aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJulio Capote <jcapote@gmail.com>2023-01-06 20:13:08 +0000
committerJulio Capote <jcapote@gmail.com>2023-01-06 20:13:08 +0000
commit997316d81e2dbd1a8f3a120e6d193fa66c8c37de (patch)
tree5a6f3ee0b3d99eace4f04dead45ce0f747294ce7
parent77eefc2b9d955ef451ada989f8d15adc3d76885c (diff)
downloadcommunique-997316d81e2dbd1a8f3a120e6d193fa66c8c37de.tar.gz
refactor signed request
Diffstat (limited to '')
-rw-r--r--cgi/servers.go5
-rw-r--r--delivery/signed.go64
-rw-r--r--registry/registry.go32
3 files changed, 72 insertions, 29 deletions
diff --git a/cgi/servers.go b/cgi/servers.go
index 0a87a62..44ffb1c 100644
--- a/cgi/servers.go
+++ b/cgi/servers.go
@@ -135,8 +135,9 @@ func processTick(h config.Handler, output []byte, persister *models.Persister, l
}
for _, v := range keys {
parts := strings.Split(string(v), ":")
- url := parts[2:]
- logger.With("payload", payload).With("inboxUrl", url).Debugf("deliverying activity")
+ url := strings.Join(parts[2:], "")
+ logger.With("payload", payload).With("inboxUrl", url).Debugf("delivering activity")
+
}
})
if err != nil {
diff --git a/delivery/signed.go b/delivery/signed.go
new file mode 100644
index 0000000..acf4df5
--- /dev/null
+++ b/delivery/signed.go
@@ -0,0 +1,64 @@
+package delivery
+
+import (
+ "bytes"
+ "encoding/gob"
+ "net/http"
+ "net/url"
+ "sync"
+ "time"
+
+ "git.capotej.com/capotej/communique/config"
+ "git.capotej.com/capotej/communique/models"
+ "github.com/go-fed/httpsig"
+)
+
+type Signed struct {
+ signer httpsig.Signer
+ mu sync.Mutex
+ persister *models.Persister
+}
+
+func NewSigned(persister *models.Persister) (*Signed, error) {
+ signed := &Signed{persister: persister}
+ var err error
+ prefs := []httpsig.Algorithm{}
+ digestAlgorithm := httpsig.DigestSha256
+ headersToSign := []string{httpsig.RequestTarget, "host", "date", "digest"}
+ signed.signer, _, err = httpsig.NewSigner(prefs, digestAlgorithm, headersToSign, httpsig.Signature, 0)
+ if err != nil {
+ return nil, err
+ }
+ return signed, nil
+}
+
+func (s *Signed) SignedRequest(handler config.Handler, payload []byte, inboxUrl, actorKeyUrl *url.URL) (*http.Request, error) {
+ aso := models.NewKeypair(handler)
+ result, err := s.persister.Find(aso)
+ if err != nil {
+ return nil, err
+ }
+ buf := bytes.NewBuffer(result)
+ dec := gob.NewDecoder(buf)
+ var keypair models.Keypair
+ err = dec.Decode(&keypair)
+ if err != nil {
+ return nil, err
+ }
+ privKey := &keypair.PrivateKey
+
+ request, err := http.NewRequest("POST", inboxUrl.String(), bytes.NewBuffer(payload))
+ date := time.Now().UTC().Format(http.TimeFormat)
+ request.Header.Set("Date", date)
+ request.Header.Set("Content-Type", "application/activity+json")
+ request.Header.Set("Host", inboxUrl.Host)
+
+ s.mu.Lock()
+ err = s.signer.SignRequest(privKey, actorKeyUrl.String(), request, payload)
+ s.mu.Unlock()
+
+ if err != nil {
+ return nil, err
+ }
+ return request, nil
+}
diff --git a/registry/registry.go b/registry/registry.go
index e15d861..aa61d58 100644
--- a/registry/registry.go
+++ b/registry/registry.go
@@ -12,17 +12,15 @@ import (
"net/http"
"net/url"
"strings"
- "sync"
- "time"
"git.capotej.com/capotej/communique/config"
+ "git.capotej.com/capotej/communique/delivery"
"git.capotej.com/capotej/communique/models"
"git.capotej.com/capotej/communique/tools"
"git.capotej.com/capotej/communique/urls"
"git.capotej.com/capotej/communique/views"
"github.com/go-fed/activity/streams"
"github.com/go-fed/activity/streams/vocab"
- "github.com/go-fed/httpsig"
"go.uber.org/zap"
)
@@ -36,8 +34,7 @@ type Registry struct {
persister *models.Persister
handlerMap map[string]Handler
log *zap.SugaredLogger
- signer httpsig.Signer
- mu sync.Mutex
+ delivery *delivery.Signed
}
func NewRegistry(cfg config.Config, persister *models.Persister, log *zap.SugaredLogger) (*Registry, error) {
@@ -51,10 +48,7 @@ func NewRegistry(cfg config.Config, persister *models.Persister, log *zap.Sugare
return nil, err
}
}
- prefs := []httpsig.Algorithm{}
- digestAlgorithm := httpsig.DigestSha256
- headersToSign := []string{httpsig.RequestTarget, "host", "date", "digest"}
- reg.signer, _, err = httpsig.NewSigner(prefs, digestAlgorithm, headersToSign, httpsig.Signature, 0)
+ reg.delivery, err = delivery.NewSigned(persister)
if err != nil {
return nil, err
}
@@ -261,30 +255,14 @@ func (r *Registry) deliverAcceptToInbox(url, actorUrl, actorKeyUrl *url.URL, fol
return err
}
jsonData, err := json.Marshal(payload)
-
- aso := models.NewKeypair(handler)
- result, err := r.persister.Find(aso)
if err != nil {
return err
}
- buf := bytes.NewBuffer(result)
- dec := gob.NewDecoder(buf)
- var keypair models.Keypair
- err = dec.Decode(&keypair)
+
+ request, err := r.delivery.SignedRequest(handler, jsonData, url, actorKeyUrl)
if err != nil {
return err
}
- privKey := &keypair.PrivateKey
-
- request, err := http.NewRequest("POST", url.String(), bytes.NewBuffer(jsonData))
- date := time.Now().UTC().Format(http.TimeFormat)
- request.Header.Set("Date", date)
- request.Header.Set("Content-Type", "application/activity+json")
- request.Header.Set("Host", url.Host)
-
- r.mu.Lock()
- err = r.signer.SignRequest(privKey, actorKeyUrl.String(), request, jsonData)
- r.mu.Unlock()
r.log.With(
"type",