diff options
| author | Jessica Tallon <jessica@megworld.co.uk> | 2014-09-08 17:55:03 +0100 |
|---|---|---|
| committer | Jessica Tallon <jessica@megworld.co.uk> | 2014-09-08 17:55:03 +0100 |
| commit | 8998300b981d1a906ae271eb122b387454c53f60 (patch) | |
| tree | 0d61930fb8ef60d99993f3f743dc84b64f445367 | |
| parent | 1b4e199668ada5c2ec47df7432ab69e315dc0601 (diff) | |
| parent | 1bce996181d9ae18756e6bbc0750bb6dc9d09609 (diff) | |
| download | mediagoblin-8998300b981d1a906ae271eb122b387454c53f60.tar.lz mediagoblin-8998300b981d1a906ae271eb122b387454c53f60.tar.xz mediagoblin-8998300b981d1a906ae271eb122b387454c53f60.zip | |
Merge branch '945-well-known'
* 945-well-known:
Add /.well-known/webfinger API to lookup user hrefs
Add XRD+XML formatting for /.well-known/host-meta
| -rw-r--r-- | mediagoblin/federation/routing.py | 8 | ||||
| -rw-r--r-- | mediagoblin/federation/views.py | 158 | ||||
| -rw-r--r-- | mediagoblin/templates/mediagoblin/federation/host-meta.xml | 22 | ||||
| -rw-r--r-- | mediagoblin/tools/response.py | 7 |
4 files changed, 156 insertions, 39 deletions
diff --git a/mediagoblin/federation/routing.py b/mediagoblin/federation/routing.py index c1c5a264..e9fa6252 100644 --- a/mediagoblin/federation/routing.py +++ b/mediagoblin/federation/routing.py @@ -73,7 +73,13 @@ add_route( ) add_route( + "mediagoblin.webfinger.well-known.webfinger", + "/.well-known/webfinger", + "mediagoblin.federation.views:lrdd_lookup" +) + +add_route( "mediagoblin.webfinger.whoami", "/api/whoami", "mediagoblin.federation.views:whoami" -) +)
\ No newline at end of file diff --git a/mediagoblin/federation/views.py b/mediagoblin/federation/views.py index 3d6953a7..724d349c 100644 --- a/mediagoblin/federation/views.py +++ b/mediagoblin/federation/views.py @@ -23,7 +23,8 @@ from werkzeug.datastructures import FileStorage from mediagoblin.decorators import oauth_required from mediagoblin.federation.decorators import user_has_privilege from mediagoblin.db.models import User, MediaEntry, MediaComment -from mediagoblin.tools.response import redirect, json_response, json_error +from mediagoblin.tools.response import redirect, json_response, json_error, \ + render_to_response from mediagoblin.meddleware.csrf import csrf_exempt from mediagoblin.submit.lib import new_upload_entry, api_upload_request, \ api_add_to_feed @@ -70,14 +71,14 @@ def profile_endpoint(request): def user_endpoint(request): """ This is /api/user/<username> - This will get the user """ user, user_profile = get_profile(request) - + if user is None: username = request.matchdict["username"] return json_error( "No such 'user' with username '{0}'".format(username), status=404 ) - + return json_response({ "nickname": user.username, "updated": user.created.isoformat(), @@ -418,42 +419,129 @@ def object_comments(request): return json_response(comments) ## -# Well known +# RFC6415 - Web Host Metadata ## def host_meta(request): - """ /.well-known/host-meta - provide URLs to resources """ - links = [] + """ + This provides the host-meta URL information that is outlined + in RFC6415. By default this should provide XRD+XML however + if the client accepts JSON we will provide that over XRD+XML. + The 'Accept' header is used to decude this. - links.append({ - "ref": "registration_endpoint", - "href": request.urlgen( - "mediagoblin.oauth.client_register", - qualified=True - ), - }) - links.append({ - "ref": "http://apinamespace.org/oauth/request_token", - "href": request.urlgen( - "mediagoblin.oauth.request_token", - qualified=True - ), - }) - links.append({ - "ref": "http://apinamespace.org/oauth/authorize", - "href": request.urlgen( - "mediagoblin.oauth.authorize", - qualified=True - ), - }) - links.append({ - "ref": "http://apinamespace.org/oauth/access_token", - "href": request.urlgen( - "mediagoblin.oauth.access_token", - qualified=True - ), - }) + A client should use this endpoint to determine what URLs to + use for OAuth endpoints. + """ + + links = [ + { + "rel": "lrdd", + "type": "application/json", + "href": request.urlgen( + "mediagoblin.webfinger.well-known.webfinger", + qualified=True + ) + }, + { + "rel": "registration_endpoint", + "href": request.urlgen( + "mediagoblin.oauth.client_register", + qualified=True + ), + }, + { + "rel": "http://apinamespace.org/oauth/request_token", + "href": request.urlgen( + "mediagoblin.oauth.request_token", + qualified=True + ), + }, + { + "rel": "http://apinamespace.org/oauth/authorize", + "href": request.urlgen( + "mediagoblin.oauth.authorize", + qualified=True + ), + }, + { + "rel": "http://apinamespace.org/oauth/access_token", + "href": request.urlgen( + "mediagoblin.oauth.access_token", + qualified=True + ), + }, + { + "rel": "http://apinamespace.org/activitypub/whoami", + "href": request.urlgen( + "mediagoblin.webfinger.whoami", + qualified=True + ), + }, + ] + + if "application/json" in request.accept_mimetypes: + return json_response({"links": links}) + + # provide XML+XRD + return render_to_response( + request, + "mediagoblin/federation/host-meta.xml", + {"links": links}, + mimetype="application/xrd+xml" + ) + +def lrdd_lookup(request): + """ + This is the lrdd endpoint which can lookup a user (or + other things such as activities). This is as specified by + RFC6415. + + The cleint must provide a 'resource' as a GET parameter which + should be the query to be looked up. + """ + + if "resource" not in request.args: + return json_error("No resource parameter", status=400) + + resource = request.args["resource"] + + if "@" in resource: + # Lets pull out the username + resource = resource[5:] if resource.startswith("acct:") else resource + username, host = resource.split("@", 1) + + # Now lookup the user + user = User.query.filter_by(username=username).first() + + if user is None: + return json_error( + "Can't find 'user' with username '{0}'".format(username)) + + return json_response([ + { + "rel": "http://webfinger.net/rel/profile-page", + "href": user.url_for_self(request.urlgen), + "type": "text/html" + }, + { + "rel": "self", + "href": request.urlgen( + "mediagoblin.federation.user", + username=user.username, + qualified=True + ) + }, + { + "rel": "activity-outbox", + "href": request.urlgen( + "mediagoblin.federation.feed", + username=user.username, + qualified=True + ) + } + ]) + else: + return json_error("Unrecognized resource parameter", status=404) - return json_response({"links": links}) def whoami(request): """ /api/whoami - HTTP redirect to API profile """ diff --git a/mediagoblin/templates/mediagoblin/federation/host-meta.xml b/mediagoblin/templates/mediagoblin/federation/host-meta.xml new file mode 100644 index 00000000..7970a0d2 --- /dev/null +++ b/mediagoblin/templates/mediagoblin/federation/host-meta.xml @@ -0,0 +1,22 @@ +{# GNU MediaGoblin -- federated, autonomous media hosting +# Copyright (C) 2014 MediaGoblin contributors. See AUTHORS. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +-#} +<?xml version='1.0' encoding='UTF-8'?> +<XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'> + {% for link in links %} + <Link rel="{{ link.rel }}" href="{{ link.href }}" /> + {% endfor %} +</XRD>
\ No newline at end of file diff --git a/mediagoblin/tools/response.py b/mediagoblin/tools/response.py index 57552963..88270265 100644 --- a/mediagoblin/tools/response.py +++ b/mediagoblin/tools/response.py @@ -29,11 +29,12 @@ class Response(wz_Response): default_mimetype = u'text/html' -def render_to_response(request, template, context, status=200): +def render_to_response(request, template, context, status=200, mimetype=None): """Much like Django's shortcut.render()""" return Response( render_template(request, template, context), - status=status) + status=status, + mimetype=mimetype) def render_error(request, status=500, title=_('Oops!'), err_msg=_('An error occured')): @@ -164,7 +165,7 @@ def json_error(error_str, status=400, *args, **kwargs): code to 400. """ return json_response({"error": error_str}, status=status, *args, **kwargs) - + def form_response(data, *args, **kwargs): """ Responds using application/x-www-form-urlencoded and returns a werkzeug |