From 343998896e4d4795eefcfc5fa04fb0339f38a8fe Mon Sep 17 00:00:00 2001
From: pdp8 <pdp8@pdp8.info>
Date: Wed, 21 Jun 2023 14:32:45 +0200
Subject: send_signed fixed!

---
 helpers.rb | 36 ++++++++++++++++++++++++++++++++----
 1 file changed, 32 insertions(+), 4 deletions(-)

(limited to 'helpers.rb')

diff --git a/helpers.rb b/helpers.rb
index b8f65de..4533e28 100644
--- a/helpers.rb
+++ b/helpers.rb
@@ -1,4 +1,3 @@
-
 helpers do
 
   def protected!
@@ -134,7 +133,7 @@ helpers do
       File.open('cache/people.tsv','a'){|f| f.puts "#{mention}\t#{actor}"}
       actor
     else
-      actors[0][0]
+      actors[0][1]
     end
   end
 
@@ -160,8 +159,33 @@ helpers do
     # https://github.com/mastodon/mastodon/blob/main/app/lib/request.rb
     keypair = OpenSSL::PKey::RSA.new(File.read('private.pem'))
     date = Time.now.utc.httpdate
-    host = URI.parse(url).host
-    inbox =  fetch(url)["inbox"]
+    uri = URI.parse(url)
+
+    sha256 = OpenSSL::Digest::SHA256.new
+    body = object.to_json
+    digest = "SHA-256=" + sha256.base64digest(body)
+    p inbox(uri)
+
+    signed_string = "(request-target): post #{inbox uri}\nhost: #{uri.host}\ndate: #{date}\ndigest: #{digest}\ncontent-type: application/activity+json"
+    #signed_string = "(request-target): post #{fetch(uri)["inbox"]}\nhost: #{uri.host}\ndate: #{date}\ndigest: #{digest}\ncontent-type: application/activity+json"
+    signature = Base64.strict_encode64(keypair.sign(OpenSSL::Digest.new('SHA256'), signed_string))
+    signed_header = 'keyId="' + ACTOR + '#main-key",algorithm="rsa-sha256",headers="(request-target) host date digest content-type",signature="' + signature + '"'
+
+    puts `/run/current-system/sw/bin/curl -i -X POST -H 'Content-Type: application/activity+json' -H 'Host: #{uri.host}' -H 'Date: #{date}' -H 'Digest: #{digest}' -H 'Signature: #{signed_header}' -d '#{body}' #{fetch(url)['inbox']}`
+  end
+  
+  def inbox uri
+    URI(fetch(uri)["inbox"]).request_uri
+  end
+=begin
+  def send_signed object, url
+    # https://github.com/mastodon/mastodon/blob/main/app/lib/request.rb
+    keypair = OpenSSL::PKey::RSA.new(File.read('private.pem'))
+    date = Time.now.utc.httpdate
+    uri = URI.parse(url)
+    #inbox = fetch(url)["endpoints"]["sharedInbox"]
+    #inbox =  fetch(url)["inbox"]
+    #p inbox
 
     sha256 = OpenSSL::Digest::SHA256.new
     body = object.to_json
@@ -171,7 +195,11 @@ helpers do
     signature = Base64.strict_encode64(keypair.sign(OpenSSL::Digest.new('SHA256'), signed_string))
     signed_header = 'keyId="' + ACTOR + '#main-key",algorithm="rsa-sha256",headers="(request-target) host date digest content-type",signature="' + signature + '"'
 
+    #p signed_string
+    #p signed_header
+    #p body
     puts `/run/current-system/sw/bin/curl -i -X POST -H 'Content-Type: application/activity+json' -H 'Host: #{host}' -H 'Date: #{date}' -H 'Digest: #{digest}' -H 'Signature: #{signed_header}' -d '#{body}' #{inbox}`
   end
+=end
 
 end
-- 
cgit v1.2.3