sour-is/go-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 4 Wiki Activity

chore: add apps from go.sour.is/ev

Browse Source
This commit is contained in:
xuu
2023-09-29 10:31:25 -06:00
parent 976ce36be2
commit bec2c14d51
80 changed files with 13030 additions and 439 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
app/webfinger/addr.go Normal file
View File

@@ -0,0 +1,35 @@
package webfinger
import (
"net/url"
"strings"
)
type Addr struct {
prefix []string
URL *url.URL
}
func Parse(s string) *Addr {
addr := &Addr{}
addr.URL, _ = url.Parse(s)
if addr.URL.Opaque == "" {
return addr
}
var hasPfx = true
pfx := addr.URL.Scheme
for hasPfx {
addr.prefix = append(addr.prefix, pfx)
pfx, addr.URL.Opaque, hasPfx = strings.Cut(addr.URL.Opaque, ":")
}
user, host, _ := strings.Cut(pfx, "@")
addr.URL.User = url.User(user)
addr.URL.Host = host
return addr
}

46
app/webfinger/client.go Normal file
View File

@@ -0,0 +1,46 @@
package webfinger
import (
"crypto/ed25519"
"encoding/base64"
"time"
"github.com/golang-jwt/jwt/v4"
"github.com/oklog/ulid/v2"
)
var (
defaultExpire = 30 * time.Minute
defaultIssuer = "sour.is/webfinger"
defaultAudience = "sour.is/webfinger"
)
func NewSignedRequest(jrd *JRD, key ed25519.PrivateKey) (string, error) {
type claims struct {
PubKey string `json:"pub"`
*JRD
jwt.RegisteredClaims
}
pub := []byte(key.Public().(ed25519.PublicKey))
j := claims{
PubKey: enc(pub),
JRD: jrd.CloneValues(),
RegisteredClaims: jwt.RegisteredClaims{
ID: ulid.Make().String(),
Subject: jrd.Subject,
Audience: jwt.ClaimStrings{defaultAudience},
ExpiresAt: jwt.NewNumericDate(time.Now().Add(defaultExpire)),
IssuedAt: jwt.NewNumericDate(time.Now()),
Issuer: defaultIssuer,
},
}
j.JRD.Subject = "" // move subject into registered claims.
token := jwt.NewWithClaims(jwt.SigningMethodEdDSA, &j)
return token.SignedString(key)
}
func enc(b []byte) string {
return base64.RawURLEncoding.EncodeToString(b)
}

44
app/webfinger/events.go Normal file
View File

@@ -0,0 +1,44 @@
package webfinger
import (
"go.sour.is/ev/event"
)
type SubjectSet struct {
Subject string `json:"subject"`
Aliases []string `json:"aliases,omitempty"`
Properties map[string]*string `json:"properties,omitempty"`
event.IsEvent `json:"-"`
}
type SubjectDeleted struct {
Subject string `json:"subject"`
event.IsEvent `json:"-"`
}
var _ event.Event = (*SubjectDeleted)(nil)
type LinkSet struct {
Index uint64 `json:"idx"`
Rel string `json:"rel"`
Type string `json:"type,omitempty"`
HRef string `json:"href,omitempty"`
Titles map[string]string `json:"titles,omitempty"`
Properties map[string]*string `json:"properties,omitempty"`
Template string `json:"template,omitempty"`
event.IsEvent `json:"-"`
}
var _ event.Event = (*LinkSet)(nil)
type LinkDeleted struct {
Index uint64 `json:"idx"`
Rel string `json:"rel"`
event.IsEvent `json:"-"`
}
var _ event.Event = (*LinkDeleted)(nil)

