From 6c0a39c64d6df53045f962e5160ebb6db0b116fc Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Tue, 31 Aug 2021 15:17:11 +0100 Subject: [PATCH] Support for authorized fetch using instance actor signing key --- announce.py | 30 ++++-- availability.py | 9 +- bookmarks.py | 18 ++-- cache.py | 6 +- daemon.py | 136 +++++++++++++++++++-------- delete.py | 9 +- desktop_client.py | 143 ++++++++++++++++++----------- epicyon.py | 127 ++++++++++++++++++-------- follow.py | 73 +++++++++------ inbox.py | 72 +++++++++------ like.py | 29 ++++-- manualapprove.py | 12 ++- migrate.py | 18 ++-- outbox.py | 12 ++- person.py | 7 +- pgp.py | 31 +++++-- posts.py | 208 +++++++++++++++++++++++++++--------------- schedule.py | 3 +- session.py | 24 +++-- shares.py | 43 ++++++--- skills.py | 9 +- socnet.py | 11 ++- tests.py | 76 +++++++++------ webapp_confirm.py | 5 +- webapp_frontscreen.py | 12 ++- webapp_moderation.py | 14 ++- webapp_post.py | 41 ++++++--- webapp_profile.py | 47 ++++++---- webapp_search.py | 12 ++- webapp_timeline.py | 61 ++++++++----- webapp_utils.py | 14 ++- webfinger.py | 8 +- 32 files changed, 860 insertions(+), 460 deletions(-) diff --git a/announce.py b/announce.py index 4e9261e98..8a1fd261b 100644 --- a/announce.py +++ b/announce.py @@ -122,7 +122,8 @@ def createAnnounce(session, baseDir: str, federationList: [], clientToServer: bool, sendThreads: [], postLog: [], personCache: {}, cachedWebfingers: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Creates an announce message Typically toUrl will be https://www.w3.org/ns/activitystreams#Public and ccUrl might be a specific person favorited or repeated and the @@ -179,7 +180,8 @@ def createAnnounce(session, baseDir: str, federationList: [], announceNickname, announceDomain, announcePort, None, httpPrefix, True, clientToServer, federationList, sendThreads, postLog, cachedWebfingers, personCache, - debug, projectVersion, None, groupAccount) + debug, projectVersion, None, groupAccount, + signingPrivateKeyPem) return newAnnounce @@ -189,7 +191,8 @@ def announcePublic(session, baseDir: str, federationList: [], objectUrl: str, clientToServer: bool, sendThreads: [], postLog: [], personCache: {}, cachedWebfingers: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Makes a public announcement """ fromDomain = getFullDomain(domain, port) @@ -202,7 +205,8 @@ def announcePublic(session, baseDir: str, federationList: [], objectUrl, True, clientToServer, sendThreads, postLog, personCache, cachedWebfingers, - debug, projectVersion) + debug, projectVersion, + signingPrivateKeyPem) def sendAnnounceViaServer(baseDir: str, session, @@ -210,7 +214,8 @@ def sendAnnounceViaServer(baseDir: str, session, fromDomain: str, fromPort: int, httpPrefix: str, repeatObjectUrl: str, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Creates an announce message via c2s """ if not session: @@ -242,7 +247,8 @@ def sendAnnounceViaServer(baseDir: str, session, # lookup the inbox for the To handle wfRequest = webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - fromDomain, projectVersion, debug, False) + fromDomain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: announce webfinger failed for ' + handle) @@ -257,7 +263,8 @@ def sendAnnounceViaServer(baseDir: str, session, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, avatarUrl, - displayName) = getPersonBox(baseDir, session, wfRequest, + displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, fromNickname, fromDomain, @@ -298,7 +305,8 @@ def sendUndoAnnounceViaServer(baseDir: str, session, domain: str, port: int, httpPrefix: str, repeatObjectUrl: str, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Undo an announce message via c2s """ if not session: @@ -322,7 +330,8 @@ def sendUndoAnnounceViaServer(baseDir: str, session, # lookup the inbox for the To handle wfRequest = webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - domain, projectVersion, debug, False) + domain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: undo announce webfinger failed for ' + handle) @@ -337,7 +346,8 @@ def sendUndoAnnounceViaServer(baseDir: str, session, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, avatarUrl, - displayName) = getPersonBox(baseDir, session, wfRequest, + displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, nickname, domain, diff --git a/availability.py b/availability.py index 35ba9164e..a565c6f5e 100644 --- a/availability.py +++ b/availability.py @@ -82,7 +82,8 @@ def sendAvailabilityViaServer(baseDir: str, session, httpPrefix: str, status: str, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Sets the availability for a person via c2s """ if not session: @@ -107,7 +108,8 @@ def sendAvailabilityViaServer(baseDir: str, session, # lookup the inbox for the To handle wfRequest = webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - domain, projectVersion, debug, False) + domain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: availability webfinger failed for ' + handle) @@ -122,7 +124,8 @@ def sendAvailabilityViaServer(baseDir: str, session, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, - avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest, + avatarUrl, displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, nickname, domain, postToBox, 57262) diff --git a/bookmarks.py b/bookmarks.py index 921c057e4..0e45edce8 100644 --- a/bookmarks.py +++ b/bookmarks.py @@ -348,7 +348,8 @@ def sendBookmarkViaServer(baseDir: str, session, domain: str, fromPort: int, httpPrefix: str, bookmarkUrl: str, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Creates a bookmark via c2s """ if not session: @@ -377,7 +378,8 @@ def sendBookmarkViaServer(baseDir: str, session, # lookup the inbox for the To handle wfRequest = webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - domain, projectVersion, debug, False) + domain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: bookmark webfinger failed for ' + handle) @@ -391,7 +393,8 @@ def sendBookmarkViaServer(baseDir: str, session, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, - avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest, + avatarUrl, displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, nickname, domain, @@ -433,7 +436,8 @@ def sendUndoBookmarkViaServer(baseDir: str, session, domain: str, fromPort: int, httpPrefix: str, bookmarkUrl: str, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Removes a bookmark via c2s """ if not session: @@ -462,7 +466,8 @@ def sendUndoBookmarkViaServer(baseDir: str, session, # lookup the inbox for the To handle wfRequest = webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - domain, projectVersion, debug, False) + domain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: unbookmark webfinger failed for ' + handle) @@ -476,7 +481,8 @@ def sendUndoBookmarkViaServer(baseDir: str, session, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, - avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest, + avatarUrl, displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, nickname, domain, diff --git a/cache.py b/cache.py index 9ba0111fb..c6bb925ff 100644 --- a/cache.py +++ b/cache.py @@ -139,7 +139,8 @@ def getWebfingerFromCache(handle: str, cachedWebfingers: {}) -> {}: def getPersonPubKey(baseDir: str, session, personUrl: str, personCache: {}, debug: bool, projectVersion: str, httpPrefix: str, - domain: str, onionDomain: str) -> str: + domain: str, onionDomain: str, + signingPrivateKeyPem: str) -> str: if not personUrl: return None personUrl = personUrl.replace('#main-key', '') @@ -165,7 +166,8 @@ def getPersonPubKey(baseDir: str, session, personUrl: str, 'Accept': 'application/activity+json; profile="' + profileStr + '"' } personJson = \ - getJson(session, personUrl, asHeader, None, debug, + getJson(signingPrivateKeyPem, + session, personUrl, asHeader, None, debug, projectVersion, httpPrefix, personDomain) if not personJson: return None diff --git a/daemon.py b/daemon.py index ba175e4e5..2fe6bfa80 100644 --- a/daemon.py +++ b/daemon.py @@ -623,7 +623,8 @@ class PubServer(BaseHTTPRequestHandler): getPersonPubKey(self.server.baseDir, self.server.session, keyId, self.server.personCache, self.server.debug, __version__, self.server.httpPrefix, - self.server.domain, self.server.onionDomain) + self.server.domain, self.server.onionDomain, + self.server.signingPrivateKeyPem) if not pubKey: if self.server.debug: print('DEBUG: Authenticated fetch failed to ' + @@ -1171,7 +1172,8 @@ class PubServer(BaseHTTPRequestHandler): city, self.server.systemLanguage, self.server.sharedItemsFederatedDomains, self.server.sharedItemFederationTokens, - self.server.lowBandwidth) + self.server.lowBandwidth, + self.server.signingPrivateKeyPem) def _postToOutboxThread(self, messageJson: {}) -> bool: """Creates a thread to send a post @@ -1777,7 +1779,8 @@ class PubServer(BaseHTTPRequestHandler): self.server.port, searchHandle, self.server.debug, - self.server.systemLanguage) + self.server.systemLanguage, + self.server.signingPrivateKeyPem) else: msg = \ htmlModerationInfo(self.server.cssCache, @@ -2420,6 +2423,7 @@ class PubServer(BaseHTTPRequestHandler): if isModerator(self.server.baseDir, chooserNickname): if debug: print('Showing info for ' + optionsActor) + signingPrivateKeyPem = self.server.signingPrivateKeyPem msg = \ htmlAccountInfo(self.server.cssCache, self.server.translate, @@ -2430,7 +2434,8 @@ class PubServer(BaseHTTPRequestHandler): self.server.port, optionsActor, self.server.debug, - self.server.systemLanguage).encode('utf-8') + self.server.systemLanguage, + signingPrivateKeyPem).encode('utf-8') msglen = len(msg) self._set_headers('text/html', msglen, cookie, callingDomain, False) @@ -2703,7 +2708,8 @@ class PubServer(BaseHTTPRequestHandler): self.server.cachedWebfingers, self.server.personCache, debug, - self.server.projectVersion) + self.server.projectVersion, + self.server.signingPrivateKeyPem) if callingDomain.endswith('.onion') and onionDomain: originPathStr = 'http://' + onionDomain + usersPath elif (callingDomain.endswith('.i2p') and i2pDomain): @@ -2962,7 +2968,8 @@ class PubServer(BaseHTTPRequestHandler): self.server.allowLocalNetworkAccess, self.server.themeName, self.server.systemLanguage, - self.server.maxLikeCount) + self.server.maxLikeCount, + self.server.signingPrivateKeyPem) if hashtagStr: msg = hashtagStr.encode('utf-8') msglen = len(msg) @@ -3018,7 +3025,8 @@ class PubServer(BaseHTTPRequestHandler): self.server.allowLocalNetworkAccess, self.server.themeName, 'outbox', self.server.systemLanguage, - self.server.maxLikeCount) + self.server.maxLikeCount, + self.server.signingPrivateKeyPem) if historyStr: msg = historyStr.encode('utf-8') msglen = len(msg) @@ -3054,7 +3062,8 @@ class PubServer(BaseHTTPRequestHandler): self.server.allowLocalNetworkAccess, self.server.themeName, 'bookmarks', self.server.systemLanguage, - self.server.maxLikeCount) + self.server.maxLikeCount, + self.server.signingPrivateKeyPem) if bookmarksStr: msg = bookmarksStr.encode('utf-8') msglen = len(msg) @@ -3106,7 +3115,8 @@ class PubServer(BaseHTTPRequestHandler): baseDir, httpPrefix, actor, self.server.personCache, - None, True) + None, True, + self.server.signingPrivateKeyPem) profilePathStr += \ '?options=' + actor + ';1;' + avatarUrl @@ -3126,6 +3136,8 @@ class PubServer(BaseHTTPRequestHandler): if self.server.keyShortcuts.get(nickname): accessKeys = self.server.keyShortcuts[nickname] + signingPrivateKeyPem = \ + self.server.signingPrivateKeyPem profileStr = \ htmlProfileAfterSearch(self.server.cssCache, self.server.recentPostsCache, @@ -3151,7 +3163,8 @@ class PubServer(BaseHTTPRequestHandler): self.server.themeName, accessKeys, self.server.systemLanguage, - self.server.maxLikeCount) + self.server.maxLikeCount, + signingPrivateKeyPem) if profileStr: msg = profileStr.encode('utf-8') msglen = len(msg) @@ -6530,7 +6543,8 @@ class PubServer(BaseHTTPRequestHandler): self.server.allowLocalNetworkAccess, self.server.themeName, self.server.systemLanguage, - self.server.maxLikeCount) + self.server.maxLikeCount, + self.server.signingPrivateKeyPem) if hashtagStr: msg = hashtagStr.encode('utf-8') msglen = len(msg) @@ -6685,7 +6699,8 @@ class PubServer(BaseHTTPRequestHandler): self.server.personCache, self.server.cachedWebfingers, debug, - self.server.projectVersion) + self.server.projectVersion, + self.server.signingPrivateKeyPem) if announceJson: # clear the icon from the cache so that it gets updated if self.server.iconsCache.get('repeat.png'): @@ -6846,7 +6861,8 @@ class PubServer(BaseHTTPRequestHandler): self.server.cachedWebfingers, self.server.personCache, debug, - self.server.projectVersion) + self.server.projectVersion, + self.server.signingPrivateKeyPem) originPathStrAbsolute = \ httpPrefix + '://' + domainFull + originPathStr if callingDomain.endswith('.onion') and onionDomain: @@ -7003,7 +7019,8 @@ class PubServer(BaseHTTPRequestHandler): self.server.cachedWebfingers, self.server.personCache, debug, - self.server.projectVersion) + self.server.projectVersion, + self.server.signingPrivateKeyPem) originPathStrAbsolute = \ httpPrefix + '://' + domainFull + originPathStr if callingDomain.endswith('.onion') and onionDomain: @@ -7473,7 +7490,8 @@ class PubServer(BaseHTTPRequestHandler): self.server.allowLocalNetworkAccess, self.server.themeName, self.server.systemLanguage, - self.server.maxLikeCount) + self.server.maxLikeCount, + self.server.signingPrivateKeyPem) if deleteStr: deleteStrLen = len(deleteStr) self._set_headers('text/html', deleteStrLen, @@ -7683,7 +7701,8 @@ class PubServer(BaseHTTPRequestHandler): self.server.allowLocalNetworkAccess, self.server.themeName, self.server.systemLanguage, - self.server.maxLikeCount) + self.server.maxLikeCount, + self.server.signingPrivateKeyPem) msg = msg.encode('utf-8') msglen = len(msg) self._set_headers('text/html', msglen, @@ -7772,7 +7791,8 @@ class PubServer(BaseHTTPRequestHandler): self.server.allowLocalNetworkAccess, self.server.themeName, self.server.systemLanguage, - self.server.maxLikeCount) + self.server.maxLikeCount, + self.server.signingPrivateKeyPem) msg = msg.encode('utf-8') msglen = len(msg) self._set_headers('text/html', msglen, @@ -7848,7 +7868,8 @@ class PubServer(BaseHTTPRequestHandler): getSpoofedCity(self.server.city, baseDir, nickname, domain) msg = \ - htmlProfile(self.server.rssIconAtTop, + htmlProfile(self.server.signingPrivateKeyPem, + self.server.rssIconAtTop, self.server.cssCache, iconsAsButtons, defaultTimeline, @@ -7951,8 +7972,11 @@ class PubServer(BaseHTTPRequestHandler): nickname, domain) sharedItemsFederatedDomains = \ self.server.sharedItemsFederatedDomains + signingPrivateKeyPem = \ + self.server.signingPrivateKeyPem msg = \ - htmlProfile(self.server.rssIconAtTop, + htmlProfile(signingPrivateKeyPem, + self.server.rssIconAtTop, self.server.cssCache, iconsAsButtons, defaultTimeline, @@ -8113,7 +8137,8 @@ class PubServer(BaseHTTPRequestHandler): self.server.allowLocalNetworkAccess, self.server.themeName, self.server.systemLanguage, - self.server.maxLikeCount) + self.server.maxLikeCount, + self.server.signingPrivateKeyPem) msg = msg.encode('utf-8') msglen = len(msg) self._set_headers('text/html', msglen, @@ -8327,7 +8352,8 @@ class PubServer(BaseHTTPRequestHandler): accessKeys, self.server.systemLanguage, self.server.maxLikeCount, - sharedItemsFederatedDomains) + sharedItemsFederatedDomains, + self.server.signingPrivateKeyPem) if GETstartTime: self._benchmarkGETtimings(GETstartTime, GETtimings, 'show status done', @@ -8468,7 +8494,8 @@ class PubServer(BaseHTTPRequestHandler): accessKeys, self.server.systemLanguage, self.server.maxLikeCount, - sharedItemsFederatedDomains) + sharedItemsFederatedDomains, + self.server.signingPrivateKeyPem) msg = msg.encode('utf-8') msglen = len(msg) self._set_headers('text/html', msglen, @@ -8602,7 +8629,8 @@ class PubServer(BaseHTTPRequestHandler): accessKeys, self.server.systemLanguage, self.server.maxLikeCount, - sharedItemsFederatedDomains) + sharedItemsFederatedDomains, + self.server.signingPrivateKeyPem) msg = msg.encode('utf-8') msglen = len(msg) self._set_headers('text/html', msglen, @@ -8735,7 +8763,8 @@ class PubServer(BaseHTTPRequestHandler): accessKeys, self.server.systemLanguage, self.server.maxLikeCount, - self.server.sharedItemsFederatedDomains) + self.server.sharedItemsFederatedDomains, + self.server.signingPrivateKeyPem) msg = msg.encode('utf-8') msglen = len(msg) self._set_headers('text/html', msglen, @@ -8868,7 +8897,8 @@ class PubServer(BaseHTTPRequestHandler): accessKeys, self.server.systemLanguage, self.server.maxLikeCount, - self.server.sharedItemsFederatedDomains) + self.server.sharedItemsFederatedDomains, + self.server.signingPrivateKeyPem) msg = msg.encode('utf-8') msglen = len(msg) self._set_headers('text/html', msglen, @@ -9010,7 +9040,8 @@ class PubServer(BaseHTTPRequestHandler): accessKeys, self.server.systemLanguage, self.server.maxLikeCount, - self.server.sharedItemsFederatedDomains) + self.server.sharedItemsFederatedDomains, + self.server.signingPrivateKeyPem) msg = msg.encode('utf-8') msglen = len(msg) self._set_headers('text/html', msglen, @@ -9150,7 +9181,8 @@ class PubServer(BaseHTTPRequestHandler): accessKeys, self.server.systemLanguage, self.server.maxLikeCount, - sharedItemsFederatedDomains) + sharedItemsFederatedDomains, + self.server.signingPrivateKeyPem) msg = msg.encode('utf-8') msglen = len(msg) self._set_headers('text/html', msglen, @@ -9249,7 +9281,8 @@ class PubServer(BaseHTTPRequestHandler): accessKeys, self.server.systemLanguage, self.server.maxLikeCount, - self.server.sharedItemsFederatedDomains) + self.server.sharedItemsFederatedDomains, + self.server.signingPrivateKeyPem) msg = msg.encode('utf-8') msglen = len(msg) self._set_headers('text/html', msglen, @@ -9330,7 +9363,8 @@ class PubServer(BaseHTTPRequestHandler): accessKeys, self.server.systemLanguage, self.server.maxLikeCount, - self.server.sharedItemsFederatedDomains) + self.server.sharedItemsFederatedDomains, + self.server.signingPrivateKeyPem) msg = msg.encode('utf-8') msglen = len(msg) self._set_headers('text/html', msglen, @@ -9448,7 +9482,8 @@ class PubServer(BaseHTTPRequestHandler): accessKeys, self.server.systemLanguage, self.server.maxLikeCount, - sharedItemsFederatedDomains) + sharedItemsFederatedDomains, + self.server.signingPrivateKeyPem) msg = msg.encode('utf-8') msglen = len(msg) self._set_headers('text/html', msglen, @@ -9578,7 +9613,8 @@ class PubServer(BaseHTTPRequestHandler): accessKeys, self.server.systemLanguage, self.server.maxLikeCount, - self.server.sharedItemsFederatedDomains) + self.server.sharedItemsFederatedDomains, + self.server.signingPrivateKeyPem) msg = msg.encode('utf-8') msglen = len(msg) self._set_headers('text/html', msglen, @@ -9698,7 +9734,8 @@ class PubServer(BaseHTTPRequestHandler): accessKeys, self.server.systemLanguage, self.server.maxLikeCount, - sharedItemsFederatedDomains) + sharedItemsFederatedDomains, + self.server.signingPrivateKeyPem) msg = msg.encode('utf-8') msglen = len(msg) self._set_headers('text/html', msglen, @@ -9790,7 +9827,8 @@ class PubServer(BaseHTTPRequestHandler): city = getSpoofedCity(self.server.city, baseDir, nickname, domain) msg = \ - htmlProfile(self.server.rssIconAtTop, + htmlProfile(self.server.signingPrivateKeyPem, + self.server.rssIconAtTop, self.server.cssCache, self.server.iconsAsButtons, self.server.defaultTimeline, @@ -9906,7 +9944,8 @@ class PubServer(BaseHTTPRequestHandler): city = getSpoofedCity(self.server.city, baseDir, nickname, domain) msg = \ - htmlProfile(self.server.rssIconAtTop, + htmlProfile(self.server.signingPrivateKeyPem, + self.server.rssIconAtTop, self.server.cssCache, self.server.iconsAsButtons, self.server.defaultTimeline, @@ -10021,7 +10060,8 @@ class PubServer(BaseHTTPRequestHandler): city = getSpoofedCity(self.server.city, baseDir, nickname, domain) msg = \ - htmlProfile(self.server.rssIconAtTop, + htmlProfile(self.server.signingPrivateKeyPem, + self.server.rssIconAtTop, self.server.cssCache, self.server.iconsAsButtons, self.server.defaultTimeline, @@ -10160,7 +10200,8 @@ class PubServer(BaseHTTPRequestHandler): city = getSpoofedCity(self.server.city, baseDir, nickname, domain) msg = \ - htmlProfile(self.server.rssIconAtTop, + htmlProfile(self.server.signingPrivateKeyPem, + self.server.rssIconAtTop, self.server.cssCache, self.server.iconsAsButtons, self.server.defaultTimeline, @@ -13505,7 +13546,8 @@ class PubServer(BaseHTTPRequestHandler): self.server.port, searchHandle, self.server.debug, - self.server.systemLanguage) + self.server.systemLanguage, + self.server.signingPrivateKeyPem) msg = msg.encode('utf-8') msglen = len(msg) self._login_headers('text/html', @@ -13540,7 +13582,8 @@ class PubServer(BaseHTTPRequestHandler): self.server.port, searchHandle, self.server.debug, - self.server.systemLanguage) + self.server.systemLanguage, + self.server.signingPrivateKeyPem) msg = msg.encode('utf-8') msglen = len(msg) self._login_headers('text/html', @@ -15717,6 +15760,9 @@ def runDaemon(lowBandwidth: bool, print('serverAddress: ' + str(serverAddress)) return False + # initialize authenticated fetch key + httpd.signingPrivateKeyPem = None + httpd.showNodeInfoAccounts = showNodeInfoAccounts httpd.showNodeInfoVersion = showNodeInfoVersion @@ -16090,7 +16136,8 @@ def runDaemon(lowBandwidth: bool, verifyAllSignatures, httpd.themeName, httpd.systemLanguage, - httpd.maxLikeCount), daemon=True) + httpd.maxLikeCount, + httpd.signingPrivateKeyPem), daemon=True) print('Creating scheduled post thread') httpd.thrPostSchedule = \ @@ -16121,6 +16168,17 @@ def runDaemon(lowBandwidth: bool, print('Adding hashtag categories for language ' + httpd.systemLanguage) loadHashtagCategories(baseDir, httpd.systemLanguage) + # signing key used for authorized fetch + # this is the instance actor private key + instanceActorPrivateKeyFilename = \ + baseDir + '/keys/private/inbox@' + domain + '.key' + if not os.path.isfile(instanceActorPrivateKeyFilename): + print('ERROR: no instance actor private key for authorized fetch ' + + instanceActorPrivateKeyFilename) + return + with open(instanceActorPrivateKeyFilename) as fp: + httpd.signingPrivateKeyPem = fp.read() + if not unitTest: print('Creating inbox queue watchdog') httpd.thrWatchdog = \ diff --git a/delete.py b/delete.py index ef042d8a3..2b7536542 100644 --- a/delete.py +++ b/delete.py @@ -30,7 +30,8 @@ def sendDeleteViaServer(baseDir: str, session, fromDomain: str, fromPort: int, httpPrefix: str, deleteObjectUrl: str, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Creates a delete request message via c2s """ if not session: @@ -57,7 +58,8 @@ def sendDeleteViaServer(baseDir: str, session, # lookup the inbox for the To handle wfRequest = \ webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - fromDomain, projectVersion, debug, False) + fromDomain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: delete webfinger failed for ' + handle) @@ -72,7 +74,8 @@ def sendDeleteViaServer(baseDir: str, session, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, avatarUrl, - displayName) = getPersonBox(baseDir, session, wfRequest, personCache, + displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, fromNickname, fromDomain, postToBox, 53036) diff --git a/desktop_client.py b/desktop_client.py index 353a682c1..62aa3acc8 100644 --- a/desktop_client.py +++ b/desktop_client.py @@ -418,7 +418,8 @@ def _desktopReplyToPost(session, postId: str, debug: bool, subject: str, screenreader: str, systemLanguage: str, espeak, conversationId: str, - lowBandwidth: bool) -> None: + lowBandwidth: bool, + signingPrivateKeyPem: str) -> None: """Use the desktop client to send a reply to the most recent post """ if '://' not in postId: @@ -463,7 +464,7 @@ def _desktopReplyToPost(session, postId: str, city = 'London, England' sayStr = 'Sending reply' _sayCommand(sayStr, sayStr, screenreader, systemLanguage, espeak) - if sendPostViaServer(__version__, + if sendPostViaServer(signingPrivateKeyPem, __version__, baseDir, session, nickname, password, domain, port, toNickname, toDomain, toPort, ccUrl, @@ -486,7 +487,8 @@ def _desktopNewPost(session, cachedWebfingers: {}, personCache: {}, debug: bool, screenreader: str, systemLanguage: str, - espeak, lowBandwidth: bool) -> None: + espeak, lowBandwidth: bool, + signingPrivateKeyPem: str) -> None: """Use the desktop client to create a new post """ conversationId = None @@ -527,7 +529,7 @@ def _desktopNewPost(session, subject = None sayStr = 'Sending' _sayCommand(sayStr, sayStr, screenreader, systemLanguage, espeak) - if sendPostViaServer(__version__, + if sendPostViaServer(signingPrivateKeyPem, __version__, baseDir, session, nickname, password, domain, port, None, '#Public', port, ccUrl, @@ -661,7 +663,8 @@ def _readLocalBoxPost(session, nickname: str, domain: str, systemLanguage: str, screenreader: str, espeak, translate: {}, yourActor: str, - domainFull: str, personCache: {}) -> {}: + domainFull: str, personCache: {}, + signingPrivateKeyPem: str) -> {}: """Reads a post from the given timeline Returns the post json """ @@ -698,7 +701,8 @@ def _readLocalBoxPost(session, nickname: str, domain: str, allowLocalNetworkAccess, recentPostsCache, False, systemLanguage, - domainFull, personCache) + domainFull, personCache, + signingPrivateKeyPem) if postJsonObject2: if hasObjectDict(postJsonObject2): if postJsonObject2['object'].get('attributedTo') and \ @@ -742,7 +746,7 @@ def _readLocalBoxPost(session, nickname: str, domain: str, if isPGPEncrypted(content): sayStr = 'Encrypted message. Please enter your passphrase.' _sayCommand(sayStr, sayStr, screenreader, systemLanguage, espeak) - content = pgpDecrypt(domain, content, actor) + content = pgpDecrypt(domain, content, actor, signingPrivateKeyPem) if isPGPEncrypted(content): sayStr = 'Message could not be decrypted' _sayCommand(sayStr, sayStr, screenreader, systemLanguage, espeak) @@ -823,7 +827,7 @@ def _desktopShowProfile(session, nickname: str, domain: str, systemLanguage: str, screenreader: str, espeak, translate: {}, yourActor: str, - postJsonObject: {}) -> {}: + postJsonObject: {}, signingPrivateKeyPem: str) -> {}: """Shows the profile of the actor for the given post Returns the actor json """ @@ -854,7 +858,8 @@ def _desktopShowProfile(session, nickname: str, domain: str, if 'http://' in actor: isHttp = True actorJson, asHeader = \ - getActorJson(domain, actor, isHttp, False, False, True) + getActorJson(domain, actor, isHttp, False, False, True, + signingPrivateKeyPem) _desktopShowActor(baseDir, actorJson, translate, systemLanguage, screenreader, espeak) @@ -868,12 +873,14 @@ def _desktopShowProfileFromHandle(session, nickname: str, domain: str, systemLanguage: str, screenreader: str, espeak, translate: {}, yourActor: str, - postJsonObject: {}) -> {}: + postJsonObject: {}, + signingPrivateKeyPem: str) -> {}: """Shows the profile for a handle Returns the actor json """ actorJson, asHeader = \ - getActorJson(domain, handle, False, False, False, True) + getActorJson(domain, handle, False, False, False, True, + signingPrivateKeyPem) _desktopShowActor(baseDir, actorJson, translate, systemLanguage, screenreader, espeak) @@ -1112,7 +1119,8 @@ def _desktopNewDM(session, toHandle: str, cachedWebfingers: {}, personCache: {}, debug: bool, screenreader: str, systemLanguage: str, - espeak, lowBandwidth: bool) -> None: + espeak, lowBandwidth: bool, + signingPrivateKeyPem: str) -> None: """Use the desktop client to create a new direct message which can include multiple destination handles """ @@ -1133,7 +1141,8 @@ def _desktopNewDM(session, toHandle: str, cachedWebfingers, personCache, debug, screenreader, systemLanguage, - espeak, lowBandwidth) + espeak, lowBandwidth, + signingPrivateKeyPem) def _desktopNewDMbase(session, toHandle: str, @@ -1142,7 +1151,8 @@ def _desktopNewDMbase(session, toHandle: str, cachedWebfingers: {}, personCache: {}, debug: bool, screenreader: str, systemLanguage: str, - espeak, lowBandwidth: bool) -> None: + espeak, lowBandwidth: bool, + signingPrivateKeyPem: str) -> None: """Use the desktop client to create a new direct message """ conversationId = None @@ -1201,7 +1211,8 @@ def _desktopNewDMbase(session, toHandle: str, for after in range(randint(1, 16)): paddedMessage += ' ' cipherText = \ - pgpEncryptToActor(domain, paddedMessage, toHandle) + pgpEncryptToActor(domain, paddedMessage, toHandle, + signingPrivateKeyPem) if not cipherText: sayStr = \ toHandle + ' has no PGP public key. ' + \ @@ -1222,7 +1233,7 @@ def _desktopNewDMbase(session, toHandle: str, sayStr = 'Sending' _sayCommand(sayStr, sayStr, screenreader, systemLanguage, espeak) - if sendPostViaServer(__version__, + if sendPostViaServer(signingPrivateKeyPem, __version__, baseDir, session, nickname, password, domain, port, toNickname, toDomain, toPort, ccUrl, @@ -1301,6 +1312,9 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, """Runs the desktop and screen reader client, which announces new inbox items """ + # TODO: this should probably be retrieved somehow from the server + signingPrivateKeyPem = None + indent = ' ' if showNewPosts: indent = '' @@ -1400,7 +1414,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, nickname, password, domain, port, httpPrefix, cachedWebfingers, personCache, - debug, False) + debug, False, + signingPrivateKeyPem) sayStr = indent + 'PGP public key uploaded' _sayCommand(sayStr, sayStr, screenreader, systemLanguage, espeak) @@ -1410,7 +1425,7 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, nickname, password, domain, port, httpPrefix, currTimeline, pageNumber, - debug) + debug, signingPrivateKeyPem) followRequestsJson = \ getFollowRequestsViaServer(baseDir, session, @@ -1418,14 +1433,16 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, domain, port, httpPrefix, 1, cachedWebfingers, personCache, - debug, __version__) + debug, __version__, + signingPrivateKeyPem) if not (currTimeline == 'inbox' and pageNumber == 1): # monitor the inbox to generate notifications inboxJson = c2sBoxJson(baseDir, session, nickname, password, domain, port, httpPrefix, - 'inbox', 1, debug) + 'inbox', 1, debug, + signingPrivateKeyPem) else: inboxJson = boxJson newDMsExist = False @@ -1502,7 +1519,7 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, nickname, password, domain, port, httpPrefix, currTimeline, pageNumber, - debug) + debug, signingPrivateKeyPem) if boxJson: _desktopShowBox(indent, followRequestsJson, yourActor, currTimeline, boxJson, @@ -1519,7 +1536,7 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, nickname, password, domain, port, httpPrefix, currTimeline, pageNumber, - debug) + debug, signingPrivateKeyPem) if boxJson: _desktopShowBox(indent, followRequestsJson, yourActor, currTimeline, boxJson, @@ -1537,7 +1554,7 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, nickname, password, domain, port, httpPrefix, currTimeline, pageNumber, - debug) + debug, signingPrivateKeyPem) if boxJson: _desktopShowBox(indent, followRequestsJson, yourActor, currTimeline, boxJson, @@ -1556,7 +1573,7 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, nickname, password, domain, port, httpPrefix, currTimeline, pageNumber, - debug) + debug, signingPrivateKeyPem) if boxJson: _desktopShowBox(indent, followRequestsJson, yourActor, currTimeline, boxJson, @@ -1583,7 +1600,7 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, nickname, password, domain, port, httpPrefix, currTimeline, pageNumber, - debug) + debug, signingPrivateKeyPem) if boxJson: _desktopShowBox(indent, followRequestsJson, yourActor, currTimeline, boxJson, @@ -1606,7 +1623,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, pageNumber, postIndex, boxJson, systemLanguage, screenreader, espeak, translate, yourActor, - domainFull, personCache) + domainFull, personCache, + signingPrivateKeyPem) print('') sayStr = 'Press Enter to continue...' sayStr2 = _highlightText(sayStr) @@ -1628,7 +1646,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, boxJson, systemLanguage, screenreader, espeak, translate, yourActor, - postJsonObject) + postJsonObject, + signingPrivateKeyPem) else: postIndexStr = '1' else: @@ -1643,7 +1662,7 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, currTimeline, profileHandle, systemLanguage, screenreader, espeak, translate, yourActor, - None) + None, signingPrivateKeyPem) sayStr = 'Press Enter to continue...' sayStr2 = _highlightText(sayStr) _sayCommand(sayStr2, sayStr, @@ -1661,7 +1680,7 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, pageNumber, postIndex, boxJson, systemLanguage, screenreader, espeak, translate, yourActor, - None) + None, signingPrivateKeyPem) sayStr = 'Press Enter to continue...' sayStr2 = _highlightText(sayStr) _sayCommand(sayStr2, sayStr, @@ -1689,7 +1708,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, debug, subject, screenreader, systemLanguage, espeak, conversationId, - lowBandwidth) + lowBandwidth, + signingPrivateKeyPem) refreshTimeline = True print('') elif (commandStr == 'post' or commandStr == 'p' or @@ -1723,7 +1743,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, cachedWebfingers, personCache, debug, screenreader, systemLanguage, - espeak, lowBandwidth) + espeak, lowBandwidth, + signingPrivateKeyPem) refreshTimeline = True else: # public post @@ -1733,7 +1754,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, cachedWebfingers, personCache, debug, screenreader, systemLanguage, - espeak, lowBandwidth) + espeak, lowBandwidth, + signingPrivateKeyPem) refreshTimeline = True print('') elif commandStr == 'like' or commandStr.startswith('like '): @@ -1759,7 +1781,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, domain, port, httpPrefix, postJsonObject['id'], cachedWebfingers, personCache, - False, __version__) + False, __version__, + signingPrivateKeyPem) refreshTimeline = True print('') elif (commandStr == 'undo mute' or @@ -1797,7 +1820,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, domain, port, httpPrefix, postJsonObject['id'], cachedWebfingers, personCache, - False, __version__) + False, __version__, + signingPrivateKeyPem) refreshTimeline = True print('') elif (commandStr == 'mute' or @@ -1826,7 +1850,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, domain, port, httpPrefix, postJsonObject['id'], cachedWebfingers, personCache, - False, __version__) + False, __version__, + signingPrivateKeyPem) refreshTimeline = True print('') elif (commandStr == 'undo bookmark' or @@ -1867,7 +1892,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, postJsonObject['id'], cachedWebfingers, personCache, - False, __version__) + False, __version__, + signingPrivateKeyPem) refreshTimeline = True print('') elif (commandStr == 'bookmark' or @@ -1896,7 +1922,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, domain, port, httpPrefix, postJsonObject['id'], cachedWebfingers, personCache, - False, __version__) + False, __version__, + signingPrivateKeyPem) refreshTimeline = True print('') elif (commandStr.startswith('undo block ') or @@ -1931,7 +1958,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, blockActor, cachedWebfingers, personCache, - False, __version__) + False, __version__, + signingPrivateKeyPem) refreshTimeline = True print('') elif commandStr.startswith('block '): @@ -1976,7 +2004,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, blockActor, cachedWebfingers, personCache, - False, __version__) + False, __version__, + signingPrivateKeyPem) refreshTimeline = True print('') elif commandStr == 'unlike' or commandStr == 'undo like': @@ -2003,7 +2032,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, domain, port, httpPrefix, postJsonObject['id'], cachedWebfingers, personCache, - False, __version__) + False, __version__, + signingPrivateKeyPem) refreshTimeline = True print('') elif (commandStr.startswith('announce') or @@ -2033,7 +2063,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, domain, port, httpPrefix, postId, cachedWebfingers, personCache, - True, __version__) + True, __version__, + signingPrivateKeyPem) refreshTimeline = True print('') elif (commandStr.startswith('unannounce') or @@ -2067,7 +2098,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, httpPrefix, postId, cachedWebfingers, personCache, - True, __version__) + True, __version__, + signingPrivateKeyPem) refreshTimeline = True print('') elif (commandStr == 'follow requests' or @@ -2083,7 +2115,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, domain, port, httpPrefix, currPage, cachedWebfingers, personCache, - debug, __version__) + debug, __version__, + signingPrivateKeyPem) if followRequestsJson: if isinstance(followRequestsJson, dict): _desktopShowFollowRequests(followRequestsJson, @@ -2102,7 +2135,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, domain, port, httpPrefix, currPage, cachedWebfingers, personCache, - debug, __version__) + debug, __version__, + signingPrivateKeyPem) if followingJson: if isinstance(followingJson, dict): _desktopShowFollowing(followingJson, translate, @@ -2122,7 +2156,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, domain, port, httpPrefix, currPage, cachedWebfingers, personCache, - debug, __version__) + debug, __version__, + signingPrivateKeyPem) if followersJson: if isinstance(followersJson, dict): _desktopShowFollowing(followersJson, translate, @@ -2161,7 +2196,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, httpPrefix, cachedWebfingers, personCache, - debug, __version__) + debug, __version__, + signingPrivateKeyPem) else: if followHandle: sayStr = followHandle + ' is not valid' @@ -2195,7 +2231,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, httpPrefix, cachedWebfingers, personCache, - debug, __version__) + debug, __version__, + signingPrivateKeyPem) else: sayStr = followHandle + ' is not valid' _sayCommand(sayStr, sayStr, @@ -2224,7 +2261,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, cachedWebfingers, personCache, debug, - __version__) + __version__, + signingPrivateKeyPem) else: if approveHandle: sayStr = approveHandle + ' is not valid' @@ -2256,7 +2294,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, cachedWebfingers, personCache, debug, - __version__) + __version__, + signingPrivateKeyPem) else: if denyHandle: sayStr = denyHandle + ' is not valid' @@ -2341,7 +2380,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, allowLocalNetworkAccess, recentPostsCache, False, systemLanguage, - domainFull, personCache) + domainFull, personCache, + signingPrivateKeyPem) if postJsonObject2: postJsonObject = postJsonObject2 if postJsonObject: @@ -2423,7 +2463,8 @@ def runDesktopClient(baseDir: str, proxyType: str, httpPrefix: str, postJsonObject['id'], cachedWebfingers, personCache, - False, __version__) + False, __version__, + signingPrivateKeyPem) refreshTimeline = True print('') diff --git a/epicyon.py b/epicyon.py