veryroundbird.house / core
forked from tangled.org/core
this repo has no description
fork atom

use epoch times everywhere

use custom roundtripper for hmac signing

oppi.li a713694d 586c3b2f

options
unified split
Changed files
+57 -25
appview
db
db.go
pages
knot.html
state
signer.go
state.go
+3 -3
appview/db/db.go 
···

       
25

       
25

       
 

       
			domain text not null unique,


     

       
26

       
26

       
 

       
			did text not null,


     

       
27

       
27

       
 

       
			secret text not null,


     

       
28

       

       
-

       
			created timestamp default current_timestamp,


     

       
29

       

       
-

       
			registered timestamp);


     

       

       
28

       
+

       
			created integer default (strftime('%s', 'now')),


     

       

       
29

       
+

       
			registered integer);


     

       
30

       
30

       
 

       
		create table if not exists public_keys (


     

       
31

       
31

       
 

       
			id integer primary key autoincrement,


     

       
32

       
32

       
 

       
			did text not null,


     

       
33

       
33

       
 

       
			name text not null,


     

       
34

       
34

       
 

       
			key text not null,


     

       
35

       

       
-

       
			created timestamp default current_timestamp,


     

       

       
35

       
+

       
			created integer default (strftime('%s', 'now')),


     

       
36

       
36

       
 

       
			unique(did, name, key)


     

       
37

       
37

       
 

       
		);


     

       
38

       
38

       
 

       
	`)
+1 -1
appview/pages/knot.html 
···

       
1

       

       
-

       
{{define "title"}}knot{{end}}


     

       

       
1

       
+

       
{{define "title"}}{{ .Registration.Domain }}{{end}}


     

       
2

       
2

       
 

       



     

       
3

       
3

       
 

       
{{define "content"}}


     

       
4

       
4

       
 

       
    <a href="/">back to timeline</a>
+33
appview/state/signer.go 
···

       

       
1

       
+

       
package state


     

       

       
2

       
+

       



     

       

       
3

       
+

       
import (


     

       

       
4

       
+

       
	"crypto/hmac"


     

       

       
5

       
+

       
	"crypto/sha256"


     

       

       
6

       
+

       
	"encoding/hex"


     

       

       
7

       
+

       
	"net/http"


     

       

       
8

       
+

       
	"time"


     

       

       
9

       
+

       
)


     

       

       
10

       
+

       



     

       

       
11

       
+

       
type SignerTransport struct {


     

       

       
12

       
+

       
	Secret string


     

       

       
13

       
+

       
}


     

       

       
14

       
+

       



     

       

       
15

       
+

       
func SignedClient(secret string) *http.Client {


     

       

       
16

       
+

       
	return &http.Client{


     

       

       
17

       
+

       
		Timeout: 5 * time.Second,


     

       

       
18

       
+

       
		Transport: SignerTransport{


     

       

       
19

       
+

       
			Secret: secret,


     

       

       
20

       
+

       
		},


     

       

       
21

       
+

       
	}


     

       

       
22

       
+

       
}


     

       

       
23

       
+

       



     

       

       
24

       
+

       
func (s SignerTransport) RoundTrip(req *http.Request) (*http.Response, error) {


     

       

       
25

       
+

       
	timestamp := time.Now().Format(time.RFC3339)


     

       

       
26

       
+

       
	mac := hmac.New(sha256.New, []byte(s.Secret))


     

       

       
27

       
+

       
	message := req.Method + req.URL.Path + timestamp


     

       

       
28

       
+

       
	mac.Write([]byte(message))


     

       

       
29

       
+

       
	signature := hex.EncodeToString(mac.Sum(nil))


     

       

       
30

       
+

       
	req.Header.Set("X-Signature", signature)


     

       

       
31

       
+

       
	req.Header.Set("X-Timestamp", timestamp)


     

       

       
32

       
+

       
	return http.DefaultTransport.RoundTrip(req)


     

       

       
33

       
+

       
}
+20 -21
appview/state/state.go 
···

       
212

       
212

       
 

       
	// make a request do the knotserver with an empty body and above signature


     

