+
+ def encode_key({:RSAPublicKey, modulus, exponent}) do
+ modulus_enc = :binary.encode_unsigned(modulus) |> Base.url_encode64()
+ exponent_enc = :binary.encode_unsigned(exponent) |> Base.url_encode64()
+
+ "RSA.#{modulus_enc}.#{exponent_enc}"
+ end
+
+ # Native generation of RSA keys is only available since OTP 20+ and in default build conditions
+ # We try at compile time to generate natively an RSA key otherwise we fallback on the old way.
+ try do
+ _ = :public_key.generate_key({:rsa, 2048, 65537})
+
+ def generate_rsa_pem do
+ key = :public_key.generate_key({:rsa, 2048, 65537})
+ entry = :public_key.pem_entry_encode(:RSAPrivateKey, key)
+ pem = :public_key.pem_encode([entry]) |> String.trim_trailing()
+ {:ok, pem}
+ end
+ rescue
+ _ ->
+ def generate_rsa_pem do
+ port = Port.open({:spawn, "openssl genrsa"}, [:binary])
+
+ {:ok, pem} =
+ receive do
+ {^port, {:data, pem}} -> {:ok, pem}
+ end
+
+ Port.close(port)
+
+ if Regex.match?(~r/RSA PRIVATE KEY/, pem) do
+ {:ok, pem}
+ else
+ :error
+ end
+ end
+ end
+
+ def keys_from_pem(pem) do
+ [private_key_code] = :public_key.pem_decode(pem)
+ private_key = :public_key.pem_entry_decode(private_key_code)
+ {:RSAPrivateKey, _, modulus, exponent, _, _, _, _, _, _, _} = private_key
+ public_key = {:RSAPublicKey, modulus, exponent}
+ {:ok, private_key, public_key}
+ end
+
+ def encode(private_key, doc) do
+ type = "application/atom+xml"
+ encoding = "base64url"
+ alg = "RSA-SHA256"
+
+ signed_text =
+ [doc, type, encoding, alg]
+ |> Enum.map(&Base.url_encode64/1)
+ |> Enum.join(".")
+
+ signature =
+ signed_text
+ |> :public_key.sign(:sha256, private_key)
+ |> to_string
+ |> Base.url_encode64()
+
+ doc_base64 =
+ doc
+ |> Base.url_encode64()
+
+ # Don't need proper xml building, these strings are safe to leave unescaped
+ salmon = """
+ <?xml version="1.0" encoding="UTF-8"?>
+ <me:env xmlns:me="http://salmon-protocol.org/ns/magic-env">
+ <me:data type="application/atom+xml">#{doc_base64}</me:data>
+ <me:encoding>#{encoding}</me:encoding>
+ <me:alg>#{alg}</me:alg>
+ <me:sig>#{signature}</me:sig>
+ </me:env>
+ """
+
+ {:ok, salmon}
+ end
+
+ def remote_users(%{data: %{"to" => to} = data}) do
+ to = to ++ (data["cc"] || [])
+
+ to
+ |> Enum.map(fn id -> User.get_cached_by_ap_id(id) end)
+ |> Enum.filter(fn user -> user && !user.local end)
+ end
+
+ defp send_to_user(%{info: %{salmon: salmon}}, feed, poster) do
+ with {:ok, %{status: code}} <-
+ poster.(
+ salmon,
+ feed,
+ [{"Content-Type", "application/magic-envelope+xml"}]
+ ) do
+ Logger.debug(fn -> "Pushed to #{salmon}, code #{code}" end)
+ else
+ e -> Logger.debug(fn -> "Pushing Salmon to #{salmon} failed, #{inspect(e)}" end)
+ end
+ end
+
+ defp send_to_user(_, _, _), do: nil
+
+ @supported_activities [
+ "Create",
+ "Follow",
+ "Like",
+ "Announce",
+ "Undo",
+ "Delete"
+ ]
+ def publish(user, activity, poster \\ &@httpoison.post/3)
+
+ def publish(%{info: %{keys: keys}} = user, %{data: %{"type" => type}} = activity, poster)
+ when type in @supported_activities do
+ feed = ActivityRepresenter.to_simple_form(activity, user, true)
+
+ if feed do
+ feed =
+ ActivityRepresenter.wrap_with_entry(feed)
+ |> :xmerl.export_simple(:xmerl_xml)
+ |> to_string
+
+ {:ok, private, _} = keys_from_pem(keys)
+ {:ok, feed} = encode(private, feed)
+
+ remote_users(activity)
+ |> Enum.each(fn remote_user ->
+ Task.start(fn ->
+ Logger.debug(fn -> "Sending Salmon to #{remote_user.ap_id}" end)
+ send_to_user(remote_user, feed, poster)
+ end)
+ end)
+ end
+ end
+
+ def publish(%{id: id}, _, _), do: Logger.debug(fn -> "Keys missing for user #{id}" end)