+    <Activity as ActivityHandler>::Error: From<anyhow::Error>
-    <ActorT as Object>::Error: From<Error>,
+        + From<Error>
        + From<<ActorT as ApubObject>::Error>
        + From<serde_json::Error>,
    <ActorT as ApubObject>::Error: From<Error> + From<anyhow::Error>,
    Datatype: Clone,
 {
-    let (activity, actor) =
+    verify_inbox_hash(activity_data.headers.get("Digest"), &activity_data.body)?;
-        parse_received_activity::<A, ActorT, _>(&activity_data.body, data).await?;
+
    let activity: Activity = serde_json::from_slice(&activity_data.body)?;
    data.config.verify_url_and_domain(&activity).await?;
    let actor = ObjectId::<ActorT>::from(activity.actor().clone())
        .dereference(data)
        .await?;
    verify_signature(
        &activity_data.headers,
@ -57,38 +66,29 @@ pub struct ActivityData {
    body: Vec<u8>,
 }
-impl<S> FromRequest<S> for ActivityData
+#[async_trait]
 impl<S, B> FromRequest<S, B> for ActivityData
 where
    Bytes: FromRequest<S, B>,
    B: HttpBody + Send + 'static,
    S: Send + Sync,
    <B as HttpBody>::Error: std::fmt::Display,
    <B as HttpBody>::Data: Send,
 {
    type Rejection = Response;
-    async fn from_request(req: Request<Body>, _state: &S) -> Result<Self, Self::Rejection> {
+    async fn from_request(req: Request<B>, _state: &S) -> Result<Self, Self::Rejection> {
-        #[allow(unused_mut)]
+        let (parts, body) = req.into_parts();
        let (mut parts, body) = req.into_parts();
        // take the full URI to handle nested routers
        // OriginalUri::from_request_parts has an Infallible error type
        #[cfg(feature = "axum-original-uri")]
        let uri = {
            use axum::extract::{FromRequestParts, OriginalUri};
            OriginalUri::from_request_parts(&mut parts, _state)
                .await
                .expect("infallible")
                .0
        };
        #[cfg(not(feature = "axum-original-uri"))]
        let uri = parts.uri;
        // this wont work if the body is an long running stream
-        let bytes = axum::body::to_bytes(body, usize::MAX)
+        let bytes = hyper::body::to_bytes(body)
            .await
            .map_err(|err| (StatusCode::INTERNAL_SERVER_ERROR, err.to_string()).into_response())?;
        Ok(Self {
            headers: parts.headers,
            method: parts.method,
-            uri,
+            uri: parts.uri,
            body: bytes.to_vec(),
        })
    }
--- a/src/axum/json.rs
+++ b/src/axum/json.rs
@ -3,34 +3,34 @@
 //! ```
 //! # use anyhow::Error;
 //! # use axum::extract::Path;
-//! # use activitypub_federation::axum::json::FederationJson;
+//! # use activitypub_federation::axum::json::ApubJson;
 //! # use activitypub_federation::protocol::context::WithContext;
-//! # use activitypub_federation::config::Data;
+//! # use activitypub_federation::config::RequestData;
-//! # use activitypub_federation::traits::Object;
+//! # use activitypub_federation::traits::ApubObject;
 //! # use activitypub_federation::traits::tests::{DbConnection, DbUser, Person};
-//! async fn http_get_user(Path(name): Path<String>, data: Data<DbConnection>) -> Result<FederationJson<WithContext<Person>>, Error> {
+//! async fn http_get_user(Path(name): Path<String>, data: RequestData<DbConnection>) -> Result<ApubJson<WithContext<Person>>, Error> {
-//!     let user: DbUser = data.read_local_user(&name).await?;
+//!     let user: DbUser = data.read_local_user(name).await?;
-//!     let person = user.into_json(&data).await?;
+//!     let person = user.into_apub(&data).await?;
 //!
-//!     Ok(FederationJson(WithContext::new_default(person)))
+//!     Ok(ApubJson(WithContext::new_default(person)))
 //! }
 //! ```
-use crate::FEDERATION_CONTENT_TYPE;
+use crate::APUB_JSON_CONTENT_TYPE;
 use axum::response::IntoResponse;
 use http::header;
 use serde::Serialize;
 /// Wrapper struct to respond with `application/activity+json` in axum handlers
 #[derive(Debug, Clone, Copy, Default)]
-pub struct FederationJson<Json: Serialize>(pub Json);
+pub struct ApubJson<Json: Serialize>(pub Json);
-impl<Json: Serialize> IntoResponse for FederationJson<Json> {
+impl<Json: Serialize> IntoResponse for ApubJson<Json> {
    fn into_response(self) -> axum::response::Response {
        let mut response = axum::response::Json(self.0).into_response();
        response.headers_mut().insert(
            header::CONTENT_TYPE,
-            FEDERATION_CONTENT_TYPE
+            APUB_JSON_CONTENT_TYPE
                .parse()
                .expect("Parsing 'application/activity+json' should never fail"),
        );
--- a/src/axum/middleware.rs
+++ b/src/axum/middleware.rs
@ -1,29 +1,29 @@
-use crate::config::{Data, FederationConfig, FederationMiddleware};
+use crate::config::{ApubMiddleware, FederationConfig, RequestData};
-use axum::{body::Body, extract::FromRequestParts, http::Request, response::Response};
+use axum::{async_trait, body::Body, extract::FromRequestParts, http::Request, response::Response};
 use http::{request::Parts, StatusCode};
 use std::task::{Context, Poll};
 use tower::{Layer, Service};
-impl<S, T: Clone> Layer<S> for FederationMiddleware<T> {
+impl<S, T: Clone> Layer<S> for ApubMiddleware<T> {
-    type Service = FederationService<S, T>;
+    type Service = ApubService<S, T>;
    fn layer(&self, inner: S) -> Self::Service {
-        FederationService {
+        ApubService {
            inner,
            config: self.0.clone(),
        }
    }
 }
-/// Passes [FederationConfig] to HTTP handlers, converting it to [Data] in the process
+/// Passes [FederationConfig] to HTTP handlers, converting it to [RequestData] in the process
 #[doc(hidden)]
 #[derive(Clone)]
-pub struct FederationService<S, T: Clone> {
+pub struct ApubService<S, T: Clone> {
    inner: S,
    config: FederationConfig<T>,
 }
-impl<S, T> Service<Request<Body>> for FederationService<S, T>
+impl<S, T> Service<Request<Body>> for ApubService<S, T>
 where
    S: Service<Request<Body>, Response = Response> + Send + 'static,
    S::Future: Send + 'static,
@ -43,7 +43,8 @@ where
    }
 }
-impl<S, T: Clone + 'static> FromRequestParts<S> for Data<T>
+#[async_trait]
 impl<S, T: Clone + 'static> FromRequestParts<S> for RequestData<T>
 where
    S: Send + Sync,
    T: Send + Sync,
@ -55,7 +56,7 @@ where
            Some(c) => Ok(c.to_request_data()),
            None => Err((
                StatusCode::INTERNAL_SERVER_ERROR,
-                "Missing extension, did you register FederationMiddleware?",
+                "Missing extension, did you register ApubMiddleware?",
            )),
        }
    }
--- a/src/config.rs
+++ b/src/config.rs
@ -4,41 +4,31 @@
 //!
 //! ```
 //! # use activitypub_federation::config::FederationConfig;
-//! # tokio::runtime::Runtime::new().unwrap().block_on(async {
+//! # let _ = actix_rt::System::new();
 //! let settings = FederationConfig::builder()
 //!     .domain("example.com")
 //!     .app_data(())
 //!     .http_fetch_limit(50)
-//!     .build().await?;
+//!     .worker_count(16)
 //!     .build()?;
 //! # Ok::<(), anyhow::Error>(())
 //! # }).unwrap()
 //! ```
 use crate::{
-    activity_queue::{create_activity_queue, ActivityQueue},
+    activity_queue::create_activity_queue,
    error::Error,
    http_signatures::sign_request,
    protocol::verification::verify_domains_match,
-    traits::{Activity, Actor},
+    traits::ActivityHandler,
    utils::validate_ip,
 };
 use async_trait::async_trait;
-use bytes::Bytes;
+use background_jobs::Manager;
 use derive_builder::Builder;
 use dyn_clone::{clone_trait_object, DynClone};
-use moka::future::Cache;
+use reqwest_middleware::ClientWithMiddleware;
 use regex::Regex;
 use reqwest::{redirect::Policy, Client, Request};
 use reqwest_middleware::{ClientWithMiddleware, RequestBuilder};
 use rsa::{pkcs8::DecodePrivateKey, RsaPrivateKey};
 use serde::de::DeserializeOwned;
 use std::{
    ops::Deref,
-    sync::{
+    sync::{atomic::AtomicI32, Arc},
        atomic::{AtomicU32, Ordering},
        Arc,
        OnceLock,
    },
    time::Duration,
 };
 use url::Url;
@ -56,24 +46,19 @@ pub struct FederationConfig<T: Clone> {
    /// Maximum number of outgoing HTTP requests per incoming HTTP request. See
    /// [crate::fetch::object_id::ObjectId] for more details.
    #[builder(default = "20")]
-    pub(crate) http_fetch_limit: u32,
+    pub(crate) http_fetch_limit: i32,
-    #[builder(default = "default_client()")]
+    #[builder(default = "reqwest::Client::default().into()")]
-    /// HTTP client used for all outgoing requests. When passing a custom client here you should
+    /// HTTP client used for all outgoing requests. Middleware can be used to add functionality
-    /// also disable redirects and set timeouts.
+    /// like log tracing or retry of failed requests.
    ///
    /// Middleware can be used to add functionality like log tracing or retry of failed requests.
    /// Redirects are disabled by default, because automatic redirect URLs can't be validated.
    /// Instead a single redirect is handled manually. The default client sets a timeout of 10s
    ///  to avoid excessive resource usage when connecting to dead servers.
    pub(crate) client: ClientWithMiddleware,
    /// Number of worker threads for sending outgoing activities
    #[builder(default = "64")]
    pub(crate) worker_count: u64,
    /// Run library in debug mode. This allows usage of http and localhost urls. It also sends
    /// outgoing activities synchronously, not in background thread. This helps to make tests
    /// more consistent. Do not use for production.
    #[builder(default = "false")]
    pub(crate) debug: bool,
    /// Allow HTTP urls even in production mode
    #[builder(default = "self.debug.unwrap_or(false)")]
    pub(crate) allow_http_urls: bool,
    /// Timeout for all HTTP requests. HTTP signatures are valid for 10s, so it makes sense to
    /// use the same as timeout when sending
    #[builder(default = "Duration::from_secs(10)")]
@ -87,35 +72,10 @@ pub struct FederationConfig<T: Clone> {
    /// <https://git.pleroma.social/pleroma/pleroma/-/issues/2939>
    #[builder(default = "false")]
    pub(crate) http_signature_compat: bool,
    /// Actor Id and private key to use to sign all federated fetch requests.
    /// This can be used to implement secure mode federation.
    /// <https://docs.joinmastodon.org/spec/activitypub/#secure-mode>
    #[builder(default = "None", setter(custom))]
    pub(crate) signed_fetch_actor: Option<Arc<(Url, RsaPrivateKey)>>,
    #[builder(
        default = "Cache::builder().max_capacity(10000).build()",
        setter(custom)
    )]
    pub(crate) actor_pkey_cache: Cache<Url, RsaPrivateKey>,
    /// Queue for sending outgoing activities. Only optional to make builder work, its always
    /// present once constructed.
    #[builder(setter(skip))]
-    pub(crate) activity_queue: Option<Arc<ActivityQueue>>,
+    pub(crate) activity_queue: Option<Arc<Manager>>,
    /// When sending with activity queue: Number of tasks that can be in-flight concurrently.
    /// Tasks are retried once after a minute, then put into the retry queue.
    /// Setting this count to `0` means that there is no limit to concurrency
    #[builder(default = "0")]
    pub(crate) queue_worker_count: usize,
    /// When sending with activity queue: Number of concurrent tasks that are being retried
    /// in-flight concurrently. Tasks are retried after an hour, then again in 60 hours.
    /// Setting this count to `0` means that there is no limit to concurrency
    #[builder(default = "0")]
    pub(crate) queue_retry_count: usize,
 }
 pub(crate) fn domain_regex() -> &'static Regex {
    static DOMAIN_REGEX: OnceLock<Regex> = OnceLock::new();
    DOMAIN_REGEX.get_or_init(|| Regex::new(r"^[a-zA-Z0-9.-]*$").expect("compile regex"))
 }
 impl<T: Clone> FederationConfig<T> {
@ -124,9 +84,12 @@ impl<T: Clone> FederationConfig<T> {
        FederationConfigBuilder::default()
    }
-    pub(crate) async fn verify_url_and_domain<A, Datatype>(&self, activity: &A) -> Result<(), Error>
+    pub(crate) async fn verify_url_and_domain<Activity, Datatype>(
        &self,
        activity: &Activity,
    ) -> Result<(), Error>
    where
-        A: Activity<DataType = Datatype> + DeserializeOwned + Send + 'static,
+        Activity: ActivityHandler<DataType = Datatype> + DeserializeOwned + Send + 'static,
    {
        verify_domains_match(activity.id(), activity.actor())?;
        self.verify_url_valid(activity.id()).await?;
@ -139,9 +102,9 @@ impl<T: Clone> FederationConfig<T> {
        Ok(())
    }
-    /// Create new [Data] from this. You should prefer to use a middleware if possible.
+    /// Create new [RequestData] from this. You should prefer to use a middleware if possible.
-    pub fn to_request_data(&self) -> Data<T> {
+    pub fn to_request_data(&self) -> RequestData<T> {
-        Data {
+        RequestData {
            config: self.clone(),
            request_counter: Default::default(),
        }
@ -155,7 +118,7 @@ impl<T: Clone> FederationConfig<T> {
        match url.scheme() {
            "https" => {}
            "http" => {
-                if !self.allow_http_urls {
+                if !self.debug {
                    return Err(Error::UrlVerificationError(
                        "Http urls are only allowed in debug mode",
                    ));
@ -164,40 +127,25 @@ impl<T: Clone> FederationConfig<T> {
            _ => return Err(Error::UrlVerificationError("Invalid url scheme")),
        };
        if url.domain().is_none() {
            return Err(Error::UrlVerificationError("Url must have a domain"));
        }
        if url.domain() == Some("localhost") && !self.debug {
            return Err(Error::UrlVerificationError(
                "Localhost is only allowed in debug mode",
            ));
        }
        // Urls which use our local domain are not a security risk, no further verification needed
        if self.is_local_url(url) {
            return Ok(());
        }
-        let Some(domain) = url.domain() else {
+        self.url_verifier
-            return Err(Error::UrlVerificationError("Url must have a domain"));
+            .verify(url)
-        };
+            .await
-        if !domain_regex().is_match(domain) {
+            .map_err(Error::UrlVerificationError)?;
            return Err(Error::UrlVerificationError("Invalid characters in domain"));
        }
        // Extra checks only for production mode
        if !self.debug {
            if url.port().is_some() {
                return Err(Error::UrlVerificationError("Explicit port is not allowed"));
            }
            let allow_local = std::env::var("DANGER_FEDERATION_ALLOW_LOCAL_IP").is_ok();
            if !allow_local && validate_ip(&url).await.is_err() {
                return Err(Error::DomainResolveError(domain.to_string()));
            }
        }
        // It is valid but uncommon for domains to end with `.` char. Drop this so it cant be used
        // to bypass domain blocklist. Avoid cloning url in common case.
        if domain.ends_with('.') {
            let mut url = url.clone();
            let domain = &domain[0..domain.len() - 1];
            url.set_host(Some(domain))?;
            self.url_verifier.verify(&url).await?;
        } else {
            self.url_verifier.verify(url).await?;
        }
        Ok(())
    }
@ -205,17 +153,11 @@ impl<T: Clone> FederationConfig<T> {
    /// Returns true if the url refers to this instance. Handles hostnames like `localhost:8540` for
    /// local debugging.
    pub(crate) fn is_local_url(&self, url: &Url) -> bool {
-        match url.host_str() {
+        let mut domain = url.domain().expect("id has domain").to_string();
-            Some(domain) => {
+        if let Some(port) = url.port() {
-                let domain = if let Some(port) = url.port() {
+            domain = format!("{}:{}", domain, port);
                    format!("{}:{}", domain, port)
                } else {
                    domain.to_string()
                };
                domain == self.domain
            }
            None => false,
        }
        domain == self.domain
    }
    /// Returns the local domain
@ -225,36 +167,17 @@ impl<T: Clone> FederationConfig<T> {
 }
 impl<T: Clone> FederationConfigBuilder<T> {
    /// Sets an actor to use to sign all federated fetch requests
    pub fn signed_fetch_actor<A: Actor>(&mut self, actor: &A) -> &mut Self {
        let private_key_pem = actor
            .private_key_pem()
            .expect("actor does not have a private key to sign with");
        let private_key =
            RsaPrivateKey::from_pkcs8_pem(&private_key_pem).expect("Could not decode PEM data");
        self.signed_fetch_actor = Some(Some(Arc::new((actor.id().clone(), private_key))));
        self
    }
    /// sets the number of parsed actor private keys to keep in memory
    pub fn actor_pkey_cache(&mut self, cache_size: u64) -> &mut Self {
        self.actor_pkey_cache = Some(Cache::builder().max_capacity(cache_size).build());
        self
    }
    /// Constructs a new config instance with the values supplied to builder.
    ///
    /// Values which are not explicitly specified use the defaults. Also initializes the
    /// queue for outgoing activities, which is stored internally in the config struct.
-    /// Requires a tokio runtime for the background queue.
+    pub fn build(&mut self) -> Result<FederationConfig<T>, FederationConfigBuilderError> {
    pub async fn build(&mut self) -> Result<FederationConfig<T>, FederationConfigBuilderError> {
        let mut config = self.partial_build()?;
        let queue = create_activity_queue(
            config.client.clone(),
-            config.queue_worker_count,
+            config.worker_count,
            config.queue_retry_count,
            config.request_timeout,
            config.debug,
        );
        config.activity_queue = Some(Arc::new(queue));
        Ok(config)
@ -280,7 +203,6 @@ impl<T: Clone> Deref for FederationConfig<T> {
 /// # use async_trait::async_trait;
 /// # use url::Url;
 /// # use activitypub_federation::config::UrlVerifier;
 /// # use activitypub_federation::error::Error;
 /// # #[derive(Clone)]
 /// # struct DatabaseConnection();
 /// # async fn get_blocklist(_: &DatabaseConnection) -> Vec<String> {
@ -293,11 +215,11 @@ impl<T: Clone> Deref for FederationConfig<T> {
 ///
 /// #[async_trait]
 /// impl UrlVerifier for Verifier {
-///     async fn verify(&self, url: &Url) -> Result<(), Error> {
+///     async fn verify(&self, url: &Url) -> Result<(), &'static str> {
 ///         let blocklist = get_blocklist(&self.db_connection).await;
 ///         let domain = url.domain().unwrap().to_string();
 ///         if blocklist.contains(&domain) {
-///             Err(Error::Other("Domain is blocked".into()))
+///             Err("Domain is blocked")
 ///         } else {
 ///             Ok(())
 ///         }
@ -307,7 +229,7 @@ impl<T: Clone> Deref for FederationConfig<T> {
 #[async_trait]
 pub trait UrlVerifier: DynClone + Send {
    /// Should return Ok iff the given url is valid for processing.
