diff options
| author | Jesse Morgan <jesse@jesterpm.net> | 2020-09-18 09:22:03 -0700 |
|---|---|---|
| committer | Jesse Morgan <jesse@jesterpm.net> | 2020-09-18 09:22:03 -0700 |
| commit | 89734a74faed3c330bed569ac36b6480da8ed8d9 (patch) | |
| tree | 278b74f181e2866a439720f69c9d9b5699276c03 | |
| parent | 001d2d3dccafea7b368cd6545a5a0b000a84ee76 (diff) | |
First pass at a photo resizing endpoint.
This is currently fetching the images from the media_url, since I ripped
it out of another project. I still need to change it to fetch from S3
directly.
This is also using actix_web::client instead of reqwest. I should
probably switch the oauth module to do the same.
| -rw-r--r-- | Cargo.lock | 231 | ||||
| -rw-r--r-- | Cargo.toml | 4 | ||||
| -rw-r--r-- | src/main.rs | 172 | ||||
| -rw-r--r-- | src/media.rs | 161 | ||||
| -rw-r--r-- | src/micropub.rs | 168 |
5 files changed, 571 insertions, 165 deletions
@@ -46,6 +46,8 @@ dependencies = [ "futures", "http", "log", + "openssl", + "tokio-openssl", "trust-dns-proto", "trust-dns-resolver", ] @@ -61,6 +63,7 @@ dependencies = [ "actix-rt", "actix-service", "actix-threadpool", + "actix-tls", "actix-utils 1.0.6", "base64 0.11.0", "bitflags", @@ -227,6 +230,8 @@ dependencies = [ "either", "futures", "log", + "openssl", + "tokio-openssl", ] [[package]] @@ -294,6 +299,7 @@ dependencies = [ "log", "mime", "net2", + "openssl", "pin-project", "regex", "serde", @@ -330,6 +336,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ee2a4ec343196209d6594e19543ae87a39f96d5534d7174822a3ad825dd6ed7e" [[package]] +name = "adler32" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aae1277d39aeec15cb388266ecc24b11c80469deae6067e17a1a7aa9e5c1f234" + +[[package]] name = "aho-corasick" version = "0.7.13" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -400,6 +412,7 @@ dependencies = [ "futures-core", "log", "mime", + "openssl", "percent-encoding", "rand", "serde", @@ -416,7 +429,7 @@ dependencies = [ "addr2line", "cfg-if", "libc", - "miniz_oxide", + "miniz_oxide 0.4.1", "object", "rustc-demangle", ] @@ -498,6 +511,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2e8c087f005730276d1096a652e92a8bacee2e2472bcc9715a74d2bec38b5820" [[package]] +name = "bytemuck" +version = "1.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "41aa2ec95ca3b5c54cf73c91acf06d24f4495d5f1b1c12506ae3483d646177ac" + +[[package]] name = "byteorder" version = "1.3.4" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -552,6 +571,12 @@ dependencies = [ ] [[package]] +name = "color_quant" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0dbbb57365263e881e805dc77d94697c9118fd94d8da011240555aa7b23445bd" + +[[package]] name = "const_fn" version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -601,6 +626,42 @@ dependencies = [ ] [[package]] +name = "crossbeam-channel" +version = "0.4.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b153fe7cbef478c567df0f972e02e6d736db11affe43dfc9c56a9374d1adfb87" +dependencies = [ + "crossbeam-utils", + "maybe-uninit", +] + +[[package]] +name = "crossbeam-deque" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9f02af974daeee82218205558e51ec8768b48cf524bd01d550abe5573a608285" +dependencies = [ + "crossbeam-epoch", + "crossbeam-utils", + "maybe-uninit", +] + +[[package]] +name = "crossbeam-epoch" +version = "0.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "058ed274caafc1f60c4997b5fc07bf7dc7cca454af7c6e81edffe5f33f70dace" +dependencies = [ + "autocfg", + "cfg-if", + "crossbeam-utils", + "lazy_static", + "maybe-uninit", + "memoffset", + "scopeguard", +] + +[[package]] name = "crossbeam-utils" version = "0.7.2" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -622,6 +683,16 @@ dependencies = [ ] [[package]] +name = "deflate" +version = "0.8.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "73770f8e1fe7d64df17ca66ad28994a0a623ea497fa69486e14984e715c5d174" +dependencies = [ + "adler32", + "byteorder", +] + +[[package]] name = "derive_more" version = "0.99.10" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -745,7 +816,7 @@ dependencies = [ "cfg-if", "crc32fast", "libc", - "miniz_oxide", + "miniz_oxide 0.4.1", ] [[package]] @@ -911,6 +982,16 @@ dependencies = [ ] [[package]] +name = "gif" +version = "0.10.