426
app/webfinger/jrd.go Normal file
View File

@@ -0,0 +1,426 @@
package webfinger
import (
"bytes"
"encoding/base64"
"encoding/json"
"fmt"
"hash/fnv"
"sort"
"go.sour.is/pkg/set"
"go.sour.is/pkg/slice"
"gopkg.in/yaml.v3"
"go.sour.is/ev/event"
)
func StreamID(subject string) string {
h := fnv.New128a()
h.Write([]byte(subject))
return "webfinger." + base64.RawURLEncoding.EncodeToString(h.Sum(nil))
}
// JRD is a JSON Resource Descriptor, specifying properties and related links
// for a resource.
type JRD struct {
Subject string `json:"subject,omitempty" yaml:"subject,omitempty"`
Aliases []string `json:"aliases,omitempty" yaml:"aliases,omitempty"`
Properties map[string]*string `json:"properties,omitempty" yaml:"properties,omitempty"`
Links Links `json:"links,omitempty" yaml:"links,omitempty"`
deleted bool
event.IsAggregate `json:"-" yaml:"-"`
}
func (a *JRD) CloneValues() *JRD {
m := make(map[string]*string, len(a.Properties))
for k, v := range a.Properties {
m[k] = v
}
return &JRD{
Subject: a.Subject,
Aliases: append([]string{}, a.Aliases...),
Properties: m,
Links: append([]*Link{}, a.Links...),
}
}
var _ event.Aggregate = (*JRD)(nil)
// Link is a link to a related resource.
type Link struct {
Index uint64 `json:"-" yaml:"-"`
Rel string `json:"rel,omitempty"`
Type string `json:"type,omitempty"`
HRef string `json:"href,omitempty"`
Titles map[string]string `json:"titles,omitempty"`
Properties map[string]*string `json:"properties,omitempty"`
Template string `json:"template,omitempty"`
}
type Links []*Link
// Len is the number of elements in the collection.
func (l Links) Len() int {
if l == nil {
return 0
}
return len(l)
}
// Less reports whether the element with index i
func (l Links) Less(i int, j int) bool {
if l[i] == nil || l[j] == nil {
return false
}
if l[i].Rel == l[j].Rel {
return l[i].Type < l[j].Type
}
return l[i].Rel < l[j].Rel
}
// Swap swaps the elements with indexes i and j.
func (l Links) Swap(i int, j int) {
if l == nil {
return
}
l[i], l[j] = l[j], l[i]
}
// ParseJRD parses the JRD using json.Unmarshal.
func ParseJRD(blob []byte) (*JRD, error) {
jrd := JRD{}
err := json.Unmarshal(blob, &jrd)
if err != nil {
return nil, err
}
for i := range jrd.Links {
jrd.Links[i].Index = uint64(i)
}
return &jrd, nil
}
// GetLinkByRel returns the first *Link with the specified rel value.
func (jrd *JRD) GetLinkByRel(rel string) *Link {
for _, link := range jrd.Links {
if link.Rel == rel {
return link
}
}
return nil
}
// GetLinksByRel returns each *Link with the specified rel value.
func (jrd *JRD) GetLinksByRel(rel ...string) []*Link {
var lis []*Link
rels := set.New(rel...)
for _, link := range jrd.Links {
if rels.Has(link.Rel) {
lis = append(lis, link)
}
}
return lis
}
// GetProperty Returns the property value as a string.
// Per spec a property value can be null, empty string is returned in this case.
func (jrd *JRD) GetProperty(uri string) string {
if jrd.Properties[uri] == nil {
return ""
}
return *jrd.Properties[uri]
}
func (a *JRD) SetProperty(name string, value *string) {
if a.Properties == nil {
a.Properties = make(map[string]*string)
}
a.Properties[name] = value
}
func (a *JRD) DeleteProperty(name string) {
if a.Properties == nil {
return
}
delete(a.Properties, name)
}
func (a *JRD) IsDeleted() bool {
return a.deleted
}
// GetProperty Returns the property value as a string.
// Per spec a property value can be null, empty string is returned in this case.
func (link *Link) GetProperty(uri string) string {
if link.Properties[uri] == nil {
return ""
}
return *link.Properties[uri]
}
func (link *Link) SetProperty(name string, value *string) {
if link.Properties == nil {
link.Properties = make(map[string]*string)
}
link.Properties[name] = value
}
func (link *Link) DeleteProperty(name string) {
if link.Properties == nil {
return
}
delete(link.Properties, name)
}
// ApplyEvent implements event.Aggregate
func (a *JRD) ApplyEvent(events ...event.Event) {
for _, e := range events {
switch e := e.(type) {
case *SubjectSet:
a.deleted = false
a.Subject = e.Subject
a.Aliases = e.Aliases
a.Properties = e.Properties
case *SubjectDeleted:
a.deleted = true
a.Subject = e.Subject
a.Aliases = a.Aliases[:0]
