1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
import cors from 'cors'
import express from 'express'
import { join } from 'path'
import { asyncMiddleware, buildRateLimiter, handleStaticError, webfingerValidator } from '@server/middlewares'
import { root } from '@shared/core-utils'
import { CONFIG } from '../initializers/config'
import { ROUTE_CACHE_LIFETIME, WEBSERVER } from '../initializers/constants'
import { cacheRoute } from '../middlewares/cache/cache'
const wellKnownRouter = express.Router()
const wellKnownRateLimiter = buildRateLimiter({
windowMs: CONFIG.RATES_LIMIT.WELL_KNOWN.WINDOW_MS,
max: CONFIG.RATES_LIMIT.WELL_KNOWN.MAX
})
wellKnownRouter.use(cors())
wellKnownRouter.get('/.well-known/webfinger',
wellKnownRateLimiter,
asyncMiddleware(webfingerValidator),
webfingerController
)
wellKnownRouter.get('/.well-known/security.txt',
wellKnownRateLimiter,
cacheRoute(ROUTE_CACHE_LIFETIME.SECURITYTXT),
(_, res: express.Response) => {
res.type('text/plain')
return res.send(CONFIG.INSTANCE.SECURITYTXT + CONFIG.INSTANCE.SECURITYTXT_CONTACT)
}
)
// nodeinfo service
wellKnownRouter.use('/.well-known/nodeinfo',
wellKnownRateLimiter,
cacheRoute(ROUTE_CACHE_LIFETIME.NODEINFO),
(_, res: express.Response) => {
return res.json({
links: [
{
rel: 'http://nodeinfo.diaspora.software/ns/schema/2.0',
href: WEBSERVER.URL + '/nodeinfo/2.0.json'
}
]
})
}
)
// dnt-policy.txt service (see https://www.eff.org/dnt-policy)
wellKnownRouter.use('/.well-known/dnt-policy.txt',
wellKnownRateLimiter,
cacheRoute(ROUTE_CACHE_LIFETIME.DNT_POLICY),
(_, res: express.Response) => {
res.type('text/plain')
return res.sendFile(join(root(), 'dist/server/static/dnt-policy/dnt-policy-1.0.txt'))
}
)
// dnt service (see https://www.w3.org/TR/tracking-dnt/#status-resource)
wellKnownRouter.use('/.well-known/dnt/',
wellKnownRateLimiter,
(_, res: express.Response) => {
res.json({ tracking: 'N' })
}
)
wellKnownRouter.use('/.well-known/change-password',
wellKnownRateLimiter,
(_, res: express.Response) => {
res.redirect('/my-account/settings')
}
)
wellKnownRouter.use('/.well-known/host-meta',
wellKnownRateLimiter,
(_, res: express.Response) => {
res.type('application/xml')
const xml = '<?xml version="1.0" encoding="UTF-8"?>\n' +
'<XRD xmlns="http://docs.oasis-open.org/ns/xri/xrd-1.0">\n' +
` <Link rel="lrdd" type="application/xrd+xml" template="${WEBSERVER.URL}/.well-known/webfinger?resource={uri}"/>\n` +
'</XRD>'
res.send(xml).end()
}
)
wellKnownRouter.use('/.well-known/',
wellKnownRateLimiter,
cacheRoute(ROUTE_CACHE_LIFETIME.WELL_KNOWN),
express.static(CONFIG.STORAGE.WELL_KNOWN_DIR, { fallthrough: false }),
handleStaticError
)
// ---------------------------------------------------------------------------
export {
wellKnownRouter
}
// ---------------------------------------------------------------------------
function webfingerController (req: express.Request, res: express.Response) {
const actor = res.locals.actorUrl
const json = {
subject: req.query.resource,
aliases: [ actor.url ],
links: [
{
rel: 'self',
type: 'application/activity+json',
href: actor.url
},
{
rel: 'http://ostatus.org/schema/1.0/subscribe',
template: WEBSERVER.URL + '/remote-interaction?uri={uri}'
}
]
}
return res.json(json)
}
|