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "471d90201b3b223f3451cd4ad53e34295f16a1df17b1edf3736d47761c3981af" +dependencies = [ + "color_quant", + "lzw", +] + +[[package]] name = "gimli" version = "0.22.0" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1071,6 +1152,24 @@ dependencies = [ ] [[package]] +name = "image" +version = "0.23.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "974e194911d1f7efe3cd8a8f9db3b767e43536327e899e8bc9a12ef5711b74d2" +dependencies = [ + "bytemuck", + "byteorder", + "gif", + "jpeg-decoder", + "num-iter", + "num-rational", + "num-traits", + "png", + "scoped_threadpool", + "tiff", +] + +[[package]] name = "indexmap" version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1120,6 +1219,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "dc6f3ad7b9d11a0c00842ff8de1b60ee58661048eb8049ed33c73594f359d7e6" [[package]] +name = "jpeg-decoder" +version = "0.1.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cc797adac5f083b8ff0ca6f6294a999393d76e197c36488e2ef732c4715f6fa3" +dependencies = [ + "byteorder", + "rayon", +] + +[[package]] name = "js-sys" version = "0.3.45" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1190,6 +1299,12 @@ dependencies = [ ] [[package]] +name = "lzw" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7d947cbb889ed21c2a84be6ffbaebf5b4e0f4340638cba0444907e38b56be084" + +[[package]] name = "match_cfg" version = "0.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1202,6 +1317,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7ffc5c5338469d4d3ea17d269fa8ea3512ad247247c30bd2df69e68309ed0a08" [[package]] +name = "maybe-uninit" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "60302e4db3a61da70c0cb7991976248362f30319e88850c487b9b95bbf059e00" + +[[package]] name = "md5" version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1214,6 +1335,15 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3728d817d99e5ac407411fa471ff9800a778d88a24685968b36824eaf4bee400" [[package]] +name = "memoffset" +version = "0.5.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c198b026e1bbf08a937e94c6c60f9ec4a2267f5b0d2eec9c1b21b061ce2be55f" +dependencies = [ + "autocfg", +] + +[[package]] name = "mime" version = "0.3.16" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1231,6 +1361,15 @@ dependencies = [ [[package]] name = "miniz_oxide" +version = "0.3.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "791daaae1ed6889560f8c4359194f56648355540573244a5448a83ba1ecc7435" +dependencies = [ + "adler32", +] + +[[package]] +name = "miniz_oxide" version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4d7559a8a40d0f97e1edea3220f698f78b1c5ab67532e49f68fde3910323b722" @@ -1342,6 +1481,28 @@ dependencies = [ ] [[package]] +name = "num-iter" +version = "0.1.41" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7a6e6b7c748f995c4c29c5f5ae0248536e04a5739927c74ec0fa564805094b9f" +dependencies = [ + "autocfg", + "num-integer", + "num-traits", +] + +[[package]] +name = "num-rational" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a5b4d7360f362cfb50dde8143501e6940b22f644be75a4cc90b2d81968908138" +dependencies = [ + "autocfg", + "num-integer", + "num-traits", +] + +[[package]] name = "num-traits" version = "0.2.12" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1482,6 +1643,18 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d36492546b6af1463394d46f0c834346f31548646f6ba10849802c9c9a27ac33" [[package]] +name = "png" +version = "0.16.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dfe7f9f1c730833200b134370e1d5098964231af8450bce9b78ee3ab5278b970" +dependencies = [ + "bitflags", + "crc32fast", + "deflate", + "miniz_oxide 0.3.7", +] + +[[package]] name = "ppv-lite86" version = "0.2.9" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1565,6 +1738,31 @@ dependencies = [ ] [[package]] +name = "rayon" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cfd016f0c045ad38b5251be2c9c0ab806917f82da4d36b2a327e5166adad9270" +dependencies = [ + "autocfg", + "crossbeam-deque", + "either", + "rayon-core", +] + +[[package]] +name = "rayon-core" +version = "1.