Alternative to #177
The way this works is:
Client:
- Client creates a normal `net/http.Request{}` object using the `Request()` function in `utils.go`. The `http.Request{}` object is then signed using the Client's Ed25519 private key.
- The HTTP Method and Path (_note this is important_) are hashed, as well as the request body (if any) using the FNV128a hashing algorithm.
- This hash is then signed by the Client's's Ed25519 private key.
- The resulting signature is then encoded to Base64 (_standard encoding_) and added to the HTTP headers as a `Signature:` header.
- In addition the Client's Ed25519 public key is added to the HTTP headers as `Signer:`
Server:
- The server calculates the same FNV128a hash of the HTTP Request Method and Path and the body (if any)
- The server decodes the HTTP header `Signature:`
- The server then uses the Client's Ed25519 public key in the HTTP header `Signer:` to verify the signature of the `Signature:` HTTP header which gives us back the original FNV128a hash the Client calculated for the request.
- The server then compares the Client's hash with the expected hash to see if they compare equally.
Co-authored-by: James Mills <1290234+prologic@users.noreply.github.com>
Co-authored-by: Jon Lundy <jon@xuu.cc>
Reviewed-on: https://git.mills.io/saltyim/saltyim/pulls/178
Reviewed-by: xuu <xuu@noreply@mills.io>
After testing quite a bit on the saltyim/app client, I tracked down why all outbox messages were being pulled every time a new client starts up.
I believe the outbox client state should be shared with the parent client to allow the last message retrieved from the oubox to be persisted.
Co-authored-by: mlctrez <mlctrez@gmail.com>
Reviewed-on: https://git.mills.io/saltyim/saltyim/pulls/168
Reviewed-by: James Mills <james@mills.io>
Co-authored-by: mlctrez <mlctrez@noreply@mills.io>
Co-committed-by: mlctrez <mlctrez@noreply@mills.io>
As outlined in [issue #155](https://git.mills.io/saltyim/saltyim/issues/155) and will also improve things such as overflow not working (there's currently no wrapping on overflow) and changing the sidebar and text input to be fixed so only the chatbox scrolls and the text input doesn't overflow off of the view area.
Reviewed-on: https://git.mills.io/saltyim/saltyim/pulls/161
Reviewed-by: James Mills <james@mills.io>
Co-authored-by: Sheldon Smith <screem@noreply@mills.io>
Co-committed-by: Sheldon Smith <screem@noreply@mills.io>
Fixes two issues
cli.me.key.Private() was always nil, outbox hash was the same for everyone 👎
client.Outbox() modified Path variable on endpoint url
Co-authored-by: mlctrez <mlctrez@gmail.com>
Reviewed-on: https://git.mills.io/saltyim/saltyim/pulls/160
Reviewed-by: xuu <xuu@noreply@mills.io>
Reviewed-by: James Mills <james@mills.io>
Co-authored-by: mlctrez <mlctrez@noreply@mills.io>
Co-committed-by: mlctrez <mlctrez@noreply@mills.io>
Improves how inbox indices are peristed, hopefully much better now as the topic sequences are now a proper monotonic increasing integer, messages survive crashes/resrarts and so forth.
- [] Remove the `go.mod` replace directive after https://git.mills.io/prologic/msgbus/pulls/33 is merged
cc @xuu
Co-authored-by: James Mills <prologic@shortcircuit.net.au>
Reviewed-on: https://git.mills.io/saltyim/saltyim/pulls/136
Reviewed-by: xuu <xuu@noreply@mills.io>
This PR also:
- Tidies up the default options and config
- Tidies up the service user code
Co-authored-by: James Mills <prologic@shortcircuit.net.au>
Reviewed-on: https://git.mills.io/saltyim/saltyim/pulls/116
Partially fixes some of the issuses found in #117
Co-authored-by: James Mills <prologic@shortcircuit.net.au>
Reviewed-on: https://git.mills.io/saltyim/saltyim/pulls/118
Reviewed-by: xuu <xuu@noreply@mills.io>
Adding a new register button to the configuration page that calls client.Register()
When clicked this button uses the identity stored in the local storage which was created either via new identity or update identity buttons.
All errors are logged to the console. From my tests, I don't have a salty@mlctrez.com user so it fails looking up the service user to send a message to.
Co-authored-by: mlctrez <mlctrez@gmail.com>
Reviewed-on: https://git.mills.io/saltyim/saltyim/pulls/114
Reviewed-by: xuu <xuu@noreply@mills.io>
Co-authored-by: mlctrez <mlctrez@noreply@mills.io>
Co-committed-by: mlctrez <mlctrez@noreply@mills.io>
Makes the avatar url point to salt shaker icon in application when no avatar found on lookup.
Co-authored-by: mlctrez <mlctrez@gmail.com>
Reviewed-on: https://git.mills.io/saltyim/saltyim/pulls/111
Reviewed-by: James Mills <james@mills.io>
Co-authored-by: mlctrez <mlctrez@noreply@mills.io>
Co-committed-by: mlctrez <mlctrez@noreply@mills.io>
![image](/attachments/8d560ad1-bcf7-44c6-940e-3e386f9cc2b6)
trying out message formatting in the style of text message chatting where incoming is left justified and send messages are right justified
only the last message will have a timestamp
WIP until onClick displays timestamp of message
Co-authored-by: mlctrez <mlctrez@gmail.com>
Reviewed-on: https://git.mills.io/saltyim/saltyim/pulls/102
Reviewed-by: xuu <xuu@noreply@mills.io>
Co-authored-by: mlctrez <mlctrez@noreply@mills.io>
Co-committed-by: mlctrez <mlctrez@noreply@mills.io>
feat: add compression negotiation for sent messages
fix: unix homedir handling
the service will negotiate a compression algo for sending messages
when a user chats someone during the auto discovery, the service returns an `Accept-Encoding: br, gzip, deflate`
the client saves that response and so when it makes POSTs of messages adds the best `Content-Encoding` and compresses the message
example:
```
>> GET /.well-known/salty/c765c69040d98f3af2181237f47ec01398d80f8ab2690fe929e4311ab05dec01.json
<< Accept-Encoding: br, gzip, deflate
<<
<< {"endpoint":"https://salty.home.arpa/inbox/01FZBR8Y2E6TH949JA3925WF71","key":"kex1wurry09ftqjuxgjl0jxmqypv4axqvzqljkgeadxjcpwtfuhcedcslck52d"}
>> POST /inbox/01FZBR8Y2E6TH949JA3925WF71
>> Content-Encoding: br
>>
>> [Brotli Compressed data]
```
this PR depends on https://git.mills.io/prologic/msgbus/pulls/24
Co-authored-by: Jon Lundy <jon@xuu.cc>
Reviewed-on: https://git.mills.io/saltyim/saltyim/pulls/91
Co-authored-by: xuu <xuu@noreply@mills.io>
Co-committed-by: xuu <xuu@noreply@mills.io>
Fixes#83
But I'm not sure how to properly surface teh aerrors out of the `Subscribe` and `Rain` channels at this time 😆 (and do something sensible with them at eh UI/UX level).
Co-authored-by: James Mills <prologic@shortcircuit.net.au>
Reviewed-on: https://git.mills.io/saltyim/saltyim/pulls/90
Reviewed-by: xuu <xuu@noreply@mills.io>
Co-authored-by: James Mills <james@mills.io>
Co-committed-by: James Mills <james@mills.io>