add httpsig and fix webfinger lookups

2024-12-16 20:50:05 -07:00 · 2024-12-16 20:50:05 -07:00 · 6bb5eff11b
commit 6bb5eff11b
parent 1806140f4b
3 changed files with 55 additions and 28 deletions
--- a/adapter/anonAp.go
+++ b/adapter/anonAp.go
@ -10,6 +10,7 @@ import (
 	"time"

 	"forge.lightcrystal.systems/nilix/underbbs/models"
+	_ "github.com/go-fed/httpsig"
 )

 type anonAPAdapter struct {
@ -218,44 +219,56 @@ func (self *anonAPAdapter) toAuthor(actor apActor) *models.Author {
 	return a
 }

+func (self *anonAPAdapter) getHostForId(id string) string {
+  if strings.HasPrefix(id, "https://") {
+    idNoScheme := strings.Split(id, "https://")[1]
+    serverNoScheme := strings.Split(idNoScheme, "/")[0]
+    return "https://" + serverNoScheme
+  } else {
+    return "https://" + strings.Split(id, "@")[1]
+  }
+}
+
+func (self *anonAPAdapter) normalizeActorId(id string) string {
+  if string([]byte{id[0]}) == "@" {
+				id = id[1:]
+			}
+			if !strings.Contains(id, "@") {
+			  // if the id is not a URI, add local server to it
+			  if !strings.HasPrefix(id, "https://") {
+			    serverNoScheme := strings.Split(self.server, "https://")[1]
+			    id = fmt.Sprintf("%s@%s", id, serverNoScheme)
+			  }
+			}
+			return id
+}
+
 func (self *anonAPAdapter) Fetch(etype string, ids []string) error {
 	for _, id := range ids {
 		switch etype {
 		case "author": // webfinger lookup on id
-			if string([]byte{id[0]}) == "@" {
-				id = id[1:]
-			}
-			reqHost := self.server
-			if strings.HasPrefix(id, "https://") || !strings.HasSuffix(id, strings.Split(self.server, "https://")[1]) {
-				if strings.Contains(id, "@") {
-					reqHost = "https://" + strings.Split(id, "@")[1]
-					id = strings.Split(id, "@")[0]
-				} else {
-					noScheme := strings.TrimPrefix(id, "https://")
-					domainOnly := strings.Split(noScheme, "/")[0]
-					reqHost = "https://" + domainOnly
-					idParts := strings.Split(id, "/")
-					id = idParts[len(idParts)-1]
-				}
-			}
+			normalizedId := self.normalizeActorId(id)
+			fmt.Println(normalizedId)
+			reqHost := self.getHostForId(normalizedId)
+			profile := normalizedId
 			fmt.Println(reqHost)
-			res, err := http.Get(reqHost + "/.well-known/webfinger?resource=acct:" + id)
+			if !strings.HasPrefix(normalizedId, "https://") {
+ 			res, err := http.Get(reqHost + "/.well-known/webfinger?resource=acct:" + normalizedId)
 			if err != nil {
 				return err
 			}
-			fmt.Printf("%d\n", res.StatusCode)
 			data := getBodyJson(res)
-			fmt.Println(string(data))
 			wf := webFinger{}
 			json.Unmarshal(data, &wf)
-			var profile string
+
 			for _, l := range wf.Links {
 				if l.Rel == "self" {
 					profile = l.Href
 					break
 				}
 			}
-			res, err = self.makeApRequest("GET", profile, nil)
+		  }
+			res, err := self.makeApRequest("GET", profile, nil)
 			if err != nil {
 				return err
 			}
@ -267,25 +280,25 @@ func (self *anonAPAdapter) Fetch(etype string, ids []string) error {
 				self.send(author)
 			}
 		case "byAuthor":
-			// get outbox
-			if string([]byte{id[0]}) == "@" {
-				id = id[1:]
-			}
-			res, err := http.Get(self.server + "/.well-known/webfinger?resource=acct:" + id)