a.Links = a.Links[:0]
a.Properties = map[string]*string{}
case *LinkSet:
link, ok := slice.FindFn(func(l *Link) bool { return l.Index == e.Index }, a.Links...)
if !ok {
link = &Link{}
link.Index = uint64(len(a.Links))
a.Links = append(a.Links, link)
}
link.Rel = e.Rel
link.HRef = e.HRef
link.Type = e.Type
link.Titles = e.Titles
link.Properties = e.Properties
link.Template = e.Template
case *LinkDeleted:
a.Links = slice.FilterFn(func(link *Link) bool { return link.Index != e.Index }, a.Links...)
}
}
}
const NSauth = "https://sour.is/ns/auth"
const NSpubkey = "https://sour.is/ns/pubkey"
const NSredirect = "https://sour.is/rel/redirect"
func (a *JRD) OnAuth(claim, auth *JRD) error {
pubkey := claim.Properties[NSpubkey]
if v, ok := auth.Properties[NSpubkey]; ok && v != nil && cmpPtr(v, pubkey) {
// pubkey matches!
} else {
return fmt.Errorf("pubkey does not match")
}
if a.Version() > 0 && !a.IsDeleted() && a.Subject != claim.Subject {
return fmt.Errorf("subject does not match")
}
if auth.Subject == claim.Subject {
claim.SetProperty(NSpubkey, pubkey)
} else {
claim.SetProperty(NSauth, &auth.Subject)
claim.DeleteProperty(NSpubkey)
}
return nil
}
func (a *JRD) OnDelete(jrd *JRD) error {
if a.Version() == 0 || a.IsDeleted() {
return nil
}
event.Raise(a, &SubjectDeleted{Subject: jrd.Subject})
return nil
}
func (a *JRD) OnClaims(jrd *JRD) error {
err := a.OnSubjectSet(jrd.Subject, jrd.Aliases, jrd.Properties)
if err != nil {
return err
}
for _, z := range slice.Align(
a.Links, // old
jrd.Links, // new
func(l, r *Link) bool { return l.Index < r.Index },
) {
// Not in new == delete
if z.Key == nil {
link := *z.Value
event.Raise(a, &LinkDeleted{Index: link.Index, Rel: link.Rel})
continue
}
// Not in old == create
if z.Value == nil {
link := *z.Key
event.Raise(a, &LinkSet{
Index: link.Index,
Rel: link.Rel,
Type: link.Type,
HRef: link.HRef,
Titles: link.Titles,
Properties: link.Properties,
Template: link.Template,
})
continue
}
// in both == compare
a.OnLinkSet(*z.Key, *z.Value)
}
return nil
}
func (a *JRD) OnSubjectSet(subject string, aliases []string, props map[string]*string) error {
modified := false
e := &SubjectSet{
Subject: subject,
Aliases: aliases,
Properties: props,
}
if subject != a.Subject {
modified = true
}
sort.Strings(aliases)
sort.Strings(a.Aliases)
for _, z := range slice.Zip(aliases, a.Aliases) {
if z.Key != z.Value {
modified = true
break
}
}
for _, z := range slice.Zip(
slice.Zip(slice.FromMap(props)),
slice.Zip(slice.FromMap(a.Properties)),
) {
newValue := z.Key
curValue := z.Value
if newValue.Key != curValue.Key {
modified = true
break
}
if !cmpPtr(newValue.Value, curValue.Value) {
modified = true
break
}
}
if modified {
event.Raise(a, e)
}
return nil
}
func (a *JRD) OnLinkSet(o, n *Link) error {
modified := false
e := &LinkSet{
Index: n.Index,
Rel: n.Rel,
Type: n.Type,
HRef: n.HRef,
Titles: n.Titles,
Properties: n.Properties,
Template: n.Template,
}
if n.Rel != o.Rel {
modified = true
}
if n.Type != o.Type {
modified = true
}
if n.HRef != o.HRef {
modified = true
}
if n.Template != o.Template {
fmt.Println(360, n.Template, o.Template, e.Template)
modified = true
}
nKeys := slice.FromMapKeys(n.Properties)
sort.Strings(nKeys)
oKeys := slice.FromMapKeys(o.Properties)
sort.Strings(oKeys)
for _, z := range slice.Zip(
slice.Zip(nKeys, slice.FromMapValues(n.Titles, nKeys)),
slice.Zip(oKeys, slice.FromMapValues(o.Titles, oKeys)),
) {
if z.Key != z.Value {
modified = true
break
}
}
nKeys = slice.FromMapKeys(n.Properties)
sort.Strings(nKeys)
oKeys = slice.FromMapKeys(o.Properties)
sort.Strings(oKeys)
for _, z := range slice.Zip(
slice.Zip(nKeys, slice.FromMapValues(n.Properties, nKeys)),
slice.Zip(oKeys, slice.FromMapValues(o.Properties, oKeys)),
) {
newValue := z.Key
curValue := z.Value
if newValue.Key != curValue.Key {
modified = true
break
}
if !cmpPtr(newValue.Value, curValue.Value) {
modified = true
break
}
}
if modified {
event.Raise(a, e)
}
return nil
}
func cmpPtr[T comparable](l, r *T) bool {
if l == nil {
return r == nil
}
if r == nil {
return l == nil
}
return *l == *r
}
func (a *JRD) String() string {
b := &bytes.Buffer{}
y := yaml.NewEncoder(b)
_ = y.Encode(a)
return b.String()
}

