|
@ -30,6 +30,8 @@ from Crypto.Hash import SHA256 |
|
|
from Crypto.Signature import pkcs1_15 |
|
|
from Crypto.Signature import pkcs1_15 |
|
|
from Crypto.PublicKey import RSA |
|
|
from Crypto.PublicKey import RSA |
|
|
|
|
|
|
|
|
|
|
|
from httpsig import HTTPSigAuth |
|
|
|
|
|
|
|
|
# |
|
|
# |
|
|
import logging |
|
|
import logging |
|
|
import http.client as http_client |
|
|
import http.client as http_client |
|
@ -61,69 +63,69 @@ def public_key(): |
|
|
|
|
|
|
|
|
public_key() #generate public_key on first launch |
|
|
public_key() #generate public_key on first launch |
|
|
|
|
|
|
|
|
def build_signing_string(headers, header_values): |
|
|
# def build_signing_string(headers, header_values): |
|
|
return '\n'.join(map(lambda x: ': '.join([x.lower(), headers[x]]), header_values)) |
|
|
# return '\n'.join(map(lambda x: ': '.join([x.lower(), headers[x]]), header_values)) |
|
|
|
|
|
|
|
|
def messageContentDigest(messageBodyJsonStr: str) -> str: |
|
|
# def messageContentDigest(messageBodyJsonStr: str) -> str: |
|
|
msg = messageBodyJsonStr.encode('utf-8') |
|
|
# msg = messageBodyJsonStr.encode('utf-8') |
|
|
digestStr = SHA256.new(msg).digest() |
|
|
# digestStr = SHA256.new(msg).digest() |
|
|
return base64.b64encode(digestStr).decode('utf-8') |
|
|
# return base64.b64encode(digestStr).decode('utf-8') |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def sign_header(private_key, keyID, host, messageBodyJsonStr): |
|
|
# def sign_header(private_key, keyID, host, messageBodyJsonStr): |
|
|
""" |
|
|
# """ |
|
|
Sign HTTP headers |
|
|
# Sign HTTP headers |
|
|
""" |
|
|
# """ |
|
|
date = strftime("%a, %d %b %Y %H:%M:%S %Z", gmtime()) #RFC1123 Time format |
|
|
# date = strftime("%a, %d %b %Y %H:%M:%S %Z", gmtime()) #RFC1123 Time format |
|
|
|
|
|
|
|
|
#Based on https://code.freedombone.net/bashrc/epicyon/src/main/httpsig.py |
|
|
# #Based on https://code.freedombone.net/bashrc/epicyon/src/main/httpsig.py |
|
|
keyfile = open(private_key,'rb').read() |
|
|
# keyfile = open(private_key,'rb').read() |
|
|
secret = RSA.import_key(keyfile) |
|
|
# secret = RSA.import_key(keyfile) |
|
|
|
|
|
|
|
|
bodyDigest = messageContentDigest(messageBodyJsonStr) |
|
|
# bodyDigest = messageContentDigest(messageBodyJsonStr) |
|
|
contentLength = len(messageBodyJsonStr) |
|
|
# contentLength = len(messageBodyJsonStr) |
|
|
print(contentLength) |
|
|
# print(contentLength) |
|
|
|
|
|
|
|
|
path = '/inbox' |
|
|
# path = '/inbox' |
|
|
|
|
|
|
|
|
headers = { |
|
|
# headers = { |
|
|
'(request-target)': f'post {path}', |
|
|
# '(request-target)': f'post {path}', |
|
|
'host': host, |
|
|
# 'host': host, |
|
|
'date': date, |
|
|
# 'date': date, |
|
|
'digest': f'SHA-256={bodyDigest}', |
|
|
# 'digest': f'SHA-256={bodyDigest}', |
|
|
'content-type': 'application/json', |
|
|
# 'content-type': 'application/json', |
|
|
'content-length': str(contentLength) |
|
|
# 'content-length': str(contentLength) |
|
|
} |
|
|
# } |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
signedHeaderKeys = headers.keys() |
|
|
# signedHeaderKeys = headers.keys() |
|
|
signedHeaderText = '' |
|
|
# signedHeaderText = '' |
|
|
|
|
|
|
|
|
for headerKey in signedHeaderKeys: |
|
|
# for headerKey in signedHeaderKeys: |
|
|
signedHeaderText += f'{headerKey}: {headers[headerKey]}\n' |
|
|
# signedHeaderText += f'{headerKey}: {headers[headerKey]}\n' |
|
|
|
|
|
|
|
|
signedHeaderText = signedHeaderText.strip() |
|
|
# signedHeaderText = signedHeaderText.strip() |
|
|
headerDigest = SHA256.new(signedHeaderText.encode('ascii')) |