+			normalizedId := self.normalizeActorId(id)
+			reqHost := self.getHostForId(normalizedId)
+			profile := normalizedId
+			if !strings.HasPrefix(normalizedId, "https://") {
+			res, err := http.Get(reqHost + "/.well-known/webfinger?resource=acct:" + normalizedId)
 			if err != nil {
 				return err
 			}
 			data := getBodyJson(res)
 			wf := webFinger{}
 			json.Unmarshal(data, &wf)
-			var profile string
 			for _, l := range wf.Links {
 				if l.Rel == "self" {
 					profile = l.Href
 					break
 				}
 			}
-			res, err = self.makeApRequest("GET", profile+"/outbox", nil)
+			}
+			res, err := self.makeApRequest("GET", profile+"/outbox", nil)
 			if err != nil {
 				return err
 			}
--- a/go.mod
+++ b/go.mod
@ -5,6 +5,7 @@ go 1.22.0
 require (
 	forge.lightcrystal.systems/nilix/quartzgun v0.4.2
 	github.com/McKael/madon v2.3.0+incompatible
+	github.com/go-fed/httpsig v1.1.0
 	github.com/nbd-wtf/go-nostr v0.31.2
 	github.com/yitsushi/go-misskey v1.1.6
 	golang.org/x/time v0.5.0
@ -29,6 +30,7 @@ require (
 	github.com/tidwall/gjson v1.14.4 // indirect
 	github.com/tidwall/match v1.1.1 // indirect
 	github.com/tidwall/pretty v1.2.0 // indirect
+	golang.org/x/crypto v0.23.0 // indirect
 	golang.org/x/exp v0.0.0-20230425010034-47ecfdc1ba53 // indirect
 	golang.org/x/net v0.25.0 // indirect
 	golang.org/x/oauth2 v0.21.0 // indirect
--- a/go.sum
+++ b/go.sum
@ -13,6 +13,8 @@ github.com/decred/dcrd/crypto/blake256 v1.0.1 h1:7PltbUIQB7u/FfZ39+DGa/ShuMyJ5il
 github.com/decred/dcrd/crypto/blake256 v1.0.1/go.mod h1:2OfgNZ5wDpcsFmHmCK5gZTPcCXqlm2ArzUIkw9czNJo=
 github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 h1:8UrgZ3GkP4i/CLijOJx79Yu+etlyjdBU4sfcs2WYQMs=
 github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0=
+github.com/go-fed/httpsig v1.1.0 h1:9M+hb0jkEICD8/cAiNqEB66R87tTINszBRTjwjQzWcI=
+github.com/go-fed/httpsig v1.1.0/go.mod h1:RCMrTZvN1bJYtofsG4rd5NaO5obxQ5xBkdiS7xsT7bM=
 github.com/gobwas/httphead v0.1.0 h1:exrUm0f4YX0L7EBwZHuCF4GDp8aJfVeBrlLQrs6NqWU=
 github.com/gobwas/httphead v0.1.0/go.mod h1:O/RXo79gxV8G+RqlR/otEwx4Q36zl9rqC5u12GKvMCM=
 github.com/gobwas/pool v0.2.1 h1:xfeeEhW7pwmX8nuLVlqbzVc7udMDrwetjEv+TZIz1og=
@ -49,16 +51,26 @@ github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
 github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
 github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs=
 github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI=
+golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
 golang.org/x/exp v0.0.0-20230425010034-47ecfdc1ba53 h1:5llv2sWeaMSnA3w2kS57ouQQ4pudlXrR0dCgw51QK9o=
 golang.org/x/exp v0.0.0-20230425010034-47ecfdc1ba53/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac=
 golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
 golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs=
 golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y=
 golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/term v0.20.0 h1:VnkxpohqXaOBYJtBmEppKUG6mXpi+4O6purfc2+sMhw=
+golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
 golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=