slon-project/slon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Slon/Modules/ActivityPub: Deduplicate signed requests into @slon_activitypub_signed_request

Browse source
This commit is contained in:
Alec Murphy 2025-02-22 19:25:23 -05:00
parent 500a3115cc
commit a9f5a1de0c
4 changed files with 143 additions and 294 deletions
Download patch file Download diff file Expand all files Collapse all files

89
Slon/Api/V1/Accounts.HC
View file

@ -1,8 +1,8 @@
U0 (*@slon_api_follow_fedi)(JsonObject* follow) = NULL;
U0 @slon_api_v1_accounts_follow_request(U8* this_actor, U8* remote_actor)
{
U8 scratch_buffer[2048];
U8 scratch_buffer[1024];
StrPrint(scratch_buffer, "%s/follow/%d", this_actor, Now);
JsonObject* follow_object = Json.CreateObject();
follow_object->set("@context", "https://www.w3.org/ns/activitystreams", JSON_STRING);
@ -10,86 +10,11 @@ U0 @slon_api_v1_accounts_follow_request(U8* this_actor, U8* remote_actor)
follow_object->set("type", "Follow", JSON_STRING);
follow_object->set("actor", this_actor, JSON_STRING);
follow_object->set("object", remote_actor, JSON_STRING);
U8* follow_object_s = Json.Stringify(follow_object);
U8 content_hash[512];
calc_sha_256(content_hash, follow_object_s, StrLen(follow_object_s));
U8* computed_digest = @base64_encode(content_hash, 32);
JsonObject* http_headers = Json.CreateObject();
StrPrint(scratch_buffer, "%s/inbox", remote_actor);
HttpUrl* url = @http_parse_url(scratch_buffer);
CDateStruct ds;
Date2Struct(&ds, Now + 1043910000);
StrPrint(scratch_buffer, "%03tZ, %02d %03tZ %04d %02d:%02d:%02d GMT", ds.day_of_week, "ST_DAYS_OF_WEEK", ds.day_of_mon, ds.mon - 1, "ST_MONTHS",
ds.year, ds.hour, ds.min, ds.sec);
http_headers->set("Date", scratch_buffer, JSON_STRING);
StrPrint(scratch_buffer, "SHA-256=%s", computed_digest);
http_headers->set("Digest", scratch_buffer, JSON_STRING);
http_headers->set("Content-Type", "application/activity+json", JSON_STRING);
StrPrint(scratch_buffer, "");
String.Append(scratch_buffer, "(request-target): post %s\n", url->path);
String.Append(scratch_buffer, "host: %s\n", url->host);
String.Append(scratch_buffer, "date: %s\n", http_headers->@("Date"));
String.Append(scratch_buffer, "digest: %s\n", http_headers->@("Digest"));
String.Append(scratch_buffer, "content-type: %s", http_headers->@("Content-Type"));
AdamLog("headers_to_sign:\n```%s```\n", scratch_buffer);
calc_sha_256(content_hash, scratch_buffer, StrLen(scratch_buffer));
U8* user = StrFind("/users/", this_actor) + 7;
JsonObject* private_key_binary = db->o("private_keys_binary")->o(user);
if (!private_key_binary) {
I64 private_key_binary_size = 0;
private_key_binary = Json.CreateObject();
private_key_binary->set("data", @base64_decode(db->o("private_keys")->@(user), &private_key_binary_size), JSON_OBJECT);
private_key_binary->set("size", private_key_binary_size, JSON_NUMBER);
db->o("private_keys_binary")->set(user, private_key_binary, JSON_OBJECT);
if (@slon_api_follow_fedi) {
@slon_api_follow_fedi(follow_object);
} else {
Json.Delete(follow_object);
}
I64 res;
// Import RSA key
U64 rsa_key = CAlloc(sizeof(U64) * 32, adam_task);
res = @rsa_import(private_key_binary->@("data"), private_key_binary->@("size"), rsa_key);
AdamLog("@rsa_import: res: %d\n", res);
U8 sig[256];
U64 siglen = 256;
res = @rsa_create_signature(sig, &siglen, content_hash, 32, rsa_key);
AdamLog("@rsa_create_signature: res: %d\n", res);
U8* computed_sig = @base64_encode(sig, 256);
StrCpy(scratch_buffer, "");
String.Append(scratch_buffer, "keyId=\"%s#main-key\",", this_actor);
String.Append(scratch_buffer, "algorithm=\"rsa-sha256\",");
String.Append(scratch_buffer, "headers=\"(request-target) host date digest content-type\",");
String.Append(scratch_buffer, "signature=\"%s\"", computed_sig);
http_headers->set("Signature", scratch_buffer, JSON_STRING);
U8* fetch_buffer = CAlloc(HTTP_FETCH_BUFFER_SIZE, adam_task);
@http_response* resp = Http.Post(url, fetch_buffer, follow_object_s, http_headers);
if (!resp) {
@slon_log(LOG_HTTPD, "Could not POST Accept, invalid response from remote server");
Free(fetch_buffer);
return;
}
while (resp->state != HTTP_STATE_DONE) {
Sleep(1);
}
AdamLog("code: %d\n", resp->status.code);
Free(fetch_buffer);
}
U0 @slon_api_v1_accounts_post(SlonHttpSession* session)

18
Slon/Api/V2/Search.HC
View file

@ -3,6 +3,8 @@ JsonObject* @slon_api_v2_search_remote_account_from_webfinger(SlonHttpSession* s
SLON_SCRATCH_BUFFER_AND_REQUEST_JSON
no_warn request_json;
SLON_AUTH_ACCOUNT_ID
I64 i;
Bool tld_is_valid = FALSE;
for (i = 0; i < SLON_TLDS->length; i++) {
@ -76,14 +78,9 @@ JsonObject* @slon_api_v2_search_remote_account_from_webfinger(SlonHttpSession* s
}
// We have the remote actor uri, let's fetch and create a local account
url = @http_parse_url(remote_actor);
if (!url) {
@slon_log(LOG_HTTPD, "Could not fetch actor, malformed url or unspecified error");
return NULL;
}
fetch_buffer = CAlloc(HTTP_FETCH_BUFFER_SIZE, adam_task);
resp = Http.Get(url, fetch_buffer, NULL, http_headers);
U8* signatory = db->o("actors")->o(@slon_api_account_by_id(account_id)->@("username"))->@("id");
resp = @slon_activitypub_signed_request(remote_actor, fetch_buffer, NULL, SLON_HTTP_VERB_GET, signatory);
if (!resp) {
@slon_log(LOG_HTTPD, "Could not fetch actor, invalid response from remote server");
@ -91,18 +88,12 @@ JsonObject* @slon_api_v2_search_remote_account_from_webfinger(SlonHttpSession* s
return NULL;
}
while (resp->state != HTTP_STATE_DONE) {
Sleep(1);
}
if (!resp->body.length) {
@slon_log(LOG_HTTPD, "Could not fetch actor, empty response from remote server");
Free(fetch_buffer);
return NULL;
}
Free(fetch_buffer);
JsonObject* actor_object = Json.Parse(resp->body.data);
U8* id = @slon_api_generate_unique_id(session);
@ -147,6 +138,7 @@ JsonObject* @slon_api_v2_search_remote_account_from_webfinger(SlonHttpSession* s
@slon_free(session, created_at);
@slon_free(session, id);
Free(fetch_buffer);
return account;
}