Function for url cross-verification

epicyon.py

@@ -48,6 +48,7 @@ from session import create_session
 from session import get_json
 from session import get_vcard
 from session import download_html
+from session import verify_html
 from session import download_ssml
 from newswire import get_rss
 from filters import add_filter
@@ -373,6 +374,9 @@ def _command_options() -> None:
                         help='Show the SSML for a given activitypub url')
     parser.add_argument('--htmlpost', dest='htmlpost', type=str, default=None,
                         help='Show the html for a given activitypub url')
+    parser.add_argument('--verifyurl', dest='verifyurl', type=str,
+                        default=None,
+                        help='Verify an identity using the given url')
     parser.add_argument('--rss', dest='rss', type=str, default=None,
                         help='Show an rss feed for a given url')
     parser.add_argument('-f', '--federate', nargs='+', dest='federation_list',
@@ -1159,6 +1163,36 @@ def _command_options() -> None:
             print(test_html)
         sys.exit()
 
+    if argb.verifyurl:
+        if not argb.nickname:
+            print('You must specify a nickname for the handle ' +
+                  'to be verified nickname@domain using the ' +
+                  '--nickname option')
+            sys.exit()
+        profile_str = 'https://www.w3.org/ns/activitystreams'
+        as_header = {
+            'Accept': 'text/html; profile="' + profile_str + '"'
+        }
+        if not argb.domain:
+            argb.domain = get_config_param(base_dir, 'domain')
+        domain = ''
+        if argb.domain:
+            domain = argb.domain
+        if not domain:
+            print('You must specify a domain for the handle ' +
+                  'to be verified nickname@domain using the ' +
+                  '--domain option')
+            sys.exit()
+        session = create_session(None)
+        verified = \
+            verify_html(session, argb.verifyurl, debug, __version__,
+                        http_prefix, argb.nickname, domain)
+        if verified:
+            print('Verified')
+            sys.exit()
+        print('Verification failed')
+        sys.exit()
+
     # create cache for actors
     if not os.path.isdir(base_dir + '/cache'):
         os.mkdir(base_dir + '/cache')

session.py

@@ -372,6 +372,43 @@ def download_html(signing_priv_key_pem: str,
                              None, quiet, debug, False)
 
 
+def verify_html(session, url: str, debug: bool,
+                version: str, http_prefix: str, nickname: str, domain: str,
+                timeout_sec: int = 20, quiet: bool = False) -> bool:
+    """Verify that the handle for nickname@domain exists within the
+    given url
+    """
+    as_header = {
+        'Accept': 'text/html'
+    }
+    verification_site_html = \
+        download_html(None, session, url,
+                      as_header, None, debug, __version__,
+                      http_prefix, domain, timeout_sec, quiet)
+    if not verification_site_html:
+        if debug:
+            print('Verification site could not be contacted ' +
+                  url)
+        return False
+    verification_site_html = verification_site_html.decode()
+    actor_links = [
+        domain + '/@' + nickname,
+        domain + '/users/' + nickname
+    ]
+    for actor in actor_links:
+        if domain.endswith('.onion') or domain.endswith('.i2p'):
+            actor = 'http://' + actor
+        else:
+            actor = http_prefix + '://' + actor
+        link_str = ' rel="me" href="' + actor + '"'
+        if link_str in verification_site_html:
+            return True
+        link_str = ' href="' + actor + '" rel="me"'
+        if link_str in verification_site_html:
+            return True
+    return False
+
+
 def download_ssml(signing_priv_key_pem: str,
                   session, url: str, headers: {}, params: {}, debug: bool,
                   version: str, http_prefix: str, domain: str,