-- Leo's gemini proxy
-- Connecting to git.thebackupbox.net:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini
repo: actpub action: commit revision: path_from: revision_from: 0eb5e05230c59dbb438d116a396ea6f44f387b1c: path_to: revision_to:
commit 0eb5e05230c59dbb438d116a396ea6f44f387b1c
Author: epoch <epoch@thebackupbox.net>
Date: Fri Feb 3 00:53:43 2023 -0600
mainly just added signed-post.sh. I can use it to follow and like things :D
diff --git a/geticon b/geticon
--- a/geticon +++ b/geticon @@ -1,5 +1,6 @@ #!/bin/sh ./getobject "$1" \ | jq -r .icon.url \ - | xargs curl \ + | tr '\n' '\0' \ + | xargs -0 curl -g \ | img2sixel -w 200 - diff --git a/getimage b/getimage
--- a/getimage
+++ b/getimage
@@ -1,5 +1,5 @@
#!/bin/sh
./getobject "$1" \
| jq -r .image.url \
- | xargs curl \
+ | xargs curl -g \
| img2sixel -w 100% -
diff --git a/getpubkey b/getpubkey
new file mode 100755
index 0000000000000000000000000000000000000000..7968edf317e7f13946e1c7901f11bbb782e48daa
--- /dev/null
+++ b/getpubkey
@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+HTTPSIG_KEYID="https://thebackupbox.net/~epoch/#main-key"
+curl -sH 'Accept: application/activity+json' "${HTTPSIG_KEYID}" | jq '. | to_entries | .[].value | select(if type == "object" then . else null end) | select(if .id == "'"${HTTPSIG_KEYID}"'" then . else null end) | .publicKeyPem' | jq -r
diff --git a/signed-post.sh b/signed-post.sh
new file mode 100755
index 0000000000000000000000000000000000000000..e0d79b64e0f9d100e74f0fdc3fa7653ee611d681
--- /dev/null
+++ b/signed-post.sh
@@ -0,0 +1,66 @@
+#!/usr/bin/env bash
+
+date="$(rfc7231date)"
+
+## this is static
+context="https://www.w3.org/ns/activitystreams"
+
+## TODO: figure out if these have to mean anything
+id="https://thebackupbox.net/$(uuidgen)"
+
+## TODO: get the type from $1
+type="$1"
+#type="Like"
+type="Follow"
+
+## actor should be grabbed from a config file, or you know, static since only I'm going to use this.
+actor="https://thebackupbox.net/~epoch/"
+
+## TODO: get the object from $2
+object="$2"
+object="https://hackers.town/@thegibson"
+#object="https://thebackupbox.net/~epoch/"
+#target_inbox="$(./getinboxuri epoch@thebackupbox.net)"
+target_inbox="$(./getinboxuri thegibson@hackers.town)"
+
+host="$(printf "%s\n" "$object" | uricut -d)"
+
+if [ ! "$1" -o ! "$2" ];then
+ printf "usage: ./action <Like|Follow|etc> object\n" >&2
+ exit 1
+fi
+
+#TODO: extact the inbox to use based on the object, not just hard-coding the target's user@host here
+#target_inbox="$(./getinboxuri epoch@thebackupbox.net)"
+target_inbox_path="$(printf "%s\n" "${target_inbox}" | uricut -p)"
+
+POST_DATA='{"@context":"'"$context"'","id":"'"$id"'","type":"'"$type"'","actor":"'"$actor"'","object":"'"$object"'"}'
+
+HTTP_DIGEST="SHA-256=$(printf "%s" "$POST_DATA" | openssl sha256 | cut '-d ' -f2- | xxd -r -p | base64)"
+
+printf "digest: %s\n" "${HTTP_DIGEST}"
+
+HTTPSIG_KEYID="https://thebackupbox.net/~epoch/#main-key"
+HTTPSIG_HEADERS="(request-target) host date digest content-type"
+HTTPSIG_ALGO="rsa-sha256"
+CONTENT_TYPE="application/activity+json"
+
+SIGNED_STRING="(request-target): post ${target_inbox_path}
+host: $host
+date: $date
+digest: $HTTP_DIGEST
+content-type: $CONTENT_TYPE"
+
+HTTPSIG_SIGNATURE="$(openssl dgst -sha256 -sign private.pem <(printf "%s" "${SIGNED_STRING}") | base64 | tr -d '\n')"
+HTTP_SIGNATURE='keyId="'"${HTTPSIG_KEYID}"'",algorithm="'"${HTTPSIG_ALGO}"'",headers="'"${HTTPSIG_HEADERS}"'",signature="'"${HTTPSIG_SIGNATURE}"'"'
+
+curl \
+ --data-raw "${POST_DATA}" \
+ -H "Accept: application/activity+json" \
+ -H "Signature: $HTTP_SIGNATURE" \
+ -H "Date: $date" \
+ -H "Digest: $HTTP_DIGEST" \
+ -H "Content-Type: $CONTENT_TYPE" \
+ -g "$target_inbox"
+
+echo "$SIGNED_STRING"
-----END OF PAGE-----
-- Response ended
-- Page fetched on Sun Jun 2 17:51:02 2024