Browse Source

start work on implementing create object and http header signing

master
rscmbbng 6 years ago
parent
commit
c73d70175f
  1. 16
      basic_ap.py
  2. 17
      templates/create.json

16
basic_ap.py

@ -18,6 +18,8 @@
import flask, os import flask, os
from flask import request from flask import request
from flask import Response from flask import Response
from time import strftime, gmtime
import httpsig
#Config #Config
DOMAIN = 'https://my-example.com' DOMAIN = 'https://my-example.com'
@ -37,6 +39,20 @@ def public_key():
public_key() #generate public_key on first launch public_key() #generate public_key on first launch
def sign_header(private_key, key_id, host):
date= strftime("%a, %d %b %Y %H:%M:%S GMT", gmtime())
keypair= open(private_key,'rb').read()
hs = httpsig.HeaderSigner(key_id, secret, algorithm="rsa-sha256", headers=['(request-target): post /inbox', 'host', 'date'])
auth = hs.sign({"Date": date, "Host": host})
# thanks to https://github.com/snarfed for the authorization -> signature headers hack
# this is necessary because httpsig.HeaderSigner returns an Authorization header instead of Signature
auth['Signature'] = auth.pop('authorization')
assert auth['Signature'].startswith('Signature ')
auth['Signature'] = auth['Signature'][len('Signature '):]
#Flask #Flask
app = flask.Flask(__name__) app = flask.Flask(__name__)

17
templates/create.json

@ -0,0 +1,17 @@
{
"@context": "https://www.w3.org/ns/activitystreams",
"id": "{{domain}}/create-hello-world",
"type": "Create",
"actor": "{{domain}}/users/{{actor}}",
"object": {
"id": "{{domain}}hello-world",
"type": "Note",
"published": "{{date}}",
"attributedTo": "{{domain}}/users/{{actor}}",
"inReplyTo": "https://friend.camp/@darius/101065750930453908",
"content": "<p>This is a test from a <a href='https://git.vvvvvvaria.org/rra/basic_ap'>flask based implementation</a> of the mastodon tutorial</p>",
"to": "https://www.w3.org/ns/activitystreams#Public"
}
}
Loading…
Cancel
Save