310
app/webfinger/jrd_test.go Normal file
View File

@@ -0,0 +1,310 @@
package webfinger_test
import (
"context"
"crypto/ed25519"
"encoding/base64"
"encoding/json"
"fmt"
"strings"
"testing"
"time"
jwt "github.com/golang-jwt/jwt/v4"
"github.com/matryer/is"
"go.sour.is/ev"
"go.uber.org/multierr"
"go.sour.is/tools/app/webfinger"
memstore "go.sour.is/ev/driver/mem-store"
"go.sour.is/ev/driver/projecter"
"go.sour.is/ev/driver/streamer"
"go.sour.is/ev/event"
)
func TestParseJRD(t *testing.T) {
// Adapted from spec http://tools.ietf.org/html/rfc6415#appendix-A
blob := `
{
"subject":"http://blog.example.com/article/id/314",
"aliases":[
"http://blog.example.com/cool_new_thing",
"http://blog.example.com/steve/article/7"],
"properties":{
"http://blgx.example.net/ns/version":"1.3",
"http://blgx.example.net/ns/ext":null
},
"links":[
{
"rel":"author",
"type":"text/html",
"href":"http://blog.example.com/author/steve",
"titles":{
"default":"About the Author",
"en-us":"Author Information"
},
"properties":{
"http://example.com/role":"editor"
}
},
{
"rel":"author",
"href":"http://example.com/author/john",
"titles":{
"default":"The other author"
}
},
{
"rel":"copyright"
}
]
}
`
obj, err := webfinger.ParseJRD([]byte(blob))
if err != nil {
t.Fatal(err)
}
if got, want := obj.Subject, "http://blog.example.com/article/id/314"; got != want {
t.Errorf("JRD.Subject is %q, want %q", got, want)
}
if got, want := obj.GetProperty("http://blgx.example.net/ns/version"), "1.3"; got != want {
t.Errorf("obj.GetProperty('http://blgx.example.net/ns/version') returned %q, want %q", got, want)
}
if got, want := obj.GetProperty("http://blgx.example.net/ns/ext"), ""; got != want {
t.Errorf("obj.GetProperty('http://blgx.example.net/ns/ext') returned %q, want %q", got, want)
}
if obj.GetLinkByRel("copyright") == nil {
t.Error("obj.GetLinkByRel('copyright') returned nil, want non-nil value")
}
if got, want := obj.GetLinkByRel("author").Titles["default"], "About the Author"; got != want {
t.Errorf("obj.GetLinkByRel('author').Titles['default'] returned %q, want %q", got, want)
}
if got, want := obj.GetLinkByRel("author").GetProperty("http://example.com/role"), "editor"; got != want {
t.Errorf("obj.GetLinkByRel('author').GetProperty('http://example.com/role') returned %q, want %q", got, want)
}
}
func TestEncodeJRD(t *testing.T) {
s, err := json.Marshal(&webfinger.JRD{
Subject: "test",
Properties: map[string]*string{
"https://sour.is/ns/prop1": nil,
},
})
if err != nil {
t.Fatal(err)
}
if string(s) != `{"subject":"test","properties":{"https://sour.is/ns/prop1":null}}` {
t.Fatal("output does not match")
}
}
func TestApplyEvents(t *testing.T) {
is := is.New(t)
events := event.NewEvents(
&webfinger.SubjectSet{
Subject: "acct:me@sour.is",
Properties: map[string]*string{
"https://sour.is/ns/pubkey": ptr("kex1d330ama4vnu3vll5dgwjv3k0pcxsccc5k2xy3j8khndggkszsmsq3hl4ru"),
},
},
&webfinger.LinkSet{
Index: 0,
Rel: "salty:public",
Type: "application/json+salty",
},
&webfinger.LinkSet{
Index: 1,
Rel: "salty:private",
Type: "application/json+salty",
},
&webfinger.LinkSet{
Index: 0,
Rel: "salty:public",
Type: "application/json+salty",
HRef: "https://ev.sour.is/inbox/01GAEMKXYJ4857JQP1MJGD61Z5",
Properties: map[string]*string{
"pub": ptr("kex1r8zshlvkc787pxvauaq7hd6awa9kmheddxjj9k80qmenyxk6284s50uvpw"),
},
},
&webfinger.LinkDeleted{
Index: 1,
Rel: "salty:private",
},
)
event.SetStreamID(webfinger.StreamID("acct:me@sour.is"), events...)
jrd := &webfinger.JRD{}
jrd.ApplyEvent(events...)
s, err := json.Marshal(jrd)
if err != nil {
t.Fatal(err)
}
is.Equal(string(s), `{"subject":"acct:me@sour.is","properties":{"https://sour.is/ns/pubkey":"kex1d330ama4vnu3vll5dgwjv3k0pcxsccc5k2xy3j8khndggkszsmsq3hl4ru"},"links":[{"rel":"salty:public","type":"application/json+salty","href":"https://ev.sour.is/inbox/01GAEMKXYJ4857JQP1MJGD61Z5","properties":{"pub":"kex1r8zshlvkc787pxvauaq7hd6awa9kmheddxjj9k80qmenyxk6284s50uvpw"}}]}`)
events = event.NewEvents(
&webfinger.SubjectDeleted{},
)
event.SetStreamID(webfinger.StreamID("acct:me@sour.is"), events...)
jrd.ApplyEvent(events...)
s, err = json.Marshal(jrd)
if err != nil {
t.Fatal(err)
}
t.Log(string(s))
if string(s) != `{}` {
t.Fatal("output does not match")
}
}
func TestCommands(t *testing.T) {
is := is.New(t)
ctx := context.Background()
pub, priv, err := ed25519.GenerateKey(nil)
is.NoErr(err)
token := jwt.NewWithClaims(jwt.SigningMethodEdDSA, jwt.MapClaims{
"sub": "acct:me@sour.is",
"pub": enc(pub),
"aliases": []string{"acct:xuu@sour.is"},
"properties": map[string]*string{
"https://example.com/ns/asdf": nil,
webfinger.NSpubkey: ptr(enc(pub)),
},
"links": []map[string]any{{
"rel": "salty:public",
"type": "application/json+salty",
"href": "https://ev.sour.is",
"titles": map[string]string{"default": "Jon Lundy"},
"properties": map[string]*string{
"pub": ptr("kex140fwaena9t0mrgnjeare5zuknmmvl0vc7agqy5yr938vusxfh9ys34vd2p"),
},
}},
"exp": time.Now().Add(30 * time.Second).Unix(),
})
aToken, err := token.SignedString(priv)
is.NoErr(err)
es, err := ev.Open(ctx, "mem:", streamer.New(ctx), projecter.New(ctx))
is.NoErr(err)
type claims struct {
Subject string `json:"sub"`
PubKey string `json:"pub"`
*webfinger.JRD
jwt.StandardClaims
}
token, err = jwt.ParseWithClaims(
aToken,
&claims{},
func(tok *jwt.Token) (any, error) {
c, ok := tok.Claims.(*claims)
if !ok {
return nil, fmt.Errorf("wrong type of claim")
}
c.JRD.Subject = c.Subject
c.StandardClaims.Subject = c.Subject
c.SetProperty(webfinger.NSpubkey, &c.PubKey)
pub, err := dec(c.PubKey)
return ed25519.PublicKey(pub), err
},
jwt.WithValidMethods([]string{"EdDSA"}),
jwt.WithJSONNumber(),
)
is.NoErr(err)
c, ok := token.Claims.(*claims)
is.True(ok)
t.Logf("%#v", c)
a, err := ev.Upsert(ctx, es, webfinger.StreamID(c.Subject), func(ctx context.Context, a *webfinger.JRD) error {
var auth *webfinger.JRD
// does the target have a pubkey for self auth?
if _, ok := a.Properties[webfinger.NSpubkey]; ok {
auth = a
}
// Check current version for auth.
if authID, ok := a.Properties[webfinger.NSauth]; ok && authID != nil && auth == nil {
auth = &webfinger.JRD{}
auth.SetStreamID(webfinger.StreamID(*authID))
err := es.Load(ctx, auth)
if err != nil {
return err
}
}
if a.Version() == 0 || a.IsDeleted() {
// else does the new object claim auth from another object?
if authID, ok := c.Properties[webfinger.NSauth]; ok && authID != nil && auth == nil {
auth = &webfinger.JRD{}
auth.SetStreamID(webfinger.StreamID(*authID))
err := es.Load(ctx, auth)
if err != nil {
return err
}
}
// fall back to use auth from submitted claims
if auth == nil {
auth = c.JRD
}
}
if auth == nil {
return fmt.Errorf("auth not found")
}
err = a.OnAuth(c.JRD, auth)
if err != nil {
return err
}
return a.OnClaims(c.JRD)
})
is.NoErr(err)
for _, e := range a.Events(false) {
t.Log(e)
}
}
func ptr[T any](v T) *T {
return &v
}
func enc(b []byte) string {
return base64.RawURLEncoding.EncodeToString(b)
}
func dec(s string) ([]byte, error) {
s = strings.TrimSpace(s)
return base64.RawURLEncoding.DecodeString(s)
}
func TestMain(m *testing.M) {
ctx, stop := context.WithCancel(context.Background())
defer stop()
err := multierr.Combine(
ev.Init(ctx),
event.Init(ctx),
memstore.Init(ctx),
)
if err != nil {
fmt.Println(err)
return
}
m.Run()
}

