From 27099e645085c545d8eb936a70b3611be304d114 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Fri, 28 Jun 2019 21:22:36 +0100 Subject: [PATCH] Posting to permitted domains --- daemon.py | 8 +++++++- epicyon.py | 4 ++-- session.py | 11 ++++++++++- 3 files changed, 19 insertions(+), 4 deletions(-) diff --git a/daemon.py b/daemon.py index 23074d6c3..7978e82d6 100644 --- a/daemon.py +++ b/daemon.py @@ -19,8 +19,12 @@ from person import personLookup from person import personKeyLookup import os +# domain name of this server thisDomain='' +# List of domains to federate with +federationList=[] + def readFollowList(filename: str): """Returns a list of ActivityPub addresses to follow """ @@ -130,9 +134,11 @@ class PubServer(BaseHTTPRequestHandler): self._set_headers('application/json') self.wfile.write(json.dumps(message).encode('utf-8')) -def runDaemon(domain: str,port=80,useTor=False) -> None: +def runDaemon(domain: str,port=80,allowedDomains,useTor=False) -> None: global thisDomain + global federationList thisDomain=domain + federationList=allowedDomains if len(domain)==0: domain='127.0.0.1' diff --git a/epicyon.py b/epicyon.py index 8c6e4fc0d..805a939b8 100644 --- a/epicyon.py +++ b/epicyon.py @@ -20,6 +20,7 @@ from httpsig import testHttpsig from daemon import runDaemon import socket +allowedDomains=['mastodon.social'] username='testuser' #domain=socket.gethostname() domain='mydomain.com' @@ -31,7 +32,7 @@ session = createSession(useTor) privateKeyPem,publicKeyPem,person,wfEndpoint=createPerson(username,domain,https,True) setPreferredUsername(username,domain,'badger') setBio(username,domain,'Some personal info') -runDaemon(domain,port,useTor) +runDaemon(domain,port,allowedDomains,useTor) #testHttpsig() #sys.exit() @@ -40,7 +41,6 @@ runDaemon(domain,port,useTor) #print('\n') #pprint(wfEndpoint) -allowedDomains=['mastodon.social'] handle="https://mastodon.social/@Gargron" wfRequest = webfingerHandle(session,handle,True) if not wfRequest: diff --git a/session.py b/session.py index 202fa9a8a..31e2f34e5 100644 --- a/session.py +++ b/session.py @@ -28,8 +28,17 @@ def getJson(session,url: str,headers,params): session.cookies.clear() return session.get(url, headers=sessionHeaders, params=sessionParams).json() -def postJson(session,postJson,inboxUrl: str): +def postJson(session,postJson,allowedDomains,inboxUrl: str): """Post a json message to the inbox of another person """ + # check that we are posting to a permitted domain + permittedDomain=False + for domain in allowedDomains: + if domain in inboxUrl: + permittedDomain=True + break + if not permittedDomain: + return None + postResult = session.post(url = inboxUrl, data = postJson) return postResult.text