diff --git a/daemon.py b/daemon.py index 83a26e29..32693fd4 100644 --- a/daemon.py +++ b/daemon.py @@ -91,10 +91,12 @@ class PubServer(BaseHTTPRequestHandler): self.send_header('WWW-Authenticate', 'title="Login to Epicyon", Basic realm="epicyon"') self.end_headers() - def _set_headers(self,fileFormat: str) -> None: + def _set_headers(self,fileFormat: str,authHeader: str) -> None: self.send_response(200) self.send_header('Content-type', fileFormat) self.send_header('Host', self.server.domainFull) + if authHeader: + self.send_header('Authorization', authHeader) self.end_headers() def _404(self) -> None: @@ -103,7 +105,7 @@ class PubServer(BaseHTTPRequestHandler): self.end_headers() self.wfile.write("

404 Not Found

".encode('utf-8')) - def _webfinger(self) -> bool: + def _webfinger(self,authHeader: str) -> bool: if not self.path.startswith('/.well-known'): return False if self.server.debug: @@ -114,7 +116,7 @@ class PubServer(BaseHTTPRequestHandler): if self.path.startswith('/.well-known/host-meta'): wfResult=webfingerMeta() if wfResult: - self._set_headers('application/xrd+xml') + self._set_headers('application/xrd+xml',authHeader) self.wfile.write(wfResult.encode('utf-8')) return @@ -122,7 +124,7 @@ class PubServer(BaseHTTPRequestHandler): print('DEBUG: WEBFINGER lookup '+self.path+' '+str(self.server.baseDir)) wfResult=webfingerLookup(self.path,self.server.baseDir,self.server.port,self.server.debug) if wfResult: - self._set_headers('application/jrd+json') + self._set_headers('application/jrd+json',authHeader) self.wfile.write(json.dumps(wfResult).encode('utf-8')) else: if self.server.debug: @@ -348,18 +350,30 @@ class PubServer(BaseHTTPRequestHandler): return True return False - def do_GET(self): + def do_GET(self): if self.server.debug: print('DEBUG: GET from '+self.server.baseDir+ \ ' path: '+self.path+' busy: '+ \ str(self.server.GETbusy)) + + # get the auth header as a local variable + authHeader=None + authorized = self._isAuthorized() + if authorized: + authHeader=self.headers['Authorization'] + if self.server.debug: + print('Authorized') + else: + if self.server.debug: + print('Not authorized') + # get css # Note that this comes before the busy flag to avoid conflicts if self.path.endswith('.css'): if os.path.isfile('epicyon-profile.css'): with open('epicyon-profile.css', 'r') as cssfile: css = cssfile.read() - self._set_headers('text/css') + self._set_headers('text/css',authHeader) self.wfile.write(css.encode('utf-8')) return # image on login screen @@ -367,7 +381,7 @@ class PubServer(BaseHTTPRequestHandler): mediaFilename= \ self.server.baseDir+'/accounts/login.png' if os.path.isfile(mediaFilename): - self._set_headers('image/png') + self._set_headers('image/png',authHeader) with open(mediaFilename, 'rb') as avFile: mediaBinary = avFile.read() self.wfile.write(mediaBinary) @@ -383,11 +397,11 @@ class PubServer(BaseHTTPRequestHandler): self.server.baseDir+'/media/'+mediaStr if os.path.isfile(mediaFilename): if mediaFilename.endswith('.png'): - self._set_headers('image/png') + self._set_headers('image/png',authHeader) elif mediaFilename.endswith('.jpg'): - self._set_headers('image/jpeg') + self._set_headers('image/jpeg',authHeader) else: - self._set_headers('image/gif') + self._set_headers('image/gif',authHeader) with open(mediaFilename, 'rb') as avFile: mediaBinary = avFile.read() self.wfile.write(mediaBinary) @@ -405,11 +419,11 @@ class PubServer(BaseHTTPRequestHandler): self.server.baseDir+'/sharefiles/'+mediaStr if os.path.isfile(mediaFilename): if