-    async fn verify(&self, url: &Url) -> Result<(), Error>;
+    async fn verify(&self, url: &Url) -> Result<(), &'static str>;
 }
 /// Default URL verifier which does nothing.
@ -316,7 +238,7 @@ struct DefaultUrlVerifier();
 #[async_trait]
 impl UrlVerifier for DefaultUrlVerifier {
-    async fn verify(&self, _url: &Url) -> Result<(), Error> {
+    async fn verify(&self, _url: &Url) -> Result<(), &'static str> {
        Ok(())
    }
 }
@ -331,65 +253,24 @@ clone_trait_object!(UrlVerifier);
 /// prevent denial of service attacks, where an attacker triggers fetching of recursive objects.
 ///
 /// <https://www.w3.org/TR/activitypub/#security-recursive-objects>
-#[derive(Clone)]
+pub struct RequestData<T: Clone> {
 pub struct Data<T: Clone> {
    pub(crate) config: FederationConfig<T>,
-    pub(crate) request_counter: RequestCounter,
+    pub(crate) request_counter: AtomicI32,
 }
-impl<T: Clone> Data<T> {
+impl<T: Clone> RequestData<T> {
    /// Returns the data which was stored in [FederationConfigBuilder::app_data]
    pub fn app_data(&self) -> &T {
        &self.config.app_data
    }
-    /// The domain that was configured in [FederationConfig].
+    /// Returns the domain that was configured in [FederationConfig].
    pub fn domain(&self) -> &str {
        &self.config.domain
    }
    /// Returns a new instance of `Data` with request counter set to 0.
    pub fn reset_request_count(&self) -> Self {
        Data {
            config: self.config.clone(),
            request_counter: Default::default(),
        }
    }
    /// Total number of outgoing HTTP requests made with this data.
    pub fn request_count(&self) -> u32 {
        self.request_counter.0.load(Ordering::Relaxed)
    }
    /// Add HTTP signature to arbitrary request
    pub async fn sign_request(&self, req: RequestBuilder, body: Bytes) -> Result<Request, Error> {
        let (actor_id, private_key_pem) =
            self.config
                .signed_fetch_actor
                .as_deref()
                .ok_or(Error::Other(
                    "config value signed_fetch_actor is none".to_string(),
                ))?;
        sign_request(
            req,
            actor_id,
            body,
            private_key_pem.clone(),
            self.config.http_signature_compat,
        )
        .await
    }
    /// Resolve domain of the url and throw error if it points to local/private IP.
    pub async fn is_valid_ip(&self, url: &Url) -> Result<(), Error> {
        if self.config.debug {
            return Ok(());
        }
        validate_ip(url).await
    }
 }
-impl<T: Clone> Deref for Data<T> {
+impl<T: Clone> Deref for RequestData<T> {
    type Target = T;
    fn deref(&self) -> &T {
@ -397,65 +278,13 @@ impl<T: Clone> Deref for Data<T> {
    }
 }
-/// Wrapper to implement `Clone`
+/// Middleware for HTTP handlers which provides access to [RequestData]
 #[derive(Default)]
 pub(crate) struct RequestCounter(pub(crate) AtomicU32);
 impl Clone for RequestCounter {
    fn clone(&self) -> Self {
        RequestCounter(self.0.load(Ordering::Relaxed).into())
    }
 }
 /// Middleware for HTTP handlers which provides access to [Data]
 #[derive(Clone)]
-pub struct FederationMiddleware<T: Clone>(pub(crate) FederationConfig<T>);
+pub struct ApubMiddleware<T: Clone>(pub(crate) FederationConfig<T>);
-impl<T: Clone> FederationMiddleware<T> {
+impl<T: Clone> ApubMiddleware<T> {
    /// Construct a new middleware instance
    pub fn new(config: FederationConfig<T>) -> Self {
-        FederationMiddleware(config)
+        ApubMiddleware(config)
    }
 }
 fn default_client() -> ClientWithMiddleware {
    let timeout = Duration::from_secs(10);
    Client::builder()
        .redirect(Policy::none())
        .timeout(timeout)
        .connect_timeout(timeout)
        .build()
        .unwrap_or_else(|_| Client::default())
        .into()
 }
 #[cfg(test)]
 #[allow(clippy::unwrap_used)]
 mod test {
    use super::*;
    async fn config() -> FederationConfig<i32> {
        FederationConfig::builder()
            .domain("example.com")
            .app_data(1)
            .build()
            .await
            .unwrap()
    }
    #[tokio::test]
    async fn test_url_is_local() -> Result<(), Error> {
        let config = config().await;
        assert!(config.is_local_url(&Url::parse("http://example.com")?));
        assert!(!config.is_local_url(&Url::parse("http://other.com")?));
        // ensure that missing domain doesnt cause crash
        assert!(!config.is_local_url(&Url::parse("http://127.0.0.1")?));
        Ok(())
    }
    #[tokio::test]
    async fn test_get_domain() {
        let config = config().await;
        assert_eq!("example.com", config.domain());
    }
 }
--- a/src/error.rs
+++ b/src/error.rs
@ -1,114 +1,37 @@
 //! Error messages returned by this library
-use crate::fetch::webfinger::WebFingerError;
+use displaydoc::Display;
 use http_signature_normalization_reqwest::SignError;
 use rsa::{
    errors::Error as RsaError,
    pkcs8::{spki::Error as SpkiError, Error as Pkcs8Error},
 };
 use std::string::FromUtf8Error;
 use tokio::task::JoinError;
 use url::Url;
 /// Error messages returned by this library
-#[derive(thiserror::Error, Debug)]
+#[derive(thiserror::Error, Debug, Display)]
 pub enum Error {
    /// Object was not found in local database
    #[error("Object was not found in local database")]
    NotFound,
    /// Request limit was reached during fetch
    #[error("Request limit was reached during fetch")]
    RequestLimit,
    /// Response body limit was reached during fetch
    #[error("Response body limit was reached during fetch")]
    ResponseBodyLimit,
    /// Object to be fetched was deleted
-    #[error("Fetched remote object {0} which was deleted")]
+    ObjectDeleted,
-    ObjectDeleted(Url),
+    /// {0}
    /// url verification error
    #[error("URL failed verification: {0}")]
    UrlVerificationError(&'static str),
    /// Resolving domain points to local IP.
    #[error("Resolving domain {0} points to local IP address. This may indicate an attacker attempting to access internal services. If intentional, you can ignore this error by setting DANGER_FEDERATION_ALLOW_LOCAL_IP=1")]
    DomainResolveError(String),
    /// Incoming activity has invalid digest for body
    #[error("Incoming activity has invalid digest for body")]
    ActivityBodyDigestInvalid,
    /// Incoming activity has invalid signature
    #[error("Incoming activity has invalid signature")]
    ActivitySignatureInvalid,
    /// Failed to resolve actor via webfinger
-    #[error("Failed to resolve actor via webfinger")]
+    WebfingerResolveFailed,
-    WebfingerResolveFailed(#[from] WebFingerError),
+    /// Other errors which are not explicitly handled
    /// Failed to serialize outgoing activity
    #[error("Failed to serialize outgoing activity {1}: {0}")]
    SerializeOutgoingActivity(serde_json::Error, String),
    /// Failed to parse an object fetched from url
    #[error("Failed to parse object {1} with content {2}: {0}")]
    ParseFetchedObject(serde_json::Error, Url, String),
    /// Failed to parse an activity received from another instance
    #[error("Failed to parse incoming activity {}: {0}", match .id {
        Some(t) => format!("with id {t}"),
        None => String::new(),
    })]
    ParseReceivedActivity {
        /// The parse error
        err: serde_json::Error,
        /// ID of the Activitypub object which caused this error
        id: Option<Url>,
    },
    /// Reqwest Middleware Error
    #[error(transparent)]
-    ReqwestMiddleware(#[from] reqwest_middleware::Error),
+    Other(#[from] anyhow::Error),
    /// Reqwest Error
    #[error(transparent)]
    Reqwest(#[from] reqwest::Error),
    /// UTF-8 error
    #[error(transparent)]
    Utf8(#[from] FromUtf8Error),
    /// Url Parse
    #[error(transparent)]
    UrlParse(#[from] url::ParseError),
    /// Signing errors
    #[error(transparent)]
    SignError(#[from] SignError),
    /// Failed to queue activity for sending
    #[error("Failed to queue activity {0} for sending")]
    ActivityQueueError(Url),
    /// Stop activity queue
    #[error(transparent)]
    StopActivityQueue(#[from] JoinError),
    /// Attempted to fetch object which doesn't have valid ActivityPub Content-Type
    #[error(
        "Attempted to fetch object from {0} which doesn't have valid ActivityPub Content-Type"
    )]
    FetchInvalidContentType(Url),
    /// Attempted to fetch object but the response's id field doesn't match
    #[error("Attempted to fetch object from {0} but the response's id field doesn't match")]
    FetchWrongId(Url),
    /// I/O error from OS
    #[error(transparent)]
    IoError(#[from] std::io::Error),
    /// Other generic errors
    #[error("{0}")]
    Other(String),
 }
-impl From<RsaError> for Error {
+impl Error {
-    fn from(value: RsaError) -> Self {
+    pub(crate) fn other<T>(error: T) -> Self
-        Error::Other(value.to_string())
+    where
-    }
+        T: Into<anyhow::Error>,
-}
+    {
-
+        Error::Other(error.into())
 impl From<Pkcs8Error> for Error {
    fn from(value: Pkcs8Error) -> Self {
        Error::Other(value.to_string())
    }
 }
 impl From<SpkiError> for Error {
    fn from(value: SpkiError) -> Self {
        Error::Other(value.to_string())
    }
 }
--- a/src/fetch/collection_id.rs
+++ b/src/fetch/collection_id.rs
@ -1,104 +0,0 @@
 use crate::{config::Data, error::Error, fetch::fetch_object_http, traits::Collection};
 use serde::{Deserialize, Serialize};
 use std::{
    fmt::{Debug, Display, Formatter},
    marker::PhantomData,
 };
 use url::Url;
 /// Typed wrapper for Activitypub Collection ID which helps with dereferencing.
 #[derive(Serialize, Deserialize)]
 #[serde(transparent)]
 pub struct CollectionId<Kind>(Box<Url>, PhantomData<Kind>)
 where
    Kind: Collection,
    for<'de2> <Kind as Collection>::Kind: Deserialize<'de2>;
 impl<Kind> CollectionId<Kind>
 where
    Kind: Collection,
    for<'de2> <Kind as Collection>::Kind: Deserialize<'de2>,
 {
    /// Construct a new CollectionId instance
    pub fn parse(url: &str) -> Result<Self, url::ParseError> {
        Ok(Self(Box::new(Url::parse(url)?), PhantomData::<Kind>))
    }
    /// Fetches collection over HTTP
    ///
    /// Unlike [ObjectId::dereference](crate::fetch::object_id::ObjectId::dereference) this method doesn't do
    /// any caching.
    pub async fn dereference(
        &self,
        owner: &<Kind as Collection>::Owner,
        data: &Data<<Kind as Collection>::DataType>,
    ) -> Result<Kind, <Kind as Collection>::Error>
    where
        <Kind as Collection>::Error: From<Error>,
    {
        let res = fetch_object_http(&self.0, data).await?;
        let redirect_url = &res.url;
        Kind::verify(&res.object, redirect_url, data).await?;
        Kind::from_json(res.object, owner, data).await
    }
 }
 /// Need to implement clone manually, to avoid requiring Kind to be Clone
 impl<Kind> Clone for CollectionId<Kind>
 where
    Kind: Collection,
    for<'de2> <Kind as Collection>::Kind: serde::Deserialize<'de2>,
 {
    fn clone(&self) -> Self {
        CollectionId(self.0.clone(), self.1)
    }
 }
 impl<Kind> Display for CollectionId<Kind>
 where
    Kind: Collection,
    for<'de2> <Kind as Collection>::Kind: serde::Deserialize<'de2>,
 {
    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
        write!(f, "{}", self.0.as_str())
    }
 }
 impl<Kind> Debug for CollectionId<Kind>
 where
    Kind: Collection,
    for<'de2> <Kind as Collection>::Kind: serde::Deserialize<'de2>,
 {
    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
        write!(f, "{}", self.0.as_str())
    }
 }
 impl<Kind> From<CollectionId<Kind>> for Url
 where
    Kind: Collection,
    for<'de2> <Kind as Collection>::Kind: serde::Deserialize<'de2>,
 {
    fn from(id: CollectionId<Kind>) -> Self {
        *id.0
    }
 }
 impl<Kind> From<Url> for CollectionId<Kind>
 where
    Kind: Collection + Send + 'static,
    for<'de2> <Kind as Collection>::Kind: serde::Deserialize<'de2>,
 {
    fn from(url: Url) -> Self {
        CollectionId(Box::new(url), PhantomData::<Kind>)
    }
 }
 impl<Kind> PartialEq for CollectionId<Kind>
 where
    Kind: Collection,
    for<'de2> <Kind as Collection>::Kind: serde::Deserialize<'de2>,
 {
    fn eq(&self, other: &Self) -> bool {
        self.0.eq(&other.0) && self.1 == other.1
    }
 }
--- a/src/fetch/mod.rs
+++ b/src/fetch/mod.rs
@ -2,38 +2,18 @@
 //!
 #![doc = include_str!("../../docs/07_fetching_data.md")]
-use crate::{
+use crate::{config::RequestData, error::Error, reqwest_shim::ResponseExt, APUB_JSON_CONTENT_TYPE};
-    config::Data,
+use http::StatusCode;
    error::{Error, Error::ParseFetchedObject},
    extract_id,
    http_signatures::sign_request,
    reqwest_shim::ResponseExt,
    FEDERATION_CONTENT_TYPE,
 };
 use bytes::Bytes;
 use http::{header::LOCATION, HeaderValue, StatusCode};
 use serde::de::DeserializeOwned;
 use std::sync::atomic::Ordering;
 use tracing::info;
 use url::Url;
 /// Typed wrapper for collection IDs
 pub mod collection_id;
 /// Typed wrapper for Activitypub Object ID which helps with dereferencing and caching
 pub mod object_id;
 /// Resolves identifiers of the form `name@example.com`
 pub mod webfinger;
 /// Response from fetching a remote object
 pub struct FetchObjectResponse<Kind> {
    /// The resolved object
    pub object: Kind,
    /// Contains the final URL (different from request URL in case of redirect)
    pub url: Url,
    content_type: Option<HeaderValue>,
    object_id: Option<Url>,
 }
 /// Fetch a remote object over HTTP and convert to `Kind`.
 ///
 /// [crate::fetch::object_id::ObjectId::dereference] wraps this function to add caching and
@ -44,159 +24,33 @@ pub struct FetchObjectResponse<Kind> {
 /// If the value exceeds [FederationSettings.http_fetch_limit], the request is aborted with
 /// [Error::RequestLimit]. This prevents denial of service attacks where an attack triggers
 /// infinite, recursive fetching of data.
-///
+async fn fetch_object_http<T: Clone, Kind: DeserializeOwned>(
 /// The `Accept` header will be set to the content of [`FEDERATION_CONTENT_TYPE`]. When parsing the
 /// response it ensures that it has a valid `Content-Type` header as defined by ActivityPub, to
 /// prevent security vulnerabilities like [this one](https://github.com/mastodon/mastodon/security/advisories/GHSA-jhrq-qvrm-qr36).
 /// Additionally it checks that the `id` field is identical to the fetch URL (after redirects).
 pub async fn fetch_object_http<T: Clone, Kind: DeserializeOwned>(
    url: &Url,
-    data: &Data<T>,
+    data: &RequestData<T>,
-) -> Result<FetchObjectResponse<Kind>, Error> {
+) -> Result<Kind, Error> {
    static FETCH_CONTENT_TYPE: HeaderValue = HeaderValue::from_static(FEDERATION_CONTENT_TYPE);
    const VALID_RESPONSE_CONTENT_TYPES: [&str; 3] = [
        FEDERATION_CONTENT_TYPE, // lemmy
        r#"application/ld+json; profile="https://www.w3.org/ns/activitystreams""#, // activitypub standard
        r#"application/activity+json; charset=utf-8"#,                             // mastodon
    ];
    let res = fetch_object_http_with_accept(url, data, &FETCH_CONTENT_TYPE, false).await?;
    // Ensure correct content-type to prevent vulnerabilities, with case insensitive comparison.
    let content_type = res
        .content_type
        .as_ref()
        .and_then(|c| Some(c.to_str().ok()?.to_lowercase()))
        .ok_or(Error::FetchInvalidContentType(res.url.clone()))?;
    if !VALID_RESPONSE_CONTENT_TYPES.contains(&content_type.as_str()) {
        return Err(Error::FetchInvalidContentType(res.url));
    }
    // Ensure id field matches final url after redirect
    if res.object_id.as_ref() != Some(&res.url) {
        if let Some(res_object_id) = res.object_id {
            data.config.verify_url_valid(&res_object_id).await?;
            // If id is different but still on the same domain, attempt to request object
            // again from url in id field.
            if res_object_id.domain() == res.url.domain() {
                return Box::pin(fetch_object_http(&res_object_id, data)).await;
            }
        }
        // Failed to fetch the object from its specified id
        return Err(Error::FetchWrongId(res.url));
    }
    // Dont allow fetching local object. Only check this after the request as a local url
    // may redirect to a remote object.
    if data.config.is_local_url(&res.url) {
        return Err(Error::NotFound);
    }
    Ok(res)
 }
 /// Fetch a remote object over HTTP and convert to `Kind`. This function works exactly as
 /// [`fetch_object_http`] except that the `Accept` header is specified in `content_type`.
 async fn fetch_object_http_with_accept<T: Clone, Kind: DeserializeOwned>(
    url: &Url,
    data: &Data<T>,
    content_type: &HeaderValue,
    recursive: bool,
 ) -> Result<FetchObjectResponse<Kind>, Error> {
    let config = &data.config;
    // dont fetch local objects this way
    debug_assert!(url.domain() != Some(&config.domain));
    config.verify_url_valid(url).await?;
    info!("Fetching remote object {}", url.to_string());
-    let mut counter = data.request_counter.0.fetch_add(1, Ordering::SeqCst);
+    let counter = data.request_counter.fetch_add(1, Ordering::SeqCst);
    // fetch_add returns old value so we need to increment manually here
    counter += 1;
    if counter > config.http_fetch_limit {
        return Err(Error::RequestLimit);
    }
-    let req = config
+    let res = config
        .client
        .get(url.as_str())
-        .header("Accept", content_type)
+        .header("Accept", APUB_JSON_CONTENT_TYPE)
-        .timeout(config.request_timeout);
+        .timeout(config.request_timeout)
-
+        .send()
-    let res = if let Some((actor_id, private_key_pem)) = config.signed_fetch_actor.as_deref() {
+        .await
-        let req = sign_request(
+        .map_err(Error::other)?;
            req,
            actor_id,
            Bytes::new(),
            private_key_pem.clone(),
            data.config.http_signature_compat,
        )
        .await?;
        config.client.execute(req).await?
