slon-project/slon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Meta: Add files to repository

Browse source
This commit is contained in:
Alec Murphy 2025-02-16 15:21:19 -05:00
parent 6d27d43268
commit 52cb92f587
120 changed files with 71820 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

795
Slon/Modules/ActivityPub.HC Normal file
View file

@ -0,0 +1,795 @@
U8* @slon_activitypub_strip_double_quotes(U8* str)
{
while (str[0] == '"')
str++;
while (str[StrLen(str) - 1] == '"')
str[StrLen(str) - 1] = NULL;
return str;
}
Bool @slon_activitypub_http_signature_is_valid(SlonHttpSession* session)
{
SLON_SCRATCH_BUFFER_AND_REQUEST_JSON
no_warn scratch_buffer;
// 1. Check that we have a signature and digest
if (!StrLen(@slon_http_request_header(session, "signature")) || !StrLen(@slon_http_request_header(session, "digest"))) {
AdamLog("[verify_signature] no signature or digest header present\n");
return FALSE;
}
// 2. Check that digest 1) is SHA-256 and 2) matches content
U8* request_digest = @slon_http_request_header(session, "digest");
if (!(String.BeginsWith("SHA-256", request_digest) || String.BeginsWith("sha-256", request_digest))) {
AdamLog("[verify_signature] digest is not SHA-256\n");
return FALSE;
}
request_digest = StrFind("=", request_digest) + 1;
I64 content_length = Str2I64(@slon_http_request_header(session, "content-length"));
if (!content_length) {
AdamLog("[verify_signature] content-length is 0\n");
return FALSE;
}
U8 content_hash[512];
calc_sha_256(content_hash, session->request->data, content_length);
U8* computed_digest = @base64_encode(content_hash, 32);
if (StrICmp(computed_digest, request_digest)) {
AdamLog("[verify_signature] digest header and computed digest do not match\n");
Free(computed_digest);
return FALSE;
} else {
Free(computed_digest);
}
// Parse values from Signature header
U8* signature_header = @slon_http_request_header(session, "signature");
I64 signature_fragment_count = 0;
U8** signature_fragments = String.Split(signature_header, ',', &signature_fragment_count);
U8* keyId = NULL;
U8* algorithm = NULL;
U8* headers = NULL;
U8* signature = NULL;
I64 i;
for (i = 0; i < signature_fragment_count; i++) {
if (String.BeginsWith("keyId=", signature_fragments[i])) {
keyId = signature_fragments[i] + 6;
keyId = @slon_activitypub_strip_double_quotes(keyId);
}
if (String.BeginsWith("algorithm=", signature_fragments[i])) {
algorithm = signature_fragments[i] + 10;
algorithm = @slon_activitypub_strip_double_quotes(algorithm);
}
if (String.BeginsWith("headers=", signature_fragments[i])) {
headers = signature_fragments[i] + 8;
headers = @slon_activitypub_strip_double_quotes(headers);
}
if (String.BeginsWith("signature=", signature_fragments[i])) {
signature = signature_fragments[i] + 10;
signature = @slon_activitypub_strip_double_quotes(signature);
}
}
// 3. Confirm actor matches keyId
if (!request_json->@("actor")) {
AdamLog("[verify_signature] actor is not present in request\n");
return FALSE;
}
if (!String.BeginsWith(request_json->@("actor"), keyId)) {
AdamLog("[verify_signature] actor does not match keyId\n");
return FALSE;
}
// Check if public key is cached for keyId, if not, fetch it
if (!db->o("public_keys")->@(keyId)) {
@slon_log(LOG_HTTPD, "Actor's public key is not cached, attempting to fetch");
HttpUrl* url = @http_parse_url(request_json->@("actor"));
if (!url) {
@slon_log(LOG_HTTPD, "Could not fetch actor's public key, malformed url or unspecified error");
return FALSE;
}
U8* fetch_buffer = CAlloc(HTTP_FETCH_BUFFER_SIZE, adam_task);
JsonObject* http_headers = Json.CreateObject();
http_headers->set("accept", "application/json", JSON_STRING);
@http_response* resp = Http.Get(url, fetch_buffer, NULL, http_headers);
if (!resp) {
@slon_log(LOG_HTTPD, "Could not fetch actor's public key, invalid response from remote server");
Free(fetch_buffer);
return FALSE;
}
while (resp->state != HTTP_STATE_DONE) {
Sleep(1);
}
if (!resp->body.length) {
@slon_log(LOG_HTTPD, "Could not fetch actor's public key, empty response from remote server");
Free(fetch_buffer);
return FALSE;
}
Free(fetch_buffer);
JsonObject* user_object = Json.Parse(resp->body.data);
if (!user_object) {
@slon_log(LOG_HTTPD, "Could not fetch actor's public key, user object not present in response from remote server");
return FALSE;
}
JsonObject* pubkey_object = user_object->@("publicKey");
if (!pubkey_object) {
@slon_log(LOG_HTTPD, "Could not fetch actor's public key, publicKey object not present in user object");
return FALSE;
}
if (!pubkey_object->@("id")) {
@slon_log(LOG_HTTPD, "Could not fetch actor's public key, id not present in publicKey object");
return FALSE;
}
if (!pubkey_object->@("owner")) {
@slon_log(LOG_HTTPD, "Could not fetch actor's public key, owner not present in publicKey object");
return FALSE;
}
if (!pubkey_object->@("publicKeyPem")) {
@slon_log(LOG_HTTPD, "Could not fetch actor's public key, publicKeyPem not present in publicKey object");
return FALSE;
}
if (StrICmp(pubkey_object->@("id"), keyId)) {
@slon_log(LOG_HTTPD, "Could not fetch actor's public key, keyId does not match id present in publicKey object");
return FALSE;
}
if (StrICmp(pubkey_object->@("owner"), request_json->@("actor"))) {
@slon_log(LOG_HTTPD, "Could not fetch actor's public key, actor does not match owner present in publicKey object");
return FALSE;
}
U8* pem_string = pubkey_object->@("publicKeyPem");
// Convert Base64 PEM to single line
U8* pem_single_line = @slon_calloc(session, StrLen(pem_string));
I64 pem_lines_count = 0;
U8** pem_lines = String.Split(pem_string, '\n', &pem_lines_count);
i = 0;
while (i < pem_lines_count) {
if (pem_lines[i] && StrLen(pem_lines[i]) > 0) {
if (!StrFind("KEY", pem_lines[i])) {
StrCpy(pem_single_line + StrLen(pem_single_line), pem_lines[i]);
}
}
++i;
}
// Decode PEM to DER
I64 der_buf_length = 0;
U8* der_buf = @base64_decode(pem_single_line, &der_buf_length);
// Cache the public key
JsonObject* cached_key = Json.CreateObject();
cached_key->set("key", der_buf, JSON_NUMBER);
cached_key->set("length", der_buf_length, JSON_NUMBER);
db->o("public_keys")->set(keyId, cached_key, JSON_OBJECT);
@slon_free(session, pem_single_line);
Json.Delete(user_object);
Json.Delete(http_headers);
}
// Calculate our signature string allocation
I64 sig_string_alloc_length = 0;
I64 headers_split_count = 0;
U8** headers_split = String.Split(headers, ' ', &headers_split_count);
i = 0;
while (i < headers_split_count) {
sig_string_alloc_length += StrLen(@slon_http_request_header(session, headers_split[i]));
++i;
}
sig_string_alloc_length += StrLen(@slon_http_request_verb(session));
sig_string_alloc_length += StrLen(@slon_http_request_path(session));
sig_string_alloc_length *= 2;
// Construct our signature string
U8* sig_string = @slon_calloc(session, sig_string_alloc_length);
i = 0;
while (i < headers_split_count) {
if (StrLen(headers_split[i]) && headers_split[i][0] >= 'A' && headers_split[i][0] <= 'Z') {
headers_split[i][0] += 'a' - headers_split[i][0];
}
if (!StrCmp("(request-target)", headers_split[i])) {
String.Append(sig_string, "(request-target): %s %s", "post", @slon_http_request_path(session));
} else {
String.Append(sig_string, "%s: %s", headers_split[i], @slon_http_request_header(session, headers_split[i]));
}
++i;
if (i < headers_split_count) {
String.Append(sig_string, "\n");
}
}
// Base64 decode request's signature
I64 verify_sig_buf_length = 0;
U8* verify_sig_buf = @base64_decode(signature, &verify_sig_buf_length);
// Hash our constructed signature string
U8 sig_string_hash[32];
calc_sha_256(sig_string_hash, sig_string, StrLen(sig_string));
// Import RSA key
U64 rsa_key = CAlloc(sizeof(U64) * 32, adam_task);
I64 res = @rsa_import(db->o("public_keys")->o(keyId)->@("key"), db->o("public_keys")->o(keyId)->@("length"), rsa_key);
if (res != 0) { // CRYPT_OK = 0
@slon_log(LOG_HTTPD, "Received error from @rsa_import: %d", res);
return FALSE;
}
// Verify signature
I32 stat = 0;
res = @rsa_verify_signature(verify_sig_buf, verify_sig_buf_length, sig_string_hash, 32, &stat, rsa_key);
if (res != 0) { // CRYPT_OK = 0
@slon_log(LOG_HTTPD, "Received error from @rsa_verify_signature: %d", res);
return FALSE;
}
Free(rsa_key);
Free(verify_sig_buf);
@slon_free(session, sig_string);
return stat;
}
U0 @slon_activitypub_users_get(SlonHttpSession* session)
{
U8* path = @slon_strnew(session, @slon_http_request_path(session));
I64 path_segments_count = 0;
U8** path_segments = String.Split(path, '/', &path_segments_count);
if (path_segments_count == 3) {
JsonObject* actor = db->o("actors")->@(path_segments[1]);
if (actor) {
@slon_http_send_ap_json(session, actor);
} else {
@slon_http_set_status_code(session, 404);
}
} else {
@slon_http_set_status_code(session, 400);
}
slon_activitypub_users_get_return:
@slon_free(session, path);
}
U0 @slon_activitypub_async_accept_request(JsonObject* o)
{
JsonObject* request = o->o("request");
if (!StrICmp("accept", request->@("type")) || !StrICmp("reject", request->@("type"))) {
return;
}
Sleep(2000);
U8 scratch_buffer[2048];
U8* this_actor = db->o("actors")->o(o->@("user"))->@("id");
StrPrint(scratch_buffer, "%s/accept/%d", this_actor, Now);
JsonObject* accept_object = Json.CreateObject();
accept_object->set("@context", request->@("@context"), JSON_STRING);
accept_object->set("id", scratch_buffer, JSON_STRING);
accept_object->set("type", "Accept", JSON_STRING);
accept_object->set("actor", this_actor, JSON_STRING);
accept_object->set("object", request, JSON_OBJECT);
U8* accept_object_s = Json.Stringify(accept_object);
U8 content_hash[512];
calc_sha_256(content_hash, accept_object_s, StrLen(accept_object_s));
U8* computed_digest = @base64_encode(content_hash, 32);
JsonObject* http_headers = Json.CreateObject();
StrPrint(scratch_buffer, "%s/inbox", request->@("actor"));
HttpUrl* url = @http_parse_url(scratch_buffer);
CDateStruct ds;
Date2Struct(&ds, Now + 1043910000);
StrPrint(scratch_buffer, "%03tZ, %02d %03tZ %04d %02d:%02d:%02d GMT", ds.day_of_week, "ST_DAYS_OF_WEEK", ds.day_of_mon, ds.mon - 1, "ST_MONTHS",
ds.year, ds.hour, ds.min, ds.sec);
http_headers->set("Date", scratch_buffer, JSON_STRING);
StrPrint(scratch_buffer, "SHA-256=%s", computed_digest);
http_headers->set("Digest", scratch_buffer, JSON_STRING);
http_headers->set("Content-Type", "application/activity+json", JSON_STRING);
StrPrint(scratch_buffer, "");
String.Append(scratch_buffer, "(request-target): post %s\n", url->path);
String.Append(scratch_buffer, "host: %s\n", url->host);
String.Append(scratch_buffer, "date: %s\n", http_headers->@("Date"));
String.Append(scratch_buffer, "digest: %s\n", http_headers->@("Digest"));
String.Append(scratch_buffer, "content-type: %s", http_headers->@("Content-Type"));
AdamLog("headers_to_sign:\n```%s```\n", scratch_buffer);
calc_sha_256(content_hash, scratch_buffer, StrLen(scratch_buffer));
U8* user = StrFind("/users/", this_actor) + 7;
JsonObject* private_key_binary = db->o("private_keys_binary")->o(user);
if (!private_key_binary) {
I64 private_key_binary_size = 0;
private_key_binary = Json.CreateObject();
private_key_binary->set("data", @base64_decode(db->o("private_keys")->@(user), &private_key_binary_size), JSON_OBJECT);
private_key_binary->set("size", private_key_binary_size, JSON_NUMBER);
db->o("private_keys_binary")->set(user, private_key_binary, JSON_OBJECT);
}
I64 res;
// Import RSA key
U64 rsa_key = CAlloc(sizeof(U64) * 32, adam_task);
res = @rsa_import(private_key_binary->@("data"), private_key_binary->@("size"), rsa_key);
AdamLog("@rsa_import: res: %d\n", res);
U8 sig[256];
U64 siglen = 256;
res = @rsa_create_signature(sig, &siglen, content_hash, 32, rsa_key);
AdamLog("@rsa_create_signature: res: %d\n", res);
U8* computed_sig = @base64_encode(sig, 256);
StrCpy(scratch_buffer, "");
String.Append(scratch_buffer, "keyId=\"%s#main-key\",", this_actor);
String.Append(scratch_buffer, "algorithm=\"rsa-sha256\",");
String.Append(scratch_buffer, "headers=\"(request-target) host date digest content-type\",");
String.Append(scratch_buffer, "signature=\"%s\"", computed_sig);
http_headers->set("Signature", scratch_buffer, JSON_STRING);
U8* fetch_buffer = CAlloc(HTTP_FETCH_BUFFER_SIZE, adam_task);
@http_response* resp = Http.Post(url, fetch_buffer, accept_object_s, http_headers);
if (!resp) {
@slon_log(LOG_HTTPD, "Could not POST Accept, invalid response from remote server");
Free(fetch_buffer);
return;
}
while (resp->state != HTTP_STATE_DONE) {
Sleep(1);
}
AdamLog("code: %d\n", resp->status.code);
Free(fetch_buffer);
}
U0 @slon_activitypub_follow_request()
{
U8 scratch_buffer[2048];
U8* this_actor = "https://error.checksum.fail/users/alec";
StrPrint(scratch_buffer, "%s/follow/%d", this_actor, Now);
JsonObject* follow_object = Json.CreateObject();
follow_object->set("@context", "https://www.w3.org/ns/activitystreams", JSON_STRING);
follow_object->set("id", scratch_buffer, JSON_STRING);
follow_object->set("type", "Follow", JSON_STRING);
follow_object->set("actor", this_actor, JSON_STRING);
follow_object->set("object", "https://techhub.social/users/ryeucrvtexw3", JSON_STRING);
U8* follow_object_s = Json.Stringify(follow_object);
U8 content_hash[512];
calc_sha_256(content_hash, follow_object_s, StrLen(follow_object_s));
U8* computed_digest = @base64_encode(content_hash, 32);
JsonObject* http_headers = Json.CreateObject();
StrPrint(scratch_buffer, "%s/inbox", "https://techhub.social/users/ryeucrvtexw3");
HttpUrl* url = @http_parse_url(scratch_buffer);
CDateStruct ds;
Date2Struct(&ds, Now + 1043910000);
StrPrint(scratch_buffer, "%03tZ, %02d %03tZ %04d %02d:%02d:%02d GMT", ds.day_of_week, "ST_DAYS_OF_WEEK", ds.day_of_mon, ds.mon - 1, "ST_MONTHS",
ds.year, ds.hour, ds.min, ds.sec);
http_headers->set("Date", scratch_buffer, JSON_STRING);
StrPrint(scratch_buffer, "SHA-256=%s", computed_digest);
http_headers->set("Digest", scratch_buffer, JSON_STRING);
http_headers->set("Content-Type", "application/activity+json", JSON_STRING);
StrPrint(scratch_buffer, "");
String.Append(scratch_buffer, "(request-target): post %s\n", url->path);