mediaFilename.endswith('.png'): - self._set_headers('image/png') + self._set_headers('image/png',authHeader) elif mediaFilename.endswith('.jpg'): - self._set_headers('image/jpeg') + self._set_headers('image/jpeg',authHeader) else: - self._set_headers('image/gif') + self._set_headers('image/gif',authHeader) with open(mediaFilename, 'rb') as avFile: mediaBinary = avFile.read() self.wfile.write(mediaBinary) @@ -432,11 +446,11 @@ class PubServer(BaseHTTPRequestHandler): self.server.domain+'/'+avatarFile if os.path.isfile(avatarFilename): if avatarFile.endswith('.png'): - self._set_headers('image/png') + self._set_headers('image/png',authHeader) elif avatarFile.endswith('.jpg'): - self._set_headers('image/jpeg') + self._set_headers('image/jpeg',authHeader) else: - self._set_headers('image/gif') + self._set_headers('image/gif',authHeader) with open(avatarFilename, 'rb') as avFile: avBinary = avFile.read() self.wfile.write(avBinary) @@ -451,6 +465,8 @@ class PubServer(BaseHTTPRequestHandler): if self.server.debug: print('DEBUG: GET Busy') self.send_response(429) + if authorized: + self.send_header('Authorization', authHeader) self.end_headers() return self.server.lastGET=currTimeGET @@ -463,7 +479,7 @@ class PubServer(BaseHTTPRequestHandler): self.server.GETbusy=False return # get webfinger endpoint for a person - if self._webfinger(): + if self._webfinger(authHeader): self.server.GETbusy=False return @@ -498,14 +514,18 @@ class PubServer(BaseHTTPRequestHandler): postJsonObject=commentjson.load(fp) # Only authorized viewers get to see likes on posts # Otherwize marketers could gain more social graph info - if not self._isAuthorized(): + if not authorized: if postJsonObject.get('likes'): postJsonObject['likes']={} if 'text/html' in self.headers['Accept']: - self._set_headers('text/html') + self._set_headers('text/html',authHeader) + if authorized: + self.send_header('Authorization', authHeader) self.wfile.write(htmlIndividualPost(postJsonObject).encode('utf-8')) else: - self._set_headers('application/json') + self._set_headers('application/json',authHeader) + if authorized: + self.send_header('Authorization', authHeader) self.wfile.write(json.dumps(postJsonObject).encode('utf-8')) self.server.GETbusy=False return @@ -543,10 +563,10 @@ class PubServer(BaseHTTPRequestHandler): 'totalItems': 0, 'type': 'OrderedCollection'} if 'text/html' in self.headers['Accept']: - self._set_headers('text/html') + self._set_headers('text/html',authHeader) self.wfile.write(htmlPostReplies(repliesJson).encode('utf-8')) else: - self._set_headers('application/json') + self._set_headers('application/json',authHeader) self.wfile.write(json.dumps(repliesJson).encode('utf-8')) self.server.GETbusy=False return @@ -559,8 +579,7 @@ class PubServer(BaseHTTPRequestHandler): ], 'partOf': self.server.httpPrefix+'://'+domainFull+'/users/'+nickname+'/statuses/'+statusNumber, 'type': 'OrderedCollectionPage'} - # some messages could be private, so check authorization state - authorized=self._isAuthorized() + # populate the items list with replies repliesBoxes=['outbox','inbox'] with open(postRepliesFilename,'r') as repliesFile: @@ -615,10 +634,10 @@ class PubServer(BaseHTTPRequestHandler): repliesJson['orderedItems'].append(postJsonObject) # send the replies json if 'text/html' in self.headers['Accept']: - self._set_headers('text/html') + self._set_headers('text/html',authHeader) self.wfile.write(htmlPostReplies(repliesJson).encode('utf-8')) else: - self._set_headers('application/json') + self._set_headers('application/json',authHeader) self.wfile.write(json.dumps(repliesJson).encode('utf-8')) self.server.GETbusy=False return @@ -638,7 +657,7 @@ class PubServer(BaseHTTPRequestHandler): personLookup(self.server.domain,self.path.replace('/roles',''), \ self.server.baseDir) if getPerson: - self._set_headers('text/html') + self._set_headers('text/html',authHeader) self.wfile.write(htmlProfile(self.server.baseDir, \ self.server.httpPrefix, \ True, \ @@ -649,7 +668,7 @@ class PubServer(BaseHTTPRequestHandler): self.server.personCache, \ actorJson['roles']).encode('utf-8')) else: - self._set_headers('application/json') + self._set_headers('application/json',authHeader) self.wfile.write(json.dumps(actorJson['roles']).encode('utf-8')) self.server.GETbusy=False return @@ -669,7 +688,7 @@ class PubServer(BaseHTTPRequestHandler): personLookup(self.server.domain,self.path.replace('/skills',''), \ self.server.baseDir) if getPerson: - self._set_headers('text/html') + self._set_headers('text/html',authHeader) self.wfile.write(htmlProfile(self.server.baseDir, \ self.server.httpPrefix, \ True, \ @@ -680,7 +699,7 @@ class PubServer(BaseHTTPRequestHandler): self.server.personCache, \ actorJson['skills']).encode('utf-8')) else: - self._set_headers('application/json') + self._set_headers('application/json',authHeader) self.wfile.write(json.dumps(actorJson['skills']).encode('utf-8')) self.server.GETbusy=False return @@ -706,14 +725,14 @@ class PubServer(BaseHTTPRequestHandler): postJsonObject=commentjson.load(fp) # Only authorized viewers get to see likes on posts # Otherwize marketers could gain more social graph info - if not self._isAuthorized(): + if not authorized: if postJsonObject.get('likes'): postJsonObject['likes']={} if 'text/html' in self.headers['Accept']: - self._set_headers('text/html') + self._set_headers('text/html',authHeader) self.wfile.write(htmlIndividualPost(postJsonObject).encode('utf-8')) else: - self._set_headers('application/json') + self._set_headers('application/json',authHeader) self.wfile.write(json.dumps(postJsonObject).encode('utf-8')) self.server.GETbusy=False return @@ -724,7 +743,7 @@ class PubServer(BaseHTTPRequestHandler): # get the inbox for a given person if self.path.endswith('/inbox'): if '/users/' in self.path: - if self._isAuthorized(): + if authorized: inboxFeed=personBoxJson(self.server.baseDir, \ self.server.domain, \ self.server.port, \ @@ -746,7 +765,7 @@ class PubServer(BaseHTTPRequestHandler): self.server.httpPrefix, \ maxPostsInFeed, 'inbox', \ True,self.server.ocapAlways) - self._set_headers('text/html') + self._set_headers('text/html',authHeader) self.wfile.write(htmlInbox(self.server.session, \ self.server.baseDir, \ self.server.cachedWebfingers, \ @@ -755,7 +774,7 @@ class PubServer(BaseHTTPRequestHandler): self.server.domain, \ inboxFeed).encode('utf-8')) else: - self._set_headers('application/json') + self._set_headers('application/json',authHeader) self.wfile.write(json.dumps(inboxFeed).encode('utf-8')) self.server.GETbusy=False return @@ -775,7 +794,7 @@ class PubServer(BaseHTTPRequestHandler): self.server.port,self.path, \ self.server.httpPrefix, \ maxPostsInFeed, 'outbox', \ - self._isAuthorized(), \ + authorized, \ self.server.ocapAlways) if outboxFeed: if 'text/html' in self.headers['Accept']: @@ -788,10 +807,10 @@ class PubServer(BaseHTTPRequestHandler): self.server.port,self.path+'?page=1', \ self.server.httpPrefix, \ maxPostsInFeed, 'outbox', \ - self._isAuthorized(), \ + authorized, \ self.server.ocapAlways) - self._set_headers('text/html') + self._set_headers('text/html',authHeader) self.wfile.write(htmlOutbox(self.server.session, \ self.server.baseDir, \ self.server.cachedWebfingers, \ @@ -800,11 +819,10 @@ class PubServer(BaseHTTPRequestHandler): self.server.domain, \ outboxFeed).encode('utf-8')) else: - self._set_headers('application/json') + self._set_headers('application/json',authHeader) self.wfile.write(json.dumps(outboxFeed).encode('utf-8')) self.server.GETbusy=False return - authorized=self._isAuthorized() shares=getSharesFeedForPerson(self.server.baseDir, \ self.server.domain, \ @@ -828,7 +846,7 @@ class PubServer(BaseHTTPRequestHandler): self.server.session= \ createSession(self.server.domain,self.server.port,self.server.useTor) - self._set_headers('text/html') + self._set_headers('text/html',authHeader) self.wfile.write(htmlProfile(self.server.baseDir, \ self.server.httpPrefix, \ authorized, \ @@ -841,7 +859,7 @@ class PubServer(BaseHTTPRequestHandler): self.server.GETbusy=False return else: - self._set_headers('application/json') + self._set_headers('application/json',authHeader) self.wfile.write(json.dumps(shares).encode('utf-8')) self.server.GETbusy=False return @@ -867,7 +885,7 @@ class PubServer(BaseHTTPRequestHandler): self.server.session= \ createSession(self.server.domain,self.server.port,self.server.useTor) - self._set_headers('text/html') + self._set_headers('text/html',authHeader) self.wfile.write(htmlProfile(self.server.baseDir, \ self.server.httpPrefix, \ authorized, \ @@ -880,7 +898,7 @@ class PubServer(BaseHTTPRequestHandler): self.server.GETbusy=False return else: - self._set_headers('application/json') + self._set_headers('application/json',authHeader) self.wfile.write(json.dumps(following).encode('utf-8')) self.server.GETbusy=False return @@ -904,7 +922,7 @@ class PubServer(BaseHTTPRequestHandler): print('DEBUG: creating new session') self.server.session= \ createSession(self.server.domain,self.server.port,self.server.useTor) - self._set_headers('text/html') + self._set_headers('text/html',authheader) self.wfile.write(htmlProfile(self.server.baseDir, \ self.server.httpPrefix, \ authorized, \ @@ -917,7 +935,7 @@ class PubServer(BaseHTTPRequestHandler): self.server.GETbusy=False return else: - self._set_headers('application/json') + self._set_headers('application/json',authHeader) self.wfile.write(json.dumps(followers).encode('utf-8')) self.server.GETbusy=False return @@ -931,7 +949,7 @@ class PubServer(BaseHTTPRequestHandler): print('DEBUG: creating new session') self.server.session= \ createSession(self.server.domain,self.server.port,self.server.useTor) - self._set_headers('text/html') + self._set_headers('text/html',authHeader) self.wfile.write(htmlProfile(self.server.baseDir, \ self.server.httpPrefix, \ authorized, \ @@ -941,7 +959,7 @@ class PubServer(BaseHTTPRequestHandler): self.server.cachedWebfingers, \ self.server.personCache).encode('utf-8')) else: - self._set_headers('application/json') + self._set_headers('application/json',authHeader) self.wfile.write(json.dumps(getPerson).encode('utf-8')) self.server.GETbusy=False return @@ -955,7 +973,7 @@ class PubServer(BaseHTTPRequestHandler): # check that the file exists filename=self.server.baseDir+self.path if os.path.isfile(filename): - self._set_headers('application/json') + self._set_headers('application/json',authHeader) with open(filename, 'r', encoding='utf-8') as File: content = File.read() contentJson=json.loads(content) @@ -967,7 +985,7 @@ class PubServer(BaseHTTPRequestHandler): self.server.GETbusy=False def do_HEAD(self): - self._set_headers('application/json') + self._set_headers('application/json',None) def do_POST(self): if self.server.debug: