RubyGems - distributed-press-api-client - Versions diffs - 0.2.4 → 0.3.0rc1 - Mend

distributed-press-api-client 0.2.4 → 0.3.0rc1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/distributed_press/v1/social/client.rb +181 -0
data/lib/distributed_press/v1/social.rb +11 -0
data/lib/distributed_press/version.rb +1 -1
metadata +6 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9655c1c4310b5c3d7b121b9984ba13eff6989deaf1056bfe3a0dd8b2c0ae493b
-  data.tar.gz: 4933a217789771803d88f9c6b92d09119846730ab61543e2789c9a1348796ef9
+  metadata.gz: 2552a7612cdbbf7fe48afacf1327764e8f3f25a888d7bfd9f852b54a3fb5fa67
+  data.tar.gz: 59b252609b9d442aee543d1e5eabb642a6321c749c4936d35ad5d5e40038df3e
 SHA512:
-  metadata.gz: 0a348613279cf9cd9753561136bcebaae7729ff112ad20be435e966b62336a899da72fcd5fd736318103174442b1e931ba7c566b01fdcea876954a6a2e922785
-  data.tar.gz: 9f2504559bf4c6b7542ec50f649dbeb290a8fe8aa2add595a26a84ef45015d38801526a9d765ba7269a26f2f68f00373346951cbd3b165b684431c39383989ad
+  metadata.gz: 7d81f9c8bbdfa947f9c08b20e9e6214c0b1852987384eb7b5d4c5c757d91914f83812b781bf567122ad7790403137c3c1a8459f19ef5331e1b90bf7910887cbd
+  data.tar.gz: 909d13d6fba811597be93e00aecd24cb6961b65baa7cd0b669e7029fbdb34b9dc7e899dee6dfc8b2ec4575c6a4599d746b9a3182aa6ac50ad509ed51d0dbb5f2

data/lib/distributed_press/v1/social/client.rb ADDED Viewed

@@ -0,0 +1,181 @@
+# frozen_string_literal: true
+require 'httparty'
+require 'openssl'
+require 'time'
+require 'digest/sha2'
+require 'uri'
+class DistributedPress
+  module V1
+    module Social
+      # Social Distributed Press APIv1 client
+      #
+      # Inspired by Mastodon's Request
+      #
+      # @todo It'd be nice to implement this on HTTParty itself
+      # @see {https://github.com/mastodon/mastodon/blob/main/app/lib/request.rb}
+      class Client
+        include ::HTTParty
+        # Signing algorithm
+        #
+        # @todo is it possible to use other algorithms?
+        ALGORITHM = 'rsa-sha256'
+        # Required by HTTP Signatures
+        REQUEST_TARGET = '(request-target)'
+        # Headers included in the signature
+        SIGNABLE_HEADERS = [REQUEST_TARGET, 'Host', 'Date', 'Digest']
+        # API URL
+        # @return [String]
+        attr_reader :url
+        # RSA key size
+        #
+        # @return [Integer]
+        attr_reader :key_size
+        # Public key URL
+        #
+        # @return [String]
+        attr_reader :public_key_url
+        # @param :url [String] Social Distributed Press URL
+        # @param :public_key [String] URL where public key is available
+        # @param :private_key_pem [String] RSA Private key, PEM encoded
+        # @param :key_size [Integer]
+        # @param :logger [Logger]
+        def initialize(url: 'https://social.distributed.press', public_key_url:, private_key_pem: nil, key_size: 2048, logger: nil)
+          self.class.default_options[:base_uri] = @url = HTTParty.normalize_base_uri(url)
+          self.class.default_options[:logger] = logger
+          self.class.default_options[:log_level] = :debug
+          @public_key_url = public_key_url
+          @key_size = key_size
+          @private_key_pem = private_key_pem
+        end
+        # POST request
+        #
+        # @todo Use DRY-schemas
+        # @param endpoint [String]
+        # @param body [Hash]
+        # @return [Hash]
+        def post(endpoint:, body:)
+          body = body.to_json
+          headers = default_headers
+          add_request_specific_headers! headers, 'post', endpoint
+          checksum_body! body, headers
+          sign_headers! headers
+          self.class.post(endpoint, body: body, headers: headers)
+        end
+        # Loads or generates a private key
+        #
+        # @return [OpenSSL::PKey::RSA]
+        def private_key
+          @private_key ||= OpenSSL::PKey::RSA.new(@private_key_pem || key_size)
+        end
+        # Public key
+        #
+        # @return [OpenSSL::PKey::RSA]
+        def public_key
+          private_key.public_key
+        end
+        # Host
+        #
+        # @return [String]
+        def host
+          @host ||= URI.parse(url).host
+        end
+        private
+        def default_headers
+          {
+            'User-Agent' => "DistributedPress/#{DistributedPress::VERSION}",
+            'Content-Type' => 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
+            'Host' => host
+          }
+        end
+        # HTTP Signatures
+        #
+        # @see {https://docs.joinmastodon.org/spec/security/}
+        # @param :headers [Hash]
+        def sign_headers!(headers)
+          headers['Signature'] = {
+            'keyId' => public_key_url,
+            'algorithm' => ALGORITHM,
+            'headers' => signable_headers(headers),
+            'signature' => signed_headers(headers)
+          }.map do |key, value|
+            "#{key}=\"#{value}\""
+          end.join(',')
+          headers.delete REQUEST_TARGET
+          nil
+        end
+        # List of headers to be signed, removing headers that don't
+        # exist on the request.
+        #
+        # @return [String]
+        def signable_headers(headers)
+          (SIGNABLE_HEADERS & headers.keys).join(' ').downcase
+        end
+        # Sign headers
+        #
+        # @param :headers [Hash]
+        # @return [String]
+        def signed_headers(headers)
+          Base64.strict_encode64(
+            private_key.sign(
+              OpenSSL::Digest.new('SHA256'),
+              signature_content(headers)
+            )
+          )
+        end
+        # Generates a string to be signed
+        #
+        # @param :headers [Hash]
+        # @return [String]
+        def signature_content(headers)
+          headers.slice(*SIGNABLE_HEADERS).map do |key, value|
+            "#{key.downcase}: #{value}"
+          end.join("\n")
+        end
+        # Generate a checksum for the request body
+        #
+        # @param :body [String]
+        # @param :headers [Hash]
+        def checksum_body!(body, headers)
+          headers['Digest'] = "SHA-256=#{Digest::SHA256.base64digest body}"
+          nil
+        end
+        # Headers specific to a single request
+        #
+        # @param :headers [Hash] Headers
+        # @param :verb [String] HTTP verb
+        # @param :endpoint [String] Path
+        def add_request_specific_headers!(headers, verb, endpoint)
+          headers['Date'] = Time.now.utc.httpdate
+          headers[REQUEST_TARGET] = "#{verb} #{endpoint}"
+          nil
+        end
+      end
+    end
+  end
+end

data/lib/distributed_press/v1/social.rb ADDED Viewed

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+require_relative 'social/client'
+class DistributedPress
+  module V1
+    # Social Distributed Press APIv1
+    module Social
+    end
+  end
+end

data/lib/distributed_press/version.rb CHANGED Viewed

@@ -3,5 +3,5 @@
 # API client
 class DistributedPress
   # Version
-  VERSION = '0.2.4'
+  VERSION = '0.3.0rc1'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: distributed-press-api-client
 version: !ruby/object:Gem::Version
-  version: 0.2.4
+  version: 0.3.0rc1
 platform: ruby
 authors:
 - f
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-05-30 00:00:00.000000000 Z
+date: 2023-08-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -277,6 +277,8 @@ files:
 - lib/distributed_press/v1/schemas/token_header.rb
 - lib/distributed_press/v1/schemas/token_payload.rb
 - lib/distributed_press/v1/schemas/update_site.rb
+- lib/distributed_press/v1/social.rb
+- lib/distributed_press/v1/social/client.rb
 - lib/distributed_press/v1/token.rb
 - lib/distributed_press/version.rb
 - lib/jekyll-distributed-press-v0.rb
@@ -307,9 +309,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '2.7'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubygems_version: 3.3.26
 signing_key: