From 42dccb73db4f1a196293e12189c1b2bfec20e03c Mon Sep 17 00:00:00 2001 From: bill-auger Date: Mar 11 2019 18:42:24 +0000 Subject: implement HTTP signatures --- diff --git a/controller.py b/controller.py index b2e2e26..249f3ed 100644 --- a/controller.py +++ b/controller.py @@ -4,7 +4,24 @@ from model import ApManager , CreateNote , GetPerson , IsValidActivity , IsV def user_get_handler(person_id , ap_dict): person = GetPerson(person_id) - + #a_person = + #{ + #"@context": [ + #"https://www.w3.org/ns/activitystreams", + #"https://w3id.org/security/v1" + #], + + #"id": person.url + "/public-key", + #"type": "Person", + #"preferredUsername": person.id , + #"inbox": person.inbox , + + #"publicKey": { + #"id": person.id , + #"owner": person.url , + #"publicKeyPem": "-----BEGIN PUBLIC KEY-----...-----END PUBLIC KEY-----" + #} + #} return [ STATUS_OK , "this is " + person_id ] if person != None else RESP_NOT_FOUND @@ -53,3 +70,80 @@ def following_post_handler(person_id , ap_dict): return [ STATUS_OK , "POST/foll def liked_post_handler(person_id , ap_dict): return [ STATUS_OK , "POST/liked" ] def likes_post_handler(person_id , ap_dict): return [ STATUS_OK , "POST/likes" ] def outbox_post_handler(person_id , ap_dict): return [ STATUS_OK , "POST/outbox" ] + + + +# DEBUG BEGIN +import json +import requests +from requests_http_signature import HTTPSignatureHeaderAuth + + +#TEST_REMOTE_ACTOR_URL='https://forge.angeley.es/' +TEST_REMOTE_INBOX_URL='https://forge.angeley.es/inbox' +#TEST_REMOTE_INBOX_URL='https://localhost:8000/forge-fed/alice/inbox' +#AP_POST_HEADERS = { 'Content-Type' : 'application/activity+json' , + #'Accept' : 'application/json' } +AP_POST_HEADERS = { 'Content-Type' : 'application/activity+json' , + 'Accept' : 'application/json' } + + +def SignedGetReq(url): + resp = requests.get(url , auth=HTTP_SIG_AUTH) + print("SignedGetReq() url=" + url + " resp=" + resp.text) + + +#def SignedPostReq(url , json): +def SignedPostReq(url , a_dict): + with open('private.pem' , 'rb') as key_file: + AP_SIGN_HEADERS = [ '(request-target)' , 'host' , 'date' , 'ActivityPub-Actor' ] + AP_SIGN_ALGORITHM = 'rsa-sha256' + HTTP_SIG_KEY_ID = 'rsa-key-1' + PRIVATE_KEY = key_file.read() + #HTTP_SIG_AUTH = HTTPSignatureAuth(algorithm='rsa-sha256' , key=key_file.read() , key_id='rsa-key-1') + #AP_SIGN_HEADERS = [ '(request-target)' , 'host' , 'date' , 'digest' , 'content-length' , 'signature' ] + HTTP_SIG_AUTH = HTTPSignatureHeaderAuth(headers=AP_SIGN_HEADERS , algorithm=AP_SIGN_ALGORITHM , \ + key_id=HTTP_SIG_KEY_ID , key=PRIVATE_KEY ) + + + #print("SignedPostReq() PRIVATE_KEY=" + str(PRIVATE_KEY)) + #from pprint import pprint ; print("HTTP_SIG_AUTH=") ; pprint(vars(HTTP_SIG_AUTH)) + #print("SignedPostReq() HTTP_SIG_AUTH=" + HTTP_SIG_AUTH) + + + post_body = str(a_dict).encode() + #post_body = str(vars(a_dict)).encode() + #post_body = json.dumps(a_dict).encode() + #resp = requests.post(url , headers=AP_POST_HEADERS , data=some_json.encode() , # auth=HTTP_SIG_AUTH) + resp = requests.post(url , headers=AP_POST_HEADERS , data=post_body , auth=HTTP_SIG_AUTH) + #auth=HTTPSignatureAuth(headers=AP_SIGN_HEADERS , algorithm=AP_SIGN_ALGORITHM , \ + #key=PRIVATE_KEY , key_id=HTTP_SIG_KEY_ID)) + + + print("SignedPostReq() post_body=" + str(post_body)) + print("SignedPostReq() url=" + url + " resp=" + resp.text) + + +#def key_resolver(key_id, algorithm): + #return public_keys[key_id] + +#HTTPSignatureAuth.verify(request, key_resolver=key_resolver) + + +#preshared_secret = 'monorail_cat' +#key_id = 'squirrel' +#HTTP_SIG_AUTH = HTTPSignatureAuth(key=preshared_secret , key_id=preshared_key_id) +#HTTP_SIG_AUTH = HTTPSignatureAuth(algorithm='rsa-sha256' , key=PRIVATE_KEY , key_id="$DOMAIN") + +#with open('private.pem' , 'rb') as key_file: PRIVATE_KEY = key_file.read() +#HTTP_SIG_KEY_ID = 'rsa-key-1' +#HTTP_SIG_AUTH = HTTPSignatureAuth(algorithm='rsa-sha256' , key=PRIVATE_KEY , key_id=HTTP_SIG_KEY_ID) + +from model import Alice , AliceNote , GetActivity +#AP_POST_HEADERS['ActivityPub-Actor'] = json.dumps(Alice).encode() +AP_POST_HEADERS['ActivityPub-Actor'] = Alice.url +#SignedGetReq(TEST_REMOTE_ACTOR_URL) +#SignedPostReq(TEST_REMOTE_INBOX_URL , {"k1":"v1"}) +#SignedPostReq(TEST_REMOTE_INBOX_URL , AliceNote) # TypeError: Object of type Note is not JSON serializable +SignedPostReq(TEST_REMOTE_INBOX_URL , GetActivity(AliceNote.id)) +# DEBUG END