summaryrefslogtreecommitdiff
path: root/internal/transport
diff options
context:
space:
mode:
Diffstat (limited to 'internal/transport')
-rw-r--r--internal/transport/controller.go19
-rw-r--r--internal/transport/transport.go77
2 files changed, 93 insertions, 3 deletions
diff --git a/internal/transport/controller.go b/internal/transport/controller.go
index 72f41b335..ad754080a 100644
--- a/internal/transport/controller.go
+++ b/internal/transport/controller.go
@@ -21,6 +21,7 @@ package transport
import (
"crypto"
"fmt"
+ "sync"
"github.com/go-fed/activity/pub"
"github.com/go-fed/httpsig"
@@ -30,7 +31,7 @@ import (
// Controller generates transports for use in making federation requests to other servers.
type Controller interface {
- NewTransport(pubKeyID string, privkey crypto.PrivateKey) (pub.Transport, error)
+ NewTransport(pubKeyID string, privkey crypto.PrivateKey) (Transport, error)
}
type controller struct {
@@ -51,7 +52,7 @@ func NewController(config *config.Config, clock pub.Clock, client pub.HttpClient
}
// NewTransport returns a new http signature transport with the given public key id (a URL), and the given private key.
-func (c *controller) NewTransport(pubKeyID string, privkey crypto.PrivateKey) (pub.Transport, error) {
+func (c *controller) NewTransport(pubKeyID string, privkey crypto.PrivateKey) (Transport, error) {
prefs := []httpsig.Algorithm{httpsig.RSA_SHA256, httpsig.RSA_SHA512}
digestAlgo := httpsig.DigestSha256
getHeaders := []string{"(request-target)", "host", "date"}
@@ -67,5 +68,17 @@ func (c *controller) NewTransport(pubKeyID string, privkey crypto.PrivateKey) (p
return nil, fmt.Errorf("error creating post signer: %s", err)
}
- return pub.NewHttpSigTransport(c.client, c.appAgent, c.clock, getSigner, postSigner, pubKeyID, privkey), nil
+ sigTransport := pub.NewHttpSigTransport(c.client, c.appAgent, c.clock, getSigner, postSigner, pubKeyID, privkey)
+
+ return &transport{
+ client: c.client,
+ appAgent: c.appAgent,
+ gofedAgent: "(go-fed/activity v1.0.0)",
+ clock: c.clock,
+ pubKeyID: pubKeyID,
+ privkey: privkey,
+ sigTransport: sigTransport,
+ getSigner: getSigner,
+ getSignerMu: &sync.Mutex{},
+ }, nil
}
diff --git a/internal/transport/transport.go b/internal/transport/transport.go
new file mode 100644
index 000000000..afd408519
--- /dev/null
+++ b/internal/transport/transport.go
@@ -0,0 +1,77 @@
+package transport
+
+import (
+ "context"
+ "crypto"
+ "fmt"
+ "io/ioutil"
+ "net/http"
+ "net/url"
+ "sync"
+
+ "github.com/go-fed/activity/pub"
+ "github.com/go-fed/httpsig"
+)
+
+// Transport wraps the pub.Transport interface with some additional
+// functionality for fetching remote media.
+type Transport interface {
+ pub.Transport
+ DereferenceMedia(c context.Context, iri *url.URL, expectedContentType string) ([]byte, error)
+}
+
+// transport implements the Transport interface
+type transport struct {
+ client pub.HttpClient
+ appAgent string
+ gofedAgent string
+ clock pub.Clock
+ pubKeyID string
+ privkey crypto.PrivateKey
+ sigTransport *pub.HttpSigTransport
+ getSigner httpsig.Signer
+ getSignerMu *sync.Mutex
+}
+
+func (t *transport) BatchDeliver(c context.Context, b []byte, recipients []*url.URL) error {
+ return t.sigTransport.BatchDeliver(c, b, recipients)
+}
+
+func (t *transport) Deliver(c context.Context, b []byte, to *url.URL) error {
+ return t.sigTransport.Deliver(c, b, to)
+}
+
+func (t *transport) Dereference(c context.Context, iri *url.URL) ([]byte, error) {
+ return t.sigTransport.Dereference(c, iri)
+}
+
+func (t *transport) DereferenceMedia(c context.Context, iri *url.URL, expectedContentType string) ([]byte, error) {
+ req, err := http.NewRequest("GET", iri.String(), nil)
+ if err != nil {
+ return nil, err
+ }
+ req = req.WithContext(c)
+ if expectedContentType == "" {
+ req.Header.Add("Accept", "*/*")
+ } else {
+ req.Header.Add("Accept", expectedContentType)
+ }
+ req.Header.Add("Date", t.clock.Now().UTC().Format("Mon, 02 Jan 2006 15:04:05")+" GMT")
+ req.Header.Add("User-Agent", fmt.Sprintf("%s %s", t.appAgent, t.gofedAgent))
+ req.Header.Set("Host", iri.Host)
+ t.getSignerMu.Lock()
+ err = t.getSigner.SignRequest(t.privkey, t.pubKeyID, req, nil)
+ t.getSignerMu.Unlock()
+ if err != nil {
+ return nil, err
+ }
+ resp, err := t.client.Do(req)
+ if err != nil {
+ return nil, err
+ }
+ defer resp.Body.Close()
+ if resp.StatusCode != http.StatusOK {
+ return nil, fmt.Errorf("GET request to %s failed (%d): %s", iri.String(), resp.StatusCode, resp.Status)
+ }
+ return ioutil.ReadAll(resp.Body)
+}
generated by cgit v1.2.3 (git 2.46.0) at 2025-08-04 03:06:57 +0000