       
213

       
213

       
 

       
	url := fmt.Sprintf("http://%s/health", domain)


     

       
214

       
214

       
 

       



     

       
215

       

       
-

       
	pingRequest, err := buildPingRequest(url, secret)


     

       

       
215

       
+

       
	pingRequest, err := http.NewRequest("GET", url, nil)


     

       
216

       
216

       
 

       
	if err != nil {


     

       
217

       
217

       
 

       
		log.Println("failed to build ping request", err)


     

       
218

       
218

       
 

       
		return


     

       
219

       
219

       
 

       
	}


     

       
220

       
220

       
 

       



     

       
221

       

       
-

       
	client := &http.Client{


     

       
222

       

       
-

       
		Timeout: 5 * time.Second,


     

       
223

       

       
-

       
	}


     

       

       
221

       
+

       
	client := SignedClient(secret)


     

       

       
222

       
+

       



     

       
224

       
223

       
 

       
	resp, err := client.Do(pingRequest)


     

       
225

       
224

       
 

       
	if err != nil {


     

       
226

       
225

       
 

       
		w.Write([]byte("no dice"))


     
···

       
389

       
388

       
 

       
func (s *State) RemoveMember(w http.ResponseWriter, r *http.Request) {


     

       
390

       
389

       
 

       
}


     

       
391

       
390

       
 

       



     

       
392

       

       
-

       
func buildPingRequest(url, secret string) (*http.Request, error) {


     

       
393

       

       
-

       
	pingRequest, err := http.NewRequest("GET", url, nil)


     

       
394

       

       
-

       
	if err != nil {


     

       
395

       

       
-

       
		return nil, err


     

       
396

       

       
-

       
	}


     

       
397

       

       
-

       



     

       
398

       

       
-

       
	timestamp := time.Now().Format(time.RFC3339)


     

       
399

       

       
-

       
	mac := hmac.New(sha256.New, []byte(secret))


     

       
400

       

       
-

       
	message := pingRequest.Method + pingRequest.URL.Path + timestamp


     

       
401

       

       
-

       
	mac.Write([]byte(message))


     

       
402

       

       
-

       
	signature := hex.EncodeToString(mac.Sum(nil))


     

       
403

       

       
-

       



     

       
404

       

       
-

       
	pingRequest.Header.Set("X-Signature", signature)


     

       
405

       

       
-

       
	pingRequest.Header.Set("X-Timestamp", timestamp)


     

       
406

       

       
-

       



     

       
407

       

       
-

       
	return pingRequest, nil


     

       
408

       

       
-

       
}


     

       

       
391

       
+

       
// func buildPingRequest(url, secret string) (*http.Request, error) {


     

       

       
392

       
+

       
// 	pingRequest, err := http.NewRequest("GET", url, nil)


     

       

       
393

       
+

       
// 	if err != nil {


     

       

       
394

       
+

       
// 		return nil, err


     

       

       
395

       
+

       
// 	}


     

       

       
396

       
+

       
//


     

       

       
397

       
+

       
// 	timestamp := time.Now().Format(time.RFC3339)


     

       

       
398

       
+

       
// 	mac := hmac.New(sha256.New, []byte(secret))


     

       

       
399

       
+

       
// 	message := pingRequest.Method + pingRequest.URL.Path + timestamp


     

       

       
400

       
+

       
// 	mac.Write([]byte(message))


     

       

       
401

       
+

       
// 	signature := hex.EncodeToString(mac.Sum(nil))


     

       

       
402

       
+

       
//


     

       

       
403

       
+

       
// 	pingRequest.Header.Set("X-Signature", signature)


     

       

       
404

       
+

       
// 	pingRequest.Header.Set("X-Timestamp", timestamp)


     

       

       
405

       
+

       
//


     

       

       
406

       
+

       
// 	return pingRequest, nil


     

       

       
407

       
+

       
// }


     

       
409

       
408

       
 

       



     

       
410

       
409

       
 

       
func (s *State) Router() http.Handler {


     

       
411

       
410

       
 

       
	r := chi.NewRouter()