index 6748ee1b4..3db9f427d 100644 --- a/epicyon.py +++ b/epicyon.py @@ -688,9 +688,11 @@ if args.posts: proxyType = 'gnunet' if not args.language: args.language = 'en' + signingPrivateKeyPem = None getPublicPostsOfPerson(baseDir, nickname, domain, False, True, proxyType, args.port, httpPrefix, debug, - __version__, args.language) + __version__, args.language, + signingPrivateKeyPem) sys.exit() if args.postDomains: @@ -722,13 +724,15 @@ if args.postDomains: domainList = [] if not args.language: args.language = 'en' + signingPrivateKeyPem = None domainList = getPublicPostDomains(None, baseDir, nickname, domain, proxyType, args.port, httpPrefix, debug, __version__, wordFrequency, domainList, - args.language) + args.language, + signingPrivateKeyPem) for postDomain in domainList: print(postDomain) sys.exit() @@ -765,13 +769,15 @@ if args.postDomainsBlocked: domainList = [] if not args.language: args.language = 'en' + signingPrivateKeyPem = None domainList = getPublicPostDomainsBlocked(None, baseDir, nickname, domain, proxyType, args.port, httpPrefix, debug, __version__, wordFrequency, domainList, - args.language) + args.language, + signingPrivateKeyPem) for postDomain in domainList: print(postDomain) sys.exit() @@ -806,12 +812,14 @@ if args.checkDomains: maxBlockedDomains = 0 if not args.language: args.language = 'en' + signingPrivateKeyPem = None checkDomains(None, baseDir, nickname, domain, proxyType, args.port, httpPrefix, debug, __version__, - maxBlockedDomains, False, args.language) + maxBlockedDomains, False, args.language, + signingPrivateKeyPem) sys.exit() if args.socnet: @@ -825,10 +833,12 @@ if args.socnet: proxyType = 'tor' if not args.language: args.language = 'en' + signingPrivateKeyPem = None dotGraph = instancesGraph(baseDir, args.socnet, proxyType, args.port, httpPrefix, debug, - __version__, args.language) + __version__, args.language, + signingPrivateKeyPem) try: with open('socnet.dot', 'w+') as fp: fp.write(dotGraph) @@ -854,9 +864,11 @@ if args.postsraw: proxyType = 'gnunet' if not args.language: args.language = 'en' + signingPrivateKeyPem = None getPublicPostsOfPerson(baseDir, nickname, domain, False, False, proxyType, args.port, httpPrefix, debug, - __version__, args.language) + __version__, args.language, + signingPrivateKeyPem) sys.exit() if args.json: @@ -865,8 +877,9 @@ if args.json: asHeader = { 'Accept': 'application/ld+json; profile="' + profileStr + '"' } - testJson = getJson(session, args.json, asHeader, None, - debug, __version__, httpPrefix, None) + signingPrivateKeyPem = None + testJson = getJson(signingPrivateKeyPem, session, args.json, asHeader, + None, debug, __version__, httpPrefix, None) pprint(testJson) sys.exit() @@ -1075,6 +1088,7 @@ if args.approve: postLog = [] cachedWebfingers = {} personCache = {} + signingPrivateKeyPem = None manualApproveFollowRequest(session, baseDir, httpPrefix, args.nickname, domain, port, @@ -1082,7 +1096,8 @@ if args.approve: federationList, sendThreads, postLog, cachedWebfingers, personCache, - debug, __version__) + debug, __version__, + signingPrivateKeyPem) sys.exit() if args.deny: @@ -1097,6 +1112,7 @@ if args.deny: postLog = [] cachedWebfingers = {} personCache = {} + signingPrivateKeyPem = None manualDenyFollowRequest(session, baseDir, httpPrefix, args.nickname, domain, port, @@ -1104,7 +1120,8 @@ if args.deny: federationList, sendThreads, postLog, cachedWebfingers, personCache, - debug, __version__) + debug, __version__, + signingPrivateKeyPem) sys.exit() if args.followerspending: @@ -1184,9 +1201,10 @@ if args.message: replyTo = args.replyto followersOnly = False isArticle = False + signingPrivateKeyPem = None print('Sending post to ' + args.sendto) - sendPostViaServer(__version__, + sendPostViaServer(signingPrivateKeyPem, __version__, baseDir, session, args.nickname, args.password, domain, port, toNickname, toDomain, toPort, ccUrl, @@ -1216,13 +1234,14 @@ if args.announce: session = createSession(proxyType) personCache = {} cachedWebfingers = {} + signingPrivateKeyPem = None print('Sending announce/repeat of ' + args.announce) sendAnnounceViaServer(baseDir, session, args.nickname, args.password, domain, port, httpPrefix, args.announce, cachedWebfingers, personCache, - True, __version__) + True, __version__, signingPrivateKeyPem) for i in range(10): # TODO detect send success/fail time.sleep(1) @@ -1255,13 +1274,14 @@ if args.box: args.port = 80 elif args.gnunet: proxyType = 'gnunet' + signingPrivateKeyPem = None session = createSession(proxyType) boxJson = c2sBoxJson(baseDir, session, args.nickname, args.password, domain, port, httpPrefix, args.box, args.pageNumber, - args.debug) + args.debug, signingPrivateKeyPem) if boxJson: pprint(boxJson) else: @@ -1311,6 +1331,7 @@ if args.itemName: session = createSession(proxyType) personCache = {} cachedWebfingers = {} + signingPrivateKeyPem = None print('Sending shared item: ' + args.itemName) sendShareViaServer(baseDir, session, @@ -1327,7 +1348,8 @@ if args.itemName: args.duration, cachedWebfingers, personCache, debug, __version__, - args.itemPrice, args.itemCurrency) + args.itemPrice, args.itemCurrency, + signingPrivateKeyPem) for i in range(10): # TODO detect send success/fail time.sleep(1) @@ -1348,6 +1370,7 @@ if args.undoItemName: session = createSession(proxyType) personCache = {} cachedWebfingers = {} + signingPrivateKeyPem = None print('Sending undo of shared item: ' + args.undoItemName) sendUndoShareViaServer(baseDir, session, @@ -1356,7 +1379,7 @@ if args.undoItemName: httpPrefix, args.undoItemName, cachedWebfingers, personCache, - debug, __version__) + debug, __version__, signingPrivateKeyPem) for i in range(10): # TODO detect send success/fail time.sleep(1) @@ -1405,6 +1428,7 @@ if args.wantedItemName: session = createSession(proxyType) personCache = {} cachedWebfingers = {} + signingPrivateKeyPem = None print('Sending wanted item: ' + args.wantedItemName) sendWantedViaServer(baseDir, session, @@ -1421,7 +1445,8 @@ if args.wantedItemName: args.duration, cachedWebfingers, personCache, debug, __version__, - args.itemPrice, args.itemCurrency) + args.itemPrice, args.itemCurrency, + signingPrivateKeyPem) for i in range(10): # TODO detect send success/fail time.sleep(1) @@ -1442,6 +1467,7 @@ if args.undoWantedItemName: session = createSession(proxyType) personCache = {} cachedWebfingers = {} + signingPrivateKeyPem = None print('Sending undo of wanted item: ' + args.undoWantedItemName) sendUndoWantedViaServer(baseDir, session, @@ -1450,7 +1476,7 @@ if args.undoWantedItemName: httpPrefix, args.undoWantedItemName, cachedWebfingers, personCache, - debug, __version__) + debug, __version__, signingPrivateKeyPem) for i in range(10): # TODO detect send success/fail time.sleep(1) @@ -1471,6 +1497,7 @@ if args.like: session = createSession(proxyType) personCache = {} cachedWebfingers = {} + signingPrivateKeyPem = None print('Sending like of ' + args.like) sendLikeViaServer(baseDir, session, @@ -1478,7 +1505,7 @@ if args.like: domain, port, httpPrefix, args.like, cachedWebfingers, personCache, - True, __version__) + True, __version__, signingPrivateKeyPem) for i in range(10): # TODO detect send success/fail time.sleep(1) @@ -1499,6 +1526,7 @@ if args.undolike: session = createSession(proxyType) personCache = {} cachedWebfingers = {} + signingPrivateKeyPem = None print('Sending undo like of ' + args.undolike) sendUndoLikeViaServer(baseDir, session, @@ -1506,7 +1534,8 @@ if args.undolike: domain, port, httpPrefix, args.undolike, cachedWebfingers, personCache, - True, __version__) + True, __version__, + signingPrivateKeyPem) for i in range(10): # TODO detect send success/fail time.sleep(1) @@ -1527,6 +1556,7 @@ if args.bookmark: session = createSession(proxyType) personCache = {} cachedWebfingers = {} + signingPrivateKeyPem = None print('Sending bookmark of ' + args.bookmark) sendBookmarkViaServer(baseDir, session, @@ -1534,7 +1564,8 @@ if args.bookmark: domain, port, httpPrefix, args.bookmark, cachedWebfingers, personCache, - True, __version__) + True, __version__, + signingPrivateKeyPem) for i in range(10): # TODO detect send success/fail time.sleep(1) @@ -1555,6 +1586,7 @@ if args.unbookmark: session = createSession(proxyType) personCache = {} cachedWebfingers = {} + signingPrivateKeyPem = None print('Sending undo bookmark of ' + args.unbookmark) sendUndoBookmarkViaServer(baseDir, session, @@ -1562,7 +1594,7 @@ if args.unbookmark: domain, port, httpPrefix, args.unbookmark, cachedWebfingers, personCache, - True, __version__) + True, __version__, signingPrivateKeyPem) for i in range(10): # TODO detect send success/fail time.sleep(1) @@ -1583,6 +1615,7 @@ if args.delete: session = createSession(proxyType) personCache = {} cachedWebfingers = {} + signingPrivateKeyPem = None print('Sending delete request of ' + args.delete) sendDeleteViaServer(baseDir, session, @@ -1590,7 +1623,7 @@ if args.delete: domain, port, httpPrefix, args.delete, cachedWebfingers, personCache, - True, __version__) + True, __version__, signingPrivateKeyPem) for i in range(10): # TODO detect send success/fail time.sleep(1) @@ -1623,6 +1656,7 @@ if args.follow: followHttpPrefix = httpPrefix if args.follow.startswith('https'): followHttpPrefix = 'https' + signingPrivateKeyPem = None sendFollowRequestViaServer(baseDir, session, args.nickname, args.password, @@ -1630,7 +1664,7 @@ if args.follow: followNickname, followDomain, followPort, httpPrefix, cachedWebfingers, personCache, - debug, __version__) + debug, __version__, signingPrivateKeyPem) for t in range(20): time.sleep(1) # TODO some method to know if it worked @@ -1664,6 +1698,7 @@ if args.unfollow: followHttpPrefix = httpPrefix if args.follow.startswith('https'): followHttpPrefix = 'https' + signingPrivateKeyPem = None sendUnfollowRequestViaServer(baseDir, session, args.nickname, args.password, @@ -1671,7 +1706,7 @@ if args.unfollow: followNickname, followDomain, followPort, httpPrefix, cachedWebfingers, personCache, - debug, __version__) + debug, __version__, signingPrivateKeyPem) for t in range(20): time.sleep(1) # TODO some method to know if it worked @@ -1694,6 +1729,7 @@ if args.followingList: personCache = {} cachedWebfingers = {} followHttpPrefix = httpPrefix + signingPrivateKeyPem = None followingJson = \ getFollowingViaServer(baseDir, session, @@ -1701,7 +1737,7 @@ if args.followingList: domain, port, httpPrefix, args.pageNumber, cachedWebfingers, personCache, - debug, __version__) + debug, __version__, signingPrivateKeyPem) if followingJson: pprint(followingJson) sys.exit() @@ -1722,6 +1758,7 @@ if args.followersList: personCache = {} cachedWebfingers = {} followHttpPrefix = httpPrefix + signingPrivateKeyPem = None followersJson = \ getFollowersViaServer(baseDir, session, @@ -1729,7 +1766,8 @@ if args.followersList: domain, port, httpPrefix, args.pageNumber, cachedWebfingers, personCache, - debug, __version__) + debug, __version__, + signingPrivateKeyPem) if followersJson: pprint(followersJson) sys.exit() @@ -1750,6 +1788,7 @@ if args.followRequestsList: personCache = {} cachedWebfingers = {} followHttpPrefix = httpPrefix + signingPrivateKeyPem = None followRequestsJson = \ getFollowRequestsViaServer(baseDir, session, @@ -1757,7 +1796,7 @@ if args.followRequestsList: domain, port, httpPrefix, args.pageNumber, cachedWebfingers, personCache, - debug, __version__) + debug, __version__, signingPrivateKeyPem) if followRequestsJson: pprint(followRequestsJson) sys.exit() @@ -1797,9 +1836,10 @@ if args.migrations: httpPrefix = 'https' port = 443 session = createSession(proxyType) + signingPrivateKeyPem = None ctr = migrateAccounts(baseDir, session, httpPrefix, cachedWebfingers, - True) + True, signingPrivateKeyPem) if ctr == 0: print('No followed accounts have moved') else: @@ -1807,7 +1847,9 @@ if args.migrations: sys.exit() if args.actor: - getActorJson(args.domain, args.actor, args.http, args.gnunet, debug) + signingPrivateKeyPem = None + getActorJson(args.domain, args.actor, args.http, args.gnunet, + debug, False, signingPrivateKeyPem) sys.exit() if args.followers: @@ -1883,9 +1925,11 @@ if args.followers: nickname = domain handle = nickname + '@' + domain + signingPrivateKeyPem = None wfRequest = webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - None, __version__, debug, False) + None, __version__, debug, False, + signingPrivateKeyPem) if not wfRequest: print('Unable to webfinger ' + handle) sys.exit() @@ -1927,9 +1971,10 @@ if args.followers: asHeader = { 'Accept': 'application/ld+json; profile="' + profileStr + '"' } - + signingPrivateKeyPem = None followersList = \ - downloadFollowCollection('followers', session, + downloadFollowCollection(signingPrivateKeyPem, + 'followers', session, httpPrefix, personUrl, 1, 3) if followersList: for actor in followersList: @@ -2179,6 +2224,7 @@ if args.skill: session = createSession(proxyType) personCache = {} cachedWebfingers = {} + signingPrivateKeyPem = None print('Sending ' + args.skill + ' skill level ' + str(args.skillLevelPercent) + ' for ' + nickname) @@ -2188,7 +2234,7 @@ if args.skill: httpPrefix, args.skill, args.skillLevelPercent, cachedWebfingers, personCache, - True, __version__) + True, __version__, signingPrivateKeyPem) for i in range(10): # TODO detect send success/fail time.sleep(1) @@ -2209,6 +2255,7 @@ if args.availability: session = createSession(proxyType) personCache = {} cachedWebfingers = {} + signingPrivateKeyPem = None print('Sending availability status of ' + nickname + ' as ' + args.availability) @@ -2217,7 +2264,7 @@ if args.availability: httpPrefix, args.availability, cachedWebfingers, personCache, - True, __version__) + True, __version__, signingPrivateKeyPem) for i in range(10): # TODO detect send success/fail time.sleep(1) @@ -2318,13 +2365,14 @@ if args.block: session = createSession(proxyType) personCache = {} cachedWebfingers = {} + signingPrivateKeyPem = None print('Sending block of ' + args.block) sendBlockViaServer(baseDir, session, nickname, args.password, domain, port, httpPrefix, args.block, cachedWebfingers, personCache, - True, __version__) + True, __version__, signingPrivateKeyPem) for i in range(10): # TODO detect send success/fail time.sleep(1) @@ -2345,13 +2393,14 @@ if args.mute: session = createSession(proxyType) personCache = {} cachedWebfingers = {} + signingPrivateKeyPem = None print('Sending mute of ' + args.mute) sendMuteViaServer(baseDir, session, nickname, args.password, domain, port, httpPrefix, args.mute, cachedWebfingers, personCache, - True, __version__) + True, __version__, signingPrivateKeyPem) for i in range(10): # TODO detect send success/fail time.sleep(1) @@ -2372,13 +2421,14 @@ if args.unmute: session = createSession(proxyType) personCache = {} cachedWebfingers = {} + signingPrivateKeyPem = None print('Sending undo mute of ' + args.unmute) sendUndoMuteViaServer(baseDir, session, nickname, args.password, domain, port, httpPrefix, args.unmute, cachedWebfingers, personCache, - True, __version__) + True, __version__, signingPrivateKeyPem) for i in range(10): # TODO detect send success/fail time.sleep(1) @@ -2411,13 +2461,14 @@ if args.unblock: session = createSession(proxyType) personCache = {} cachedWebfingers = {} + signingPrivateKeyPem = None print('Sending undo block of ' + args.unblock) sendUndoBlockViaServer(baseDir, session, nickname, args.password, domain, port, httpPrefix, args.unblock, cachedWebfingers, personCache, - True, __version__) + True, __version__, signingPrivateKeyPem) for i in range(10): # TODO detect send success/fail time.sleep(1) diff --git a/follow.py b/follow.py index b81786db3..5182f1ff5 100644 --- a/follow.py +++ b/follow.py @@ -631,7 +631,8 @@ def receiveFollowRequest(session, baseDir: str, httpPrefix: str, cachedWebfingers: {}, personCache: {}, messageJson: {}, federationList: [], debug: bool, projectVersion: str, - maxFollowers: int, onionDomain: str) -> bool: + maxFollowers: int, onionDomain: str, + signingPrivateKeyPem: str) -> bool: """Receives a follow request within the POST section of HTTPServer """ if not messageJson['type'].startswith('Follow'): @@ -743,7 +744,8 @@ def receiveFollowRequest(session, baseDir: str, httpPrefix: str, print('Obtaining the following actor: ' + messageJson['actor']) if not getPersonPubKey(baseDir, session, messageJson['actor'], personCache, debug, projectVersion, - httpPrefix, domainToFollow, onionDomain): + httpPrefix, domainToFollow, onionDomain, + signingPrivateKeyPem): if debug: print('Unable to obtain following actor: ' + messageJson['actor']) @@ -779,7 +781,8 @@ def receiveFollowRequest(session, baseDir: str, httpPrefix: str, print('Obtaining the following actor: ' + messageJson['actor']) if not getPersonPubKey(baseDir, session, messageJson['actor'], personCache, debug, projectVersion, - httpPrefix, domainToFollow, onionDomain): + httpPrefix, domainToFollow, onionDomain, + signingPrivateKeyPem): if debug: print('Unable to obtain following actor: ' + messageJson['actor']) @@ -824,7 +827,8 @@ def receiveFollowRequest(session, baseDir: str, httpPrefix: str, messageJson['actor'], federationList, messageJson, sendThreads, postLog, cachedWebfingers, personCache, - debug, projectVersion, True) + debug, projectVersion, True, + signingPrivateKeyPem) def followedAccountAccepts(session, baseDir: str, httpPrefix: str, @@ -835,7 +839,8 @@ def followedAccountAccepts(session, baseDir: str, httpPrefix: str, followJson: {}, sendThreads: [], postLog: [], cachedWebfingers: {}, personCache: {}, debug: bool, projectVersion: str, - removeFollowActivity: bool): + removeFollowActivity: bool, + signingPrivateKeyPem: str): """The person receiving a follow request accepts the new follower and sends back an Accept activity """ @@ -884,7 +889,7 @@ def followedAccountAccepts(session, baseDir: str, httpPrefix: str, federationList, sendThreads, postLog, cachedWebfingers, personCache, debug, projectVersion, None, - groupAccount) + groupAccount, signingPrivateKeyPem) def followedAccountRejects(session, baseDir: str, httpPrefix: str, @@ -894,7 +899,8 @@ def followedAccountRejects(session, baseDir: str, httpPrefix: str, federationList: [], sendThreads: [], postLog: [], cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str): + debug: bool, projectVersion: str, + signingPrivateKeyPem: str): """The person receiving a follow request rejects the new follower and sends back a Reject activity """ @@ -949,7 +955,7 @@ def followedAccountRejects(session, baseDir: str, httpPrefix: str, federationList, sendThreads, postLog, cachedWebfingers, personCache, debug, projectVersion, None, - groupAccount) + groupAccount, signingPrivateKeyPem) def sendFollowRequest(session, baseDir: str, @@ -960,7 +966,7 @@ def sendFollowRequest(session, baseDir: str, clientToServer: bool, federationList: [], sendThreads: [], postLog: [], cachedWebfingers: {}, personCache: {}, debug: bool, - projectVersion: str) -> {}: + projectVersion: str, signingPrivateKeyPem: str) -> {}: """Gets the json object for sending a follow request """ if not domainPermitted(followDomain, federationList): @@ -1016,7 +1022,8 @@ def sendFollowRequest(session, baseDir: str, httpPrefix, True, clientToServer, federationList, sendThreads, postLog, cachedWebfingers, personCache, - debug, projectVersion, None, groupAccount) + debug, projectVersion, None, groupAccount, + signingPrivateKeyPem) return newFollowJson @@ -1028,7 +1035,8 @@ def sendFollowRequestViaServer(baseDir: str, session, followPort: int, httpPrefix: str, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Creates a follow request via c2s """ if not session: @@ -1057,7 +1065,8 @@ def sendFollowRequestViaServer(baseDir: str, session, # lookup the inbox for the To handle wfRequest = \ webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - fromDomain, projectVersion, debug, False) + fromDomain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: follow request webfinger failed for ' + handle) @@ -1072,7 +1081,8 @@ def sendFollowRequestViaServer(baseDir: str, session, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, avatarUrl, - displayName) = getPersonBox(baseDir, session, wfRequest, personCache, + displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, fromNickname, fromDomain, postToBox, 52025) @@ -1114,7 +1124,8 @@ def sendUnfollowRequestViaServer(baseDir: str, session, followPort: int, httpPrefix: str, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Creates a unfollow request via c2s """ if not session: @@ -1147,7 +1158,8 @@ def sendUnfollowRequestViaServer(baseDir: str, session, # lookup the inbox for the To handle wfRequest = \ webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - fromDomain, projectVersion, debug, False) + fromDomain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: unfollow webfinger failed for ' + handle) @@ -1162,7 +1174,8 @@ def sendUnfollowRequestViaServer(baseDir: str, session, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, - avatarUrl, displayName) = getPersonBox(baseDir, session, + avatarUrl, displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, fromNickname, @@ -1205,7 +1218,8 @@ def getFollowingViaServer(baseDir: str, session, domain: str, port: int, httpPrefix: str, pageNumber: int, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Gets a page from the following collection as json """ if not session: @@ -1227,9 +1241,8 @@ def getFollowingViaServer(baseDir: str, session, pageNumber = 1 url = followActor + '/following?page=' + str(pageNumber) followingJson = \ - getJson(session, url, headers, {}, debug, - __version__, httpPrefix, - domain, 10, True) + getJson(signingPrivateKeyPem, session, url, headers, {}, debug, + __version__, httpPrefix, domain, 10, True) if not followingJson: if debug: print('DEBUG: GET following list failed for c2s to ' + url) @@ -1246,7 +1259,8 @@ def getFollowersViaServer(baseDir: str, session, domain: str, port: int, httpPrefix: str, pageNumber: int, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Gets a page from the followers collection as json """ if not session: @@ -1268,7 +1282,7 @@ def getFollowersViaServer(baseDir: str, session, pageNumber = 1 url = followActor + '/followers?page=' + str(pageNumber) followersJson = \ - getJson(session, url, headers, {}, debug, + getJson(signingPrivateKeyPem, session, url, headers, {}, debug, __version__, httpPrefix, domain, 10, True) if not followersJson: if debug: @@ -1286,7 +1300,8 @@ def getFollowRequestsViaServer(baseDir: str, session, domain: str, port: int, httpPrefix: str, pageNumber: int, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Gets a page from the follow requests collection as json """ if not session: @@ -1308,7 +1323,7 @@ def getFollowRequestsViaServer(baseDir: str, session, pageNumber = 1 url = followActor + '/followrequests?page=' + str(pageNumber) followersJson = \ - getJson(session, url, headers, {}, debug, + getJson(signingPrivateKeyPem, session, url, headers, {}, debug, __version__, httpPrefix, domain, 10, True) if not followersJson: if debug: @@ -1326,7 +1341,8 @@ def approveFollowRequestViaServer(baseDir: str, session, domain: str, port: int, httpPrefix: str, approveHandle: int, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> str: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> str: """Approves a follow request This is not exactly via c2s though. It simulates pressing the Approve button on the web interface @@ -1348,7 +1364,7 @@ def approveFollowRequestViaServer(baseDir: str, session, url = actor + '/followapprove=' + approveHandle approveHtml = \ - getJson(session, url, headers, {}, debug, + getJson(signingPrivateKeyPem, session, url, headers, {}, debug, __version__, httpPrefix, domain, 10, True) if not approveHtml: if debug: @@ -1366,7 +1382,8 @@ def denyFollowRequestViaServer(baseDir: str, session, domain: str, port: int, httpPrefix: str, denyHandle: int, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> str: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> str: """Denies a follow request This is not exactly via c2s though. It simulates pressing the Deny button on the web interface @@ -1388,7 +1405,7 @@ def denyFollowRequestViaServer(baseDir: str, session, url = actor + '/followdeny=' + denyHandle denyHtml = \ - getJson(session, url, headers, {}, debug, + getJson(signingPrivateKeyPem, session, url, headers, {}, debug, __version__, httpPrefix, domain, 10, True) if not denyHtml: if debug: diff --git a/inbox.py b/inbox.py index 1ca740a2f..16dd8314f 100644 --- a/inbox.py +++ b/inbox.py @@ -170,7 +170,8 @@ def _inboxStorePostToHtmlCache(recentPostsCache: {}, maxRecentPosts: int, peertubeInstances: [], allowLocalNetworkAccess: bool, themeName: str, systemLanguage: str, - maxLikeCount: int) -> None: + maxLikeCount: int, + signingPrivateKeyPem: str) -> None: """Converts the json post into html and stores it in a cache This enables the post to be quickly displayed later """ @@ -179,7 +180,8 @@ def _inboxStorePostToHtmlCache(recentPostsCache: {}, maxRecentPosts: int, if boxname != 'outbox': boxname = 'inbox' - individualPostAsHtml(True, recentPostsCache, maxRecentPosts, + individualPostAsHtml(signingPrivateKeyPem, + True, recentPostsCache, maxRecentPosts, translate, pageNumber, baseDir, session, cachedWebfingers, personCache, @@ -1271,7 +1273,8 @@ def _receiveAnnounce(recentPostsCache: {}, debug: bool, translate: {}, YTReplacementDomain: str, allowLocalNetworkAccess: bool, - themeName: str, systemLanguage: str) -> bool: + themeName: str, systemLanguage: str, + signingPrivateKeyPem: str) -> bool: """Receives an announce activity within the POST section of HTTPServer """ if messageJson['type'] != 'Announce': @@ -1371,7 +1374,8 @@ def _receiveAnnounce(recentPostsCache: {}, allowLocalNetworkAccess, recentPostsCache, debug, systemLanguage, - domainFull, personCache) + domainFull, personCache, + signingPrivateKeyPem) if not postJsonObject: notInOnion = True if onionDomain: @@ -1422,7 +1426,8 @@ def _receiveAnnounce(recentPostsCache: {}, getPersonPubKey(baseDir, session, lookupActor, personCache, debug, __version__, httpPrefix, - domain, onionDomain) + domain, onionDomain, + signingPrivateKeyPem) if pubKey: if debug: print('DEBUG: public key obtained for announce: ' + @@ -1694,7 +1699,8 @@ def _validPostContent(baseDir: str, nickname: str, domain: str, def _obtainAvatarForReplyPost(session, baseDir: str, httpPrefix: str, domain: str, onionDomain: str, personCache: {}, - postJsonObject: {}, debug: bool) -> None: + postJsonObject: {}, debug: bool, + signingPrivateKeyPem: str) -> None: """Tries to obtain the actor for the person being replied to so that their avatar can later be shown """ @@ -1725,7 +1731,7 @@ def _obtainAvatarForReplyPost(session, baseDir: str, httpPrefix: str, getPersonPubKey(baseDir, session, lookupActor, personCache, debug, __version__, httpPrefix, - domain, onionDomain) + domain, onionDomain, signingPrivateKeyPem) if pubKey: if debug: print('DEBUG: public key obtained for reply: ' + lookupActor) @@ -1904,7 +1910,8 @@ def _sendToGroupMembers(session, baseDir: str, handle: str, port: int, sendThreads: [], postLog: [], cachedWebfingers: {}, personCache: {}, debug: bool, systemLanguage: str, - onionDomain: str, i2pDomain: str) -> None: + onionDomain: str, i2pDomain: str, + signingPrivateKeyPem: str) -> None: """When a post arrives for a group send it out to the group members """ if debug: @@ -1951,7 +1958,7 @@ def _sendToGroupMembers(session, baseDir: str, handle: str, port: int, False, False, sendThreads, postLog, personCache, cachedWebfingers, - debug, __version__) + debug, __version__, signingPrivateKeyPem) sendToFollowersThread(session, baseDir, nickname, domain, onionDomain, i2pDomain, port, @@ -1960,7 +1967,8 @@ def _sendToGroupMembers(session, baseDir: str, handle: str, port: int, cachedWebfingers, personCache, announceJson, debug, __version__, sharedItemsFederatedDomains, - sharedItemFederationTokens) + sharedItemFederationTokens, + signingPrivateKeyPem) def _inboxUpdateCalendar(baseDir: str, handle: str, @@ -2074,7 +2082,8 @@ def _bounceDM(senderPostId: str, session, httpPrefix: str, sendThreads: [], postLog: [], cachedWebfingers: {}, personCache: {}, translate: {}, debug: bool, - lastBounceMessage: [], systemLanguage: str) -> bool: + lastBounceMessage: [], systemLanguage: str, + signingPrivateKeyPem: str) -> bool: """Sends a bounce message back to the sending handle if a DM has been rejected """ @@ -2144,7 +2153,8 @@ def _bounceDM(senderPostId: str, session, httpPrefix: str, senderNickname, senderDomain, senderPort, cc, httpPrefix, False, False, federationList, sendThreads, postLog, cachedWebfingers, - personCache, debug, __version__, None, groupAccount) + personCache, debug, __version__, None, groupAccount, + signingPrivateKeyPem) return True @@ -2157,7 +2167,8 @@ def _isValidDM(baseDir: str, nickname: str, domain: str, port: int, personCache: {}, translate: {}, debug: bool, lastBounceMessage: [], - handle: str, systemLanguage: str) -> bool: + handle: str, systemLanguage: str, + signingPrivateKeyPem: str) -> bool: """Is the given message a valid DM? """ if nickname == 'inbox': @@ -2233,7 +2244,8 @@ def _isValidDM(baseDir: str, nickname: str, domain: str, port: int, personCache, translate, debug, lastBounceMessage, - systemLanguage) + systemLanguage, + signingPrivateKeyPem) return False # dm index will be updated @@ -2260,7 +2272,7 @@ def _inboxAfterInitial(recentPostsCache: {}, maxRecentPosts: int, peertubeInstances: [], lastBounceMessage: [], themeName: str, systemLanguage: str, - maxLikeCount: int) -> bool: + maxLikeCount: int, signingPrivateKeyPem: str) -> bool: """ Anything which needs to be done after initial checks have passed """ actor = keyId @@ -2341,7 +2353,8 @@ def _inboxAfterInitial(recentPostsCache: {}, maxRecentPosts: int, debug, translate, YTReplacementDomain, allowLocalNetworkAccess, - themeName, systemLanguage): + themeName, systemLanguage, + signingPrivateKeyPem): if debug: print('DEBUG: Announce accepted from ' + actor) @@ -2466,7 +2479,8 @@ def _inboxAfterInitial(recentPostsCache: {}, maxRecentPosts: int, postJsonObject, debug, __version__, sharedItemsFederatedDomains, - sharedItemFederationTokens) + sharedItemFederationTokens, + signingPrivateKeyPem) isReplyToMutedPost = False @@ -2483,7 +2497,8 @@ def _inboxAfterInitial(recentPostsCache: {}, maxRecentPosts: int, personCache, translate, debug, lastBounceMessage, - handle, systemLanguage): + handle, systemLanguage, + signingPrivateKeyPem): return False # get the actor being replied to @@ -2519,7 +2534,7 @@ def _inboxAfterInitial(recentPostsCache: {}, maxRecentPosts: int, translate, YTReplacementDomain, allowLocalNetworkAccess, recentPostsCache, debug, systemLanguage, - domainFull, personCache): + domainFull, personCache, signingPrivateKeyPem): # media index will be updated updateIndexList.append('tlmedia') if isBlogPost(postJsonObject): @@ -2529,7 +2544,8 @@ def _inboxAfterInitial(recentPostsCache: {}, maxRecentPosts: int, # get the avatar for a reply/announce _obtainAvatarForReplyPost(session, baseDir, httpPrefix, domain, onionDomain, - personCache, postJsonObject, debug) + personCache, postJsonObject, debug, + signingPrivateKeyPem) # save the post to file if saveJson(postJsonObject, destinationFilename): @@ -2594,7 +2610,8 @@ def _inboxAfterInitial(recentPostsCache: {}, maxRecentPosts: int, peertubeInstances, allowLocalNetworkAccess, themeName, systemLanguage, - maxLikeCount) + maxLikeCount, + signingPrivateKeyPem) if debug: timeDiff = \ str(int((time.time() - htmlCacheStartTime) * @@ -2617,7 +2634,8 @@ def _inboxAfterInitial(recentPostsCache: {}, maxRecentPosts: int, httpPrefix, federationList, sendThreads, postLog, cachedWebfingers, personCache, debug, systemLanguage, - onionDomain, i2pDomain) + onionDomain, i2pDomain, + signingPrivateKeyPem) # if the post wasn't saved if not os.path.isfile(destinationFilename): @@ -2857,7 +2875,7 @@ def runInboxQueue(recentPostsCache: {}, maxRecentPosts: int, peertubeInstances: [], verifyAllSignatures: bool, themeName: str, systemLanguage: str, - maxLikeCount: int) -> None: + maxLikeCount: int, signingPrivateKeyPem: str) -> None: """Processes received items and moves them to the appropriate directories """ @@ -3008,7 +3026,7 @@ def runInboxQueue(recentPostsCache: {}, maxRecentPosts: int, getPersonPubKey(baseDir, session, keyId, personCache, debug, projectVersion, httpPrefix, - domain, onionDomain) + domain, onionDomain, signingPrivateKeyPem) if pubKey: if debug: print('DEBUG: public key: ' + str(pubKey)) @@ -3129,7 +3147,8 @@ def runInboxQueue(recentPostsCache: {}, maxRecentPosts: int, queueJson['post'], federationList, debug, projectVersion, - maxFollowers, onionDomain): + maxFollowers, onionDomain, + signingPrivateKeyPem): if os.path.isfile(queueFilename): os.remove(queueFilename) if len(queue) > 0: @@ -3246,7 +3265,8 @@ def runInboxQueue(recentPostsCache: {}, maxRecentPosts: int, peertubeInstances, lastBounceMessage, themeName, systemLanguage, - maxLikeCount) + maxLikeCount, + signingPrivateKeyPem) if debug: pprint(queueJson['post']) print('Queue: Queue post accepted') diff --git a/like.py b/like.py index 1eddf571d..b0617c942 100644 --- a/like.py +++ b/like.py @@ -62,7 +62,8 @@ def _like(recentPostsCache: {}, clientToServer: bool, sendThreads: [], postLog: [], personCache: {}, cachedWebfingers: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Creates a like actor is the person doing the liking 'to' might be a specific person (actor) whose post was liked @@ -122,7 +123,8 @@ def _like(recentPostsCache: {}, 'https://www.w3.org/ns/activitystreams#Public', httpPrefix, True, clientToServer, federationList, sendThreads, postLog, cachedWebfingers, personCache, - debug, projectVersion, None, groupAccount) + debug, projectVersion, None, groupAccount, + signingPrivateKeyPem) return newLikeJson @@ -135,7 +137,8 @@ def likePost(recentPostsCache: {}, likeStatusNumber: int, clientToServer: bool, sendThreads: [], postLog: [], personCache: {}, cachedWebfingers: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Likes a given status post. This is only used by unit tests """ likeDomain = getFullDomain(likeDomain, likePort) @@ -147,7 +150,7 @@ def likePost(recentPostsCache: {}, session, baseDir, federationList, nickname, domain, port, ccList, httpPrefix, objectUrl, actorLiked, clientToServer, sendThreads, postLog, personCache, cachedWebfingers, - debug, projectVersion) + debug, projectVersion, signingPrivateKeyPem) def sendLikeViaServer(baseDir: str, session, @@ -155,7 +158,8 @@ def sendLikeViaServer(baseDir: str, session, fromDomain: str, fromPort: int, httpPrefix: str, likeUrl: str, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Creates a like via c2s """ if not session: @@ -178,7 +182,8 @@ def sendLikeViaServer(baseDir: str, session, # lookup the inbox for the To handle wfRequest = webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - fromDomain, projectVersion, debug, False) + fromDomain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: like webfinger failed for ' + handle) @@ -192,7 +197,8 @@ def sendLikeViaServer(baseDir: str, session, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, - avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest, + avatarUrl, displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, fromNickname, fromDomain, @@ -233,7 +239,8 @@ def sendUndoLikeViaServer(baseDir: str, session, fromDomain: str, fromPort: int, httpPrefix: str, likeUrl: str, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Undo a like via c2s """ if not session: @@ -260,7 +267,8 @@ def sendUndoLikeViaServer(baseDir: str, session, # lookup the inbox for the To handle wfRequest = webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - fromDomain, projectVersion, debug, False) + fromDomain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: unlike webfinger failed for ' + handle) @@ -275,7 +283,8 @@ def sendUndoLikeViaServer(baseDir: str, session, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, - avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest, + avatarUrl, displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, fromNickname, fromDomain, postToBox, diff --git a/manualapprove.py b/manualapprove.py index 907cd4b82..97b6ae7b6 100644 --- a/manualapprove.py +++ b/manualapprove.py @@ -26,7 +26,8 @@ def manualDenyFollowRequest(session, baseDir: str, sendThreads: [], postLog: [], cachedWebfingers: {}, personCache: {}, debug: bool, - projectVersion: str) -> None: + projectVersion: str, + signingPrivateKeyPem: str) -> None: """Manually deny a follow request """ accountsDir = acctDir(baseDir, nickname, domain) @@ -60,7 +61,8 @@ def manualDenyFollowRequest(session, baseDir: str, federationList, sendThreads, postLog, cachedWebfingers, personCache, - debug, projectVersion) + debug, projectVersion, + signingPrivateKeyPem) print('Follow request from ' + denyHandle + ' was denied.') @@ -87,7 +89,8 @@ def manualApproveFollowRequest(session, baseDir: str, sendThreads: [], postLog: [], cachedWebfingers: {}, personCache: {}, debug: bool, - projectVersion: str) -> None: + projectVersion: str, + signingPrivateKeyPem: str) -> None: """Manually approve a follow request """ handle = nickname + '@' + domain @@ -176,7 +179,8 @@ def manualApproveFollowRequest(session, baseDir: str, cachedWebfingers, personCache, debug, - projectVersion, False) + projectVersion, False, + signingPrivateKeyPem) updateApprovedFollowers = True else: # this isn't the approved follow so it will remain diff --git a/migrate.py b/migrate.py index a093cc8fe..4f355f718 100644 --- a/migrate.py +++ b/migrate.py @@ -23,7 +23,8 @@ from person import getActorJson def _moveFollowingHandlesForAccount(baseDir: str, nickname: str, domain: str, session, httpPrefix: str, cachedWebfingers: {}, - debug: bool) -> int: + debug: bool, + signingPrivateKeyPem: str) -> int: """Goes through all follows for an account and updates any that have moved """ ctr = 0 @@ -38,14 +39,14 @@ def _moveFollowingHandlesForAccount(baseDir: str, nickname: str, domain: str, _updateMovedHandle(baseDir, nickname, domain, followHandle, session, httpPrefix, cachedWebfingers, - debug) + debug, signingPrivateKeyPem) return ctr def _updateMovedHandle(baseDir: str, nickname: str, domain: str, handle: str, session, httpPrefix: str, cachedWebfingers: {}, - debug: bool) -> int: + debug: bool, signingPrivateKeyPem: str) -> int: """Check if an account has moved, and if so then alter following.txt for each account. Returns 1 if moved, 0 otherwise @@ -59,7 +60,8 @@ def _updateMovedHandle(baseDir: str, nickname: str, domain: str, handle = handle[1:] wfRequest = webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - None, __version__, debug, False) + None, __version__, debug, False, + signingPrivateKeyPem) if not wfRequest: print('updateMovedHandle unable to webfinger ' + handle) return ctr @@ -83,7 +85,8 @@ def _updateMovedHandle(baseDir: str, nickname: str, domain: str, if httpPrefix == 'gnunet': gnunet = True personJson = \ - getActorJson(domain, personUrl, httpPrefix, gnunet, debug) + getActorJson(domain, personUrl, httpPrefix, gnunet, debug, False, + signingPrivateKeyPem) if not personJson: return ctr if not personJson.get('movedTo'): @@ -172,7 +175,7 @@ def _updateMovedHandle(baseDir: str, nickname: str, domain: str, def migrateAccounts(baseDir: str, session, httpPrefix: str, cachedWebfingers: {}, - debug: bool) -> int: + debug: bool, signingPrivateKeyPem: str) -> int: """If followed accounts change then this modifies the following lists for each account accordingly. Returns the number of accounts migrated @@ -188,6 +191,7 @@ def migrateAccounts(baseDir: str, session, ctr += \ _moveFollowingHandlesForAccount(baseDir, nickname, domain, session, httpPrefix, - cachedWebfingers, debug) + cachedWebfingers, debug, + signingPrivateKeyPem) break return ctr diff --git a/outbox.py b/outbox.py index b8b6fb98d..1e56d0446 100644 --- a/outbox.py +++ b/outbox.py @@ -194,7 +194,8 @@ def postMessageToOutbox(session, translate: {}, city: str, systemLanguage: str, sharedItemsFederatedDomains: [], sharedItemFederationTokens: {}, - lowBandwidth: bool) -> bool: + lowBandwidth: bool, + signingPrivateKeyPem: str) -> bool: """post is received by the outbox Client to server message post https://www.w3.org/TR/activitypub/#client-to-server-outbox-delivery @@ -407,7 +408,8 @@ def postMessageToOutbox(session, translate: {}, translate, YTReplacementDomain, allowLocalNetworkAccess, recentPostsCache, debug, systemLanguage, - domainFull, personCache): + domainFull, personCache, + signingPrivateKeyPem): inboxUpdateIndex('tlmedia', baseDir, postToNickname + '@' + domain, savedFilename, debug) @@ -468,7 +470,8 @@ def postMessageToOutbox(session, translate: {}, messageJson, debug, version, sharedItemsFederatedDomains, - sharedItemFederationTokens) + sharedItemFederationTokens, + signingPrivateKeyPem) followersThreads.append(followersThread) if debug: @@ -592,5 +595,6 @@ def postMessageToOutbox(session, translate: {}, messageJson, debug, version, sharedItemsFederatedDomains, - sharedItemFederationTokens) + sharedItemFederationTokens, + signingPrivateKeyPem) return True diff --git a/person.py b/person.py index 742d62665..0a86abe53 100644 --- a/person.py +++ b/person.py @@ -1216,7 +1216,8 @@ def _detectUsersPath(url: str) -> str: def getActorJson(hostDomain: str, handle: str, http: bool, gnunet: bool, - debug: bool, quiet: bool = False) -> ({}, {}): + debug: bool, quiet: bool, + signingPrivateKeyPem: str) -> ({}, {}): """Returns the actor json """ if debug: @@ -1307,7 +1308,7 @@ def getActorJson(hostDomain: str, handle: str, http: bool, gnunet: bool, wfRequest = webfingerHandle(session, handle, httpPrefix, cachedWebfingers, None, __version__, debug, - groupAccount) + groupAccount, signingPrivateKeyPem) if not wfRequest: if not quiet: print('getActorJson Unable to webfinger ' + handle) @@ -1361,7 +1362,7 @@ def getActorJson(hostDomain: str, handle: str, http: bool, gnunet: bool, 'Accept': headerMimeType + '; profile="' + profileStr + '"' } personJson = \ - getJson(session, personUrl, asHeader, None, + getJson(signingPrivateKeyPem, session, personUrl, asHeader, None, debug, __version__, httpPrefix, hostDomain, 20, quiet) if personJson: if not quiet: diff --git a/pgp.py b/pgp.py index 345a0c5f3..c1178e19e 100644 --- a/pgp.py +++ b/pgp.py @@ -334,14 +334,16 @@ def _pgpEncrypt(content: str, recipientPubKey: str) -> str: return encryptResult -def _getPGPPublicKeyFromActor(domain: str, handle: str, +def _getPGPPublicKeyFromActor(signingPrivateKeyPem: str, + domain: str, handle: str, actorJson: {} = None) -> str: """Searches tags on the actor to see if there is any PGP public key specified """ if not actorJson: actorJson, asHeader = \ - getActorJson(domain, handle, False, False, False, True) + getActorJson(domain, handle, False, False, False, True, + signingPrivateKeyPem) if not actorJson: return None if not actorJson.get('attachment'): @@ -373,18 +375,21 @@ def hasLocalPGPkey() -> bool: return False -def pgpEncryptToActor(domain: str, content: str, toHandle: str) -> str: +def pgpEncryptToActor(domain: str, content: str, toHandle: str, + signingPrivateKeyPem: str) -> str: """PGP encrypt a message to the given actor or handle """ # get the actor and extract the pgp public key from it - recipientPubKey = _getPGPPublicKeyFromActor(domain, toHandle) + recipientPubKey = \ + _getPGPPublicKeyFromActor(signingPrivateKeyPem, domain, toHandle) if not recipientPubKey: return None # encrypt using the recipient public key return _pgpEncrypt(content, recipientPubKey) -def pgpDecrypt(domain: str, content: str, fromHandle: str) -> str: +def pgpDecrypt(domain: str, content: str, fromHandle: str, + signingPrivateKeyPem: str) -> str: """ Encrypt using your default pgp key to the given recipient fromHandle can be a handle or actor url """ @@ -395,7 +400,9 @@ def pgpDecrypt(domain: str, content: str, fromHandle: str) -> str: if containsPGPPublicKey(content): pubKey = extractPGPPublicKey(content) else: - pubKey = _getPGPPublicKeyFromActor(domain, content, fromHandle) + pubKey = \ + _getPGPPublicKeyFromActor(signingPrivateKeyPem, + domain, content, fromHandle) if pubKey: _pgpImportPubKey(pubKey) @@ -450,7 +457,8 @@ def pgpPublicKeyUpload(baseDir: str, session, domain: str, port: int, httpPrefix: str, cachedWebfingers: {}, personCache: {}, - debug: bool, test: str) -> {}: + debug: bool, test: str, + signingPrivateKeyPem: str) -> {}: if debug: print('pgpPublicKeyUpload') @@ -482,7 +490,8 @@ def pgpPublicKeyUpload(baseDir: str, session, print('Getting actor for ' + handle) actorJson, asHeader = \ - getActorJson(domainFull, handle, False, False, debug, True) + getActorJson(domainFull, handle, False, False, debug, True, + signingPrivateKeyPem) if not actorJson: if debug: print('No actor returned for ' + handle) @@ -549,7 +558,8 @@ def pgpPublicKeyUpload(baseDir: str, session, # lookup the inbox for the To handle wfRequest = \ webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - domain, __version__, debug, False) + domain, __version__, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: pgp actor update webfinger failed for ' + @@ -566,7 +576,8 @@ def pgpPublicKeyUpload(baseDir: str, session, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, avatarUrl, - displayName) = getPersonBox(baseDir, session, wfRequest, personCache, + displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, __version__, httpPrefix, nickname, domain, postToBox, 52025) diff --git a/posts.py b/posts.py index aa9ffde00..d91d520e5 100644 --- a/posts.py +++ b/posts.py @@ -184,7 +184,8 @@ def getUserUrl(wfRequest: {}, sourceId: int = 0, debug: bool = False) -> str: return None -def parseUserFeed(session, feedUrl: str, asHeader: {}, +def parseUserFeed(signingPrivateKeyPem: str, + session, feedUrl: str, asHeader: {}, projectVersion: str, httpPrefix: str, domain: str, debug: bool, depth: int = 0) -> []: if depth > 10: @@ -195,7 +196,7 @@ def parseUserFeed(session, feedUrl: str, asHeader: {}, if debug: print('Getting user feed for ' + feedUrl) print('User feed header ' + str(asHeader)) - feedJson = getJson(session, feedUrl, asHeader, None, + feedJson = getJson(signingPrivateKeyPem, session, feedUrl, asHeader, None, False, projectVersion, httpPrefix, domain) if not feedJson: if debug: @@ -222,7 +223,8 @@ def parseUserFeed(session, feedUrl: str, asHeader: {}, if isinstance(nextUrl, str): if '?max_id=0' not in nextUrl: userFeed = \ - parseUserFeed(session, nextUrl, asHeader, + parseUserFeed(signingPrivateKeyPem, + session, nextUrl, asHeader, projectVersion, httpPrefix, domain, debug, depth + 1) if userFeed: @@ -238,7 +240,8 @@ def _getPersonBoxActor(session, baseDir: str, actor: str, profileStr: str, asHeader: {}, debug: bool, projectVersion: str, httpPrefix: str, domain: str, - personCache: {}) -> {}: + personCache: {}, + signingPrivateKeyPem: str) -> {}: """Returns the actor json for the given actor url """ personJson = \ @@ -250,14 +253,14 @@ def _getPersonBoxActor(session, baseDir: str, actor: str, asHeader = { 'Accept': 'application/ld+json; profile="' + profileStr + '"' } - personJson = getJson(session, actor, asHeader, None, + personJson = getJson(signingPrivateKeyPem, session, actor, asHeader, None, debug, projectVersion, httpPrefix, domain) if personJson: return personJson asHeader = { 'Accept': 'application/ld+json; profile="' + profileStr + '"' } - personJson = getJson(session, actor, asHeader, None, + personJson = getJson(signingPrivateKeyPem, session, actor, asHeader, None, debug, projectVersion, httpPrefix, domain) if personJson: return personJson @@ -265,8 +268,8 @@ def _getPersonBoxActor(session, baseDir: str, actor: str, return None -def getPersonBox(baseDir: str, session, wfRequest: {}, - personCache: {}, +def getPersonBox(signingPrivateKeyPem: str, + baseDir: str, session, wfRequest: {}, personCache: {}, projectVersion: str, httpPrefix: str, nickname: str, domain: str, boxName: str = 'inbox', @@ -304,7 +307,7 @@ def getPersonBox(baseDir: str, session, wfRequest: {}, profileStr, asHeader, debug, projectVersion, httpPrefix, domain, - personCache) + personCache, signingPrivateKeyPem) if not personJson: return None, None, None, None, None, None, None @@ -366,7 +369,8 @@ def _getPosts(session, outboxUrl: str, maxPosts: int, personCache: {}, raw: bool, simple: bool, debug: bool, projectVersion: str, httpPrefix: str, - domain: str, systemLanguage: str) -> {}: + domain: str, systemLanguage: str, + signingPrivateKeyPem: str) -> {}: """Gets public posts from an outbox """ if debug: @@ -387,7 +391,8 @@ def _getPosts(session, outboxUrl: str, maxPosts: int, print('Returning the raw feed') result = [] i = 0 - userFeed = parseUserFeed(session, outboxUrl, asHeader, + userFeed = parseUserFeed(signingPrivateKeyPem, + session, outboxUrl, asHeader, projectVersion, httpPrefix, domain, debug) for item in userFeed: result.append(item) @@ -399,7 +404,8 @@ def _getPosts(session, outboxUrl: str, maxPosts: int, if debug: print('Returning a human readable version of the feed') - userFeed = parseUserFeed(session, outboxUrl, asHeader, + userFeed = parseUserFeed(signingPrivateKeyPem, + session, outboxUrl, asHeader, projectVersion, httpPrefix, domain, debug) if not userFeed: return personPosts @@ -617,7 +623,8 @@ def getPostDomains(session, outboxUrl: str, maxPosts: int, projectVersion: str, httpPrefix: str, domain: str, wordFrequency: {}, - domainList: [], systemLanguage: str) -> []: + domainList: [], systemLanguage: str, + signingPrivateKeyPem: str) -> []: """Returns a list of domains referenced within public posts """ if not outboxUrl: @@ -634,7 +641,8 @@ def getPostDomains(session, outboxUrl: str, maxPosts: int, postDomains = domainList i = 0 - userFeed = parseUserFeed(session, outboxUrl, asHeader, + userFeed = parseUserFeed(signingPrivateKeyPem, + session, outboxUrl, asHeader, projectVersion, httpPrefix, domain, debug) for item in userFeed: i += 1 @@ -672,7 +680,8 @@ def _getPostsForBlockedDomains(baseDir: str, personCache: {}, debug: bool, projectVersion: str, httpPrefix: str, - domain: str) -> {}: + domain: str, + signingPrivateKeyPem: str) -> {}: """Returns a dictionary of posts for blocked domains """ if not outboxUrl: @@ -689,7 +698,8 @@ def _getPostsForBlockedDomains(baseDir: str, blockedPosts = {} i = 0 - userFeed = parseUserFeed(session, outboxUrl, asHeader, + userFeed = parseUserFeed(signingPrivateKeyPem, + session, outboxUrl, asHeader, projectVersion, httpPrefix, domain, debug) for item in userFeed: i += 1 @@ -2025,7 +2035,7 @@ def threadSendPost(session, postJsonStr: str, federationList: [], tries += 1 -def sendPost(projectVersion: str, +def sendPost(signingPrivateKeyPem: str, projectVersion: str, session, baseDir: str, nickname: str, domain: str, port: int, toNickname: str, toDomain: str, toPort: int, cc: str, httpPrefix: str, content: str, followersOnly: bool, @@ -2057,7 +2067,8 @@ def sendPost(projectVersion: str, # lookup the inbox for the To handle wfRequest = webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - domain, projectVersion, debug, False) + domain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: return 1 if not isinstance(wfRequest, dict): @@ -2075,7 +2086,8 @@ def sendPost(projectVersion: str, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, toPersonId, sharedInbox, - avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest, + avatarUrl, displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, nickname, domain, postToBox, @@ -2171,7 +2183,7 @@ def sendPost(projectVersion: str, return 0 -def sendPostViaServer(projectVersion: str, +def sendPostViaServer(signingPrivateKeyPem: str, projectVersion: str, baseDir: str, session, fromNickname: str, password: str, fromDomain: str, fromPort: int, toNickname: str, toDomain: str, toPort: int, cc: str, @@ -2200,7 +2212,8 @@ def sendPostViaServer(projectVersion: str, # lookup the inbox for the To handle wfRequest = \ webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - fromDomainFull, projectVersion, debug, False) + fromDomainFull, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: post webfinger failed for ' + handle) @@ -2217,7 +2230,8 @@ def sendPostViaServer(projectVersion: str, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, - avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest, + avatarUrl, displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, fromNickname, @@ -2361,7 +2375,8 @@ def sendSignedJson(postJsonObject: {}, session, baseDir: str, federationList: [], sendThreads: [], postLog: [], cachedWebfingers: {}, personCache: {}, debug: bool, projectVersion: str, - sharedItemsToken: str, groupAccount: bool) -> int: + sharedItemsToken: str, groupAccount: bool, + signingPrivateKeyPem: str) -> int: """Sends a signed json object to an inbox/outbox """ if debug: @@ -2397,7 +2412,8 @@ def sendSignedJson(postJsonObject: {}, session, baseDir: str, # lookup the inbox for the To handle wfRequest = webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - domain, projectVersion, debug, groupAccount) + domain, projectVersion, debug, groupAccount, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: webfinger for ' + handle + ' failed') @@ -2419,7 +2435,8 @@ def sendSignedJson(postJsonObject: {}, session, baseDir: str, # get the actor inbox/outbox for the To handle (inboxUrl, pubKeyId, pubKey, toPersonId, sharedInboxUrl, avatarUrl, - displayName) = getPersonBox(baseDir, session, wfRequest, + displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, nickname, domain, postToBox, @@ -2603,7 +2620,8 @@ def sendToNamedAddresses(session, baseDir: str, postJsonObject: {}, debug: bool, projectVersion: str, sharedItemsFederatedDomains: [], - sharedItemFederationTokens: {}) -> None: + sharedItemFederationTokens: {}, + signingPrivateKeyPem: str) -> None: """sends a post to the specific named addresses in to/cc """ if not session: @@ -2740,11 +2758,12 @@ def sendToNamedAddresses(session, baseDir: str, federationList, sendThreads, postLog, cachedWebfingers, personCache, debug, projectVersion, - sharedItemsToken, groupAccount) + sharedItemsToken, groupAccount, + signingPrivateKeyPem) def _hasSharedInbox(session, httpPrefix: str, domain: str, - debug: bool) -> bool: + debug: bool, signingPrivateKeyPem: str) -> bool: """Returns true if the given domain has a shared inbox This tries the new and the old way of webfingering the shared inbox """ @@ -2754,7 +2773,8 @@ def _hasSharedInbox(session, httpPrefix: str, domain: str, tryHandles.append('inbox@' + domain) for handle in tryHandles: wfRequest = webfingerHandle(session, handle, httpPrefix, {}, - None, __version__, debug, False) + None, __version__, debug, False, + signingPrivateKeyPem) if wfRequest: if isinstance(wfRequest, dict): if not wfRequest.get('errors'): @@ -2790,7 +2810,8 @@ def sendToFollowers(session, baseDir: str, postJsonObject: {}, debug: bool, projectVersion: str, sharedItemsFederatedDomains: [], - sharedItemFederationTokens: {}) -> None: + sharedItemFederationTokens: {}, + signingPrivateKeyPem: str) -> None: """sends a post to the followers of the given nickname """ print('sendToFollowers') @@ -2848,8 +2869,9 @@ def sendToFollowers(session, baseDir: str, print('Sending post to followers domain is active: ' + followerDomainUrl) - withSharedInbox = _hasSharedInbox(session, httpPrefix, - followerDomain, debug) + withSharedInbox = \ + _hasSharedInbox(session, httpPrefix, followerDomain, debug, + signingPrivateKeyPem) if debug: if withSharedInbox: print(followerDomain + ' has shared inbox') @@ -2909,7 +2931,8 @@ def sendToFollowers(session, baseDir: str, federationList, sendThreads, postLog, cachedWebfingers, personCache, debug, projectVersion, - sharedItemsToken, groupAccount) + sharedItemsToken, groupAccount, + signingPrivateKeyPem) else: # send to individual followers without using a shared inbox for handle in followerHandles: @@ -2937,7 +2960,8 @@ def sendToFollowers(session, baseDir: str, federationList, sendThreads, postLog, cachedWebfingers, personCache, debug, projectVersion, - sharedItemsToken, groupAccount) + sharedItemsToken, groupAccount, + signingPrivateKeyPem) time.sleep(4) @@ -2959,7 +2983,8 @@ def sendToFollowersThread(session, baseDir: str, postJsonObject: {}, debug: bool, projectVersion: str, sharedItemsFederatedDomains: [], - sharedItemFederationTokens: {}): + sharedItemFederationTokens: {}, + signingPrivateKeyPem: str): """Returns a thread used to send a post to followers """ sendThread = \ @@ -2973,7 +2998,8 @@ def sendToFollowersThread(session, baseDir: str, postJsonObject.copy(), debug, projectVersion, sharedItemsFederatedDomains, - sharedItemFederationTokens), daemon=True) + sharedItemFederationTokens, + signingPrivateKeyPem), daemon=True) try: sendThread.start() except SocketError as e: @@ -3149,7 +3175,8 @@ def isImageMedia(session, baseDir: str, httpPrefix: str, allowLocalNetworkAccess: bool, recentPostsCache: {}, debug: bool, systemLanguage: str, - domainFull: str, personCache: {}) -> bool: + domainFull: str, personCache: {}, + signingPrivateKeyPem: str) -> bool: """Returns true if the given post has attached image media """ if postJsonObject['type'] == 'Announce': @@ -3161,7 +3188,8 @@ def isImageMedia(session, baseDir: str, httpPrefix: str, allowLocalNetworkAccess, recentPostsCache, debug, systemLanguage, - domainFull, personCache) + domainFull, personCache, + signingPrivateKeyPem) if postJsonAnnounce: postJsonObject = postJsonAnnounce if postJsonObject['type'] != 'Create': @@ -3724,7 +3752,8 @@ def getPublicPostsOfPerson(baseDir: str, nickname: str, domain: str, raw: bool, simple: bool, proxyType: str, port: int, httpPrefix: str, debug: bool, projectVersion: str, - systemLanguage: str) -> None: + systemLanguage: str, + signingPrivateKeyPem: str) -> None: """ This is really just for test purposes """ print('Starting new session for getting public posts') @@ -3745,7 +3774,8 @@ def getPublicPostsOfPerson(baseDir: str, nickname: str, domain: str, wfRequest = \ webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - domain, projectVersion, debug, groupAccount) + domain, projectVersion, debug, groupAccount, + signingPrivateKeyPem) if not wfRequest: if debug: print('No webfinger result was returned for ' + handle) @@ -3759,7 +3789,8 @@ def getPublicPostsOfPerson(baseDir: str, nickname: str, domain: str, print('Getting the outbox for ' + handle) (personUrl, pubKeyId, pubKey, personId, shaedInbox, - avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest, + avatarUrl, displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, nickname, domain, 'outbox', @@ -3773,14 +3804,16 @@ def getPublicPostsOfPerson(baseDir: str, nickname: str, domain: str, _getPosts(session, personUrl, 30, maxMentions, maxEmoji, maxAttachments, federationList, personCache, raw, simple, debug, - projectVersion, httpPrefix, domain, systemLanguage) + projectVersion, httpPrefix, domain, systemLanguage, + signingPrivateKeyPem) def getPublicPostDomains(session, baseDir: str, nickname: str, domain: str, proxyType: str, port: int, httpPrefix: str, debug: bool, projectVersion: str, wordFrequency: {}, domainList: [], - systemLanguage: str) -> []: + systemLanguage: str, + signingPrivateKeyPem: str) -> []: """ Returns a list of domains referenced within public posts """ if not session: @@ -3795,7 +3828,8 @@ def getPublicPostDomains(session, baseDir: str, nickname: str, domain: str, handle = httpPrefix + "://" + domainFull + "/@" + nickname wfRequest = \ webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - domain, projectVersion, debug, False) + domain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: return domainList if not isinstance(wfRequest, dict): @@ -3805,7 +3839,8 @@ def getPublicPostDomains(session, baseDir: str, nickname: str, domain: str, (personUrl, pubKeyId, pubKey, personId, sharedInbox, - avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest, + avatarUrl, displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, nickname, domain, 'outbox', @@ -3818,12 +3853,14 @@ def getPublicPostDomains(session, baseDir: str, nickname: str, domain: str, maxAttachments, federationList, personCache, debug, projectVersion, httpPrefix, domain, - wordFrequency, domainList, systemLanguage) + wordFrequency, domainList, systemLanguage, + signingPrivateKeyPem) postDomains.sort() return postDomains -def downloadFollowCollection(followType: str, +def downloadFollowCollection(signingPrivateKeyPem: str, + followType: str, session, httpPrefix: str, actor: str, pageNumber: int = 1, noOfPages: int = 1, debug: bool = False) -> []: @@ -3843,7 +3880,7 @@ def downloadFollowCollection(followType: str, for pageCtr in range(noOfPages): url = actor + '/' + followType + '?page=' + str(pageNumber + pageCtr) followersJson = \ - getJson(session, url, sessionHeaders, None, + getJson(signingPrivateKeyPem, session, url, sessionHeaders, None, debug, __version__, httpPrefix, None) if followersJson: if followersJson.get('orderedItems'): @@ -3860,7 +3897,8 @@ def downloadFollowCollection(followType: str, def getPublicPostInfo(session, baseDir: str, nickname: str, domain: str, proxyType: str, port: int, httpPrefix: str, debug: bool, projectVersion: str, - wordFrequency: {}, systemLanguage: str) -> []: + wordFrequency: {}, systemLanguage: str, + signingPrivateKeyPem: str) -> []: """ Returns a dict of domains referenced within public posts """ if not session: @@ -3875,7 +3913,8 @@ def getPublicPostInfo(session, baseDir: str, nickname: str, domain: str, handle = httpPrefix + "://" + domainFull + "/@" + nickname wfRequest = \ webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - domain, projectVersion, debug, False) + domain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: return {} if not isinstance(wfRequest, dict): @@ -3885,7 +3924,8 @@ def getPublicPostInfo(session, baseDir: str, nickname: str, domain: str, (personUrl, pubKeyId, pubKey, personId, sharedInbox, - avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest, + avatarUrl, displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, nickname, domain, 'outbox', @@ -3899,7 +3939,7 @@ def getPublicPostInfo(session, baseDir: str, nickname: str, domain: str, maxAttachments, federationList, personCache, debug, projectVersion, httpPrefix, domain, - wordFrequency, [], systemLanguage) + wordFrequency, [], systemLanguage, signingPrivateKeyPem) postDomains.sort() domainsInfo = {} for d in postDomains: @@ -3914,7 +3954,7 @@ def getPublicPostInfo(session, baseDir: str, nickname: str, domain: str, personCache, debug, projectVersion, httpPrefix, - domain) + domain, signingPrivateKeyPem) for blockedDomain, postUrlList in blockedPosts.items(): domainsInfo[blockedDomain] += postUrlList @@ -3926,7 +3966,8 @@ def getPublicPostDomainsBlocked(session, baseDir: str, proxyType: str, port: int, httpPrefix: str, debug: bool, projectVersion: str, wordFrequency: {}, domainList: [], - systemLanguage: str) -> []: + systemLanguage: str, + signingPrivateKeyPem: str) -> []: """ Returns a list of domains referenced within public posts which are globally blocked on this instance """ @@ -3934,7 +3975,8 @@ def getPublicPostDomainsBlocked(session, baseDir: str, getPublicPostDomains(session, baseDir, nickname, domain, proxyType, port, httpPrefix, debug, projectVersion, - wordFrequency, domainList, systemLanguage) + wordFrequency, domainList, systemLanguage, + signingPrivateKeyPem) if not postDomains: return [] @@ -3983,7 +4025,8 @@ def checkDomains(session, baseDir: str, proxyType: str, port: int, httpPrefix: str, debug: bool, projectVersion: str, maxBlockedDomains: int, singleCheck: bool, - systemLanguage: str) -> None: + systemLanguage: str, + signingPrivateKeyPem: str) -> None: """Checks follower accounts for references to globally blocked domains """ wordFrequency = {} @@ -4012,7 +4055,8 @@ def checkDomains(session, baseDir: str, proxyType, port, httpPrefix, debug, projectVersion, wordFrequency, [], - systemLanguage) + systemLanguage, + signingPrivateKeyPem) if blockedDomains: if len(blockedDomains) > maxBlockedDomains: followerWarningStr += handle + '\n' @@ -4033,7 +4077,8 @@ def checkDomains(session, baseDir: str, proxyType, port, httpPrefix, debug, projectVersion, wordFrequency, [], - systemLanguage) + systemLanguage, + signingPrivateKeyPem) if blockedDomains: print(handle) for d in blockedDomains: @@ -4133,7 +4178,8 @@ def downloadAnnounce(session, baseDir: str, httpPrefix: str, allowLocalNetworkAccess: bool, recentPostsCache: {}, debug: bool, systemLanguage: str, - domainFull: str, personCache: {}) -> {}: + domainFull: str, personCache: {}, + signingPrivateKeyPem: str) -> {}: """Download the post referenced by an announce """ if not postJsonObject.get('object'): @@ -4206,8 +4252,8 @@ def downloadAnnounce(session, baseDir: str, httpPrefix: str, print('Downloading Announce content for ' + postJsonObject['object']) announcedJson = \ - getJson(session, postJsonObject['object'], asHeader, - None, debug, projectVersion, httpPrefix, domain) + getJson(signingPrivateKeyPem, session, postJsonObject['object'], + asHeader, None, debug, projectVersion, httpPrefix, domain) if not announcedJson: return None @@ -4351,7 +4397,8 @@ def sendBlockViaServer(baseDir: str, session, fromDomain: str, fromPort: int, httpPrefix: str, blockedUrl: str, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Creates a block via c2s """ if not session: @@ -4378,7 +4425,8 @@ def sendBlockViaServer(baseDir: str, session, # lookup the inbox for the To handle wfRequest = webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - fromDomain, projectVersion, debug, False) + fromDomain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: block webfinger failed for ' + handle) @@ -4393,7 +4441,8 @@ def sendBlockViaServer(baseDir: str, session, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, avatarUrl, - displayName) = getPersonBox(baseDir, session, wfRequest, + displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, fromNickname, fromDomain, postToBox, 72652) @@ -4431,7 +4480,8 @@ def sendMuteViaServer(baseDir: str, session, fromDomain: str, fromPort: int, httpPrefix: str, mutedUrl: str, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Creates a mute via c2s """ if not session: @@ -4454,7 +4504,8 @@ def sendMuteViaServer(baseDir: str, session, # lookup the inbox for the To handle wfRequest = webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - fromDomain, projectVersion, debug, False) + fromDomain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: mute webfinger failed for ' + handle) @@ -4469,7 +4520,8 @@ def sendMuteViaServer(baseDir: str, session, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, avatarUrl, - displayName) = getPersonBox(baseDir, session, wfRequest, + displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, fromNickname, fromDomain, postToBox, 72652) @@ -4507,7 +4559,8 @@ def sendUndoMuteViaServer(baseDir: str, session, fromDomain: str, fromPort: int, httpPrefix: str, mutedUrl: str, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Undoes a mute via c2s """ if not session: @@ -4535,7 +4588,8 @@ def sendUndoMuteViaServer(baseDir: str, session, # lookup the inbox for the To handle wfRequest = webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - fromDomain, projectVersion, debug, False) + fromDomain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: undo mute webfinger failed for ' + handle) @@ -4550,7 +4604,8 @@ def sendUndoMuteViaServer(baseDir: str, session, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, avatarUrl, - displayName) = getPersonBox(baseDir, session, wfRequest, + displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, fromNickname, fromDomain, postToBox, 72652) @@ -4589,7 +4644,8 @@ def sendUndoBlockViaServer(baseDir: str, session, fromDomain: str, fromPort: int, httpPrefix: str, blockedUrl: str, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Creates a block via c2s """ if not session: @@ -4620,7 +4676,8 @@ def sendUndoBlockViaServer(baseDir: str, session, # lookup the inbox for the To handle wfRequest = webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - fromDomain, projectVersion, debug, False) + fromDomain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: unblock webfinger failed for ' + handle) @@ -4635,7 +4692,8 @@ def sendUndoBlockViaServer(baseDir: str, session, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, avatarUrl, - displayName) = getPersonBox(baseDir, session, wfRequest, personCache, + displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, fromNickname, fromDomain, postToBox, 53892) @@ -4697,7 +4755,7 @@ def c2sBoxJson(baseDir: str, session, domain: str, port: int, httpPrefix: str, boxName: str, pageNumber: int, - debug: bool) -> {}: + debug: bool, signingPrivateKeyPem: str) -> {}: """C2S Authenticated GET of posts for a timeline """ if not session: @@ -4719,7 +4777,7 @@ def c2sBoxJson(baseDir: str, session, # GET json url = actor + '/' + boxName + '?page=' + str(pageNumber) - boxJson = getJson(session, url, headers, None, + boxJson = getJson(signingPrivateKeyPem, session, url, headers, None, debug, __version__, httpPrefix, None) if boxJson is not None and debug: diff --git a/schedule.py b/schedule.py index 3395b47df..e29d46cff 100644 --- a/schedule.py +++ b/schedule.py @@ -115,7 +115,8 @@ def _updatePostSchedule(baseDir: str, handle: str, httpd, httpd.city, httpd.systemLanguage, httpd.sharedItemsFederatedDomains, httpd.sharedItemFederationTokens, - httpd.lowBandwidth): + httpd.lowBandwidth, + httpd.signingPrivateKeyPem): indexLines.remove(line) os.remove(postFilename) continue diff --git a/session.py b/session.py index d82241d1b..5602d2678 100644 --- a/session.py +++ b/session.py @@ -87,7 +87,7 @@ def urlExists(session, url: str, timeoutSec: int = 3, def _getJsonRequest(session, url: str, domainFull: str, sessionHeaders: {}, sessionParams: {}, timeoutSec: int, - privateKeyPem: str, quiet: bool, debug: bool) -> {}: + signingPrivateKeyPem: str, quiet: bool, debug: bool) -> {}: """http GET for json """ try: @@ -95,12 +95,12 @@ def _getJsonRequest(session, url: str, domainFull: str, sessionHeaders: {}, params=sessionParams, timeout=timeoutSec) if result.status_code != 200: if result.status_code == 401: - if not privateKeyPem: + if not signingPrivateKeyPem: print("WARN: getJson requires secure fetch url: " + url) else: return _getJsonSigned(session, url, domainFull, sessionHeaders, sessionParams, - timeoutSec, privateKeyPem, + timeoutSec, signingPrivateKeyPem, quiet, debug) elif result.status_code == 403: print('WARN: getJson Forbidden url: ' + url) @@ -138,7 +138,7 @@ def _getJsonRequest(session, url: str, domainFull: str, sessionHeaders: {}, def _getJsonSigned(session, url: str, domainFull: str, sessionHeaders: {}, sessionParams: {}, timeoutSec: int, - privateKeyPem: str, quiet: bool, debug: bool) -> {}: + signingPrivateKeyPem: str, quiet: bool, debug: bool) -> {}: """Authorized fetch """ if not domainFull: @@ -175,27 +175,26 @@ def _getJsonSigned(session, url: str, domainFull: str, sessionHeaders: {}, nickname = domain if debug: - print('Signed GET privateKeyPem: ' + privateKeyPem) + print('Signed GET privateKeyPem: ' + signingPrivateKeyPem) print('Signed GET nickname: ' + nickname) print('Signed GET domain: ' + domain + ' ' + str(port)) print('Signed GET toDomain: ' + toDomain + ' ' + str(toPort)) print('Signed GET url: ' + url) print('Signed GET httpPrefix: ' + httpPrefix) signatureHeaderJson = \ - createSignedHeader(privateKeyPem, nickname, domain, port, - toDomain, toPort, - url, httpPrefix, False, '') + createSignedHeader(signingPrivateKeyPem, nickname, domain, port, + toDomain, toPort, url, httpPrefix, False, '') for key, value in signatureHeaderJson.items(): if key == 'Accept' or key == 'User-Agent': continue sessionHeaders[key] = value return _getJsonRequest(session, url, domainFull, sessionHeaders, - sessionParams, timeoutSec, - None, quiet, debug) + sessionParams, timeoutSec, None, quiet, debug) -def getJson(session, url: str, headers: {}, params: {}, debug: bool, +def getJson(signingPrivateKeyPem: str, + session, url: str, headers: {}, params: {}, debug: bool, version: str = '1.2.0', httpPrefix: str = 'https', domain: str = 'testdomain', timeoutSec: int = 20, quiet: bool = False) -> {}: @@ -222,10 +221,9 @@ def getJson(session, url: str, headers: {}, params: {}, debug: bool, if debug: HTTPConnection.debuglevel = 1 - privateKeyPem = 'TODO instance actor private key' return _getJsonRequest(session, url, domain, sessionHeaders, sessionParams, timeoutSec, - privateKeyPem, quiet, debug) + signingPrivateKeyPem, quiet, debug) def postJson(httpPrefix: str, domainFull: str, diff --git a/shares.py b/shares.py index e4b7e4045..dd40d583b 100644 --- a/shares.py +++ b/shares.py @@ -535,7 +535,8 @@ def sendShareViaServer(baseDir, session, location: str, duration: str, cachedWebfingers: {}, personCache: {}, debug: bool, projectVersion: str, - itemPrice: str, itemCurrency: str) -> {}: + itemPrice: str, itemCurrency: str, + signingPrivateKeyPem: str) -> {}: """Creates an item share via c2s """ if not session: @@ -585,7 +586,8 @@ def sendShareViaServer(baseDir, session, wfRequest = \ webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - fromDomain, projectVersion, debug, False) + fromDomain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: share webfinger failed for ' + handle) @@ -600,7 +602,8 @@ def sendShareViaServer(baseDir, session, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, - avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest, + avatarUrl, displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, fromNickname, fromDomain, postToBox, @@ -652,7 +655,8 @@ def sendUndoShareViaServer(baseDir: str, session, fromDomain: str, fromPort: int, httpPrefix: str, displayName: str, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Undoes a share via c2s """ if not session: @@ -685,7 +689,8 @@ def sendUndoShareViaServer(baseDir: str, session, # lookup the inbox for the To handle wfRequest = \ webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - fromDomain, projectVersion, debug, False) + fromDomain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: unshare webfinger failed for ' + handle) @@ -700,7 +705,8 @@ def sendUndoShareViaServer(baseDir: str, session, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, - avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest, + avatarUrl, displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, fromNickname, fromDomain, postToBox, @@ -747,7 +753,8 @@ def sendWantedViaServer(baseDir, session, location: str, duration: str, cachedWebfingers: {}, personCache: {}, debug: bool, projectVersion: str, - itemMaxPrice: str, itemCurrency: str) -> {}: + itemMaxPrice: str, itemCurrency: str, + signingPrivateKeyPem: str) -> {}: """Creates a wanted item via c2s """ if not session: @@ -797,7 +804,8 @@ def sendWantedViaServer(baseDir, session, wfRequest = \ webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - fromDomain, projectVersion, debug, False) + fromDomain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: share webfinger failed for ' + handle) @@ -812,7 +820,8 @@ def sendWantedViaServer(baseDir, session, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, - avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest, + avatarUrl, displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, fromNickname, fromDomain, postToBox, @@ -864,7 +873,8 @@ def sendUndoWantedViaServer(baseDir: str, session, fromDomain: str, fromPort: int, httpPrefix: str, displayName: str, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Undoes a wanted item via c2s """ if not session: @@ -897,7 +907,8 @@ def sendUndoWantedViaServer(baseDir: str, session, # lookup the inbox for the To handle wfRequest = \ webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - fromDomain, projectVersion, debug, False) + fromDomain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: unwant webfinger failed for ' + handle) @@ -912,7 +923,8 @@ def sendUndoWantedViaServer(baseDir: str, session, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, - avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest, + avatarUrl, displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, fromNickname, fromDomain, postToBox, @@ -953,7 +965,8 @@ def sendUndoWantedViaServer(baseDir: str, session, def getSharedItemsCatalogViaServer(baseDir, session, nickname: str, password: str, domain: str, port: int, - httpPrefix: str, debug: bool) -> {}: + httpPrefix: str, debug: bool, + signingPrivateKeyPem: str) -> {}: """Returns the shared items catalog via c2s """ if not session: @@ -972,8 +985,8 @@ def getSharedItemsCatalogViaServer(baseDir, session, url = localActorUrl(httpPrefix, nickname, domainFull) + '/catalog' if debug: print('Shared items catalog request to: ' + url) - catalogJson = getJson(session, url, headers, None, debug, - __version__, httpPrefix, None) + catalogJson = getJson(signingPrivateKeyPem, session, url, headers, None, + debug, __version__, httpPrefix, None) if not catalogJson: if debug: print('DEBUG: GET shared items catalog failed for c2s to ' + url) diff --git a/skills.py b/skills.py index af8e125a4..7f99acd9a 100644 --- a/skills.py +++ b/skills.py @@ -177,7 +177,8 @@ def sendSkillViaServer(baseDir: str, session, nickname: str, password: str, httpPrefix: str, skill: str, skillLevelPercent: int, cachedWebfingers: {}, personCache: {}, - debug: bool, projectVersion: str) -> {}: + debug: bool, projectVersion: str, + signingPrivateKeyPem: str) -> {}: """Sets a skill for a person via c2s """ if not session: @@ -209,7 +210,8 @@ def sendSkillViaServer(baseDir: str, session, nickname: str, password: str, wfRequest = \ webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - domain, projectVersion, debug, False) + domain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: if debug: print('DEBUG: skill webfinger failed for ' + handle) @@ -224,7 +226,8 @@ def sendSkillViaServer(baseDir: str, session, nickname: str, password: str, # get the actor inbox for the To handle (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, - avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest, + avatarUrl, displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, nickname, domain, postToBox, 86725) diff --git a/socnet.py b/socnet.py index cd2d4da72..62b357b25 100644 --- a/socnet.py +++ b/socnet.py @@ -18,7 +18,7 @@ def instancesGraph(baseDir: str, handles: str, proxyType: str, port: int, httpPrefix: str, debug: bool, projectVersion: str, - systemLanguage: str) -> str: + systemLanguage: str, signingPrivateKeyPem: str) -> str: """ Returns a dot graph of federating instances based upon a few sample handles. The handles argument should contain a comma separated list @@ -54,7 +54,8 @@ def instancesGraph(baseDir: str, handles: str, wfRequest = \ webfingerHandle(session, handle, httpPrefix, cachedWebfingers, - domain, projectVersion, debug, False) + domain, projectVersion, debug, False, + signingPrivateKeyPem) if not wfRequest: return dotGraphStr + '}\n' if not isinstance(wfRequest, dict): @@ -64,7 +65,8 @@ def instancesGraph(baseDir: str, handles: str, (personUrl, pubKeyId, pubKey, personId, shaedInbox, - avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest, + avatarUrl, displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, wfRequest, personCache, projectVersion, httpPrefix, nickname, domain, 'outbox', @@ -75,7 +77,8 @@ def instancesGraph(baseDir: str, handles: str, maxAttachments, federationList, personCache, debug, projectVersion, httpPrefix, domain, - wordFrequency, [], systemLanguage) + wordFrequency, [], systemLanguage, + signingPrivateKeyPem) postDomains.sort() for fedDomain in postDomains: dotLineStr = ' "' + domain + '" -> "' + fedDomain + '";\n' diff --git a/tests.py b/tests.py index 323b2bd2d..20bf548f1 100644 --- a/tests.py +++ b/tests.py @@ -978,8 +978,9 @@ def testPostMessageBetweenServers(): assert len([name for name in os.listdir(outboxPath) if os.path.isfile(os.path.join(outboxPath, name))]) == 0 lowBandwidth = False + signingPrivateKeyPem = None sendResult = \ - sendPost(__version__, + sendPost(signingPrivateKeyPem, __version__, sessionAlice, aliceDir, 'alice', aliceDomain, alicePort, 'bob', bobDomain, bobPort, ccUrl, httpPrefix, 'Why is a mouse when it spins? ' + @@ -1100,7 +1101,7 @@ def testPostMessageBetweenServers(): 'alice', aliceDomain, alicePort, [], statusNumber, False, bobSendThreads, bobPostLog, bobPersonCache, bobCachedWebfingers, - True, __version__) + True, __version__, signingPrivateKeyPem) for i in range(20): if 'likes' in open(outboxPostFilename).read(): @@ -1135,7 +1136,7 @@ def testPostMessageBetweenServers(): objectUrl, False, bobSendThreads, bobPostLog, bobPersonCache, bobCachedWebfingers, - True, __version__) + True, __version__, signingPrivateKeyPem) announceMessageArrived = False outboxMessageArrived = False for i in range(10): @@ -1270,6 +1271,7 @@ def testFollowBetweenServers(): aliceCachedWebfingers = {} alicePostLog = [] bobActor = httpPrefix + '://' + bobAddress + '/users/bob' + signingPrivateKeyPem = None sendResult = \ sendFollowRequest(sessionAlice, aliceDir, 'alice', aliceDomain, alicePort, httpPrefix, @@ -1278,7 +1280,7 @@ def testFollowBetweenServers(): clientToServer, federationList, aliceSendThreads, alicePostLog, aliceCachedWebfingers, alicePersonCache, - True, __version__) + True, __version__, signingPrivateKeyPem) print('sendResult: ' + str(sendResult)) for t in range(16): @@ -1315,8 +1317,9 @@ def testFollowBetweenServers(): isArticle = False city = 'London, England' lowBandwidth = False + signingPrivateKeyPem = None sendResult = \ - sendPost(__version__, + sendPost(signingPrivateKeyPem, __version__, sessionAlice, aliceDir, 'alice', aliceDomain, alicePort, 'bob', bobDomain, bobPort, ccUrl, httpPrefix, 'Alice message', followersOnly, saveToFile, @@ -1466,6 +1469,7 @@ def testSharedItemsFederation(): aliceCachedWebfingers = {} alicePostLog = [] bobActor = httpPrefix + '://' + bobAddress + '/users/bob' + signingPrivateKeyPem = None sendResult = \ sendFollowRequest(sessionAlice, aliceDir, 'alice', aliceDomain, alicePort, httpPrefix, @@ -1474,7 +1478,7 @@ def testSharedItemsFederation(): clientToServer, federationList, aliceSendThreads, alicePostLog, aliceCachedWebfingers, alicePersonCache, - True, __version__) + True, __version__, signingPrivateKeyPem) print('sendResult: ' + str(sendResult)) for t in range(16): @@ -1527,6 +1531,7 @@ def testSharedItemsFederation(): sharedItemDuration = "10 days" sharedItemPrice = "1.30" sharedItemCurrency = "EUR" + signingPrivateKeyPem = None shareJson = \ sendShareViaServer(bobDir, sessionBob, 'bob', bobPassword, @@ -1537,7 +1542,8 @@ def testSharedItemsFederation(): sharedItemLocation, sharedItemDuration, bobCachedWebfingers, bobPersonCache, True, __version__, - sharedItemPrice, sharedItemCurrency) + sharedItemPrice, sharedItemCurrency, + signingPrivateKeyPem) assert shareJson assert isinstance(shareJson, dict) sharedItemName = 'Epicyon T-shirt' @@ -1560,7 +1566,8 @@ def testSharedItemsFederation(): sharedItemLocation, sharedItemDuration, bobCachedWebfingers, bobPersonCache, True, __version__, - sharedItemPrice, sharedItemCurrency) + sharedItemPrice, sharedItemCurrency, + signingPrivateKeyPem) assert shareJson assert isinstance(shareJson, dict) sharedItemName = 'Soldering iron' @@ -1583,7 +1590,8 @@ def testSharedItemsFederation(): sharedItemLocation, sharedItemDuration, bobCachedWebfingers, bobPersonCache, True, __version__, - sharedItemPrice, sharedItemCurrency) + sharedItemPrice, sharedItemCurrency, + signingPrivateKeyPem) assert shareJson assert isinstance(shareJson, dict) @@ -1605,9 +1613,11 @@ def testSharedItemsFederation(): print('\n\n*********************************************************') print('Bob can read the shared items catalog on his own instance') + signingPrivateKeyPem = None catalogJson = \ getSharedItemsCatalogViaServer(bobDir, sessionBob, 'bob', bobPassword, - bobDomain, bobPort, httpPrefix, True) + bobDomain, bobPort, httpPrefix, True, + signingPrivateKeyPem) assert catalogJson pprint(catalogJson) assert 'DFC:supplies' in catalogJson @@ -1633,8 +1643,9 @@ def testSharedItemsFederation(): isArticle = False city = 'London, England' lowBandwidth = False + signingPrivateKeyPem = None sendResult = \ - sendPost(__version__, + sendPost(signingPrivateKeyPem, __version__, sessionAlice, aliceDir, 'alice', aliceDomain, alicePort, 'bob', bobDomain, bobPort, ccUrl, httpPrefix, 'Alice message', followersOnly, saveToFile, @@ -1697,7 +1708,9 @@ def testSharedItemsFederation(): 'Accept': 'application/json' } url = httpPrefix + '://' + bobAddress + '/catalog' - catalogJson = getJson(sessionAlice, url, headers, None, True) + signingPrivateKeyPem = None + catalogJson = getJson(signingPrivateKeyPem, sessionAlice, url, headers, + None, True) assert catalogJson pprint(catalogJson) assert 'DFC:supplies' in catalogJson @@ -1836,8 +1849,9 @@ def testGroupFollow(): asHeader = { 'Accept': 'application/ld+json; profile="' + profileStr + '"' } - outboxJson = getJson(session, aliceOutbox, asHeader, None, - True, __version__, 'http', None) + signingPrivateKeyPem = None + outboxJson = getJson(signingPrivateKeyPem, session, aliceOutbox, asHeader, + None, True, __version__, 'http', None) assert outboxJson pprint(outboxJson) assert outboxJson['type'] == 'OrderedCollection' @@ -1847,8 +1861,8 @@ def testGroupFollow(): print('Alice outbox totalItems: ' + str(outboxJson['totalItems'])) assert outboxJson['totalItems'] == 3 - outboxJson = getJson(session, firstPage, asHeader, None, - True, __version__, 'http', None) + outboxJson = getJson(signingPrivateKeyPem, session, firstPage, asHeader, + None, True, __version__, 'http', None) assert outboxJson pprint(outboxJson) assert 'orderedItems' in outboxJson @@ -1879,6 +1893,7 @@ def testGroupFollow(): alicePostLog = [] # aliceActor = httpPrefix + '://' + aliceAddress + '/users/alice' testgroupActor = httpPrefix + '://' + testgroupAddress + '/users/testgroup' + signingPrivateKeyPem = None sendResult = \ sendFollowRequest(sessionAlice, aliceDir, 'alice', aliceDomain, alicePort, httpPrefix, @@ -1887,7 +1902,7 @@ def testGroupFollow(): clientToServer, federationList, aliceSendThreads, alicePostLog, aliceCachedWebfingers, alicePersonCache, - True, __version__) + True, __version__, signingPrivateKeyPem) print('sendResult: ' + str(sendResult)) aliceFollowingFilename = \ @@ -1954,6 +1969,7 @@ def testGroupFollow(): bobPostLog = [] # bobActor = httpPrefix + '://' + bobAddress + '/users/bob' testgroupActor = httpPrefix + '://' + testgroupAddress + '/users/testgroup' + signingPrivateKeyPem = None sendResult = \ sendFollowRequest(sessionBob, bobDir, 'bob', bobDomain, bobPort, httpPrefix, @@ -1962,7 +1978,7 @@ def testGroupFollow(): clientToServer, federationList, bobSendThreads, bobPostLog, bobCachedWebfingers, bobPersonCache, - True, __version__) + True, __version__, signingPrivateKeyPem) print('sendResult: ' + str(sendResult)) bobFollowingFilename = \ @@ -2025,8 +2041,9 @@ def testGroupFollow(): isArticle = False city = 'London, England' lowBandwidth = False + signingPrivateKeyPem = None sendResult = \ - sendPost(__version__, + sendPost(signingPrivateKeyPem, __version__, sessionAlice, aliceDir, 'alice', aliceDomain, alicePort, 'testgroup', testgroupDomain, testgroupPort, ccUrl, httpPrefix, "Alice group message", followersOnly, @@ -2553,8 +2570,9 @@ def testClientToServer(): assert len([name for name in os.listdir(bobOutboxPath) if os.path.isfile(os.path.join(bobOutboxPath, name))]) == 0 print('EVENT: all inboxes and outboxes are empty') + signingPrivateKeyPem = None sendResult = \ - sendPostViaServer(__version__, + sendPostViaServer(signingPrivateKeyPem, __version__, aliceDir, sessionAlice, 'alice', password, aliceDomain, alicePort, 'bob', bobDomain, bobPort, None, @@ -2619,13 +2637,14 @@ def testClientToServer(): aliceDomain, alicePort) print('\n\nAlice follows Bob') + signingPrivateKeyPem = None sendFollowRequestViaServer(aliceDir, sessionAlice, 'alice', password, aliceDomain, alicePort, 'bob', bobDomain, bobPort, httpPrefix, cachedWebfingers, personCache, - True, __version__) + True, __version__, signingPrivateKeyPem) alicePetnamesFilename = aliceDir + '/accounts/' + \ 'alice@' + aliceDomain + '/petnames.txt' aliceFollowingFilename = \ @@ -2667,7 +2686,7 @@ def testClientToServer(): 'alice', aliceDomain, alicePort, httpPrefix, cachedWebfingers, personCache, - True, __version__) + True, __version__, signingPrivateKeyPem) for t in range(10): if os.path.isfile(aliceDir + '/accounts/alice@' + aliceDomain + '/followers.txt'): @@ -2722,7 +2741,7 @@ def testClientToServer(): bobDomain, bobPort, httpPrefix, outboxPostId, cachedWebfingers, personCache, - True, __version__) + True, __version__, signingPrivateKeyPem) for i in range(20): if os.path.isdir(outboxPath) and os.path.isdir(inboxPath): if len([name for name in os.listdir(outboxPath) @@ -2753,11 +2772,13 @@ def testClientToServer(): showTestBoxes('alice', aliceInboxPath, aliceOutboxPath) showTestBoxes('bob', bobInboxPath, bobOutboxPath) print('\n\nEVENT: Bob repeats the post') + signingPrivateKeyPem = None sendAnnounceViaServer(bobDir, sessionBob, 'bob', password, bobDomain, bobPort, httpPrefix, outboxPostId, cachedWebfingers, - personCache, True, __version__) + personCache, True, __version__, + signingPrivateKeyPem) for i in range(20): if os.path.isdir(outboxPath) and os.path.isdir(inboxPath): if len([name for name in os.listdir(outboxPath) @@ -2788,7 +2809,7 @@ def testClientToServer(): aliceDomain, alicePort, httpPrefix, outboxPostId, cachedWebfingers, personCache, - True, __version__) + True, __version__, signingPrivateKeyPem) for i in range(30): if os.path.isdir(inboxPath): test = len([name for name in os.listdir(inboxPath) @@ -2813,7 +2834,7 @@ def testClientToServer(): 'bob', bobDomain, bobPort, httpPrefix, cachedWebfingers, personCache, - True, __version__) + True, __version__, signingPrivateKeyPem) for t in range(10): if 'alice@' + aliceDomain + ':' + str(alicePort) not in \ open(bobFollowersFilename).read(): @@ -4704,13 +4725,14 @@ def testUpdateActor(): 'fnaZ2Wi050483Sj2RmQRpb99Dod7rVZTDtCqXk0J\n' + \ '=gv5G\n' + \ '-----END PGP PUBLIC KEY BLOCK-----' + signingPrivateKeyPem = None actorUpdate = \ pgpPublicKeyUpload(aliceDir, sessionAlice, 'alice', password, aliceDomain, alicePort, httpPrefix, cachedWebfingers, personCache, - True, pubKey) + True, pubKey, signingPrivateKeyPem) print('actor update result: ' + str(actorUpdate)) assert actorUpdate diff --git a/webapp_confirm.py b/webapp_confirm.py index 982c8f921..2bc63a939 100644 --- a/webapp_confirm.py +++ b/webapp_confirm.py @@ -34,7 +34,7 @@ def htmlConfirmDelete(cssCache: {}, peertubeInstances: [], allowLocalNetworkAccess: bool, themeName: str, systemLanguage: str, - maxLikeCount: int) -> str: + maxLikeCount: int, signingPrivateKeyPem: str) -> str: """Shows a screen asking to confirm the deletion of a post """ if '/statuses/' not in messageId: @@ -66,7 +66,8 @@ def htmlConfirmDelete(cssCache: {}, getConfigParam(baseDir, 'instanceTitle') deletePostStr = htmlHeaderWithExternalStyle(cssFilename, instanceTitle) deletePostStr += \ - individualPostAsHtml(True, recentPostsCache, maxRecentPosts, + individualPostAsHtml(signingPrivateKeyPem, + True, recentPostsCache, maxRecentPosts, translate, pageNumber, baseDir, session, cachedWebfingers, personCache, nickname, domain, port, postJsonObject, diff --git a/webapp_frontscreen.py b/webapp_frontscreen.py index afcf3cb11..3569d76a2 100644 --- a/webapp_frontscreen.py +++ b/webapp_frontscreen.py @@ -33,7 +33,8 @@ def _htmlFrontScreenPosts(recentPostsCache: {}, maxRecentPosts: int, peertubeInstances: [], allowLocalNetworkAccess: bool, themeName: str, systemLanguage: str, - maxLikeCount: int) -> str: + maxLikeCount: int, + signingPrivateKeyPem: str) -> str: """Shows posts on the front screen of a news instance These should only be public blog posts from the features timeline which is the blog timeline of the news actor @@ -61,7 +62,8 @@ def _htmlFrontScreenPosts(recentPostsCache: {}, maxRecentPosts: int, for item in outboxFeed['orderedItems']: if item['type'] == 'Create': postStr = \ - individualPostAsHtml(True, recentPostsCache, + individualPostAsHtml(signingPrivateKeyPem, + True, recentPostsCache, maxRecentPosts, translate, None, baseDir, session, @@ -86,7 +88,8 @@ def _htmlFrontScreenPosts(recentPostsCache: {}, maxRecentPosts: int, return profileStr -def htmlFrontScreen(rssIconAtTop: bool, +def htmlFrontScreen(signingPrivateKeyPem: str, + rssIconAtTop: bool, cssCache: {}, iconsAsButtons: bool, defaultTimeline: str, recentPostsCache: {}, maxRecentPosts: int, @@ -173,7 +176,8 @@ def htmlFrontScreen(rssIconAtTop: bool, peertubeInstances, allowLocalNetworkAccess, theme, systemLanguage, - maxLikeCount) + licenseStr + maxLikeCount, + signingPrivateKeyPem) + licenseStr # Footer which is only used for system accounts profileFooterStr = ' \n' diff --git a/webapp_moderation.py b/webapp_moderation.py index 31823d8d7..16d0f684c 100644 --- a/webapp_moderation.py +++ b/webapp_moderation.py @@ -50,7 +50,8 @@ def htmlModeration(cssCache: {}, defaultTimeline: str, textModeBanner: str, accessKeys: {}, systemLanguage: str, maxLikeCount: int, - sharedItemsFederatedDomains: []) -> str: + sharedItemsFederatedDomains: [], + signingPrivateKeyPem: str) -> str: """Show the moderation feed as html This is what you see when selecting the "mod" timeline """ @@ -67,14 +68,15 @@ def htmlModeration(cssCache: {}, defaultTimeline: str, authorized, moderationActionStr, theme, peertubeInstances, allowLocalNetworkAccess, textModeBanner, accessKeys, systemLanguage, - maxLikeCount, sharedItemsFederatedDomains) + maxLikeCount, sharedItemsFederatedDomains, + signingPrivateKeyPem) def htmlAccountInfo(cssCache: {}, translate: {}, baseDir: str, httpPrefix: str, nickname: str, domain: str, port: int, searchHandle: str, debug: bool, - systemLanguage: str) -> str: + systemLanguage: str, signingPrivateKeyPem: str) -> str: """Shows which domains a search handle interacts with. This screen is shown if a moderator enters a handle and selects info on the moderation screen @@ -116,11 +118,13 @@ def htmlAccountInfo(cssCache: {}, translate: {}, baseDir, searchNickname, searchDomain, proxyType, searchPort, httpPrefix, debug, - __version__, wordFrequency, systemLanguage) + __version__, wordFrequency, systemLanguage, + signingPrivateKeyPem) # get a list of any blocked followers followersList = \ - downloadFollowCollection('followers', session, + downloadFollowCollection(signingPrivateKeyPem, + 'followers', session, httpPrefix, searchActor, 1, 5) blockedFollowers = [] for followerActor in followersList: diff --git a/webapp_post.py b/webapp_post.py index 5becbd2ef..e17300b0c 100644 --- a/webapp_post.py +++ b/webapp_post.py @@ -188,7 +188,8 @@ def _getPostFromRecentCache(session, postStartTime, pageNumber: int, recentPostsCache: {}, - maxRecentPosts: int) -> str: + maxRecentPosts: int, + signingPrivateKeyPem: str) -> str: """Attempts to get the html post from the recent posts cache in memory """ if boxName == 'tlmedia': @@ -213,7 +214,8 @@ def _getPostFromRecentCache(session, _logPostTiming(enableTimingLog, postStartTime, '2.1') - updateAvatarImageCache(session, baseDir, httpPrefix, + updateAvatarImageCache(signingPrivateKeyPem, + session, baseDir, httpPrefix, postActor, avatarUrl, personCache, allowDownloads) @@ -1095,7 +1097,8 @@ def _getFooterWithIcons(showIcons: bool, return footerStr -def individualPostAsHtml(allowDownloads: bool, +def individualPostAsHtml(signingPrivateKeyPem: str, + allowDownloads: bool, recentPostsCache: {}, maxRecentPosts: int, translate: {}, pageNumber: int, baseDir: str, @@ -1169,7 +1172,8 @@ def individualPostAsHtml(allowDownloads: bool, postStartTime, pageNumber, recentPostsCache, - maxRecentPosts) + maxRecentPosts, + signingPrivateKeyPem) if postHtml: return postHtml @@ -1179,7 +1183,8 @@ def individualPostAsHtml(allowDownloads: bool, getAvatarImageUrl(session, baseDir, httpPrefix, postActor, personCache, - avatarUrl, allowDownloads) + avatarUrl, allowDownloads, + signingPrivateKeyPem) _logPostTiming(enableTimingLog, postStartTime, '5') @@ -1193,14 +1198,16 @@ def individualPostAsHtml(allowDownloads: bool, postActorWf = \ webfingerHandle(session, postActorHandle, httpPrefix, cachedWebfingers, - domain, __version__, False, False) + domain, __version__, False, False, + signingPrivateKeyPem) avatarUrl2 = None displayName = None if postActorWf: (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, - avatarUrl2, displayName) = getPersonBox(baseDir, session, + avatarUrl2, displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, postActorWf, personCache, projectVersion, @@ -1261,7 +1268,8 @@ def individualPostAsHtml(allowDownloads: bool, allowLocalNetworkAccess, recentPostsCache, False, systemLanguage, - domainFull, personCache) + domainFull, personCache, + signingPrivateKeyPem) if not postJsonAnnounce: # if the announce could not be downloaded then mark it as rejected rejectPostId(baseDir, nickname, domain, postJsonObject['id'], @@ -1691,7 +1699,7 @@ def htmlIndividualPost(cssCache: {}, peertubeInstances: [], allowLocalNetworkAccess: bool, themeName: str, systemLanguage: str, - maxLikeCount: int) -> str: + maxLikeCount: int, signingPrivateKeyPem: str) -> str: """Show an individual post as html """ postStr = '' @@ -1723,7 +1731,8 @@ def htmlIndividualPost(cssCache: {}, postStr += followStr + '

