distributed-press-api-client 0.3.1 → 0.4.0rc3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1f9ade4eb6d66abaf9b33a5781a0a3ec1ced7849c59d2c5e23b871b59cd206f2
-  data.tar.gz: 57c7f2e5e72e49fa7418e850800a4ad420b29e6be1d62cf4bfb25272234c3424
+  metadata.gz: ee95dc9deb3cb19084a66ee33ee4970906619c6489ce0bf29b0aa9f90ae99d93
+  data.tar.gz: abcb6a90f1e16ad51aac21f15b79067c141f4cdc45edfbddc69704dd235adac7
 SHA512:
-  metadata.gz: 5e6d5be220822e44d1397aa1bf034be6141892a847b99cb1dedb8830d56d0064e955f15b95aba51c1f4aba460d0c04195c1d8b45a651f2c328de5571a75f6215
-  data.tar.gz: b16c1082df61f87468e54ddf0cfd6336f995b45b7c05f6b30e94cff127daa4ea904fbf6188c519efc98c8116a90e9bef424d2985f5641989f2f42ee8b342e387
+  metadata.gz: 5d3e98400b29ee2258a29beb1c47fab70a07d1cbdd43a96df9842a507d2ee3f3aaf9d3eeef1dee381967363227fb8af68b0b9f080861feac67595b1a081c43b0
+  data.tar.gz: 55291cec6e026520a3e9f111fd80e55b4762aa551f1dcae12015951a01d9d6dd55bbda07394f5f36566e3500abed7673e2a71c90feaf2f4092ef838361d3c8e8

data/lib/distributed_press/v1/schemas/bittorrent_protocol.rb

@@ -20,4 +20,4 @@ class DistributedPress
       end
     end
   end
-end
+end

data/lib/distributed_press/v1/social/allowlist.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+require_relative 'blocklist'
+
+class DistributedPress
+  module V1
+    module Social
+      # Manages Social Inbox allowlist
+      #
+      # @example
+      #   DistributedPress::V1::Social::Allowlist.new(client: client)
+      #   DistributedPress::V1::Social::Allowlist.new(client: client, actor: '@sutty@sutty.nl')
+      class Allowlist < Blocklist
+        ENDPOINT = '/allowlist'
+      end
+    end
+  end
+end

data/lib/distributed_press/v1/social/blocklist.rb

@@ -0,0 +1,75 @@
+# frozen_string_literal: true
+
+require_relative 'client'
+
+class DistributedPress
+  module V1
+    module Social
+      # Manages Social Inbox blocklist
+      #
+      # @example
+      #   DistributedPress::V1::Social::Blocklist.new(client: client)
+      #   DistributedPress::V1::Social::Blocklist.new(client: client, actor: '@sutty@sutty.nl')
+      class Blocklist
+        ACCEPT = %w[text/plain].freeze
+        CONTENT_TYPE = 'text/plain'
+        ENDPOINT = '/blocklist'
+
+        # @return [DistributedPress::V1::Social::Client]
+        attr_reader :client
+
+        # @return [String,nil]
+        attr_reader :actor
+
+        # @param :client [DistributedPress::V1::Social::Client]
+        # @param :actor [String]
+        def initialize(client:, actor: nil)
+          @client = client
+          @actor = actor
+
+          @serializer = proc do |body|
+            body.join("\n")
+          end
+
+          # @param :body [String,nil]
+          # @return [Array<String>]
+          @parser =
+            proc do |body, _|
+              next [] if body.nil?
+
+              body.split("\n").map(&:strip).reject(&:empty?)
+            end
+        end
+
+        # Obtains the current blocklist
+        #
+        # @return [Array<String>]
+        def get
+          client.get(endpoint: endpoint, parser: @parser, content_type: CONTENT_TYPE, accept: ACCEPT)
+        end
+
+        # Sends an array of instances and accounts to be blocked
+        #
+        # @param :list [Array<String>]
+        # @return [HTTParty::Response]
+        def post(list:)
+          client.post(endpoint: endpoint, body: list, serializer: @serializer, parser: @parser,
+                      content_type: CONTENT_TYPE, accept: ACCEPT)
+        end
+
+        # Removes instances and accounts from the blocklist
+        #
+        # @param :list [Array<String>]
+        # @return [HTTParty::Response]
+        def delete(list:)
+          client.delete(endpoint: endpoint, body: list, serializer: @serializer, parser: @parser,
+                        content_type: CONTENT_TYPE, accept: ACCEPT)
+        end
+
+        def endpoint
+          @endpoint ||= "/v1/#{actor}#{self.class::ENDPOINT}".squeeze('/')
+        end
+      end
+    end
+  end
+end

data/lib/distributed_press/v1/social/client.rb

@@ -1,10 +1,13 @@
 # frozen_string_literal: true
 
 require 'httparty'
+require 'httparty/cache'
 require 'openssl'
 require 'time'
 require 'digest/sha2'
 require 'uri'
+require_relative '../../version'
+require_relative 'signed_headers'
 
 class DistributedPress
   module V1
@@ -17,22 +20,33 @@ class DistributedPress
       # @see {https://github.com/mastodon/mastodon/blob/main/app/lib/request.rb}
       class Client
         include ::HTTParty
+        include ::HTTParty::Cache
 
-        # Signing algorithm
-        #
-        # @todo is it possible to use other algorithms?
-        ALGORITHM = 'rsa-sha256'
-        # Required by HTTP Signatures
-        REQUEST_TARGET = '(request-target)'
-        # Headers included in the signature
-        SIGNABLE_HEADERS = [REQUEST_TARGET, 'Host', 'Date', 'Digest']
-        # Content types
-        CONTENT_TYPES = %w[application/ld+json application/activity+json]
+        class Error < StandardError; end
+        class ContentTooLargeError < Error; end
+        class BrotliUnsupportedError < Error; end
+
+        # Always cache
+        caching true
+
+        # Content types sent and accepted
+        ACCEPT = %w[application/activity+json application/ld+json application/json].freeze
+        CONTENT_TYPE = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'
+
+        ACCEPT.each do |accept|
+          HTTParty::Parser::SupportedFormats[accept] = :json
+        end
 
         # API URL
+        #
         # @return [String]
         attr_reader :url
 
+        # API URI
+        #
+        # @return [URI]
+        attr_reader :uri
+
         # RSA key size
         #
         # @return [Integer]
@@ -43,36 +57,57 @@ class DistributedPress
         # @return [String]
         attr_reader :public_key_url
 
+        # Logger
+        #
+        # @return [Logger]
+        attr_reader :logger
+
         # @param :url [String] Social Distributed Press URL
         # @param :public_key [String] URL where public key is available
         # @param :private_key_pem [String] RSA Private key, PEM encoded
         # @param :key_size [Integer]
         # @param :logger [Logger]
-        def initialize(url: 'https://social.distributed.press', public_key_url:, private_key_pem: nil, key_size: 2048, logger: nil)
-          self.class.default_options[:base_uri] = @url = HTTParty.normalize_base_uri(url)
-          self.class.default_options[:logger] = logger
+        # @param :cache_store [HTTParty::Cache::Store::Abstract,Symbol]
+        def initialize(public_key_url:, url: 'https://social.distributed.press', private_key_pem: nil, key_size: 2048,
+                       logger: nil, cache_store: :memory)
+          self.class.default_options[:logger] = @logger = logger
           self.class.default_options[:log_level] = :debug
+          self.class.cache_store cache_store
 
+          @url = HTTParty.normalize_base_uri(url)
           @public_key_url = public_key_url
           @key_size = key_size
           @private_key_pem = private_key_pem
-
-          CONTENT_TYPES.each do |content_type|
-            HTTParty::Parser::SupportedFormats[content_type] = :json
+          @uri = URI.parse(url)
+          @serializer ||= proc do |body|
+            body.to_json
           end
         end
 
+        def _dump(_)
+          Marshal.dump({
+            public_key_url: public_key_url,
+            url: url,
+            private_key_pem: @private_key_pem,
+            key_size: key_size,
+            cache_store: self.class.cache_store
+          })
+        end
+
+        def self._load(hash)
+          new(**Marshal.load(hash))
+        end
+
         # GET request
         #
         # @param endpoint [String]
-        # @return [Hash]
-        def get(endpoint:)
-          headers = default_headers
-
-          add_request_specific_headers! headers, 'get', endpoint
-          sign_headers! headers
-
-          self.class.get(endpoint, headers: headers)
+        # @param parser [HTTParty::Parser,Proc]
+        # @param content_type [String]
+        # @param accept [Array<String>]
+        # @return [HTTParty::Response]
+        def get(endpoint:, parser: HTTParty::Parser, content_type: CONTENT_TYPE, accept: ACCEPT)
+          perform_signed_request method: Net::HTTP::Get, endpoint: endpoint, parser: parser, content_type: content_type,
+                                 accept: accept
         end
 