    } else {
        req.send().await?
    };
    // Allow a single redirect using recursion. Further redirects are ignored.
    let location = res.headers().get(LOCATION).and_then(|l| l.to_str().ok());
    if let (Some(location), false) = (location, recursive) {
        let location = location.parse()?;
        return Box::pin(fetch_object_http_with_accept(
            &location,
            data,
            content_type,
            true,
        ))
        .await;
    }
    if res.status() == StatusCode::GONE {
-        return Err(Error::ObjectDeleted(url.clone()));
+        return Err(Error::ObjectDeleted);
    }
-    let url = res.url().clone();
+    res.json_limited().await
    let content_type = res.headers().get("Content-Type").cloned();
    let text = res.bytes_limited().await?;
    let object_id = extract_id(&text).ok();
    match serde_json::from_slice(&text) {
        Ok(object) => Ok(FetchObjectResponse {
            object,
            url,
            content_type,
            object_id,
        }),
        Err(e) => Err(ParseFetchedObject(
            e,
            url,
            String::from_utf8(Vec::from(text))?,
        )),
    }
 }
 #[cfg(test)]
 #[allow(clippy::unwrap_used)]
 mod tests {
    use super::*;
    use crate::{
        config::FederationConfig,
        traits::tests::{DbConnection, Person},
    };
    #[tokio::test]
    async fn test_request_limit() -> Result<(), Error> {
        let config = FederationConfig::builder()
            .domain("example.com")
            .app_data(DbConnection)
            .http_fetch_limit(0)
            .build()
            .await
            .unwrap();
        let data = config.to_request_data();
        let fetch_url = "https://example.net/".to_string();
        let res: Result<FetchObjectResponse<Person>, Error> =
            fetch_object_http(&Url::parse(&fetch_url).map_err(Error::UrlParse)?, &data).await;
        assert_eq!(res.err(), Some(Error::RequestLimit));
        Ok(())
    }
 }
--- a/src/fetch/object_id.rs
+++ b/src/fetch/object_id.rs
@ -1,24 +1,13 @@
-use crate::{config::Data, error::Error, fetch::fetch_object_http, traits::Object};
+use crate::{config::RequestData, error::Error, fetch::fetch_object_http, traits::ApubObject};
-use chrono::{DateTime, Duration as ChronoDuration, Utc};
+use anyhow::anyhow;
 use chrono::{Duration as ChronoDuration, NaiveDateTime, Utc};
 use serde::{Deserialize, Serialize};
 use std::{
    fmt::{Debug, Display, Formatter},
    marker::PhantomData,
    str::FromStr,
 };
 use url::Url;
 impl<T> FromStr for ObjectId<T>
 where
    T: Object + Send + Sync + Debug + 'static,
    for<'de2> <T as Object>::Kind: Deserialize<'de2>,
 {
    type Err = url::ParseError;
    fn from_str(s: &str) -> Result<Self, Self::Err> {
        ObjectId::parse(s)
    }
 }
 /// Typed wrapper for Activitypub Object ID which helps with dereferencing and caching.
 ///
 /// It provides convenient methods for fetching the object from remote server or local database.
@ -35,14 +24,15 @@ where
 /// # use activitypub_federation::config::FederationConfig;
 /// # use activitypub_federation::error::Error::NotFound;
 /// # use activitypub_federation::traits::tests::{DbConnection, DbUser};
-/// # tokio::runtime::Runtime::new().unwrap().block_on(async {
+/// # let _ = actix_rt::System::new();
 /// # actix_rt::Runtime::new().unwrap().block_on(async {
 /// # let db_connection = DbConnection;
 /// let config = FederationConfig::builder()
 ///     .domain("example.com")
 ///     .app_data(db_connection)
-///     .build().await?;
+///     .build()?;
 /// let request_data = config.to_request_data();
-/// let object_id = ObjectId::<DbUser>::parse("https://lemmy.ml/u/nutomic")?;
+/// let object_id = ObjectId::<DbUser>::new("https://lemmy.ml/u/nutomic")?;
 /// // Attempt to fetch object from local database or fall back to remote server
 /// let user = object_id.dereference(&request_data).await;
 /// assert!(user.is_ok());
@ -56,17 +46,21 @@ where
 #[serde(transparent)]
 pub struct ObjectId<Kind>(Box<Url>, PhantomData<Kind>)
 where
-    Kind: Object,
+    Kind: ApubObject,
-    for<'de2> <Kind as Object>::Kind: Deserialize<'de2>;
+    for<'de2> <Kind as ApubObject>::ApubType: serde::Deserialize<'de2>;
 impl<Kind> ObjectId<Kind>
 where
-    Kind: Object + Send + Sync + Debug + 'static,
+    Kind: ApubObject + Send + 'static,
-    for<'de2> <Kind as Object>::Kind: Deserialize<'de2>,
+    for<'de2> <Kind as ApubObject>::ApubType: serde::Deserialize<'de2>,
 {
    /// Construct a new objectid instance
-    pub fn parse(url: &str) -> Result<Self, url::ParseError> {
+    pub fn new<T>(url: T) -> Result<Self, url::ParseError>
-        Ok(Self(Box::new(Url::parse(url)?), PhantomData::<Kind>))
+    where
        T: TryInto<Url>,
        url::ParseError: From<<T as TryInto<Url>>::Error>,
    {
        Ok(ObjectId(Box::new(url.try_into()?), PhantomData::<Kind>))
    }
    /// Returns a reference to the wrapped URL value
@ -82,19 +76,26 @@ where
    /// Fetches an activitypub object, either from local database (if possible), or over http.
    pub async fn dereference(
        &self,
-        data: &Data<<Kind as Object>::DataType>,
+        data: &RequestData<<Kind as ApubObject>::DataType>,
-    ) -> Result<Kind, <Kind as Object>::Error>
+    ) -> Result<Kind, <Kind as ApubObject>::Error>
    where
-        <Kind as Object>::Error: From<Error>,
+        <Kind as ApubObject>::Error: From<Error> + From<anyhow::Error>,
    {
        let db_object = self.dereference_from_db(data).await?;
        // if its a local object, only fetch it from the database and not over http
        if data.config.is_local_url(&self.0) {
            return match db_object {
                None => Err(Error::NotFound.into()),
                Some(o) => Ok(o),
            };
        }
        // object found in database
        if let Some(object) = db_object {
            // object is old and should be refetched
            if let Some(last_refreshed_at) = object.last_refreshed_at() {
-                let is_local = self.is_local(data);
+                if should_refetch_object(last_refreshed_at) {
                if !is_local && should_refetch_object(last_refreshed_at) {
                    // object is outdated and should be refetched
                    return self.dereference_from_http(data, Some(object)).await;
                }
            }
@ -106,33 +107,14 @@ where
        }
    }
    /// If this is a remote object, fetch it from origin instance unconditionally to get the
    /// latest version, regardless of refresh interval.
    pub async fn dereference_forced(
        &self,
        data: &Data<<Kind as Object>::DataType>,
    ) -> Result<Kind, <Kind as Object>::Error>
    where
        <Kind as Object>::Error: From<Error>,
    {
        if data.config.is_local_url(&self.0) {
            self.dereference_from_db(data)
                .await
                .map(|o| o.ok_or(Error::NotFound.into()))?
        } else {
            // Don't pass in any db object, otherwise it would be returned in case http fetch fails
            self.dereference_from_http(data, None).await
        }
    }
    /// Fetch an object from the local db. Instead of falling back to http, this throws an error if
    /// the object is not found in the database.
    pub async fn dereference_local(
        &self,
-        data: &Data<<Kind as Object>::DataType>,
+        data: &RequestData<<Kind as ApubObject>::DataType>,
-    ) -> Result<Kind, <Kind as Object>::Error>
+    ) -> Result<Kind, <Kind as ApubObject>::Error>
    where
-        <Kind as Object>::Error: From<Error>,
+        <Kind as ApubObject>::Error: From<Error>,
    {
        let object = self.dereference_from_db(data).await?;
        object.ok_or_else(|| Error::NotFound.into())
@ -141,64 +123,41 @@ where
    /// returning none means the object was not found in local db
    async fn dereference_from_db(
        &self,
-        data: &Data<<Kind as Object>::DataType>,
+        data: &RequestData<<Kind as ApubObject>::DataType>,
-    ) -> Result<Option<Kind>, <Kind as Object>::Error> {
+    ) -> Result<Option<Kind>, <Kind as ApubObject>::Error> {
        let id = self.0.clone();
-        Object::read_from_id(*id, data).await
+        ApubObject::read_from_apub_id(*id, data).await
    }
    /// Fetch object from origin instance over HTTP, then verify and parse it.
    ///
    /// Uses Box::pin to wrap futures to reduce stack size and avoid stack overflow when
    /// when fetching objects recursively.
    async fn dereference_from_http(
        &self,
-        data: &Data<<Kind as Object>::DataType>,
+        data: &RequestData<<Kind as ApubObject>::DataType>,
        db_object: Option<Kind>,
-    ) -> Result<Kind, <Kind as Object>::Error>
+    ) -> Result<Kind, <Kind as ApubObject>::Error>
    where
-        <Kind as Object>::Error: From<Error>,
+        <Kind as ApubObject>::Error: From<Error> + From<anyhow::Error>,
    {
-        let res = Box::pin(fetch_object_http(&self.0, data)).await;
+        let res = fetch_object_http(&self.0, data).await;
-        if let Err(Error::ObjectDeleted(url)) = res {
+        if let Err(Error::ObjectDeleted) = &res {
            if let Some(db_object) = db_object {
                db_object.delete(data).await?;
                return Ok(db_object);
            }
-            return Err(Error::ObjectDeleted(url).into());
+            return Err(anyhow!("Fetched remote object {} which was deleted", self).into());
        }
-        // If fetch failed, return the existing object from local database
+        let res2 = res?;
        if let (Err(_), Some(db_object)) = (&res, db_object) {
            return Ok(db_object);
        }
        let res = res?;
        let redirect_url = &res.url;
-        // Prevent overwriting local object
+        Kind::verify(&res2, self.inner(), data).await?;
-        if data.config.is_local_url(redirect_url) {
+        Kind::from_apub(res2, data).await
            return self
                .dereference_from_db(data)
                .await?
                .ok_or(Error::NotFound.into());
        }
        Box::pin(Kind::verify(&res.object, redirect_url, data)).await?;
        Box::pin(Kind::from_json(res.object, data)).await
    }
    /// Returns true if the object's domain matches the one defined in [[FederationConfig.domain]].
    pub fn is_local(&self, data: &Data<<Kind as Object>::DataType>) -> bool {
        data.config.is_local_url(&self.0)
    }
 }
 /// Need to implement clone manually, to avoid requiring Kind to be Clone
 impl<Kind> Clone for ObjectId<Kind>
 where
-    Kind: Object,
+    Kind: ApubObject,
-    for<'de2> <Kind as Object>::Kind: Deserialize<'de2>,
+    for<'de2> <Kind as ApubObject>::ApubType: serde::Deserialize<'de2>,
 {
    fn clone(&self) -> Self {
        ObjectId(self.0.clone(), self.1)
@ -211,21 +170,21 @@ static ACTOR_REFETCH_INTERVAL_SECONDS_DEBUG: i64 = 20;
 /// Determines when a remote actor should be refetched from its instance. In release builds, this is
 /// `ACTOR_REFETCH_INTERVAL_SECONDS` after the last refetch, in debug builds
 /// `ACTOR_REFETCH_INTERVAL_SECONDS_DEBUG`.
-fn should_refetch_object(last_refreshed: DateTime<Utc>) -> bool {
+fn should_refetch_object(last_refreshed: NaiveDateTime) -> bool {
    let update_interval = if cfg!(debug_assertions) {
        // avoid infinite loop when fetching community outbox
-        ChronoDuration::try_seconds(ACTOR_REFETCH_INTERVAL_SECONDS_DEBUG).expect("valid duration")
+        ChronoDuration::seconds(ACTOR_REFETCH_INTERVAL_SECONDS_DEBUG)
    } else {
-        ChronoDuration::try_seconds(ACTOR_REFETCH_INTERVAL_SECONDS).expect("valid duration")
+        ChronoDuration::seconds(ACTOR_REFETCH_INTERVAL_SECONDS)
    };
-    let refresh_limit = Utc::now() - update_interval;
+    let refresh_limit = Utc::now().naive_utc() - update_interval;
    last_refreshed.lt(&refresh_limit)
 }
 impl<Kind> Display for ObjectId<Kind>
 where
-    Kind: Object,
+    Kind: ApubObject,
-    for<'de2> <Kind as Object>::Kind: Deserialize<'de2>,
+    for<'de2> <Kind as ApubObject>::ApubType: serde::Deserialize<'de2>,
 {
    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
        write!(f, "{}", self.0.as_str())
@ -234,8 +193,8 @@ where
 impl<Kind> Debug for ObjectId<Kind>
 where
-    Kind: Object,
+    Kind: ApubObject,
-    for<'de2> <Kind as Object>::Kind: Deserialize<'de2>,
+    for<'de2> <Kind as ApubObject>::ApubType: serde::Deserialize<'de2>,
 {
    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
        write!(f, "{}", self.0.as_str())
@ -244,8 +203,8 @@ where
 impl<Kind> From<ObjectId<Kind>> for Url
 where
-    Kind: Object,
+    Kind: ApubObject,
-    for<'de2> <Kind as Object>::Kind: Deserialize<'de2>,
+    for<'de2> <Kind as ApubObject>::ApubType: serde::Deserialize<'de2>,
 {
    fn from(id: ObjectId<Kind>) -> Self {
        *id.0
@ -254,8 +213,8 @@ where
 impl<Kind> From<Url> for ObjectId<Kind>
 where
-    Kind: Object + Send + 'static,
+    Kind: ApubObject + Send + 'static,
-    for<'de2> <Kind as Object>::Kind: Deserialize<'de2>,
+    for<'de2> <Kind as ApubObject>::ApubType: serde::Deserialize<'de2>,
 {
    fn from(url: Url) -> Self {
        ObjectId(Box::new(url), PhantomData::<Kind>)
@ -264,24 +223,22 @@ where
 impl<Kind> PartialEq for ObjectId<Kind>
 where
-    Kind: Object,
+    Kind: ApubObject,
-    for<'de2> <Kind as Object>::Kind: Deserialize<'de2>,
+    for<'de2> <Kind as ApubObject>::ApubType: serde::Deserialize<'de2>,
 {
    fn eq(&self, other: &Self) -> bool {
        self.0.eq(&other.0) && self.1 == other.1
    }
 }
 /// Internal only
 #[cfg(test)]
 #[allow(clippy::unwrap_used)]
 pub mod tests {
    use super::*;
-    use crate::traits::tests::DbUser;
+    use crate::{fetch::object_id::should_refetch_object, traits::tests::DbUser};
    #[test]
    fn test_deserialize() {
-        let id = ObjectId::<DbUser>::parse("http://test.com/").unwrap();
+        let id = ObjectId::<DbUser>::new("http://test.com/").unwrap();
        let string = serde_json::to_string(&id).unwrap();
        assert_eq!("\"http://test.com/\"", string);
@ -292,10 +249,10 @@ pub mod tests {
    #[test]
    fn test_should_refetch_object() {
-        let one_second_ago = Utc::now() - ChronoDuration::try_seconds(1).unwrap();
+        let one_second_ago = Utc::now().naive_utc() - ChronoDuration::seconds(1);
        assert!(!should_refetch_object(one_second_ago));
-        let two_days_ago = Utc::now() - ChronoDuration::try_days(2).unwrap();
+        let two_days_ago = Utc::now().naive_utc() - ChronoDuration::days(2);
        assert!(should_refetch_object(two_days_ago));
    }
 }
--- a/src/fetch/webfinger.rs
+++ b/src/fetch/webfinger.rs
@ -1,83 +1,45 @@
 use crate::{
-    config::{domain_regex, Data},
+    config::RequestData,
-    error::Error,
+    error::{Error, Error::WebfingerResolveFailed},
-    fetch::{fetch_object_http_with_accept, object_id::ObjectId},
+    fetch::{fetch_object_http, object_id::ObjectId},
-    traits::{Actor, Object},
+    traits::{Actor, ApubObject},
-    FEDERATION_CONTENT_TYPE,
+    APUB_JSON_CONTENT_TYPE,
 };
-use http::HeaderValue;
+use anyhow::anyhow;
 use itertools::Itertools;
 use regex::Regex;
 use serde::{Deserialize, Serialize};
-use std::{collections::HashMap, fmt::Display, sync::LazyLock};
+use std::collections::HashMap;
 use tracing::debug;
 use url::Url;
 /// Errors relative to webfinger handling
 #[derive(thiserror::Error, Debug)]
 pub enum WebFingerError {
    /// The webfinger identifier is invalid
    #[error("The webfinger identifier is invalid")]
    WrongFormat,
    /// The webfinger identifier doesn't match the expected instance domain name
    #[error("The webfinger identifier doesn't match the expected instance domain name")]
    WrongDomain,
    /// The wefinger object did not contain any link to an activitypub item
    #[error("The webfinger object did not contain any link to an activitypub item")]
    NoValidLink,
 }
 impl WebFingerError {
    fn into_crate_error(self) -> Error {
        self.into()
    }
 }
 /// The content-type for webfinger responses.
 pub static WEBFINGER_CONTENT_TYPE: HeaderValue = HeaderValue::from_static("application/jrd+json");
 /// Takes an identifier of the form `name@example.com`, and returns an object of `Kind`.
