2019-09-24 02:05:14 +00:00
|
|
|
from flask import session, render_template, request, redirect, url_for
|
2019-09-18 11:27:07 +00:00
|
|
|
import requests
|
|
|
|
from mastodon import Mastodon
|
2019-09-24 02:05:14 +00:00
|
|
|
import re, json
|
2019-09-18 11:27:07 +00:00
|
|
|
|
2019-09-19 04:40:41 +00:00
|
|
|
def bot_accounts_add(mysql, cfg):
|
2019-09-18 11:27:07 +00:00
|
|
|
if request.method == 'POST':
|
|
|
|
if session['step'] == 1:
|
|
|
|
if request.form['account'] == session['bot']:
|
|
|
|
error = "Bots cannot learn from themselves."
|
|
|
|
return render_template("bot/accounts_add.html", error = error)
|
|
|
|
|
|
|
|
# look up user
|
|
|
|
handle_list = request.form['account'].split('@')
|
|
|
|
if len(handle_list) != 3:
|
|
|
|
# not formatted correctly
|
|
|
|
error = "Incorrectly formatted handle."
|
|
|
|
return render_template("bot/accounts_add.html", error = error)
|
|
|
|
|
2019-09-22 05:18:55 +00:00
|
|
|
session['username'] = handle_list[1]
|
|
|
|
session['instance'] = handle_list[2]
|
|
|
|
session['handle'] = request.form['account']
|
2019-09-18 11:27:07 +00:00
|
|
|
|
2019-09-24 02:05:14 +00:00
|
|
|
if session['instance'] in json.load(open("blacklist.json")):
|
|
|
|
session['error'] = "Learning from accounts on this instance is not allowed."
|
|
|
|
return redirect(url_for("render_bot_accounts_add"))
|
|
|
|
|
2019-09-18 11:27:07 +00:00
|
|
|
try:
|
2019-09-22 05:18:55 +00:00
|
|
|
r = requests.get("https://{}/api/v1/instance".format(session['instance']), timeout=10)
|
2019-09-18 11:27:07 +00:00
|
|
|
except requests.exceptions.ConnectionError:
|
2019-09-22 05:18:55 +00:00
|
|
|
error = "Couldn't connect to {}.".format(session['instance'])
|
2019-09-18 11:27:07 +00:00
|
|
|
return render_template("bot/accounts_add.html", error = error)
|
|
|
|
except:
|
|
|
|
error = "An unknown error occurred."
|
|
|
|
return render_template("bot/accounts_add.html", error = error)
|
|
|
|
|
|
|
|
if r.status_code == 200:
|
|
|
|
j = r.json()
|
2019-09-22 05:18:55 +00:00
|
|
|
if "Pleroma" in j['version']:
|
|
|
|
session['instance_type'] = "Pleroma"
|
|
|
|
session['step'] += 1
|
|
|
|
else:
|
|
|
|
if 'contact_account' in j and 'is_pro' in j['contact_account']:
|
|
|
|
# gab instance
|
|
|
|
session['error'] = "Gab instances are not supported."
|
|
|
|
return render_template("bot/accounts_add.html", error = error)
|
|
|
|
else:
|
|
|
|
session['instance_type'] = "Mastodon"
|
|
|
|
session['step'] += 1
|
2020-01-20 02:15:27 +00:00
|
|
|
|
2019-09-22 05:18:55 +00:00
|
|
|
else:
|
|
|
|
error = "Unsupported instance type. Misskey support is planned."
|
|
|
|
return render_template("bot/accounts_add.html", error = error)
|
|
|
|
|
|
|
|
session['client_id'], session['client_secret'] = Mastodon.create_app(
|
|
|
|
"FediBooks User Authenticator",
|
|
|
|
api_base_url="https://{}".format(session['instance']),
|
2019-09-24 01:48:04 +00:00
|
|
|
scopes=["read:statuses", "read:accounts"] if session['instance_type'] == 'Mastodon' else ["read"],
|
2019-09-22 05:18:55 +00:00
|
|
|
website=cfg['base_uri']
|
|
|
|
)
|
|
|
|
|
|
|
|
client = Mastodon(
|
|
|
|
client_id=session['client_id'],
|
|
|
|
client_secret=session['client_secret'],
|
|
|
|
api_base_url="https://{}".format(session['instance'])
|
|
|
|
)
|
|
|
|
|
|
|
|
session['url'] = client.auth_request_url(
|
|
|
|
client_id=session['client_id'],
|
2019-09-24 01:48:04 +00:00
|
|
|
scopes=["read:statuses", "read:accounts"] if session['instance_type'] == 'Mastodon' else ["read"]
|
2019-09-22 05:18:55 +00:00
|
|
|
)
|
2019-09-18 11:27:07 +00:00
|
|
|
|
2019-09-22 05:18:55 +00:00
|
|
|
elif session['step'] == 2:
|
|
|
|
# test authentication
|
|
|
|
try:
|
|
|
|
client = Mastodon(client_id=session['client_id'], client_secret=session['client_secret'], api_base_url=session['instance'])
|
|
|
|
session['secret'] = client.log_in(
|
|
|
|
code = request.form['code'],
|
2019-09-24 01:48:04 +00:00
|
|
|
scopes=["read:statuses", "read:accounts"] if session['instance_type'] == 'Mastodon' else ["read"],
|
2019-09-22 05:18:55 +00:00
|
|
|
)
|
2019-09-22 10:10:33 +00:00
|
|
|
username = client.account_verify_credentials()['username']
|
|
|
|
if username != session['username']:
|
2019-09-23 01:15:40 +00:00
|
|
|
error = "Please authenticate as {}.".format(session['username'])
|
2020-01-20 09:50:16 +00:00
|
|
|
if username.lower() == session['username'].lower():
|
|
|
|
error += " Make sure you capitalised the name properly - @user and @USER are different."
|
2019-09-22 10:10:33 +00:00
|
|
|
return render_template("bot/accounts_add.html", error = error)
|
2019-09-22 05:18:55 +00:00
|
|
|
except:
|
|
|
|
session['step'] = 1
|
|
|
|
error = "Authentication failed."
|
|
|
|
return render_template("bot/accounts_add.html", error = error)
|
2020-01-20 02:15:27 +00:00
|
|
|
|
2019-09-18 11:27:07 +00:00
|
|
|
# 1. download host-meta to find webfinger URL
|
2019-09-22 05:18:55 +00:00
|
|
|
r = requests.get("https://{}/.well-known/host-meta".format(session['instance']), timeout=10)
|
2019-09-18 11:27:07 +00:00
|
|
|
if r.status_code != 200:
|
|
|
|
error = "Couldn't get host-meta."
|
|
|
|
return render_template("bot/accounts_add.html", error = error)
|
|
|
|
|
|
|
|
# 2. use webfinger to find user's info page
|
|
|
|
#TODO: use more reliable method
|
|
|
|
try:
|
|
|
|
uri = re.search(r'template="([^"]+)"', r.text).group(1)
|
2019-09-22 05:18:55 +00:00
|
|
|
uri = uri.format(uri = "{}@{}".format(session['username'], session['instance']))
|
2019-09-18 11:27:07 +00:00
|
|
|
except:
|
|
|
|
error = "Couldn't find WebFinger URL."
|
|
|
|
return render_template("bot/accounts_add.html", error = error)
|
|
|
|
|
|
|
|
r = requests.get(uri, headers={"Accept": "application/json"}, timeout=10)
|
|
|
|
try:
|
|
|
|
j = r.json()
|
|
|
|
except:
|
|
|
|
error = "Invalid WebFinger response."
|
|
|
|
return render_template("bot/accounts_add.html", error = error)
|
|
|
|
|
|
|
|
found = False
|
|
|
|
for link in j['links']:
|
|
|
|
if link['rel'] == 'self':
|
|
|
|
#this is a link formatted like "https://instan.ce/users/username", which is what we need
|
|
|
|
uri = link['href']
|
|
|
|
found = True
|
|
|
|
break
|
|
|
|
if not found:
|
|
|
|
error = "Couldn't find a valid ActivityPub outbox URL."
|
|
|
|
return render_template("bot/accounts_add.html", error = error)
|
|
|
|
|
|
|
|
# 3. format as outbox URL and check to make sure it works
|
|
|
|
outbox = "{}/outbox?page=true".format(uri)
|
2019-09-22 05:18:55 +00:00
|
|
|
r = requests.get(outbox, headers={"Accept": "application/json,application/activity+json"}, timeout=10)
|
2019-09-18 11:27:07 +00:00
|
|
|
if r.status_code == 200:
|
|
|
|
# success!!
|
|
|
|
c = mysql.connection.cursor()
|
2019-09-22 05:18:55 +00:00
|
|
|
c.execute("REPLACE INTO `fedi_accounts` (`handle`, `outbox`) VALUES (%s, %s)", (session['handle'], outbox))
|
|
|
|
c.execute("INSERT INTO `bot_learned_accounts` (`bot_id`, `fedi_id`) VALUES (%s, %s)", (session['bot'], session['handle']))
|
2019-09-18 11:27:07 +00:00
|
|
|
c.close()
|
|
|
|
mysql.connection.commit()
|
2019-09-19 04:40:41 +00:00
|
|
|
|
2019-09-18 11:27:07 +00:00
|
|
|
return redirect("/bot/accounts/{}".format(session['bot']), 303)
|
|
|
|
else:
|
2019-09-22 05:18:55 +00:00
|
|
|
error = "Couldn't access ActivityPub outbox. {} may require authenticated fetches, which FediBooks doesn't support yet.".format(session['instance'])
|
2019-09-18 11:27:07 +00:00
|
|
|
return render_template("bot/accounts_add.html", error = error)
|
|
|
|
else:
|
|
|
|
# new account add request
|
|
|
|
session['step'] = 1
|
|
|
|
|
|
|
|
return render_template("bot/accounts_add.html", error = session.pop('error', None))
|