Платформа ЦРНП "Мирокод" для разработки проектов
https://git.mirocod.ru
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
307 lines
8.2 KiB
307 lines
8.2 KiB
// Copyright 2016 by Sandro Santilli <strk@kbt.io> |
|
// Use of this source code is governed by a MIT |
|
// license that can be found in the LICENSE file. |
|
|
|
// Implements support for federated avatars lookup. |
|
// See https://wiki.libravatar.org/api/ |
|
|
|
package libravatar // import "strk.kbt.io/projects/go/libravatar" |
|
|
|
import ( |
|
"crypto/md5" |
|
"crypto/sha256" |
|
"fmt" |
|
"math/rand" |
|
"net" |
|
"net/mail" |
|
"net/url" |
|
"strings" |
|
"sync" |
|
"time" |
|
) |
|
|
|
// Default images (to be used as defaultURL) |
|
const ( |
|
// Do not load any image if none is associated with the email |
|
// hash, instead return an HTTP 404 (File Not Found) response |
|
HTTP404 = "404" |
|
// (mystery-man) a simple, cartoon-style silhouetted outline of |
|
// a person (does not vary by email hash) |
|
MysteryMan = "mm" |
|
// a geometric pattern based on an email hash |
|
IdentIcon = "identicon" |
|
// a generated 'monster' with different colors, faces, etc |
|
MonsterID = "monsterid" |
|
// generated faces with differing features and backgrounds |
|
Wavatar = "wavatar" |
|
// awesome generated, 8-bit arcade-style pixelated faces |
|
Retro = "retro" |
|
) |
|
|
|
var ( |
|
// DefaultLibravatar is a default Libravatar object, |
|
// enabling object-less function calls |
|
DefaultLibravatar = New() |
|
) |
|
|
|
/* This should be moved in its own file */ |
|
type cacheKey struct { |
|
service string |
|
domain string |
|
} |
|
|
|
type cacheValue struct { |
|
target string |
|
checkedAt time.Time |
|
} |
|
|
|
// Libravatar is an opaque structure holding service configuration |
|
type Libravatar struct { |
|
defURL string // default url |
|
picSize int // picture size |
|
fallbackHost string // default fallback URL |
|
secureFallbackHost string // default fallback URL for secure connections |
|
useHTTPS bool |
|
nameCache map[cacheKey]cacheValue |
|
nameCacheDuration time.Duration |
|
nameCacheMutex *sync.Mutex |
|
minSize uint // smallest image dimension allowed |
|
maxSize uint // largest image dimension allowed |
|
size uint // what dimension should be used |
|
serviceBase string // SRV record to be queried for federation |
|
secureServiceBase string // SRV record to be queried for federation with secure servers |
|
} |
|
|
|
// New instanciates a new Libravatar object (handle) |
|
func New() *Libravatar { |
|
// According to https://wiki.libravatar.org/running_your_own/ |
|
// the time-to-live (cache expiry) should be set to at least 1 day. |
|
return &Libravatar{ |
|
fallbackHost: `cdn.libravatar.org`, |
|
secureFallbackHost: `seccdn.libravatar.org`, |
|
minSize: 1, |
|
maxSize: 512, |
|
size: 0, // unset, defaults to 80 |
|
serviceBase: `avatars`, |
|
secureServiceBase: `avatars-sec`, |
|
nameCache: make(map[cacheKey]cacheValue), |
|
nameCacheDuration: 24 * time.Hour, |
|
nameCacheMutex: &sync.Mutex{}, |
|
} |
|
} |
|
|
|
// SetFallbackHost sets the hostname for fallbacks in case no avatar |
|
// service is defined for a domain |
|
func (v *Libravatar) SetFallbackHost(host string) { |
|
v.fallbackHost = host |
|
} |
|
|
|
// SetSecureFallbackHost sets the hostname for fallbacks in case no |
|
// avatar service is defined for a domain, when requiring secure domains |
|
func (v *Libravatar) SetSecureFallbackHost(host string) { |
|
v.secureFallbackHost = host |
|
} |
|
|
|
// SetUseHTTPS sets flag requesting use of https for fetching avatars |
|
func (v *Libravatar) SetUseHTTPS(use bool) { |
|
v.useHTTPS = use |
|
} |
|
|
|
// SetAvatarSize sets avatars image dimension (0 for default) |
|
func (v *Libravatar) SetAvatarSize(size uint) { |
|
v.size = size |
|
} |
|
|
|
// generate hash, either with email address or OpenID |
|
func (v *Libravatar) genHash(email *mail.Address, openid *url.URL) string { |
|
if email != nil { |
|
email.Address = strings.ToLower(strings.TrimSpace(email.Address)) |
|
sum := md5.Sum([]byte(email.Address)) |
|
return fmt.Sprintf("%x", sum) |
|
} else if openid != nil { |
|
openid.Scheme = strings.ToLower(openid.Scheme) |
|
openid.Host = strings.ToLower(openid.Host) |
|
sum := sha256.Sum256([]byte(openid.String())) |
|
return fmt.Sprintf("%x", sum) |
|
} |
|
// panic, because this should not be reachable |
|
panic("Neither Email or OpenID set") |
|
} |
|
|
|
// Gets domain out of email or openid (for openid to be parsed, email has to be nil) |
|
func (v *Libravatar) getDomain(email *mail.Address, openid *url.URL) string { |
|
