From 6100f9971b74ee4d3449155beb881a69017a296d Mon Sep 17 00:00:00 2001 From: pdp8 Date: Sun, 24 Sep 2023 12:28:40 +0200 Subject: undo reactivated, object names without published date, find_object helper --- server.rb | 81 ++++++++++++++++++++------------------------------------------- 1 file changed, 26 insertions(+), 55 deletions(-) (limited to 'server.rb') diff --git a/server.rb b/server.rb index 0807375..41663cb 100644 --- a/server.rb +++ b/server.rb @@ -82,11 +82,13 @@ helpers do end def follow + save_item @activity, File.join(INBOX[:dir], @activity['type'].downcase, activity_name) update_collection FOLLOWERS, @activity['actor'] create_activity 'Accept', @activity, [@activity['actor']] end def accept + save_item @activity, File.join(INBOX[:dir], @activity['type'].downcase, activity_name) if @activity['object']['type'] == 'Follow' update_collection FOLLOWING, @activity['object']['object'] else @@ -131,13 +133,15 @@ helpers do if ACTIVITIES.include? type send(type) else - p "Unknown activity #{type}:" - jj @activity + unless %w[Add Remove].include? @activity['type'] + p "Unknown activity #{type}:" + jj @activity + end end end def activity_name - @activity['published'] ? "#{@activity['published']}_#{mention(@activity['actor'])}.json" : "_#{Time.now.utc.iso8601}_#{mention(@activity['actor'])}.json" + @activity['published'] ? "#{@activity['published']}_#{mention(@activity['actor'])}.json" : "#{Time.now.utc.iso8601}_#{mention(@activity['actor'])}.json" end def save_inbox_object @@ -155,15 +159,12 @@ helpers do end def public_outbox - # files = Dir[File.join('outbox', 'create', '*.json')] + Dir[File.join('outbox', 'announce', '*.json')] create = Dir[File.join('outbox', 'create', '*.json')].collect do |f| JSON.load_file(f) end.select { |a| a['to'].include?('https://www.w3.org/ns/activitystreams#Public') }.sort_by { |a| a['published'] }.reverse announce = Dir[File.join('outbox', 'announce', '*.json')].collect do |f| JSON.load_file(f) end.select { |a| a['to'].include?('https://www.w3.org/ns/activitystreams#Public') }.sort_by { |a| a['published'] }.reverse - # activities = files.collect { |f| JSON.load_file(f) } - # activities.select { |a| a['to'].include?('https://www.w3.org/ns/activitystreams#Public') }.sort_by { |a| a['published'] } create + announce end @@ -172,7 +173,11 @@ helpers do # digest sha256 = OpenSSL::Digest.new('SHA256') digest = "SHA-256=#{sha256.base64digest(@body)}" - halt 403 unless digest == request.env['HTTP_DIGEST'] + unless digest == request.env['HTTP_DIGEST'] + p 'invalid digest' + p @body + halt 403 + end # signature signature_params = {} @@ -186,7 +191,11 @@ helpers do signature = Base64.decode64(signature_params['signature']) actor = fetch key_id - halt 403 unless actor + unless actor + p 'no actor' + jj @activity + halt 403 + end key = OpenSSL::PKey::RSA.new(actor['publicKey']['publicKeyPem']) @@ -200,51 +209,13 @@ helpers do end end.join("\n") - halt 403 unless key.verify(OpenSSL::Digest.new('SHA256'), signature, comparison) - end - - # def outbox(type, object, to) # https://github.com/mastodon/mastodon/blob/main/app/lib/request.rb - # to = [to] if to.is_a?(String) - # inboxes = [] - # to.uniq.each do |url| - # next if [ACTOR, 'https://www.w3.org/ns/activitystreams#Public'].include? url - # - # if url == FOLLOWERS_URL - # JSON.load_file(FOLLOWERS)['orderedItems'].each do |follower| - # inboxes << actor_inbox(follower) - # end - # next - # end - # inboxes << actor_inbox(url) - # end - # - # # add date and id, save - # activity_path = save_activity({ - # '@context' => 'https://www.w3.org/ns/activitystreams', - # 'type' => type, - # 'actor' => ACTOR, - # 'object' => object, - # 'to' => to - # }, OUTBOX) - # - # # p activity_path - # body = File.read(activity_path) - # sha256 = OpenSSL::Digest.new('SHA256') - # digest = "SHA-256=#{sha256.base64digest(body)}" - # keypair = OpenSSL::PKey::RSA.new(File.read('private.pem')) - # - # inboxes.compact.uniq.each do |inbox| - # uri = URI(inbox) - # httpdate = Time.now.utc.httpdate - # string = "(request-target): post #{uri.request_uri}\nhost: #{uri.host}\ndate: #{httpdate}\ndigest: #{digest}\ncontent-type: #{CONTENT_TYPE}" - # signature = Base64.strict_encode64(keypair.sign(OpenSSL::Digest.new('SHA256'), string)) - # signed_header = "keyId=\"#{ACTOR}#main-key\",algorithm=\"rsa-sha256\",headers=\"(request-target) host date digest content-type\",signature=\"#{signature}\"" - # - # # Net::HTTP fails with OpenSSL error - # curl( - # "-X POST -H 'Host: #{uri.host}' -H 'Date: #{httpdate}' -H 'Digest: #{digest}' -H 'Signature: #{signed_header}' --data-binary '@#{activity_path}'", inbox - # ) - # end - # activity_path - # end + return if key.verify(OpenSSL::Digest.new('SHA256'), signature, comparison) + + p 'verification failed' + p signature_params + p actor['publicKey'] + p signature, comparison + jj @activity + # halt 403 + end end -- cgit v1.2.3