diff options
Diffstat (limited to 'mediagoblin/federation/views.py')
| -rw-r--r-- | mediagoblin/federation/views.py | 158 |
1 files changed, 123 insertions, 35 deletions
diff --git a/mediagoblin/federation/views.py b/mediagoblin/federation/views.py index 3d6953a7..724d349c 100644 --- a/mediagoblin/federation/views.py +++ b/mediagoblin/federation/views.py @@ -23,7 +23,8 @@ from werkzeug.datastructures import FileStorage from mediagoblin.decorators import oauth_required from mediagoblin.federation.decorators import user_has_privilege from mediagoblin.db.models import User, MediaEntry, MediaComment -from mediagoblin.tools.response import redirect, json_response, json_error +from mediagoblin.tools.response import redirect, json_response, json_error, \ + render_to_response from mediagoblin.meddleware.csrf import csrf_exempt from mediagoblin.submit.lib import new_upload_entry, api_upload_request, \ api_add_to_feed @@ -70,14 +71,14 @@ def profile_endpoint(request): def user_endpoint(request): """ This is /api/user/<username> - This will get the user """ user, user_profile = get_profile(request) - + if user is None: username = request.matchdict["username"] return json_error( "No such 'user' with username '{0}'".format(username), status=404 ) - + return json_response({ "nickname": user.username, "updated": user.created.isoformat(), @@ -418,42 +419,129 @@ def object_comments(request): return json_response(comments) ## -# Well known +# RFC6415 - Web Host Metadata ## def host_meta(request): - """ /.well-known/host-meta - provide URLs to resources """ - links = [] + """ + This provides the host-meta URL information that is outlined + in RFC6415. By default this should provide XRD+XML however + if the client accepts JSON we will provide that over XRD+XML. + The 'Accept' header is used to decude this. - links.append({ - "ref": "registration_endpoint", - "href": request.urlgen( - "mediagoblin.oauth.client_register", - qualified=True - ), - }) - links.append({ - "ref": "http://apinamespace.org/oauth/request_token", - "href": request.urlgen( - "mediagoblin.oauth.request_token", - qualified=True - ), - }) - links.append({ - "ref": "http://apinamespace.org/oauth/authorize", - "href": request.urlgen( - "mediagoblin.oauth.authorize", - qualified=True - ), - }) - links.append({ - "ref": "http://apinamespace.org/oauth/access_token", - "href": request.urlgen( - "mediagoblin.oauth.access_token", - qualified=True - ), - }) + A client should use this endpoint to determine what URLs to + use for OAuth endpoints. + """ + + links = [ + { + "rel": "lrdd", + "type": "application/json", + "href": request.urlgen( + "mediagoblin.webfinger.well-known.webfinger", + qualified=True + ) + }, + { + "rel": "registration_endpoint", + "href": request.urlgen( + "mediagoblin.oauth.client_register", + qualified=True + ), + }, + { + "rel": "http://apinamespace.org/oauth/request_token", + "href": request.urlgen( + "mediagoblin.oauth.request_token", + qualified=True + ), + }, + { + "rel": "http://apinamespace.org/oauth/authorize", + "href": request.urlgen( + "mediagoblin.oauth.authorize", + qualified=True + ), + }, + { + "rel": "http://apinamespace.org/oauth/access_token", + "href": request.urlgen( + "mediagoblin.oauth.access_token", + qualified=True + ), + }, + { + "rel": "http://apinamespace.org/activitypub/whoami", + "href": request.urlgen( + "mediagoblin.webfinger.whoami", + qualified=True + ), + }, + ] + + if "application/json" in request.accept_mimetypes: + return json_response({"links": links}) + + # provide XML+XRD + return render_to_response( + request, + "mediagoblin/federation/host-meta.xml", + {"links": links}, + mimetype="application/xrd+xml" + ) + +def lrdd_lookup(request): + """ + This is the lrdd endpoint which can lookup a user (or + other things such as activities). This is as specified by + RFC6415. + + The cleint must provide a 'resource' as a GET parameter which + should be the query to be looked up. + """ + + if "resource" not in request.args: + return json_error("No resource parameter", status=400) + + resource = request.args["resource"] + + if "@" in resource: + # Lets pull out the username + resource = resource[5:] if resource.startswith("acct:") else resource + username, host = resource.split("@", 1) + + # Now lookup the user + user = User.query.filter_by(username=username).first() + + if user is None: + return json_error( + "Can't find 'user' with username '{0}'".format(username)) + + return json_response([ + { + "rel": "http://webfinger.net/rel/profile-page", + "href": user.url_for_self(request.urlgen), + "type": "text/html" + }, + { + "rel": "self", + "href": request.urlgen( + "mediagoblin.federation.user", + username=user.username, + qualified=True + ) + }, + { + "rel": "activity-outbox", + "href": request.urlgen( + "mediagoblin.federation.feed", + username=user.username, + qualified=True + ) + } + ]) + else: + return json_error("Unrecognized resource parameter", status=404) - return json_response({"links": links}) def whoami(request): """ /api/whoami - HTTP redirect to API profile """ |