From fb5068619adfd715e2e1e72bede45ed83b28ee1c Mon Sep 17 00:00:00 2001 From: pdp8 Date: Thu, 18 May 2023 14:37:55 +0200 Subject: minor refactoring, cleanup --- application.rb | 70 ++++++++++++++++++---------------------------------------- 1 file changed, 22 insertions(+), 48 deletions(-) (limited to 'application.rb') diff --git a/application.rb b/application.rb index 5353ae4..029b04e 100644 --- a/application.rb +++ b/application.rb @@ -23,54 +23,50 @@ class Application type = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"' response = "not allowed" - # p env["rack.input"].read - # if env["CONTENT_TYPE"] =~ /json/ - # puts env["REMOTE_ADDR"] case env['REQUEST_METHOD'] when 'POST' input = env["rack.input"].read - case env["REQUEST_URI"] + case env["REQUEST_PATH"] when "/inbox" # receive from server - puts "POST INBOX" if verify(env) begin - # unless input.match(//) object = JSON.parse(input) - # puts object case object["type"] when "Create" File.open(File.join("inbox", SecureRandom.uuid + ".json"), "w+") { |f| f.puts input } + when "Delete" + puts input + when "Follow" + File.open(File.join("followers", SecureRandom.uuid + ".json"), "w+") { |f| f.puts input } + when "Undo" + puts input else puts input end code = 200 response = "OK" - # end rescue => e - # puts e.to_s - puts "Verification ERROR: " - # puts input - response = "invalid json" + puts input, e.to_s + response = "Request body contains invalid json." end else code = 401 - response = "not verified" + response = "Verification failed for POST to #{env["REQUEST_URI"]}." end when "/outbox" # receive from client - puts "POST OUTBOX" # TODO auth if auth(env) input = JSON.parse(input) input["type"] == "Create" ? activity = input : activity = activity(input) # expand object to create activity add_id activity - save activity # , "outbox" + save activity FileUtils.ln_s File.join('..', path(activity)), "outbox" - code, response = deliver activity, ["to", "bto", "cc", "bcc", "audience"].collect { |d| - activity[d] - }.flatten.uniq.compact + code, response = send activity, ["to", "bto", "cc", "bcc", "audience"].collect { |d| + activity[d] + }.flatten.uniq.compact code = 200 response = "OK" else @@ -82,7 +78,7 @@ class Application when 'GET' - case env["REQUEST_URI"] + case env["REQUEST_PATH"] when "/.well-known/webfinger?resource=acct:#{ACCOUNT}" type = "application/jrd+json" @@ -95,15 +91,11 @@ class Application code = 200 when %r{/[inbox|outbox|following|followers|likes|shares]} - response = ordered_collection env["REQUEST_URI"] + response = ordered_collection env["REQUEST_PATH"] code = 200 - end end - # else - # response = "Cannot serve Content-type: " + env["CONTENT_TYPE"] - # end [code, { "Content-Type" => type }, [response]] end @@ -138,19 +130,7 @@ class Application File.open(path, "w+") { |f| f.puts object.to_json } end - def inbox uri - # http = Net::HTTP.new(uri.host, uri.port) - # http.use_ssl = true - # header = { 'Accept' => 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"' } - # request = Net::HTTP::Get.new(uri.request_uri, header) - # response = http.request(request) - # JSON.parse(response.body)["inbox"] - # p uri.host - # p get(uri)["inbox"] - URI(get(uri)["inbox"]).request_uri - end - - def deliver object, urls + def send object, urls # https://github.com/mastodon/mastodon/blob/main/app/lib/request.rb keypair = OpenSSL::PKey::RSA.new(File.read('private.pem')) urls.each do |url| @@ -161,10 +141,7 @@ class Application body = object.to_json digest = "SHA-256=" + sha256.base64digest(body) - # signed_string = "(request-target): post /inbox\nhost: #{uri.host}\ndate: #{date}\ndigest: #{digest}\ncontent-type: application/activity+json" - p inbox(uri) signed_string = "(request-target): post #{inbox uri}\nhost: #{uri.host}\ndate: #{date}\ndigest: #{digest}\ncontent-type: application/activity+json" - puts signed_string signature = Base64.strict_encode64(keypair.sign(OpenSSL::Digest.new('SHA256'), signed_string)) signed_header = 'keyId="' + ACTOR + '#main-key",algorithm="rsa-sha256",headers="(request-target) host date digest content-type",signature="' + signature + '"' @@ -172,24 +149,19 @@ class Application http = Net::HTTP.new(uri.host, uri.port) http.use_ssl = true header = { - # 'Accept' => 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"', 'Content-Type' => 'application/activity+json', 'Host' => uri.host, 'Date' => date, 'Digest' => digest, 'Signature' => signed_header, } - puts signed_header request = Net::HTTP::Post.new(uri.request_uri, header) request.body = body response = http.request(request) + # TODO return error if response.code > 400 puts(response.body, response.code) - # puts(response.code) - # puts(response.body["signed_string"]) - # puts(response.body["signature"]) end - # [response.code, response.body] end def ordered_collection dir @@ -230,8 +202,6 @@ class Application end end.join("\n") - puts comparison - puts env["HTTP_SIGNATURE"] key.verify(OpenSSL::Digest.new('SHA256'), signature, comparison) end @@ -245,6 +215,10 @@ class Application JSON.parse(response.body) end + def inbox uri + URI(get(uri)["inbox"]).request_uri + end + def auth env true end -- cgit v1.2.3