ostatus2 0.1.0 → 0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 73f059441105cb19ff006d6e1e73b3e4a6f1e480
-  data.tar.gz: 578ef3a4bedebe13ea5eb673082c24ff6ea1a8f0
+  metadata.gz: 53864441f9a3c0a536a52f316390630d8982ccbf
+  data.tar.gz: c8699fed6438b98e12c82075c3aecdd3ca98bf6c
 SHA512:
-  metadata.gz: eb93203d24dab71975713420ed7fd17b5c03efa10aa296193800612c0f7d657d14df20bfac8d7e24c04ac5f98ceb0fc863f8058e1fbe3160e392df3693164212
-  data.tar.gz: 72c752cd43c93434b650b14f46148892d69e17c81fd247ca1bea6dca86e995154c26001aba025fe38bb65b4724eed6ec538ec000d26b18fa2d503cb23f6bf1c2
+  metadata.gz: 0f5b426461d8508c31d82fc40253eddaaf06d45ed848324edfdc96186d28b71b2dd1bb6a62973659bbfbd5fa613698fce6a04f9336159d4733f74037e3ecfca1
+  data.tar.gz: 488bd014fe2b8d546e28e191eb48a07a3b9805e1e81020f958bfbebef21eded45fb654d3d205d941b38f93cde60155ff73051f8a0288d0b97ba85037a728cdee

data/README.md

@@ -1,5 +1,5 @@
 OStatus2
-========
+==========
 
 [![Gem Version](http://img.shields.io/gem/v/ostatus2.svg)][gem]
 [![Build Status](http://img.shields.io/travis/Gargron/ostatus2.svg)][travis]
@@ -14,8 +14,6 @@ A Ruby toolset for interacting with the OStatus suite of protocols:
 * Subscribing to and publishing feeds via PubSubHubbub
 * Interacting with feeds via Salmon
 
-The 2 in the name is not a reference to any protocol version. There used to be a different Ruby gem called "ostatus" which this one seeks to replace.
-
 ## Installation
 
     gem install ostatus2

data/lib/ostatus2/publication.rb

@@ -0,0 +1,23 @@
+module OStatus2
+  class Publication
+    # @param [String] url Topic URL
+    # @param [Array] hubs URLs of the hubs which should be notified about the update
+    def initialize(url, hubs = [])
+      @url  = url
+      @hubs = hubs.map { |hub_url| Addressable::URI.parse(hub_url) }
+    end
+
+    # Notifies hubs about the update to the topic URL
+    # @raise [HTTP::Error] Error raised upon delivery failure
+    # @raise [OpenSSL::SSL::SSLError] Error raised upon SSL-related failure during delivery
+    def publish
+      @hubs.each { |hub| http_client.post(hub, form: { 'hub.mode' => 'publish', 'hub.url' => @url }) }
+    end
+
+    private
+
+    def http_client
+      HTTP
+    end
+  end
+end

data/lib/ostatus2/salmon.rb

@@ -0,0 +1,85 @@
+module OStatus2
+  class Salmon
+    XMLNS = 'http://salmon-protocol.org/ns/magic-env'
+
+    # Create a magical envelope XML document around the original body
+    # and sign it with a private key
+    # @param [String] body
+    # @param [OpenSSL::PKey::RSA] key The private part of the key will be used
+    # @return [String] Magical envelope XML
+    def pack(body, key)
+      signed    = plaintext_signature(body, 'application/atom+xml', 'base64url', 'RSA-SHA256')
+      signature = Base64.urlsafe_encode64(key.sign(digest, signed))
+
+      Nokogiri::XML::Builder.new do |xml|
+        xml['me'].env({ 'xmlns:me' => XMLNS }) do
+          xml['me'].data({ type: 'application/atom+xml' }, Base64.urlsafe_encode64(body))
+          xml['me'].encoding('base64url')
+          xml['me'].alg('RSA-SHA256')
+          xml['me'].sig({ key_id: Base64.urlsafe_encode64(key.public_key.to_s) }, signature)
+        end
+      end.to_xml
+    end
+
+    # Deliver the magical envelope to a Salmon endpoint
+    # @param [String] salmon_url Salmon endpoint URL
+    # @param [String] envelope Magical envelope
+    # @raise [HTTP::Error] Error raised upon delivery failure
+    # @raise [OpenSSL::SSL::SSLError] Error raised upon SSL-related failure during delivery
+    # @return [HTTP::Response]
+    def post(salmon_url, envelope)
+      http_client.headers(HTTP::Headers::CONTENT_TYPE => 'application/magic-envelope+xml').post(Addressable::URI.parse(salmon_url), body: envelope)
+    end
+
+    # Unpack a magical envelope to get the content inside
+    # @param [String] raw_body Magical envelope
+    # @raise [OStatus2::BadSalmonError] Error raised if the envelope is malformed
+    # @return [String] Content inside the envelope
+    def unpack(raw_body)
+      body, _, _ = parse(raw_body)
+      body
+    end
+
+    # Verify the magical envelope's integrity
+    # @param [String] raw_body Magical envelope
+    # @param [OpenSSL::PKey::RSA] key The public part of the key will be used
+    # @return [Boolean]
+    def verify(raw_body, key)
+      _, plaintext, signature = parse(raw_body)
+      key.public_key.verify(digest, signature, plaintext)
+    rescue OStatus2::BadSalmonError
+      false
+    end
+
+    private
+
+    def http_client
+      HTTP
+    end
+
+    def digest
+      OpenSSL::Digest::SHA256.new
+    end
+
+    def parse(raw_body)
+      xml = Nokogiri::XML(raw_body)
+
+      raise OStatus2::BadSalmonError if xml.at_xpath('//me:data').nil? || xml.at_xpath('//me:data').attribute('type').nil? || xml.at_xpath('//me:sig').nil? || xml.at_xpath('//me:encoding').nil? || xml.at_xpath('//me:alg').nil?
+
+      data      = xml.at_xpath('//me:data')
+      type      = data.attribute('type').value
+      body      = Base64::urlsafe_decode64(data.content)
+      sig       = xml.at_xpath('//me:sig')
+      signature = Base64::urlsafe_decode64(sig.content)
+      encoding  = xml.at_xpath('//me:encoding').content
+      alg       = xml.at_xpath('//me:alg').content
+      plaintext = plaintext_signature(body, type, encoding, alg)
+
+      [body, plaintext, signature]
+    end
+
+    def plaintext_signature(data, type, encoding, alg)
+      [data, type, encoding, alg].map { |i| Base64.urlsafe_encode64(i) }.join('.')
+    end
+  end
+end

data/lib/ostatus2/subscription.rb

@@ -0,0 +1,62 @@
+module OStatus2
+  class Subscription
+    # @param [String] topic_url The URL of the topic of the subscription
+    # @param [Hash] options
+    # @option options [String] :webhook Webhook URL
+    # @option options [String] :hub Hub URL to work with
+    # @option options [String] :secret Secret key of the subscription
+    # @option options [String] :token Verification token of the subscription
+    def initialize(topic_url, options = {})
+      @topic_url   = topic_url
+      @webhook_url = options[:webhook] || ''
+      @secret      = options[:secret]  || ''
+      @token       = options[:token]   || ''
+      @hub         = options[:hub]     || ''
+    end
+
+    # Subscribe to the topic via a specified hub
+    # @raise [HTTP::Error] Error raised upon delivery failure
+    # @raise [OpenSSL::SSL::SSLError] Error raised upon SSL-related failure during delivery
+    # @return [Boolean]
+    def subscribe
+      update_subscription(:subscribe)
+    end
+
+    # Unsubscribe from the topic via a specified hub
+    # @raise [HTTP::Error] Error raised upon delivery failure
+    # @raise [OpenSSL::SSL::SSLError] Error raised upon SSL-related failure during delivery
+    # @return [Boolean]
+    def unsubscribe
+      update_subscription(:unsubscribe)
+    end
+
+    # Check if the hub is responding to the right subscription request
+    # @param [String] topic_url A hub.topic from the hub
+    # @param [String] token A hub.verify_token from the hub
+    # @return [Boolean]
+    def valid?(topic_url, token)
+      @topic_url == topic_url && @token == token
+    end
+
+    # Verify that the feed contents were meant for this subscription
+    # @param [String] content
+    # @param [String] signature
+    # @return [Boolean]
+    def verify(content, signature)
+      hmac = OpenSSL::HMAC.hexdigest('sha1', @secret, content)
+      signature == "sha1=#{hmac}"
+    end
+
+    private
+
+    def update_subscription(mode)
+      hub_url  = Addressable::URI.parse(@hub)
+      response = http_client.post(hub_url, form: { 'hub.mode' => mode.to_s, 'hub.callback' => @webhook_url, 'hub.verify' => 'async', 'hub.verify_token' => @token, 'hub.lease_seconds' => '', 'hub.secret' => @secret, 'hub.topic' => @topic_url })
+      response.code == 200
+    end
+
+    def http_client
+      HTTP
+    end
+  end
+end

data/lib/ostatus2/version.rb

@@ -0,0 +1,3 @@
+module OStatus2
+  VERSION = "0.1.1"
+end

data/lib/ostatus2.rb

@@ -0,0 +1,18 @@
+require 'base64'
+require 'openssl'
+require 'http'
+require 'addressable'
+require 'nokogiri'
+
+require 'ostatus2/version'
+require 'ostatus2/publication'
+require 'ostatus2/subscription'
+require 'ostatus2/salmon'
+
+module OStatus2
+  class Error < StandardError
+  end
+
+  class BadSalmonError < Error
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ostatus2
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - Eugen Rochko
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-02-19 00:00:00.000000000 Z
+date: 2016-02-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: http
@@ -58,15 +58,15 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.8'
+        version: '1.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.8'
-description: Toolset for interacting with the OStatus suite of protocols
+        version: '1.3'
+description: Toolset for interacting with the OStatus2 suite of protocols
 email:
 - eugen@zeonfederated.com
 executables: []
@@ -74,6 +74,11 @@ extensions: []
 extra_rdoc_files: []
 files:
 - README.md
+- lib/ostatus2.rb
+- lib/ostatus2/publication.rb
+- lib/ostatus2/salmon.rb
+- lib/ostatus2/subscription.rb
+- lib/ostatus2/version.rb
 homepage: https://github.com/Gargron/ostatus2
 licenses:
 - MIT
@@ -97,6 +102,6 @@ rubyforge_project:
 rubygems_version: 2.4.6
 signing_key: 
 specification_version: 4
-summary: Toolset for interacting with the OStatus suite of protocols
+summary: Toolset for interacting with the OStatus2 suite of protocols
 test_files: []
 has_rdoc: