inbox functions

2019-06-28 22:59:54 +01:00 · 2019-06-28 22:59:54 +01:00 · c8ff8d3f33
parent c82f6c7f49
commit c8ff8d3f33
2 changed files with 48 additions and 33 deletions
--- a/daemon.py
+++ b/daemon.py
@ -17,6 +17,7 @@ from webfinger import webfingerMeta
 from webfinger import webfingerLookup
 from person import personLookup
 from person import personKeyLookup
+from inbox import inboxPermittedMessage
 import os
 import sys

@ -74,44 +75,15 @@ class PubServer(BaseHTTPRequestHandler):
            self._404()
        return True

-    def permittedDir(self,path):
+    def _permittedDir(self,path):
        if path.startswith('/wfendpoints') or \
           path.startswith('/keys') or \
           path.startswith('/accounts'):
            return False
        return True

-    def _permittedMessage(self,message):
-        """ check that we are posting to a permitted domain
-        """
-        testParam='actor'
-        if not message.get(testParam):
-            return False
-        actor=message[testParam]
-        # always allow the local domain
-        if thisDomain in actor:
-            return True
-        permittedDomain=False
-        for domain in federationList:
-            if domain in actor:
-                permittedDomain=True
-                break
-        if not permittedDomain:
-            return False
-        if message.get('object'):
-            if message['object'].get('inReplyTo'):
-                inReplyTo=message['object']['inReplyTo']
-                permittedReplyDomain=False
-                for domain in federationList:
-                    if domain in inReplyTo:
-                        permittedReplyDomain=True
-                        break
-                if not permittedReplyDomain:
-                    return False            
-        return True
-
    def do_GET(self):
-        if not self.permittedDir(self.path):
+        if not self._permittedDir(self.path):
            self._404()
            return
        # get webfinger endpoint for a person
@ -164,8 +136,9 @@ class PubServer(BaseHTTPRequestHandler):
            return
        message = json.loads(self.rfile.read(length))        

-        if not self._permittedMessage(message):
-            self._404()
+        if not inboxPermittedMessage(message,federationList):
+            self.send_response(403)
+            self.end_headers()
        else:                
            # add a property to the object, just to mess with data
            message['received'] = 'ok'
--- a/inbox.py
+++ b/inbox.py
@ -0,0 +1,42 @@
+__filename__ = "inbox.py"
+__author__ = "Bob Mottram"
+__license__ = "AGPL3+"
+__version__ = "0.0.1"
+__maintainer__ = "Bob Mottram"
+__email__ = "bob@freedombone.net"
+__status__ = "Production"
+
+import json
+import os
+
+def inboxPermittedMessage(self,messageJson,federationList) -> bool:
+    """ check that we are receiving from a permitted domain
+    """
+    testParam='actor'
+    if not messageJson.get(testParam):
+        return False
+    actor=messageJson[testParam]
+    # always allow the local domain
+    if thisDomain in actor:
+        return True
+
+    permittedDomain=False
+    for domain in federationList:
+        if domain in actor:
+            permittedDomain=True
+            break
+    if not permittedDomain:
+        return False
+
+    if messageJson.get('object'):
+        if messageJson['object'].get('inReplyTo'):
+            inReplyTo=messageJson['object']['inReplyTo']
+            permittedReplyDomain=False
+            for domain in federationList:
+                if domain in inReplyTo:
+                    permittedReplyDomain=True
+                    break
+            if not permittedReplyDomain:
+                return False
+
+    return True