✨ Added HTTP utils

2022-01-14 01:52:03 +05:00 · 2022-01-14 01:52:03 +05:00 · 04c75ea14d
parent 4f1e63e221
commit 04c75ea14d
1 changed files with 182 additions and 0 deletions
--- a/internal/util/http.go
+++ b/internal/util/http.go
@ -0,0 +1,182 @@
+package util
+
+import (
+	"bytes"
+	"encoding/json"
+	"net/url"
+	"strings"
+
+	"github.com/tomnomnom/linkheader"
+	http "github.com/valyala/fasthttp"
+	"willnorris.com/go/microformats"
+
+	"source.toby3d.me/website/indieauth/internal/domain"
+)
+
+//nolint: tagliatelle
+type Metadata struct {
+	// The server's issuer identifier. The issuer identifier is a
+	// URL that uses the "https" scheme and has no query or fragment
+	// components. The identifier MUST be a prefix of the
+	// indieauth-metadata URL. e.g. for an indieauth-metadata
+	// endpoint
+	// https://example.com/.well-known/oauth-authorization-server,
+	// the issuer URL could be https://example.com/, or for a
+	// metadata URL of
+	// https://example.com/wp-json/indieauth/1.0/metadata, the
+	// issuer URL could be https://example.com/wp-json/indieauth/1.0
+	Issuer *domain.URL `json:"issuer"`
+
+	// The Authorization Endpoint.
+	AuthorizationEndpoint *domain.URL `json:"authorization_endpoint"`
+
+	// The Token Endpoint.
+	TokenEndpoint *domain.URL `json:"token_endpoint"`
+
+	//  JSON array containing scope values supported by the
+	// IndieAuth server. Servers MAY choose not to advertise some
+	// supported scope values even when this parameter is used.
+	ScopesSupported domain.Scopes `json:"scopes_supported,omitempty"`
+
+	// JSON array containing the response_type values supported.
+	// This differs from RFC8414 in that this parameter is OPTIONAL
+	// and that, if omitted, the default is code.
+	ResponseTypesSupported []domain.ResponseType `json:"response_types_supported,omitempty"`
+
+	// JSON array containing grant type values supported. If
+	// omitted, the default value differs from RFC8414 and is
+	// authorization_code.
+	GrantTypesSupported []domain.GrantType `json:"grant_types_supported,omitempty"`
+
+	// URL of a page containing human-readable information that
+	// developers might need to know when using the server. This
+	// might be a link to the IndieAuth spec or something more
+	// personal to your implementation.
+	ServiceDocumentation *domain.URL `json:"service_documentation,omitempty"`
+
+	// JSON array containing the methods supported for PKCE. This
+	// parameter differs from RFC8414 in that it is not optional as
+	// PKCE is REQUIRED.
+	CodeChallengeMethodsSupported []domain.CodeChallengeMethod `json:"code_challenge_methods_supported"`
+
+	// Boolean parameter indicating whether the authorization server
+	// provides the iss parameter. If omitted, the default value is
+	// false. As the iss parameter is REQUIRED, this is provided for
+	// compatibility with OAuth 2.0 servers implementing the
+	// parameter.
+	//
+	//nolint: lll
+	AuthorizationResponseIssParameterSupported bool `json:"authorization_response_iss_parameter_supported,omitempty"`
+
+	// WARN(toby3d): experimental
+	// The Ticket Endpoint.
+	TicketEndpoint *domain.URL `json:"ticket_endpoint,omitempty"`
+
+	// The Micropub Endpoint.
+	Micropub *domain.URL `json:"micropub,omitempty"`
+
+	// The Microsub Endpoint.
+	Microsub *domain.URL `json:"microsub,omitempty"`
+}
+
+func ExtractEndpoints(resp *http.Response, rel string) []*domain.URL {
+	results := make([]*domain.URL, 0)
+
+	urls, err := ExtractEndpointsFromHeader(resp, rel)
+	if err == nil {
+		results = append(results, urls...)
+	}
+
+	urls, err = ExtractEndpointsFromBody(resp, rel)
+	if err == nil {
+		results = append(results, urls...)
+	}
+
+	return results
+}
+
+func ExtractEndpointsFromHeader(resp *http.Response, rel string) ([]*domain.URL, error) {
+	results := make([]*domain.URL, 0)
+
+	for _, link := range linkheader.Parse(string(resp.Header.Peek(http.HeaderLink))) {
+		if !strings.EqualFold(link.Rel, rel) {
+			continue
+		}
+
+		u := http.AcquireURI()
+		if err := u.Parse(resp.Header.Peek(http.HeaderHost), []byte(link.URL)); err != nil {
+			return nil, err
+		}
+
+		results = append(results, &domain.URL{URI: u})
+	}
+
+	return results, nil
+}
+
+func ExtractEndpointsFromBody(resp *http.Response, rel string) ([]*domain.URL, error) {
+	endpoints, ok := microformats.Parse(bytes.NewReader(resp.Body()), nil).Rels[rel]
+	if !ok || len(endpoints) == 0 {
+		return nil, nil
+	}
+
+	results := make([]*domain.URL, 0)
+
+	for i := range endpoints {
+		u := http.AcquireURI()
+		if err := u.Parse(resp.Header.Peek(http.HeaderHost), []byte(endpoints[i])); err != nil {
+			return nil, err
+		}
+
+		results = append(results, &domain.URL{URI: u})
+	}
+
+	return results, nil
+}
+
+func ExtractMetadata(resp *http.Response, client *http.Client) (*Metadata, error) {
+	endpoints := ExtractEndpoints(resp, "indieauth-metadata")
+	if endpoints == nil || len(endpoints) == 0 {
+		return nil, nil
+	}
+
+	_, body, err := client.Get(nil, endpoints[len(endpoints)-1].String())
+	if err != nil {
+		return nil, err
+	}
+
+	result := new(Metadata)
+	if err = json.Unmarshal(body, result); err != nil {
+		return nil, err
+	}
+
+	return result, nil
+}
+
+func ExtractProperty(resp *http.Response, t, key string) []interface{} {
+	data := microformats.Parse(bytes.NewReader(resp.Body()), &url.URL{
+		Host: string(resp.Header.Peek(http.HeaderHost)),
+	})
+
+	for _, item := range data.Items {
+		if !contains(item.Type, t) {
+			continue
+		}
+
+		return item.Properties[key]
+	}
+
+	return nil
+}
+
+func contains(src []string, find string) bool {
+	for i := range src {
+		if !strings.EqualFold(src[i], find) {
+			continue
+		}
+
+		return true
+	}
+
+	return false
+}