nelumba 0.0.13

data/lib/nelumba/comment.rb

@@ -0,0 +1,47 @@
+module Nelumba
+  class Comment
+    include Nelumba::Object
+
+    # Holds a collection of Nelumba::Activity's that this comment is in reply to.
+    attr_reader :in_reply_to
+
+    # Create a new Comment activity object.
+    #
+    # options:
+    #   :content      => The body of the comment in HTML.
+    #   :author       => A Nelumba::Person that created the object.
+    #   :display_name => A natural-language, human-readable and plain-text name
+    #                    for the comment.
+    #   :summary      => Natural-language summarization of the comment.
+    #   :url          => The canonical url of this comment.
+    #   :uid          => The unique id that identifies this comment.
+    #   :image        =>
+    #   :published    => The Time when this comment was originally published.
+    #   :updated      => The Time when this comment was last modified.
+    def initialize(options = {}, &blk)
+      init(options, &blk)
+    end
+
+    def init(options = {}, &blk)
+      @in_reply_to  = options[:in_reply_to] || []
+
+      super options
+    end
+
+    # Returns a Hash representing this comment.
+    def to_hash
+      {
+        :in_reply_to  => @in_reply_to
+      }.merge(super)
+    end
+
+    # Returns a Hash representing this comment with JSON ActivityStreams
+    # conventions.
+    def to_json_hash
+      {
+        :objectType   => "comment",
+        :in_reply_to  => @in_reply_to
+      }.merge(super)
+    end
+  end
+end

data/lib/nelumba/crypto.rb

@@ -0,0 +1,144 @@
+module Nelumba
+  module Crypto
+    require 'openssl'
+    require 'rsa'
+    require 'base64'
+
+    KeyPair = Struct.new(:public_key, :private_key)
+
+    # Generate a new RSA keypair with the given bitlength.
+    def self.new_keypair(bits = 2048)
+      keypair = KeyPair.new
+
+      key = RSA::KeyPair.generate(bits)
+
+      public_key = key.public_key
+      m = public_key.modulus
+      e = public_key.exponent
+
+      modulus = ""
+      until m == 0 do
+        modulus << [m % 256].pack("C")
+        m >>= 8
+      end
+      modulus.reverse!
+
+      exponent = ""
+      until e == 0 do
+        exponent << [e % 256].pack("C")
+        e >>= 8
+      end
+      exponent.reverse!
+
+      keypair.public_key = "RSA.#{Base64::urlsafe_encode64(modulus)}.#{Base64::urlsafe_encode64(exponent)}"
+
+      tmp_private_key = key.private_key
+      m = tmp_private_key.modulus
+      e = tmp_private_key.exponent
+
+      modulus = ""
+      until m == 0 do
+        modulus << [m % 256].pack("C")
+        m >>= 8
+      end
+      modulus.reverse!
+
+      exponent = ""
+      until e == 0 do
+        exponent << [e % 256].pack("C")
+        e >>= 8
+      end
+      exponent.reverse!
+
+      keypair.private_key = "RSA.#{Base64::urlsafe_encode64(modulus)}.#{Base64::urlsafe_encode64(exponent)}"
+
+      keypair
+    end
+
+    # Creates an EMSA signature for the given plaintext and key.
+    def self.emsa_sign(text, private_key)
+      private_key = generate_key(private_key) unless private_key.is_a? RSA::Key
+      signature = self.emsa_signature(text, private_key)
+      self.decrypt(private_key, signature)
+    end
+
+    # Verifies an existing EMSA signature.
+    def self.emsa_verify(text, signature, public_key)
+      # RSA encryption is needed to compare the signatures
+      public_key = generate_key(public_key) unless public_key.is_a? RSA::Key
+
+      # Get signature to check
+      emsa = self.emsa_signature(text, public_key)
+
+      # Get signature in payload
+      emsa_signature = self.encrypt(public_key, signature)
+
+      # RSA gem drops leading 0s since it does math upon an Integer
+      # As a workaround, I check for what I expect the second byte to be (\x01)
+      # This workaround will also handle seeing a \x00 first if the RSA gem is
+      # fixed.
+      if emsa_signature.getbyte(0) == 1
+        emsa_signature = "\x00#{emsa_signature}"
+      end
+
+      # Does the signature match?
+      # Return the result.
+      emsa_signature == emsa
+    end
+
+    # Decrypts the given data with the given private key.
+    def self.decrypt(private_key, data)
+      private_key = generate_key(private_key) unless private_key.is_a? RSA::Key
+      keypair = generate_keypair(nil, private_key)
+      keypair.decrypt(data)
+    end
+
+    # Encrypts the given data with the given public key.
+    def self.encrypt(public_key, data)
+      public_key = generate_key(public_key) unless public_key.is_a? RSA::Key
+      keypair = generate_keypair(public_key, nil)
+      keypair.encrypt(data)
+    end
+
+    private
+
+    # :nodoc:
+    def self.emsa_signature(text, key)
+      modulus_byte_count = key.modulus.size
+
+      plaintext = Digest::SHA2.new(256).digest(text)
+
+      prefix = "\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20"
+      padding_count = modulus_byte_count - prefix.bytes.count - plaintext.bytes.count - 3
+
+      padding = ""
+      padding_count.times do
+        padding = padding + "\xff"
+      end
+
+      "\x00\x01#{padding}\x00#{prefix}#{plaintext}".force_encoding('binary')
+    end
+
+    # :nodoc:
+    def self.generate_key(key_string)
+      return nil unless key_string
+
+      key_string.match /^RSA\.(.*?)\.(.*)$/
+
+      modulus = decode_key($1)
+      exponent = decode_key($2)
+
+      RSA::Key.new(modulus, exponent)
+    end
+
+    def self.generate_keypair(public_key, private_key)
+      RSA::KeyPair.new(private_key, public_key)
+    end
+
+    # :nodoc:
+    def self.decode_key(encoded_key_part)
+      modulus = Base64::urlsafe_decode64(encoded_key_part)
+      modulus.bytes.inject(0) {|num, byte| (num << 8) | byte }
+    end
+  end
+end

