mirror of
https://git.joinplu.me/Plume/Plume.git
synced 2024-11-25 04:51:27 +00:00
Implement Signer for Instance
This commit is contained in:
parent
34b8fd83c1
commit
6e4def4cc5
2 changed files with 109 additions and 58 deletions
|
@ -9,11 +9,21 @@ use crate::{
|
|||
use activitypub::{actor::Service, CustomObject};
|
||||
use chrono::NaiveDateTime;
|
||||
use diesel::{self, ExpressionMethods, QueryDsl, RunQueryDsl};
|
||||
use openssl::{
|
||||
hash::MessageDigest,
|
||||
pkey::{PKey, Private},
|
||||
rsa::Rsa,
|
||||
sign,
|
||||
};
|
||||
use plume_common::{
|
||||
activity_pub::{sign::gen_keypair, ApSignature, PublicKey},
|
||||
activity_pub::{
|
||||
sign::{gen_keypair, Signer},
|
||||
ApSignature, PublicKey,
|
||||
},
|
||||
utils::md_to_html,
|
||||
};
|
||||
use std::sync::RwLock;
|
||||
use tracing::warn;
|
||||
|
||||
pub type CustomService = CustomObject<ApSignature, Service>;
|
||||
|
||||
|
@ -270,13 +280,26 @@ impl Instance {
|
|||
.map_err(Error::from)
|
||||
}
|
||||
|
||||
pub fn get_keypair(&self) -> Result<PKey<Private>> {
|
||||
PKey::from_rsa(Rsa::private_key_from_pem(
|
||||
self.private_key.clone()?.as_ref(),
|
||||
)?)
|
||||
.map_err(Error::from)
|
||||
}
|
||||
|
||||
/// This is experimental and might change in the future.
|
||||
/// Currently "!" sign is used but it's not decided.
|
||||
pub fn ap_url(&self) -> String {
|
||||
ap_url(&format!(
|
||||
"{}/!/{}",
|
||||
Self::get_local().unwrap().public_domain,
|
||||
self.public_domain
|
||||
))
|
||||
}
|
||||
|
||||
pub fn to_activity(&self) -> Result<CustomService> {
|
||||
let mut actor = Service::default();
|
||||
let id = ap_url(&format!(
|
||||
"{}/!/{}",
|
||||
Self::get_local()?.public_domain,
|
||||
self.public_domain
|
||||
));
|
||||
let id = self.ap_url();
|
||||
actor.object_props.set_id_string(id.clone())?;
|
||||
actor.object_props.set_name_string(self.name.clone())?;
|
||||
|
||||
|
@ -324,6 +347,34 @@ impl NewInstance {
|
|||
}
|
||||
}
|
||||
|
||||
impl Signer for Instance {
|
||||
type Error = Error;
|
||||
|
||||
fn get_key_id(&self) -> String {
|
||||
format!("{}#main-key", self.ap_url())
|
||||
}
|
||||
|
||||
fn sign(&self, to_sign: &str) -> Result<Vec<u8>> {
|
||||
let key = self.get_keypair()?;
|
||||
let mut signer = sign::Signer::new(MessageDigest::sha256(), &key)?;
|
||||
signer.update(to_sign.as_bytes())?;
|
||||
signer.sign_to_vec().map_err(Error::from)
|
||||
}
|
||||
|
||||
fn verify(&self, data: &str, signature: &[u8]) -> Result<bool> {
|
||||
if self.public_key.is_none() {
|
||||
warn!("missing public key for {}", self.public_domain);
|
||||
return Err(Error::Signature);
|
||||
}
|
||||
let key = PKey::from_rsa(Rsa::public_key_from_pem(
|
||||
self.public_key.clone().unwrap().as_ref(),
|
||||
)?)?;
|
||||
let mut verifier = sign::Verifier::new(MessageDigest::sha256(), &key)?;
|
||||
verifier.update(data.as_bytes())?;
|
||||
verifier.verify(&signature).map_err(Error::from)
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
pub(crate) mod tests {
|
||||
use super::*;
|
||||
|
|
|
@ -60,83 +60,83 @@ msgstr ""
|
|||
msgid "Optional"
|
||||
msgstr ""
|
||||
|
||||
# src/routes/blogs.rs:63
|
||||
# src/routes/blogs.rs:67
|
||||
msgid "To create a new blog, you need to be logged in"
|
||||
msgstr ""
|
||||
|
||||
# src/routes/blogs.rs:102
|
||||
# src/routes/blogs.rs:109
|
||||
msgid "A blog with the same name already exists."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/blogs.rs:140
|
||||
# src/routes/blogs.rs:147
|
||||
msgid "Your blog was successfully created!"
