|
|
|
|
@ -10,10 +10,15 @@ use once_cell::sync::Lazy;
|
|
|
|
|
use serde::{Deserialize, Serialize};
|
|
|
|
|
|
|
|
|
|
static ACCT: Lazy<String> = Lazy::new(|| format!("blog@{}", *DOMAIN));
|
|
|
|
|
const OIDC_SUBJECT: &'static str = "me@shadowfacts.net";
|
|
|
|
|
|
|
|
|
|
pub async fn handle(req: Request<Body>) -> Response {
|
|
|
|
|
if is_resource_blog(req).await {
|
|
|
|
|
Json(WebfingerResponse::new()).into_response()
|
|
|
|
|
let resource = resource(req).await;
|
|
|
|
|
if resource.as_deref() == Some(&*ACCT) {
|
|
|
|
|
Json(WebfingerResponse::blog()).into_response()
|
|
|
|
|
} else if resource.as_deref() == Some(&OIDC_SUBJECT) {
|
|
|
|
|
// used for tailscale OIDC
|
|
|
|
|
Json(WebfingerResponse::oidc()).into_response()
|
|
|
|
|
} else {
|
|
|
|
|
// mastodon responds with 400 and an empty body, so we do too
|
|
|
|
|
StatusCode::BAD_REQUEST.into_response()
|
|
|
|
|
@ -43,18 +48,16 @@ pub async fn handle_interact(
|
|
|
|
|
.into_response()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async fn is_resource_blog(req: Request<Body>) -> bool {
|
|
|
|
|
async fn resource(req: Request<Body>) -> Option<String> {
|
|
|
|
|
let mut parts = RequestParts::new(req);
|
|
|
|
|
if let Ok(Query(params)) = parts.extract::<Query<Params>>().await {
|
|
|
|
|
let resource = if params.resource.starts_with("acct:") {
|
|
|
|
|
¶ms.resource[5..]
|
|
|
|
|
let params = parts.extract::<Query<Params>>().await;
|
|
|
|
|
params.ok().map(|Query(params)| {
|
|
|
|
|
if params.resource.starts_with("acct:") {
|
|
|
|
|
params.resource[5..].into()
|
|
|
|
|
} else {
|
|
|
|
|
¶ms.resource
|
|
|
|
|
};
|
|
|
|
|
resource == ACCT.as_str()
|
|
|
|
|
} else {
|
|
|
|
|
false
|
|
|
|
|
}
|
|
|
|
|
params.resource
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async fn query(acct: &str) -> anyhow::Result<WebfingerResponse> {
|
|
|
|
|
@ -89,7 +92,7 @@ pub struct WebfingerResponse {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl WebfingerResponse {
|
|
|
|
|
fn new() -> Self {
|
|
|
|
|
fn blog() -> Self {
|
|
|
|
|
Self {
|
|
|
|
|
subject: ACCT.to_owned(),
|
|
|
|
|
links: vec![Link {
|
|
|
|
|
@ -101,6 +104,18 @@ impl WebfingerResponse {
|
|
|
|
|
}],
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fn oidc() -> Self {
|
|
|
|
|
Self {
|
|
|
|
|
subject: OIDC_SUBJECT.to_owned(),
|
|
|
|
|
links: vec![Link {
|
|
|
|
|
rel: "http://openid.net/specs/connect/1.0/issuer".to_owned(),
|
|
|
|
|
payload: LinkPayload::Href {
|
|
|
|
|
href: "https://auth.shadowfacts.net/application/o/tailscale/".to_owned(),
|
|
|
|
|
},
|
|
|
|
|
}],
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[derive(Debug, PartialEq, Serialize, Deserialize)]
|
|
|
|
|
@ -115,6 +130,7 @@ pub struct Link {
|
|
|
|
|
pub enum LinkPayload {
|
|
|
|
|
Webfinger { r#type: String, href: String },
|
|
|
|
|
OStatusSubscribe { template: String },
|
|
|
|
|
Href { href: String },
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[cfg(test)]
|
|
|
|
|
|
