key loader format url referencing activitypub actor: In progress

Signed-off-by: John Andersen <[email protected]>
scitt-community · Nov 21, 2023 · 3b8f16e · 3b8f16e
1 parent 6d5be7f
commit 3b8f16e
Showing 1 changed file with 38 additions and 7 deletions.
diff --git a/scitt_emulator/key_loader_format_url_referencing_activitypub_actor.py b/scitt_emulator/key_loader_format_url_referencing_activitypub_actor.py
@@ -1,3 +1,4 @@
+import os
 import json
 import contextlib
 import urllib.parse
@@ -12,23 +13,53 @@
 # TODO Remove this once we have a example flow for proper key verification
 import jwcrypto.jwk
 
-from scitt_emulator.did_helpers import did_web_to_url
 
 
 def key_loader_format_url_referencing_activitypub_actor(
     unverified_issuer: str,
 ) -> List[Tuple[cwt.COSEKey, pycose.keys.ec2.EC2Key]]:
+    """
+    >>> import httptest
+    >>>
+    >>> class TestHTTPServer(httptest.Handler):
+    ...
+    ...     def do_GET(self):
+    ...         print("path", self.path)
+    ...         contents = json.dumps().encode()
+    ...         self.send_response(200)
+    ...         self.send_header("Content-type", "text/plain")
+    ...         self.send_header("Content-length", len(contents))
+    ...         self.end_headers()
+    ...         self.wfile.write(contents)
+    >>>
+    >>> with httptest.Server(TestHTTPServer) as ts:
+    ...     key_loader_format_url_referencing_activitypub_actor(f"alice@{ts.url()}")
+    """
     jwk_keys = []
     cwt_cose_keys = []
     pycose_cose_keys = []
 
     # TODO Support for lookup by did:key, also, is that just bonvie that does
     # that via webfinger? Need to check
-    if (
-        not unverified_issuer.startswith("did:web:")
-        or urllib.parse.quote("webfinger?resource=") not in unverified_issuer
-    ):
+    # if (
+    #     not unverified_issuer.startswith("did:web:")
+    #     or urllib.parse.quote("webfinger?resource=") not in unverified_issuer
+    # ):
+    #     return pycose_cose_keys
+    if "@" not in unverified_issuer:
         return pycose_cose_keys
 
-    # export DOMAIN="scitt.unstable.chadig.com"; curl -s $(curl -s "https://${DOMAIN}/.well-known/webfinger?resource=acct:bovine@${DOMAIN}" | jq -r .links[0].href) | jq -r .publicKey.publicKeyPem
-    raise NotImplementedError()
+    handle_name, domain = unverified_issuer.split("@", maxsplit=1)
+    scheme = os.environ.get("DID_WEB_ASSUME_SCHEME", "https")
+    if "://" in domain:
+        scheme = domain.split("://")[0]
+    if not domain.startswith(scheme):
+        domain = f"{scheme}://{domain}"
+    domain_no_scheme = domain.replace(f"{scheme}://", "", 1)
+
+    # Webfinger the account
+    with urllib.request.urlopen(f"{domain}/.well-known/webfinger?resource=acct:{handle_name}@{domain_no_scheme}") as response:
+        with urllib.request.urlopen(json.load(response)["links"][0]["href"]) as response:
+            public_key_pem = json.load(response)["publicKey"]["publicKeyPem"]
+            # TODO
+            jwcrypto.jwk.JWK().from_pem(public_key_pem)