6
app/webfinger/ui/assets/bootstrap.min.css vendored Normal file
View File

File diff suppressed because one or more lines are too long

1
app/webfinger/ui/assets/bootstrap.min.css.map Normal file
View File

File diff suppressed because one or more lines are too long

95
app/webfinger/ui/assets/webfinger.css Normal file
View File

@@ -0,0 +1,95 @@
/* Space out content a bit */
body {
padding-top: 20px;
padding-bottom: 20px;
}
/* Everything but the jumbotron gets side spacing for mobile first views */
.header,
.footer {
padding-right: 15px;
padding-left: 15px;
}
/* Custom page header */
.header {
padding-bottom: 20px;
border-bottom: 1px solid #e5e5e5;
}
/* Make the masthead heading the same height as the navigation */
.header h3 {
margin-top: 0;
margin-bottom: 0;
line-height: 40px;
}
/* Custom page footer */
.footer {
padding-top: 19px;
color: #777;
border-top: 1px solid #e5e5e5;
}
.panel-heading a {
color: white;
font-weight: bold;
}
.container-narrow > hr {
margin: 30px 0;
}
@media (prefers-color-scheme: dark) {
body, .panel-body {
color: white;
background-color: #222;
}
nav.navbar-default {
background-color: rgb(35, 29, 71);
}
.navbar-default .navbar-brand {
color: white;
}
.panel-primary, .list-group, .list-group-item {
color: white;
background-color: #16181c;
}
.table > tbody > tr.active > th, .table > tbody > tr.active > td {
background-color: rgb(35, 29, 71);
}
.table-striped > tbody > tr:nth-of-type(2n+1) {
background-color: rgb(35, 29, 71);
}
.panel pre {
color: white;
background-color: #16181c;
}
.panel .panel-primary > .panel-heading {
background-color: rgb(35, 29, 71);
}
.panel a {
color: cornflowerblue;
}
code {
color: white;
background-color: #282b32;
}
}
@import url(https://cdn.jsdelivr.net/npm/firacode@6.2.0/distr/fira_code.css);
code { font-family: 'Fira Code', monospace; }
@media (min-width: 100) {
.truncate {
width: 750px;
white-space: nowrap;
overflow: hidden;
text-overflow: ellipsis;
}
.container {
width: 750px;
}
}

