2018-05-10 23:23:47 -04:00
|
|
|
from django.http import HttpResponseBadRequest, HttpResponseRedirect
|
|
|
|
from urllib.parse import urlencode, urlparse
|
|
|
|
|
2017-10-26 22:24:57 -04:00
|
|
|
from users.models import User
|
|
|
|
|
2023-08-10 02:52:37 -04:00
|
|
|
AVATAR = "http://webfinger.net/rel/avatar"
|
|
|
|
PROFILE_PAGE = "http://webfinger.net/rel/profile-page"
|
|
|
|
BRIDGY_FED = "https://fed.brid.gy/.well-known/webfinger"
|
2018-05-10 23:23:47 -04:00
|
|
|
|
|
|
|
|
|
|
|
def https_resource_matching(resource):
|
|
|
|
"""
|
|
|
|
Takes a `urllib.parse.urlparse` tuple representing a WebFinger resource and
|
|
|
|
translates ``mailto:`` and ``xmpp:`` resources to an equivalent ``https:``
|
|
|
|
resource, if a user with matching email or XMPP address exists locally.
|
|
|
|
Will throw `User.DoesNotExist` if no such user exists.
|
|
|
|
"""
|
2023-08-10 02:52:37 -04:00
|
|
|
if resource.scheme == "mailto":
|
|
|
|
query = {"email": resource.path}
|
2018-05-10 23:23:47 -04:00
|
|
|
else:
|
2023-08-10 02:52:37 -04:00
|
|
|
query = {"xmpp": resource.path}
|
2018-05-10 23:23:47 -04:00
|
|
|
return User.objects.get(**query).absolute_url
|
2017-10-26 22:24:57 -04:00
|
|
|
|
|
|
|
|
|
|
|
def webfinger(request):
|
2018-05-10 23:23:47 -04:00
|
|
|
"""
|
|
|
|
A thin wrapper around Bridgy Fed's implementation of WebFinger.
|
|
|
|
|
|
|
|
In most cases, this view simply redirects to the same endpoint at Bridgy.
|
|
|
|
However, Bridgy does not support the ``mailto:`` and ``xmpp:`` resource
|
|
|
|
schemes - quite reasonably, since there's no possible way to discover the
|
|
|
|
``acct:`` they go with! - so resources with those schemes are translated
|
|
|
|
locally into an ``https:`` URL representing the same person, and *then*
|
|
|
|
redirected to Bridgy.
|
|
|
|
|
|
|
|
Additionally, WebFinger requests with a missing or malformed resource will
|
|
|
|
be rejected immediately rather than passed on to Bridgy.
|
|
|
|
|
|
|
|
Note that the translation step will only be applied if there exists a
|
|
|
|
:model:`users.User` with matching email or XMPP address. Otherwise, the
|
|
|
|
original resource will be preserved in the redirect - and likely fail to
|
|
|
|
find anything at Bridgy's end either.
|
|
|
|
"""
|
2023-08-10 02:52:37 -04:00
|
|
|
if "resource" not in request.GET:
|
|
|
|
return HttpResponseBadRequest("resource parameter missing")
|
|
|
|
resource = request.GET["resource"]
|
2017-10-26 22:24:57 -04:00
|
|
|
try:
|
2018-05-10 23:23:47 -04:00
|
|
|
res = urlparse(resource)
|
2017-10-26 22:24:57 -04:00
|
|
|
except ValueError:
|
2023-08-10 02:52:37 -04:00
|
|
|
return HttpResponseBadRequest("resource parameter malformed")
|
2017-10-26 22:24:57 -04:00
|
|
|
|
2023-08-10 02:52:37 -04:00
|
|
|
if res.scheme in ("mailto", "xmpp"):
|
2018-05-10 23:23:47 -04:00
|
|
|
try:
|
|
|
|
resource = https_resource_matching(res)
|
|
|
|
except User.DoesNotExist:
|
|
|
|
pass
|
|
|
|
|
2023-08-10 02:52:37 -04:00
|
|
|
query = urlencode({"resource": resource})
|
|
|
|
return HttpResponseRedirect(BRIDGY_FED + "?" + query)
|