1
0
puyopuyotetr.is/app/controllers/well_known/webfinger_controller.rb
Matt Jankowski 21a767dcfa Improve handling of HTTP_ACCEPT for webfinger (#2008)
This change includes:

- Improve the spec coverage for incoming request to the webfinger action
- For requests without an accept header (ie, what a browser might look like),
  return a JSON response.
- For requests with an explicit format of xml or json, return that format.
- For requests using an accept header, return that format.

Also adds failing spec showing webfinger does not return xml, which covers the
issue described in: https://github.com/tootsuite/mastodon/issues/1983
2017-04-17 19:58:03 +02:00

49 lines
1.1 KiB
Ruby

# frozen_string_literal: true
module WellKnown
class WebfingerController < ApplicationController
def show
@account = Account.find_local!(username_from_resource)
@canonical_account_uri = @account.to_webfinger_s
@magic_key = pem_to_magic_key(@account.keypair.public_key)
respond_to do |format|
format.any(:json, :html) do
render formats: :json, content_type: 'application/jrd+json'
end
format.xml do
render content_type: 'application/xrd+xml'
end
end
rescue ActiveRecord::RecordNotFound
head 404
end
private
def username_from_resource
WebfingerResource.new(resource_param).username
end
def pem_to_magic_key(public_key)
modulus, exponent = [public_key.n, public_key.e].map do |component|
result = []
until component.zero?
result << [component % 256].pack('C')
component >>= 8
end
result.reverse.join
end
(['RSA'] + [modulus, exponent].map { |n| Base64.urlsafe_encode64(n) }).join('.')
end
def resource_param
params.require(:resource)
end
end
end