Compare commits
No commits in common. "master" and "1-fix-create-object" have entirely different histories.
master
...
1-fix-crea
5 changed files with 20 additions and 40 deletions
|
@ -96,13 +96,6 @@ This table keeps track of all the data needed for the accounts. Columns:
|
||||||
* `followers` `TEXT`: a JSON-formatted array of the URL for the Actor JSON of all followers, in the form `["https://remote.server/users/somePerson", "https://another.remote.server/ourUsers/anotherPerson"]`
|
* `followers` `TEXT`: a JSON-formatted array of the URL for the Actor JSON of all followers, in the form `["https://remote.server/users/somePerson", "https://another.remote.server/ourUsers/anotherPerson"]`
|
||||||
* `messages` `TEXT`: not yet used but will eventually store all messages so we can render them on a "profile" page
|
* `messages` `TEXT`: not yet used but will eventually store all messages so we can render them on a "profile" page
|
||||||
|
|
||||||
### `messages`
|
|
||||||
|
|
||||||
This table holds all messages sent by the server, which are served at the url `/m/some-id-number/`.
|
|
||||||
|
|
||||||
* `guid` `TEXT PRIMARY KEY`: an id for the message
|
|
||||||
* `message` `TEXT`: a JSON object encoding the full message
|
|
||||||
|
|
||||||
## License
|
## License
|
||||||
|
|
||||||
Copyright (c) 2018 Darius Kazemi. Licensed under the MIT license.
|
Copyright (c) 2018 Darius Kazemi. Licensed under the MIT license.
|
||||||
|
|
|
@ -9,10 +9,11 @@
|
||||||
"cors": "^2.8.4",
|
"cors": "^2.8.4",
|
||||||
"express": "^4.16.3",
|
"express": "^4.16.3",
|
||||||
"express-basic-auth": "^1.1.5",
|
"express-basic-auth": "^1.1.5",
|
||||||
|
"generate-rsa-keypair": "^0.1.2",
|
||||||
"request": "^2.87.0"
|
"request": "^2.87.0"
|
||||||
},
|
},
|
||||||
"engines": {
|
"engines": {
|
||||||
"node": ">=10.12.0"
|
"node": ">=10.10.0"
|
||||||
},
|
},
|
||||||
"devDependencies": {},
|
"devDependencies": {},
|
||||||
"scripts": {
|
"scripts": {
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
'use strict';
|
'use strict';
|
||||||
const express = require('express'),
|
const express = require('express'),
|
||||||
router = express.Router(),
|
router = express.Router(),
|
||||||
crypto = require('crypto');
|
crypto = require('crypto'),
|
||||||
|
generateRSAKeypair = require('generate-rsa-keypair');
|
||||||
|
|
||||||
function createActor(name, domain, pubkey) {
|
function createActor(name, domain, pubkey) {
|
||||||
return {
|
return {
|
||||||
|
@ -47,28 +48,17 @@ router.post('/create', function (req, res) {
|
||||||
let db = req.app.get('db');
|
let db = req.app.get('db');
|
||||||
let domain = req.app.get('domain');
|
let domain = req.app.get('domain');
|
||||||
// create keypair
|
// create keypair
|
||||||
crypto.generateKeyPair('rsa', {
|
var pair = generateRSAKeypair();
|
||||||
modulusLength: 4096,
|
let actorRecord = createActor(account, domain, pair.public);
|
||||||
publicKeyEncoding: {
|
|
||||||
type: 'spki',
|
|
||||||
format: 'pem'
|
|
||||||
},
|
|
||||||
privateKeyEncoding: {
|
|
||||||
type: 'pkcs8',
|
|
||||||
format: 'pem'
|
|
||||||
}
|
|
||||||
}, (err, publicKey, privateKey) => {
|
|
||||||
let actorRecord = createActor(account, domain, publicKey);
|
|
||||||
let webfingerRecord = createWebfinger(account, domain);
|
let webfingerRecord = createWebfinger(account, domain);
|
||||||
const apikey = crypto.randomBytes(16).toString('hex');
|
const apikey = crypto.randomBytes(16).toString('hex');
|
||||||
try {
|
try {
|
||||||
db.prepare('insert or replace into accounts(name, actor, apikey, pubkey, privkey, webfinger) values(?, ?, ?, ?, ?, ?)').run(`${account}@${domain}`, JSON.stringify(actorRecord), apikey, publicKey, privateKey, JSON.stringify(webfingerRecord));
|
db.prepare('insert or replace into accounts(name, actor, apikey, pubkey, privkey, webfinger) values(?, ?, ?, ?, ?, ?)').run(`${account}@${domain}`, JSON.stringify(actorRecord), apikey, pair.public, pair.private, JSON.stringify(webfingerRecord));
|
||||||
res.status(200).json({msg: 'ok', apikey});
|
res.status(200).json({msg: 'ok', apikey});
|
||||||
}
|
}
|
||||||
catch(e) {
|
catch(e) {
|
||||||
res.status(200).json({error: e});
|
res.status(200).json({error: e});
|
||||||
}
|
}