\n' postStr += \ - individualPostAsHtml(True, recentPostsCache, maxRecentPosts, + individualPostAsHtml(signingPrivateKeyPem, + True, recentPostsCache, maxRecentPosts, translate, None, baseDir, session, cachedWebfingers, personCache, nickname, domain, port, postJsonObject, @@ -1748,7 +1757,8 @@ def htmlIndividualPost(cssCache: {}, postJsonObject = loadJson(postFilename) if postJsonObject: postStr = \ - individualPostAsHtml(True, recentPostsCache, + individualPostAsHtml(signingPrivateKeyPem, + True, recentPostsCache, maxRecentPosts, translate, None, baseDir, session, cachedWebfingers, @@ -1781,7 +1791,8 @@ def htmlIndividualPost(cssCache: {}, # add items to the html output for item in repliesJson['orderedItems']: postStr += \ - individualPostAsHtml(True, recentPostsCache, + individualPostAsHtml(signingPrivateKeyPem, + True, recentPostsCache, maxRecentPosts, translate, None, baseDir, session, cachedWebfingers, @@ -1818,14 +1829,16 @@ def htmlPostReplies(cssCache: {}, peertubeInstances: [], allowLocalNetworkAccess: bool, themeName: str, systemLanguage: str, - maxLikeCount: int) -> str: + maxLikeCount: int, + signingPrivateKeyPem: str) -> str: """Show the replies to an individual post as html """ repliesStr = '' if repliesJson.get('orderedItems'): for item in repliesJson['orderedItems']: repliesStr += \ - individualPostAsHtml(True, recentPostsCache, + individualPostAsHtml(signingPrivateKeyPem, + True, recentPostsCache, maxRecentPosts, translate, None, baseDir, session, cachedWebfingers, diff --git a/webapp_profile.py b/webapp_profile.py index 2d5005255..ac87c99c2 100644 --- a/webapp_profile.py +++ b/webapp_profile.py @@ -84,7 +84,8 @@ def htmlProfileAfterSearch(cssCache: {}, themeName: str, accessKeys: {}, systemLanguage: str, - maxLikeCount: int) -> str: + maxLikeCount: int, + signingPrivateKeyPem: str) -> str: """Show a profile page after a search for a fediverse address """ http = False @@ -94,7 +95,8 @@ def htmlProfileAfterSearch(cssCache: {}, elif httpPrefix == 'gnunet': gnunet = True profileJson, asHeader = \ - getActorJson(domain, profileHandle, http, gnunet, debug, False) + getActorJson(domain, profileHandle, http, gnunet, debug, False, + signingPrivateKeyPem) if not profileJson: return None @@ -251,7 +253,8 @@ def htmlProfileAfterSearch(cssCache: {}, '\n' userFeed = \ - parseUserFeed(session, outboxUrl, asHeader, projectVersion, + parseUserFeed(signingPrivateKeyPem, + session, outboxUrl, asHeader, projectVersion, httpPrefix, domain, debug) if userFeed: i = 0 @@ -268,7 +271,8 @@ def htmlProfileAfterSearch(cssCache: {}, continue profileStr += \ - individualPostAsHtml(True, recentPostsCache, maxRecentPosts, + individualPostAsHtml(signingPrivateKeyPem, + True, recentPostsCache, maxRecentPosts, translate, None, baseDir, session, cachedWebfingers, personCache, nickname, domain, port, @@ -466,7 +470,8 @@ def _getProfileHeaderAfterSearch(baseDir: str, return htmlStr -def htmlProfile(rssIconAtTop: bool, +def htmlProfile(signingPrivateKeyPem: str, + rssIconAtTop: bool, cssCache: {}, iconsAsButtons: bool, defaultTimeline: str, recentPostsCache: {}, maxRecentPosts: int, @@ -491,7 +496,8 @@ def htmlProfile(rssIconAtTop: bool, if not nickname: return "" if isSystemAccount(nickname): - return htmlFrontScreen(rssIconAtTop, + return htmlFrontScreen(signingPrivateKeyPem, + rssIconAtTop, cssCache, iconsAsButtons, defaultTimeline, recentPostsCache, maxRecentPosts, @@ -851,7 +857,8 @@ def htmlProfile(rssIconAtTop: bool, peertubeInstances, allowLocalNetworkAccess, theme, systemLanguage, - maxLikeCount) + licenseStr + maxLikeCount, + signingPrivateKeyPem) + licenseStr elif selected == 'following': profileStr += \ _htmlProfileFollowing(translate, baseDir, httpPrefix, @@ -860,7 +867,7 @@ def htmlProfile(rssIconAtTop: bool, cachedWebfingers, personCache, extraJson, projectVersion, ["unfollow"], selected, usersPath, pageNumber, maxItemsPerPage, - dormantMonths, debug) + dormantMonths, debug, signingPrivateKeyPem) elif selected == 'followers': profileStr += \ _htmlProfileFollowing(translate, baseDir, httpPrefix, @@ -869,7 +876,8 @@ def htmlProfile(rssIconAtTop: bool, cachedWebfingers, personCache, extraJson, projectVersion, ["block"], selected, usersPath, pageNumber, - maxItemsPerPage, dormantMonths, debug) + maxItemsPerPage, dormantMonths, debug, + signingPrivateKeyPem) elif selected == 'roles': profileStr += \ _htmlProfileRoles(translate, nickname, domainFull, @@ -911,7 +919,8 @@ def _htmlProfilePosts(recentPostsCache: {}, maxRecentPosts: int, peertubeInstances: [], allowLocalNetworkAccess: bool, themeName: str, systemLanguage: str, - maxLikeCount: int) -> str: + maxLikeCount: int, + signingPrivateKeyPem: str) -> str: """Shows posts on the profile screen These should only be public posts """ @@ -939,7 +948,8 @@ def _htmlProfilePosts(recentPostsCache: {}, maxRecentPosts: int, for item in outboxFeed['orderedItems']: if item['type'] == 'Create': postStr = \ - individualPostAsHtml(True, recentPostsCache, + individualPostAsHtml(signingPrivateKeyPem, + True, recentPostsCache, maxRecentPosts, translate, None, baseDir, session, cachedWebfingers, @@ -972,7 +982,8 @@ def _htmlProfileFollowing(translate: {}, baseDir: str, httpPrefix: str, feedName: str, actor: str, pageNumber: int, maxItemsPerPage: int, - dormantMonths: int, debug: bool) -> str: + dormantMonths: int, debug: bool, + signingPrivateKeyPem: str) -> str: """Shows following on the profile screen """ profileStr = '' @@ -999,7 +1010,8 @@ def _htmlProfileFollowing(translate: {}, baseDir: str, httpPrefix: str, dormantMonths) profileStr += \ - _individualFollowAsHtml(translate, baseDir, session, + _individualFollowAsHtml(signingPrivateKeyPem, + translate, baseDir, session, cachedWebfingers, personCache, domain, followingActor, authorized, nickname, @@ -2068,7 +2080,8 @@ def htmlEditProfile(cssCache: {}, translate: {}, baseDir: str, path: str, return editProfileForm -def _individualFollowAsHtml(translate: {}, +def _individualFollowAsHtml(signingPrivateKeyPem: str, + translate: {}, baseDir: str, session, cachedWebfingers: {}, personCache: {}, domain: str, @@ -2095,11 +2108,13 @@ def _individualFollowAsHtml(translate: {}, followUrlWf = \ webfingerHandle(session, followUrlHandle, httpPrefix, cachedWebfingers, - domain, __version__, debug, False) + domain, __version__, debug, False, + signingPrivateKeyPem) (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox, - avatarUrl2, displayName) = getPersonBox(baseDir, session, + avatarUrl2, displayName) = getPersonBox(signingPrivateKeyPem, + baseDir, session, followUrlWf, personCache, projectVersion, httpPrefix, followUrlNickname, diff --git a/webapp_search.py b/webapp_search.py index 2ed8d497f..9ec76b1af 100644 --- a/webapp_search.py +++ b/webapp_search.py @@ -575,7 +575,8 @@ def htmlHistorySearch(cssCache: {}, translate: {}, baseDir: str, allowLocalNetworkAccess: bool, themeName: str, boxName: str, systemLanguage: str, - maxLikeCount: int) -> str: + maxLikeCount: int, + signingPrivateKeyPem: str) -> str: """Show a page containing search results for your post history """ if historysearch.startswith("'"): @@ -641,7 +642,8 @@ def htmlHistorySearch(cssCache: {}, translate: {}, baseDir: str, showIndividualPostIcons = True allowDeletion = False postStr = \ - individualPostAsHtml(True, recentPostsCache, + individualPostAsHtml(signingPrivateKeyPem, + True, recentPostsCache, maxRecentPosts, translate, None, baseDir, session, cachedWebfingers, @@ -680,7 +682,8 @@ def htmlHashtagSearch(cssCache: {}, peertubeInstances: [], allowLocalNetworkAccess: bool, themeName: str, systemLanguage: str, - maxLikeCount: int) -> str: + maxLikeCount: int, + signingPrivateKeyPem: str) -> str: """Show a page containing search results for a hashtag or after selecting a hashtag from the swarm """ @@ -816,7 +819,8 @@ def htmlHashtagSearch(cssCache: {}, avatarUrl = None showAvatarOptions = True postStr = \ - individualPostAsHtml(allowDownloads, recentPostsCache, + individualPostAsHtml(signingPrivateKeyPem, + allowDownloads, recentPostsCache, maxRecentPosts, translate, None, baseDir, session, cachedWebfingers, diff --git a/webapp_timeline.py b/webapp_timeline.py index cfd470dce..2bac74ea6 100644 --- a/webapp_timeline.py +++ b/webapp_timeline.py @@ -423,7 +423,8 @@ def htmlTimeline(cssCache: {}, defaultTimeline: str, textModeBanner: str, accessKeys: {}, systemLanguage: str, maxLikeCount: int, - sharedItemsFederatedDomains: []) -> str: + sharedItemsFederatedDomains: [], + signingPrivateKeyPem: str) -> str: """Show the timeline as html """ enableTimingLog = False @@ -854,7 +855,8 @@ def htmlTimeline(cssCache: {}, defaultTimeline: str, # read the post from disk currTlStr = \ - individualPostAsHtml(False, recentPostsCache, + individualPostAsHtml(signingPrivateKeyPem, + False, recentPostsCache, maxRecentPosts, translate, pageNumber, baseDir, session, @@ -1079,7 +1081,8 @@ def htmlShares(cssCache: {}, defaultTimeline: str, textModeBanner: str, accessKeys: {}, systemLanguage: str, maxLikeCount: int, - sharedItemsFederatedDomains: []) -> str: + sharedItemsFederatedDomains: [], + signingPrivateKeyPem: str) -> str: """Show the shares timeline as html """ manuallyApproveFollowers = \ @@ -1102,7 +1105,7 @@ def htmlShares(cssCache: {}, defaultTimeline: str, authorized, None, theme, peertubeInstances, allowLocalNetworkAccess, textModeBanner, accessKeys, systemLanguage, maxLikeCount, - sharedItemsFederatedDomains) + sharedItemsFederatedDomains, signingPrivateKeyPem) def htmlWanted(cssCache: {}, defaultTimeline: str, @@ -1127,7 +1130,8 @@ def htmlWanted(cssCache: {}, defaultTimeline: str, textModeBanner: str, accessKeys: {}, systemLanguage: str, maxLikeCount: int, - sharedItemsFederatedDomains: []) -> str: + sharedItemsFederatedDomains: [], + signingPrivateKeyPem: str) -> str: """Show the wanted timeline as html """ manuallyApproveFollowers = \ @@ -1150,7 +1154,7 @@ def htmlWanted(cssCache: {}, defaultTimeline: str, authorized, None, theme, peertubeInstances, allowLocalNetworkAccess, textModeBanner, accessKeys, systemLanguage, maxLikeCount, - sharedItemsFederatedDomains) + sharedItemsFederatedDomains, signingPrivateKeyPem) def htmlInbox(cssCache: {}, defaultTimeline: str, @@ -1175,7 +1179,8 @@ def htmlInbox(cssCache: {}, defaultTimeline: str, textModeBanner: str, accessKeys: {}, systemLanguage: str, maxLikeCount: int, - sharedItemsFederatedDomains: []) -> str: + sharedItemsFederatedDomains: [], + signingPrivateKeyPem: str) -> str: """Show the inbox as html """ manuallyApproveFollowers = \ @@ -1198,7 +1203,7 @@ def htmlInbox(cssCache: {}, defaultTimeline: str, authorized, None, theme, peertubeInstances, allowLocalNetworkAccess, textModeBanner, accessKeys, systemLanguage, maxLikeCount, - sharedItemsFederatedDomains) + sharedItemsFederatedDomains, signingPrivateKeyPem) def htmlBookmarks(cssCache: {}, defaultTimeline: str, @@ -1223,7 +1228,8 @@ def htmlBookmarks(cssCache: {}, defaultTimeline: str, textModeBanner: str, accessKeys: {}, systemLanguage: str, maxLikeCount: int, - sharedItemsFederatedDomains: []) -> str: + sharedItemsFederatedDomains: [], + signingPrivateKeyPem: str) -> str: """Show the bookmarks as html """ manuallyApproveFollowers = \ @@ -1246,7 +1252,7 @@ def htmlBookmarks(cssCache: {}, defaultTimeline: str, authorized, None, theme, peertubeInstances, allowLocalNetworkAccess, textModeBanner, accessKeys, systemLanguage, maxLikeCount, - sharedItemsFederatedDomains) + sharedItemsFederatedDomains, signingPrivateKeyPem) def htmlInboxDMs(cssCache: {}, defaultTimeline: str, @@ -1271,7 +1277,8 @@ def htmlInboxDMs(cssCache: {}, defaultTimeline: str, textModeBanner: str, accessKeys: {}, systemLanguage: str, maxLikeCount: int, - sharedItemsFederatedDomains: []) -> str: + sharedItemsFederatedDomains: [], + signingPrivateKeyPem: str) -> str: """Show the DM timeline as html """ return htmlTimeline(cssCache, defaultTimeline, @@ -1289,7 +1296,7 @@ def htmlInboxDMs(cssCache: {}, defaultTimeline: str, authorized, None, theme, peertubeInstances, allowLocalNetworkAccess, textModeBanner, accessKeys, systemLanguage, maxLikeCount, - sharedItemsFederatedDomains) + sharedItemsFederatedDomains, signingPrivateKeyPem) def htmlInboxReplies(cssCache: {}, defaultTimeline: str, @@ -1314,7 +1321,8 @@ def htmlInboxReplies(cssCache: {}, defaultTimeline: str, textModeBanner: str, accessKeys: {}, systemLanguage: str, maxLikeCount: int, - sharedItemsFederatedDomains: []) -> str: + sharedItemsFederatedDomains: [], + signingPrivateKeyPem: str) -> str: """Show the replies timeline as html """ return htmlTimeline(cssCache, defaultTimeline, @@ -1333,7 +1341,7 @@ def htmlInboxReplies(cssCache: {}, defaultTimeline: str, authorized, None, theme, peertubeInstances, allowLocalNetworkAccess, textModeBanner, accessKeys, systemLanguage, maxLikeCount, - sharedItemsFederatedDomains) + sharedItemsFederatedDomains, signingPrivateKeyPem) def htmlInboxMedia(cssCache: {}, defaultTimeline: str, @@ -1358,7 +1366,8 @@ def htmlInboxMedia(cssCache: {}, defaultTimeline: str, textModeBanner: str, accessKeys: {}, systemLanguage: str, maxLikeCount: int, - sharedItemsFederatedDomains: []) -> str: + sharedItemsFederatedDomains: [], + signingPrivateKeyPem: str) -> str: """Show the media timeline as html """ return htmlTimeline(cssCache, defaultTimeline, @@ -1377,7 +1386,7 @@ def htmlInboxMedia(cssCache: {}, defaultTimeline: str, authorized, None, theme, peertubeInstances, allowLocalNetworkAccess, textModeBanner, accessKeys, systemLanguage, maxLikeCount, - sharedItemsFederatedDomains) + sharedItemsFederatedDomains, signingPrivateKeyPem) def htmlInboxBlogs(cssCache: {}, defaultTimeline: str, @@ -1402,7 +1411,8 @@ def htmlInboxBlogs(cssCache: {}, defaultTimeline: str, textModeBanner: str, accessKeys: {}, systemLanguage: str, maxLikeCount: int, - sharedItemsFederatedDomains: []) -> str: + sharedItemsFederatedDomains: [], + signingPrivateKeyPem: str) -> str: """Show the blogs timeline as html """ return htmlTimeline(cssCache, defaultTimeline, @@ -1421,7 +1431,7 @@ def htmlInboxBlogs(cssCache: {}, defaultTimeline: str, authorized, None, theme, peertubeInstances, allowLocalNetworkAccess, textModeBanner, accessKeys, systemLanguage, maxLikeCount, - sharedItemsFederatedDomains) + sharedItemsFederatedDomains, signingPrivateKeyPem) def htmlInboxFeatures(cssCache: {}, defaultTimeline: str, @@ -1447,7 +1457,8 @@ def htmlInboxFeatures(cssCache: {}, defaultTimeline: str, textModeBanner: str, accessKeys: {}, systemLanguage: str, maxLikeCount: int, - sharedItemsFederatedDomains: []) -> str: + sharedItemsFederatedDomains: [], + signingPrivateKeyPem: str) -> str: """Show the features timeline as html """ return htmlTimeline(cssCache, defaultTimeline, @@ -1466,7 +1477,7 @@ def htmlInboxFeatures(cssCache: {}, defaultTimeline: str, authorized, None, theme, peertubeInstances, allowLocalNetworkAccess, textModeBanner, accessKeys, systemLanguage, maxLikeCount, - sharedItemsFederatedDomains) + sharedItemsFederatedDomains, signingPrivateKeyPem) def htmlInboxNews(cssCache: {}, defaultTimeline: str, @@ -1491,7 +1502,8 @@ def htmlInboxNews(cssCache: {}, defaultTimeline: str, textModeBanner: str, accessKeys: {}, systemLanguage: str, maxLikeCount: int, - sharedItemsFederatedDomains: []) -> str: + sharedItemsFederatedDomains: [], + signingPrivateKeyPem: str) -> str: """Show the news timeline as html """ return htmlTimeline(cssCache, defaultTimeline, @@ -1510,7 +1522,7 @@ def htmlInboxNews(cssCache: {}, defaultTimeline: str, authorized, None, theme, peertubeInstances, allowLocalNetworkAccess, textModeBanner, accessKeys, systemLanguage, maxLikeCount, - sharedItemsFederatedDomains) + sharedItemsFederatedDomains, signingPrivateKeyPem) def htmlOutbox(cssCache: {}, defaultTimeline: str, @@ -1535,7 +1547,8 @@ def htmlOutbox(cssCache: {}, defaultTimeline: str, textModeBanner: str, accessKeys: {}, systemLanguage: str, maxLikeCount: int, - sharedItemsFederatedDomains: []) -> str: + sharedItemsFederatedDomains: [], + signingPrivateKeyPem: str) -> str: """Show the Outbox as html """ manuallyApproveFollowers = \ @@ -1555,4 +1568,4 @@ def htmlOutbox(cssCache: {}, defaultTimeline: str, authorized, None, theme, peertubeInstances, allowLocalNetworkAccess, textModeBanner, accessKeys, systemLanguage, maxLikeCount, - sharedItemsFederatedDomains) + sharedItemsFederatedDomains, signingPrivateKeyPem) diff --git a/webapp_utils.py b/webapp_utils.py index e3bbe47e6..3bb07355d 100644 --- a/webapp_utils.py +++ b/webapp_utils.py @@ -232,7 +232,8 @@ def setBlogAddress(actorJson: {}, blogAddress: str) -> None: _setActorPropertyUrl(actorJson, 'Blog', removeHtml(blogAddress)) -def updateAvatarImageCache(session, baseDir: str, httpPrefix: str, +def updateAvatarImageCache(signingPrivateKeyPem: str, + session, baseDir: str, httpPrefix: str, actor: str, avatarUrl: str, personCache: {}, allowDownloads: bool, force: bool = False, debug: bool = False) -> str: @@ -299,7 +300,7 @@ def updateAvatarImageCache(session, baseDir: str, httpPrefix: str, 'Accept': 'application/ld+json; profile="' + prof + '"' } personJson = \ - getJson(session, actor, sessionHeaders, None, + getJson(signingPrivateKeyPem, session, actor, sessionHeaders, None, debug, __version__, httpPrefix, None) if personJson: if not personJson.get('id'): @@ -1113,7 +1114,8 @@ def htmlHighlightLabel(label: str, highlight: bool) -> str: def getAvatarImageUrl(session, baseDir: str, httpPrefix: str, postActor: str, personCache: {}, - avatarUrl: str, allowDownloads: bool) -> str: + avatarUrl: str, allowDownloads: bool, + signingPrivateKeyPem: str) -> str: """Returns the avatar image url """ # get the avatar image url for the post actor @@ -1122,11 +1124,13 @@ def getAvatarImageUrl(session, getPersonAvatarUrl(baseDir, postActor, personCache, allowDownloads) avatarUrl = \ - updateAvatarImageCache(session, baseDir, httpPrefix, + updateAvatarImageCache(signingPrivateKeyPem, + session, baseDir, httpPrefix, postActor, avatarUrl, personCache, allowDownloads) else: - updateAvatarImageCache(session, baseDir, httpPrefix, + updateAvatarImageCache(signingPrivateKeyPem, + session, baseDir, httpPrefix, postActor, avatarUrl, personCache, allowDownloads) diff --git a/webfinger.py b/webfinger.py index a562f24ad..cbe948122 100644 --- a/webfinger.py +++ b/webfinger.py @@ -63,7 +63,8 @@ def _parseHandle(handle: str) -> (str, str, bool): def webfingerHandle(session, handle: str, httpPrefix: str, cachedWebfingers: {}, fromDomain: str, projectVersion: str, - debug: bool, groupAccount: bool) -> {}: + debug: bool, groupAccount: bool, + signingPrivateKeyPem: str) -> {}: """Gets webfinger result for the given ActivityPub handle """ if not session: @@ -98,9 +99,8 @@ def webfingerHandle(session, handle: str, httpPrefix: str, } try: result = \ - getJson(session, url, hdr, par, - debug, projectVersion, - httpPrefix, fromDomain) + getJson(signingPrivateKeyPem, session, url, hdr, par, + debug, projectVersion, httpPrefix, fromDomain) except Exception as e: print('ERROR: webfingerHandle ' + str(e)) return None