rudeshark.net/packages/backend/src/remote/activitypub/ap-request.ts

153 lines
3.1 KiB
TypeScript
Raw Normal View History

2023-01-13 05:40:33 +01:00
import * as crypto from "node:crypto";
import { URL } from "node:url";
type Request = {
url: string;
method: string;
headers: Record<string, string>;
};
type PrivateKey = {
privateKeyPem: string;
keyId: string;
};
2023-01-13 05:40:33 +01:00
export function createSignedPost(args: {
key: PrivateKey;
url: string;
body: string;
additionalHeaders: Record<string, string>;
}) {
const u = new URL(args.url);
2023-01-13 05:40:33 +01:00
const digestHeader = `SHA-256=${crypto
.createHash("sha256")
.update(args.body)
.digest("base64")}`;
const request: Request = {
url: u.href,
2023-01-13 05:40:33 +01:00
method: "POST",
headers: objectAssignWithLcKey(
{
Date: new Date().toUTCString(),
Host: u.hostname,
"Content-Type": "application/activity+json",
Digest: digestHeader,
},
args.additionalHeaders,
),
};
2023-01-13 05:40:33 +01:00
const result = signToRequest(request, args.key, [
"(request-target)",
"date",
"host",
"digest",
]);
return {
request,
signingString: result.signingString,
signature: result.signature,
signatureHeader: result.signatureHeader,
};
}
2023-01-13 05:40:33 +01:00
export function createSignedGet(args: {
key: PrivateKey;
url: string;
additionalHeaders: Record<string, string>;
}) {
const u = new URL(args.url);
const request: Request = {
url: u.href,
2023-01-13 05:40:33 +01:00
method: "GET",
headers: objectAssignWithLcKey(
{
Accept: "application/activity+json, application/ld+json",
Date: new Date().toUTCString(),
Host: new URL(args.url).hostname,
},
args.additionalHeaders,
),
};
2023-01-13 05:40:33 +01:00
const result = signToRequest(request, args.key, [
"(request-target)",
"date",
"host",
"accept",
]);
return {
request,
signingString: result.signingString,
signature: result.signature,
signatureHeader: result.signatureHeader,
};
}
2023-01-13 05:40:33 +01:00
function signToRequest(
request: Request,
key: PrivateKey,
includeHeaders: string[],
) {
const signingString = genSigningString(request, includeHeaders);
2023-01-13 05:40:33 +01:00
const signature = crypto
.sign("sha256", Buffer.from(signingString), key.privateKeyPem)
.toString("base64");
const signatureHeader = `keyId="${
key.keyId
}",algorithm="rsa-sha256",headers="${includeHeaders.join(
" ",
)}",signature="${signature}"`;
request.headers = objectAssignWithLcKey(request.headers, {
2021-11-13 11:10:14 +01:00
Signature: signatureHeader,
});
return {
request,
signingString,
signature,
signatureHeader,
};
}
function genSigningString(request: Request, includeHeaders: string[]) {
request.headers = lcObjectKey(request.headers);
const results: string[] = [];
2023-01-13 05:40:33 +01:00
for (const key of includeHeaders.map((x) => x.toLowerCase())) {
if (key === "(request-target)") {
results.push(
`(request-target): ${request.method.toLowerCase()} ${
new URL(request.url).pathname
}`,
);
} else {
results.push(`${key}: ${request.headers[key]}`);
}
}
2023-01-13 05:40:33 +01:00
return results.join("\n");
}
function lcObjectKey(src: Record<string, string>) {
const dst: Record<string, string> = {};
2023-01-13 05:40:33 +01:00
for (const key of Object.keys(src).filter(
(x) => x !== "__proto__" && typeof src[x] === "string",
))
dst[key.toLowerCase()] = src[key];
return dst;
}
2023-01-13 05:40:33 +01:00
function objectAssignWithLcKey(
a: Record<string, string>,
b: Record<string, string>,
) {
return Object.assign(lcObjectKey(a), lcObjectKey(b));
}