commit 69d717a0be1e71e9ffcd63f1754125380999f482 · nekomimi.pet/microcosm-rs

+8 -12

pocket/src/server.rs

···

       4
       4
        
           endpoint::{StaticFileEndpoint, make_sync},

     

       5
       5
        
           http::Method,

     

       6
       6
        
           listener::TcpListener,

     

       7
       7
       -
           middleware::{CatchPanic, Cors, Tracing},

     

       7
       7
       +
           middleware::{CatchPanic, Cors, SizeLimit, Tracing},

     

       8
       8
        
       };

     

       9
       9
        
       use poem_openapi::{

     

       10
       10
        
           ApiResponse, ContactObject, ExternalDocumentObject, Object, OpenApi, OpenApiService,

     
···

       94
       94
        
           verifier: TokenVerifier,

     

       95
       95
        
       }

     

       96
       96
        
       

     

       97
       97
       -
       // app.bsky.actor.getPreferences

     

       98
       98
       -
       // com.bad-example.pocket.getPreferences

     

       99
       99
       -
       

     

       100
       97
        
       #[OpenApi]

     

       101
       98
        
       impl Xrpc {

     

       102
       99
        
           /// com.bad-example.pocket.getPreferences

     

       103
       100
        
           ///

     

       104
       104
       -
           /// get stored bluesky prefs

     

       101
       101
       +
           /// get stored preferencess

     

       105
       102
        
           #[oai(

     

       106
       106
       -
               path = "/app.bsky.actor.getPreferences",

     

       103
       103
       +
               path = "/com.bad-example.pocket.getPreferences",

     

       107
       104
        
               method = "get",

     

       108
       105
        
               tag = "ApiTags::Pocket"

     

       109
       106
        
           )]

     

       110
       110
       -
           async fn app_bsky_get_prefs(&self, XrpcAuth(auth): XrpcAuth) -> GetBskyPrefsResponse {

     

       107
       107
       +
           async fn pocket_get_prefs(&self, XrpcAuth(auth): XrpcAuth) -> GetBskyPrefsResponse {

     

       111
       108
        
               let (did, aud) = match self

     

       112
       109
        
                   .verifier

     

       113
       113
       -
                   .verify("app.bsky.actor.getPreferences", &auth.token)

     

       110
       110
       +
                   .verify("com.bad-example.pocket.getPreferences", &auth.token)

     

       114
       111
        
                   .await

     

       115
       112
        
               {

     

       116
       113
        
                   Ok(d) => d,

     
···

       129
       126
        
               method = "post",

     

       130
       127
        
               tag = "ApiTags::Pocket"

     

       131
       128
        
           )]

     

       132
       132
       -
           async fn app_bsky_put_prefs(

     

       129
       129
       +
           async fn pocket_put_prefs(

     

       133
       130
        
               &self,

     

       134
       131
        
               XrpcAuth(auth): XrpcAuth,

     

       135
       132
        
               Json(prefs): Json<Value>,

     

       136
       133
        
           ) -> PutBskyPrefsResponse {

     

       137
       134
        
               let (did, aud) = match self

     

       138
       135
        
                   .verifier

     

       139
       139
       -
                   .verify("app.bsky.actor.getPreferences", &auth.token)

     

       136
       136
       +
                   .verify("com.bad-example.pocket.putPreferences", &auth.token)

     

       140
       137
        
                   .await

     

       141
       138
        
               {

     

       142
       139
        
                   Ok(d) => d,

     
···

       168
       165
        
               service: [

     

       169
       166
        
                   AppViewService {

     

       170
       167
        
                       id: "#pocket_prefs".to_string(),

     

       171
       171
       -
                       // id: "#bsky_appview".to_string(),

     

       172
       168
        
                       r#type: "PocketPreferences".to_string(),

     

       173
       169
        
                       service_endpoint: format!("https://{domain}"),

     

       174
       170
        
                   },

     

       175
       171
        
                   AppViewService {

     

       176
       172
        
                       id: "#bsky_appview".to_string(),

     

       177
       177
       -
                       // id: "#bsky_appview".to_string(),

     

       178
       173
        
                       r#type: "BlueskyAppview".to_string(),

     

       179
       174
        
                       service_endpoint: format!("https://{domain}"),

     

       180
       175
        
                   },

     
···

       201
       196
        
               .nest("/xrpc/", api_service)

     

       202
       197
        
               .at("/.well-known/did.json", get_did_doc(domain))

     

       203
       198
        
               .at("/", StaticFileEndpoint::new("./static/index.html"))

     

       199
       199
       +
               .with(SizeLimit::new(100 * 2_usize.pow(10)))

     

       204
       200
        
               .with(

     

       205
       201
        
                   Cors::new()

     

       206
       202
        
                       .allow_method(Method::GET)

+5 -4

pocket/src/token.rs

···

       118
       118
        
               let Some(aud) = claims.custom.get("aud") else {

     

       119
       119
        
                   return Err(VerifyError::VerificationFailed("missing aud"));

     

       120
       120
        
               };

     

       121
       121
       -
               let Some(aud) = aud.strip_prefix("did:web:") else {

     

       121
       121
       +
               let Some(mut aud) = aud.strip_prefix("did:web:") else {

     

       122
       122
        
                   return Err(VerifyError::VerificationFailed("expected a did:web aud"));

     

       123
       123
        
               };

     

       124
       124
       -
               let Some((aud, _)) = aud.split_once("#") else {

     

       125
       125
       -
                   return Err(VerifyError::VerificationFailed("aud missing #fragment"));

     

       126
       126
       -
               };

     

       124
       124
       +
               if let Some((aud_without_hash, _)) = aud.split_once("#") {

     

       125
       125
       +
                   log::warn!("aud claim is missing service id fragment: {aud:?}");

     

       126
       126
       +
                   aud = aud_without_hash;

     

       127
       127
       +
               }

     

       127
       128
        
               let Some(lxm) = claims.custom.get("lxm") else {

     

       128
       129
        
                   return Err(VerifyError::VerificationFailed("missing lxm"));

     

       129
       130
        
               };