 ///
 /// For this the identifier is first resolved via webfinger protocol to an Activitypub ID. This ID
 /// is then fetched using [ObjectId::dereference], and the result returned.
 pub async fn webfinger_resolve_actor<T: Clone, Kind>(
    identifier: &str,
-    data: &Data<T>,
+    data: &RequestData<T>,
-) -> Result<Kind, <Kind as Object>::Error>
+) -> Result<Kind, <Kind as ApubObject>::Error>
 where
-    Kind: Object + Actor + Send + Sync + 'static + Object<DataType = T>,
+    Kind: ApubObject + Actor + Send + 'static + ApubObject<DataType = T>,
-    for<'de2> <Kind as Object>::Kind: serde::Deserialize<'de2>,
+    for<'de2> <Kind as ApubObject>::ApubType: serde::Deserialize<'de2>,
-    <Kind as Object>::Error: From<crate::error::Error> + Send + Sync + Display,
+    <Kind as ApubObject>::Error:
        From<crate::error::Error> + From<anyhow::Error> + From<url::ParseError> + Send + Sync,
 {
    let (_, domain) = identifier
        .splitn(2, '@')
        .collect_tuple()
-        .ok_or(WebFingerError::WrongFormat.into_crate_error())?;
+        .ok_or(WebfingerResolveFailed)?;
    // For production mode make sure that domain doesnt contain any port or path.
    if !data.config.debug && !domain_regex().is_match(domain) {
        return Err(Error::UrlVerificationError("Invalid characters in domain").into());
    }
    let protocol = if data.config.debug { "http" } else { "https" };
    let fetch_url =
        format!("{protocol}://{domain}/.well-known/webfinger?resource=acct:{identifier}");
    debug!("Fetching webfinger url: {}", &fetch_url);
-    let res = fetch_object_http_with_accept::<_, Webfinger>(
+    let res: Webfinger = fetch_object_http(&Url::parse(&fetch_url)?, data).await?;
        &Url::parse(&fetch_url).map_err(Error::UrlParse)?,
        data,
        &WEBFINGER_CONTENT_TYPE,
        false,
    )
    .await?;
    if res.url.as_str() != fetch_url {
        data.config.verify_url_valid(&res.url).await?;
    }
-    debug_assert_eq!(res.object.subject, format!("acct:{identifier}"));
+    debug_assert_eq!(res.subject, format!("acct:{identifier}"));
    let links: Vec<Url> = res
        .object
        .links
        .iter()
        .filter(|link| {
@ -88,17 +50,14 @@ where
            }
        })
        .filter_map(|l| l.href.clone())
        .rev()
        .collect();
    for l in links {
        let object = ObjectId::<Kind>::from(l).dereference(data).await;
-        match object {
+        if object.is_ok() {
-            Ok(obj) => return Ok(obj),
+            return object;
            Err(error) => debug!(%error, "Failed to dereference link"),
        }
    }
-    Err(WebFingerError::NoValidLink.into_crate_error().into())
+    Err(WebfingerResolveFailed.into())
 }
 /// Extracts username from a webfinger resource parameter.
@ -107,43 +66,19 @@ where
 /// request. For a parameter of the form `acct:gargron@mastodon.social` it returns `gargron`.
 ///
 /// Returns an error if query doesn't match local domain.
-///
+pub fn extract_webfinger_name<T>(query: &str, data: &RequestData<T>) -> Result<String, Error>
 ///```
 /// # use activitypub_federation::config::FederationConfig;
 /// # use activitypub_federation::traits::tests::DbConnection;
 /// # use activitypub_federation::fetch::webfinger::extract_webfinger_name;
 /// # tokio::runtime::Runtime::new().unwrap().block_on(async {
 /// # let db_connection = DbConnection;
 /// let config = FederationConfig::builder()
 ///     .domain("example.com")
 ///     .app_data(db_connection)
 ///     .build()
 ///     .await
 ///     .unwrap();
 /// let data = config.to_request_data();
 /// let res = extract_webfinger_name("acct:test_user@example.com", &data).unwrap();
 /// assert_eq!(res, "test_user");
 /// # Ok::<(), anyhow::Error>(())
 /// }).unwrap();
 ///```
 pub fn extract_webfinger_name<'i, T>(query: &'i str, data: &Data<T>) -> Result<&'i str, Error>
 where
    T: Clone,
 {
-    static WEBFINGER_REGEX: LazyLock<Regex> =
+    // TODO: would be nice if we could implement this without regex and remove the dependency
-        LazyLock::new(|| Regex::new(r"^acct:([\p{L}0-9_\.\-]+)@(.*)$").expect("compile regex"));
+    let regex = Regex::new(&format!("^acct:([a-zA-Z0-9_]{{3,}})@{}$", data.domain()))
-    // Regex to extract usernames from webfinger query. Supports different alphabets using `\p{L}`.
+        .map_err(Error::other)?;
-    // TODO: This should use a URL parser
+    Ok(regex
    let captures = WEBFINGER_REGEX
        .captures(query)
-        .ok_or(WebFingerError::WrongFormat)?;
+        .and_then(|c| c.get(1))
-
+        .ok_or_else(|| Error::other(anyhow!("Webfinger regex failed to match")))?
-    let account_name = captures.get(1).ok_or(WebFingerError::WrongFormat)?;
+        .as_str()
-
+        .to_string())
    if captures.get(2).map(|m| m.as_str()) != Some(data.domain()) {
        return Err(WebFingerError::WrongDomain.into());
    }
    Ok(account_name.as_str())
 }
 /// Builds a basic webfinger response for the actor.
@ -161,69 +96,29 @@ where
 /// # Ok::<(), anyhow::Error>(())
 /// ```
 pub fn build_webfinger_response(subject: String, url: Url) -> Webfinger {
    build_webfinger_response_with_type(subject, vec![(url, None)])
 }
 /// Builds a webfinger response similar to `build_webfinger_response`. Use this when you want to
 /// return multiple actors who share the same namespace and to specify the type of the actor.
 ///
 /// `urls` takes a vector of tuples. The first item of the tuple is the URL while the second
 /// item is the type, such as `"Person"` or `"Group"`. If `None` is passed for the type, the field
 /// will be empty.
 ///
 /// ```
 /// # use url::Url;
 /// # use activitypub_federation::fetch::webfinger::build_webfinger_response_with_type;
 /// let subject = "acct:nutomic@lemmy.ml".to_string();
 /// let user = Url::parse("https://lemmy.ml/u/nutomic")?;
 /// let group = Url::parse("https://lemmy.ml/c/asklemmy")?;
 /// build_webfinger_response_with_type(subject, vec![
 ///     (user, Some("Person")),
 ///     (group, Some("Group"))]);
 /// # Ok::<(), anyhow::Error>(())
 /// ```
 pub fn build_webfinger_response_with_type(
    subject: String,
    urls: Vec<(Url, Option<&str>)>,
 ) -> Webfinger {
    Webfinger {
        subject,
-        links: urls.iter().fold(vec![], |mut acc, (url, kind)| {
+        links: vec![
-            let properties: HashMap<Url, String> = kind
+            WebfingerLink {
-                .map(|kind| {
+                rel: Some("http://webfinger.net/rel/profile-page".to_string()),
-                    HashMap::from([(
+                kind: Some("text/html".to_string()),
-                        "https://www.w3.org/ns/activitystreams#type"
+                href: Some(url.clone()),
-                            .parse()
+                properties: Default::default(),
-                            .expect("parse url"),
+            },
-                        kind.to_string(),
+            WebfingerLink {
-                    )])
+                rel: Some("self".to_string()),
-                })
+                kind: Some(APUB_JSON_CONTENT_TYPE.to_string()),
-                .unwrap_or_default();
+                href: Some(url),
-            let mut links = vec![
+                properties: Default::default(),
-                WebfingerLink {
+            },
-                    rel: Some("http://webfinger.net/rel/profile-page".to_string()),
+        ],
                    kind: Some("text/html".to_string()),
                    href: Some(url.clone()),
                    ..Default::default()
                },
                WebfingerLink {
                    rel: Some("self".to_string()),
                    kind: Some(FEDERATION_CONTENT_TYPE.to_string()),
                    href: Some(url.clone()),
                    properties,
                    ..Default::default()
                },
            ];
            acc.append(&mut links);
            acc
        }),
        aliases: vec![],
        properties: Default::default(),
    }
 }
 /// A webfinger response with information about a `Person` or other type of actor.
-#[derive(Serialize, Deserialize, Debug, Default, PartialEq)]
+#[derive(Serialize, Deserialize, Debug)]
 pub struct Webfinger {
    /// The actor which is described here, for example `acct:LemmyDev@mastodon.social`
    pub subject: String,
@ -238,7 +133,7 @@ pub struct Webfinger {
 }
 /// A single link included as part of a [Webfinger] response.
-#[derive(Serialize, Deserialize, Debug, Default, PartialEq)]
+#[derive(Serialize, Deserialize, Debug)]
 pub struct WebfingerLink {
    /// Relationship of the link, such as `self` or `http://webfinger.net/rel/profile-page`
    pub rel: Option<String>,
@ -247,15 +142,12 @@ pub struct WebfingerLink {
    pub kind: Option<String>,
    /// Url pointing to the target resource
    pub href: Option<Url>,
    /// Used for remote follow external interaction url
    pub template: Option<String>,
    /// Additional data about the link
    #[serde(default, skip_serializing_if = "HashMap::is_empty")]
    pub properties: HashMap<Url, String>,
 }
 #[cfg(test)]
 #[allow(clippy::unwrap_used)]
 mod tests {
    use super::*;
    use crate::{
@ -263,52 +155,17 @@ mod tests {
        traits::tests::{DbConnection, DbUser},
    };
-    #[tokio::test]
+    #[actix_rt::test]
-    async fn test_webfinger() -> Result<(), Error> {
+    async fn test_webfinger() {
        let config = FederationConfig::builder()
            .domain("example.com")
            .app_data(DbConnection)
            .build()
            .await
            .unwrap();
        let data = config.to_request_data();
-
+        let res =
-        webfinger_resolve_actor::<DbConnection, DbUser>("LemmyDev@mastodon.social", &data).await?;
+            webfinger_resolve_actor::<DbConnection, DbUser>("LemmyDev@mastodon.social", &data)
-        Ok(())
+                .await;
-    }
+        assert!(res.is_ok());
    #[tokio::test]
    async fn test_webfinger_extract_name() -> Result<(), Error> {
        use crate::traits::tests::DbConnection;
        let data = Data {
            config: FederationConfig::builder()
                .domain("example.com")
                .app_data(DbConnection)
                .build()
                .await
                .unwrap(),
            request_counter: Default::default(),
        };
        assert_eq!(
            Ok("test123"),
            extract_webfinger_name("acct:test123@example.com", &data)
        );
        assert_eq!(
            Ok("Владимир"),
            extract_webfinger_name("acct:Владимир@example.com", &data)
        );
        assert_eq!(
            Ok("example.com"),
            extract_webfinger_name("acct:example.com@example.com", &data)
        );
        assert_eq!(
            Ok("da-sh"),
            extract_webfinger_name("acct:da-sh@example.com", &data)
        );
        assert_eq!(
            Ok("تجريب"),
            extract_webfinger_name("acct:تجريب@example.com", &data)
        );
        Ok(())
    }
 }
--- a/src/http_signatures.rs
+++ b/src/http_signatures.rs
@ -1,38 +1,32 @@
 //! Generating keypairs, creating and verifying signatures
 //!
 //! Signature creation and verification is handled internally in the library. See
-//! [send_activity](crate::activity_sending::SendActivityTask::sign_and_send) and
+//! [send_activity](crate::activity_queue::send_activity) and
 //! [receive_activity (actix-web)](crate::actix_web::inbox::receive_activity) /
 //! [receive_activity (axum)](crate::axum::inbox::receive_activity).
 use crate::{
    config::Data,
    error::{Error, Error::ActivitySignatureInvalid},
    fetch::object_id::ObjectId,
    protocol::public_key::main_key_id,
    traits::{Actor, Object},
 };
 use base64::{engine::general_purpose::STANDARD as Base64, Engine};
 use bytes::Bytes;
 use http::{header::HeaderName, uri::PathAndQuery, HeaderValue, Method, Uri};
-use http_signature_normalization_reqwest::{
+use http_signature_normalization_reqwest::prelude::{Config, SignExt};
-    prelude::{Config, SignExt},
+use once_cell::sync::{Lazy, OnceCell};
-    DefaultSpawner,
+use openssl::{
    hash::MessageDigest,
    pkey::PKey,
    rsa::Rsa,
    sign::{Signer, Verifier},
 };
 use reqwest::Request;
 use reqwest_middleware::RequestBuilder;
 use rsa::{
    pkcs8::{DecodePublicKey, EncodePrivateKey, EncodePublicKey, LineEnding},
    Pkcs1v15Sign,
    RsaPrivateKey,
    RsaPublicKey,
 };
 use serde::Deserialize;
 use sha2::{Digest, Sha256};
-use std::{collections::BTreeMap, fmt::Debug, sync::LazyLock, time::Duration};
+use std::{collections::BTreeMap, fmt::Debug, io::ErrorKind};
 use tracing::debug;
 use url::Url;
 static HTTP_SIG_CONFIG: OnceCell<Config> = OnceCell::new();
 /// A private/public key pair used for HTTP signatures
 #[derive(Debug, Clone)]
 pub struct Keypair {
@ -42,62 +36,43 @@ pub struct Keypair {
    pub public_key: String,
 }
 impl Keypair {
    /// Helper method to turn this into an openssl private key
    #[cfg(test)]
    pub(crate) fn private_key(&self) -> Result<RsaPrivateKey, anyhow::Error> {
        use rsa::pkcs8::DecodePrivateKey;
        Ok(RsaPrivateKey::from_pkcs8_pem(&self.private_key)?)
    }
 }
 /// Generate a random asymmetric keypair for ActivityPub HTTP signatures.
-///
+pub fn generate_actor_keypair() -> Result<Keypair, std::io::Error> {
-/// Note that this method is very slow in debug mode. To make it faster, follow
+    let rsa = Rsa::generate(2048)?;
-/// instructions in the RSA crate's readme.
+    let pkey = PKey::from_rsa(rsa)?;
-/// <https://github.com/RustCrypto/RSA/blob/master/README.md>
+    let public_key = pkey.public_key_to_pem()?;
-pub fn generate_actor_keypair() -> Result<Keypair, Error> {
+    let private_key = pkey.private_key_to_pem_pkcs8()?;
-    let mut rng = rand::thread_rng();
+    let key_to_string = |key| match String::from_utf8(key) {
-    let rsa = RsaPrivateKey::new(&mut rng, 2048)?;
+        Ok(s) => Ok(s),
-    let pkey = RsaPublicKey::from(&rsa);
+        Err(e) => Err(std::io::Error::new(
-    let public_key = pkey.to_public_key_pem(LineEnding::default())?;
+            ErrorKind::Other,
-    let private_key = rsa.to_pkcs8_pem(LineEnding::default())?.to_string();
+            format!("Failed converting key to string: {}", e),
        )),
    };
    Ok(Keypair {
-        private_key,
+        private_key: key_to_string(private_key)?,
-        public_key,
+        public_key: key_to_string(public_key)?,
    })
 }
 /// Time for which HTTP signatures are valid.
 ///
 /// This field is optional in the standard, but required by the Rust library. It is not clear
 /// what security concerns this expiration solves (if any), so we set a very high value of one hour
 /// to avoid any potential problems due to wrong clocks, overloaded servers or delayed delivery.
 pub(crate) const EXPIRES_AFTER: Duration = Duration::from_secs(60 * 60);
 /// Creates an HTTP post request to `inbox_url`, with the given `client` and `headers`, and
 /// `activity` as request body. The request is signed with `private_key` and then sent.
 pub(crate) async fn sign_request(
    request_builder: RequestBuilder,
-    actor_id: &Url,
+    actor_id: Url,
-    activity: Bytes,
+    activity: String,
-    private_key: RsaPrivateKey,
+    private_key: String,
    http_signature_compat: bool,
-) -> Result<Request, Error> {
+) -> Result<Request, anyhow::Error> {
-    static CONFIG: LazyLock<Config<DefaultSpawner>> =
+    let key_id = main_key_id(&actor_id);
-        LazyLock::new(|| Config::new().set_expiration(EXPIRES_AFTER));
+    let sig_conf = HTTP_SIG_CONFIG.get_or_init(|| {
-    static CONFIG_COMPAT: LazyLock<Config> = LazyLock::new(|| {
+        let c = Config::new();
-        Config::new()
+        if http_signature_compat {
-            .mastodon_compat()
+            c.mastodon_compat()
-            .set_expiration(EXPIRES_AFTER)
+        } else {
            c
        }
    });
    let key_id = main_key_id(actor_id);
    let sig_conf = match http_signature_compat {
        false => CONFIG.clone(),
        true => CONFIG_COMPAT.clone(),
    };
    request_builder
        .signature_with_digest(
            sig_conf.clone(),
@ -105,20 +80,20 @@ pub(crate) async fn sign_request(
            Sha256::new(),
            activity,
            move |signing_string| {
-                Ok(Base64.encode(private_key.sign(
+                let private_key = PKey::private_key_from_pem(private_key.as_bytes())?;
-                    Pkcs1v15Sign::new::<Sha256>(),
+                let mut signer = Signer::new(MessageDigest::sha256(), &private_key)?;
-                    &Sha256::digest(signing_string.as_bytes()),
+                signer.update(signing_string.as_bytes())?;
-                )?)) as Result<_, Error>
+
                Ok(base64::encode(signer.sign_to_vec()?)) as Result<_, anyhow::Error>
            },
        )
        .await
 }
-/// Verifies the HTTP signature on an incoming federation request
+static CONFIG2: Lazy<http_signature_normalization::Config> =
-/// for a given actor's public key.
+    Lazy::new(http_signature_normalization::Config::new);
-///
+
-/// Internally, this just converts the headers to a BTreeMap and passes to
+/// Verifies the HTTP signature on an incoming inbox request.
 /// `verify_signature_inner` for actual signature verification.
 pub(crate) fn verify_signature<'a, H>(
    headers: H,
    method: &Method,
@ -134,90 +109,22 @@ where
            header_map.insert(name.to_string(), value.to_string());
        }
    }
    verify_signature_inner(header_map, method, uri, public_key)
 }
 /// Checks whether the given federation request has a valid signature,
 /// from any actor of type A, and returns that actor if a valid signature is found.
 /// This function will return an `Err` variant when no signature is found
 /// or if the signature could not be verified.
 pub(crate) async fn signing_actor<'a, A, H>(
    headers: H,
    method: &Method,
    uri: &Uri,
    data: &Data<<A as Object>::DataType>,
 ) -> Result<A, <A as Object>::Error>
 where
    A: Object + Actor + Send + Sync,
    <A as Object>::Error: From<Error>,
    for<'de2> <A as Object>::Kind: Deserialize<'de2>,
    H: IntoIterator<Item = (&'a HeaderName, &'a HeaderValue)>,
 {
    let mut header_map = BTreeMap::<String, String>::new();
    for (name, value) in headers {
        if let Ok(value) = value.to_str() {
            header_map.insert(name.to_string(), value.to_string());
        }
    }
    let signature = header_map
        .get("signature")
        .ok_or(Error::ActivitySignatureInvalid)?;
    let actor_id_re = regex::Regex::new("keyId=\"([^\"]+)#([^\"]+)\"").expect("regex error");
    let actor_id = match actor_id_re.captures(signature) {
        None => return Err(Error::ActivitySignatureInvalid.into()),
        Some(caps) => caps.get(1).expect("regex error").as_str(),
    };
    let actor_url = Url::parse(actor_id).map_err(|_| Error::ActivitySignatureInvalid)?;
    let actor_id: ObjectId<A> = actor_url.into();
    let actor = actor_id.dereference(data).await?;
    let public_key = actor.public_key_pem();
    verify_signature_inner(header_map, method, uri, public_key)?;
    Ok(actor)
 }
 /// Verifies that the signature present in the request is valid for
 /// the specified actor's public key.
 fn verify_signature_inner(
    header_map: BTreeMap<String, String>,
    method: &Method,
    uri: &Uri,
    public_key: &str,
 ) -> Result<(), Error> {
    static CONFIG: LazyLock<http_signature_normalization::Config> = LazyLock::new(|| {
        http_signature_normalization::Config::new()
            .set_expiration(EXPIRES_AFTER)
            .require_digest()
    });
    let path_and_query = uri.path_and_query().map(PathAndQuery::as_str).unwrap_or("");
-    let verified = CONFIG
+    let verified = CONFIG2
        .begin_verify(method.as_str(), path_and_query, header_map)
-        .map_err(|val| Error::Other(val.to_string()))?
+        .map_err(Error::other)?
-        .verify(|signature, signing_string| -> Result<bool, Error> {
+        .verify(|signature, signing_string| -> anyhow::Result<bool> {
            debug!(
                "Verifying with key {}, message {}",
                &public_key, &signing_string
            );
-            let public_key = RsaPublicKey::from_public_key_pem(public_key)?;
+            let public_key = PKey::public_key_from_pem(public_key.as_bytes())?;
-
+            let mut verifier = Verifier::new(MessageDigest::sha256(), &public_key)?;
-            let base64_decoded = Base64
+            verifier.update(signing_string.as_bytes())?;
-                .decode(signature)
+            Ok(verifier.verify(&base64::decode(signature)?)?)
-                .map_err(|err| Error::Other(err.to_string()))?;
+        })
-
+        .map_err(Error::other)?;
            Ok(public_key
                .verify(
                    Pkcs1v15Sign::new::<Sha256>(),
                    &Sha256::digest(signing_string.as_bytes()),
                    &base64_decoded,
                )
                .is_ok())
        })?;
    if verified {
        debug!("verified signature for {}", uri);
@ -261,7 +168,7 @@ impl DigestPart {
 }
 /// Verify body of an inbox request against the hash provided in `Digest` header.
-pub(crate) fn verify_body_hash(
+pub(crate) fn verify_inbox_hash(
    digest_header: Option<&HeaderValue>,
    body: &[u8],
 ) -> Result<(), Error> {
@ -272,157 +179,10 @@ pub(crate) fn verify_body_hash(
    for part in digest {
        hasher.update(body);
-        if Base64.encode(hasher.finalize_reset()) != part.digest {
+        if base64::encode(hasher.finalize_reset()) != part.digest {
            return Err(Error::ActivityBodyDigestInvalid);
        }
    }
    Ok(())
 }
 /// Internal only
 #[cfg(test)]
 #[allow(clippy::unwrap_used)]
 pub mod test {
    use super::*;
    use crate::activity_sending::generate_request_headers;
    use reqwest::Client;
    use reqwest_middleware::ClientWithMiddleware;
    use rsa::{pkcs1::DecodeRsaPrivateKey, pkcs8::DecodePrivateKey};
    use std::str::FromStr;
    static ACTOR_ID: LazyLock<Url> =
        LazyLock::new(|| Url::parse("https://example.com/u/alice").unwrap());
    static INBOX_URL: LazyLock<Url> =
        LazyLock::new(|| Url::parse("https://example.com/u/alice/inbox").unwrap());
    #[tokio::test]
    async fn test_sign() {
        let mut headers = generate_request_headers(&INBOX_URL);
        // use hardcoded date in order to test against hardcoded signature
        headers.insert(
            "date",
            HeaderValue::from_str("Tue, 28 Mar 2023 21:03:44 GMT").unwrap(),
        );
        let request_builder = ClientWithMiddleware::from(Client::new())
            .post(INBOX_URL.to_string())
            .headers(headers);
        let request = sign_request(
            request_builder,
            &ACTOR_ID,
            "my activity".into(),
            RsaPrivateKey::from_pkcs8_pem(&test_keypair().private_key).unwrap(),
            // set this to prevent created/expires headers to be generated and inserted
            // automatically from current time
            true,
        )
        .await
        .unwrap();
        let signature = request
            .headers()
            .get("signature")
            .unwrap()
            .to_str()
            .unwrap();
        let expected_signature = concat!(
            "keyId=\"https://example.com/u/alice#main-key\",",
            "algorithm=\"hs2019\",",
            "headers=\"(request-target) content-type date digest host\",",
            "signature=\"BpZhHNqzd6d6jhWOxyJ0jXwWWxiKMNK7i3mrr/5mVFnH7fUpicwqw8cSYVr",
            "cwWjt0I07HW7rZFUfIdSgCoOEdvxtrccF/hTrwYgm8O6SQRHl1UfFtDR6e9EpfPieVmTjo0",
            "QVfyzLLa41rmnz/yFqqer/v0kcdED51/dGe8NCGPBbhgK6C4oh7r+XHsQZMIhh38BcfZVWN",
            "YaMqgyhFxu2f34IKnOEk6NjSaNtO+PzQUhbksTvH0Vvi6R0dtQINJFdONVBl4AwDC1INeF5",
            "uhQo/SaKHfP3UitUHdM5Pbn+LhZYDB9AaQAW5ZGD43Aw15ecwsnKi4HcjV8nBw4zehlvaQ==\""
        );
        assert_eq!(signature, expected_signature);
    }
    #[tokio::test]
    async fn test_verify() {
        let headers = generate_request_headers(&INBOX_URL);
        let request_builder = ClientWithMiddleware::from(Client::new())
            .post(INBOX_URL.to_string())
            .headers(headers);
        let request = sign_request(
            request_builder,
            &ACTOR_ID,
            "my activity".to_string().into(),
            RsaPrivateKey::from_pkcs8_pem(&test_keypair().private_key).unwrap(),
            false,
        )
        .await
        .unwrap();
        let valid = verify_signature(
            request.headers(),
            request.method(),
            &Uri::from_str(request.url().as_str()).unwrap(),
            &test_keypair().public_key,
        );
        println!("{:?}", &valid);
        assert!(valid.is_ok());
    }
    #[test]
    fn test_verify_body_hash_valid() {
        let digest_header =
            HeaderValue::from_static("SHA-256=lzFT+G7C2hdI5j8M+FuJg1tC+O6AGMVJhooTCKGfbKM=");
        let body = "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.";
        let valid = verify_body_hash(Some(&digest_header), body.as_bytes());
        println!("{:?}", &valid);
        assert!(valid.is_ok());
    }
    #[test]
    fn test_verify_body_hash_not_valid() {
        let digest_header =
            HeaderValue::from_static("SHA-256=Z9h7DJfYWjffXw2XftmWCnpEaK/yqOHKvzCIzIaqgbU=");
        let body = "lorem ipsum";
        let invalid = verify_body_hash(Some(&digest_header), body.as_bytes());
        assert_eq!(invalid, Err(Error::ActivityBodyDigestInvalid));
    }
    /// Internal only, return hardcoded keypair for testing
    pub fn test_keypair() -> Keypair {
        let rsa = RsaPrivateKey::from_pkcs1_pem(PRIVATE_KEY).unwrap();
        let pkey = RsaPublicKey::from(&rsa);
        let public_key = pkey.to_public_key_pem(LineEnding::default()).unwrap();
        let private_key = rsa.to_pkcs8_pem(LineEnding::default()).unwrap().to_string();
        Keypair {
            private_key,
            public_key,
        }
    }
    /// Hardcoded private key so that signature doesn't change across runs
    const PRIVATE_KEY: &str = concat!(
        "-----BEGIN RSA PRIVATE KEY-----\n",
        "MIIEogIBAAKCAQEA2kZpsvWYrwM9zMQiDwo4k6/VfpK2aDTeVe9ZkcvDrrWfqt72\n",
        "QSjjtXLa8sxJlEn+/zbnZ1lG3AO/WsKs2jiOycNQHBS1ITnSZKEpdKnAoLUn4k16\n",
        "YivRmALyLedOfIrvMtQzH8a+kOQ71u2Wa3H9jpkCT5W9OneEBa3VjQp49kcrF3tm\n",
        "mrEUhfai5GJM4xrdr587y7exkBF4wObepta9opSeuBkPV4QXZPfgmjwW+oOTheVH\n",
        "6L7yjzvjW92j4/T6XKAcu0kn/aQhR8SiGtPBMyOlcW4S2eDHWf1RlqbNGb5L9Qam\n",
        "fb0WAymx0ANLUDQyXAu5zViMrd4g8mgdkg7C1wIDAQABAoIBAAHAT0Uvsguz0Frq\n",
        "0Li8+A4I4U/RQeqW6f9XtHWpl3NSYuqOPJZY2DxypHRB1Iex13x/gBHH/8jwgShR\n",
        "2x/3ev9kmsLu6f+CcdniCFQdFiRaVh/IFI0Ve7cz5tkcoiuSB2NDNcaYFwIdYqfr\n",
        "Ytz2OCn2hLQHKB9M9pLMSnDsPmMAOveY11XfhkECrWlh1bx9YPyJScnNKTblB3M+\n",
        "GhYL3xzuCxPCC9nUfqz7Y8FnZTCmePOwcRflJDTLFs6Bqkv1PZOZWzI+7akaJxfI\n",
        "SOSw3VkGegsdoGVgHobqT2tqL8vuKM1bs47PFwWjVCGEoOvcC/Ha1+INemWbh7VA\n",
        "Xa/jvxkCgYEA/+AxeMCLCmH/F696W3RpPdFL25wSYQr1auV2xRfmsT+hhpSp3yz/\n",
        "ypkazS9TbnSCm18up+jE9rJ1c9VIZrgcTeKzPURzE68RR8uOsa9o9kaUzfyvRAzb\n",
        "fmQXMvv2rmm9U7srhjpvKo1BcHpQIQYToKt0TOv7soSEY2jGNvaK6i0CgYEA2mGL\n",
        "sL36WoHF3x2DZNvknLJGjxPSMmdjjfflFRqxKeP+Sf54C4QH/1hxHe/yl/KMBTfa\n",
        "woBl05SrwTnQ7bOeR8VTmzP53JfkECT5I9h/g8vT8dkz5WQXWNDgy61Imq/UmWwm\n",
        "DHElGrkF31oy5w6+aZ58Sa5bXhBDYpkUP9+pV5MCgYAW5BCo89i8gg3XKZyxp9Vu\n",
        "cVXu/KRsSBWyjXq1oTDDNKUXrB8SVy0/C7lpF83H+OZiTf6XiOxuAYMebLtAbUIi\n",
        "+Z/9YC1HWocaPCy02rNyLNhNIUjwtpHAWeX1arMj4VPNtNXs+TdOwDpVfKvEeI2y\n",
        "9wO9ifMHgnFxj0MEUcQVtQKBgHg2Mhs8uM+RmEbVjDq9AP9w835XPuIYH6lKyIPx\n",
        "iYyxwI0i0xojt/NL0BjWuQgDsCg/MuDWpTbvJAzdsrDmqz5+1SMeXXCc/CIW+D5P\n",
        "MwJt9WGwWuzvSBrQAK6d2NWt7K335on6zp4DM8RbdqHSb+bcIza8D/ebpDxmX8s5\n",
        "Z5KZAoGAX8u+63w1uy1FLhf48SqmjOqkAjdUZCWEmaim69koAOdTIBSSDOnAqzGu\n",
        "wIVdLLzI6xTgbYmfErCwpU2v8MfUWr0BDzjQ9G6c5rhcS1BkfxbeAsC42XaVIgCk\n",
        "2sMNMqi6f96jbp4IQI70BpecsnBAUa+VoT57bZRvy0lW26w9tYI=\n",
        "-----END RSA PRIVATE KEY-----\n"
    );
 }
--- a/src/lib.rs
+++ b/src/lib.rs
@ -11,7 +11,6 @@
 #![deny(missing_docs)]
 pub mod activity_queue;
 pub mod activity_sending;
 #[cfg(feature = "actix-web")]
 pub mod actix_web;
 #[cfg(feature = "axum")]
@ -23,53 +22,8 @@ pub mod http_signatures;
 pub mod protocol;
 pub(crate) mod reqwest_shim;
 pub mod traits;
 mod utils;
 use crate::{
    config::Data,
    error::Error,
    fetch::object_id::ObjectId,
    traits::{Activity, Actor, Object},
 };
 pub use activitystreams_kinds as kinds;
 use serde::{de::DeserializeOwned, Deserialize};
 use url::Url;
 /// Mime type for Activitypub data, used for `Accept` and `Content-Type` HTTP headers
-pub const FEDERATION_CONTENT_TYPE: &str = "application/activity+json";
+pub static APUB_JSON_CONTENT_TYPE: &str = "application/activity+json";
 /// Deserialize incoming inbox activity to the given type, perform basic
 /// validation and extract the actor.
 async fn parse_received_activity<A, ActorT, Datatype>(
    body: &[u8],
    data: &Data<Datatype>,
 ) -> Result<(A, ActorT), <A as Activity>::Error>
 where
    A: Activity<DataType = Datatype> + DeserializeOwned + Send + 'static,
    ActorT: Object<DataType = Datatype> + Actor + Send + Sync + 'static,
    for<'de2> <ActorT as Object>::Kind: serde::Deserialize<'de2>,
    <A as Activity>::Error: From<Error> + From<<ActorT as Object>::Error>,
    <ActorT as Object>::Error: From<Error>,
    Datatype: Clone,
 {
    let activity: A = serde_json::from_slice(body).map_err(|err| {
        // Attempt to include activity id in error message
        let id = extract_id(body).ok();
        Error::ParseReceivedActivity { err, id }
    })?;
    data.config.verify_url_and_domain(&activity).await?;
    let actor = ObjectId::<ActorT>::from(activity.actor().clone())
        .dereference(data)
        .await?;
    Ok((activity, actor))
 }
 /// Attempt to parse id field from serialized json
 fn extract_id(data: &[u8]) -> serde_json::Result<Url> {
    #[derive(Deserialize)]
    struct Id {
        id: Url,
    }
    Ok(serde_json::from_slice::<Id>(data)?.id)
 }
--- a/src/protocol/context.rs
+++ b/src/protocol/context.rs
@ -15,11 +15,15 @@
 //! };
 //! let note_with_context = WithContext::new_default(note);
 //! let serialized = serde_json::to_string(&note_with_context)?;
-//! assert_eq!(serialized, r#"{"@context":"https://www.w3.org/ns/activitystreams","content":"Hello world"}"#);
+//! assert_eq!(serialized, r#"{"@context":["https://www.w3.org/ns/activitystreams"],"content":"Hello world"}"#);
 //! Ok::<(), serde_json::error::Error>(())
 //! ```
-use crate::{config::Data, traits::Activity};
+use crate::{
    config::RequestData,
    protocol::helpers::deserialize_one_or_many,
    traits::ActivityHandler,
 };
 use serde::{Deserialize, Serialize};
 use serde_json::Value;
 use url::Url;
@ -31,7 +35,8 @@ const DEFAULT_CONTEXT: &str = "https://www.w3.org/ns/activitystreams";
 #[derive(Serialize, Deserialize, Debug)]
 pub struct WithContext<T> {
    #[serde(rename = "@context")]
-    context: Value,
+    #[serde(deserialize_with = "deserialize_one_or_many")]
    context: Vec<Value>,
    #[serde(flatten)]
    inner: T,
 }
@ -39,12 +44,12 @@ pub struct WithContext<T> {
 impl<T> WithContext<T> {
    /// Create a new wrapper with the default Activitypub context.
    pub fn new_default(inner: T) -> WithContext<T> {
-        let context = Value::String(DEFAULT_CONTEXT.to_string());
+        let context = vec![Value::String(DEFAULT_CONTEXT.to_string())];
        WithContext::new(inner, context)
    }
    /// Create new wrapper with custom context. Use this in case you are implementing extensions.
-    pub fn new(inner: T, context: Value) -> WithContext<T> {
+    pub fn new(inner: T, context: Vec<Value>) -> WithContext<T> {
        WithContext { context, inner }
    }
@ -55,12 +60,12 @@ impl<T> WithContext<T> {
 }
 #[async_trait::async_trait]
-impl<T> Activity for WithContext<T>
+impl<T> ActivityHandler for WithContext<T>
 where
-    T: Activity + Send + Sync,
+    T: ActivityHandler + Send + Sync,
 {
-    type DataType = <T as Activity>::DataType;
+    type DataType = <T as ActivityHandler>::DataType;
-    type Error = <T as Activity>::Error;
+    type Error = <T as ActivityHandler>::Error;
    fn id(&self) -> &Url {
        self.inner.id()
@ -70,23 +75,11 @@ where
        self.inner.actor()
    }
-    async fn verify(&self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
+    async fn verify(&self, data: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
        self.inner.verify(data).await
    }
-    async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
+    async fn receive(self, data: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
        self.inner.receive(data).await
    }
 }
 impl<T> Clone for WithContext<T>
 where
    T: Clone,
 {
    fn clone(&self) -> Self {
        Self {
            context: self.context.clone(),
            inner: self.inner.clone(),
        }
    }
 }
--- a/src/protocol/helpers.rs
+++ b/src/protocol/helpers.rs
@ -1,22 +1,13 @@
 //! Serde deserialization functions which help to receive differently shaped data
-use activitystreams_kinds::public;
+use serde::{Deserialize, Deserializer};
 use itertools::Itertools;
 use serde::{de::Error, Deserialize, Deserializer};
 use serde_json::Value;
 use url::Url;
-/// Deserialize JSON single value or array into `Vec<Url>`.
+/// Deserialize JSON single value or array into Vec.
 ///
 /// Useful if your application can handle multiple values for a field, but another federated
 /// platform only sends a single one.
 ///
 /// Also accepts common `Public` aliases for recipient fields. Some implementations send `Public`
 /// or `as:Public` instead of the canonical `https://www.w3.org/ns/activitystreams#Public` URL
 /// in fields such as `to` and `cc`.
