RubyGems - distributed-press-api-client - Versions diffs - 0.2.3 → 0.3.0rc0 - Mend

distributed-press-api-client 0.2.3 → 0.3.0rc0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/lib/distributed_press/v1/schemas/site.rb +1 -0
data/lib/distributed_press/v1/schemas/update_site.rb +1 -0
data/lib/distributed_press/v1/social/client.rb +178 -0
data/lib/distributed_press/v1/social.rb +11 -0
data/lib/distributed_press/version.rb +1 -1
metadata +6 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 97a9c36acefc2ea476545820078749cba9d3a54c84e16ad179396193bbe4b9de
-  data.tar.gz: 6a20be7873ecaf8a11417511e493edf3cd041195cf55b7e4e785c9ae56e24c5a
+  metadata.gz: 25fa00e1c0a4044f03953f30018830d9cc3e934445be8bd1e72004e0c1f5b1bf
+  data.tar.gz: 0ddb5921a185fb2172669957b3a22d8619fa6a0d2d53fe33a5bb10372706a1b4
 SHA512:
-  metadata.gz: d66d0f0b879114c2feab58a353ebd508a88f79e3d5d3d4e9f6b7f16c44cad6bcb9fd9358526f72acbfe0a92fc46eed168ebc158a1a6b01c1f122b7aedd06d2c1
-  data.tar.gz: 66edfeaa772e4b4fe763e67792ee1d1b15431714ef9a9c6fbbdf5ebd40edbd07cd62e710b598b0a4aca65d2c43fab36c202acb3bacafe78be8a47fb3112dc4f8
+  metadata.gz: 895ce13e70b28366fa412be512eeb075a179239a5eb7e45e302b58147baa55bccaba37505a93fdc97cef127d63faa655163eaa33c740bf2e5c334a3ab7879a5a
+  data.tar.gz: dcd6f8f7a6471ae979199de943350cff2b37ad5c148dbe8d143c6234cbb93e48dbc83b2794476bb0e7d193aff828dd591f96e747822bd085d89c9ef9c0a995e7

data/lib/distributed_press/v1/schemas/site.rb CHANGED Viewed

@@ -15,6 +15,7 @@ class DistributedPress
           # TODO: Validate domain name
           required(:domain).filled(:string)
+          required(:public).filled(:bool)
           required(:protocols).hash do
             required(:http).filled(:bool)

data/lib/distributed_press/v1/schemas/update_site.rb CHANGED Viewed

@@ -10,6 +10,7 @@ class DistributedPress
       class UpdateSite < Dry::Schema::JSON
         define do
           required(:id).filled(:string)
+          required(:public).filled(:bool)
           required(:protocols).hash do
             optional(:http).filled(:bool)