         # POST request
@@ -80,16 +115,45 @@ class DistributedPress
         # @todo Use DRY-schemas
         # @param endpoint [String]
         # @param body [Hash]
-        # @return [Hash]
-        def post(endpoint:, body:)
-          body = body.to_json
-          headers = default_headers
+        # @param serializer [Proc]
+        # @param parser [HTTParty::Parser,Proc]
+        # @param content_type [String]
+        # @param accept [Array<String>]
+        # @return [HTTParty::Response]
+        def post(endpoint:, body: nil, serializer: @serializer, parser: HTTParty::Parser, content_type: CONTENT_TYPE,
+                 accept: ACCEPT)
+          perform_signed_request method: Net::HTTP::Post, endpoint: endpoint, body: body, serializer: serializer,
+                                 parser: parser, content_type: content_type, accept: accept
+        end
 
-          add_request_specific_headers! headers, 'post', endpoint
-          checksum_body! body, headers
-          sign_headers! headers
+        # PUT request
+        #
+        # @param endpoint [String]
+        # @param body [Hash]
+        # @param serializer [Proc]
+        # @param parser [HTTParty::Parser,Proc]
+        # @param content_type [String]
+        # @param accept [Array<String>]
+        # @return [HTTParty::Response]
+        def put(endpoint:, body: nil, serializer: @serializer, parser: HTTParty::Parser, content_type: CONTENT_TYPE,
+                accept: ACCEPT)
+          perform_signed_request method: Net::HTTP::Put, endpoint: endpoint, body: body, serializer: serializer,
+                                 parser: parser, content_type: content_type, accept: accept
+        end
 
-          self.class.post(endpoint, body: body, headers: headers)
+        # DELETE request with optional body
+        #
+        # @param endpoint [String]
+        # @param body [Hash]
+        # @param serializer [Proc]
+        # @param parser [HTTParty::Parser,Proc]
+        # @param content_type [String]
+        # @param accept [Array<String>]
+        # @return [HTTParty::Response]
+        def delete(endpoint:, body: nil, serializer: @serializer, parser: HTTParty::Parser, content_type: CONTENT_TYPE,
+                   accept: ACCEPT)
+          perform_signed_request method: Net::HTTP::Delete, endpoint: endpoint, body: body, serializer: serializer,
+                                 parser: parser, content_type: content_type, accept: accept
         end
 
         # Loads or generates a private key
@@ -115,84 +179,154 @@ class DistributedPress
 
         private
 
-        def default_headers
-          {
+        # Perform request
+        #
+        # @param method [Net::HTTP::Get,Net::HTTP::Post,Net::HTTP::Put,Net::HTTP::Delete]
+        # @param endpoint [String]
+        # @param body [Hash]
+        # @param serializer [Proc]
+        # @param parser [HTTParty::Parser,Proc]
+        # @param content_type [String]
+        # @param accept [Array<String>]
+        # @return [HTTParty::Response]
+        def perform_signed_request(method:, endpoint:, body: nil, serializer: @default_serializer, parser: HTTParty::Parser,
+                                   content_type: CONTENT_TYPE, accept: ACCEPT)
+          headers = default_headers(content_type: content_type, accept: accept)
+
+          unless body.nil?
+            body = serializer.call(body)
+            checksum_body!(body, headers)
+          end
+
+          # Mimics HTTParty.perform_request, but processing the header
+          # after the request is instantiated. No need to process
+          # cookies for now. Uses the public key URL as a caching key so
+          # we revalidate access on shared caches.
+          options = { body: body, headers: headers, base_uri: url, parser: parser, stream_body: true, cache_key: public_key_url }
+          options = HTTParty::ModuleInheritableAttributes.hash_deep_dup(self.class.default_options).merge(options)
+          response_body = ''.dup
+
+          HTTParty::Request.new(method, endpoint, options).tap do |request|
+            headers.request = request
+          end.perform do |fragment|
+            fragment_to_body!(fragment, response_body)
+          end.tap do |response|
+            next if response_body.empty?
+
+            fix_response!(response, response_body)
+          end
+        end
+
+        # Default headers
+        #
+        # @param :content_type [String]
+        # @param :accept [Array<String>]
+        # @return [SignedHeaders]
+        def default_headers(content_type: CONTENT_TYPE, accept: ACCEPT)
+          SignedHeaders[
             'User-Agent' => "DistributedPress/#{DistributedPress::VERSION}",
-            'Content-Type' => 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
-            'Host' => host
-          }
+            'Content-Type' => content_type,
+            'Accept' => accept.join(', '),
+            'Host' => host,
+            'Accept-Encoding' => "#{'br;q=1.0,' if brotli?}gzip;q=1.0,deflate;q=0.6,identity;q=0.3",
+            'Date' => Time.now.utc.httpdate
+          ].tap do |headers|
+            headers.private_key = private_key
+            headers.public_key_url = public_key_url
+          end
         end
 