|
|
# headerDigest = SHA256.new(signedHeaderText.encode('ascii')) |
|
|
|
|
|
|
|
|
# Sign the digest |
|
|
# # Sign the digest |
|
|
rawSignature = pkcs1_15.new(secret).sign(headerDigest) |
|
|
# rawSignature = pkcs1_15.new(secret).sign(headerDigest) |
|
|
signature = base64.b64encode(rawSignature).decode('ascii') |
|
|
# signature = base64.b64encode(rawSignature).decode('ascii') |
|
|
|
|
|
|
|
|
# Put it into a valid HTTP signature format |
|
|
# # Put it into a valid HTTP signature format |
|
|
signatureDict = { |
|
|
# signatureDict = { |
|
|
'keyId': keyID, |
|
|
# 'keyId': keyID, |
|
|
'algorithm': 'rsa-sha256', |
|
|
# 'algorithm': 'rsa-sha256', |
|
|
'headers': ' '.join(signedHeaderKeys), |
|
|
# 'headers': ' '.join(signedHeaderKeys), |
|
|
'signature': signature |
|
|
# 'signature': signature |
|
|
} |
|
|
# } |
|
|
signatureHeader = ', '.join( |
|
|
# signatureHeader = ', '.join( |
|
|
[f'{k}="{v}"' for k, v in signatureDict.items()]) |
|
|
# [f'{k}="{v}"' for k, v in signatureDict.items()]) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
headers['signature'] = signatureHeader |
|
|
# headers['signature'] = signatureHeader |
|
|
|
|
|
|
|
|
return headers |
|
|
# return headers |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -163,14 +165,28 @@ def profile(actor): |
|
|
|
|
|
|
|
|
@app.route('/post/', methods=['POST','GET']) |
|
|
@app.route('/post/', methods=['POST','GET']) |
|
|
def post(): |
|
|
def post(): |
|
|
date = strftime("%a, %d %b %Y %H:%M:%S GMT", gmtime()) |
|
|
|
|
|
|
|
|
keyfile = open('private.pem','rb').read() |
|
|
|
|
|
key = {'privkey': RSA.import_key(keyfile), 'keyId': DOMAIN+'/users/'+USERNAME+'#main-key'} |
|
|
|
|
|
|
|
|
|
|
|
headers = {"content-type": "application/activity+json", |
|
|
|
|
|
"user-agent": f"test v:1"} |
|
|
|
|
|
|
|
|
json_message=json.loads(flask.render_template('create.json', |
|
|
json_message=json.loads(flask.render_template('create.json', |
|
|
domain=DOMAIN,public_key=public_key(),actor=USERNAME,host='DOMAIN', date=date)) |
|
|
domain=DOMAIN,public_key=public_key(),actor=USERNAME,host='DOMAIN')) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
http_sig = HTTPSigAuth(key, headers) |
|
|
|
|
|
|
|
|
|
|
|
url = 'https://post.lurk.org/inbox' |
|
|
|
|
|
|
|
|
|
|
|
body = json.dumps(json_message) |
|
|
|
|
|
|
|
|
|
|
|
headers = http_sig.sign(url,body) |
|
|
|
|
|
|
|
|
signed_headers = sign_header('private.pem', DOMAIN+'/users/'+USERNAME+'#main-key','https://post.lurk.org', json.dumps(json_message)) |
|
|
#signed_headers = sign_header('private.pem', DOMAIN+'/users/'+USERNAME+'#main-key','https://post.lurk.org', json.dumps(json_message)) |
|
|
|
|
|
|
|
|
r = requests.post('https://post.lurk.org/inbox', json=json_message, headers=signed_headers) |
|
|
r = requests.post('https://post.lurk.org/inbox', json=body, headers=headers) |
|
|
|
|
|
|
|
|
html = f'Status code <pre>{r.status_code}</pre></br>Response Headers: <pre>{r.headers}</pre></br></br> json message: <pre>{r.request.body}</pre></br></br> Request headers: <pre>{r.request.headers}</pre>' |
|
|
html = f'Status code <pre>{r.status_code}</pre></br>Response Headers: <pre>{r.headers}</pre></br></br> json message: <pre>{r.request.body}</pre></br></br> Request headers: <pre>{r.request.headers}</pre>' |
|
|
html_headers = f'<html><head><style>pre {{overflow:auto;background-color:#eee;}}</style></head><body>{html}</body></html>' |
|
|
html_headers = f'<html><head><style>pre {{overflow:auto;background-color:#eee;}}</style></head><body>{html}</body></html>' |
|
|