initial refactoring of client.rb

1 files changed, 25 insertions, 10 deletions

diff --git a/server.rb b/server.rb
index 282c3e9..6379332 100644
--- a/server.rb
+++ b/server.rb
@@ -3,9 +3,12 @@
 before '/inbox' do
   request.body.rewind # in case someone already read it
   @body = request.body.read
-  @activity = JSON.parse @body
-  @object = @activity['object']
-  @object = fetch(@object) if @object.is_a?(String) && @object.match(/^http/)
+  unless @body.empty?
+    @activity = JSON.parse @body
+    @object = @activity['object']
+    @object = fetch(@object) if @object.is_a?(String) && @object.match(/^http/)
+    halt 400 unless @object
+  end
 end
 
 # client-server
@@ -17,6 +20,8 @@ end
 # server-server
 post '/inbox' do
   verify!
+  # file = File.join INBOX, "#{SecureRandom.uuid}.json"
+  # File.open(file, 'w+') { |f| f.puts @activity.to_json }
   type = @activity['type'].downcase.to_sym
   respond_to?(type) ? send(type) : p("Unknown activity: #{type}")
 end
@@ -31,7 +36,16 @@ get '/.well-known/webfinger' do
   end
 end
 
-['/outbox', '/following', '/followers'].each do |path|
+get '/outbox' do
+  ordered_collection(OUTBOX).to_json
+end
+
+get '/inbox' do
+  # protected!
+  ordered_collection(File.join(INBOX, 'note')).to_json
+end
+
+['/following', '/followers'].each do |path|
   get path do
     ordered_collection(File.join(PUBLIC_DIR, path)).to_json
   end
@@ -44,11 +58,12 @@ end
 helpers do
   # https://github.com/mastodon/mastodon/blob/main/app/controllers/concerns/signature_verification.rb
   def verify!
-    # verify digest
+    # digest
     sha256 = OpenSSL::Digest.new('SHA256')
     digest = "SHA-256=#{sha256.base64digest(@body)}"
     halt 403 unless digest == request.env['HTTP_DIGEST']
 
+    # signature
     signature_params = {}
     request.env['HTTP_SIGNATURE'].split(',').each do |pair|
       k, v = pair.split('=')
@@ -60,9 +75,8 @@ helpers do
     signature = Base64.decode64(signature_params['signature'])
 
     actor = fetch key_id
-    halt 200 if !actor && (@activity['type'] == 'Delete') # deleted users do not return actors
-
     halt 403 unless actor
+
     key = OpenSSL::PKey::RSA.new(actor['publicKey']['publicKeyPem'])
 
     comparison = headers.split(' ').map do |signed_params_name|
@@ -79,10 +93,11 @@ helpers do
   end
 
   def create
+    return unless @object
     return if object_exists?
 
     File.open(object_file, 'w+') { |f| f.puts @object.to_json }
-    return unless @object && @object['inReplyTo']
+    return unless @object['inReplyTo']
 
     @object = fetch @object['inReplyTo']
     create if @object
@@ -125,13 +140,13 @@ helpers do
                'actor' => ACTOR,
                'object' => @activity,
                'to' => [@activity['actor']] }
-    send_signed accept # , @activity['actor']
+    send_signed accept
   end
 
+  # when "Like"
   # when "Move"
   # when "Add"
   # when "Remove"
-  # when "Like"
   # when "Block"
 
   def inbox