 ///
 /// ```
 /// # use activitypub_federation::kinds::public;
 /// # use activitypub_federation::protocol::helpers::deserialize_one_or_many;
 /// # use url::Url;
 /// #[derive(serde::Deserialize)]
@ -34,39 +25,24 @@ use url::Url;
 ///      "https://lemmy.ml/u/bob"
 /// ]}"#)?;
 /// assert_eq!(multiple.to.len(), 2);
-///
+/// Ok::<(), anyhow::Error>(())
-/// let note: Note = serde_json::from_str(r#"{"to": ["Public", "as:Public"]}"#)?;
+pub fn deserialize_one_or_many<'de, T, D>(deserializer: D) -> Result<Vec<T>, D::Error>
 /// assert_eq!(note.to, vec![public()]);
 /// # Ok::<(), anyhow::Error>(())
 /// ```
 pub fn deserialize_one_or_many<'de, D>(deserializer: D) -> Result<Vec<Url>, D::Error>
 where
    T: Deserialize<'de>,
    D: Deserializer<'de>,
 {
    #[derive(Deserialize)]
    #[serde(untagged)]
-    enum OneOrMany {
+    enum OneOrMany<T> {
-        Many(Vec<Value>),
+        One(T),
-        One(Value),
+        Many(Vec<T>),
    }
-    let result: OneOrMany = Deserialize::deserialize(deserializer)?;
+    let result: OneOrMany<T> = Deserialize::deserialize(deserializer)?;
-    let values = match result {
+    Ok(match result {
        OneOrMany::Many(list) => list,
        OneOrMany::One(value) => vec![value],
-        OneOrMany::Many(values) => values,
+    })
    };
    values
        .into_iter()
        .map(|value| match value {
            Value::String(value) if matches!(value.as_str(), "Public" | "as:Public") => {
                Ok(public())
            }
            Value::String(value) => Url::parse(&value).map_err(D::Error::custom),
            value => Url::deserialize(value).map_err(D::Error::custom),
        })
        .collect::<Result<Vec<_>, _>>()
        .map(|values| values.into_iter().unique().collect())
 }
 /// Deserialize JSON single value or single element array into single value.
@ -80,12 +56,12 @@ where
 /// #[derive(serde::Deserialize)]
 /// struct Note {
 ///     #[serde(deserialize_with = "deserialize_one")]
-///     to: [Url; 1]
+///     to: Url
 /// }
 ///
 /// let note = serde_json::from_str::<Note>(r#"{"to": ["https://example.com/u/alice"] }"#);
 /// assert!(note.is_ok());
-pub fn deserialize_one<'de, T, D>(deserializer: D) -> Result<[T; 1], D::Error>
+pub fn deserialize_one<'de, T, D>(deserializer: D) -> Result<T, D::Error>
 where
    T: Deserialize<'de>,
    D: Deserializer<'de>,
@ -99,8 +75,8 @@ where
    let result: MaybeArray<T> = Deserialize::deserialize(deserializer)?;
    Ok(match result {
-        MaybeArray::Simple(value) => [value],
+        MaybeArray::Simple(value) => value,
-        MaybeArray::Array([value]) => [value],
+        MaybeArray::Array([value]) => value,
    })
 }
@ -139,115 +115,3 @@ where
    let inner = T::deserialize(value).unwrap_or_default();
    Ok(inner)
 }
 /// Deserialize either single value or last item from an array into an optional field.
 pub fn deserialize_last<'de, T, D>(deserializer: D) -> Result<Option<T>, D::Error>
 where
    T: Deserialize<'de>,
    D: Deserializer<'de>,
 {
    #[derive(Deserialize)]
    #[serde(untagged)]
    enum MaybeArray<T> {
        Simple(T),
        Array(Vec<T>),
        None,
    }
    let result = Deserialize::deserialize(deserializer)?;
    Ok(match result {
        MaybeArray::Simple(value) => Some(value),
        MaybeArray::Array(value) => value.into_iter().last(),
        MaybeArray::None => None,
    })
 }
 #[cfg(test)]
 mod tests {
    use super::deserialize_one_or_many;
    use activitystreams_kinds::public;
    use anyhow::Result;
    use serde::Deserialize;
    #[test]
    fn deserialize_one_multiple_values() {
        use crate::protocol::helpers::deserialize_one;
        use url::Url;
        #[derive(serde::Deserialize)]
        struct Note {
            #[serde(deserialize_with = "deserialize_one")]
            _to: [Url; 1],
        }
        let note = serde_json::from_str::<Note>(
            r#"{"_to": ["https://example.com/u/alice", "https://example.com/u/bob"] }"#,
        );
        assert!(note.is_err());
    }
    #[test]
    fn deserialize_one_or_many_single_public_aliases() -> Result<()> {
        use url::Url;
        #[derive(Deserialize)]
        struct Note {
            #[serde(deserialize_with = "deserialize_one_or_many")]
            to: Vec<Url>,
        }
        for alias in ["Public", "as:Public"] {
            let note = serde_json::from_str::<Note>(&format!(r#"{{"to": "{alias}"}}"#))?;
            assert_eq!(note.to, vec![public()]);
        }
        Ok(())
    }
    #[test]
    fn deserialize_one_or_many_array() -> Result<()> {
        use url::Url;
        #[derive(Deserialize)]
        struct Note {
            #[serde(deserialize_with = "deserialize_one_or_many")]
            to: Vec<Url>,
        }
        let note = serde_json::from_str::<Note>(
            r#"{
                "to": [
                    "https://example.com/c/main",
                    "Public",
                    "as:Public",
                    "https://www.w3.org/ns/activitystreams#Public"
                ]
            }"#,
        )?;
        assert_eq!(
            note.to,
            vec![Url::parse("https://example.com/c/main")?, public(),]
        );
        Ok(())
    }
    #[test]
    fn deserialize_one_or_many_leaves_other_strings_unchanged() -> Result<()> {
        use url::Url;
        #[derive(Deserialize)]
        struct Note {
            #[serde(deserialize_with = "deserialize_one_or_many")]
            to: Vec<Url>,
            content: String,
        }
        let note = serde_json::from_str::<Note>(r#"{"to": "Public", "content": "Public"}"#)?;
        assert_eq!(note.to, vec![public()]);
        assert_eq!(note.content, "Public");
        Ok(())
    }
 }
--- a/src/protocol/mod.rs
+++ b/src/protocol/mod.rs
@ -3,6 +3,5 @@
 pub mod context;
 pub mod helpers;
 pub mod public_key;
 pub mod tombstone;
 pub mod values;
 pub mod verification;
--- a/src/protocol/public_key.rs
+++ b/src/protocol/public_key.rs
@ -6,7 +6,7 @@ use url::Url;
 /// Public key of actors which is used for HTTP signatures.
 ///
 /// This needs to be federated in the `public_key` field of all actors.
-#[derive(Clone, Debug, Deserialize, Serialize, PartialEq)]
+#[derive(Clone, Debug, Deserialize, Serialize)]
 #[serde(rename_all = "camelCase")]
 pub struct PublicKey {
    /// Id of this private key.
@ -21,7 +21,7 @@ impl PublicKey {
    /// Create a new [PublicKey] struct for the `owner` with `public_key_pem`.
    ///
    /// It uses an standard key id of `{actor_id}#main-key`
-    pub(crate) fn new(owner: Url, public_key_pem: String) -> Self {
+    pub fn new(owner: Url, public_key_pem: String) -> Self {
        let id = main_key_id(&owner);
        PublicKey {
            id,
--- a/src/protocol/tombstone.rs
+++ b/src/protocol/tombstone.rs
@ -1,27 +0,0 @@
 //! Tombstone is used to serve deleted objects
 use crate::kinds::object::TombstoneType;
 use serde::{Deserialize, Serialize};
 use url::Url;
 /// Represents a local object that was deleted
 ///
 /// <https://www.w3.org/TR/activitystreams-vocabulary/#dfn-tombstone>
 #[derive(Clone, Debug, Deserialize, Serialize)]
 #[serde(rename_all = "camelCase")]
 pub struct Tombstone {
    /// Id of the deleted object
    pub id: Url,
    #[serde(rename = "type")]
    pub(crate) kind: TombstoneType,
 }
 impl Tombstone {
    /// Create a new tombstone for the given object id
    pub fn new(id: Url) -> Tombstone {
        Tombstone {
            id,
            kind: TombstoneType::Tombstone,
        }
    }
 }
--- a/src/protocol/values.rs
+++ b/src/protocol/values.rs
@ -35,7 +35,7 @@ use serde::{Deserialize, Serialize};
 /// Media type for markdown text.
 ///
 /// <https://www.iana.org/assignments/media-types/media-types.xhtml>
-#[derive(Clone, Debug, Deserialize, Serialize, PartialEq)]
+#[derive(Clone, Debug, Deserialize, Serialize)]
 pub enum MediaTypeMarkdown {
    /// `text/markdown`
    #[serde(rename = "text/markdown")]
@ -45,7 +45,7 @@ pub enum MediaTypeMarkdown {
 /// Media type for HTML text.
 ///
 /// <https://www.iana.org/assignments/media-types/media-types.xhtml>
-#[derive(Clone, Debug, Deserialize, Serialize, PartialEq)]
+#[derive(Clone, Debug, Deserialize, Serialize)]
 pub enum MediaTypeHtml {
    /// `text/html`
    #[serde(rename = "text/html")]
--- a/src/protocol/verification.rs
+++ b/src/protocol/verification.rs
@ -1,7 +1,6 @@
 //! Verify that received data is valid
-use crate::{config::Data, error::Error, fetch::object_id::ObjectId, traits::Object};
+use crate::error::Error;
 use serde::Deserialize;
 use url::Url;
 /// Check that both urls have the same domain. If not, return UrlVerificationError.
@ -37,38 +36,3 @@ pub fn verify_urls_match(a: &Url, b: &Url) -> Result<(), Error> {
    }
    Ok(())
 }
 /// Check that the given ID doesn't match the local domain.
 ///
 /// It is important to verify this to avoid local objects from being overwritten. In general
 /// locally created objects should be considered authorative, while incoming federated data
 /// is untrusted. Lack of such a check could allow an attacker to rewrite local posts. It could
 /// also result in an `object.local` field being overwritten with `false` for local objects, resulting in invalid data.
 ///
 /// ```
 /// # use activitypub_federation::fetch::object_id::ObjectId;
 /// # use activitypub_federation::config::FederationConfig;
 /// # use activitypub_federation::protocol::verification::verify_is_remote_object;
 /// # use activitypub_federation::traits::tests::{DbConnection, DbUser};
 /// # tokio::runtime::Runtime::new().unwrap().block_on(async {
 /// # let config = FederationConfig::builder().domain("example.com").app_data(DbConnection).build().await?;
 /// # let data = config.to_request_data();
 /// let id = ObjectId::<DbUser>::parse("https://remote.com/u/name")?;
 /// assert!(verify_is_remote_object(&id, &data).is_ok());
 /// # Ok::<(), anyhow::Error>(())
 /// # }).unwrap();
 /// ```
 pub fn verify_is_remote_object<Kind, R: Clone>(
    id: &ObjectId<Kind>,
    data: &Data<<Kind as Object>::DataType>,
 ) -> Result<(), Error>
 where
    Kind: Object<DataType = R> + Send + Sync + 'static,
    for<'de2> <Kind as Object>::Kind: Deserialize<'de2>,
 {
    if id.is_local(data) {
        Err(Error::UrlVerificationError("Object is not remote"))
    } else {
        Ok(())
    }
 }
--- a/src/reqwest_shim.rs
+++ b/src/reqwest_shim.rs
@ -3,15 +3,17 @@ use bytes::{BufMut, Bytes, BytesMut};
 use futures_core::{ready, stream::BoxStream, Stream};
 use pin_project_lite::pin_project;
 use reqwest::Response;
 use serde::de::DeserializeOwned;
 use std::{
    future::Future,
    marker::PhantomData,
    mem,
    pin::Pin,
    task::{Context, Poll},
 };
-/// 1 MB
+/// 100KB
-const MAX_BODY_SIZE: usize = 1024 * 1024;
+const MAX_BODY_SIZE: usize = 102400;
 pin_project! {
    pub struct BytesFuture {
@ -28,7 +30,10 @@ impl Future for BytesFuture {
    fn poll(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Self::Output> {
        loop {
            let this = self.as_mut().project();
-            if let Some(chunk) = ready!(this.stream.poll_next(cx)).transpose()? {
+            if let Some(chunk) = ready!(this.stream.poll_next(cx))
                .transpose()
                .map_err(Error::other)?
            {
                this.aggregator.put(chunk);
                if this.aggregator.len() > *this.limit {
                    return Poll::Ready(Err(Error::ResponseBodyLimit));
@ -44,6 +49,27 @@ impl Future for BytesFuture {
    }
 }
 pin_project! {
    pub struct JsonFuture<T> {
        _t: PhantomData<T>,
        #[pin]
        future: BytesFuture,
    }
 }
 impl<T> Future for JsonFuture<T>
 where
    T: DeserializeOwned,
 {
    type Output = Result<T, Error>;
    fn poll(self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Self::Output> {
        let this = self.project();
        let bytes = ready!(this.future.poll(cx))?;
        Poll::Ready(serde_json::from_slice(&bytes).map_err(Error::other))
    }
 }
 pin_project! {
    pub struct TextFuture {
        #[pin]
@ -57,7 +83,7 @@ impl Future for TextFuture {
    fn poll(self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Self::Output> {
        let this = self.project();
        let bytes = ready!(this.future.poll(cx))?;
-        Poll::Ready(String::from_utf8(bytes.to_vec()).map_err(Error::Utf8))
+        Poll::Ready(String::from_utf8(bytes.to_vec()).map_err(Error::other))
    }
 }
@ -66,21 +92,25 @@ impl Future for TextFuture {
 /// Reqwest doesn't limit the response body size by default nor does it offer an option to configure one.
 /// Since we have to fetch data from untrusted sources, not restricting the maximum size is a DoS hazard for us.
 ///
-/// This shim reimplements the `bytes`, `json`, and `text` functions and restricts the bodies length.
+/// This shim reimplements the `bytes`, `json`, and `text` functions and restricts the bodies to 100KB.
 ///
 /// TODO: Remove this shim as soon as reqwest gets support for size-limited bodies.
 pub trait ResponseExt {
    type BytesFuture;
    type JsonFuture<T>;
    type TextFuture;
    /// Size limited version of `bytes` to work around a reqwest issue. Check [`ResponseExt`] docs for details.
    fn bytes_limited(self) -> Self::BytesFuture;
    /// Size limited version of `json` to work around a reqwest issue. Check [`ResponseExt`] docs for details.
    fn json_limited<T>(self) -> Self::JsonFuture<T>;
    /// Size limited version of `text` to work around a reqwest issue. Check [`ResponseExt`] docs for details.
    fn text_limited(self) -> Self::TextFuture;
 }
 impl ResponseExt for Response {
    type BytesFuture = BytesFuture;
    type JsonFuture<T> = JsonFuture<T>;
    type TextFuture = TextFuture;
    fn bytes_limited(self) -> Self::BytesFuture {
@ -91,6 +121,13 @@ impl ResponseExt for Response {
        }
    }
    fn json_limited<T>(self) -> Self::JsonFuture<T> {
        JsonFuture {
            _t: PhantomData,
            future: self.bytes_limited(),
        }
    }
    fn text_limited(self) -> Self::TextFuture {
        TextFuture {
            future: self.bytes_limited(),
--- a/src/traits.rs
+++ b/src/traits.rs
@ -0,0 +1,493 @@
 //! Traits which need to be implemented for federated data types
 use crate::{config::RequestData, protocol::public_key::PublicKey};
 use async_trait::async_trait;
 use chrono::NaiveDateTime;
 use std::ops::Deref;
 use url::Url;
 /// Helper for converting between database structs and federated protocol structs.
 ///
 /// ```
 /// # use chrono::{Local, NaiveDateTime};
 /// # use url::Url;
 /// # use activitypub_federation::protocol::public_key::PublicKey;
 /// # use activitypub_federation::config::RequestData;
 /// use activitypub_federation::protocol::verification::verify_domains_match;
 /// # use activitypub_federation::traits::ApubObject;
 /// # use activitypub_federation::traits::tests::{DbConnection, Person};
 /// # pub struct DbUser {
 /// #     pub name: String,
 /// #     pub ap_id: Url,
 /// #     pub inbox: Url,
 /// #     pub public_key: String,
 /// #     pub private_key: Option<String>,
 /// #     pub local: bool,
 /// #     pub last_refreshed_at: NaiveDateTime,
 /// # }
 ///
 /// #[async_trait::async_trait]
 /// impl ApubObject for DbUser {
 ///     type DataType = DbConnection;
 ///     type ApubType = Person;
 ///     type Error = anyhow::Error;
 ///
 /// fn last_refreshed_at(&self) -> Option<NaiveDateTime> {
 ///     Some(self.last_refreshed_at)
 /// }
 ///
 /// async fn read_from_apub_id(object_id: Url, data: &RequestData<Self::DataType>) -> Result<Option<Self>, Self::Error> {
 ///         // Attempt to read object from local database. Return Ok(None) if not found.
 ///         let user: Option<DbUser> = data.read_user_from_apub_id(object_id).await?;
 ///         Ok(user)
 ///     }
 ///
 /// async fn into_apub(self, data: &RequestData<Self::DataType>) -> Result<Self::ApubType, Self::Error> {
 ///         // Called when a local object gets sent out over Activitypub. Simply convert it to the
 ///         // protocol struct
 ///         Ok(Person {
 ///             kind: Default::default(),
 ///             preferred_username: self.name,
 ///             id: self.ap_id.clone().into(),
 ///             inbox: self.inbox,
 ///             public_key: PublicKey::new(self.ap_id, self.public_key),
 ///         })
 ///     }
 ///
 ///     async fn verify(apub: &Self::ApubType, expected_domain: &Url, data: &RequestData<Self::DataType>,) -> Result<(), Self::Error> {
 ///         verify_domains_match(apub.id.inner(), expected_domain)?;
 ///         // additional application specific checks
 ///         Ok(())
 ///     }
 ///
 ///     async fn from_apub(apub: Self::ApubType, data: &RequestData<Self::DataType>) -> Result<Self, Self::Error> {
 ///         // Called when a remote object gets received over Activitypub. Validate and insert it
 ///         // into the database.
 ///
 ///         let user = DbUser {
 ///             name: apub.preferred_username,
 ///             ap_id: apub.id.into_inner(),
 ///             inbox: apub.inbox,
 ///             public_key: apub.public_key.public_key_pem,
 ///             private_key: None,
 ///             local: false,
 ///             last_refreshed_at: Local::now().naive_local(),
 ///         };
 ///
 ///         // Make sure not to overwrite any local object
 ///         if data.domain() == user.ap_id.domain().unwrap() {
 ///             // Activitypub doesnt distinguish between creating and updating an object. Thats why we
 ///             // need to use upsert functionality here
 ///             data.upsert(&user).await?;
 ///         }
 ///         Ok(user)
 ///     }
 ///
 /// }
 #[async_trait]
 pub trait ApubObject: Sized {
    /// App data type passed to handlers. Must be identical to
    /// [crate::config::FederationConfigBuilder::app_data] type.
    type DataType: Clone + Send + Sync;
    /// The type of protocol struct which gets sent over network to federate this database struct.
    type ApubType;
    /// Error type returned by handler methods
    type Error;
    /// Returns the last time this object was updated.
    ///
    /// If this returns `Some` and the value is too long ago, the object is refetched from the
    /// original instance. This should always be implemented for actors, because there is no active
    /// update mechanism prescribed. It is possible to send `Update/Person` activities for profile
    /// changes, but not all implementations do this, so `last_refreshed_at` is still necessary.
