summaryrefslogtreecommitdiff
path: root/server.rb
diff options
context:
space:
mode:
authorpdp8 <pdp8@pdp8.info>2023-07-21 15:34:09 +0200
committerpdp8 <pdp8@pdp8.info>2023-07-21 15:34:09 +0200
commit5062145de3e3fe600415c8b8718c6a144f8ed939 (patch)
tree5f96d48955278de4c98ccfb186d66204d4626286 /server.rb
parent711bf7f86daddd0209244f9640d8a3f27d958e3a (diff)
intermediary commit
Diffstat (limited to 'server.rb')
-rw-r--r--server.rb47
1 files changed, 30 insertions, 17 deletions
diff --git a/server.rb b/server.rb
index f7e9b82..4fdf1e8 100644
--- a/server.rb
+++ b/server.rb
@@ -13,9 +13,9 @@ post '/inbox' do
end
halt 501 if @activity['actor'] and @activity['type'] == 'Delete' # deleted actors return 403 => verification error
verify! # unless type == :accept # pixelfed sends unsigned accept activities???
- complete_and_save(@activity)
+ save_activity(@activity, INBOX)
type = @activity['type'].downcase.to_sym
- send(type) if %i[follow accept undo].include? type
+ send(type) if %i[create announce follow accept undo].include? type
halt 200
end
@@ -36,6 +36,19 @@ end
end
helpers do
+ def create
+ @object ||= @activity['object']
+ @object = save_object @object, INBOX
+ return unless @object['inReplyTo']
+
+ @object = @object['inReplyTo']
+ create
+ end
+
+ def announce
+ create
+ end
+
def follow
update_collection FOLLOWERS, @activity['actor']
outbox 'Accept', @activity, [@activity['actor']]
@@ -88,22 +101,8 @@ helpers do
end
def outbox(type, object, recipients)
- # add date and id, save
- activity = complete_and_save({
- '@context' => 'https://www.w3.org/ns/activitystreams',
- 'type' => type,
- 'actor' => ACTOR,
- 'object' => object,
- 'to' => recipients
- })
-
# send
- # https://github.com/mastodon/mastodon/blob/main/app/lib/request.rb
- keypair = OpenSSL::PKey::RSA.new(File.read('private.pem'))
- body = activity.to_json
- sha256 = OpenSSL::Digest.new('SHA256')
- digest = "SHA-256=#{sha256.base64digest(body)}"
-
+ ## https://github.com/mastodon/mastodon/blob/main/app/lib/request.rb
inboxes = []
recipients.uniq.each do |url|
next if [ACTOR, 'https://www.w3.org/ns/activitystreams#Public'].include? url
@@ -118,8 +117,22 @@ helpers do
end
end
+ # add date and id, save
+ activity = save_activity({
+ '@context' => 'https://www.w3.org/ns/activitystreams',
+ 'type' => type,
+ 'actor' => ACTOR,
+ 'object' => object,
+ 'to' => recipients
+ }, OUTBOX)
+ body = activity.to_json
+ sha256 = OpenSSL::Digest.new('SHA256')
+ digest = "SHA-256=#{sha256.base64digest(body)}"
+ keypair = OpenSSL::PKey::RSA.new(File.read('private.pem'))
+
inboxes.compact.uniq.each do |inbox|
uri = URI(inbox)
+ httpdate = Time.now.utc.httpdate
string = "(request-target): post #{uri.request_uri}\nhost: #{uri.host}\ndate: #{httpdate}\ndigest: #{digest}\ncontent-type: application/activity+json"
signature = Base64.strict_encode64(keypair.sign(OpenSSL::Digest.new('SHA256'), string))
signed_header = "keyId=\"#{ACTOR}#main-key\",algorithm=\"rsa-sha256\",headers=\"(request-target) host date digest content-type\",signature=\"#{signature}\""