http signatures (beware of encodings!)

1 files changed, 25 insertions, 7 deletions

diff --git a/post.rb b/post.rb
index dc881b1..ed7a964 100644..100755
--- a/post.rb
+++ b/post.rb
@@ -1,12 +1,30 @@
-require 'http'
+#!/usr/bin/env ruby
+require 'json'
+require 'time'
 require 'openssl'
+require 'base64'
+require 'net/http'
+require 'uri'
 
-document      = File.read('create-hello-world.json')
+document      = { "a" => 2 } # .to_json
 date          = Time.now.utc.httpdate
 keypair       = OpenSSL::PKey::RSA.new(File.read('private.pem'))
-signed_string = "(request-target): post /inbox\nhost: mastodon.social\ndate: #{date}"
-signature     = Base64.strict_encode64(keypair.sign(OpenSSL::Digest::SHA256.new, signed_string))
-header        = 'keyId="https://my-example.com/actor",headers="(request-target) host date",signature="' + signature + '"'
+signed_string = "(request-target): post /inbox\nhost: social.pdp8.info\ndate: #{date}"
+signed_string = keypair.sign(OpenSSL::Digest::SHA256.new, signed_string)
+signature = Base64.urlsafe_encode64(signed_string).encode("UTF-8")
+signed_header = 'keyId="https://social.pdp8.info/pdp8",headers="(request-target) host date",signature="' + signature + '"'
 
-HTTP.headers({ 'Host': 'mastodon.social', 'Date': date, 'Signature': header })
-    .post('https://mastodon.social/inbox', body: document)
+uri = URI.parse("https://social.pdp8.info/inbox")
+http = Net::HTTP.new(uri.host, uri.port)
+http.use_ssl = true
+http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+header = {
+  'Host' => 'social.pdp8.info',
+  'Date' => date,
+  'Signature' => signed_header,
+}
+request = Net::HTTP::Post.new(uri.request_uri, header)
+request.body = document.to_json
+
+response = http.request(request)
+puts(response.body, response.code)