From 27e8b70412487c6812369d80e331764d90c97500 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= Date: Wed, 20 Mar 2019 15:09:38 +0100 Subject: [PATCH] Fix lint and refactor cc @Mastercuber Send out an activity should be the responsibility of the middleware. --- .../security/httpSignature.spec.js | 20 ++++----- src/activitypub/utils/index.js | 4 +- src/jwt/decode.js | 2 +- src/middleware/activityPubMiddleware.js | 40 ++++++++++++++++- src/resolvers/posts.js | 43 +------------------ 5 files changed, 54 insertions(+), 55 deletions(-) diff --git a/src/activitypub/security/httpSignature.spec.js b/src/activitypub/security/httpSignature.spec.js index bddb05ea9..fc7e69479 100644 --- a/src/activitypub/security/httpSignature.spec.js +++ b/src/activitypub/security/httpSignature.spec.js @@ -1,16 +1,16 @@ import { generateRsaKeyPair, createSignature, verifySignature } from '.' import crypto from 'crypto' -jest.mock('request') import request from 'request' +jest.mock('request') let privateKey let publicKey let headers -const passphrase = "a7dsf78sadg87ad87sfagsadg78" +const passphrase = 'a7dsf78sadg87ad87sfagsadg78' describe('activityPub/security', () => { beforeEach(() => { - const pair = generateRsaKeyPair({passphrase}) + const pair = generateRsaKeyPair({ passphrase }) privateKey = pair.privateKey publicKey = pair.publicKey headers = { @@ -29,7 +29,7 @@ describe('activityPub/security', () => { const signer = crypto.createSign('rsa-sha256') signer.update('(request-target): post /activitypub/users/max/inbox\ndate: 2019-03-08T14:35:45.759Z\nhost: democracy-app.de\ncontent-type: application/json') signatureB64 = signer.sign({ key: privateKey, passphrase: 'a7dsf78sadg87ad87sfagsadg78' }, 'base64') - httpSignature = createSignature({privateKey, keyId: 'https://human-connection.org/activitypub/users/lea#main-key', url: 'https://democracy-app.de/activitypub/users/max/inbox', headers, passphrase}) + httpSignature = createSignature({ privateKey, keyId: 'https://human-connection.org/activitypub/users/lea#main-key', url: 'https://democracy-app.de/activitypub/users/max/inbox', headers, passphrase }) }) it('contains keyId', () => { @@ -54,12 +54,12 @@ describe('activityPub/security', () => { let httpSignature beforeEach(() => { - httpSignature = createSignature({privateKey, keyId: 'http://localhost:4001/activitypub/users/test-user#main-key', url: 'https://democracy-app.de/activitypub/users/max/inbox', headers, passphrase}) - const body = { - "publicKey":{ - "id":"https://localhost:4001/activitypub/users/test-user#main-key", - "owner":"https://localhost:4001/activitypub/users/test-user", - "publicKeyPem": publicKey + httpSignature = createSignature({ privateKey, keyId: 'http://localhost:4001/activitypub/users/test-user#main-key', url: 'https://democracy-app.de/activitypub/users/max/inbox', headers, passphrase }) + const body = { + 'publicKey': { + 'id': 'https://localhost:4001/activitypub/users/test-user#main-key', + 'owner': 'https://localhost:4001/activitypub/users/test-user', + 'publicKeyPem': publicKey } } diff --git a/src/activitypub/utils/index.js b/src/activitypub/utils/index.js index 6940ca082..c48e15e3d 100644 --- a/src/activitypub/utils/index.js +++ b/src/activitypub/utils/index.js @@ -75,7 +75,9 @@ export function signAndSend (activity, fromName, targetDomain, url) { headers: { 'Host': targetDomain, 'Date': date, - 'Signature': createSignature({privateKey, keyId: `http://${activityPub.domain}/activitypub/users/${fromName}#main-key`, url, + 'Signature': createSignature({ privateKey, + keyId: `http://${activityPub.domain}/activitypub/users/${fromName}#main-key`, + url, headers: { 'Host': targetDomain, 'Date': date, diff --git a/src/jwt/decode.js b/src/jwt/decode.js index 6abc06dc1..e8305a83b 100644 --- a/src/jwt/decode.js +++ b/src/jwt/decode.js @@ -13,7 +13,7 @@ export default async (driver, authorizationHeader) => { const session = driver.session() const query = ` MATCH (user:User {id: {id} }) - RETURN user {.id, .slug, .name, .avatar, .email, .role, .disabled} + RETURN user {.id, .slug, .name, .avatar, .email, .role, .disabled, .actorId} LIMIT 1 ` const result = await session.run(query, { id }) diff --git a/src/middleware/activityPubMiddleware.js b/src/middleware/activityPubMiddleware.js index 2fcd04729..6c737faff 100644 --- a/src/middleware/activityPubMiddleware.js +++ b/src/middleware/activityPubMiddleware.js @@ -1,12 +1,50 @@ import { generateRsaKeyPair } from '../activitypub/security' import { activityPub } from '../activitypub/ActivityPub' +import as from 'activitystrea.ms' +import dotenv from 'dotenv' + +const debug = require('debug')('backend:schema') +dotenv.config() export default { Mutation: { CreatePost: async (resolve, root, args, context, info) => { args.activityId = activityPub.generateStatusId(context.user.slug) args.objectId = activityPub.generateStatusId(context.user.slug) - return resolve(root, args, context, info) + + const post = await resolve(root, args, context, info) + + const { user: author } = context + const actorId = author.actorId + debug(`actorId = ${actorId}`) + const createActivity = await new Promise((resolve, reject) => { + as.create() + .id(`${actorId}/status/${args.activityId}`) + .actor(`${actorId}`) + .object( + as.article() + .id(`${actorId}/status/${post.id}`) + .content(post.content) + .to('https://www.w3.org/ns/activitystreams#Public') + .publishedNow() + .attributedTo(`${actorId}`) + ).prettyWrite((err, doc) => { + if (err) { + reject(err) + } else { + debug(doc) + const parsedDoc = JSON.parse(doc) + parsedDoc.send = true + resolve(JSON.stringify(parsedDoc)) + } + }) + }) + try { + await activityPub.sendActivity(createActivity) + } catch (e) { + debug(`error sending post activity\n${e}`) + } + return post }, CreateUser: async (resolve, root, args, context, info) => { const keys = generateRsaKeyPair() diff --git a/src/resolvers/posts.js b/src/resolvers/posts.js index de5cd8282..5b06c38fa 100644 --- a/src/resolvers/posts.js +++ b/src/resolvers/posts.js @@ -1,13 +1,4 @@ import { neo4jgraphql } from 'neo4j-graphql-js' -import as from 'activitystrea.ms' -import dotenv from 'dotenv' -/* -import as from 'activitystrea.ms' -import request from 'request' -*/ - -const debug = require('debug')('backend:schema') -dotenv.config() export default { Mutation: { @@ -15,7 +6,7 @@ export default { const result = await neo4jgraphql(object, params, context, resolveInfo, false) const session = context.driver.session() - const author = await session.run( + await session.run( 'MATCH (author:User {id: $userId}), (post:Post {id: $postId}) ' + 'MERGE (post)<-[:WROTE]-(author) ' + 'RETURN author', { @@ -25,38 +16,6 @@ export default { ) session.close() - debug(`actorId = ${author.records[0]._fields[0].properties.actorId}`) - if (Array.isArray(author.records) && author.records.length > 0) { - const actorId = author.records[0]._fields[0].properties.actorId - const createActivity = await new Promise((resolve, reject) => { - as.create() - .id(`${actorId}/status/${params.activityId}`) - .actor(`${actorId}`) - .object( - as.article() - .id(`${actorId}/status/${result.id}`) - .content(result.content) - .to('https://www.w3.org/ns/activitystreams#Public') - .publishedNow() - .attributedTo(`${actorId}`) - ).prettyWrite((err, doc) => { - if (err) { - reject(err) - } else { - debug(doc) - const parsedDoc = JSON.parse(doc) - parsedDoc.send = true - resolve(JSON.stringify(parsedDoc)) - } - }) - }) - try { - await activityPub.sendActivity(createActivity) - } catch (e) { - debug(`error sending post activity\n${e}`) - } - } - return result } }