From 55789723042330ae33a119d0e0d2215d420a37be Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Sun, 30 Jun 2019 12:07:39 +0100
Subject: [PATCH] Create post

---
 posts.py   | 14 +++++++++++---
 session.py |  4 ++--
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/posts.py b/posts.py
index d3570e983..e85ff04bc 100644
--- a/posts.py
+++ b/posts.py
@@ -12,10 +12,13 @@ import commentjson
 import html
 import datetime
 import os, shutil
+import base64
 from pprint import pprint
 from random import randint
 from session import getJson
+from session import postJson
 from person import getPersonKey
+from Crypto.Hash import SHA256
 try: 
     from BeautifulSoup import BeautifulSoup
 except ImportError:
@@ -25,7 +28,7 @@ except ImportError:
 # If there are repeated lookups then this helps prevent a lot
 # of needless network traffic
 personCache = {}
-    
+
 def permitted(url: str,federationList) -> bool:
     """Is a url from one of the permitted domains?
     """
@@ -297,7 +300,7 @@ def createPublicPost(username: str, domain: str, https: bool, content: str, foll
         prefix='http'
     return createPostBase(username, domain, 'https://www.w3.org/ns/activitystreams#Public', prefix+'://'+domain+'/users/'+username+'/followers', https, content, followersOnly, saveToFile, inReplyTo, inReplyToAtomUri, subject)
 
-def sendPost(session,username: str, domain: str, toUsername: str, toDomain: str, cc: str, https: bool, content: str, followersOnly: bool, saveToFile: bool, inReplyTo=None, inReplyToAtomUri=None, subject=None) -> int:
+def sendPost(session,username: str, domain: str, toUsername: str, toDomain: str, cc: str, https: bool, content: str, followersOnly: bool, saveToFile: bool, federationList, inReplyTo=None, inReplyToAtomUri=None, subject=None) -> int:
     """Post to another inbox
     """
     prefix='https'
@@ -324,9 +327,14 @@ def sendPost(session,username: str, domain: str, toUsername: str, toDomain: str,
     if len(privateKeyPem)==0:
         return 5
 
+    # construct the http header
+    bodyDigest = base64.b64encode(SHA256.new(postJsonObject.encode()).digest())
+    headers = {'Content-type': 'application/json', 'host': domain, 'digest': f'SHA-256={bodyDigest}'}        
     signatureHeader = signPostHeaders(privateKeyPem, username, domain, '/inbox', https, postJsonObject)
+    headers['signature'] = signatureHeader
 
-    # TODO
+    # TODO this should be replaced by a send buffer
+    postJson(session,postJsonObject,federationList,inboxUrl,headers)
 
     return 0
 
diff --git a/session.py b/session.py
index 0dcc6173a..e6485993b 100644
--- a/session.py
+++ b/session.py
@@ -28,7 +28,7 @@ def getJson(session,url: str,headers,params):
     session.cookies.clear()
     return session.get(url, headers=sessionHeaders, params=sessionParams).json()
 
-def postJson(session,postJsonObject,federationList,inboxUrl: str):
+def postJson(session,postJsonObject,federationList,inboxUrl: str,headers) -> str:
     """Post a json message to the inbox of another person
     """
     # check that we are posting to a permitted domain
@@ -40,5 +40,5 @@ def postJson(session,postJsonObject,federationList,inboxUrl: str):
     if not permittedDomain:
         return None
 
-    postResult = session.post(url = inboxUrl, data = postJsonObject) 
+    postResult = session.post(url = inboxUrl, data = json.dumps(postJsonObject), headers=headers)
     return postResult.text