String.Append(scratch_buffer, "host: %s\n", url->host);
String.Append(scratch_buffer, "date: %s\n", http_headers->@("Date"));
String.Append(scratch_buffer, "digest: %s\n", http_headers->@("Digest"));
String.Append(scratch_buffer, "content-type: %s", http_headers->@("Content-Type"));
AdamLog("headers_to_sign:\n```%s```\n", scratch_buffer);
calc_sha_256(content_hash, scratch_buffer, StrLen(scratch_buffer));
U8* user = StrFind("/users/", this_actor) + 7;
JsonObject* private_key_binary = db->o("private_keys_binary")->o(user);
if (!private_key_binary) {
I64 private_key_binary_size = 0;
private_key_binary = Json.CreateObject();
private_key_binary->set("data", @base64_decode(db->o("private_keys")->@(user), &private_key_binary_size), JSON_OBJECT);
private_key_binary->set("size", private_key_binary_size, JSON_NUMBER);
db->o("private_keys_binary")->set(user, private_key_binary, JSON_OBJECT);
}
I64 res;
// Import RSA key
U64 rsa_key = CAlloc(sizeof(U64) * 32, adam_task);
res = @rsa_import(private_key_binary->@("data"), private_key_binary->@("size"), rsa_key);
AdamLog("@rsa_import: res: %d\n", res);
U8 sig[256];
U64 siglen = 256;
res = @rsa_create_signature(sig, &siglen, content_hash, 32, rsa_key);
AdamLog("@rsa_create_signature: res: %d\n", res);
U8* computed_sig = @base64_encode(sig, 256);
StrCpy(scratch_buffer, "");
String.Append(scratch_buffer, "keyId=\"%s#main-key\",", this_actor);
String.Append(scratch_buffer, "algorithm=\"rsa-sha256\",");
String.Append(scratch_buffer, "headers=\"(request-target) host date digest content-type\",");
String.Append(scratch_buffer, "signature=\"%s\"", computed_sig);
http_headers->set("Signature", scratch_buffer, JSON_STRING);
U8* fetch_buffer = CAlloc(HTTP_FETCH_BUFFER_SIZE, adam_task);
@http_response* resp = Http.Post(url, fetch_buffer, follow_object_s, http_headers);
if (!resp) {
@slon_log(LOG_HTTPD, "Could not POST Accept, invalid response from remote server");
Free(fetch_buffer);
return;
}
while (resp->state != HTTP_STATE_DONE) {
Sleep(1);
}
AdamLog("code: %d\n", resp->status.code);
Free(fetch_buffer);
}
U0 @slon_activitypub_async_create_status(JsonObject* status)
{
Sleep(2000);
U8 scratch_buffer[2048];
U8* dest = "https://techhub.social/users/ryeucrvtexw3/inbox";
U8* this_actor = StrNew(status->@("uri"), adam_task);
StrFind("/statuses/", this_actor)[0] = NULL;
JsonObject* create_object = Json.CreateObject();
create_object->set("@context", "https://www.w3.org/ns/activitystreams", JSON_STRING);
StrPrint(scratch_buffer, "%s/activity", status->@("uri"));
create_object->set("id", scratch_buffer, JSON_STRING);
create_object->set("type", "Create", JSON_STRING);
create_object->set("actor", this_actor, JSON_STRING);
create_object->set("published", status->@("created_at"), JSON_STRING);
create_object->set("to", Json.Parse("[\"https://www.w3.org/ns/activitystreams#Public\"]"), JSON_ARRAY);
JsonArray* cc = Json.CreateArray();
StrPrint(scratch_buffer, "%s/followers", this_actor);
cc->append(Json.CreateItem(scratch_buffer, JSON_STRING));
create_object->set("cc", cc, JSON_ARRAY);
JsonObject* note_object = Json.CreateObject();
note_object->set("id", status->@("uri"), JSON_STRING);
note_object->set("type", "Note", JSON_STRING);
note_object->set("summary", NULL, JSON_NULL);
note_object->set("inReplyTo", NULL, JSON_NULL);
note_object->set("published", status->@("created_at"), JSON_STRING);
note_object->set("attributedTo", this_actor, JSON_STRING);
note_object->set("to", Json.Parse("[\"https://www.w3.org/ns/activitystreams#Public\"]"), JSON_ARRAY);
note_object->set("cc", cc, JSON_ARRAY);
note_object->set("sensitive", status->@("sensitive"), JSON_BOOLEAN);
note_object->set("atomUri", status->@("uri"), JSON_STRING);
note_object->set("inReplyToAtomUri", NULL, JSON_NULL);
note_object->set("content", status->@("content"), JSON_STRING);
JsonObject* content_map = Json.CreateObject();
content_map->set("en", status->@("content"), JSON_STRING);
note_object->set("contentMap", content_map, JSON_OBJECT);
note_object->set("attachment", SLON_EMPTY_JSON_ARRAY, JSON_ARRAY);
note_object->set("tag", SLON_EMPTY_JSON_ARRAY, JSON_ARRAY);
note_object->set("replies", SLON_EMPTY_JSON_OBJECT, JSON_OBJECT);
note_object->set("likes", SLON_EMPTY_JSON_OBJECT, JSON_OBJECT);
note_object->set("shares", SLON_EMPTY_JSON_OBJECT, JSON_OBJECT);
create_object->set("object", note_object, JSON_OBJECT);
U8* create_object_s = Json.Stringify(create_object);
U8 content_hash[512];
calc_sha_256(content_hash, create_object_s, StrLen(create_object_s));
U8* computed_digest = @base64_encode(content_hash, 32);
JsonObject* http_headers = Json.CreateObject();
HttpUrl* url = @http_parse_url(dest);
CDateStruct ds;
Date2Struct(&ds, Now + 1043910000);
StrPrint(scratch_buffer, "%03tZ, %02d %03tZ %04d %02d:%02d:%02d GMT", ds.day_of_week, "ST_DAYS_OF_WEEK", ds.day_of_mon, ds.mon - 1, "ST_MONTHS",
ds.year, ds.hour, ds.min, ds.sec);
http_headers->set("Date", scratch_buffer, JSON_STRING);
StrPrint(scratch_buffer, "SHA-256=%s", computed_digest);
http_headers->set("Digest", scratch_buffer, JSON_STRING);
http_headers->set("Content-Type", "application/activity+json", JSON_STRING);
StrPrint(scratch_buffer, "");
String.Append(scratch_buffer, "(request-target): post %s\n", url->path);
String.Append(scratch_buffer, "host: %s\n", url->host);
String.Append(scratch_buffer, "date: %s\n", http_headers->@("Date"));
String.Append(scratch_buffer, "digest: %s\n", http_headers->@("Digest"));
String.Append(scratch_buffer, "content-type: %s", http_headers->@("Content-Type"));
AdamLog("headers_to_sign:\n```%s```\n", scratch_buffer);
calc_sha_256(content_hash, scratch_buffer, StrLen(scratch_buffer));
U8* user = StrFind("/users/", this_actor) + 7;
JsonObject* private_key_binary = db->o("private_keys_binary")->o(user);
if (!private_key_binary) {
I64 private_key_binary_size = 0;
private_key_binary = Json.CreateObject();
private_key_binary->set("data", @base64_decode(db->o("private_keys")->@(user), &private_key_binary_size), JSON_OBJECT);
private_key_binary->set("size", private_key_binary_size, JSON_NUMBER);
db->o("private_keys_binary")->set(user, private_key_binary, JSON_OBJECT);
}
I64 res;
// Import RSA key
U64 rsa_key = CAlloc(sizeof(U64) * 32, adam_task);
res = @rsa_import(private_key_binary->@("data"), private_key_binary->@("size"), rsa_key);
AdamLog("@rsa_import: res: %d\n", res);
U8 sig[256];
U64 siglen = 256;
res = @rsa_create_signature(sig, &siglen, content_hash, 32, rsa_key);
AdamLog("@rsa_create_signature: res: %d\n", res);
U8* computed_sig = @base64_encode(sig, 256);
StrCpy(scratch_buffer, "");
String.Append(scratch_buffer, "keyId=\"%s#main-key\",", this_actor);
String.Append(scratch_buffer, "algorithm=\"rsa-sha256\",");
String.Append(scratch_buffer, "headers=\"(request-target) host date digest content-type\",");
String.Append(scratch_buffer, "signature=\"%s\"", computed_sig);
http_headers->set("Signature", scratch_buffer, JSON_STRING);
U8* fetch_buffer = CAlloc(HTTP_FETCH_BUFFER_SIZE, adam_task);
@http_response* resp = Http.Post(url, fetch_buffer, create_object_s, http_headers);
