# server-server
post '/inbox' do
  request.body.rewind # in case someone already read it
  @body = request.body.read
  begin
    @activity = JSON.parse @body
  rescue StandardError => e
    p e, @body
    halt 400
  end
  # deleted actors return 403 => verification error
  halt 200 if @activity['type'] == 'Delete' and @activity['actor'] == @activity['object']
  # verify! # pixelfed sends unsigned activities???
  handle_activity
  200
end

# public
get '/' do
  redirect 'https://pdp8.info'
end

get '/outbox' do
  files = Dir[File.join('outbox', 'create', '*.json')] + Dir[File.join('outbox', 'announce', '*.json')]
  activities = files.collect { |f| JSON.load_file(f) }
  ids = activities.sort_by { |a| a['published'] }.collect { |a| a['id'] }
  { '@context' => 'https://www.w3.org/ns/activitystreams',
    'id' => 'https://social.pdp8.info/outbox',
    'type' => 'OrderedCollection',
    'totalItems' => ids.size,
    'orderedItems' => ids }.to_json
end

get '/pdp8', provides: 'html' do
  redirect 'https://pdp8.info'
end

get '/pdp8' do
  send_file(File.join(PUBLIC_DIR, 'pdp8.json'), type: CONTENT_TYPE)
end

get '/.well-known/webfinger' do
  halt 404 unless request['resource'] == "acct:#{MENTION}"
  send_file(WEBFINGER, type: 'application/jrd+json')
end

['/following', '/followers'].each do |path|
  get path do
    send_file(File.join(PUBLIC_DIR, path) + '.json', type: CONTENT_TYPE)
  end
end

get '/tags/:tag' do |tag|
  send_file(File.join(PUBLIC_DIR, 'tags', tag) + '.json', type: CONTENT_TYPE)
end

helpers do
  def create
    @count ||= 0
    @object ||= @activity['object']
    save_inbox_object
    return unless @object and @object['inReplyTo'] and @count < 5

    # recursive thread download
    @object = @object['inReplyTo']
    @count += 1
    create
  end

  def announce
    @object ||= @activity['object']
    @object = fetch(@object) if @object.is_a? String and @object.match(/^http/)
    @object['announce'] = @activity['actor'] if @object
    create
  end

  def like
    announce
  end

  def follow
    update_collection FOLLOWERS, @activity['actor']
    create_activity 'Accept', @activity, [@activity['actor']]
  end

  def accept
    if @activity['object']['type'] == 'Follow'
      update_collection FOLLOWING, @activity['object']['object']
    else
      p "Cannot accept @activity['object']['type']"
      jj @activity
      halt 501
    end
  end

  def undo
    case @activity['object']['type']
    when 'Follow'
      update_collection FOLLOWERS, @activity['object']['actor'], 'delete'
    when 'Create', 'Announce'
      file = find_file @activity['object']['object']
      FileUtils.rm(file) if file
    else
      p "Cannot undo @activity['object']['type']"
      jj @activity
      halt 501
    end
  end

  def update
    file = find_file(@activity['object']['id'])
    FileUtils.rm(file) if file
    create
  end

  def delete
    file = find_file(@activity['object']['id'])
    FileUtils.rm(file) if file
  end

  def move
    create_activity 'Follow', @activity['target'], [@activity['target']] if @activity['actor'] == @activity['object']
  end

  def handle_activity
    type = @activity['type'].downcase.to_sym
    save_item @activity, File.join(INBOX[:dir], @activity['type'].downcase, activity_name)
    if ACTIVITIES.include? type
      send(type)
    else
      p "Unknown activity #{type}:"
      jj @activity
    end
  end

  def activity_name
    @activity['published'] ? "#{@activity['published']}_#{mention(@activity['actor'])}.json" : "_#{Time.now.utc.iso8601}_#{mention(@activity['actor'])}.json"
  end

  def save_inbox_object
    @object = @object['object'] if @object['type'] and ACTIVITIES.include? @object['type'].downcase.to_sym # lemmy
    return unless @object and @object['type'] != 'Person'

    @object = fetch(@object) if @object.is_a? String and @object.match(/^http/)
    return unless @object
    if @activity['type'] != 'Update' && (@object['id'] and File.readlines(VISITED, chomp: true).include? @object['id'])
      return
    end

    save_item @object, File.join(INBOX[:dir], 'object', @object['type'].downcase, activity_name)
    File.open(File.join(INBOX[:dir], 'visited'), 'a+') { |f| f.puts @object['id'] }
  end

  # https://github.com/mastodon/mastodon/blob/main/app/controllers/concerns/signature_verification.rb
  def verify!
    # digest
    sha256 = OpenSSL::Digest.new('SHA256')
    digest = "SHA-256=#{sha256.base64digest(@body)}"
    halt 403 unless digest == request.env['HTTP_DIGEST']

    # signature
    signature_params = {}
    request.env['HTTP_SIGNATURE'].split(',').each do |pair|
      k, v = pair.split('=')
      signature_params[k] = v.gsub('"', '')
    end

    key_id = signature_params['keyId']
    headers = signature_params['headers']
    signature = Base64.decode64(signature_params['signature'])

    actor = fetch key_id
    halt 403 unless actor

    key = OpenSSL::PKey::RSA.new(actor['publicKey']['publicKeyPem'])

    comparison = headers.split(' ').map do |signed_params_name|
      if signed_params_name == '(request-target)'
        '(request-target): post /inbox'
      elsif signed_params_name == 'content-type'
        "#{signed_params_name}: #{request.env['CONTENT_TYPE']}"
      else
        "#{signed_params_name}: #{request.env["HTTP_#{signed_params_name.upcase}"]}"
      end
    end.join("\n")

    halt 403 unless key.verify(OpenSSL::Digest.new('SHA256'), signature, comparison)
  end

  #   def outbox(type, object, to) # https://github.com/mastodon/mastodon/blob/main/app/lib/request.rb
  #     to = [to] if to.is_a?(String)
  #     inboxes = []
  #     to.uniq.each do |url|
  #       next if [ACTOR, 'https://www.w3.org/ns/activitystreams#Public'].include? url
  #
  #       if url == FOLLOWERS_URL
  #         JSON.load_file(FOLLOWERS)['orderedItems'].each do |follower|
  #           inboxes << actor_inbox(follower)
  #         end
  #         next
  #       end
  #       inboxes << actor_inbox(url)
  #     end
  #
  #     # add date and id, save
  #     activity_path = save_activity({
  #                                     '@context' => 'https://www.w3.org/ns/activitystreams',
  #                                     'type' => type,
  #                                     'actor' => ACTOR,
  #                                     'object' => object,
  #                                     'to' => to
  #                                   }, OUTBOX)
  #
  #     # p activity_path
  #     body = File.read(activity_path)
  #     sha256 = OpenSSL::Digest.new('SHA256')
  #     digest = "SHA-256=#{sha256.base64digest(body)}"
  #     keypair = OpenSSL::PKey::RSA.new(File.read('private.pem'))
  #
  #     inboxes.compact.uniq.each do |inbox|
  #       uri = URI(inbox)
  #       httpdate = Time.now.utc.httpdate
  #       string = "(request-target): post #{uri.request_uri}\nhost: #{uri.host}\ndate: #{httpdate}\ndigest: #{digest}\ncontent-type: #{CONTENT_TYPE}"
  #       signature = Base64.strict_encode64(keypair.sign(OpenSSL::Digest.new('SHA256'), string))
  #       signed_header = "keyId=\"#{ACTOR}#main-key\",algorithm=\"rsa-sha256\",headers=\"(request-target) host date digest content-type\",signature=\"#{signature}\""
  #
  #       # Net::HTTP fails with OpenSSL error
  #       curl(
  #         "-X POST -H 'Host: #{uri.host}' -H 'Date: #{httpdate}' -H 'Digest: #{digest}' -H 'Signature: #{signed_header}' --data-binary '@#{activity_path}'", inbox
  #       )
  #     end
  #     activity_path
  #   end
end