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e8c4fec834fb6e6d2dd5eece3c7b432a52f0ba887cf40e595190c4107edc08bf" +dependencies = [ + "crossbeam-channel", + "crossbeam-deque", + "crossbeam-utils", + "lazy_static", + "num_cpus", +] + +[[package]] name = "redox_syscall" version = "0.1.57" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1781,9 +1979,11 @@ dependencies = [ "actix-rt", "actix-web", "base32", + "bytes", "chrono", "env_logger", "futures", + "image", "log", "mime", "rand", @@ -1805,6 +2005,12 @@ dependencies = [ ] [[package]] +name = "scoped_threadpool" +version = "0.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d51f5df5af43ab3f1360b429fa5e0152ac5ce8c0bd6485cae490332e96846a8" + +[[package]] name = "scopeguard" version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2079,6 +2285,17 @@ dependencies = [ ] [[package]] +name = "tiff" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f3b8a87c4da944c3f27e5943289171ac71a6150a79ff6bacfff06d159dfff2f" +dependencies = [ + "byteorder", + "lzw", + "miniz_oxide 0.3.7", +] + +[[package]] name = "time" version = "0.1.44" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2168,6 +2385,16 @@ dependencies = [ ] [[package]] +name = "tokio-openssl" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3c4b08c5f4208e699ede3df2520aca2e82401b2de33f45e96696a074480be594" +dependencies = [ + "openssl", + "tokio", +] + +[[package]] name = "tokio-tls" version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -12,7 +12,8 @@ log = "0.4" actix-multipart = "0.2" actix-rt = "1.0.0" -actix-web = "2.0.0" +actix-web = { version = "2.0.0", features = ["openssl"] } +bytes = "0.5" futures = "0.3" chrono = { version = "0.4", features = ["serde"] } @@ -26,3 +27,4 @@ reqwest = { version = "0.10", features = ["json"] } rusoto_core = "0.45.0" rusoto_s3 = "0.45.0" +image = "0.23" diff --git a/src/main.rs b/src/main.rs index d5da4ac..2c81ccd 100644 --- a/src/main.rs +++ b/src/main.rs @@ -1,171 +1,15 @@ -use actix_multipart::Multipart; -use actix_web::http::header; -use actix_web::{middleware, web, App, HttpRequest, HttpResponse, HttpServer}; - -use chrono::Utc; - -use futures::{StreamExt, TryStreamExt}; - -use rand::distributions::Alphanumeric; -use rand::{thread_rng, Rng}; +use actix_web::client::Client; +use actix_web::{middleware, web, App, HttpServer}; use rusoto_core::Region; -use rusoto_s3::{PutObjectRequest, S3Client, S3}; +use rusoto_s3::S3Client; use serde::{Deserialize, Serialize}; -use std::collections::HashMap; -use std::fmt::Display; -use std::iter; - +mod media; +mod micropub; mod oauth; -// To make the timepart shorter, we'll offset it with a custom epoch. -const EPOCH: i64 = 631152000; - -#[derive(Serialize, Deserialize)] -struct MicropubError { - error: String, - #[serde(skip_serializing_if = "Option::is_none")] - error_description: Option<String>, -} - -impl MicropubError { - pub fn new<S>(err: S) -> Self - where - S: Into<String>, - { - MicropubError { - error: err.into(), - error_description: None, - } - } - - pub fn with_description<S, D>(err: S, description: D) -> Self - where - S: Into<String>, - D: Display, - { - MicropubError { - error: err.into(), - error_description: Some(format!("{}", description)), - } - } -} - -fn random_id() -> String { - let now = Utc::now(); - - // Generate the time part - let ts = now.timestamp() - EPOCH; - let offset = (ts.leading_zeros() / 8) as usize; - let time_part = base32::encode( - base32::Alphabet::RFC4648 { padding: false }, - &ts.to_be_bytes()[offset..], - ); - - // Generate the random part - let mut rng = thread_rng(); - let random_part: String = iter::repeat(()) - .map(|()| rng.sample(Alphanumeric)) - .take(7) - .collect(); - - format!