if (!resp) {
@slon_log(LOG_HTTPD, "Could not POST Accept, invalid response from remote server");
Free(fetch_buffer);
return;
}
while (resp->state != HTTP_STATE_DONE) {
Sleep(1);
}
AdamLog("code: %d\n", resp->status.code);
Free(fetch_buffer);
}
U0 @slon_activitypub_async_delete_status(JsonObject* status)
{
Sleep(2000);
U8 scratch_buffer[2048];
U8* dest = "https://techhub.social/users/ryeucrvtexw3/inbox";
U8* this_actor = StrNew(status->@("uri"), adam_task);
StrFind("/statuses/", this_actor)[0] = NULL;
JsonObject* delete_object = Json.CreateObject();
delete_object->set("@context", "https://www.w3.org/ns/activitystreams", JSON_STRING);
StrPrint(scratch_buffer, "%s#delete", status->@("uri"));
delete_object->set("id", scratch_buffer, JSON_STRING);
delete_object->set("type", "Delete", JSON_STRING);
delete_object->set("actor", this_actor, JSON_STRING);
delete_object->set("to", Json.Parse("[\"https://www.w3.org/ns/activitystreams#Public\"]"), JSON_ARRAY);
JsonObject* ts_object = Json.CreateObject();
ts_object->set("id", status->@("uri"), JSON_STRING);
ts_object->set("type", "Tombstone", JSON_STRING);
ts_object->set("atomUri", status->@("uri"), JSON_STRING);
delete_object->set("object", ts_object, JSON_OBJECT);
U8* delete_object_s = Json.Stringify(delete_object);
U8 content_hash[512];
calc_sha_256(content_hash, delete_object_s, StrLen(delete_object_s));
U8* computed_digest = @base64_encode(content_hash, 32);
JsonObject* http_headers = Json.CreateObject();
HttpUrl* url = @http_parse_url(dest);
CDateStruct ds;
Date2Struct(&ds, Now + 1043910000);
StrPrint(scratch_buffer, "%03tZ, %02d %03tZ %04d %02d:%02d:%02d GMT", ds.day_of_week, "ST_DAYS_OF_WEEK", ds.day_of_mon, ds.mon - 1, "ST_MONTHS",
ds.year, ds.hour, ds.min, ds.sec);
http_headers->set("Date", scratch_buffer, JSON_STRING);
StrPrint(scratch_buffer, "SHA-256=%s", computed_digest);
http_headers->set("Digest", scratch_buffer, JSON_STRING);
http_headers->set("Content-Type", "application/activity+json", JSON_STRING);
StrPrint(scratch_buffer, "");
String.Append(scratch_buffer, "(request-target): post %s\n", url->path);
String.Append(scratch_buffer, "host: %s\n", url->host);
String.Append(scratch_buffer, "date: %s\n", http_headers->@("Date"));
String.Append(scratch_buffer, "digest: %s\n", http_headers->@("Digest"));
String.Append(scratch_buffer, "content-type: %s", http_headers->@("Content-Type"));
AdamLog("headers_to_sign:\n```%s```\n", scratch_buffer);
calc_sha_256(content_hash, scratch_buffer, StrLen(scratch_buffer));
U8* user = StrFind("/users/", this_actor) + 7;
JsonObject* private_key_binary = db->o("private_keys_binary")->o(user);
if (!private_key_binary) {
I64 private_key_binary_size = 0;
private_key_binary = Json.CreateObject();
private_key_binary->set("data", @base64_decode(db->o("private_keys")->@(user), &private_key_binary_size), JSON_OBJECT);
private_key_binary->set("size", private_key_binary_size, JSON_NUMBER);
db->o("private_keys_binary")->set(user, private_key_binary, JSON_OBJECT);
}
I64 res;
// Import RSA key
U64 rsa_key = CAlloc(sizeof(U64) * 32, adam_task);
res = @rsa_import(private_key_binary->@("data"), private_key_binary->@("size"), rsa_key);
AdamLog("@rsa_import: res: %d\n", res);
U8 sig[256];
U64 siglen = 256;
res = @rsa_create_signature(sig, &siglen, content_hash, 32, rsa_key);
AdamLog("@rsa_create_signature: res: %d\n", res);
U8* computed_sig = @base64_encode(sig, 256);
StrCpy(scratch_buffer, "");
String.Append(scratch_buffer, "keyId=\"%s#main-key\",", this_actor);
String.Append(scratch_buffer, "algorithm=\"rsa-sha256\",");
String.Append(scratch_buffer, "headers=\"(request-target) host date digest content-type\",");
String.Append(scratch_buffer, "signature=\"%s\"", computed_sig);
http_headers->set("Signature", scratch_buffer, JSON_STRING);
U8* fetch_buffer = CAlloc(HTTP_FETCH_BUFFER_SIZE, adam_task);
@http_response* resp = Http.Post(url, fetch_buffer, delete_object_s, http_headers);
if (!resp) {
@slon_log(LOG_HTTPD, "Could not POST Accept, invalid response from remote server");
Free(fetch_buffer);
return;
}
while (resp->state != HTTP_STATE_DONE) {
Sleep(1);
}
AdamLog("code: %d\n", resp->status.code);
Free(fetch_buffer);
}
U0 @slon_activitypub_create_status_fedi(JsonObject* status)
{
Spawn(&@slon_activitypub_async_create_status, status, "SlonAsyncCreateTask");
}
U0 @slon_activitypub_delete_status_fedi(JsonObject* status)
{
Spawn(&@slon_activitypub_async_delete_status, status, "SlonAsyncDeleteTask");
}
@slon_api_status_create_fedi = &@slon_activitypub_create_status_fedi;
@slon_api_status_delete_fedi = &@slon_activitypub_delete_status_fedi;
U0 @slon_activitypub_users_inbox(SlonHttpSession* session, U8* user)
{
SLON_SCRATCH_BUFFER_AND_REQUEST_JSON
no_warn scratch_buffer;
I64 i;
JsonObject* account = @slon_api_account_by_username(user);
Bool already_following = FALSE;
JsonArray* followers = NULL;
JsonArray* statuses = NULL;
JsonObject* status = NULL;
if (!StrICmp("follow", request_json->@("type"))) {
if (!db->o("followers")->@(user)) {
db->o("followers")->set(user, Json.CreateArray(), JSON_ARRAY);
}
followers = db->o("followers")->a(user);
for (i = 0; i < followers->length; i++) {
if (!StrCmp(request_json->@("actor"), followers->@(i))) {
already_following = TRUE;
}
}
if (!already_following) {
followers->append(Json.CreateItem(request_json->@("actor"), JSON_STRING));
account->set("followers_count", account->@("followers_count") + 1);
@slon_db_save_to_disk;
}
}
if (!StrICmp("like", request_json->@("type"))) {
U8* status_id = StrFind("/", StrFind("/statuses/", request_json->@("object")) + 1) + 1;
statuses = db->o("statuses")->a(account->@("id"));
for (i = 0; i < statuses->length; i++) {
status = statuses->@(i);
if (!StrICmp(status_id, status->@("id"))) {
status->set("favourites_count", status->@("favourites_count") + 1);
break;
}
}
@slon_db_save_statuses_to_disk;
}
JsonObject* o = Json.CreateObject();
o->set("user", user, JSON_STRING);
o->set("request", Json.Clone(request_json), JSON_OBJECT);
Spawn(&@slon_activitypub_async_accept_request, o, "SlonAsyncAcceptTask");
@slon_http_set_status_code(session, 200);
return;
}
U0 @slon_activitypub_users_post(SlonHttpSession* session)
{
if (!@slon_activitypub_http_signature_is_valid(session)) {
@slon_http_set_status_code(session, 401);
return;
}
U8* path = @slon_strnew(session, @slon_http_request_path(session));
I64 path_segments_count = 0;
U8** path_segments = String.Split(path, '/', &path_segments_count);
if (path_segments_count < 3) {
@slon_http_set_status_code(session, 400);
goto slon_activitypub_users_post_return;
}
U8* user = path_segments[1];
JsonObject* actor = db->o("actors")->@(user);
if (!actor) {
@slon_http_set_status_code(session, 404);
goto slon_activitypub_users_post_return;
}
U8* method = path_segments[2];
if (!StrICmp("inbox", method)) {
@slon_activitypub_users_inbox(session, user);
goto slon_activitypub_users_post_return;
}
@slon_http_set_status_code(session, 404);
slon_activitypub_users_post_return:
@slon_free(session, path);
}

