mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-12-25 06:23:18 +00:00
Merge pull request #4504 from pixelfed/staging
Update ActivityPubFetchService, fix authorized_fetch support
This commit is contained in:
commit
48cd829572
5 changed files with 122 additions and 9 deletions
|
@ -14,6 +14,9 @@
|
||||||
- Update AdminApiController, add instance stats endpoint ([89c3710d](https://github.com/pixelfed/pixelfed/commit/89c3710d))
|
- Update AdminApiController, add instance stats endpoint ([89c3710d](https://github.com/pixelfed/pixelfed/commit/89c3710d))
|
||||||
- Update config, re-add `PF_MAX_USERS` .env variable to limit max users to 1000 by default ([a6d10f03](https://github.com/pixelfed/pixelfed/commit/a6d10f03))
|
- Update config, re-add `PF_MAX_USERS` .env variable to limit max users to 1000 by default ([a6d10f03](https://github.com/pixelfed/pixelfed/commit/a6d10f03))
|
||||||
- Update AdminApiController, fix stats ([5c5541fc](https://github.com/pixelfed/pixelfed/commit/5c5541fc))
|
- Update AdminApiController, fix stats ([5c5541fc](https://github.com/pixelfed/pixelfed/commit/5c5541fc))
|
||||||
|
- Update AdminApiController, include more data for getUser method ([4f850e54](https://github.com/pixelfed/pixelfed/commit/4f850e54))
|
||||||
|
- Update AdminApiController, improve admin moderation tools ([763ce19a](https://github.com/pixelfed/pixelfed/commit/763ce19a))
|
||||||
|
- Update ActivityPubFetchService, fix authorized_fetch compatibility. Closes #1850, #2713, #2935 ([63a7879c](https://github.com/pixelfed/pixelfed/commit/63a7879c))
|
||||||
- ([](https://github.com/pixelfed/pixelfed/commit/))
|
- ([](https://github.com/pixelfed/pixelfed/commit/))
|
||||||
|
|
||||||
## [v0.11.8 (2023-05-29)](https://github.com/pixelfed/pixelfed/compare/v0.11.7...v0.11.8)
|
## [v0.11.8 (2023-05-29)](https://github.com/pixelfed/pixelfed/compare/v0.11.7...v0.11.8)
|
||||||
|
|
|
@ -25,7 +25,61 @@ class InstanceActorController extends Controller
|
||||||
public function outbox()
|
public function outbox()
|
||||||
{
|
{
|
||||||
$res = json_encode([
|
$res = json_encode([
|
||||||
'@context' => 'https://www.w3.org/ns/activitystreams',
|
"@context" => [
|
||||||
|
"https://www.w3.org/ns/activitystreams",
|
||||||
|
"https://w3id.org/security/v1",
|
||||||
|
[
|
||||||
|
"manuallyApprovesFollowers" => "as:manuallyApprovesFollowers",
|
||||||
|
"toot" => "http://joinmastodon.org/ns#",
|
||||||
|
"featured" => [
|
||||||
|
"@id" => "toot:featured",
|
||||||
|
"@type" => "@id"
|
||||||
|
],
|
||||||
|
"featuredTags" => [
|
||||||
|
"@id" => "toot:featuredTags",
|
||||||
|
"@type" => "@id"
|
||||||
|
],
|
||||||
|
"alsoKnownAs" => [
|
||||||
|
"@id" => "as:alsoKnownAs",
|
||||||
|
"@type" => "@id"
|
||||||
|
],
|
||||||
|
"movedTo" => [
|
||||||
|
"@id" => "as:movedTo",
|
||||||
|
"@type" => "@id"
|
||||||
|
],
|
||||||
|
"schema" => "http://schema.org#",
|
||||||
|
"PropertyValue" => "schema:PropertyValue",
|
||||||
|
"value" => "schema:value",
|
||||||
|
"discoverable" => "toot:discoverable",
|
||||||
|
"Device" => "toot:Device",
|
||||||
|
"Ed25519Signature" => "toot:Ed25519Signature",
|
||||||
|
"Ed25519Key" => "toot:Ed25519Key",
|
||||||
|
"Curve25519Key" => "toot:Curve25519Key",
|
||||||
|
"EncryptedMessage" => "toot:EncryptedMessage",
|
||||||
|
"publicKeyBase64" => "toot:publicKeyBase64",
|
||||||
|
"deviceId" => "toot:deviceId",
|
||||||
|
"claim" => [
|
||||||
|
"@type" => "@id",
|
||||||
|
"@id" => "toot:claim"
|
||||||
|
],
|
||||||
|
"fingerprintKey" => [
|
||||||
|
"@type" => "@id",
|
||||||
|
"@id" => "toot:fingerprintKey"
|
||||||
|
],
|
||||||
|
"identityKey" => [
|
||||||
|
"@type" => "@id",
|
||||||
|
"@id" => "toot:identityKey"
|
||||||
|
],
|
||||||
|
"devices" => [
|
||||||
|
"@type" => "@id",
|
||||||
|
"@id" => "toot:devices"
|
||||||
|
],
|
||||||
|
"messageFranking" => "toot:messageFranking",
|
||||||
|
"messageType" => "toot:messageType",
|
||||||
|
"cipherText" => "toot:cipherText",
|
||||||
|
"suspended" => "toot:suspended"
|
||||||
|
]
|
||||||
|
],
|
||||||
'id' => config('app.url') . '/i/actor/outbox',
|
'id' => config('app.url') . '/i/actor/outbox',
|
||||||
'type' => 'OrderedCollection',
|
'type' => 'OrderedCollection',
|
||||||
'totalItems' => 0,
|
'totalItems' => 0,
|
||||||
|
|
|
@ -23,7 +23,61 @@ class InstanceActor extends Model
|
||||||
public function getActor()
|
public function getActor()
|
||||||
{
|
{
|
||||||
return [
|
return [
|
||||||
'@context' => 'https://www.w3.org/ns/activitystreams',
|
"@context" => [
|
||||||
|
"https://www.w3.org/ns/activitystreams",
|
||||||
|
"https://w3id.org/security/v1",
|
||||||
|
[
|
||||||
|
"manuallyApprovesFollowers" => "as:manuallyApprovesFollowers",
|
||||||
|
"toot" => "http://joinmastodon.org/ns#",
|
||||||
|
"featured" => [
|
||||||
|
"@id" => "toot:featured",
|
||||||
|
"@type" => "@id"
|
||||||
|
],
|
||||||
|
"featuredTags" => [
|
||||||
|
"@id" => "toot:featuredTags",
|
||||||
|
"@type" => "@id"
|
||||||
|
],
|
||||||
|
"alsoKnownAs" => [
|
||||||
|
"@id" => "as:alsoKnownAs",
|
||||||
|
"@type" => "@id"
|
||||||
|
],
|
||||||
|
"movedTo" => [
|
||||||
|
"@id" => "as:movedTo",
|
||||||
|
"@type" => "@id"
|
||||||
|
],
|
||||||
|
"schema" => "http://schema.org#",
|
||||||
|
"PropertyValue" => "schema:PropertyValue",
|
||||||
|
"value" => "schema:value",
|
||||||
|
"discoverable" => "toot:discoverable",
|
||||||
|
"Device" => "toot:Device",
|
||||||
|
"Ed25519Signature" => "toot:Ed25519Signature",
|
||||||
|
"Ed25519Key" => "toot:Ed25519Key",
|
||||||
|
"Curve25519Key" => "toot:Curve25519Key",
|
||||||
|
"EncryptedMessage" => "toot:EncryptedMessage",
|
||||||
|
"publicKeyBase64" => "toot:publicKeyBase64",
|
||||||
|
"deviceId" => "toot:deviceId",
|
||||||
|
"claim" => [
|
||||||
|
"@type" => "@id",
|
||||||
|
"@id" => "toot:claim"
|
||||||
|
],
|
||||||
|
"fingerprintKey" => [
|
||||||
|
"@type" => "@id",
|
||||||
|
"@id" => "toot:fingerprintKey"
|
||||||
|
],
|
||||||
|
"identityKey" => [
|
||||||
|
"@type" => "@id",
|
||||||
|
"@id" => "toot:identityKey"
|
||||||
|
],
|
||||||
|
"devices" => [
|
||||||
|
"@type" => "@id",
|
||||||
|
"@id" => "toot:devices"
|
||||||
|
],
|
||||||
|
"messageFranking" => "toot:messageFranking",
|
||||||
|
"messageType" => "toot:messageType",
|
||||||
|
"cipherText" => "toot:cipherText",
|
||||||
|
"suspended" => "toot:suspended"
|
||||||
|
]
|
||||||
|
],
|
||||||
'id' => $this->permalink(),
|
'id' => $this->permalink(),
|
||||||
'type' => 'Application',
|
'type' => 'Application',
|
||||||
'inbox' => $this->permalink('/inbox'),
|
'inbox' => $this->permalink('/inbox'),
|
||||||
|
|
|
@ -19,12 +19,11 @@ class ActivityPubFetchService
|
||||||
|
|
||||||
$baseHeaders = [
|
$baseHeaders = [
|
||||||
'Accept' => 'application/activity+json, application/ld+json',
|
'Accept' => 'application/activity+json, application/ld+json',
|
||||||
'User-Agent' => '(Pixelfed/'.config('pixelfed.version').'; +'.config('app.url').')'
|
|
||||||
];
|
];
|
||||||
|
|
||||||
$headers = HttpSignature::instanceActorSign($url, false, $baseHeaders);
|
$headers = HttpSignature::instanceActorSign($url, false, $baseHeaders, 'get');
|
||||||
$headers['Accept'] = 'application/activity+json, application/ld+json';
|
$headers['Accept'] = 'application/activity+json, application/ld+json';
|
||||||
$headers['User-Agent'] = '(Pixelfed/'.config('pixelfed.version').'; +'.config('app.url').')';
|
$headers['User-Agent'] = 'PixelFedBot/1.0.0 (Pixelfed/'.config('pixelfed.version').'; +'.config('app.url').')';
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$res = Http::withHeaders($headers)
|
$res = Http::withHeaders($headers)
|
||||||
|
|
|
@ -33,7 +33,7 @@ class HttpSignature {
|
||||||
return self::_headersToCurlArray($headers);
|
return self::_headersToCurlArray($headers);
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function instanceActorSign($url, $body = false, $addlHeaders = [])
|
public static function instanceActorSign($url, $body = false, $addlHeaders = [], $method = 'post')
|
||||||
{
|
{
|
||||||
$keyId = config('app.url') . '/i/actor#main-key';
|
$keyId = config('app.url') . '/i/actor#main-key';
|
||||||
$privateKey = Cache::rememberForever(InstanceActor::PKI_PRIVATE, function() {
|
$privateKey = Cache::rememberForever(InstanceActor::PKI_PRIVATE, function() {
|
||||||
|
@ -42,7 +42,7 @@ class HttpSignature {
|
||||||
if($body) {
|
if($body) {
|
||||||
$digest = self::_digest($body);
|
$digest = self::_digest($body);
|
||||||
}
|
}
|
||||||
$headers = self::_headersToSign($url, $body ? $digest : false);
|
$headers = self::_headersToSign($url, $body ? $digest : false, $method);
|
||||||
$headers = array_merge($headers, $addlHeaders);
|
$headers = array_merge($headers, $addlHeaders);
|
||||||
$stringToSign = self::_headersToSigningString($headers);
|
$stringToSign = self::_headersToSigningString($headers);
|
||||||
$signedHeaders = implode(' ', array_map('strtolower', array_keys($headers)));
|
$signedHeaders = implode(' ', array_map('strtolower', array_keys($headers)));
|
||||||
|
@ -125,11 +125,14 @@ class HttpSignature {
|
||||||
return base64_encode(hash('sha256', $body, true));
|
return base64_encode(hash('sha256', $body, true));
|
||||||
}
|
}
|
||||||
|
|
||||||
protected static function _headersToSign($url, $digest = false) {
|
protected static function _headersToSign($url, $digest = false, $method = 'post') {
|
||||||
$date = new DateTime('UTC');
|
$date = new DateTime('UTC');
|
||||||
|
|
||||||
|
if(!in_array($method, ['post', 'get'])) {
|
||||||
|
throw new \Exception('Invalid method used to sign headers in HttpSignature');
|
||||||
|
}
|
||||||
$headers = [
|
$headers = [
|
||||||
'(request-target)' => 'post '.parse_url($url, PHP_URL_PATH),
|
'(request-target)' => $method . ' '.parse_url($url, PHP_URL_PATH),
|
||||||
'Host' => parse_url($url, PHP_URL_HOST),
|
'Host' => parse_url($url, PHP_URL_HOST),
|
||||||
'Date' => $date->format('D, d M Y H:i:s \G\M\T'),
|
'Date' => $date->format('D, d M Y H:i:s \G\M\T'),
|
||||||
];
|
];
|
||||||
|
|
Loading…
Reference in a new issue