|
||||
msgstr ""
|
||||
|
||||
# src/routes/blogs.rs:159
|
||||
# src/routes/blogs.rs:165
|
||||
msgid "Your blog was deleted."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/blogs.rs:167
|
||||
# src/routes/blogs.rs:173
|
||||
msgid "You are not allowed to delete this blog."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/blogs.rs:218
|
||||
# src/routes/blogs.rs:223
|
||||
msgid "You are not allowed to edit this blog."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/blogs.rs:274
|
||||
# src/routes/blogs.rs:279
|
||||
msgid "You can't use this media as a blog icon."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/blogs.rs:292
|
||||
# src/routes/blogs.rs:297
|
||||
msgid "You can't use this media as a blog banner."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/blogs.rs:326
|
||||
# src/routes/blogs.rs:331
|
||||
msgid "Your blog information have been updated."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/comments.rs:99
|
||||
# src/routes/comments.rs:100
|
||||
msgid "Your comment has been posted."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/comments.rs:178
|
||||
# src/routes/comments.rs:177
|
||||
msgid "Your comment has been deleted."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/instance.rs:118
|
||||
# src/routes/instance.rs:147
|
||||
msgid "Instance settings have been saved."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/instance.rs:150
|
||||
# src/routes/instance.rs:180
|
||||
msgid "{} has been unblocked."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/instance.rs:152
|
||||
# src/routes/instance.rs:182
|
||||
msgid "{} has been blocked."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/instance.rs:201
|
||||
# src/routes/instance.rs:233
|
||||
msgid "Blocks deleted"
|
||||
msgstr ""
|
||||
|
||||
# src/routes/instance.rs:216
|
||||
# src/routes/instance.rs:249
|
||||
msgid "Email already blocked"
|
||||
msgstr ""
|
||||
|
||||
# src/routes/instance.rs:221
|
||||
# src/routes/instance.rs:254
|
||||
msgid "Email Blocked"
|
||||
msgstr ""
|
||||
|
||||
# src/routes/instance.rs:312
|
||||
# src/routes/instance.rs:347
|
||||
msgid "You can't change your own rights."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/instance.rs:323
|
||||
# src/routes/instance.rs:358
|
||||
msgid "You are not allowed to take this action."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/instance.rs:359
|
||||
# src/routes/instance.rs:393
|
||||
msgid "Done."
|
||||
msgstr ""
|
||||
|
||||
|
@ -144,23 +144,23 @@ msgstr ""
|
|||
msgid "To like a post, you need to be logged in"
|
||||
msgstr ""
|
||||
|
||||
# src/routes/medias.rs:145
|
||||
# src/routes/medias.rs:158
|
||||
msgid "Your media have been deleted."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/medias.rs:150
|
||||
# src/routes/medias.rs:163
|
||||
msgid "You are not allowed to delete this media."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/medias.rs:167
|
||||
# src/routes/medias.rs:180
|
||||
msgid "Your avatar has been updated."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/medias.rs:172
|
||||
# src/routes/medias.rs:185
|
||||
msgid "You are not allowed to use this media."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/notifications.rs:28
|
||||
# src/routes/notifications.rs:29
|
||||
msgid "To see your notifications, you need to be logged in"
|
||||
msgstr ""
|
||||
|
||||
|
@ -168,51 +168,51 @@ msgstr ""
|
|||
msgid "This post isn't published yet."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/posts.rs:126
|
||||
# src/routes/posts.rs:125
|
||||
msgid "To write a new post, you need to be logged in"
|
||||
msgstr ""
|
||||
|
||||
# src/routes/posts.rs:143
|
||||
# src/routes/posts.rs:146
|
||||
msgid "You are not an author of this blog."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/posts.rs:150
|
||||
# src/routes/posts.rs:153
|
||||
msgid "New post"
|
||||
msgstr ""
|
||||
|
||||
# src/routes/posts.rs:195
|
||||
# src/routes/posts.rs:198
|
||||
msgid "Edit {0}"
|
||||
msgstr ""
|
||||
|
||||
# src/routes/posts.rs:264
|
||||
# src/routes/posts.rs:267
|
||||
msgid "You are not allowed to publish on this blog."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/posts.rs:363
|
||||
# src/routes/posts.rs:367
|
||||
msgid "Your article has been updated."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/posts.rs:553
|
||||
# src/routes/posts.rs:556
|
||||
msgid "Your article has been saved."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/posts.rs:560
|
||||
# src/routes/posts.rs:563
|
||||
msgid "New article"
|
||||
msgstr ""
|
||||
|
||||
# src/routes/posts.rs:597
|
||||
# src/routes/posts.rs:601
|
||||
msgid "You are not allowed to delete this article."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/posts.rs:622
|
||||
# src/routes/posts.rs:625
|
||||
msgid "Your article has been deleted."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/posts.rs:627
|
||||
# src/routes/posts.rs:630
|
||||
msgid "It looks like the article you tried to delete doesn't exist. Maybe it is already gone?"
|
||||
msgstr ""
|
||||
|
||||
# src/routes/posts.rs:667
|
||||
# src/routes/posts.rs:672
|
||||
msgid "Couldn't obtain enough information about your account. Please make sure your username is correct."
|
||||
msgstr ""
|
||||
|
||||
|
@ -220,63 +220,63 @@ msgstr ""
|
|||
msgid "To reshare a post, you need to be logged in"
|
||||
msgstr ""
|
||||
|
||||
# src/routes/session.rs:88
|
||||
# src/routes/session.rs:95
|
||||
msgid "You are now connected."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/session.rs:109
|
||||
# src/routes/session.rs:116
|
||||
msgid "You are now logged off."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/session.rs:154
|
||||
# src/routes/session.rs:162
|
||||
msgid "Password reset"
|
||||
msgstr ""
|
||||
|
||||
# src/routes/session.rs:155
|
||||
# src/routes/session.rs:163
|
||||
msgid "Here is the link to reset your password: {0}"
|
||||
msgstr ""
|
||||
|
||||
# src/routes/session.rs:215
|
||||
# src/routes/session.rs:235
|
||||
msgid "Your password was successfully reset."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/user.rs:142
|
||||
# src/routes/user.rs:74
|
||||
msgid "To access your dashboard, you need to be logged in"
|
||||
msgstr ""
|
||||
|
||||
# src/routes/user.rs:164
|
||||
# src/routes/user.rs:96
|
||||
msgid "You are no longer following {}."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/user.rs:181
|
||||
# src/routes/user.rs:113
|
||||
msgid "You are now following {}."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/user.rs:261
|
||||
# src/routes/user.rs:190
|
||||
msgid "To subscribe to someone, you need to be logged in"
|
||||
msgstr ""
|
||||
|
||||
# src/routes/user.rs:365
|
||||
# src/routes/user.rs:299
|
||||
msgid "To edit your profile, you need to be logged in"
|
||||
msgstr ""
|
||||
|
||||
# src/routes/user.rs:411
|
||||
# src/routes/user.rs:345
|
||||
msgid "Your profile has been updated."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/user.rs:438
|
||||
# src/routes/user.rs:373
|
||||
msgid "Your account has been deleted."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/user.rs:444
|
||||
# src/routes/user.rs:379
|
||||
msgid "You can't delete someone else's account."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/user.rs:528
|
||||
# src/routes/user.rs:463
|
||||
msgid "Registrations are closed on this instance."
|
||||
msgstr ""
|
||||
|
||||
# src/routes/user.rs:551
|
||||
# src/routes/user.rs:486
|
||||
msgid "Your account has been created. Now you just need to log in, before you can use it."
|
||||
msgstr ""
|
||||
|
||||
|
|
Loading…
Reference in a new issue