2018-09-15 07:01:19 +00:00
|
|
|
'use strict';
|
|
|
|
const express = require('express'),
|
|
|
|
router = express.Router(),
|
|
|
|
request = require('request'),
|
|
|
|
crypto = require('crypto');
|
|
|
|
|
|
|
|
router.post('/sendMessage', function (req, res) {
|
|
|
|
let db = req.app.get('db');
|
|
|
|
let domain = req.app.get('domain');
|
|
|
|
let acct = req.body.acct;
|
|
|
|
let apikey = req.body.apikey;
|
|
|
|
let message = req.body.message;
|
|
|
|
// check to see if your API key matches
|
2019-03-26 05:17:24 +00:00
|
|
|
let result = db.prepare('select apikey from accounts where name = ?').get(`${acct}@${domain}`);
|
|
|
|
if (result.apikey === apikey) {
|
|
|
|
sendCreateMessage(message, acct, domain, req, res);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
res.status(403).json({msg: 'wrong api key'});
|
|
|
|
}
|
2018-09-15 07:01:19 +00:00
|
|
|
});
|
|
|
|
|
|
|
|
function signAndSend(message, name, domain, req, res, targetDomain, inbox) {
|
|
|
|
// get the private key
|
|
|
|
let db = req.app.get('db');
|
|
|
|
let inboxFragment = inbox.replace('https://'+targetDomain,'');
|
2019-03-26 05:17:24 +00:00
|
|
|
let result = db.prepare('select privkey from accounts where name = ?').get(`${name}@${domain}`);
|
|
|
|
if (result === undefined) {
|
|
|
|
console.log(`No record found for ${name}.`);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
let privkey = result.privkey;
|
2020-11-29 08:35:25 +00:00
|
|
|
const digestHash = crypto.createHash('sha256').update(JSON.stringify(message)).digest('base64');
|
2019-03-26 05:17:24 +00:00
|
|
|
const signer = crypto.createSign('sha256');
|
|
|
|
let d = new Date();
|
2020-11-29 08:35:25 +00:00
|
|
|
let stringToSign = `(request-target): post ${inboxFragment}\nhost: ${targetDomain}\ndate: ${d.toUTCString()}\ndigest: SHA-256=${digestHash}`;
|
2019-03-26 05:17:24 +00:00
|
|
|
signer.update(stringToSign);
|
|
|
|
signer.end();
|
|
|
|
const signature = signer.sign(privkey);
|
|
|
|
const signature_b64 = signature.toString('base64');
|
2020-11-29 08:35:25 +00:00
|
|
|
let header = `keyId="https://${domain}/u/${name}",headers="(request-target) host date digest",signature="${signature_b64}"`;
|
2019-03-26 05:17:24 +00:00
|
|
|
request({
|
|
|
|
url: inbox,
|
|
|
|
headers: {
|
|
|
|
'Host': targetDomain,
|
|
|
|
'Date': d.toUTCString(),
|
2020-11-29 08:35:25 +00:00
|
|
|
'Digest': `SHA-256=${digestHash}`,
|
2019-03-26 05:17:24 +00:00
|
|
|
'Signature': header
|
|
|
|
},
|
|
|
|
method: 'POST',
|
|
|
|
json: true,
|
|
|
|
body: message
|
|
|
|
}, function (error, response){
|
|
|
|
console.log(`Sent message to an inbox at ${targetDomain}!`);
|
|
|
|
if (error) {
|
|
|
|
console.log('Error:', error, response);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
console.log('Response Status Code:', response.statusCode);
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
2018-09-15 07:01:19 +00:00
|
|
|
}
|
|
|
|
|
2019-03-26 07:01:34 +00:00
|
|
|
function createMessage(text, name, domain, req, res, follower) {
|
2018-09-15 19:19:12 +00:00
|
|
|
const guidCreate = crypto.randomBytes(16).toString('hex');
|
|
|
|
const guidNote = crypto.randomBytes(16).toString('hex');
|
2018-09-25 03:10:39 +00:00
|
|
|
let db = req.app.get('db');
|
2018-09-15 07:01:19 +00:00
|
|
|
let d = new Date();
|
|
|
|
|
2018-09-25 03:10:39 +00:00
|
|
|
let noteMessage = {
|
|
|
|
'id': `https://${domain}/m/${guidNote}`,
|
|
|
|
'type': 'Note',
|
|
|
|
'published': d.toISOString(),
|
|
|
|
'attributedTo': `https://${domain}/u/${name}`,
|
|
|
|
'content': text,
|
2019-03-26 07:01:34 +00:00
|
|
|
'to': ['https://www.w3.org/ns/activitystreams#Public'],
|
2018-09-25 03:10:39 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
let createMessage = {
|
2018-09-15 07:01:19 +00:00
|
|
|
'@context': 'https://www.w3.org/ns/activitystreams',
|
|
|
|
|
2018-09-25 03:10:39 +00:00
|
|
|
'id': `https://${domain}/m/${guidCreate}`,
|
2018-09-15 07:01:19 +00:00
|
|
|
'type': 'Create',
|
|
|
|
'actor': `https://${domain}/u/${name}`,
|
2019-03-26 07:01:34 +00:00
|
|
|
'to': ['https://www.w3.org/ns/activitystreams#Public'],
|
|
|
|
'cc': [follower],
|
2018-09-15 07:01:19 +00:00
|
|
|
|
2018-09-25 03:10:39 +00:00
|
|
|
'object': noteMessage
|
2018-09-15 07:01:19 +00:00
|
|
|
};
|
2018-09-25 03:10:39 +00:00
|
|
|
|
2019-03-26 05:17:24 +00:00
|
|
|
db.prepare('insert or replace into messages(guid, message) values(?, ?)').run( guidCreate, JSON.stringify(createMessage));
|
|
|
|
db.prepare('insert or replace into messages(guid, message) values(?, ?)').run( guidNote, JSON.stringify(noteMessage));
|
2018-09-25 03:10:39 +00:00
|
|
|
|
|
|
|
return createMessage;
|
2018-09-15 07:01:19 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
function sendCreateMessage(text, name, domain, req, res) {
|
|
|
|
let db = req.app.get('db');
|
|
|
|
|
2019-03-26 05:17:24 +00:00
|
|
|
let result = db.prepare('select followers from accounts where name = ?').get(`${name}@${domain}`);
|
|
|
|
let followers = JSON.parse(result.followers);
|
|
|
|
console.log(followers);
|
|
|
|
console.log('type',typeof followers);
|
|
|
|
if (followers === null) {
|
|
|
|
console.log('aaaa');
|
|
|
|
res.status(400).json({msg: `No followers for account ${name}@${domain}`});
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
for (let follower of followers) {
|
|
|
|
let inbox = follower+'/inbox';
|
|
|
|
let myURL = new URL(follower);
|
2019-06-05 12:04:49 +00:00
|
|
|
let targetDomain = myURL.host;
|
2019-03-26 07:01:34 +00:00
|
|
|
let message = createMessage(text, name, domain, req, res, follower);
|
2019-03-26 05:17:24 +00:00
|
|
|
signAndSend(message, name, domain, req, res, targetDomain, inbox);
|
2018-09-15 07:01:19 +00:00
|
|
|
}
|
2019-03-26 05:17:24 +00:00
|
|
|
res.status(200).json({msg: 'ok'});
|
|
|
|
}
|
2018-09-15 07:01:19 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
module.exports = router;
|