diff options
Diffstat (limited to 'server/lib/activitypub/send/http.ts')
-rw-r--r-- | server/lib/activitypub/send/http.ts | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/server/lib/activitypub/send/http.ts b/server/lib/activitypub/send/http.ts new file mode 100644 index 000000000..d8d0b8542 --- /dev/null +++ b/server/lib/activitypub/send/http.ts | |||
@@ -0,0 +1,68 @@ | |||
1 | import { buildDigest, signJsonLDObject } from '@server/helpers/peertube-crypto' | ||
2 | import { ACTIVITY_PUB, HTTP_SIGNATURE } from '@server/initializers/constants' | ||
3 | import { ActorModel } from '@server/models/actor/actor' | ||
4 | import { getServerActor } from '@server/models/application/application' | ||
5 | import { MActor } from '@server/types/models' | ||
6 | import { ContextType } from '@shared/models/activitypub/context' | ||
7 | import { activityPubContextify } from '../context' | ||
8 | |||
9 | type Payload <T> = { body: T, contextType: ContextType, signatureActorId?: number } | ||
10 | |||
11 | async function computeBody <T> ( | ||
12 | payload: Payload<T> | ||
13 | ): Promise<T | T & { type: 'RsaSignature2017', creator: string, created: string }> { | ||
14 | let body = payload.body | ||
15 | |||
16 | if (payload.signatureActorId) { | ||
17 | const actorSignature = await ActorModel.load(payload.signatureActorId) | ||
18 | if (!actorSignature) throw new Error('Unknown signature actor id.') | ||
19 | |||
20 | body = await signAndContextify(actorSignature, payload.body, payload.contextType) | ||
21 | } | ||
22 | |||
23 | return body | ||
24 | } | ||
25 | |||
26 | async function buildSignedRequestOptions (payload: Payload<any>) { | ||
27 | let actor: MActor | null | ||
28 | |||
29 | if (payload.signatureActorId) { | ||
30 | actor = await ActorModel.load(payload.signatureActorId) | ||
31 | if (!actor) throw new Error('Unknown signature actor id.') | ||
32 | } else { | ||
33 | // We need to sign the request, so use the server | ||
34 | actor = await getServerActor() | ||
35 | } | ||
36 | |||
37 | const keyId = actor.url | ||
38 | return { | ||
39 | algorithm: HTTP_SIGNATURE.ALGORITHM, | ||
40 | authorizationHeaderName: HTTP_SIGNATURE.HEADER_NAME, | ||
41 | keyId, | ||
42 | key: actor.privateKey, | ||
43 | headers: HTTP_SIGNATURE.HEADERS_TO_SIGN | ||
44 | } | ||
45 | } | ||
46 | |||
47 | function buildGlobalHeaders (body: any) { | ||
48 | return { | ||
49 | 'digest': buildDigest(body), | ||
50 | 'content-type': 'application/activity+json', | ||
51 | 'accept': ACTIVITY_PUB.ACCEPT_HEADER | ||
52 | } | ||
53 | } | ||
54 | |||
55 | function signAndContextify <T> (byActor: MActor, data: T, contextType: ContextType | null) { | ||
56 | const activity = contextType | ||
57 | ? activityPubContextify(data, contextType) | ||
58 | : data | ||
59 | |||
60 | return signJsonLDObject(byActor, activity) | ||
61 | } | ||
62 | |||
63 | export { | ||
64 | buildGlobalHeaders, | ||
65 | computeBody, | ||
66 | buildSignedRequestOptions, | ||
67 | signAndContextify | ||
68 | } | ||