("{}-{}", time_part, random_part) -} - -async fn handle_upload(req: HttpRequest, mut payload: Multipart) -> HttpResponse { - let site = req - .app_data::<web::Data<SiteConfig>>() - .expect("Missing SiteConfig?"); - let s3_client = req - .app_data::<web::Data<S3Client>>() - .expect("Missing S3Client?"); - let verification_service = req - .app_data::<web::Data<oauth::VerificationService>>() - .expect("Missing VerificationService?"); - - let auth_header = match req - .headers() - .get(header::AUTHORIZATION) - .and_then(|s| s.to_str().ok()) - { - Some(auth_header) => auth_header, - None => return HttpResponse::Unauthorized().json(MicropubError::new("unauthorized")), - }; - - let access_token = match verification_service.validate(auth_header).await { - Ok(token) => token, - Err(e) => { - return HttpResponse::Unauthorized() - .json(MicropubError::with_description("unauthorized", e)) - } - }; - - if !access_token.scopes().any(|s| s == "media") { - return HttpResponse::Unauthorized().json(MicropubError::new("unauthorized")); - } - - // iterate over multipart stream - if let Ok(Some(field)) = payload.try_next().await { - let content_disp = field.content_disposition().unwrap(); - let content_type = field.content_type().clone(); - let filename = content_disp.get_filename(); - let ext = filename.and_then(|f| f.rsplit('.').next()); - let (classification, sep, suffix) = match content_type.type_() { - mime::IMAGE => ("photo", '.', ext), - mime::AUDIO => ("audio", '.', ext), - mime::VIDEO => ("video", '.', ext), - _ => ("file", '/', filename), - }; - - // This will be the key in S3. - let key = match suffix { - Some(ext) => format!("{}/{}{}{}", classification, random_id(), sep, ext), - None => format!("{}/{}", classification, random_id()), - }; - - // This will be the publicly accessible URL for the file. - let url = format!("{}/{}", site.media_url, key); - - let mut metadata: HashMap<String, String> = HashMap::new(); - metadata.insert( - "client-id".to_string(), - access_token.client_id().to_string(), - ); - metadata.insert("author".to_string(), access_token.me().to_string()); - if let Some(f) = filename { - metadata.insert("filename".to_string(), f.to_string()); - } - - let body = field - .map(|b| b.map(|b| b.to_vec())) - .try_concat() - .await - .unwrap(); - - let put_request = PutObjectRequest { - bucket: site.s3_bucket().to_owned(), - key, - body: Some(body.into()), - metadata: Some(metadata), - content_type: Some(content_type.to_string()), - ..Default::default() - }; - - match s3_client.put_object(put_request).await { - Ok(_) => { - return HttpResponse::Created() - .header(header::LOCATION, url) - .finish() - } - Err(e) => return HttpResponse::InternalServerError().body(format!("{}", e)), - }; - } - - HttpResponse::BadRequest().finish() -} - #[derive(Serialize, Deserialize, Clone)] #[serde(rename_all = "PascalCase")] pub struct SiteConfig { @@ -216,10 +60,14 @@ async fn main() -> std::io::Result<()> { HttpServer::new(move || { App::new() .wrap(middleware::Logger::default()) + .data(Client::new()) .data(site_config.clone()) .data(s3_client.clone()) .data(oauth::VerificationService::new(token_endpoint.clone())) - .service(web::resource("/micropub/media").route(web::post().to(handle_upload))) + .service( + web::resource("/micropub/media").route(web::post().to(micropub::handle_upload)), + ) + .configure(media::configure) }) .bind(bind)? .run() diff --git a/src/media.rs b/src/media.rs new file mode 100644 index 0000000..2723816 --- /dev/null +++ b/src/media.rs @@ -0,0 +1,161 @@ +use actix_web::client::{Client, ClientResponse}; +use actix_web::error::{ErrorBadRequest, ErrorInternalServerError}; +use actix_web::http::header; +use actix_web::{web, Error, HttpRequest, HttpResponse}; + +use image::imageops::FilterType; +use image::GenericImageView; +use image::ImageFormat; + +use crate::SiteConfig; + +pub fn configure(cfg: &mut web::ServiceConfig) { + cfg.service( + web::resource("/media/photo/{width:\\d+}x{height:\\d+}/{filename}") + .route(web::get().to(serve_photo)), + ); + cfg.service( + web::resource("/media/{type}/{filename:.+}") + .route(web::get().to(serve_file)) + .route(web::head().to(serve_file)), + ); +} + +async fn serve_photo( + req: HttpRequest, + config: web::Data<SiteConfig>, + client: web::Data<Client>, +) -> Result<HttpResponse, Error> { + let width = req + .match_info() + .get("width") + .ok_or(ErrorBadRequest("Bad URI")) + .and_then(|v| v.parse().map_err(|_| ErrorBadRequest("Bad URI")))?; + let height = req + .match_info() + .get("height") + .ok_or(ErrorBadRequest("Bad URI")) + .and_then(|v| v.parse().map_err(|_| ErrorBadRequest("Bad URI")))?; + let filename = req + .match_info() + .get("filename") + .ok_or(ErrorBadRequest("Bad URI"))?; + + let new_url = format!