data/lib/nelumba/device.rb

@@ -0,0 +1,11 @@
+module Nelumba
+  class Device
+    include Nelumba::Object
+
+    def to_json_hash
+      {
+        :objectType => "device"
+      }.merge(super)
+    end
+  end
+end

data/lib/nelumba/discover.rb

@@ -0,0 +1,362 @@
+module Nelumba
+  module Discover
+    require 'nelumba/atom/feed'
+    require 'net/http'
+    require 'nokogiri'
+
+    # The order to respect atom links
+    MIME_ORDER = ['application/atom+xml',
+                  'application/rss+xml',
+                  'application/xml']
+
+    # Will yield an OStatus::Identity for the given fully qualified name
+    # (i.e. "user@domain.tld")
+    def self.identity(name)
+      xrd = nil
+
+      if name.match /^https?:\/\//
+        url = name
+        type = 'text/html'
+        response = Nelumba::Discover.pull_url(url, type)
+
+        # Look at HTTP link headers
+        if response["Link"]
+          link = response["Link"]
+
+          new_url = link[/^<([^>]+)>/,1]
+          rel     = link[/;\s*rel\s*=\s*"([^"]+)"/,1]
+          type    = link[/;\s*type\s*=\s*"([^"]+)"/,1]
+
+          if new_url.start_with? "/"
+            domain = url[/^(http[s]?:\/\/[^\/]+)\//,1]
+            new_url = "#{domain}#{new_url}"
+          end
+
+          if rel == "lrdd"
+            Nelumba::Discover.identity_from_xml(new_url)
+          else
+            nil
+          end
+        end
+      elsif name.match /@/
+        Nelumba::Discover.identity_from_webfinger(name)
+      end
+    end
+
+    # Retrieves a Nelumba::Identity from the given webfinger account.
+    def self.identity_from_webfinger(acct)
+      # We allow a port, unusually. Some exaxmples:
+      #
+      # acct: 'acct:wilkie@example.org:9292'
+      #   or: 'acct:wilkie@example.org'
+      #   or: 'wilkie@example.org'
+
+      # Remove acct: prefix if it exists
+      acct.gsub!(/^acct\:/, "")
+
+      # Get domain and port
+      matches = acct.match /([^@]+)@([^:]+)(:\d+)?$/
+      username = matches[1]
+      domain   = matches[2]
+      port     = matches[3] || "" # will include the ':'
+
+      accept = ['application/xml+xrd',
+                'application/xml',
+                'text/html']
+
+      # Pull .well-known/host-meta
+      scheme = 'https'
+      url = "#{scheme}://#{domain}#{port}/.well-known/host-meta"
+      host_meta = Nelumba::Discover.pull_url(url, accept)
+
+      if host_meta.nil?
+        # TODO: Should we do this? probably not. ugh. but we must.
+        scheme = 'http'
+        url = "#{scheme}://#{domain}#{port}/.well-known/host-meta"
+        host_meta = Nelumba::Discover.pull_url(url, accept)
+      end
+
+      return nil if host_meta.nil?
+
+      # Read xrd template location
+      host_meta = host_meta.body
+      host_meta = Nokogiri::XML(host_meta)
+      links = host_meta.xpath("/xmlns:XRD/xmlns:Link")
+      link = links.select{|link| link.attr('rel') == 'lrdd' }.first
+      lrdd_template = link.attr('template') || link.attr('href')
+
+      xrd_url = lrdd_template.gsub(/{uri}/, "acct:#{username}")
+
+      xrd = Nelumba::Discover.pull_url(xrd_url, accept)
+      return nil if xrd.nil?
+
+      xrd = xrd.body
+      xrd = Nokogiri::XML(xrd)
+
+      unless xrd
+        # TODO: Error
+        return nil
+      end
+
+      # magic-envelope public key
+      public_key = find_link(xrd, 'magic-public-key') || ""
+      public_key = public_key.split(",")[1] || ""
+
+      # ostatus notification endpoint
+      salmon_url = find_link(xrd, 'salmon')
+
+      # pump.io authentication endpoint
+      dialback_url = find_link(xrd, 'dialback')
+
+      # pump.io activity endpoints
+      activity_inbox_endpoint = find_link(xrd, 'activity-inbox')
+      activity_outbox_endpoint = find_link(xrd, 'activity-outbox')
+
+      # profile page
+      profile_page = find_link(xrd, 'http://webfinger.net/rel/profile-page')
+
+      Identity.new(:public_key               => public_key,
