hailey.at / cocoon
An atproto PDS written in Go
fork atom

cleanup proxying a bit

hailey.at 5863a209 646353f3

options
unified split
Changed files
+26 -14
server
handle_proxy.go
+26 -14
server/handle_proxy.go 
···

       
17

       
 

       
	secp256k1secec "gitlab.com/yawning/secp256k1-voi/secec"


     

       
18

       
 

       
)


     

       
19

       
 

       



     

       
20

       
-

       
func (s *Server) handleProxy(e echo.Context) error {


     

       
21

       
-

       
	repo, isAuthed := e.Get("repo").(*models.RepoActor)


     

       
22

       
-

       



     

       
23

       
-

       
	pts := strings.Split(e.Request().URL.Path, "/")


     

       
24

       
-

       
	if len(pts) != 3 {


     

       
25

       
-

       
		return fmt.Errorf("incorrect number of parts")


     

       
26

       
-

       
	}


     

       
27

       
-

       



     

       
28

       
 

       
	svc := e.Request().Header.Get("atproto-proxy")


     

       
29

       
 

       
	if svc == "" {


     

       
30

       
 

       
		svc = s.config.DefaultAtprotoProxy


     
···

       
32

       
 

       



     

       
33

       
 

       
	svcPts := strings.Split(svc, "#")


     

       
34

       
 

       
	if len(svcPts) != 2 {


     

       
35

       
-

       
		return fmt.Errorf("invalid service header")


     

       
36

       
 

       
	}


     

       
37

       
 

       



     

       
38

       
 

       
	svcDid := svcPts[0]


     
···

       
40

       
 

       



     

       
41

       
 

       
	doc, err := s.passport.FetchDoc(e.Request().Context(), svcDid)


     

       
42

       
 

       
	if err != nil {


     

       
43

       
-

       
		return err


     

       
44

       
 

       
	}


     

       
45

       
 

       



     

       
46

       
 

       
	var endpoint string


     
···

       
50

       
 

       
		}


     

       
51

       
 

       
	}


     

       
52

       
 

       



     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
53

       
 

       
	requrl := e.Request().URL


     

       
54

       
 

       
	requrl.Host = strings.TrimPrefix(endpoint, "https://")


     

       
55

       
 

       
	requrl.Scheme = "https"


     
···

       
78

       
 

       
		}


     

       
79

       
 

       
		hj, err := json.Marshal(header)


     

       
80

       
 

       
		if err != nil {


     

       
81

       
-

       
			s.logger.Error("error marshaling header", "error", err)


     

       
82

       
 

       
			return helpers.ServerError(e, nil)


     

       
83

       
 

       
		}


     

       
84

       
 

       



     
···

       
93

       
 

       
		}


     

       
94

       
 

       
		pj, err := json.Marshal(payload)


     

       
95

       
 

       
		if err != nil {


     

       
96

       
-

       
			s.logger.Error("error marashaling payload", "error", err)


     

       
97

       
 

       
			return helpers.ServerError(e, nil)


     

       
98

       
 

       
		}


     

       
99

       
 

       



     
···

       
104

       
 

       



     

       
105

       
 

       
		sk, err := secp256k1secec.NewPrivateKey(repo.SigningKey)


     

       
106

       
 

       
		if err != nil {


     

       
107

       
-

       
			s.logger.Error("can't load private key", "error", err)


     

       
108

       
 

       
			return err


     

       
109

       
 

       
		}


     

       
110

       
 

       



     

       
111

       
 

       
		R, S, _, err := sk.SignRaw(rand.Reader, hash[:])


     

       
112

       
 

       
		if err != nil {


     

       
113

       
-

       
			s.logger.Error("error signing", "error", err)


     

       
114

       
 

       
		}


     

       
115

       
 

       



     

       
116

       
 

       
		rBytes := R.Bytes()


     
···

       
17

       
 

       
	secp256k1secec "gitlab.com/yawning/secp256k1-voi/secec"


     

       
18

       
 

       
)


     

       
19

       
 

       



     

       
20

       
+

       
func (s *Server) getAtprotoProxyEndpointFromRequest(e echo.Context) (string, string, error) {