if email != nil { |
|
u, err := url.Parse("//" + email.Address) |
|
if err != nil { |
|
if v.useHTTPS && v.secureFallbackHost != "" { |
|
return v.secureFallbackHost |
|
} |
|
return v.fallbackHost |
|
} |
|
return u.Host |
|
} else if openid != nil { |
|
return openid.Host |
|
} |
|
// panic, because this should not be reachable |
|
panic("Neither Email or OpenID set") |
|
} |
|
|
|
// Processes email or openid (for openid to be processed, email has to be nil) |
|
func (v *Libravatar) process(email *mail.Address, openid *url.URL) (string, error) { |
|
URL, err := v.baseURL(email, openid) |
|
if err != nil { |
|
return "", err |
|
} |
|
res := fmt.Sprintf("%s/avatar/%s", URL, v.genHash(email, openid)) |
|
|
|
values := make(url.Values) |
|
if v.defURL != "" { |
|
values.Add("d", v.defURL) |
|
} |
|
if v.size > 0 { |
|
values.Add("s", fmt.Sprintf("%d", v.size)) |
|
} |
|
|
|
if len(values) > 0 { |
|
return fmt.Sprintf("%s?%s", res, values.Encode()), nil |
|
} |
|
return res, nil |
|
} |
|
|
|
// Finds or defaults a URL for Federation (for openid to be used, email has to be nil) |
|
func (v *Libravatar) baseURL(email *mail.Address, openid *url.URL) (string, error) { |
|
var service, protocol, domain string |
|
|
|
if v.useHTTPS { |
|
protocol = "https://" |
|
service = v.secureServiceBase |
|
domain = v.secureFallbackHost |
|
|
|
} else { |
|
protocol = "http://" |
|
service = v.serviceBase |
|
domain = v.fallbackHost |
|
} |
|
|
|
host := v.getDomain(email, openid) |
|
key := cacheKey{service, host} |
|
now := time.Now() |
|
v.nameCacheMutex.Lock() |
|
val, found := v.nameCache[key] |
|
v.nameCacheMutex.Unlock() |
|
if found && now.Sub(val.checkedAt) <= v.nameCacheDuration { |
|
return protocol + val.target, nil |
|
} |
|
|
|
_, addrs, err := net.LookupSRV(service, "tcp", host) |
|
if err != nil && err.(*net.DNSError).IsTimeout { |
|
return "", err |
|
} |
|
|
|
if len(addrs) == 1 { |
|
// select only record, if only one is available |
|
domain = strings.TrimSuffix(addrs[0].Target, ".") |
|
} else if len(addrs) > 1 { |
|
// Select first record according to RFC2782 weight |
|
// ordering algorithm (page 3) |
|
|
|
type record struct { |
|
srv *net.SRV |
|
weight uint16 |
|
} |
|
|
|
var ( |
|
totalWeight uint16 |
|
records []record |
|
topPriority = addrs[0].Priority |
|
topRecord *net.SRV |
|
) |
|
|
|
for _, rr := range addrs { |
|
if rr.Priority > topPriority { |
|
continue |
|
} else if rr.Priority < topPriority { |
|
// won't happen, because net sorts |
|
// by priority, but just in case |
|
totalWeight = 0 |
|
records = nil |
|
topPriority = rr.Priority |
|
} |
|
|
|
totalWeight += rr.Weight |
|
|
|
if rr.Weight > 0 { |
|
records = append(records, record{rr, totalWeight}) |
|
} else if rr.Weight == 0 { |
|
records = append([]record{record{srv: rr, weight: totalWeight}}, records...) |
|
} |
|
} |
|
|
|
if len(records) == 1 { |
|
topRecord = records[0].srv |
|
} else { |
|
randnum := uint16(rand.Intn(int(totalWeight))) |
|
|
|
for _, rr := range records { |
|
if rr.weight >= randnum { |
|
topRecord = rr.srv |
|
break |
|
} |
|
} |
|
} |
|
|
|
domain = fmt.Sprintf("%s:%d", topRecord.Target, topRecord.Port) |
|
} |
|
|
|
v.nameCacheMutex.Lock() |
|
v.nameCache[key] = cacheValue{checkedAt: now, target: domain} |
|
v.nameCacheMutex.Unlock() |
|
return protocol + domain, nil |
|
} |
|
|
|
// FromEmail returns the url of the avatar for the given email |
|
func (v *Libravatar) FromEmail(email string) (string, error) { |
|
addr, err := mail.ParseAddress(email) |
|
if err != nil { |
|
return "", err |
|
} |
|
|
|
link, err := v.process(addr, nil) |
|
if err != nil { |
|
return "", err |
|
} |
|
|
|
return link, nil |
|
} |
|
|
|
// FromEmail is the object-less call to DefaultLibravatar for an email adders |
|
func FromEmail(email string) (string, error) { |
|
return DefaultLibravatar.FromEmail(email) |
|
} |
|
|
|
// FromURL returns the url of the avatar for the given url (typically |
|
// for OpenID) |
|
func (v *Libravatar) FromURL(openid string) (string, error) { |
|
ourl, err := url.Parse(openid) |
|
if err != nil { |
|
return "", err |
|
} |
|
|
|
if !ourl.IsAbs() { |
|
return "", fmt.Errorf("Is not an absolute URL") |
|
} else if ourl.Scheme != "http" && ourl.Scheme != "https" { |
|
return "", fmt.Errorf("Invalid protocol: %s", ourl.Scheme) |
|
} |
|
|
|
link, err := v.process(nil, ourl) |
|
if err != nil { |
|
return "", err |
|
} |
|
|
|
return link, nil |
|
} |
|
|
|
// FromURL is the object-less call to DefaultLibravatar for a URL |
|
func FromURL(openid string) (string, error) { |
|
return DefaultLibravatar.FromURL(openid) |
|
}
|
|
|