mirror of
https://git.exozy.me/a/fuwuqi.git
synced 2024-11-25 16:51:02 +00:00
More code cleanup
This commit is contained in:
parent
183267030d
commit
315b1c635c
3 changed files with 6 additions and 16 deletions
|
@ -37,6 +37,7 @@ Enjoy your new "extremely hardcore" ActivityPub server!!! 🎉😎🚀🙃🥳
|
||||||
|
|
||||||
Since Fuwuqi's code is super duper easy to read and extend, the following features are left as an exercise to the reader:
|
Since Fuwuqi's code is super duper easy to read and extend, the following features are left as an exercise to the reader:
|
||||||
- Multi-user support (hint: dynamically generate `.well-known/webfinger` instead of serving a static file)
|
- Multi-user support (hint: dynamically generate `.well-known/webfinger` instead of serving a static file)
|
||||||
|
- S2S server-side processing
|
||||||
- Deleting posts
|
- Deleting posts
|
||||||
- JSON-LD (hint: don't do it, your brain will thank you)
|
- JSON-LD (hint: don't do it, your brain will thank you)
|
||||||
- Lots of pain
|
- Lots of pain
|
||||||
|
|
|
@ -17,11 +17,7 @@ message = f'date: {date}\ndigest: SHA-256={digest}'
|
||||||
with open('private.pem', 'rb') as f:
|
with open('private.pem', 'rb') as f:
|
||||||
privkey = serialization.load_pem_private_key(f.read(), None)
|
privkey = serialization.load_pem_private_key(f.read(), None)
|
||||||
|
|
||||||
signature = b64encode(privkey.sign(
|
signature = b64encode(privkey.sign(message.encode('utf8'), padding.PKCS1v15(), hashes.SHA256())).decode()
|
||||||
message.encode('utf8'),
|
|
||||||
padding.PKCS1v15(),
|
|
||||||
hashes.SHA256()
|
|
||||||
)).decode()
|
|
||||||
header = f'keyId="https://0.exozy.me/users/test.jsonld#main-key",headers="date digest",signature="{signature}"'
|
header = f'keyId="https://0.exozy.me/users/test.jsonld#main-key",headers="date digest",signature="{signature}"'
|
||||||
|
|
||||||
resp = post('https://0.exozy.me/users/test.outbox', headers={
|
resp = post('https://0.exozy.me/users/test.outbox', headers={
|
||||||
|
|
15
server.py
15
server.py
|
@ -32,9 +32,8 @@ def collection_pop(username, file, item):
|
||||||
|
|
||||||
def iri_to_actor(iri):
|
def iri_to_actor(iri):
|
||||||
if domain in iri:
|
if domain in iri:
|
||||||
name = search(f'^{domain}/users/(.*?)$',
|
username = search(f'^{domain}/users/(.*?)$', iri.removesuffix('#main-key')).group(1)
|
||||||
iri.removesuffix('#main-key')).group(1)
|
actorfile = f'users/{username}'
|
||||||
actorfile = f'users/{name}'
|
|
||||||
else:
|
else:
|
||||||
actorfile = f'users/{quote_plus(iri.removesuffix("#main-key"))}'
|
actorfile = f'users/{quote_plus(iri.removesuffix("#main-key"))}'
|
||||||
if not isfile(actorfile):
|
if not isfile(actorfile):
|
||||||
|
@ -82,14 +81,8 @@ class fuwuqi(SimpleHTTPRequestHandler):
|
||||||
message += f'{header}: {headerval}\n'
|
message += f'{header}: {headerval}\n'
|
||||||
|
|
||||||
# Verify HTTP signature
|
# Verify HTTP signature
|
||||||
signature = search('signature="(.*?)"',
|
signature = search('signature="(.*?)"', self.headers['Signature']).group(1)
|
||||||
self.headers['Signature']).group(1)
|
pubkey.verify(b64decode(signature), message[:-1].encode('utf8'), padding.PKCS1v15(), hashes.SHA256())
|
||||||
pubkey.verify(
|
|
||||||
b64decode(signature),
|
|
||||||
message[:-1].encode('utf8'),
|
|
||||||
padding.PKCS1v15(),
|
|
||||||
hashes.SHA256()
|
|
||||||
)
|
|
||||||
|
|
||||||
# Make sure activity doer matches HTTP signature
|
# Make sure activity doer matches HTTP signature
|
||||||
actor = keyid.removesuffix('#main-key')
|
actor = keyid.removesuffix('#main-key')
|
||||||
|
|
Loading…
Reference in a new issue