send_signed refactored

1 files changed, 7 insertions, 35 deletions

diff --git a/helpers.rb b/helpers.rb
index 4533e28..8774f74 100644
--- a/helpers.rb
+++ b/helpers.rb
@@ -4,8 +4,8 @@ helpers do
     redirect("/login.html") unless session['client']
   end
 
+  # https://github.com/mastodon/mastodon/blob/main/app/controllers/concerns/signature_verification.rb
   def verify!
-    # https://github.com/mastodon/mastodon/blob/main/app/controllers/concerns/signature_verification.rb
     # TODO verify digest
     begin
       signature_params = {}
@@ -155,51 +155,23 @@ helpers do
     }
   end
 
+  # https://github.com/mastodon/mastodon/blob/main/app/lib/request.rb
   def send_signed object, url
-    # https://github.com/mastodon/mastodon/blob/main/app/lib/request.rb
-    keypair = OpenSSL::PKey::RSA.new(File.read('private.pem'))
-    date = Time.now.utc.httpdate
-    uri = URI.parse(url)
 
-    sha256 = OpenSSL::Digest::SHA256.new
-    body = object.to_json
-    digest = "SHA-256=" + sha256.base64digest(body)
-    p inbox(uri)
-
-    signed_string = "(request-target): post #{inbox uri}\nhost: #{uri.host}\ndate: #{date}\ndigest: #{digest}\ncontent-type: application/activity+json"
-    #signed_string = "(request-target): post #{fetch(uri)["inbox"]}\nhost: #{uri.host}\ndate: #{date}\ndigest: #{digest}\ncontent-type: application/activity+json"
-    signature = Base64.strict_encode64(keypair.sign(OpenSSL::Digest.new('SHA256'), signed_string))
-    signed_header = 'keyId="' + ACTOR + '#main-key",algorithm="rsa-sha256",headers="(request-target) host date digest content-type",signature="' + signature + '"'
-
-    puts `/run/current-system/sw/bin/curl -i -X POST -H 'Content-Type: application/activity+json' -H 'Host: #{uri.host}' -H 'Date: #{date}' -H 'Digest: #{digest}' -H 'Signature: #{signed_header}' -d '#{body}' #{fetch(url)['inbox']}`
-  end
-  
-  def inbox uri
-    URI(fetch(uri)["inbox"]).request_uri
-  end
-=begin
-  def send_signed object, url
-    # https://github.com/mastodon/mastodon/blob/main/app/lib/request.rb
     keypair = OpenSSL::PKey::RSA.new(File.read('private.pem'))
     date = Time.now.utc.httpdate
-    uri = URI.parse(url)
-    #inbox = fetch(url)["endpoints"]["sharedInbox"]
-    #inbox =  fetch(url)["inbox"]
-    #p inbox
-
     sha256 = OpenSSL::Digest::SHA256.new
     body = object.to_json
     digest = "SHA-256=" + sha256.base64digest(body)
+    host = URI.parse(url).host
+    inbox = fetch(url)["inbox"]
+    request_uri = URI(inbox).request_uri
 
-    signed_string = "(request-target): post #{inbox}\nhost: #{host}\ndate: #{date}\ndigest: #{digest}\ncontent-type: application/activity+json"
+    signed_string = "(request-target): post #{request_uri}\nhost: #{host}\ndate: #{date}\ndigest: #{digest}\ncontent-type: application/activity+json"
     signature = Base64.strict_encode64(keypair.sign(OpenSSL::Digest.new('SHA256'), signed_string))
     signed_header = 'keyId="' + ACTOR + '#main-key",algorithm="rsa-sha256",headers="(request-target) host date digest content-type",signature="' + signature + '"'
 
-    #p signed_string
-    #p signed_header
-    #p body
-    puts `/run/current-system/sw/bin/curl -i -X POST -H 'Content-Type: application/activity+json' -H 'Host: #{host}' -H 'Date: #{date}' -H 'Digest: #{digest}' -H 'Signature: #{signed_header}' -d '#{body}' #{inbox}`
+    puts `/run/current-system/sw/bin/curl --fail-with-body -sSL -X POST -H 'Content-Type: application/activity+json' -H 'Host: #{host}' -H 'Date: #{date}' -H 'Digest: #{digest}' -H 'Signature: #{signed_header}' -d '#{body}' #{inbox}`
   end
-=end
 
 end