86
Slon/Modules/Api.HC Normal file
View file

@ -0,0 +1,86 @@
#define SLON_API_LOCAL_TIME_OFFSET 3550
#define SLON_AUTH_ACCOUNT_ID U8* account_id = Json.Get(session->auth, "account_id");
Bool @slon_api_authorized(SlonHttpSession* session)
{
return session->auth > 0;
}
U8* @slon_api_generate_random_hex_string(SlonHttpSession* session, I64 size)
{
U8* str = @slon_calloc(session, (size + 1) * 2);
I64 i;
for (i = 0; i < size; i++) {
String.Append(str, "%02x", RandU64 & 0xff);
}
return str;
}
U8* @slon_api_generate_unique_id(SlonHttpSession* session)
{
U8* unique_id = @slon_calloc(session, 64);
U64 id = ((CDate2Unix(Now) + SLON_API_LOCAL_TIME_OFFSET) * 1000) << 16;
id += RandU64 & 0xffff;
StrPrint(unique_id, "%d", id);
return unique_id;
}
U8* @slon_api_timestamp_from_cdate(SlonHttpSession* session, CDate* date)
{
CDateStruct ds;
Date2Struct(&ds, date);
U8* timestamp = @slon_calloc(session, 32);
StrPrint(timestamp, "%04d-%02d-%02dT%02d:%02d:%02d.000-05:00", ds.year, ds.mon, ds.day_of_mon, ds.hour, ds.min, ds.sec);
return timestamp;
}
Bool @slon_api_boolean_from_string(U8* s)
{
// https://docs.joinmastodon.org/client/intro/#boolean
// True-or-false (Booleans)
// A boolean value is considered false for the values 0, f, F, false, FALSE, off, OFF; considered to not be provided for empty strings;
// and considered to be true for all other values. When using JSON data, use the literals true, false, and null instead.
return !(!StrICmp("0", s) || !StrICmp("f", s) || !StrICmp("false", s) || !StrICmp("off", s));
}
JsonObject* @slon_api_account_by_email(U8* email)
{
if (!email || !StrLen(email))
return NULL;
JsonArray* accts = db->a("accounts");
I64 i;
for (i = 0; i < accts->length; i++) {
if (!StrICmp(accts->o(i)->@("email"), email)) {
return accts->o(i);
}
}
return NULL;
}
JsonObject* @slon_api_account_by_id(U8* id)
{
if (!id || !StrLen(id))
return NULL;
JsonArray* accts = db->a("accounts");
I64 i;
for (i = 0; i < accts->length; i++) {
if (!StrICmp(accts->o(i)->@("id"), id)) {
return accts->o(i);
}
}
return NULL;
}
JsonObject* @slon_api_account_by_username(U8* username)
{
if (!username || !StrLen(username))
return NULL;
JsonArray* accts = db->a("accounts");
I64 i;
for (i = 0; i < accts->length; i++) {
if (!StrICmp(accts->o(i)->@("username"), username)) {
return accts->o(i);
}
}
return NULL;
}

252
Slon/Modules/Db.HC Normal file
View file

@ -0,0 +1,252 @@
#define SLON_DB_PATH "A:/db"
JsonObject* db = Json.CreateObject();
U0 @slon_db_load_accounts_from_disk()
{
U8 scratch_buffer[256];
StrPrint(scratch_buffer, "%s/accounts.json", SLON_DB_PATH);
db->set("accounts", Json.ParseFile(scratch_buffer), JSON_ARRAY);
}
U0 @slon_db_load_actors_from_disk()
{
U8 scratch_buffer[256];
StrPrint(scratch_buffer, "%s/actors.json", SLON_DB_PATH);
db->set("actors", Json.ParseFile(scratch_buffer), JSON_OBJECT);
}
U0 @slon_db_load_apps_from_disk()
{
U8 scratch_buffer[256];
StrPrint(scratch_buffer, "%s/apps.json", SLON_DB_PATH);
db->set("apps", Json.ParseFile(scratch_buffer), JSON_OBJECT);
}
U0 @slon_db_load_instance_from_disk()
{
U8 scratch_buffer[256];
StrPrint(scratch_buffer, "%s/instance.json", SLON_DB_PATH);
db->set("instance", Json.ParseFile(scratch_buffer), JSON_OBJECT);
}
U0 @slon_db_load_oauth_from_disk()
{
U8 scratch_buffer[256];
StrPrint(scratch_buffer, "%s/oauth.json", SLON_DB_PATH);
db->set("oauth", Json.ParseFile(scratch_buffer), JSON_OBJECT);
}
U0 @slon_db_load_private_keys_from_disk()
{
U8 scratch_buffer[256];
StrPrint(scratch_buffer, "%s/private_keys.json", SLON_DB_PATH);
db->set("private_keys", Json.ParseFile(scratch_buffer), JSON_OBJECT);
}
U0 @slon_db_load_followers_from_disk()
{
JsonObject* followers = Json.CreateObject();
U8 scratch_buffer[256];
StrPrint(scratch_buffer, "%s/followers/*.json", SLON_DB_PATH);
CDirEntry* files = FilesFind(scratch_buffer);
CDirEntry* de = files;
JsonArray* follower_array = NULL;
while (de) {
follower_array = Json.ParseFile(de->full_name);
if (follower_array) {
StrFind(".json", de->name)[0] = NULL;
followers->set(de->name, follower_array, JSON_ARRAY);
}
de = de->next;
}
DirTreeDel(files);
db->set("followers", followers, JSON_OBJECT);
}
U0 @slon_db_load_statuses_from_disk()
{
JsonObject* statuses = Json.CreateObject();
U8 scratch_buffer[256];
StrPrint(scratch_buffer, "%s/statuses/*.json", SLON_DB_PATH);
CDirEntry* files = FilesFind(scratch_buffer);
CDirEntry* de = files;
JsonArray* status_array = NULL;
while (de) {
status_array = Json.ParseFile(de->full_name);
if (status_array) {
StrFind(".json", de->name)[0] = NULL;
statuses->set(de->name, status_array, JSON_ARRAY);
}
de = de->next;
}
DirTreeDel(files);
db->set("statuses", statuses, JSON_OBJECT);
}
U0 @slon_db_save_accounts_to_disk()
{
U8 scratch_buffer[256];
StrPrint(scratch_buffer, "%s/accounts.json", SLON_DB_PATH);
Json.DumpToFile(scratch_buffer, db->a("accounts"));
}
U0 @slon_db_save_actors_to_disk()
{
U8 scratch_buffer[256];
StrPrint(scratch_buffer, "%s/actors.json", SLON_DB_PATH);
Json.DumpToFile(scratch_buffer, db->o("actors"));
}
U0 @slon_db_save_apps_to_disk()
{
U8 scratch_buffer[256];
StrPrint(scratch_buffer, "%s/apps.json", SLON_DB_PATH);
Json.DumpToFile(scratch_buffer, db->o("apps"));
}
U0 @slon_db_save_instance_to_disk()
{
U8 scratch_buffer[256];
StrPrint(scratch_buffer, "%s/instance.json", SLON_DB_PATH);
Json.DumpToFile(scratch_buffer, db->o("instance"));
}
U0 @slon_db_save_oauth_to_disk()
{
U8 scratch_buffer[256];
StrPrint(scratch_buffer, "%s/oauth.json", SLON_DB_PATH);
Json.DumpToFile(scratch_buffer, db->o("oauth"));
}
U0 @slon_db_save_private_keys_to_disk()
{
U8 scratch_buffer[256];
StrPrint(scratch_buffer, "%s/private_keys.json", SLON_DB_PATH);
Json.DumpToFile(scratch_buffer, db->o("private_keys"));
}
U0 @slon_db_save_followers_to_disk()
{
U8 scratch_buffer[256];
JsonKey* key = db->o("followers")->keys;
while (key) {
StrPrint(scratch_buffer, "%s/followers/%s.json", SLON_DB_PATH, key->name);
Json.DumpToFile(scratch_buffer, key->value);
key = key->next;
}
}
U0 @slon_db_save_statuses_to_disk()
{
U8 scratch_buffer[256];
JsonKey* key = db->o("statuses")->keys;
while (key) {
StrPrint(scratch_buffer, "%s/statuses/%s.json", SLON_DB_PATH, key->name);
Json.DumpToFile(scratch_buffer, key->value);
key = key->next;
}
}
U0 @slon_db_save_to_disk()
{
@slon_db_save_accounts_to_disk();
@slon_db_save_actors_to_disk();
@slon_db_save_apps_to_disk();
@slon_db_save_followers_to_disk();
@slon_db_save_instance_to_disk();
@slon_db_save_oauth_to_disk();
@slon_db_save_private_keys_to_disk();
@slon_db_save_statuses_to_disk();
}
U0 @slon_db_load_from_defaults()
{
db->set("accounts", Json.CreateArray(), JSON_ARRAY);
db->set("actors", Json.CreateObject(), JSON_OBJECT);
db->set("apps", Json.CreateObject(), JSON_OBJECT);
db->set("idempotency_keys", Json.CreateObject(), JSON_OBJECT);
db->set("private_keys", Json.CreateObject(), JSON_OBJECT);
db->set("private_keys_binary", Json.CreateObject(), JSON_OBJECT);
db->set("public_keys", Json.CreateObject(), JSON_OBJECT);
db->set("followers", Json.CreateObject(), JSON_OBJECT);
db->set("instance", Json.ParseFile("M:/Slon/Static/defaults/instance.json"), JSON_OBJECT);
db->set("statuses", Json.CreateObject(), JSON_OBJECT);
JsonObject* oauth = Json.CreateObject();
oauth->set("codes", Json.CreateObject(), JSON_OBJECT);
oauth->set("requests", Json.CreateObject(), JSON_OBJECT);
oauth->set("responses", Json.CreateObject(), JSON_OBJECT);
oauth->set("tokens", Json.CreateObject(), JSON_OBJECT);
db->set("oauth", oauth, JSON_OBJECT);
db->set("setup", FALSE, JSON_BOOLEAN);
}
U0 @slon_db_load_from_disk()
{
@slon_db_load_accounts_from_disk();
@slon_db_load_actors_from_disk();
@slon_db_load_apps_from_disk();
db->set("idempotency_keys", Json.CreateObject(), JSON_OBJECT);
@slon_db_load_private_keys_from_disk();
db->set("private_keys_binary", Json.CreateObject(), JSON_OBJECT);
db->set("public_keys", Json.CreateObject(), JSON_OBJECT);
@slon_db_load_followers_from_disk();
@slon_db_load_instance_from_disk();
@slon_db_load_oauth_from_disk();
@slon_db_load_statuses_from_disk();
db->set("setup", TRUE, JSON_BOOLEAN);
}
U0 @slon_db_instance_update_user_count()
{
JsonObject* stats = db->o("instance")->o("stats");
stats->set("user_count", db->a("accounts")->length);
}
U0 @slon_db_instance_decrement_status_count()
{
JsonObject* stats = db->o("instance")->o("stats");
stats->set("status_count", MaxI64(0, stats->@("status_count") - 1));
}
U0 @slon_db_instance_increment_status_count()
{
JsonObject* stats = db->o("instance")->o("stats");
stats->set("status_count", stats->@("status_count") + 1);
}
U0 @slon_db_actors_update_user(JsonObject* acct)
{
JsonObject* actors = db->o("actors");
JsonObject* actor = actors->o(acct->@("username"));
if (!actor) {
// FIXME: Handle this error
return;
}
actor->set("name", acct->@("display_name"));
actor->set("summary", acct->@("note"));
JsonObject* icon = actor->o("icon");
icon->set("url", acct->@("avatar"));
actor->set("attachment", acct->@("fields"));
@slon_db_save_actors_to_disk;
}
U0 @slon_db_init()
{
if (FileFind(SLON_DB_PATH)) {
@slon_log(LOG_DB, "loading db from disk");
@slon_db_load_from_disk;
} else {
@slon_log(LOG_DB, "no db found; loading defaults");
@slon_db_load_from_defaults;
}
}
@slon_db_init;
JsonArray* SLON_EMPTY_JSON_ARRAY = Json.CreateArray();
JsonObject* SLON_EMPTY_JSON_OBJECT = Json.CreateObject();
JsonObject* SLON_DEFAULT_ACCT_OBJECT = Json.ParseFile("M:/Slon/Static/defaults/account.json");
JsonObject* SLON_DEFAULT_ACTOR_OBJECT = Json.ParseFile("M:/Slon/Static/defaults/actor.json");