28
app/webfinger/ui/layouts/main.go.tpl Normal file
View File

@@ -0,0 +1,28 @@
{{define "main"}}
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
{{template "meta" .}}
<title>👉 Webfinger 👈</title>
<link href="/webfinger/assets/bootstrap.min.css" rel="stylesheet" integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7" crossorigin="anonymous">
<link href="/webfinger/assets/webfinger.css" rel="stylesheet" crossorigin="anonymous">
</head>
<body>
<nav class="navbar navbar-default">
<div class="container-fluid">
<a class="navbar-brand" href="/webfinger">👉 Webfinger 👈</a>
</div>
</div>
</nav>
<div class=container>
{{template "content" .}}
</div>
</body>
</html>
{{end}}

131
app/webfinger/ui/pages/home.go.tpl Normal file
View File

@@ -0,0 +1,131 @@
{{template "main" .}}
{{define "meta"}}{{end}}
{{define "content"}}
<form method="GET">
<div class="input-group">
<span class="input-group-addon" id="basic-addon1">resource</span>
<input name="resource" class="form-control" placeholder="acct:..."/>
<span class="input-group-btn">
<button class="btn btn-default" type="submit">Go!</button>
</span>
</div>
</form>
<br/>
{{ if ne .Err nil }}
<div class="alert alert-danger" role="alert">
{{ .Err }}
</div>
{{ end }}
{{ if ne .JRD nil }}
<div class="panel panel-primary">
<div class="panel-heading">Webfinger Result</div>
<table class="table">
<tr>
<th style="width:98px">Subject</th>
<td>
<div class="media">
<div class="media-body">
{{ .JRD.Subject }}
</div>
{{ with .JRD.GetLinkByRel "http://webfinger.net/rel/avatar" }}
{{ if ne . nil }}
<div class="media-left media-middle">
<div class="panel panel-default">
<div class="panel-body">
<img src="{{ .HRef }}" />
</div>
</div>
</div>
{{ end }}
{{ end }}
</div>
</td>
</tr>
{{if ne (len .JRD.Aliases) 0}}
<tr>
<th>Aliases</th>
<td>
<ul class="list-group">
{{ range .JRD.Aliases }}<li class="list-group-item">{{ . }}</li>
{{ end }}
</ul>
</td>
</tr>
{{ end }}
{{ if ne (len .JRD.Properties) 0 }}
<tr>
<th>Properties</th>
<td>
<div class="list-group truncate">
{{ range $key, $value := .JRD.Properties }}<div class="list-group-item">
<h5 class="list-group-item-heading" title="{{ $key }}">{{ propName $key }}</h5>
<code class="list-group-item-text">{{ $value }}</code>
</div>
{{ end }}
</div>
</td>
</tr>
{{ end }}
{{ if ne (len .JRD.Links) 0 }}
{{ range .JRD.Links }}
<tr class="active">
{{ if ne (len .Template) 0 }}
<th> Template </th>
<td>{{ .Template }}</td>
{{ else }}
<th> Link </th>
<td>{{ if ne (len .HRef) 0 }}<a href="{{ .HRef }}" target="_blank">{{ .HRef }}</a>{{ end }}</td>
{{ end }}
<tr>
<tr>
<th> Properties </th>
<td>
<div class="list-group">
<div class="list-group-item truncate">
<h5 class="list-group-item-heading">rel<h5>
<code class="list-group-item-text">{{ .Rel }}</code>
</div>
{{ if ne (len .Type) 0 }}<div class="list-group-item truncate">
<h5 class="list-group-item-heading">type</h5>
<code class="list-group-item-text">{{ .Type }}</code>
</div>
{{ end }}
{{ range $key, $value := .Properties }}<div class="list-group-item truncate">
<h5 class="list-group-item-heading" title="{{ $key }}">{{ propName $key }}</h5>
<code class="list-group-item-text">{{ $value }}</code>
</div>
{{ end }}
</div>
</td>
</tr>
{{ end }}
{{ end }}
</table>
</div>
{{ end }}
<div class="panel panel-primary">
<div class="panel-heading">Raw JRD</div>
<pre style="height: 15em; overflow-y: auto; border: 0px">
Status: {{ .Status }}
{{ .Body | printf "%s" }}
</pre>
</div>
{{end}}