    ///
    /// The object is refetched if `last_refreshed_at` value is more than 24 hours ago. In debug
    /// mode this is reduced to 20 seconds.
    fn last_refreshed_at(&self) -> Option<NaiveDateTime> {
        None
    }
    /// Try to read the object with given `id` from local database.
    ///
    /// Should return `Ok(None)` if not found.
    async fn read_from_apub_id(
        object_id: Url,
        data: &RequestData<Self::DataType>,
    ) -> Result<Option<Self>, Self::Error>;
    /// Mark remote object as deleted in local database.
    ///
    /// Called when a `Delete` activity is received, or if fetch returns a `Tombstone` object.
    async fn delete(self, _data: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
        Ok(())
    }
    /// Convert database type to Activitypub type.
    ///
    /// Called when a local object gets fetched by another instance over HTTP, or when an object
    /// gets sent in an activity.
    async fn into_apub(
        self,
        data: &RequestData<Self::DataType>,
    ) -> Result<Self::ApubType, Self::Error>;
    /// Verifies that the received object is valid.
    ///
    /// You should check here that the domain of id matches `expected_domain`. Additionally you
    /// should perform any application specific checks.
    ///
    /// It is necessary to use a separate method for this, because it might be used for activities
    /// like `Delete/Note`, which shouldn't perform any database write for the inner `Note`.
    async fn verify(
        apub: &Self::ApubType,
        expected_domain: &Url,
        data: &RequestData<Self::DataType>,
    ) -> Result<(), Self::Error>;
    /// Convert object from ActivityPub type to database type.
    ///
    /// Called when an object is received from HTTP fetch or as part of an activity. This method
    /// should do verification and write the received object to database. Note that there is no
    /// distinction between create and update, so an `upsert` operation should be used.
    async fn from_apub(
        apub: Self::ApubType,
        data: &RequestData<Self::DataType>,
    ) -> Result<Self, Self::Error>;
 }
 /// Handler for receiving incoming activities.
 ///
 /// ```
 /// # use activitystreams_kinds::activity::FollowType;
 /// # use url::Url;
 /// # use activitypub_federation::fetch::object_id::ObjectId;
 /// # use activitypub_federation::config::RequestData;
 /// # use activitypub_federation::traits::ActivityHandler;
 /// # use activitypub_federation::traits::tests::{DbConnection, DbUser};
 /// #[derive(serde::Deserialize)]
 /// struct Follow {
 ///     actor: ObjectId<DbUser>,
 ///     object: ObjectId<DbUser>,
 ///     #[serde(rename = "type")]
 ///     kind: FollowType,
 ///     id: Url,
 /// }
 ///
 /// #[async_trait::async_trait]
 /// impl ActivityHandler for Follow {
 ///     type DataType = DbConnection;
 ///     type Error = anyhow::Error;
 ///
 ///     fn id(&self) -> &Url {
 ///         &self.id
 ///     }
 ///
 ///     fn actor(&self) -> &Url {
 ///         self.actor.inner()
 ///     }
 ///
 ///     async fn verify(&self, data: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
 ///         Ok(())
 ///     }
 ///
 ///     async fn receive(self, data: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
 ///         let local_user = self.object.dereference(data).await?;
 ///         let follower = self.actor.dereference(data).await?;
 ///         data.add_follower(local_user, follower).await?;
 ///         Ok(())
 ///     }
 /// }
 /// ```
 #[async_trait]
 #[enum_delegate::register]
 pub trait ActivityHandler {
    /// App data type passed to handlers. Must be identical to
    /// [crate::config::FederationConfigBuilder::app_data] type.
    type DataType: Clone + Send + Sync;
    /// Error type returned by handler methods
    type Error;
    /// `id` field of the activity
    fn id(&self) -> &Url;
    /// `actor` field of activity
    fn actor(&self) -> &Url;
    /// Verifies that the received activity is valid.
    ///
    /// This needs to be a separate method, because it might be used for activities
    /// like `Undo/Follow`, which shouldn't perform any database write for the inner `Follow`.
    async fn verify(&self, data: &RequestData<Self::DataType>) -> Result<(), Self::Error>;
    /// Called when an activity is received.
    ///
    /// Should perform validation and possibly write action to the database. In case the activity
    /// has a nested `object` field, must call `object.from_apub` handler.
    async fn receive(self, data: &RequestData<Self::DataType>) -> Result<(), Self::Error>;
 }
 /// Trait to allow retrieving common Actor data.
 pub trait Actor: ApubObject {
    /// `id` field of the actor
    fn id(&self) -> &Url;
    /// The actor's public key for verifying signatures of incoming activities.
    ///
    /// Use [generate_actor_keypair](crate::http_signatures::generate_actor_keypair) to create the
    /// actor keypair.
    fn public_key_pem(&self) -> &str;
    /// The inbox where activities for this user should be sent to
    fn inbox(&self) -> Url;
    /// Generates a public key struct for use in the actor json representation
    fn public_key(&self) -> PublicKey {
        PublicKey::new(self.id().clone(), self.public_key_pem().to_string())
    }
    /// The actor's shared inbox, if any
    fn shared_inbox(&self) -> Option<Url> {
        None
    }
    /// Returns shared inbox if it exists, normal inbox otherwise.
    fn shared_inbox_or_inbox(&self) -> Url {
        self.shared_inbox().unwrap_or_else(|| self.inbox())
    }
 }
 /// Allow for boxing of enum variants
 #[async_trait]
 impl<T> ActivityHandler for Box<T>
 where
    T: ActivityHandler + Send + Sync,
 {
    type DataType = T::DataType;
    type Error = T::Error;
    fn id(&self) -> &Url {
        self.deref().id()
    }
    fn actor(&self) -> &Url {
        self.deref().actor()
    }
    async fn verify(&self, data: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
        (*self).verify(data).await
    }
    async fn receive(self, data: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
        (*self).receive(data).await
    }
 }
 /// Some impls of these traits for use in tests. Dont use this from external crates.
 ///
 /// TODO: Should be using `cfg[doctest]` but blocked by <https://github.com/rust-lang/rust/issues/67295>
 #[doc(hidden)]
 #[allow(clippy::unwrap_used)]
 pub mod tests {
    use super::*;
    use crate::{
        fetch::object_id::ObjectId,
        http_signatures::{generate_actor_keypair, Keypair},
        protocol::{public_key::PublicKey, verification::verify_domains_match},
    };
    use activitystreams_kinds::{activity::FollowType, actor::PersonType};
    use anyhow::Error;
    use once_cell::sync::Lazy;
    use serde::{Deserialize, Serialize};
    #[derive(Clone)]
    pub struct DbConnection;
    impl DbConnection {
        pub async fn read_user_from_apub_id<T>(&self, _: Url) -> Result<Option<T>, Error> {
            Ok(None)
        }
        pub async fn read_local_user(&self, _: String) -> Result<DbUser, Error> {
            todo!()
        }
        pub async fn upsert<T>(&self, _: &T) -> Result<(), Error> {
            Ok(())
        }
        pub async fn add_follower(&self, _: DbUser, _: DbUser) -> Result<(), Error> {
            Ok(())
        }
    }
    #[derive(Clone, Debug, Deserialize, Serialize)]
    #[serde(rename_all = "camelCase")]
    pub struct Person {
        #[serde(rename = "type")]
        pub kind: PersonType,
        pub preferred_username: String,
        pub id: ObjectId<DbUser>,
        pub inbox: Url,
        pub public_key: PublicKey,
    }
    #[derive(Debug, Clone)]
    pub struct DbUser {
        pub name: String,
        pub apub_id: Url,
        pub inbox: Url,
        pub public_key: String,
        #[allow(dead_code)]
        private_key: Option<String>,
        pub followers: Vec<Url>,
        pub local: bool,
    }
    pub static DB_USER_KEYPAIR: Lazy<Keypair> = Lazy::new(|| generate_actor_keypair().unwrap());
    pub static DB_USER: Lazy<DbUser> = Lazy::new(|| DbUser {
        name: String::new(),
        apub_id: "https://localhost/123".parse().unwrap(),
        inbox: "https://localhost/123/inbox".parse().unwrap(),
        public_key: DB_USER_KEYPAIR.public_key.clone(),
        private_key: None,
        followers: vec![],
        local: false,
    });
    #[async_trait]
    impl ApubObject for DbUser {
        type DataType = DbConnection;
        type ApubType = Person;
        type Error = Error;
        async fn read_from_apub_id(
            _object_id: Url,
            _data: &RequestData<Self::DataType>,
        ) -> Result<Option<Self>, Self::Error> {
            Ok(Some(DB_USER.clone()))
        }
        async fn into_apub(
            self,
            _data: &RequestData<Self::DataType>,
        ) -> Result<Self::ApubType, Self::Error> {
            let public_key = PublicKey::new(self.apub_id.clone(), self.public_key.clone());
            Ok(Person {
                preferred_username: self.name.clone(),
                kind: Default::default(),
                id: self.apub_id.into(),
                inbox: self.inbox,
                public_key,
            })
        }
        async fn verify(
            apub: &Self::ApubType,
            expected_domain: &Url,
            _data: &RequestData<Self::DataType>,
        ) -> Result<(), Self::Error> {
            verify_domains_match(apub.id.inner(), expected_domain)?;
            Ok(())
        }
        async fn from_apub(
            apub: Self::ApubType,
            _data: &RequestData<Self::DataType>,
        ) -> Result<Self, Self::Error> {
            Ok(DbUser {
                name: apub.preferred_username,
                apub_id: apub.id.into(),
                inbox: apub.inbox,
                public_key: apub.public_key.public_key_pem,
                private_key: None,
                followers: vec![],
                local: false,
            })
        }
    }
    impl Actor for DbUser {
        fn id(&self) -> &Url {
            &self.apub_id
        }
        fn public_key_pem(&self) -> &str {
            &self.public_key
        }
        fn inbox(&self) -> Url {
            self.inbox.clone()
        }
    }
    #[derive(Deserialize, Serialize, Clone, Debug)]
    #[serde(rename_all = "camelCase")]
    pub struct Follow {
        pub actor: ObjectId<DbUser>,
        pub object: ObjectId<DbUser>,
        #[serde(rename = "type")]
        pub kind: FollowType,
        pub id: Url,
    }
    #[async_trait]
    impl ActivityHandler for Follow {
        type DataType = DbConnection;
        type Error = Error;
        fn id(&self) -> &Url {
            &self.id
        }
        fn actor(&self) -> &Url {
            self.actor.inner()
        }
        async fn verify(&self, _: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
            Ok(())
        }
        async fn receive(self, _data: &RequestData<Self::DataType>) -> Result<(), Self::Error> {
            Ok(())
        }
    }
    #[derive(Clone, Debug, Deserialize, Serialize)]
    #[serde(rename_all = "camelCase")]
    pub struct Note {}
    #[derive(Debug, Clone)]
    pub struct DbPost {}
    #[async_trait]
    impl ApubObject for DbPost {
        type DataType = DbConnection;
        type ApubType = Note;
        type Error = Error;
        async fn read_from_apub_id(
            _: Url,
            _: &RequestData<Self::DataType>,
        ) -> Result<Option<Self>, Self::Error> {
            todo!()
        }
        async fn into_apub(
            self,
            _: &RequestData<Self::DataType>,
        ) -> Result<Self::ApubType, Self::Error> {
            todo!()
        }
        async fn verify(
            _: &Self::ApubType,
            _: &Url,
            _: &RequestData<Self::DataType>,
        ) -> Result<(), Self::Error> {
            todo!()
        }
        async fn from_apub(
            _: Self::ApubType,
            _: &RequestData<Self::DataType>,
        ) -> Result<Self, Self::Error> {
            todo!()
        }
    }
 }
--- a/src/traits/either.rs
+++ b/src/traits/either.rs
@ -1,133 +0,0 @@
 use super::{Actor, Object};
 use crate::{config::Data, error::Error};
 use async_trait::async_trait;
 use chrono::{DateTime, Utc};
 use either::Either;
 use serde::{Deserialize, Serialize};
 use std::fmt::Debug;
 use url::Url;
 #[doc(hidden)]
 #[derive(Serialize, Deserialize)]
 #[serde(untagged)]
 pub enum UntaggedEither<L, R> {
    Left(L),
    Right(R),
 }
 #[async_trait]
 impl<T, R, E, D> Object for Either<T, R>
 where
    T: Object + Object<Error = E, DataType = D> + Send + Sync,
    R: Object + Object<Error = E, DataType = D> + Send + Sync,
    <T as Object>::Kind: Send + Sync,
    <R as Object>::Kind: Send + Sync,
    D: Sync + Send + Clone,
    E: From<Error> + Debug,
 {
    type DataType = D;
    type Kind = UntaggedEither<T::Kind, R::Kind>;
    type Error = E;
    /// `id` field of the object
    fn id(&self) -> Url {
        match self {
            Either::Left(l) => l.id(),
            Either::Right(r) => r.id(),
        }
    }
    fn last_refreshed_at(&self) -> Option<DateTime<Utc>> {
        match self {
            Either::Left(l) => l.last_refreshed_at(),
            Either::Right(r) => r.last_refreshed_at(),
        }
    }
    async fn read_from_id(
        object_id: Url,
        data: &Data<Self::DataType>,
    ) -> Result<Option<Self>, Self::Error> {
        let l = T::read_from_id(object_id.clone(), data).await?;
        if let Some(l) = l {
            return Ok(Some(Either::Left(l)));
        }
        let r = R::read_from_id(object_id.clone(), data).await?;
        if let Some(r) = r {
            return Ok(Some(Either::Right(r)));
        }
        Ok(None)
    }
    async fn delete(&self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
        match self {
            Either::Left(l) => l.delete(data).await,
            Either::Right(r) => r.delete(data).await,
        }
    }
    fn is_deleted(&self) -> bool {
        match self {
            Either::Left(l) => l.is_deleted(),
            Either::Right(r) => r.is_deleted(),
        }
    }
    async fn into_json(self, data: &Data<Self::DataType>) -> Result<Self::Kind, Self::Error> {
        Ok(match self {
            Either::Left(l) => UntaggedEither::Left(l.into_json(data).await?),
            Either::Right(r) => UntaggedEither::Right(r.into_json(data).await?),
        })
    }
    async fn verify(
        json: &Self::Kind,
        expected_domain: &Url,
        data: &Data<Self::DataType>,
    ) -> Result<(), Self::Error> {
        match json {
            UntaggedEither::Left(l) => T::verify(l, expected_domain, data).await?,
            UntaggedEither::Right(r) => R::verify(r, expected_domain, data).await?,
        };
        Ok(())
    }
    async fn from_json(json: Self::Kind, data: &Data<Self::DataType>) -> Result<Self, Self::Error> {
        Ok(match json {
            UntaggedEither::Left(l) => Either::Left(T::from_json(l, data).await?),
            UntaggedEither::Right(r) => Either::Right(R::from_json(r, data).await?),
        })
    }
 }
 #[async_trait]
 impl<T, R, E, D> Actor for Either<T, R>
 where
    T: Actor + Object + Object<Error = E, DataType = D> + Send + Sync + 'static,
    R: Actor + Object + Object<Error = E, DataType = D> + Send + Sync + 'static,
    <T as Object>::Kind: Send + Sync,
    <R as Object>::Kind: Send + Sync,
    D: Sync + Send + Clone,
    E: From<Error> + Debug,
 {
    fn public_key_pem(&self) -> &str {
        match self {
            Either::Left(l) => l.public_key_pem(),
            Either::Right(r) => r.public_key_pem(),
        }
    }
    fn private_key_pem(&self) -> Option<String> {
        match self {
            Either::Left(l) => l.private_key_pem(),
            Either::Right(r) => r.private_key_pem(),
        }
    }
    fn inbox(&self) -> Url {
        match self {
            Either::Left(l) => l.inbox(),
            Either::Right(r) => r.inbox(),
        }
    }
 }
--- a/src/traits/mod.rs
+++ b/src/traits/mod.rs
@ -1,378 +0,0 @@
 //! Traits which need to be implemented for federated data types
 use crate::{config::Data, protocol::public_key::PublicKey};
 use async_trait::async_trait;
 use chrono::{DateTime, Utc};
 use serde::Deserialize;
 use std::{fmt::Debug, ops::Deref};
 use url::Url;
 /// `Either` implementations for traits
 pub mod either;
 pub mod tests;
 /// Helper for converting between database structs and federated protocol structs.
 ///
 /// ```
 /// # use activitystreams_kinds::{object::NoteType, public};
 /// # use chrono::{Local, DateTime, Utc};
 /// # use serde::{Deserialize, Serialize};
 /// # use url::Url;
 /// # use activitypub_federation::protocol::{public_key::PublicKey, helpers::deserialize_one_or_many};
 /// # use activitypub_federation::config::Data;
 /// # use activitypub_federation::fetch::object_id::ObjectId;
 /// # use activitypub_federation::protocol::verification::verify_domains_match;
 /// # use activitypub_federation::traits::{Actor, Object};
 /// # use activitypub_federation::traits::tests::{DbConnection, DbUser};
 /// #
 /// /// How the post is read/written in the local database
 /// #[derive(Debug)]
 /// pub struct DbPost {
 ///     pub text: String,
 ///     pub ap_id: ObjectId<DbPost>,
 ///     pub creator: ObjectId<DbUser>,
 ///     pub local: bool,
 /// }
 ///
 /// /// How the post is serialized and represented as Activitypub JSON
 /// #[derive(Deserialize, Serialize, Debug)]
 /// #[serde(rename_all = "camelCase")]
 /// pub struct Note {
 ///     #[serde(rename = "type")]
 ///     kind: NoteType,
 ///     id: ObjectId<DbPost>,
 ///     pub(crate) attributed_to: ObjectId<DbUser>,
 ///     #[serde(deserialize_with = "deserialize_one_or_many")]
 ///     pub(crate) to: Vec<Url>,
 ///     content: String,
 /// }
 ///
 /// #[async_trait::async_trait]
 /// impl Object for DbPost {
 ///     type DataType = DbConnection;
 ///     type Kind = Note;
 ///     type Error = anyhow::Error;
 ///
 /// fn id(&self) -> Url { self.ap_id.inner().clone() }
 ///
 /// async fn read_from_id(object_id: Url, data: &Data<Self::DataType>) -> Result<Option<Self>, Self::Error> {
 ///         // Attempt to read object from local database. Return Ok(None) if not found.