249
Slon/Modules/Http.HC Normal file
View file

@ -0,0 +1,249 @@
#define SLON_HTTP_BUFFER_SIZE 1048576
#define SLON_HTTP_VERB_DELETE 1
#define SLON_HTTP_VERB_GET 2
#define SLON_HTTP_VERB_OPTIONS 3
#define SLON_HTTP_VERB_PATCH 4
#define SLON_HTTP_VERB_POST 5
#define SLON_MULTIPART_PARSER_CONSUME_BOUNDARY 0
#define SLON_MULTIPART_PARSER_CONSUME_CONTENT_DISPOSITION 1
#define SLON_MULTIPART_PARSER_CONSUME_CONTENT 2
#define SLON_MULTIPART_PARSER_DONE 3
#define SLON_SCRATCH_BUFFER_AND_REQUEST_JSON \
U8 scratch_buffer[256]; \
JsonObject* request_json = @slon_http_request_json(session);
#define SLON_DEBUG_PRINT_REQUEST_JSON \
JsonObject* request_json = @slon_http_request_json(session); \
U8* request_json_str = Json.Stringify(request_json); \
AdamLog("request_json: %s\n", request_json_str); \
Free(request_json_str);
JsonObject* SLON_HTTP_STATUS_CODES = Json.ParseFile("M:/Slon/Settings/status_codes.json");
class SlonHttpBuffer {
U8* data;
I64 size;
I64 capacity;
};
class SlonHttpRequest {
SlonHttpBuffer* buffer;
JsonObject* headers;
JsonObject* json;
U8* data;
I64 size;
U8* verb;
U8* raw_path;
U8* path;
Bool headers_have_been_parsed;
};
class SlonHttpResponse {
SlonHttpBuffer* buffer;
JsonObject* headers;
U8* data;
I64 size;
I64 status_code;
};
class SlonHttpSession {
U64 s;
SlonHttpRequest* request;
SlonHttpResponse* response;
I64 bytes_used;
JsonObject* auth;
};
U64 @slon_calloc(SlonHttpSession* session, I64 size)
{
if (!session || !size)
return NULL;
U64 res = CAlloc(size, adam_task);
session->bytes_used += MSize2(res);
// AdamLog("@slon_calloc: requested %d, total used: %d\n", MSize2(res), session->bytes_used);
return res;
}
U0 @slon_free(SlonHttpSession* session, U64 ptr)
{
if (!session || !ptr)
return;
session->bytes_used -= MSize2(ptr);
// AdamLog("@slon_free: freed %d, total used: %d\n", MSize2(ptr), session->bytes_used);
Free(ptr);
}
U64 @slon_malloc(SlonHttpSession* session, I64 size)
{
if (!session || !size)
return NULL;
U64 res = MAlloc(size, adam_task);
session->bytes_used += MSize2(res);
// AdamLog("@slon_malloc: requested %d, total used: %d\n", MSize2(res), session->bytes_used);
return res;
}
U8* @slon_strnew(SlonHttpSession* session, U8* str)
{
if (!session || !str)
return NULL;
U8* new = StrNew(str, adam_task);
session->bytes_used += MSize2(new);
// AdamLog("@slon_strnew: requested %d, total used: %d\n", MSize2(new), session->bytes_used);
// AdamLog("@slon_strnew: %s\n", new);
return new;
}
U8* @slon_http_decode_urlencoded_string(SlonHttpSession* session, U8* str)
{
if (!StrFind("%", str) && !StrFind("+", str)) {
return @slon_strnew(session, str);
}
U8* decoded_string = @slon_calloc(session, StrLen(str));
I64 i = 0;
I64 j;
U32 code_point;
while (i < StrLen(str)) {
if (str[i] == '%') {
code_point = 0;
for (j = 2; j > 0; j--) {
if (str[i + j] >= '0' && str[i + j] <= '9')
code_point += (@t(j == 1, 16, 1) * (str[i + j] - '0'));
if (str[i + j] >= 'A' && str[i + j] <= 'F')
code_point += (@t(j == 1, 16, 1) * (10 + (str[i + j] - 'A')));
if (str[i + j] >= 'a' && str[i + j] <= 'f')
code_point += (@t(j == 1, 16, 1) * (10 + (str[i + j] - 'a')));
}
String.Append(decoded_string, "%c", code_point);
i += 3;
} else if (str[i] == '+') {
String.Append(decoded_string, " ");
i++;
} else {
String.Append(decoded_string, "%c", str[i]);
i++;
}
}
return decoded_string;
}
JsonObject* @slon_http_request_json(SlonHttpSession* session)
{
if (!session->request->json)
return SLON_EMPTY_JSON_OBJECT;
return session->request->json;
}
U0 @slon_http_set_header(SlonHttpSession* session, U8* key, U8* value)
{
Json.Set(session->response->headers, key, value, JSON_STRING);
}
U0 @slon_http_set_content_type(SlonHttpSession* session, U8* value)
{
@slon_http_set_header(session, "content-type", value);
}
U0 @slon_http_set_status_code(SlonHttpSession* session, I64 status_code)
{
session->response->status_code = status_code;
}
U0 @slon_http_send_ap_json(SlonHttpSession* session, U64 json)
{
// a stringified copy of "json" is created, a strnew is sent, we clean up stringified copy, sender cleans up "json"
@slon_http_set_status_code(session, 200);
@slon_http_set_content_type(session, "application/activity+json; charset=utf-8");
U8* json_string = Json.Stringify(json);
session->response->data = @slon_strnew(session, json_string);
session->response->size = StrLen(session->response->data);
Free(json_string);
}
U0 @slon_http_send_json(SlonHttpSession* session, U64 json)
{
// a stringified copy of "json" is created, a strnew is sent, we clean up stringified copy, sender cleans up "json"
@slon_http_set_status_code(session, 200);
@slon_http_set_content_type(session, "application/json; charset=utf-8");
U8* json_string = Json.Stringify(json);
session->response->data = @slon_strnew(session, json_string);
session->response->size = StrLen(session->response->data);
Free(json_string);
}
U0 @slon_http_send_string(SlonHttpSession* session, U8* str)
{
// a strnew of "str" is sent, sender cleans up "str"
@slon_http_set_status_code(session, 200);
session->response->data = @slon_strnew(session, str);
session->response->size = StrLen(str);
}
U0 @slon_http_send(SlonHttpSession* session, U64 data, I64 size)
{
// a malloc copy of "data" is sent, sender cleans up "data"
@slon_http_set_status_code(session, 200);
U8* data_new = @slon_malloc(session, size);
MemCpy(data_new, data, size);
session->response->data = data_new;
session->response->size = size;
}
U0 @slon_http_send_file(SlonHttpSession* session, U8* path)
{
if (!session || !path)
return;
if (!FileFind(path))
return;
I64 size = 0;
U8* data = FileRead(path, &size);
@slon_http_send(session, data, size);
Free(data);
}
U0 @slon_http_send_html_file(SlonHttpSession* session, U8* path)
{
@slon_http_set_content_type(session, "text/html");
@slon_http_send_file(session, path);
}
U0 @slon_http_send_json_file(SlonHttpSession* session, U8* path, U8* content_type = "application/json; charset=utf-8")
{
@slon_http_set_content_type(session, content_type);
@slon_http_send_file(session, path);
}
U8* @slon_http_request_path(SlonHttpSession* session)
{
return session->request->path;
}
I64 @slon_http_request_verb(SlonHttpSession* session)
{
if (!StrCmp(session->request->verb, "DELETE"))
return SLON_HTTP_VERB_DELETE;
if (!StrCmp(session->request->verb, "GET"))
return SLON_HTTP_VERB_GET;
if (!StrCmp(session->request->verb, "OPTIONS"))
return SLON_HTTP_VERB_OPTIONS;
if (!StrCmp(session->request->verb, "PATCH"))
return SLON_HTTP_VERB_PATCH;
if (!StrCmp(session->request->verb, "POST"))
return SLON_HTTP_VERB_POST;
return 999;
}
U8* @slon_http_request_header(SlonHttpSession* session, U8* key)
{
U64 value = Json.Get(session->request->headers, key);
if (!value)
return "";
return value;
}
Bool @slon_http_request_has_query_string(SlonHttpSession* session)
{
return StrFind("?", session->request->raw_path) > 0 && !String.EndsWith("?", session->request->raw_path);
}