416
app/webfinger/webfinger.go Normal file
View File

@@ -0,0 +1,416 @@
package webfinger
import (
"context"
"crypto/ed25519"
"embed"
"encoding/base64"
"encoding/json"
"errors"
"fmt"
"html"
"html/template"
"io"
"io/fs"
"log"
"net/http"
"net/http/httptest"
"net/url"
"os"
"strings"
"github.com/golang-jwt/jwt/v4"
"go.sour.is/pkg/lg"
"go.sour.is/pkg/set"
"go.sour.is/ev"
"go.sour.is/ev/event"
)
var (
//go:embed ui/*/*
files embed.FS
templates map[string]*template.Template
)
type service struct {
es *ev.EventStore
self set.Set[string]
cache func(string) bool
}
type Option interface {
ApplyWebfinger(s *service)
}
type WithHostnames []string
func (o WithHostnames) ApplyWebfinger(s *service) {
s.self = set.New(o...)
}
type WithCache func(string) bool
func (o WithCache) ApplyWebfinger(s *service) {
s.cache = o
}
func New(ctx context.Context, es *ev.EventStore, opts ...Option) (*service, error) {
ctx, span := lg.Span(ctx)
defer span.End()
if err := event.Register(
ctx,
&SubjectSet{},
&SubjectDeleted{},
&LinkSet{},
&LinkDeleted{},
); err != nil {
return nil, err
}
svc := &service{es: es}
for _, o := range opts {
o.ApplyWebfinger(svc)
}
return svc, nil
}
func (s *service) RegisterHTTP(mux *http.ServeMux) {
a, _ := fs.Sub(files, "ui/assets")
assets := http.StripPrefix("/webfinger/assets/", http.FileServer(http.FS(a)))
mux.Handle("/webfinger", s.ui())
mux.Handle("/webfinger/assets/", assets)
}
func (s *service) RegisterWellKnown(mux *http.ServeMux) {
mux.Handle("/webfinger", lg.Htrace(s, "webfinger"))
}
func (s *service) ServeHTTP(w http.ResponseWriter, r *http.Request) {
ctx := r.Context()
ctx, span := lg.Span(ctx)
defer span.End()
if r.URL.Path != "/webfinger" {
w.WriteHeader(http.StatusNotFound)
fmt.Fprint(w, http.StatusText(http.StatusNotFound))
return
}
switch r.Method {
case http.MethodPut, http.MethodDelete:
if r.ContentLength > 4096 {
w.WriteHeader(http.StatusRequestEntityTooLarge)
fmt.Fprint(w, http.StatusText(http.StatusRequestEntityTooLarge))
span.AddEvent("request too large")
return
}
body, err := io.ReadAll(io.LimitReader(r.Body, 4096))
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
fmt.Fprint(w, http.StatusText(http.StatusInternalServerError))
span.RecordError(err)
return
}
r.Body.Close()
type claims struct {
PubKey string `json:"pub"`
*JRD
jwt.RegisteredClaims
}
token, err := jwt.ParseWithClaims(
string(body),
&claims{},
func(tok *jwt.Token) (any, error) {
c, ok := tok.Claims.(*claims)
if !ok {
return nil, fmt.Errorf("wrong type of claim")
}
if c.JRD == nil {
c.JRD = &JRD{}
}
c.JRD.Subject = c.RegisteredClaims.Subject
c.SetProperty(NSpubkey, &c.PubKey)
pub, err := dec(c.PubKey)
return ed25519.PublicKey(pub), err
},
jwt.WithValidMethods([]string{"EdDSA"}),
jwt.WithJSONNumber(),
)
if err != nil {
w.WriteHeader(http.StatusUnprocessableEntity)
fmt.Fprint(w, http.StatusText(http.StatusUnprocessableEntity), ": ", err.Error())
span.RecordError(err)
return
}
c, ok := token.Claims.(*claims)
if !ok {
w.WriteHeader(http.StatusUnprocessableEntity)
fmt.Fprint(w, http.StatusText(http.StatusUnprocessableEntity))
span.AddEvent("not a claim")
return
}
if c.ID != "" && s.cache != nil {
if ok := s.cache(c.ID); ok {
w.WriteHeader(http.StatusAlreadyReported)
fmt.Fprint(w, http.StatusText(http.StatusAlreadyReported))
span.AddEvent("already seen ID")
return
}
}
json.NewEncoder(os.Stdout).Encode(c.JRD)
for i := range c.JRD.Links {
c.JRD.Links[i].Index = uint64(i)
}
a, err := ev.Upsert(ctx, s.es, StreamID(c.JRD.Subject), func(ctx context.Context, a *JRD) error {
var auth *JRD
for i := range a.Links {
a.Links[i].Index = uint64(i)
}
// does the target have a pubkey for self auth?
if _, ok := a.Properties[NSpubkey]; ok {
auth = a
}
// Check current version for auth.
if authID, ok := a.Properties[NSauth]; ok && authID != nil && auth == nil {
auth = &JRD{}
auth.SetStreamID(StreamID(*authID))
err := s.es.Load(ctx, auth)
if err != nil {
return err
}
}
if a.Version() == 0 || a.IsDeleted() {
// else does the new object claim auth from another object?
if authID, ok := c.Properties[NSauth]; ok && authID != nil && auth == nil {
auth = &JRD{}
auth.SetStreamID(StreamID(*authID))
err := s.es.Load(ctx, auth)
if err != nil {
return err
}
}
