crates/apub/src/http/routes.rs

   1 use crate::http::{
   2   comment::get_apub_comment,
   3   community::{
   4     community_inbox,
   5     get_apub_community_followers,
   6     get_apub_community_http,
   7     get_apub_community_moderators,
   8     get_apub_community_outbox,
   9   },
  10   get_activity,
  11   person::{get_apub_person_http, get_apub_person_outbox, person_inbox},
  12   post::get_apub_post,
  13   shared_inbox,
  14   site::{get_apub_site_http, get_apub_site_inbox, get_apub_site_outbox},
  15 };
  16 use actix_web::{
  17   guard::{Guard, GuardContext},
  18   http::{header, Method},
  19   web,
  20 };
  21 use http_signature_normalization_actix::digest::middleware::VerifyDigest;
  22 use sha2::{Digest, Sha256};
  23
  24 pub fn config(cfg: &mut web::ServiceConfig) {
  25   cfg
  26     .route("/", web::get().to(get_apub_site_http))
  27     .route("/site_outbox", web::get().to(get_apub_site_outbox))
  28     .route(
  29       "/c/{community_name}",
  30       web::get().to(get_apub_community_http),
  31     )
  32     .route(
  33       "/c/{community_name}/followers",
  34       web::get().to(get_apub_community_followers),
  35     )
  36     .route(
  37       "/c/{community_name}/outbox",
  38       web::get().to(get_apub_community_outbox),
  39     )
  40     .route(
  41       "/c/{community_name}/moderators",
  42       web::get().to(get_apub_community_moderators),
  43     )
  44     .route("/u/{user_name}", web::get().to(get_apub_person_http))
  45     .route(
  46       "/u/{user_name}/outbox",
  47       web::get().to(get_apub_person_outbox),
  48     )
  49     .route("/post/{post_id}", web::get().to(get_apub_post))
  50     .route("/comment/{comment_id}", web::get().to(get_apub_comment))
  51     .route("/activities/{type_}/{id}", web::get().to(get_activity));
  52
  53   cfg.service(
  54     web::scope("")
  55       .wrap(VerifyDigest::new(Sha256::new()))
  56       .guard(InboxRequestGuard)
  57       .route("/c/{community_name}/inbox", web::post().to(community_inbox))
  58       .route("/u/{user_name}/inbox", web::post().to(person_inbox))
  59       .route("/inbox", web::post().to(shared_inbox))
  60       .route("/site_inbox", web::post().to(get_apub_site_inbox)),
  61   );
  62 }
  63
  64 /// Without this, things like webfinger or RSS feeds stop working, as all requests seem to get
  65 /// routed into the inbox service (because it covers the root path). So we filter out anything that
  66 /// definitely can't be an inbox request (based on Accept header and request method).
  67 struct InboxRequestGuard;
  68
  69 impl Guard for InboxRequestGuard {
  70   fn check(&self, ctx: &GuardContext) -> bool {
  71     if ctx.head().method != Method::POST {
  72       return false;
  73     }
  74     if let Some(val) = ctx.head().headers.get(header::CONTENT_TYPE) {
  75       return val.as_bytes().starts_with(b"application/");
  76     }
  77     false
  78   }
  79 }