diff --git a/basic_ap.py b/basic_ap.py index 95b270a..b1db9f0 100644 --- a/basic_ap.py +++ b/basic_ap.py @@ -19,7 +19,7 @@ import flask, os from flask import request from flask import Response from time import strftime, gmtime -import httpsig +import httpsig, requests #Config DOMAIN = 'https://my-example.com' @@ -41,17 +41,19 @@ public_key() #generate public_key on first launch def sign_header(private_key, key_id, host): date= strftime("%a, %d %b %Y %H:%M:%S GMT", gmtime()) - - keypair= open(private_key,'rb').read() - hs = httpsig.HeaderSigner(key_id, secret, algorithm="rsa-sha256", headers=['(request-target): post /inbox', 'host', 'date']) - auth = hs.sign({"Date": date, "Host": host}) - - # thanks to https://github.com/snarfed for the authorization -> signature headers hack - # this is necessary because httpsig.HeaderSigner returns an Authorization header instead of Signature - auth['Signature'] = auth.pop('authorization') - assert auth['Signature'].startswith('Signature ') + + secret= open(private_key,'rb').read() + hs = httpsig.HeaderSigner(key_id, secret, algorithm="rsa-sha256", headers=['(request-target)', 'host', 'date']) + auth = hs.sign({"Date": date, "Host": host}, method='POST',path='/inbox') + + # thanks to https://github.com/rowanlupton/pylodon/blob/master/pylodon/utilities.py for the inspiration + # this is necessary because httpsig.HeaderSigner returns an Authorization header instead of Signature + auth['Signature'] = auth.pop('authorization') + assert auth['Signature'].startswith('Signature ') auth['Signature'] = auth['Signature'][len('Signature '):] + return auth + #Flask app = flask.Flask(__name__) @@ -86,6 +88,14 @@ def profile(actor): return Response(response=json, status=200, mimetype="application/json") # return that answer as a json object +@app.route('/post/', methods=['POST','GET']) +def post(): + json=flask.render_template('create.json', + domain=DOMAIN,public_key=public_key(),actor='test',host='https://post.lurk.org') + r = requests.post(url='http://post.lurk.org/users/rra/inbox', json=json, headers=sign_header('private.pem', 'https://t.homebrewserver.club/users/test#main-key','https://post.lurk.org')) + a = (r.status_code, r.reason, r.text) + return 'test' + if __name__ == '__main__': app.debug =True app.run() diff --git a/templates/create.json b/templates/create.json index 411ec17..e307384 100644 --- a/templates/create.json +++ b/templates/create.json @@ -6,11 +6,11 @@ "actor": "{{domain}}/users/{{actor}}", "object": { - "id": "{{domain}}hello-world", + "id": "{{domain}}/hello-world", "type": "Note", "published": "{{date}}", "attributedTo": "{{domain}}/users/{{actor}}", - "inReplyTo": "https://friend.camp/@darius/101065750930453908", + "inReplyTo": "https://post.lurk.org/@rra/101224791711855553", "content": "

This is a test from a flask based implementation of the mastodon tutorial

", "to": "https://www.w3.org/ns/activitystreams#Public" }