-        # HTTP Signatures
+        # Generate a checksum for the request body
         #
-        # @see {https://docs.joinmastodon.org/spec/security/}
+        # @param :body [String]
         # @param :headers [Hash]
-        def sign_headers!(headers)
-          headers['Signature'] = {
-            'keyId' => public_key_url,
-            'algorithm' => ALGORITHM,
-            'headers' => signable_headers(headers),
-            'signature' => signed_headers(headers)
-          }.map do |key, value|
-            "#{key}=\"#{value}\""
-          end.join(',')
-
-          headers.delete REQUEST_TARGET
+        def checksum_body!(body, headers)
+          headers['Digest'] = "SHA-256=#{Digest::SHA256.base64digest body}"
 
           nil
         end
 
-        # List of headers to be signed, removing headers that don't
-        # exist on the request.
+        # If the endpoint is on a subdirectory, we need the absolute
+        # path for signing
         #
+        # @param :endpoint [String]
         # @return [String]
-        def signable_headers(headers)
-          (SIGNABLE_HEADERS & headers.keys).join(' ').downcase
+        def absolute_endpoint(endpoint)
+          "#{uri.path}/#{endpoint}".squeeze('/')
         end
 
-        # Sign headers
-        #
-        # @param :headers [Hash]
-        # @return [String]
-        def signed_headers(headers)
-          Base64.strict_encode64(
-            private_key.sign(
-              OpenSSL::Digest.new('SHA256'),
-              signature_content(headers)
-            )
-          )
+        # Brotli available
+        def brotli?
+          begin
+            require 'brs'
+          rescue LoadError => e
+            if logger
+              logger.warn e.message
+            else
+              puts e
+            end
+          end
+
+          defined? ::BRS
         end
 
-        # Generates a string to be signed
+        # Inflates a Brotli compressed fragment.  A fragment could be
+        # small enough to contain a huge inflated payload.  In our
+        # tests, 2GB of zeroes were compressed to a 1.6KB fragment.
         #
-        # @param :headers [Hash]
-        # @return [String]
-        def signature_content(headers)
-          headers.slice(*SIGNABLE_HEADERS).map do |key, value|
-            "#{key.downcase}: #{value}"
-          end.join("\n")
+        # @todo Maybe each_char is too slow?
+        # @param fragment [HTTParty::ResponseFragment]
+        # @param append_to [String]
+        def inflate_fragment!(fragment, append_to)
+          fragment_io = StringIO.new(fragment)
+
+          BRS::Stream::Reader.new(fragment_io, source_buffer_length: 256,
+                                               destination_buffer_length: 1024).each_char do |char|
+            append_to << char
+
+            raise ContentTooLargeError if append_to.bytesize > 1_000_000
+          end
         end
 
