Merge pull request #4504 from pixelfed/staging

Update ActivityPubFetchService, fix authorized_fetch support
This commit is contained in:
daniel 2023-06-25 23:11:20 -06:00 committed by GitHub
commit 48cd829572
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 122 additions and 9 deletions

View file

@ -14,6 +14,9 @@
- Update AdminApiController, add instance stats endpoint ([89c3710d](https://github.com/pixelfed/pixelfed/commit/89c3710d))
- Update config, re-add `PF_MAX_USERS` .env variable to limit max users to 1000 by default ([a6d10f03](https://github.com/pixelfed/pixelfed/commit/a6d10f03))
- Update AdminApiController, fix stats ([5c5541fc](https://github.com/pixelfed/pixelfed/commit/5c5541fc))
- Update AdminApiController, include more data for getUser method ([4f850e54](https://github.com/pixelfed/pixelfed/commit/4f850e54))
- Update AdminApiController, improve admin moderation tools ([763ce19a](https://github.com/pixelfed/pixelfed/commit/763ce19a))
- Update ActivityPubFetchService, fix authorized_fetch compatibility. Closes #1850, #2713, #2935 ([63a7879c](https://github.com/pixelfed/pixelfed/commit/63a7879c))
- ([](https://github.com/pixelfed/pixelfed/commit/))
## [v0.11.8 (2023-05-29)](https://github.com/pixelfed/pixelfed/compare/v0.11.7...v0.11.8)

View file

@ -25,7 +25,61 @@ class InstanceActorController extends Controller
public function outbox()
{
$res = json_encode([
'@context' => 'https://www.w3.org/ns/activitystreams',
"@context" => [
"https://www.w3.org/ns/activitystreams",
"https://w3id.org/security/v1",
[
"manuallyApprovesFollowers" => "as:manuallyApprovesFollowers",
"toot" => "http://joinmastodon.org/ns#",
"featured" => [
"@id" => "toot:featured",
"@type" => "@id"
],
"featuredTags" => [
"@id" => "toot:featuredTags",
"@type" => "@id"
],
"alsoKnownAs" => [
"@id" => "as:alsoKnownAs",
"@type" => "@id"
],
"movedTo" => [
"@id" => "as:movedTo",
"@type" => "@id"
],
"schema" => "http://schema.org#",
"PropertyValue" => "schema:PropertyValue",
"value" => "schema:value",
"discoverable" => "toot:discoverable",
"Device" => "toot:Device",
"Ed25519Signature" => "toot:Ed25519Signature",
"Ed25519Key" => "toot:Ed25519Key",
"Curve25519Key" => "toot:Curve25519Key",
"EncryptedMessage" => "toot:EncryptedMessage",
"publicKeyBase64" => "toot:publicKeyBase64",
"deviceId" => "toot:deviceId",
"claim" => [
"@type" => "@id",
"@id" => "toot:claim"
],
"fingerprintKey" => [
"@type" => "@id",
"@id" => "toot:fingerprintKey"
],
"identityKey" => [
"@type" => "@id",
"@id" => "toot:identityKey"
],
"devices" => [
"@type" => "@id",
"@id" => "toot:devices"
],
"messageFranking" => "toot:messageFranking",
"messageType" => "toot:messageType",
"cipherText" => "toot:cipherText",
"suspended" => "toot:suspended"
]
],
'id' => config('app.url') . '/i/actor/outbox',
'type' => 'OrderedCollection',
'totalItems' => 0,

View file

@ -23,7 +23,61 @@ class InstanceActor extends Model
public function getActor()
{
return [
'@context' => 'https://www.w3.org/ns/activitystreams',
"@context" => [
"https://www.w3.org/ns/activitystreams",
"https://w3id.org/security/v1",
[
"manuallyApprovesFollowers" => "as:manuallyApprovesFollowers",
"toot" => "http://joinmastodon.org/ns#",
"featured" => [
"@id" => "toot:featured",
"@type" => "@id"
],
"featuredTags" => [
"@id" => "toot:featuredTags",
"@type" => "@id"
],
"alsoKnownAs" => [
"@id" => "as:alsoKnownAs",
"@type" => "@id"
],
"movedTo" => [
"@id" => "as:movedTo",
"@type" => "@id"
],
"schema" => "http://schema.org#",
"PropertyValue" => "schema:PropertyValue",
"value" => "schema:value",
"discoverable" => "toot:discoverable",
"Device" => "toot:Device",
"Ed25519Signature" => "toot:Ed25519Signature",
"Ed25519Key" => "toot:Ed25519Key",
"Curve25519Key" => "toot:Curve25519Key",
"EncryptedMessage" => "toot:EncryptedMessage",
"publicKeyBase64" => "toot:publicKeyBase64",
"deviceId" => "toot:deviceId",
"claim" => [
"@type" => "@id",
"@id" => "toot:claim"
],
"fingerprintKey" => [
"@type" => "@id",
"@id" => "toot:fingerprintKey"
],
"identityKey" => [
"@type" => "@id",
"@id" => "toot:identityKey"
],
"devices" => [
"@type" => "@id",
"@id" => "toot:devices"
],
"messageFranking" => "toot:messageFranking",
"messageType" => "toot:messageType",
"cipherText" => "toot:cipherText",
"suspended" => "toot:suspended"
]
],
'id' => $this->permalink(),
'type' => 'Application',
'inbox' => $this->permalink('/inbox'),

View file

@ -19,12 +19,11 @@ class ActivityPubFetchService
$baseHeaders = [
'Accept' => 'application/activity+json, application/ld+json',
'User-Agent' => '(Pixelfed/'.config('pixelfed.version').'; +'.config('app.url').')'
];
$headers = HttpSignature::instanceActorSign($url, false, $baseHeaders);
$headers = HttpSignature::instanceActorSign($url, false, $baseHeaders, 'get');
$headers['Accept'] = 'application/activity+json, application/ld+json';
$headers['User-Agent'] = '(Pixelfed/'.config('pixelfed.version').'; +'.config('app.url').')';
$headers['User-Agent'] = 'PixelFedBot/1.0.0 (Pixelfed/'.config('pixelfed.version').'; +'.config('app.url').')';
try {
$res = Http::withHeaders($headers)

View file

@ -33,7 +33,7 @@ class HttpSignature {
return self::_headersToCurlArray($headers);
}
public static function instanceActorSign($url, $body = false, $addlHeaders = [])
public static function instanceActorSign($url, $body = false, $addlHeaders = [], $method = 'post')
{
$keyId = config('app.url') . '/i/actor#main-key';
$privateKey = Cache::rememberForever(InstanceActor::PKI_PRIVATE, function() {
@ -42,7 +42,7 @@ class HttpSignature {
if($body) {
$digest = self::_digest($body);
}
$headers = self::_headersToSign($url, $body ? $digest : false);
$headers = self::_headersToSign($url, $body ? $digest : false, $method);
$headers = array_merge($headers, $addlHeaders);
$stringToSign = self::_headersToSigningString($headers);
$signedHeaders = implode(' ', array_map('strtolower', array_keys($headers)));
@ -125,11 +125,14 @@ class HttpSignature {
return base64_encode(hash('sha256', $body, true));
}
protected static function _headersToSign($url, $digest = false) {
protected static function _headersToSign($url, $digest = false, $method = 'post') {
$date = new DateTime('UTC');
if(!in_array($method, ['post', 'get'])) {
throw new \Exception('Invalid method used to sign headers in HttpSignature');
}
$headers = [
'(request-target)' => 'post '.parse_url($url, PHP_URL_PATH),
'(request-target)' => $method . ' '.parse_url($url, PHP_URL_PATH),
'Host' => parse_url($url, PHP_URL_HOST),
'Date' => $date->format('D, d M Y H:i:s \G\M\T'),
];