22
Slon/Modules/Log.HC Normal file
View file

@ -0,0 +1,22 @@
#define LOG_DB 100
#define LOG_HTTPD 101
U0 @slon_log(I64 module, U8* fmt, ...)
{
CDateStruct ds;
Date2Struct(&ds, Now);
AdamLog("[%02d:%02d]", ds.hour, ds.min);
switch (module) {
case LOG_DB:
AdamLog("[ slon/db] ");
break;
case LOG_HTTPD:
AdamLog("[slon/httpd] ");
break;
default:
AdamLog("[ slon/misc] ");
break;
}
AdamLog(fmt, argc, argv);
AdamLog("\n");
}

9
Slon/Modules/Meta.HC Normal file
View file

@ -0,0 +1,9 @@
U0 @slon_host_meta(SlonHttpSession* session)
{
SLON_SCRATCH_BUFFER_AND_REQUEST_JSON
no_warn request_json;
StrPrint(scratch_buffer, "<?xml version=\"1.0\" encoding=\"UTF-8\"?><XRD xmlns=\"http://docs.oasis-open.org/ns/xri/xrd-1.0\"><Link rel=\"lrdd\" template=\"https://%s/.well-known/webfinger?resource={uri}\"/></XRD>", db->o("instance")->@("uri"));
@slon_http_set_content_type(session, "application/xrd+xml; charset=utf-8");
@slon_http_send_string(session, scratch_buffer);
}

