Posting to permitted domains

2019-06-28 21:22:36 +01:00 · 2019-06-28 21:22:36 +01:00 · 27099e6450
parent 831c9ae97a
commit 27099e6450
3 changed files with 19 additions and 4 deletions
--- a/daemon.py
+++ b/daemon.py
@ -19,8 +19,12 @@ from person import personLookup
 from person import personKeyLookup
 import os

+# domain name of this server
 thisDomain=''

+# List of domains to federate with
+federationList=[]
+
 def readFollowList(filename: str):
    """Returns a list of ActivityPub addresses to follow
    """
@ -130,9 +134,11 @@ class PubServer(BaseHTTPRequestHandler):
        self._set_headers('application/json')
        self.wfile.write(json.dumps(message).encode('utf-8'))

-def runDaemon(domain: str,port=80,useTor=False) -> None:
+def runDaemon(domain: str,port=80,allowedDomains,useTor=False) -> None:
    global thisDomain
+    global federationList
    thisDomain=domain
+    federationList=allowedDomains

    if len(domain)==0:
        domain='127.0.0.1'
--- a/epicyon.py
+++ b/epicyon.py
@ -20,6 +20,7 @@ from httpsig import testHttpsig
 from daemon import runDaemon
 import socket

+allowedDomains=['mastodon.social']
 username='testuser'
 #domain=socket.gethostname()
 domain='mydomain.com'
@ -31,7 +32,7 @@ session = createSession(useTor)
 privateKeyPem,publicKeyPem,person,wfEndpoint=createPerson(username,domain,https,True)
 setPreferredUsername(username,domain,'badger')
 setBio(username,domain,'Some personal info')
-runDaemon(domain,port,useTor)
+runDaemon(domain,port,allowedDomains,useTor)

 #testHttpsig()
 #sys.exit()
@ -40,7 +41,6 @@ runDaemon(domain,port,useTor)
 #print('\n')
 #pprint(wfEndpoint)

-allowedDomains=['mastodon.social']
 handle="https://mastodon.social/@Gargron"
 wfRequest = webfingerHandle(session,handle,True)
 if not wfRequest:
--- a/session.py
+++ b/session.py
@ -28,8 +28,17 @@ def getJson(session,url: str,headers,params):
    session.cookies.clear()
    return session.get(url, headers=sessionHeaders, params=sessionParams).json()

-def postJson(session,postJson,inboxUrl: str):
+def postJson(session,postJson,allowedDomains,inboxUrl: str):
    """Post a json message to the inbox of another person
    """
+    # check that we are posting to a permitted domain
+    permittedDomain=False
+    for domain in allowedDomains:
+        if domain in inboxUrl:
+            permittedDomain=True
+            break
+    if not permittedDomain:
+        return None
+
    postResult = session.post(url = inboxUrl, data = postJson) 
    return postResult.text