Validate Indieauth token

Gemfile

@@ -6,4 +6,8 @@ gem "sinatra"
 gem "sinatra-contrib"
 gem "puma"
 
+gem "faraday"
+
 gem "github_api"
+
+gem "indieweb-endpoints"

Gemfile.lock

@@ -1,14 +1,22 @@
 GEM
   remote: https://rubygems.org/
   specs:
+    absolutely (3.0.1)
+      addressable (~> 2.7)
     addressable (2.7.0)
       public_suffix (>= 2.0.2, < 5.0)
     backports (3.15.0)
     descendants_tracker (0.0.4)
       thread_safe (~> 0.3, >= 0.3.1)
+    domain_name (0.5.20190701)
+      unf (>= 0.0.5, < 1.0.0)
     dotenv (2.7.5)
     faraday (0.17.0)
       multipart-post (>= 1.2, < 3)
+    ffi (1.11.2)
+    ffi-compiler (1.0.1)
+      ffi (>= 1.0.0)
+      rake
     github_api (0.18.2)
       addressable (~> 2.4)
       descendants_tracker (~> 0.0.4)
@@ -16,12 +24,33 @@ GEM
       hashie (~> 3.5, >= 3.5.2)
       oauth2 (~> 1.0)
     hashie (3.6.0)
+    http (5.0.0.pre)
+      addressable (~> 2.3)
+      http-cookie (~> 1.0)
+      http-form_data (~> 2.0)
+      http-parser (~> 1.2.0)
+    http-cookie (1.0.3)
+      domain_name (~> 0.5)
+    http-form_data (2.1.1)
+    http-parser (1.2.1)
+      ffi-compiler (>= 1.0, < 2.0)
+    indieweb-endpoints (1.0.2)
+      absolutely (~> 3.0)
+      addressable (~> 2.7)
+      http (~> 5.0.0.pre)
+      link-header-parser (~> 0.2.0)
+      nokogiri (~> 1.10)
     jwt (2.2.1)
+    link-header-parser (0.2.0)
+      absolutely (~> 3.0)
+    mini_portile2 (2.4.0)
     multi_json (1.14.1)
     multi_xml (0.6.0)
     multipart-post (2.1.1)
     mustermann (1.0.3)
     nio4r (2.5.2)
+    nokogiri (1.10.5)
+      mini_portile2 (~> 2.4.0)
     oauth2 (1.4.2)
       faraday (>= 0.8, < 2.0)
       jwt (>= 1.0, < 3.0)
@@ -34,6 +63,7 @@ GEM
     rack (2.0.7)
     rack-protection (2.0.7)
       rack
+    rake (13.0.0)
     sinatra (2.0.7)
       mustermann (~> 1.0)
       rack (~> 2.0)
@@ -48,13 +78,18 @@ GEM
       tilt (~> 2.0)
     thread_safe (0.3.6)
     tilt (2.0.10)
+    unf (0.1.4)
+      unf_ext
+    unf_ext (0.0.7.6)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   dotenv
+  faraday
   github_api
+  indieweb-endpoints
   puma
   sinatra
   sinatra-contrib

bin/nokogiri

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'nokogiri' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("nokogiri", "nokogiri")

bin/rake

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'rake' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("rake", "rake")

lib/micropub.rb

@@ -1,7 +1,6 @@
-require 'json'
-
 module Micropub
   autoload :Webserver, File.expand_path('micropub/webserver.rb', __dir__)
   autoload :Github, File.expand_path('micropub/github.rb', __dir__)
+  autoload :Indieauth, File.expand_path('micropub/indieauth.rb', __dir__)
   autoload :Post, File.expand_path('micropub/models/post.rb', __dir__)
 end

lib/micropub/indieauth.rb

@@ -0,0 +1,2 @@
+require_relative "./indieauth/endpoints"
+require_relative "./indieauth/token"

lib/micropub/indieauth/endpoints.rb

@@ -0,0 +1,17 @@
+require "indieweb/endpoints"
+
+module Indieauth
+  class Endpoints
+    def initialize(site_url)
+      @endpoints = IndieWeb::Endpoints.get(site_url)
+    end
+
+    def method_missing(method)
+      endpoints.send(method)
+    end
+
+    private
+
+    attr_accessor :endpoints
+  end
+end

lib/micropub/indieauth/token.rb

@@ -0,0 +1,26 @@
+module Indieauth
+  class Token
+    def initialize(endpoint)
+      @endpoint = endpoint
+    end
+
+    def validate(token)
+      response = Faraday.get(
+        endpoint,
+        nil,
+        "Accept" => "application/json",
+        "Authorization" => "Bearer #{token}"
+      )
+
+      if response.status == 200
+        return true
+      end
+
+      false
+    end
+
+    private
+
+    attr_accessor :endpoint
+  end
+end

lib/micropub/webserver.rb

@@ -10,6 +10,9 @@ module Micropub
 
     github = Github.new
 
+    endpoints = Indieauth::Endpoints.new(ENV["SITE_URL"])
+    token = Indieauth::Token.new(endpoints.token_endpoint)
+
     get '/' do
       "Hello, World!"
     end
@@ -21,14 +24,16 @@ module Micropub
     end
 
     post "/micropub" do
-      # verify_token
+      if token.validate(ENV["INDIEAUTH_TOKEN"])
+        post = Post.new(params)
 
-      post = Post.new(params)
-
-      if github.post!(post)
-        status 201
+        if github.post!(post)
+          status 201
+        else
+          status 400
+        end
       else
-        status 400
+        status 401
       end
     end
   end