// fall back to use auth from submitted claims
if auth == nil {
auth = c.JRD
}
}
if auth == nil {
return fmt.Errorf("auth not found")
}
err = a.OnAuth(c.JRD, auth)
if err != nil {
return err
}
if r.Method == http.MethodDelete {
return a.OnDelete(c.JRD)
}
return a.OnClaims(c.JRD)
})
if err != nil {
w.WriteHeader(http.StatusUnprocessableEntity)
fmt.Fprint(w, http.StatusText(http.StatusUnprocessableEntity), ": ", err.Error())
span.RecordError(err)
return
}
if version := a.Version(); r.Method == http.MethodDelete && version > 0 {
err = s.es.Truncate(ctx, a.StreamID(), int64(version))
span.RecordError(err)
}
w.Header().Set("Content-Type", "application/jrd+json")
if r.Method == http.MethodDelete {
w.WriteHeader(http.StatusNoContent)
} else {
w.WriteHeader(http.StatusCreated)
}
j := json.NewEncoder(w)
j.SetIndent("", " ")
err = j.Encode(a)
span.RecordError(err)
case http.MethodGet:
resource := r.URL.Query().Get("resource")
rels := r.URL.Query()["rel"]
if resource == "" {
w.WriteHeader(http.StatusBadRequest)
return
}
if u := Parse(resource); u != nil && !s.self.Has(u.URL.Host) {
redirect := &url.URL{}
redirect.Scheme = "https"
redirect.Host = u.URL.Host
redirect.RawQuery = r.URL.RawQuery
redirect.Path = "/.well-known/webfinger"
w.Header().Set("location", redirect.String())
w.WriteHeader(http.StatusSeeOther)
return
}
a := &JRD{}
a.SetStreamID(StreamID(resource))
err := s.es.Load(ctx, a)
if err != nil {
span.RecordError(err)
if errors.Is(err, ev.ErrNotFound) {
w.WriteHeader(http.StatusNotFound)
fmt.Fprint(w, http.StatusText(http.StatusNotFound))
return
}
w.WriteHeader(http.StatusInternalServerError)
fmt.Fprint(w, http.StatusText(http.StatusInternalServerError))
return
}
if a.IsDeleted() {
w.WriteHeader(http.StatusGone)
fmt.Fprint(w, http.StatusText(http.StatusGone))
span.AddEvent("is deleted")
return
}
if len(rels) > 0 {
a.Links = a.GetLinksByRel(rels...)
}
if a.Properties != nil {
if redirect, ok := a.Properties[NSredirect]; ok && redirect != nil {
w.Header().Set("location", *redirect)
w.WriteHeader(http.StatusSeeOther)
return
}
}
w.Header().Set("Content-Type", "application/jrd+json")
w.WriteHeader(http.StatusOK)
j := json.NewEncoder(w)
j.SetIndent("", " ")
err = j.Encode(a)
span.RecordError(err)
default:
w.Header().Set("Allow", "GET, PUT, DELETE, OPTIONS")
w.WriteHeader(http.StatusMethodNotAllowed)
fmt.Fprint(w, http.StatusText(http.StatusMethodNotAllowed))
span.AddEvent("method not allow: " + r.Method)
}
}
func (s *service) ui() http.HandlerFunc {
loadTemplates()
return func(w http.ResponseWriter, r *http.Request) {
args := struct {
Req *http.Request
Status int
Body []byte
JRD *JRD
Err error
}{Status: http.StatusOK}
if r.URL.Query().Has("resource") {
args.Req, args.Err = http.NewRequestWithContext(r.Context(), http.MethodGet, r.URL.String(), nil)
if args.Err != nil {
http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
return
}
wr := httptest.NewRecorder()
s.ServeHTTP(wr, args.Req)
args.Status = wr.Code
switch wr.Code {
case http.StatusSeeOther:
res, err := http.DefaultClient.Get(wr.Header().Get("location"))
args.Err = err
if err == nil {
args.Status = res.StatusCode
args.Body, args.Err = io.ReadAll(res.Body)
}
case http.StatusOK:
args.Body, args.Err = io.ReadAll(wr.Body)
if args.Err == nil {
args.JRD, args.Err = ParseJRD(args.Body)
}
}
if args.Err == nil && args.Body != nil {
args.JRD, args.Err = ParseJRD(args.Body)
}
}
t := templates["home.go.tpl"]
err := t.Execute(w, args)
if err != nil {
log.Println(err)
}
}
}
func dec(s string) ([]byte, error) {
s = strings.TrimSpace(s)
return base64.RawURLEncoding.DecodeString(s)
}
var funcMap = map[string]any{
"propName": func(in string) string { return in[strings.LastIndex(in, "/")+1:] },
"escape": html.EscapeString,
}
func loadTemplates() error {
if templates != nil {
return nil
}
templates = make(map[string]*template.Template)
tmplFiles, err := fs.ReadDir(files, "ui/pages")
if err != nil {
return err
}
for _, tmpl := range tmplFiles {
if tmpl.IsDir() {
continue
}
pt := template.New(tmpl.Name())
pt.Funcs(funcMap)
pt, err = pt.ParseFS(files, "ui/pages/"+tmpl.Name(), "ui/layouts/*.go.tpl")
if err != nil {
log.Println(err)
return err
}
templates[tmpl.Name()] = pt
}
return nil
}