+                   :profile_page             => profile_page,
+                   :salmon_endpoint          => salmon_url,
+                   :dialback_endpoint        => dialback_url,
+                   :activity_inbox_endpoint  => activity_inbox_endpoint,
+                   :activity_outbox_endpoint => activity_outbox_endpoint)
+    end
+
+    # Retrieves a Nelumba::Identity from the given xml. You specify the xml
+    # as a url, which will be retrieved and then parsed.
+    def self.identity_from_xml(url, content_type = nil)
+      content_type ||= ['application/xml+xrd',
+                        'application/xml']
+
+      xml = Nelumba::Discover.pull_url(url, content_type)
+      return nil if xml.nil?
+
+      Nelumba::Discover.identity_from_xml_string(xml)
+    end
+
+    def self.identity_from_xml_string(xml)
+      xrd = Nokogiri::XML(xml)
+      unless xrd
+        # TODO: Error
+        return nil
+      end
+
+      # magic-envelope public key
+      public_key = find_link(xrd, 'magic-public-key')
+      public_key = public_key.split(",")[1] || ""
+
+      # ostatus notification endpoint
+      salmon_url = find_link(xrd, 'salmon')
+
+      # pump.io authentication endpoint
+      dialback_url = find_link(xrd, 'dialback')
+
+      # pump.io activity endpoints
+      activity_inbox_endpoint = find_link(xrd, 'activity-inbox')
+      activity_outbox_endpoint = find_link(xrd, 'activity-outbox')
+
+      # profile page
+      profile_page = find_link(xrd, 'http://webfinger.net/rel/profile-page')
+
+      Identity.new(:public_key               => public_key,
+                   :profile_page             => profile_page,
+                   :salmon_endpoint          => salmon_url,
+                   :dialback_endpoint        => dialback_url,
+                   :activity_inbox_endpoint  => activity_inbox_endpoint,
+                   :activity_outbox_endpoint => activity_outbox_endpoint)
+    end
+
+    # Will yield an Nelumba::Person for the given person.
+    #
+    # identity: Can be a String containing a fully qualified name (i.e.
+    # "user@domain.tld") or a previously resolved Nelumba::Identity.
+    def self.person(identity)
+      if identity.is_a? String
+        identity = Nelumba::Discover.identity(identity)
+      end
+
+      return nil if identity.nil? || identity.profile_page.nil?
+
+      # Discover Person information
+
+      # Pull profile page
+      # Look for a feed to pull
+      feed = Nelumba::Discover.feed(identity.profile_page)
+      feed.authors.first
+    end
+
+    # Will yield a Nelumba::Feed object representing the feed at the given url
+    # or identity.
+    #
+    # Usage:
+    #   feed = Nelumba::Discover.feed("https://rstat.us/users/wilkieii/feed")
+    #
+    #   i = Nelumba::Discover.identity("wilkieii@rstat.us")
+    #   feed = Nelumba::Discover.feed(i)
+    def self.feed(url_or_identity, content_type = nil)
+      if url_or_identity =~ /^(?:acct:)?[^@]+@[^@]+\.[^@]+$/
+        url_or_identity = Nelumba::Discover.identity(url_or_identity)
+      end
+
+      if url_or_identity.is_a? Nelumba::Identity
+        return Nelumba::Discover.feed(url_or_identity.profile_page)
+      end
+
+      # Atom is default type to attempt to retrieve
+      content_type ||= ["application/atom+xml", "text/html"]
+      accept = content_type
+
+      url = url_or_identity
+
+      if url =~ /^http[s]?:\/\//
+        # Url is an internet resource
+        response = Nelumba::Discover.pull_url(url, accept)
+
+        return nil unless response.is_a?(Net::HTTPSuccess)
+
+        content_type = response.content_type
+        str = response.body
+      else
+        str = open(url).read
+      end
+
+      case content_type
+      when 'application/atom+xml', 'application/rss+xml', 'application/xml',
+           'xml', 'atom', 'rss', 'atom+xml', 'rss+xml'
+        xml_str = str
+
+        self.feed_from_string(xml_str, content_type)
+      when 'text/html'
+        html_str = str
+