|
||||||
});
|
|
||||||
});
|
});
|
||||||
|
|
||||||
module.exports = router;
|
module.exports = router;
|
||||||
|
|
|
@ -30,21 +30,19 @@ function signAndSend(message, name, domain, req, res, targetDomain, inbox) {
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
let privkey = result.privkey;
|
let privkey = result.privkey;
|
||||||
const digestHash = crypto.createHash('sha256').update(JSON.stringify(message)).digest('base64');
|
|
||||||
const signer = crypto.createSign('sha256');
|
const signer = crypto.createSign('sha256');
|
||||||
let d = new Date();
|
let d = new Date();
|
||||||
let stringToSign = `(request-target): post ${inboxFragment}\nhost: ${targetDomain}\ndate: ${d.toUTCString()}\ndigest: SHA-256=${digestHash}`;
|
let stringToSign = `(request-target): post ${inboxFragment}\nhost: ${targetDomain}\ndate: ${d.toUTCString()}`;
|
||||||
signer.update(stringToSign);
|
signer.update(stringToSign);
|
||||||
signer.end();
|
signer.end();
|
||||||
const signature = signer.sign(privkey);
|
const signature = signer.sign(privkey);
|
||||||
const signature_b64 = signature.toString('base64');
|
const signature_b64 = signature.toString('base64');
|
||||||
let header = `keyId="https://${domain}/u/${name}",headers="(request-target) host date digest",signature="${signature_b64}"`;
|
let header = `keyId="https://${domain}/u/${name}",headers="(request-target) host date",signature="${signature_b64}"`;
|
||||||
request({
|
request({
|
||||||
url: inbox,
|
url: inbox,
|
||||||
headers: {
|
headers: {
|
||||||
'Host': targetDomain,
|
'Host': targetDomain,
|
||||||
'Date': d.toUTCString(),
|
'Date': d.toUTCString(),
|
||||||
'Digest': `SHA-256=${digestHash}`,
|
|
||||||
'Signature': header
|
'Signature': header
|
||||||
},
|
},
|
||||||
method: 'POST',
|
method: 'POST',
|
||||||
|
@ -110,7 +108,7 @@ function sendCreateMessage(text, name, domain, req, res) {
|
||||||
for (let follower of followers) {
|
for (let follower of followers) {
|
||||||
let inbox = follower+'/inbox';
|
let inbox = follower+'/inbox';
|
||||||
let myURL = new URL(follower);
|
let myURL = new URL(follower);
|
||||||
let targetDomain = myURL.host;
|
let targetDomain = myURL.hostname;
|
||||||
let message = createMessage(text, name, domain, req, res, follower);
|
let message = createMessage(text, name, domain, req, res, follower);
|
||||||
signAndSend(message, name, domain, req, res, targetDomain, inbox);
|
signAndSend(message, name, domain, req, res, targetDomain, inbox);
|
||||||
}
|
}
|
||||||
|
|
|
@ -16,21 +16,19 @@ function signAndSend(message, name, domain, req, res, targetDomain) {
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
let privkey = result.privkey;
|
let privkey = result.privkey;
|
||||||
const digestHash = crypto.createHash('sha256').update(JSON.stringify(message)).digest('base64');
|
|
||||||
const signer = crypto.createSign('sha256');
|
const signer = crypto.createSign('sha256');
|
||||||
let d = new Date();
|
let d = new Date();
|
||||||
let stringToSign = `(request-target): post ${inboxFragment}\nhost: ${targetDomain}\ndate: ${d.toUTCString()}\ndigest: SHA-256=${digestHash}`;
|
let stringToSign = `(request-target): post ${inboxFragment}\nhost: ${targetDomain}\ndate: ${d.toUTCString()}`;
|
||||||
signer.update(stringToSign);
|
signer.update(stringToSign);
|
||||||
signer.end();
|
signer.end();
|
||||||
const signature = signer.sign(privkey);
|
const signature = signer.sign(privkey);
|
||||||
const signature_b64 = signature.toString('base64');
|
const signature_b64 = signature.toString('base64');
|
||||||
let header = `keyId="https://${domain}/u/${name}",headers="(request-target) host date digest",signature="${signature_b64}"`;
|
let header = `keyId="https://${domain}/u/${name}",headers="(request-target) host date",signature="${signature_b64}"`;
|
||||||
request({
|
request({
|
||||||
url: inbox,
|
url: inbox,
|
||||||
headers: {
|
headers: {
|
||||||
'Host': targetDomain,
|
'Host': targetDomain,
|
||||||
'Date': d.toUTCString(),
|
'Date': d.toUTCString(),
|
||||||
'Digest': `SHA-256=${digestHash}`,
|
|
||||||
'Signature': header
|
'Signature': header
|
||||||
},
|
},
|
||||||
method: 'POST',
|
method: 'POST',
|
||||||
|
|
Loading…
Reference in a new issue