192
Slon/Modules/OAuth.HC Normal file
View file

@ -0,0 +1,192 @@
#define SLON_OAUTH_USERINFO_URL "https://app.simplelogin.io/oauth2/userinfo?access_token="
U0 @slon_oauth_well_known(SlonHttpSession* session)
{
SLON_SCRATCH_BUFFER_AND_REQUEST_JSON
no_warn request_json;
StrPrint(scratch_buffer, "{\"issuer\":\"https://%s\",\"authorization_endpoint\":\"https://%s/oauth/authorize\",\"response_types_supported\":[\"code\"],\"app_registration_endpoint\":\"https://%s/api/v1/apps\"}",
db->o("instance")->@("uri"), db->o("instance")->@("uri"), db->o("instance")->@("uri"));
@slon_http_set_content_type(session, "application/json; charset=utf-8");
@slon_http_send_string(session, scratch_buffer);
}
U0 @slon_oauth_fetch_token(U8* client_id)
{
if (!client_id || !StrLen(client_id))
return;
U8 url_string[256];
JsonObject* oauth_request = db->o("oauth")->o("requests")->@(client_id);
if (!oauth_request)
return;
U8* access_token = oauth_request->@("access_token");
if (!access_token) {
return;
}
U8* fetch_buffer = CAlloc(HTTP_FETCH_BUFFER_SIZE, adam_task);
StrPrint(url_string, "%s%s", SLON_OAUTH_USERINFO_URL, access_token);
@http_response* resp = fetch(url_string, fetch_buffer);
if (!resp)
goto oauth_free_and_return;
if (resp->body.length) {
// POSIX people think JSON should end with a new line, and the Jakt parser disagrees :^)
while (resp->body.data[StrLen(resp->body.data) - 1] == '\n')
resp->body.data[StrLen(resp->body.data) - 1] = NULL;
JsonObject* response = Json.Parse(resp->body.data);
db->o("oauth")->o("responses")->set(client_id, response, JSON_OBJECT);
}
// FIXME: Free resp
oauth_free_and_return:
Free(fetch_buffer);
Free(client_id);
}
U0 @async_slon_oauth_fetch_token(U8* client_id)
{
Spawn(&@slon_oauth_fetch_token, StrNew(client_id, adam_task), "OauthFetchTokenTask");
}
U8* @slon_oauth_generate_access_token(SlonHttpSession* session)
{
return @slon_api_generate_random_hex_string(session, 16);
}
U8* @slon_oauth_generate_authorization_code(SlonHttpSession* session)
{
return @slon_api_generate_random_hex_string(session, 16);
}
U0 @slon_oauth_verify_access_get(SlonHttpSession* session)
{
SLON_SCRATCH_BUFFER_AND_REQUEST_JSON
U8* client_id = request_json->@("client_id");
U8* redirect_uri = request_json->@("redirect_uri");
JsonObject* app_object = db->o("apps")->@(client_id);
// If client_id or redirect_uri are empty, or if client app doesn't exist, Bad Request
if (!StrLen(client_id) || !StrLen(redirect_uri) || !app_object) {
@slon_http_set_status_code(session, 400);
return;
}
U8* client_secret = app_object->@("client_secret");
JsonObject* userinfo = db->o("oauth")->o("responses")->@(client_id);
if (userinfo) {
// If a userinfo with the client_id exists, read the userinfo Object.
U8* email = userinfo->@("email");
if (email && StrLen(email)) {
JsonObject* acct = @slon_api_account_by_email(email);
if (acct) {
// If the account exists,
// create a token that points to the account
U8* access_token = NULL;
Bool access_token_exists = TRUE;
while (access_token_exists) {
if (access_token) {
@slon_free(session, access_token);
}
access_token = @slon_oauth_generate_access_token(session);
access_token_exists = db->o("oauth")->o("tokens")->@(access_token) > 0;
}
I64 created_at = ToF64(CDate2Unix(Now));
JsonObject* token_object = Json.CreateObject();
token_object->set("access_token", access_token, JSON_STRING);
token_object->set("token_type", "Bearer", JSON_STRING);
token_object->set("scope", "read write follow push", JSON_STRING);
token_object->set("created_at", created_at, JSON_NUMBER);
token_object->set("account_id", acct->@("id"), JSON_STRING);
token_object->set("client_id", client_id, JSON_STRING);
token_object->set("email", email, JSON_STRING);
db->o("oauth")->o("tokens")->set(access_token, token_object, JSON_OBJECT);
// FIXME: We need to commit this to disk eventually? but not immediately
U8* authorization_code = NULL;
Bool authorization_code_exists = TRUE;
while (authorization_code_exists) {
if (authorization_code) {
@slon_free(session, authorization_code);
}
authorization_code = @slon_oauth_generate_authorization_code(session);
authorization_code_exists = db->o("oauth")->o("codes")->@(authorization_code) > 0;
}
JsonObject* code_object = Json.CreateObject();
code_object->set("access_token", access_token, JSON_STRING);
code_object->set("token_type", "Bearer", JSON_STRING);
code_object->set("scope", "read write follow push", JSON_STRING);
code_object->set("created_at", created_at, JSON_NUMBER);
code_object->set("account_id", acct->@("id"), JSON_STRING);
code_object->set("client_id", client_id, JSON_STRING);
code_object->set("client_secret", client_secret, JSON_STRING);
code_object->set("email", email, JSON_STRING);
db->o("oauth")->o("codes")->set(authorization_code, code_object, JSON_OBJECT);
@slon_db_save_oauth_to_disk;
StrPrint(scratch_buffer, "%s?code=%s", redirect_uri, authorization_code);
JsonObject* redirect_uri_object = Json.CreateObject();
redirect_uri_object->set("redirect_uri", scratch_buffer, JSON_STRING);
@slon_http_send_json(session, redirect_uri_object);
Json.Delete(redirect_uri_object);
@slon_free(session, authorization_code);
@slon_free(session, access_token);
} else {
// If the account does not exist, return Not Found
@slon_http_set_status_code(session, 404);
}
} else {
// Response doesn't contain an email, therefore user is Unauthorized.
@slon_http_set_status_code(session, 401);
}
return;
} else {
if (!db->o("oauth")->o("requests")->@(client_id)) {
// If a request with the client_id does not exist, create one, and spawn a fetch() instance to retrieve the OAuth2 token.
db->o("oauth")->o("requests")->set(client_id, request_json, JSON_OBJECT);
@async_slon_oauth_fetch_token(client_id);
}
@slon_http_set_status_code(session, 202);
}
Json.Delete(app_object);
}
U0 @slon_oauth_token_post(SlonHttpSession* session)
{
SLON_SCRATCH_BUFFER_AND_REQUEST_JSON
no_warn scratch_buffer;
U8* client_id = request_json->@("client_id");
U8* client_secret = request_json->@("client_secret");
U8* code = request_json->@("code");
JsonObject* code_object = db->o("oauth")->o("codes")->@(code);
if (!StrLen(client_id) || !StrLen(client_secret) || !code_object) {
// If client_id is empty, or client_secret is empty, or the code doesn't exist, it's a Bad Request.
@slon_http_set_status_code(session, 400);
return;
}
U8* access_token = code_object->@("access_token");
if (!StrCmp(client_id, code_object->@("client_id")) && !StrCmp(client_secret, code_object->@("client_secret"))) {
JsonObject* token = db->o("oauth")->o("tokens")->@(access_token);
if (token) {
@slon_http_send_json(session, token);
} else {
// If the token doesn't exist, Page Expired?
@slon_http_set_status_code(session, 419);
}
} else {
// If client_id and client_secret do not match, it's Unauthorized
@slon_http_set_status_code(session, 401);
}
Json.Delete(code_object);
}

42
Slon/Modules/Web.HC Normal file
View file

@ -0,0 +1,42 @@
U0 @slon_web_user_get(SlonHttpSession* session)
{
SLON_SCRATCH_BUFFER_AND_REQUEST_JSON
no_warn scratch_buffer, request_json;
I64 path_segments_count = 0;
U8** path_segments = String.Split(StrFind("@", @slon_http_request_path(session)) + 1, '/', &path_segments_count);
U8* user = path_segments[0];
if (path_segments_count == 1) {
JsonObject* actor = db->o("actors")->@(user);
if (!actor) {
@slon_http_set_status_code(session, 404);
goto slon_web_user_get_return;
}
// gib profil pl0x
I64 html_file_size;
U8* html_file_data = FileRead("M:/Slon/Static/html/user.html", &html_file_size);
U8* user_file_data = Json.Stringify(actor);
U8* html_data = @slon_calloc(session, (html_file_size * 2) + (StrLen(user_file_data) * 2));
String.Append(html_data, html_file_data);
String.Append(html_data, "<script>getStatuses(");
String.Append(html_data, user_file_data);
String.Append(html_data, ");</script>");
@slon_http_set_content_type(session, "text/html");
@slon_http_send(session, html_data, StrLen(html_data));
Free(html_file_data);
Free(user_file_data);
@slon_free(session, html_data);
goto slon_web_user_get_return;
} else {
// do something here (statuses, followers, media, etc.)
@slon_http_set_status_code(session, 404);
}
slon_web_user_get_return:
Free(path_segments);
}

39
Slon/Modules/Webfinger.HC Normal file
View file

@ -0,0 +1,39 @@
U0 @slon_webfinger(SlonHttpSession* session)
{
SLON_SCRATCH_BUFFER_AND_REQUEST_JSON
U8* resource = request_json->@("resource");
StrPrint(scratch_buffer, "@%s", db->o("instance")->@("uri"));
if (resource && String.BeginsWith("acct:", resource) && String.EndsWith(scratch_buffer, resource)) {
resource = StrFind(":", resource) + 1;
StrFind("@", resource)[0] = NULL;
if (db->o("actors")->@(resource)) {
JsonObject* webfinger_object = Json.CreateObject();
StrPrint(scratch_buffer, "acct:%s@%s", resource, db->o("instance")->@("uri"));
webfinger_object->set("subject", scratch_buffer, JSON_STRING);
JsonArray* aliases = Json.CreateArray();
StrPrint(scratch_buffer, "https://%s/@%s", db->o("instance")->@("uri"), resource);
aliases->append(Json.CreateItem(scratch_buffer, JSON_STRING));
StrPrint(scratch_buffer, "https://%s/users/%s", db->o("instance")->@("uri"), resource);
aliases->append(Json.CreateItem(scratch_buffer, JSON_STRING));
webfinger_object->set("aliases", aliases, JSON_ARRAY);
JsonArray* links = Json.CreateArray();
JsonObject* link_object = Json.CreateObject();
link_object->set("rel", "self", JSON_STRING);
link_object->set("type", "application/activity+json", JSON_STRING);
StrPrint(scratch_buffer, "https://%s/users/%s", db->o("instance")->@("uri"), resource);
link_object->set("href", scratch_buffer, JSON_STRING);
links->append(Json.CreateItem(link_object, JSON_OBJECT));
webfinger_object->set("links", links, JSON_ARRAY);
@slon_http_send_json(session, webfinger_object);
Json.Delete(webfinger_object);
} else {
@slon_http_set_status_code(session, 404);
}
} else {
@slon_http_set_status_code(session, 400);
}
}