+        # Discover the feed
+        doc = Nokogiri::HTML::Document.parse(html_str)
+        links = doc.xpath("//link[@rel='alternate']").map {|el|
+          {:type => el.attributes['type'].to_s,
+           :href => el.attributes['href'].to_s}
+        }.select{|e|
+          MIME_ORDER.include? e[:type]
+        }.sort {|a, b|
+          MIME_ORDER.index(a[:type]) <=>
+          MIME_ORDER.index(b[:type])
+        }
+
+        return nil if links.empty?
+
+        href = links.first[:href]
+        if href.start_with? "/"
+          # Append domain from what we know
+          uri = URI::parse(url) rescue URI.new
+          href = "#{uri.scheme}://#{uri.host}#{uri.port == 80 ? "" : ":#{uri.port}"}#{href}"
+        end
+
+        # Resolve relative links
+        link = URI::parse(href) rescue URI.new
+
+        unless link.scheme
+          link.scheme = URI::parse(url).scheme
+        end
+
+        unless link.host
+          link.host = URI::parse(url).host rescue nil
+        end
+
+        unless link.absolute?
+          link.path = File::dirname(URI::parse(url).path) \
+            + '/' + link.path rescue nil
+        end
+
+        url = link.to_s
+        Nelumba::Discover.feed(url, links.first[:type])
+      end
+    end
+
+    # Yield a Nelumba::Feed from the given string content.
+    def self.feed_from_string(string, content_type = nil)
+      # Atom is default type to attempt to retrieve
+      content_type ||= "application/atom+xml"
+
+      case content_type
+      when 'application/atom+xml', 'application/rss+xml', 'application/xml'
+        Nelumba::Atom::Feed.new(XML::Reader.string(string)).to_canonical
+      end
+    end
+
+    def self.activity(url)
+      self.activity_from_url(url)
+    end
+
+    # Yield a Nelumba::Activity from the given url.
+    def self.activity_from_url(url, content_type = nil)
+      # Atom is default type to attempt to retrieve
+      content_type ||= "application/atom+xml"
+
+      response = Nelumba::Discover.pull_url(url, content_type)
+
+      return nil unless response.is_a?(Net::HTTPSuccess)
+
+      content_type = response.content_type
+
+      case content_type
+      when 'application/atom+xml', 'application/rss+xml', 'application/xml'
+        xml_str = response.body
+        self.entry_from_string(xml_str, response.content_type)
+      end
+    end
+
+    # Yield a Nelumba::Activity from the given string content.
+    def self.activity_from_string(string, content_type = "application/atom+xml")
+      content_type ||= "application/atom+xml"
+
+      case content_type
+      when 'application/atom+xml', 'application/rss+xml', 'application/xml'
+        Nelumba::Atom::Entry.new(XML::Reader.string(string)).to_canonical
+      end
+    end
+
+    private
+
+    # :nodoc:
+    def self.pull_url(url, accept = nil, limit = 10)
+      # Atom is default type to attempt to retrieve
+      accept ||= ["application/atom+xml",
+                  "application/xml"]
+
+      if accept.is_a? String
+        accept = [accept]
+      end
+
+      uri = URI(url)
+      request = Net::HTTP::Get.new(uri.request_uri)
+      request['Accept'] = accept.join(',')
+      request['User-Agent'] = 'nelumba'
+
+      http = Net::HTTP.new(uri.hostname, uri.port)
+      if uri.scheme == 'https'
+        http.use_ssl = true
+        http.verify_mode = OpenSSL::SSL::VERIFY_PEER
+      end
+
+      response = http.request(request)
+
+      if response.is_a?(Net::HTTPRedirection) && limit > 0
+        location = response['location']
+        Nelumba::Discover.pull_url(location, accept, limit - 1)
+      else
+        response
+      end
+
+      rescue OpenSSL::SSL::SSLError
+        return nil
+    end
+
+    # :nodoc:
+    def self.find_link(xrd, rel)
+      links = xrd.xpath("/xmlns:XRD/xmlns:Link")
+      link = links.select{|link| link.attr('rel').downcase == rel }.first
+      return nil if link.nil?
+      link.attr('template') || link.attr('href')
+    end
+  end
+end