 ///         let post: Option<DbPost> = data.read_post_from_json_id(object_id).await?;
 ///         Ok(post)
 ///     }
 ///
 /// async fn into_json(self, data: &Data<Self::DataType>) -> Result<Self::Kind, Self::Error> {
 ///         // Called when a local object gets sent out over Activitypub. Simply convert it to the
 ///         // protocol struct
 ///         Ok(Note {
 ///             kind: Default::default(),
 ///             id: self.ap_id.clone().into(),
 ///             attributed_to: self.creator,
 ///             to: vec![public()],
 ///             content: self.text,
 ///         })
 ///     }
 ///
 ///     async fn verify(json: &Self::Kind, expected_domain: &Url, data: &Data<Self::DataType>,) -> Result<(), Self::Error> {
 ///         verify_domains_match(json.id.inner(), expected_domain)?;
 ///         // additional application specific checks
 ///         Ok(())
 ///     }
 ///
 ///     async fn from_json(json: Self::Kind, data: &Data<Self::DataType>) -> Result<Self, Self::Error> {
 ///         // Called when a remote object gets received over Activitypub. Validate and insert it
 ///         // into the database.
 ///
 ///         let post = DbPost {
 ///             text: json.content,
 ///             ap_id: json.id,
 ///             creator: json.attributed_to,
 ///             local: false,
 ///         };
 ///
 ///         // Here we need to persist the object in the local database. Note that Activitypub
 ///         // doesnt distinguish between creating and updating an object. Thats why we need to
 ///         // use upsert functionality.
 ///         data.upsert(&post).await?;
 ///
 ///         Ok(post)
 ///     }
 ///
 /// }
 #[async_trait]
 pub trait Object: Sized + Debug {
    /// App data type passed to handlers. Must be identical to
    /// [crate::config::FederationConfigBuilder::app_data] type.
    type DataType: Clone + Send + Sync;
    /// The type of protocol struct which gets sent over network to federate this database struct.
    type Kind;
    /// Error type returned by handler methods
    type Error;
    /// `id` field of the object
    fn id(&self) -> Url;
    /// Returns the last time this object was updated.
    ///
    /// If this returns `Some` and the value is too long ago, the object is refetched from the
    /// original instance. This should always be implemented for actors, because there is no active
    /// update mechanism prescribed. It is possible to send `Update/Person` activities for profile
    /// changes, but not all implementations do this, so `last_refreshed_at` is still necessary.
    ///
    /// The object is refetched if `last_refreshed_at` value is more than 24 hours ago. In debug
    /// mode this is reduced to 20 seconds.
    fn last_refreshed_at(&self) -> Option<DateTime<Utc>> {
        None
    }
    /// Try to read the object with given `id` from local database.
    ///
    /// Should return `Ok(None)` if not found.
    async fn read_from_id(
        object_id: Url,
        data: &Data<Self::DataType>,
    ) -> Result<Option<Self>, Self::Error>;
    /// Mark remote object as deleted in local database.
    ///
    /// Called when a `Delete` activity is received, or if fetch returns a `Tombstone` object.
    async fn delete(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
        Ok(())
    }
    /// Returns true if the object was deleted
    fn is_deleted(&self) -> bool {
        false
    }
    /// Convert database type to Activitypub type.
    ///
    /// Called when a local object gets fetched by another instance over HTTP, or when an object
    /// gets sent in an activity.
    async fn into_json(self, data: &Data<Self::DataType>) -> Result<Self::Kind, Self::Error>;
    /// Verifies that the received object is valid.
    ///
    /// You should check here that the domain of id matches `expected_domain`. Additionally you
    /// should perform any application specific checks.
    ///
    /// It is necessary to use a separate method for this, because it might be used for activities
    /// like `Delete/Note`, which shouldn't perform any database write for the inner `Note`.
    async fn verify(
        json: &Self::Kind,
        expected_domain: &Url,
        data: &Data<Self::DataType>,
    ) -> Result<(), Self::Error>;
    /// Convert object from ActivityPub type to database type.
    ///
    /// Called when an object is received from HTTP fetch or as part of an activity. This method
    /// should write the received object to database. Note that there is no distinction between
    /// create and update, so an `upsert` operation should be used.
    async fn from_json(json: Self::Kind, data: &Data<Self::DataType>) -> Result<Self, Self::Error>;
    /// Generates HTTP response to serve the object for fetching from other instances.
    ///
    /// - If the object has a remote domain, sends a redirect to the original instance.
    /// - If [Object.is_deleted] returns true, returns a [crate::protocol::tombstone::Tombstone] instead.
    /// - Otherwise serves the object JSON using [Object.into_json] and pretty-print
    ///
    /// `federation_context` is the value of `@context`.
    #[cfg(feature = "actix-web")]
    async fn http_response(
        self,
        federation_context: &serde_json::Value,
        data: &Data<Self::DataType>,
    ) -> Result<actix_web::HttpResponse, Self::Error>
    where
        Self::Error: From<serde_json::Error>,
        Self::Kind: serde::Serialize + Send,
    {
        use crate::actix_web::response::{
            create_http_response,
            create_tombstone_response,
            redirect_remote_object,
        };
        let id = self.id();
        let res = if !data.config.is_local_url(&id) {
            redirect_remote_object(&id)
        } else if !self.is_deleted() {
            let json = self.into_json(data).await?;
            create_http_response(json, federation_context)?
        } else {
            create_tombstone_response(id.clone(), federation_context)?
        };
        Ok(res)
    }
 }
 /// Handler for receiving incoming activities.
 ///
 /// ```
 /// # use activitystreams_kinds::activity::FollowType;
 /// # use url::Url;
 /// # use activitypub_federation::fetch::object_id::ObjectId;
 /// # use activitypub_federation::config::Data;
 /// # use activitypub_federation::traits::Activity;
 /// # use activitypub_federation::traits::tests::{DbConnection, DbUser};
 /// #[derive(serde::Deserialize)]
 /// struct Follow {
 ///     actor: ObjectId<DbUser>,
 ///     object: ObjectId<DbUser>,
 ///     #[serde(rename = "type")]
 ///     kind: FollowType,
 ///     id: Url,
 /// }
 ///
 /// #[async_trait::async_trait]
 /// impl Activity for Follow {
 ///     type DataType = DbConnection;
 ///     type Error = anyhow::Error;
 ///
 ///     fn id(&self) -> &Url {
 ///         &self.id
 ///     }
 ///
 ///     fn actor(&self) -> &Url {
 ///         self.actor.inner()
 ///     }
 ///
 ///     async fn verify(&self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
 ///         Ok(())
 ///     }
 ///
 ///     async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
 ///         let local_user = self.object.dereference(data).await?;
 ///         let follower = self.actor.dereference(data).await?;
 ///         data.add_follower(local_user, follower).await?;
 ///         Ok(())
 ///     }
 /// }
 /// ```
 #[async_trait]
 #[enum_delegate::register]
 pub trait Activity {
    /// App data type passed to handlers. Must be identical to
    /// [crate::config::FederationConfigBuilder::app_data] type.
    type DataType: Clone + Send + Sync;
    /// Error type returned by handler methods
    type Error;
    /// `id` field of the activity
    fn id(&self) -> &Url;
    /// `actor` field of activity
    fn actor(&self) -> &Url;
    /// Verifies that the received activity is valid.
    ///
    /// This needs to be a separate method, because it might be used for activities
    /// like `Undo/Follow`, which shouldn't perform any database write for the inner `Follow`.
    async fn verify(&self, data: &Data<Self::DataType>) -> Result<(), Self::Error>;
    /// Called when an activity is received.
    ///
    /// Should perform validation and possibly write action to the database. In case the activity
    /// has a nested `object` field, must call `object.from_json` handler.
    async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error>;
 }
 /// Trait to allow retrieving common Actor data.
 pub trait Actor: Object + Send + 'static {
    /// The actor's public key for verifying signatures of incoming activities.
    ///
    /// Use [generate_actor_keypair](crate::http_signatures::generate_actor_keypair) to create the
    /// actor keypair.
    fn public_key_pem(&self) -> &str;
    /// The actor's private key for signing outgoing activities.
    ///
    /// Use [generate_actor_keypair](crate::http_signatures::generate_actor_keypair) to create the
    /// actor keypair.
    fn private_key_pem(&self) -> Option<String>;
    /// The inbox where activities for this user should be sent to
    fn inbox(&self) -> Url;
    /// Generates a public key struct for use in the actor json representation
    fn public_key(&self) -> PublicKey {
        PublicKey::new(self.id().clone(), self.public_key_pem().to_string())
    }
    /// The actor's shared inbox, if any
    fn shared_inbox(&self) -> Option<Url> {
        None
    }
    /// Returns shared inbox if it exists, normal inbox otherwise.
    fn shared_inbox_or_inbox(&self) -> Url {
        self.shared_inbox().unwrap_or_else(|| self.inbox())
    }
 }
 /// Allow for boxing of enum variants
 #[async_trait]
 impl<T> Activity for Box<T>
 where
    T: Activity + Send + Sync,
 {
    type DataType = T::DataType;
    type Error = T::Error;
    fn id(&self) -> &Url {
        self.deref().id()
    }
    fn actor(&self) -> &Url {
        self.deref().actor()
    }
    async fn verify(&self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
        self.deref().verify(data).await
    }
    async fn receive(self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
        (*self).receive(data).await
    }
 }
 /// Trait for federating collections
 #[async_trait]
 pub trait Collection: Sized {
    /// Actor or object that this collection belongs to
    type Owner;
    /// App data type passed to handlers. Must be identical to
    /// [crate::config::FederationConfigBuilder::app_data] type.
    type DataType: Clone + Send + Sync;
    /// The type of protocol struct which gets sent over network to federate this database struct.
    type Kind: for<'de2> Deserialize<'de2>;
    /// Error type returned by handler methods
    type Error;
    /// Reads local collection from database and returns it as Activitypub JSON.
    async fn read_local(
        owner: &Self::Owner,
        data: &Data<Self::DataType>,
    ) -> Result<Self::Kind, Self::Error>;
    /// Verifies that the received object is valid.
    ///
    /// You should check here that the domain of id matches `expected_domain`. Additionally you
    /// should perform any application specific checks.
    async fn verify(
        json: &Self::Kind,
        expected_domain: &Url,
        data: &Data<Self::DataType>,
    ) -> Result<(), Self::Error>;
    /// Convert object from ActivityPub type to database type.
    ///
    /// Called when an object is received from HTTP fetch or as part of an activity. This method
    /// should also write the received object to database. Note that there is no distinction
    /// between create and update, so an `upsert` operation should be used.
    async fn from_json(
        json: Self::Kind,
        owner: &Self::Owner,
        data: &Data<Self::DataType>,
    ) -> Result<Self, Self::Error>;
 }
--- a/src/traits/tests.rs
+++ b/src/traits/tests.rs
@ -1,201 +0,0 @@
 #![doc(hidden)]
 #![allow(clippy::unwrap_used)]
 //! Some impls of these traits for use in tests. Dont use this from external crates.
 //!
 //! TODO: Should be using `cfg[doctest]` but blocked by <https://github.com/rust-lang/rust/issues/67295>
 use super::{async_trait, Activity, Actor, Data, Debug, Object, PublicKey, Url};
 use crate::{
    error::Error,
    fetch::object_id::ObjectId,
    http_signatures::{generate_actor_keypair, Keypair},
    protocol::verification::verify_domains_match,
 };
 use activitystreams_kinds::{activity::FollowType, actor::PersonType};
 use serde::{Deserialize, Serialize};
 use std::sync::LazyLock;
 #[derive(Clone)]
 pub struct DbConnection;
 impl DbConnection {
    pub async fn read_post_from_json_id<T>(&self, _: Url) -> Result<Option<T>, Error> {
        Ok(None)
    }
    pub async fn read_local_user(&self, _: &str) -> Result<DbUser, Error> {
        todo!()
    }
    pub async fn upsert<T>(&self, _: &T) -> Result<(), Error> {
        Ok(())
    }
    pub async fn add_follower(&self, _: DbUser, _: DbUser) -> Result<(), Error> {
        Ok(())
    }
 }
 #[derive(Clone, Debug, Deserialize, Serialize)]
 #[serde(rename_all = "camelCase")]
 pub struct Person {
    #[serde(rename = "type")]
    pub kind: PersonType,
    pub preferred_username: String,
    pub id: ObjectId<DbUser>,
    pub inbox: Url,
    pub public_key: PublicKey,
 }
 #[derive(Debug, Clone)]
 pub struct DbUser {
    pub name: String,
    pub federation_id: Url,
    pub inbox: Url,
    pub public_key: String,
    #[allow(dead_code)]
    private_key: Option<String>,
    pub followers: Vec<Url>,
    pub local: bool,
 }
 pub static DB_USER_KEYPAIR: LazyLock<Keypair> = LazyLock::new(|| generate_actor_keypair().unwrap());
 pub static DB_USER: LazyLock<DbUser> = LazyLock::new(|| DbUser {
    name: String::new(),
    federation_id: "https://localhost/123".parse().unwrap(),
    inbox: "https://localhost/123/inbox".parse().unwrap(),
    public_key: DB_USER_KEYPAIR.public_key.clone(),
    private_key: Some(DB_USER_KEYPAIR.private_key.clone()),
    followers: vec![],
    local: false,
 });
 #[async_trait]
 impl Object for DbUser {
    type DataType = DbConnection;
    type Kind = Person;
    type Error = Error;
    fn id(&self) -> Url {
        self.federation_id.clone()
    }
    async fn read_from_id(
        _object_id: Url,
        _data: &Data<Self::DataType>,
    ) -> Result<Option<Self>, Self::Error> {
        Ok(Some(DB_USER.clone()))
    }
    async fn into_json(self, _data: &Data<Self::DataType>) -> Result<Self::Kind, Self::Error> {
        Ok(Person {
            preferred_username: self.name.clone(),
            kind: Default::default(),
            id: self.federation_id.clone().into(),
            inbox: self.inbox.clone(),
            public_key: self.public_key(),
        })
    }
    async fn verify(
        json: &Self::Kind,
        expected_domain: &Url,
        _data: &Data<Self::DataType>,
    ) -> Result<(), Self::Error> {
        verify_domains_match(json.id.inner(), expected_domain)?;
        Ok(())
    }
    async fn from_json(
        json: Self::Kind,
        _data: &Data<Self::DataType>,
    ) -> Result<Self, Self::Error> {
        Ok(DbUser {
            name: json.preferred_username,
            federation_id: json.id.into(),
            inbox: json.inbox,
            public_key: json.public_key.public_key_pem,
            private_key: None,
            followers: vec![],
            local: false,
        })
    }
 }
 impl Actor for DbUser {
    fn public_key_pem(&self) -> &str {
        &self.public_key
    }
    fn private_key_pem(&self) -> Option<String> {
        self.private_key.clone()
    }
    fn inbox(&self) -> Url {
        self.inbox.clone()
    }
 }
 #[derive(Deserialize, Serialize, Clone, Debug)]
 #[serde(rename_all = "camelCase")]
 pub struct Follow {
    pub actor: ObjectId<DbUser>,
    pub object: ObjectId<DbUser>,
    #[serde(rename = "type")]
    pub kind: FollowType,
    pub id: Url,
 }
 #[async_trait]
 impl Activity for Follow {
    type DataType = DbConnection;
    type Error = Error;
    fn id(&self) -> &Url {
        &self.id
    }
    fn actor(&self) -> &Url {
        self.actor.inner()
    }
    async fn verify(&self, _: &Data<Self::DataType>) -> Result<(), Self::Error> {
        Ok(())
    }
    async fn receive(self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
        Ok(())
    }
 }
 #[derive(Clone, Debug, Deserialize, Serialize)]
 #[serde(rename_all = "camelCase")]
 pub struct Note {}
 #[derive(Debug, Clone)]
 pub struct DbPost {
    pub federation_id: Url,
 }
 #[async_trait]
 impl Object for DbPost {
    type DataType = DbConnection;
    type Kind = Note;
    type Error = Error;
    fn id(&self) -> Url {
        todo!()
    }
    async fn read_from_id(_: Url, _: &Data<Self::DataType>) -> Result<Option<Self>, Self::Error> {
        todo!()
    }
    async fn into_json(self, _: &Data<Self::DataType>) -> Result<Self::Kind, Self::Error> {
        todo!()
    }
    async fn verify(_: &Self::Kind, _: &Url, _: &Data<Self::DataType>) -> Result<(), Self::Error> {
        todo!()
    }
    async fn from_json(_: Self::Kind, _: &Data<Self::DataType>) -> Result<Self, Self::Error> {
        todo!()
    }
 }
--- a/src/utils.rs
+++ b/src/utils.rs
@ -1,78 +0,0 @@
 use std::net::{IpAddr, Ipv4Addr, Ipv6Addr};
 use crate::error::Error;
 use tokio::net::lookup_host;
 use url::{Host, Url};
 // TODO: Use is_global() once stabilized
 //       https://doc.rust-lang.org/std/net/enum.IpAddr.html#method.is_global
 pub(crate) async fn validate_ip(url: &Url) -> Result<(), Error> {
    let mut ip = vec![];
    let host = url
        .host()
        .ok_or(Error::UrlVerificationError("Url must have a domain"))?;
    match host {
        Host::Domain(domain) => ip.extend(
            lookup_host((domain.to_owned(), 80))
                .await?
                .map(|s| s.ip().to_canonical()),
        ),
        Host::Ipv4(ipv4) => ip.push(ipv4.into()),
        Host::Ipv6(ipv6) => ip.push(ipv6.into()),
    };
    let invalid_ip = ip.into_iter().any(|addr| match addr {
        IpAddr::V4(addr) => v4_is_invalid(addr),
        IpAddr::V6(addr) => v6_is_invalid(addr),
    });
    if invalid_ip {
        return Err(Error::DomainResolveError(host.to_string()));
    }
    Ok(())
 }
 fn v4_is_invalid(v4: Ipv4Addr) -> bool {
    v4.is_private()
        || v4.is_loopback()
        || v4.is_link_local()
        || v4.is_multicast()
        || v4.is_documentation()
        || v4.is_unspecified()
        || v4.is_broadcast()
 }
 fn v6_is_invalid(v6: Ipv6Addr) -> bool {
    v6.is_loopback()
        || v6.is_multicast()
        || v6.is_unique_local()
        || v6.is_unicast_link_local()
        || v6.is_unspecified()
        || v6_is_documentation(v6)
        || v6.to_ipv4_mapped().is_some_and(v4_is_invalid)
 }
 fn v6_is_documentation(v6: std::net::Ipv6Addr) -> bool {
    matches!(
        v6.segments(),
        [0x2001, 0xdb8, ..] | [0x3fff, 0..=0x0fff, ..]
    )
 }
 #[cfg(test)]
 #[allow(clippy::unwrap_used)]
 mod test {
    use super::*;
    #[tokio::test]
    async fn test_is_valid_ip() -> Result<(), Error> {
        assert!(validate_ip(&Url::parse("http://example.com")?)
            .await
            .is_ok());
        assert!(validate_ip(&Url::parse("http://172.66.147.243")?)
            .await
            .is_ok());
        assert!(validate_ip(&Url::parse("http://localhost")?).await.is_err());
        assert!(validate_ip(&Url::parse("http://127.0.0.1")?).await.is_err());
        Ok(())
    }
 }