data/lib/distributed_press/v1/social/client.rb ADDED Viewed

@@ -0,0 +1,178 @@
+# frozen_string_literal: true
+require 'httparty'
+require 'openssl'
+require 'time'
+require 'digest/sha2'
+require 'uri'
+class DistributedPress
+  module V1
+    module Social
+      # Social Distributed Press APIv1 client
+      #
+      # Inspired by Mastodon's Request
+      #
+      # @todo It'd be nice to implement this on HTTParty itself
+      # @see {https://github.com/mastodon/mastodon/blob/main/app/lib/request.rb}
+      class Client
+        include ::HTTParty
+        # Signing algorithm
+        #
+        # @todo is it possible to use other algorithms?
+        ALGORITHM = 'rsa-sha256'
+        # Required by HTTP Signatures
+        REQUEST_TARGET = '(request-target)'
+        # Headers included in the signature
+        SIGNABLE_HEADERS = [REQUEST_TARGET, 'Host', 'Date', 'Digest']
+        # API URL
+        # @return [String]
+        attr_reader :url
+        # RSA key size
+        #
+        # @return [Integer]
+        attr_reader :key_size
+        # Public key URL
+        #
+        # @return [String]
+        attr_reader :public_key_url
+        # @param :url [String] Social Distributed Press URL
+        # @param :public_key [String] URL where public key is available
+        # @param :private_key_pem [String] RSA Private key, PEM encoded
+        # @param :key_size [Integer]
+        def initialize(url: 'https://social.distributed.press', public_key_url:, private_key_pem: nil, key_size: 2048)
+          self.class.default_options[:base_uri] = @url = HTTParty.normalize_base_uri(url)
+          @public_key_url = public_key_url
+          @key_size = key_size
+          @private_key_pem = private_key_pem
+        end
+        # POST request
+        #
+        # @todo Use DRY-schemas
+        # @param endpoint [String]
+        # @param body [Hash]
+        # @return [Hash]
+        def post(endpoint:, body:)
+          body = body.to_json
+          headers = default_headers
+          add_request_specific_headers! headers, 'post', endpoint
+          checksum_body! body, headers
+          sign_headers! headers
+          self.class.post(endpoint, body: body, headers: headers)
+        end
+        # Loads or generates a private key
+        #
+        # @return [OpenSSL::PKey::RSA]
+        def private_key
+          @private_key ||= OpenSSL::PKey::RSA.new(@private_key_pem || key_size)
+        end
+        # Public key
+        #
+        # @return [OpenSSL::PKey::RSA]
+        def public_key
+          private_key.public_key
+        end
+        # Host
+        #
+        # @return [String]
+        def host
+          @host ||= URI.parse(url).host
+        end
+        private
+        def default_headers
+          {
+            'User-Agent' => "DistributedPress/#{DistributedPress::VERSION}",
+            'Content-Type' => 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
+            'Host' => host
+          }
+        end
+        # HTTP Signatures
+        #
+        # @see {https://docs.joinmastodon.org/spec/security/}
+        # @param :headers [Hash]
+        def sign_headers!(headers)
+          headers['Signature'] = {
+            'keyId' => public_key_url,
+            'algorithm' => ALGORITHM,
+            'headers' => signable_headers(headers),
+            'signature' => signed_headers(headers)
+          }.map do |key, value|
+            "#{key}=\"#{value}\""
+          end.join(',')
+          headers.delete REQUEST_TARGET
+          nil
+        end
+        # List of headers to be signed, removing headers that don't
+        # exist on the request.
+        #
+        # @return [String]
+        def signable_headers(headers)
+          (SIGNABLE_HEADERS & headers.keys).join(' ').downcase
+        end
+        # Sign headers
+        #
+        # @param :headers [Hash]
+        # @return [String]
+        def signed_headers(headers)
+          Base64.strict_encode64(
+            private_key.sign(
+              OpenSSL::Digest.new('SHA256'),
+              signature_content(headers)
+            )
+          )
+        end
+        # Generates a string to be signed
+        #
+        # @param :headers [Hash]
+        # @return [String]
+        def signature_content(headers)
+          headers.slice(*SIGNABLE_HEADERS).map do |key, value|
+            "#{key.downcase}: #{value}"
+          end.join("\n")
+        end
+        # Generate a checksum for the request body
+        #
+        # @param :body [String]
+        # @param :headers [Hash]
+        def checksum_body!(body, headers)
+          headers['Digest'] = "SHA-256=#{Digest::SHA256.base64digest body}"
+          nil
+        end
+        # Headers specific to a single request
+        #
+        # @param :headers [Hash] Headers
+        # @param :verb [String] HTTP verb
+        # @param :endpoint [String] Path
+        def add_request_specific_headers!(headers, verb, endpoint)
+          headers['Date'] = Time.now.utc.httpdate
+          headers[REQUEST_TARGET] = "#{verb} #{endpoint}"
+          nil
+        end
+      end
+    end
+  end
+end

data/lib/distributed_press/v1/social.rb ADDED Viewed

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+require_relative 'social/client'
+class DistributedPress
+  module V1
+    # Social Distributed Press APIv1
+    module Social
+    end
+  end
+end

data/lib/distributed_press/version.rb CHANGED Viewed

@@ -3,5 +3,5 @@
 # API client
 class DistributedPress
   # Version
-  VERSION = '0.2.3'
+  VERSION = '0.3.0rc0'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: distributed-press-api-client
 version: !ruby/object:Gem::Version
-  version: 0.2.3
+  version: 0.3.0rc0
 platform: ruby
 authors:
 - f
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-03-31 00:00:00.000000000 Z
+date: 2023-08-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -277,6 +277,8 @@ files:
 - lib/distributed_press/v1/schemas/token_header.rb
 - lib/distributed_press/v1/schemas/token_payload.rb
 - lib/distributed_press/v1/schemas/update_site.rb
+- lib/distributed_press/v1/social.rb
+- lib/distributed_press/v1/social/client.rb
 - lib/distributed_press/v1/token.rb
 - lib/distributed_press/version.rb
 - lib/jekyll-distributed-press-v0.rb
@@ -307,9 +309,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '2.7'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubygems_version: 3.3.26
 signing_key: