1 import { buildDigest, signJsonLDObject } from '@server/helpers/peertube-crypto'
2 import { ACTIVITY_PUB, HTTP_SIGNATURE } from '@server/initializers/constants'
3 import { ActorModel } from '@server/models/actor/actor'
4 import { getServerActor } from '@server/models/application/application'
5 import { MActor } from '@server/types/models'
6 import { ContextType } from '@shared/models/activitypub/context'
7 import { activityPubContextify } from '../context'
9 type Payload <T> = { body: T, contextType: ContextType, signatureActorId?: number }
11 async function computeBody <T> (
13 ): Promise<T | T & { type: 'RsaSignature2017', creator: string, created: string }> {
14 let body = payload.body
16 if (payload.signatureActorId) {
17 const actorSignature = await ActorModel.load(payload.signatureActorId)
18 if (!actorSignature) throw new Error('Unknown signature actor id.')
20 body = await signAndContextify(actorSignature, payload.body, payload.contextType)
26 async function buildSignedRequestOptions (payload: Payload<any>) {
27 let actor: MActor | null
29 if (payload.signatureActorId) {
30 actor = await ActorModel.load(payload.signatureActorId)
31 if (!actor) throw new Error('Unknown signature actor id.')
33 // We need to sign the request, so use the server
34 actor = await getServerActor()
37 const keyId = actor.url
39 algorithm: HTTP_SIGNATURE.ALGORITHM,
40 authorizationHeaderName: HTTP_SIGNATURE.HEADER_NAME,
42 key: actor.privateKey,
43 headers: HTTP_SIGNATURE.HEADERS_TO_SIGN
47 function buildGlobalHeaders (body: any) {
49 'digest': buildDigest(body),
50 'content-type': 'application/activity+json',
51 'accept': ACTIVITY_PUB.ACCEPT_HEADER
55 function signAndContextify <T> (byActor: MActor, data: T, contextType: ContextType | null) {
56 const activity = contextType
57 ? activityPubContextify(data, contextType)
60 return signJsonLDObject(byActor, activity)
66 buildSignedRequestOptions,