luna/aproxy
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: luna:c15abe3c05f741a530a3f79c2c8a79b0fe95f354
Branches Tags
luna:mistress
luna:config-validation
..
compare: luna:766b1d2aff3ce7cc1a2e9ce155691af06a3acf22
Branches Tags
luna:mistress
luna:config-validation

No commits in common. "c15abe3c05f741a530a3f79c2c8a79b0fe95f354" and "766b1d2aff3ce7cc1a2e9ce155691af06a3acf22" have entirely different histories.
c15abe3c05 ... 766b1d2aff

6 changed files with 45 additions and 180 deletions
Show stats Expand all files Collapse all files

8
README.md
View file

@ -11,11 +11,3 @@ on top of ActivityPub implementations.
- write test suite - write test suite
- create install instructions - create install instructions
## Testing
```
luarocks-5.1 install --local luaunit
luarocks-5.1 install --local lrexlib-PCRE2
eval (luarocks-5.1 path --bin)
lua5.1 test.lua
```

48
ctx.lua
View file

@ -1,48 +0,0 @@
function log(msg)
ngx.log(ngx.STDERR, tostring(msg))
end
local ctx = {}
function ctx:setWantedScripts(graph)
self._wanted_scripts = graph
end
function ctx:loadChain()
self.compiled_chain = {}
for module_name, module_config in pairs(self._wanted_scripts) do
local module = require(module_name)
local module_state = module.init(module_config)
-- TODO is it possible to make module_config readonly?
table.insert(self.compiled_chain, {module, module_config, module_state})
end
end
function ctx:onRequest()
local request_uri = ngx.var.uri
-- find out which modules to call based on their regexes
local callbacks_to_call = {}
for _, filter in ipairs(self.compiled_chain) do
local module, module_config, state = unpack(filter)
for callback_regex, callback_function in pairs(module.callbacks) do
local match, error = ngx.re.match(request_uri, callback_regex)
if match then
table.insert(callbacks_to_call, {callback_function, module_config, state})
end
end
end
for _,tuple in ipairs(callbacks_to_call) do
local callback_function, config, state = unpack(tuple)
local status_code, body = callback_function(config, state)
if status_code ~= nil then
ngx.status = status_code
ngx.say(body or "request denied")
ngx.exit(status_code)
end
end
end
return ctx

43
main.lua
View file

@ -7,13 +7,38 @@ local CONFIG_PATH = ".;/etc/aproxy"
-- --
-- local config = loadConfig() -- local config = loadConfig()
local ctx = require('ctx') function log(msg)
ngx.log(ngx.STDERR, tostring(msg))
ctx:setWantedScripts({
['scripts.webfinger_allowlist'] = {accounts = {"example@example.com"}}
})
ctx:loadChain()
return function()
ctx:onRequest()
end end
local WANTED_SCRIPTS = {
'scripts.webfinger_allowlist'
}
local compiled_chain = {}
for _, module_name in pairs(WANTED_SCRIPTS) do
log('load module', module_name)
mod = require(module_name)
log('load module', mod)
table.insert(compiled_chain, mod)
end
local function onRequest()
log('AWOOOOGA')
for _,mod in ipairs(compiled_chain) do
log(mod)
local mod_config = {accounts = {"a@a.com"}}
local result, body = mod.callback(mod_config)
log(result)
log(body)
if not result then
ngx.status = 400
ngx.say(body or "request denied")
ngx.exit(400)
end
end
end
return onRequest

26
scripts/webfinger_allowlist.lua
View file

@ -1,23 +1,19 @@
function webfingerInit(cfg) function webfingerCallback(cfg)
local accounts_set = {}
for _, account in ipairs(cfg.accounts) do
accounts_set["acct:" .. account] = true
end
return accounts_set
end
function webfingerCallback(cfg, accounts_set)
local args, err = ngx.req.get_uri_args() local args, err = ngx.req.get_uri_args()
if err == "truncated" then if err == "truncated" then
return 400, 'uri args too long' return false, 'uri args too long'
end end
local resource = args['resource'] local resource = args['resource']
if accounts_set[resource] then if resource ~= nil then
return nil for _, account in ipairs(cfg.accounts) do
else if resource == account then
return 404, "Couldn't find user" return true
end end
end
end
return false
end end
return { return {
@ -31,7 +27,7 @@ return {
Useful for small instances. Useful for small instances.
]], ]],
apiVersion=1, apiVersion=1,
init=webfingerInit, callback=webfingerCallback,
callbacks = { callbacks = {
['/.well-known/webfinger'] = webfingerCallback ['/.well-known/webfinger'] = webfingerCallback
}, },

77
test.lua
View file

@ -1,77 +0,0 @@
lu = require('luaunit')
local rex = require('rex_pcre2')
function createNgx()
local ngx = {
status = nil
}
local function mockedThing(self, property)
return function(value)
self['_'..property] = value
end
end
ngx.say = mockedThing(ngx, "say")
ngx.exit = mockedThing(ngx, "exit")
ngx.log = function (_, msg)
print(msg)
end
-- only hold data here
ngx.var = {}
-- request params api
ngx.req = {}
ngx.req.get_uri_args = function ()
return ngx._uri_args
end
ngx.req.set_uri_args = function (val)
ngx._uri_args = val
end
-- regex api
ngx.re = {}
ngx.re.match = rex.match
ngx.re.search = rex.find
return ngx
end
function resetNgx()
ngx = createNgx()
end
teardownNgx = resetNgx
function setupFakeRequest(path, options)
ngx.var.uri = path
if options.params then
ngx.req.set_uri_args(options.params)
end
end
local ctx = require('ctx')
function setupTest(module_require_path, config)
resetNgx()
local module = require(module_require_path)
state = module.init(config)
ctx.compiled_chain = {
{module, config, state}
}
return module
end
function onRequest()
ctx:setWantedScripts()
local ctx = require('ctx')
do
ctx:onRequest()
end
end
require('tests.webfinger_allowlist')
os.exit(lu.LuaUnit.run())

23
tests/webfinger_allowlist.lua
View file

@ -1,23 +0,0 @@
TestWebfinger = {}
function TestWebfinger:setup()
self.mod = setupTest('scripts.webfinger_allowlist', {accounts = {'correct@example.org'}})
end
local WEBFINGER_PATH = '/.well-known/webfinger'
function TestWebfinger:testCorrectAccount()
setupFakeRequest(WEBFINGER_PATH, { params = {resource = 'acct:correct@example.org'} })
onRequest()
lu.assertIs(ngx.status, nil)
end
function TestWebfinger:testWrongAccount()
setupFakeRequest(WEBFINGER_PATH, { params = {resource = 'acct:wrong@example.org'} })
onRequest()
lu.assertIs(ngx.status, 404)
end
function TestWebfinger:teardown()
teardownNgx()
end