package registry import ( "bytes" "context" "crypto/rsa" "crypto/x509" "encoding/gob" "encoding/json" "encoding/pem" "fmt" "io" "net/http" "net/url" "strings" "git.capotej.com/capotej/communique/config" "git.capotej.com/capotej/communique/models" "git.capotej.com/capotej/communique/urls" "git.capotej.com/capotej/communique/views" "github.com/go-fed/activity/streams" "github.com/go-fed/activity/streams/vocab" "github.com/go-fed/httpsig" "go.uber.org/zap" ) type Handler struct { handlerCfg config.Handler } // TODO rename to controller and controller.go type Registry struct { cfg config.Config persister *models.Persister handlerMap map[string]Handler log *zap.SugaredLogger } func NewRegistry(cfg config.Config, persister *models.Persister, log *zap.SugaredLogger) (*Registry, error) { reg := Registry{cfg: cfg, persister: persister, log: log} reg.handlerMap = make(map[string]Handler) for _, v := range cfg.Handlers { reg.handlerMap[v.Name] = Handler{handlerCfg: v} err := generateKeypairIfNeeded(v, persister) if err != nil { return nil, err } } return ®, nil } func generateKeypairIfNeeded(v config.Handler, p *models.Persister) error { kp, err := models.CreateKeypair(v) if err != nil { return err } err = p.Store(kp) if err != nil { return err } return nil } func (r *Registry) Actor(name string) (map[string]interface{}, error) { handler := r.findByName(name) if handler == nil { return nil, nil } aso := models.NewKeypair(handler.handlerCfg) result, err := r.persister.Find(aso) if err != nil { return nil, err } buf := bytes.NewBuffer(result) dec := gob.NewDecoder(buf) var keypair models.Keypair err = dec.Decode(&keypair) if err != nil { return nil, err } privKey := &keypair.PrivateKey pemdata := pem.EncodeToMemory( &pem.Block{ Type: "PUBLIC KEY", Bytes: x509.MarshalPKCS1PublicKey(&privKey.PublicKey), }, ) return views.RenderActor(handler.handlerCfg.Name, r.cfg.Domain, string(pemdata)) } func (r *Registry) OutboxCollection(name string) (map[string]interface{}, error) { handler := r.findByName(name) if handler == nil { return nil, nil } aso := models.NewOutboxItem(handler.handlerCfg) page, err := r.persister.Collect(aso) if err != nil { return nil, err } var outboxItems []models.OutboxItem for _, v := range page { //TODO pagination buf := bytes.NewBuffer(v) dec := gob.NewDecoder(buf) var outboxItem models.OutboxItem err = dec.Decode(&outboxItem) if err != nil { return nil, err } outboxItems = append(outboxItems, outboxItem) } return views.RenderOutboxCollection(handler.handlerCfg.Name, r.cfg.Domain, outboxItems) } func (r *Registry) Following(name string) (map[string]interface{}, error) { handler := r.findByName(name) if handler == nil { return nil, nil } profile, err := urls.UrlProfile(name, r.cfg.Domain) if err != nil { return nil, err } following, err := urls.UrlFollowing(name, r.cfg.Domain) if err != nil { return nil, err } result := make(map[string]interface{}) result["@context"] = "https://www.w3.org/ns/activitystreams" result["attributedTo"] = profile.String() result["id"] = following.String() result["totalItems"] = 0 result["orderedItems"] = []bool{} result["type"] = "OrderedCollection" return result, nil } func (r *Registry) Followers(name string) (map[string]interface{}, error) { handler := r.findByName(name) if handler == nil { return nil, nil } profile, err := urls.UrlProfile(name, r.cfg.Domain) if err != nil { return nil, err } followers, err := urls.UrlFollowers(name, r.cfg.Domain) if err != nil { return nil, err } result := make(map[string]interface{}) result["@context"] = "https://www.w3.org/ns/activitystreams" result["attributedTo"] = profile.String() result["id"] = followers.String() result["totalItems"] = 0 result["orderedItems"] = []bool{} result["type"] = "OrderedCollection" return result, nil } func (r *Registry) Inbox(name string, req *http.Request) error { handler := r.findByName(name) if handler == nil { return nil } logger := r.log.With("type", "inbox") verifier, err := httpsig.NewVerifier(req) if err != nil { return err } keyId := verifier.KeyId() logger.With("keyId", keyId).Debugf("fetching") req, err = http.NewRequest("GET", keyId, nil) req.Header.Set("Accept", "application/json; charset=UTF-8") client := &http.Client{} resp, err := client.Do(req) if err != nil { return err } defer resp.Body.Close() keyPage, err := io.ReadAll(resp.Body) logger.With("keyId", keyId).With("response", string(keyPage)).Debugf("received response") var keyPageData map[string]interface{} err = json.Unmarshal(keyPage, &keyPageData) if err != nil { return err } var person vocab.ActivityStreamsPerson resolver, err := streams.NewJSONResolver(func(c context.Context, p vocab.ActivityStreamsPerson) error { // Store the person in the enclosing scope, for later. person = p return nil }, func(c context.Context, note vocab.ActivityStreamsNote) error { //TODO not needed, need to figure out how to only pass one func return nil }) ctx := context.Background() err = resolver.Resolve(ctx, keyPageData) pubKeyProp := person.GetW3IDSecurityV1PublicKey() iter := pubKeyProp.At(0) pubKey := iter.Get() pemProp := pubKey.GetW3IDSecurityV1PublicKeyPem() pemStr := pemProp.Get() logger.With("keyId", keyId).With("pem", pemStr).Debugf("extracted pem") pemObj, _ := pem.Decode([]byte(pemStr)) if pemObj == nil { return fmt.Errorf("no PEM block found") } decodedKey, err := x509.ParsePKIXPublicKey(pemObj.Bytes) if err != nil { return err } rsaPub, ok := decodedKey.(*rsa.PublicKey) if !ok { return fmt.Errorf("not an RSA public key") } algo := httpsig.RSA_SHA256 return verifier.Verify(rsaPub, algo) } func (r *Registry) ActivityOrNote(activityOrNote, name, id string) (map[string]interface{}, error) { handler := r.findByName(name) if handler == nil { return nil, nil } lookup := models.NewOutboxItem(handler.handlerCfg) lookup.Id = []byte(id) result, err := r.persister.Find(lookup) if err != nil { return nil, err } if result == nil { return nil, nil } buf := bytes.NewBuffer(result) dec := gob.NewDecoder(buf) var outboxItem models.OutboxItem err = dec.Decode(&outboxItem) if err != nil { return nil, err } if activityOrNote == "activity" { return views.RenderActivity(handler.handlerCfg.Name, r.cfg.Domain, outboxItem) } return views.RenderNote(handler.handlerCfg.Name, r.cfg.Domain, outboxItem) } // This has to handle various lookup formats: // ?resource=acct:actor@domain // ?resource=actor@domain // ?resource=actor // ?resource=acct:actor func (r *Registry) Webfinger(fqn string) (*views.WebfingerResource, error) { // Strip away acct: prefix, if found fqn = strings.TrimPrefix(fqn, "acct:") // Strip away @domain suffix, if found domainUrl, err := url.Parse(r.cfg.Domain) if err != nil { return nil, err } hostname := "@" + domainUrl.Hostname() fqn = strings.TrimSuffix(fqn, hostname) // We should just have $actor left handler := r.findByName(fqn) if handler == nil { return nil, nil } return views.RenderWebfinger(handler.handlerCfg.Name, r.cfg.Domain, hostname) } func (r *Registry) findByName(name string) *Handler { handler, ok := r.handlerMap[name] if !ok { return nil } return &handler }