("{}/photo/{}", config.media_url(), filename); + + let forwarded_req = client.request_from(new_url, req.head()); + let forwarded_req = if let Some(addr) = req.head().peer_addr { + forwarded_req.header("x-forwarded-for", format!("{}", addr.ip())) + } else { + forwarded_req + }; + + let mut res = forwarded_req.send().await.map_err(Error::from)?; + + // Check response code + if !res.status().is_success() { + return forward_response(res).await; + } + + // Get the payload, at at least 20 MB of it... + let data = res.body().limit(20971520).await?; + + // Determine the image format + let fmt = image::guess_format(data.as_ref()).map_err(|e| ErrorInternalServerError(e))?; + + // Parse the image + let img = image::load_from_memory_with_format(data.as_ref(), fmt) + .map_err(|e| ErrorInternalServerError(e))?; + + let (orig_width, orig_height) = img.dimensions(); + + let scaled = if width < orig_width && height < orig_height { + // Take the largest size that maintains the aspect ratio + let ratio = orig_width as f64 / orig_height as f64; + let (new_width, new_height) = if width > height { + (width, (width as f64 / ratio) as u32) + } else { + ((height as f64 * ratio) as u32, height) + }; + img.resize(new_width, new_height, FilterType::CatmullRom) + } else { + // We're not going to scale up images. + img + }; + + let mut new_data = Vec::new(); + scaled + .write_to(&mut new_data, fmt) // ImageOutputFormat::Jpeg(128)) + .map_err(|e| ErrorInternalServerError(e))?; + + let mut client_resp = HttpResponse::build(res.status()); + client_resp.set(header::CacheControl(vec![header::CacheDirective::MaxAge( + 86400u32, + )])); + client_resp.set_header(header::CONTENT_TYPE, mime_for_image(fmt)); + + Ok(client_resp.body(new_data)) +} + +async fn serve_file( + req: HttpRequest, + config: web::Data<SiteConfig>, + client: web::Data<Client>, +) -> Result<HttpResponse, Error> { + let media_type = req + .match_info() + .get("type") + .ok_or(ErrorBadRequest("Bad URI"))?; + let filename = req + .match_info() + .get("filename") + .ok_or(ErrorBadRequest("Bad URI"))?; + + let new_url = format!("{}/{}/{}", config.media_url(), media_type, filename); + + let forwarded_req = client.request_from(new_url, req.head()).no_decompress(); + + let forwarded_req = if let Some(addr) = req.head().peer_addr { + forwarded_req.header("x-forwarded-for", format!("{}", addr.ip())) + } else { + forwarded_req + }; + + let res = forwarded_req.send().await.map_err(Error::from)?; + + forward_response(res).await +} + +async fn forward_response<S>(mut res: ClientResponse<S>) -> Result<HttpResponse, Error> +where + S: futures::Stream<Item = std::result::Result<bytes::Bytes, actix_web::error::PayloadError>> + + std::marker::Unpin, +{ + let mut client_resp = HttpResponse::build(res.status()); + + // Remove `Connection` as per + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Connection#Directives + for (header_name, header_value) in res.headers().iter().filter(|(h, _)| *h != "connection") { + client_resp.header(header_name.clone(), header_value.clone()); + } + + Ok(client_resp.body(res.body().limit(2147483648).await?)) +} + +fn mime_for_image(fmt: ImageFormat) -> &'static str { + match fmt { + ImageFormat::Png => "image/png", + ImageFormat::Jpeg => "image/jpeg", + ImageFormat::Gif => "image/gif", + ImageFormat::Tiff => "image/tiff", + ImageFormat::Ico => "image/vnd.microsoft.icon", + ImageFormat::WebP => "image/webp", + ImageFormat::Bmp => "image/bmp", + ImageFormat::Pnm => "image/x-portable-anymap", + ImageFormat::Tga => "image/x-tga", + ImageFormat::Dds => "image/vnd.ms-dds", + ImageFormat::Hdr => "image/vnd.radiance", + ImageFormat::Farbfeld => "image/farbfeld", + _ => "", + } +} diff --git a/src/micropub.rs b/src/micropub.rs new file mode 100644 index 0000000..1afe7ba --- /dev/null +++ b/src/micropub.rs @@ -0,0 +1,168 @@ +use actix_multipart::Multipart; +use actix_web::http::header; +use actix_web::{web, HttpRequest, HttpResponse}; + +use chrono::Utc; + +use futures::{StreamExt, TryStreamExt}; + +use rand::distributions::Alphanumeric; +use rand::{thread_rng, Rng}; + +use rusoto_s3::{PutObjectRequest, S3Client, S3}; + +use serde::{Deserialize, Serialize}; + +use std::collections::HashMap; +use std::fmt::Display; +use std::iter; + +use crate::oauth; +use crate::SiteConfig; + +// To make the timepart shorter, we'll offset it with a custom epoch. +const EPOCH: i64 = 631152000; + +#[derive(Serialize, Deserialize)] +struct MicropubError { + error: String, + #[serde(skip_serializing_if = "Option::is_none")] + error_description: Option<String>, +} + +impl MicropubError { + pub fn new<S>(err: S) -> Self + where + S: Into<String>, + { + MicropubError { + error: err.into(), + error_description: None, + } + } + + pub fn with_description<S, D>(err: S, description: D) -> Self + where + S: Into<String>, + D: Display, + { + MicropubError { + error: err.into(), + error_description: Some(format!("{}", description)), + } + } +} + +fn random_id() -> String { + let now = Utc::now(); + + // Generate the time part + let ts = now.timestamp() - EPOCH; + let offset = (ts.leading_zeros() / 8) as usize; + let time_part = base32::encode( + base32::Alphabet::RFC4648 { padding: false }, + &ts.to_be_bytes()[offset..], + ); + + // Generate the random part + let mut rng = thread_rng(); + let random_part: String = iter::repeat(()) + .map(|()| rng.sample(Alphanumeric)) + .take(7) + .collect(); + + format!("{}-{}", time_part, random_part) +} + +pub async fn handle_upload(req: HttpRequest, mut payload: Multipart) -> HttpResponse { + let site = req + .app_data::<web::Data<SiteConfig>>() + .expect("Missing SiteConfig?"); + let s3_client = req + .app_data::<web::Data<S3Client>>() + .expect("Missing S3Client?"); + let verification_service = req + .app_data::<web::Data<oauth::VerificationService>>() + .expect("Missing VerificationService?"); + + let auth_header = match req + .headers() + .get(header::AUTHORIZATION) + .and_then(|s| s.to_str().ok()) + { + Some(auth_header) => auth_header, + None => return HttpResponse::Unauthorized().json(MicropubError::new("unauthorized")), + }; + + let access_token = match verification_service.validate(auth_header).await { + Ok(token) => token, + Err(e) => { + return HttpResponse::Unauthorized() + .json(MicropubError::with_description("unauthorized", e)) + } + }; + + if !access_token.scopes().any(|s| s == "media") { + return HttpResponse::Unauthorized().json(MicropubError::new("unauthorized")); + } + + // iterate over multipart stream + if let Ok(Some(field)) = payload.try_next().await { + let content_disp = field.content_disposition().unwrap(); + let content_type = field.content_type().clone(); + let filename = content_disp.get_filename(); + let ext = filename.and_then(|f| f.rsplit('.').next()); + let (classification, sep, suffix) = match content_type.type_() { + mime::IMAGE => ("photo", '.', ext), + mime::AUDIO => ("audio", '.', ext), + mime::VIDEO => ("video", '.', ext), + _ => ("file", '/', filename), + }; + + // This will be the key in S3. + let key = match suffix { + Some(ext) => format!("{}/{}{}{}", classification, random_id(), sep, ext), + None => format!("{}/{}", classification, random_id()), + }; + + // This will be the publicly accessible URL for the file. + let url = format!("{}/{}", site.media_url, key); + + let mut metadata: HashMap<String, String> = HashMap::new(); + metadata.insert( + "client-id".to_string(), + access_token.client_id().to_string(), + ); + metadata.insert("author".to_string(), access_token.me().to_string()); + if let Some(f) = filename { + metadata.insert("filename".to_string(), f.to_string()); + } + + let body = field + .map(|b| b.map(|b| b.to_vec())) + .try_concat() + .await + .unwrap(); + + let put_request = PutObjectRequest { + bucket: site.s3_bucket().to_owned(), + key, + body: Some(body.into()), + metadata: Some(metadata), + content_type: Some(content_type.to_string()), + ..Default::default() + }; + + match s3_client.put_object(put_request).await { + Ok(_) => { + return HttpResponse::Created() + // Note: header must have a big L + .header("Location", url) + .finish(); + } + Err(e) => return HttpResponse::InternalServerError().body(format!("{}", e)), + }; + } + + HttpResponse::BadRequest().finish() +} |