-        # Generate a checksum for the request body
+        # Collect fragments into body by checking the bytesize and
+        # failing if it gets too big.
         #
-        # @param :body [String]
-        # @param :headers [Hash]
-        def checksum_body!(body, headers)
-          headers['Digest'] = "SHA-256=#{Digest::SHA256.base64digest body}"
+        # @param :fragment [HTTParty::ResponseFragment]
+        # @param :append_to [String]
+        def fragment_to_body!(fragment, append_to)
+          case fragment.http_response['content-encoding']
+          when 'br'
+            # Raise an error rather than returning an empty body
+            unless brotli?
+              raise BrotliUnsupportedError,
+                    'Server sent brotli-encoded response but ruby-brs gem is missing'
+            end
 
-          nil
+            inflate_fragment!(fragment, append_to)
+          else
+            append_to << fragment
+          end
+
+          raise ContentTooLargeError if append_to.bytesize > 1_000_000
+        rescue ContentTooLargeError
+          raise ContentTooLargeError, "Content too large #{append_to.bytesize} bytes!"
         end
 
-        # Headers specific to a single request
+        # Re-adds a streamed body to the response and caches it again so
+        # it can carry the body
         #
-        # @param :headers [Hash] Headers
-        # @param :verb [String] HTTP verb
-        # @param :endpoint [String] Path
-        def add_request_specific_headers!(headers, verb, endpoint)
-          headers['Date'] = Time.now.utc.httpdate
-          headers[REQUEST_TARGET] = "#{verb} #{endpoint}"
+        # @param response [HTTParty::Response]
+        # @param body [String]
+        def fix_response!(response, body)
+          request = response.request
+          parser = request.options[:parser]
+          format = request.format || :plain
 
-          nil
+          response.instance_variable_set(:@body, body)
+          response.instance_variable_set(:@parsed_block, -> { parser.call(body, format) })
+          response.instance_variable_set(:@parsed_response, nil)
+
+          self.class.cache_store.set(response.cache_key, response)
         end
       end
     end

data/lib/distributed_press/v1/social/dereferencer.rb

@@ -0,0 +1,89 @@
+# frozen_string_literal: true
+
+require 'addressable'
+require_relative 'reference'
+require_relative 'referenced_object'
+
+class DistributedPress
+  module V1
+    module Social
+      # Fetches ActivityStreams from different instances by
+      # instantiating clients.
+      class Dereferencer
+        # @return [DistributedPress::V1::Social::Client]
+        attr_reader :client
+
+        # We only need the client
+        def _dump(_)
+          Marshal.dump(client)
+        end
+ 
+        def self._load(client)
+          new(client: Marshal.load(client))
+        end
+
+        # @param :client [DistributedPress::V1::Social::Client]
+        def initialize(client:)
+          @client = client
+          @parser =
+            proc do |body, format|
+              next HTTParty::Parser.call(body, format || :plain) unless body&.starts_with? '{'
+
+              ReferencedObject.new(object: HTTParty::Parser.call(body, :json), dereferencer: self)
+            end
+        end
+
+        # Fetch a URI
+        #
+        # @param :uri [String, Addressable::URI]
+        # @return [HTTParty::Response]
+        def get(uri:)
+          uri = uris(uri)
+
+          clients(uri).get(endpoint: uri.path, parser: @parser)
+        end
+
+        # Gets a client for a URI
+        #
+        # @param :uri [Addressable::URI]
+        # @return [DistributedPress::V1::Social::Client]
+        def clients(uri)
+          @@clients ||= {}
+          @@clients[uri.origin] ||=
+            client.class.new(
+              url: uri.origin,
+              public_key_url: client.public_key_url,
+              private_key_pem: client.private_key.to_s,
+              logger: client.logger,
+              cache_store: client.class.cache_store
+            )
+        end
+
+        # Gets a reference for a URI and indexes it by the complete
+        # and normalized URI
+        #
+        # @param :uri [String, Addressable::URI]
+        # @return [DistributedPress::V1::Social::Reference]
+        def references(uri)
+          @@references ||= {}
+          @@references[uri.to_s] ||= Reference.new(uri: uri.to_s, dereferencer: self)
+        end
+
+        # Make sure we're getting a normalized Addressable::URI
+        #
+        # @param :uri [String, Addressable::URI]
+        # @return [Addressable::URI]
+        def uris(uri)
+          @@uris ||= {}
+          @@uris[uri.to_s] ||=
+            (if uri.is_a? Addressable::URI
+               uri
+             else
+               Addressable::URI.parse(uri)
+             end).normalize
+        end
+
+      end
+    end
+  end
+end