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
21

       
 

       
	svc := e.Request().Header.Get("atproto-proxy")


     

       
22

       
 

       
	if svc == "" {


     

       
23

       
 

       
		svc = s.config.DefaultAtprotoProxy


     
···

       
25

       
 

       



     

       
26

       
 

       
	svcPts := strings.Split(svc, "#")


     

       
27

       
 

       
	if len(svcPts) != 2 {


     

       
28

       
+

       
		return "", "", fmt.Errorf("invalid service header")


     

       
29

       
 

       
	}


     

       
30

       
 

       



     

       
31

       
 

       
	svcDid := svcPts[0]


     
···

       
33

       
 

       



     

       
34

       
 

       
	doc, err := s.passport.FetchDoc(e.Request().Context(), svcDid)


     

       
35

       
 

       
	if err != nil {


     

       
36

       
+

       
		return "", "", err


     

       
37

       
 

       
	}


     

       
38

       
 

       



     

       
39

       
 

       
	var endpoint string


     
···

       
43

       
 

       
		}


     

       
44

       
 

       
	}


     

       
45

       
 

       



     

       
46

       
+

       
	return endpoint, "", nil


     

       
47

       
+

       
}


     

       
48

       
+

       



     

       
49

       
+

       
func (s *Server) handleProxy(e echo.Context) error {


     

       
50

       
+

       
	lgr := s.logger.With("handler", "handleProxy")


     

       
51

       
+

       



     

       
52

       
+

       
	repo, isAuthed := e.Get("repo").(*models.RepoActor)


     

       
53

       
+

       



     

       
54

       
+

       
	pts := strings.Split(e.Request().URL.Path, "/")


     

       
55

       
+

       
	if len(pts) != 3 {


     

       
56

       
+

       
		return fmt.Errorf("incorrect number of parts")


     

       
57

       
+

       
	}


     

       
58

       
+

       



     

       
59

       
+

       
	endpoint, svcDid, err := s.getAtprotoProxyEndpointFromRequest(e)


     

       
60

       
+

       
	if err != nil {


     

       
61

       
+

       
		lgr.Error("could not get atproto proxy", "error", err)


     

       
62

       
+

       
		return helpers.ServerError(e, nil)


     

       
63

       
+

       
	}


     

       
64

       
+

       



     

       
65

       
 

       
	requrl := e.Request().URL


     

       
66

       
 

       
	requrl.Host = strings.TrimPrefix(endpoint, "https://")


     

       
67

       
 

       
	requrl.Scheme = "https"


     
···

       
90

       
 

       
		}


     

       
91

       
 

       
		hj, err := json.Marshal(header)


     

       
92

       
 

       
		if err != nil {


     

       
93

       
+

       
			lgr.Error("error marshaling header", "error", err)


     

       
94

       
 

       
			return helpers.ServerError(e, nil)


     

       
95

       
 

       
		}


     

       
96

       
 

       



     
···

       
105

       
 

       
		}


     

       
106

       
 

       
		pj, err := json.Marshal(payload)


     

       
107

       
 

       
		if err != nil {


     

       
108

       
+

       
			lgr.Error("error marashaling payload", "error", err)


     

       
109

       
 

       
			return helpers.ServerError(e, nil)


     

       
110

       
 

       
		}


     

       
111

       
 

       



     
···

       
116

       
 

       



     

       
117

       
 

       
		sk, err := secp256k1secec.NewPrivateKey(repo.SigningKey)


     

       
118

       
 

       
		if err != nil {


     

       
119

       
+

       
			lgr.Error("can't load private key", "error", err)


     

       
120

       
 

       
			return err


     

       
121

       
 

       
		}


     

       
122

       
 

       



     

       
123

       
 

       
		R, S, _, err := sk.SignRaw(rand.Reader, hash[:])


     

       
124

       
 

       
		if err != nil {


     

       
125

       
+

       
			lgr.Error("error signing", "error", err)


     

       
126

       
 

       
		}


     

       
127

       
 

       



     

       
128

       
 

       
		rBytes := R.Bytes()