From c50f749a2685a3e7608cec8730f5fe79de4676ac Mon Sep 17 00:00:00 2001 From: pdp8 Date: Sat, 29 Jul 2023 20:59:48 +0200 Subject: POST /create --- server.rb | 36 ++++++++++++++++++++++++------------ 1 file changed, 24 insertions(+), 12 deletions(-) (limited to 'server.rb') diff --git a/server.rb b/server.rb index e9f4f2e..5dfc53e 100644 --- a/server.rb +++ b/server.rb @@ -13,8 +13,8 @@ post '/inbox' do end halt 501 if @activity['actor'] and @activity['type'] == 'Delete' # deleted actors return 403 => verification error # verify! # pixelfed sends unsigned activities??? - save_activity(@activity, INBOX) type = @activity['type'].downcase.to_sym + save_activity(@activity, INBOX) unless %i[create announce].include? type send(type) if %i[create announce follow accept undo].include? type halt 200 end @@ -124,21 +124,32 @@ helpers do halt 403 unless key.verify(OpenSSL::Digest.new('SHA256'), signature, comparison) end - def outbox(type, object, recipients) + def actor_inbox(url) + actor = fetch url + return unless actor + + if actor['endpoints'] and actor['endpoints']['sharedInbox'] + actor['endpoints']['sharedInbox'] + elsif actor['inbox'] + actor['inbox'] + end + end + + def outbox(type, object, to) # send ## https://github.com/mastodon/mastodon/blob/main/app/lib/request.rb + to = [to] if to.is_a?(String) inboxes = [] - recipients.uniq.each do |url| + to.uniq.each do |url| next if [ACTOR, 'https://www.w3.org/ns/activitystreams#Public'].include? url - actor = fetch url - next unless actor - - if actor['endpoints'] and actor['endpoints']['sharedInbox'] - inboxes << actor['endpoints']['sharedInbox'] - elsif actor['inbox'] - inboxes << actor['inbox'] + if url == FOLLOWERS_URL + JSON.parse(File.read(FOLLOWERS))['orderedItems'].each do |follower| + inboxes << actor_inbox(follower) + end + next end + inboxes << actor_inbox(url) end # add date and id, save @@ -147,8 +158,9 @@ helpers do 'type' => type, 'actor' => ACTOR, 'object' => object, - 'to' => recipients + 'to' => to }, OUTBOX) + body = activity.to_json sha256 = OpenSSL::Digest.new('SHA256') digest = "SHA-256=#{sha256.base64digest(body)}" @@ -162,7 +174,7 @@ helpers do signed_header = "keyId=\"#{ACTOR}#main-key\",algorithm=\"rsa-sha256\",headers=\"(request-target) host date digest content-type\",signature=\"#{signature}\"" curl( - "-X POST -H 'Host: #{uri.host}' -H 'Date: #{httpdate}' -H 'Digest: #{digest}' -H 'Signature: #{signed_header}' --data-binary '#{body}'", inbox + "-X POST -H 'Host: #{uri.host}' -H 'Date: #{httpdate}' -H 'Digest: #{digest}' -H 'Signature: #{signed_header}' --data-raw '#{body}'", inbox ) end activity -- cgit v1.2.3