mirror of
https://github.com/pixelfed/pixelfed.git
synced 2025-01-11 22:50:45 +00:00
Merge pull request #4504 from pixelfed/staging
Update ActivityPubFetchService, fix authorized_fetch support
This commit is contained in:
commit
48cd829572
5 changed files with 122 additions and 9 deletions
|
@ -14,6 +14,9 @@
|
|||
- Update AdminApiController, add instance stats endpoint ([89c3710d](https://github.com/pixelfed/pixelfed/commit/89c3710d))
|
||||
- Update config, re-add `PF_MAX_USERS` .env variable to limit max users to 1000 by default ([a6d10f03](https://github.com/pixelfed/pixelfed/commit/a6d10f03))
|
||||
- Update AdminApiController, fix stats ([5c5541fc](https://github.com/pixelfed/pixelfed/commit/5c5541fc))
|
||||
- Update AdminApiController, include more data for getUser method ([4f850e54](https://github.com/pixelfed/pixelfed/commit/4f850e54))
|
||||
- Update AdminApiController, improve admin moderation tools ([763ce19a](https://github.com/pixelfed/pixelfed/commit/763ce19a))
|
||||
- Update ActivityPubFetchService, fix authorized_fetch compatibility. Closes #1850, #2713, #2935 ([63a7879c](https://github.com/pixelfed/pixelfed/commit/63a7879c))
|
||||
- ([](https://github.com/pixelfed/pixelfed/commit/))
|
||||
|
||||
## [v0.11.8 (2023-05-29)](https://github.com/pixelfed/pixelfed/compare/v0.11.7...v0.11.8)
|
||||
|
|
|
@ -25,7 +25,61 @@ class InstanceActorController extends Controller
|
|||
public function outbox()
|
||||
{
|
||||
$res = json_encode([
|
||||
'@context' => 'https://www.w3.org/ns/activitystreams',
|
||||
"@context" => [
|
||||
"https://www.w3.org/ns/activitystreams",
|
||||
"https://w3id.org/security/v1",
|
||||
[
|
||||
"manuallyApprovesFollowers" => "as:manuallyApprovesFollowers",
|
||||
"toot" => "http://joinmastodon.org/ns#",
|
||||
"featured" => [
|
||||
"@id" => "toot:featured",
|
||||
"@type" => "@id"
|
||||
],
|
||||
"featuredTags" => [
|
||||
"@id" => "toot:featuredTags",
|
||||
"@type" => "@id"
|
||||
],
|
||||
"alsoKnownAs" => [
|
||||
"@id" => "as:alsoKnownAs",
|
||||
"@type" => "@id"
|
||||
],
|
||||
"movedTo" => [
|
||||
"@id" => "as:movedTo",
|
||||
"@type" => "@id"
|
||||
],
|
||||
"schema" => "http://schema.org#",
|
||||
"PropertyValue" => "schema:PropertyValue",
|
||||
"value" => "schema:value",
|
||||
"discoverable" => "toot:discoverable",
|
||||
"Device" => "toot:Device",
|
||||
"Ed25519Signature" => "toot:Ed25519Signature",
|
||||
"Ed25519Key" => "toot:Ed25519Key",
|
||||
"Curve25519Key" => "toot:Curve25519Key",
|
||||
"EncryptedMessage" => "toot:EncryptedMessage",
|
||||
"publicKeyBase64" => "toot:publicKeyBase64",
|
||||
"deviceId" => "toot:deviceId",
|
||||
"claim" => [
|
||||
"@type" => "@id",
|
||||
"@id" => "toot:claim"
|
||||
],
|
||||
"fingerprintKey" => [
|
||||
"@type" => "@id",
|
||||
"@id" => "toot:fingerprintKey"
|
||||
],
|
||||
"identityKey" => [
|
||||
"@type" => "@id",
|
||||
"@id" => "toot:identityKey"
|
||||
],
|
||||
"devices" => [
|
||||
"@type" => "@id",
|
||||
"@id" => "toot:devices"
|
||||
],
|
||||
"messageFranking" => "toot:messageFranking",
|
||||
"messageType" => "toot:messageType",
|
||||
"cipherText" => "toot:cipherText",
|
||||
"suspended" => "toot:suspended"
|
||||
]
|
||||
],
|
||||
'id' => config('app.url') . '/i/actor/outbox',
|
||||
'type' => 'OrderedCollection',
|
||||
'totalItems' => 0,
|
||||
|
|
|
@ -23,7 +23,61 @@ class InstanceActor extends Model
|
|||
public function getActor()
|
||||
{
|
||||
return [
|
||||
'@context' => 'https://www.w3.org/ns/activitystreams',
|
||||
"@context" => [
|
||||
"https://www.w3.org/ns/activitystreams",
|
||||
"https://w3id.org/security/v1",
|
||||
[
|
||||
"manuallyApprovesFollowers" => "as:manuallyApprovesFollowers",
|
||||
"toot" => "http://joinmastodon.org/ns#",
|
||||
"featured" => [
|
||||
"@id" => "toot:featured",
|
||||
"@type" => "@id"
|
||||
],
|
||||
"featuredTags" => [
|
||||
"@id" => "toot:featuredTags",
|
||||
"@type" => "@id"
|
||||
],
|
||||
"alsoKnownAs" => [
|
||||
"@id" => "as:alsoKnownAs",
|
||||
"@type" => "@id"
|
||||
],
|
||||
"movedTo" => [
|
||||
"@id" => "as:movedTo",
|
||||
"@type" => "@id"
|
||||
],
|
||||
"schema" => "http://schema.org#",
|
||||
"PropertyValue" => "schema:PropertyValue",
|
||||
"value" => "schema:value",
|
||||
"discoverable" => "toot:discoverable",
|
||||
"Device" => "toot:Device",
|
||||
"Ed25519Signature" => "toot:Ed25519Signature",
|
||||
"Ed25519Key" => "toot:Ed25519Key",
|
||||
"Curve25519Key" => "toot:Curve25519Key",
|
||||
"EncryptedMessage" => "toot:EncryptedMessage",
|
||||
"publicKeyBase64" => "toot:publicKeyBase64",
|
||||
"deviceId" => "toot:deviceId",
|
||||
"claim" => [
|
||||
"@type" => "@id",
|
||||
"@id" => "toot:claim"
|
||||
],
|
||||
"fingerprintKey" => [
|
||||
"@type" => "@id",
|
||||
"@id" => "toot:fingerprintKey"
|
||||
],
|
||||
"identityKey" => [
|
||||
"@type" => "@id",
|
||||
"@id" => "toot:identityKey"
|
||||
],
|
||||
"devices" => [
|
||||
"@type" => "@id",
|
||||
"@id" => "toot:devices"
|
||||
],
|
||||
"messageFranking" => "toot:messageFranking",
|
||||
"messageType" => "toot:messageType",
|
||||
"cipherText" => "toot:cipherText",
|
||||
"suspended" => "toot:suspended"
|
||||
]
|
||||
],
|
||||
'id' => $this->permalink(),
|
||||
'type' => 'Application',
|
||||
'inbox' => $this->permalink('/inbox'),
|
||||
|
|
|
@ -19,12 +19,11 @@ class ActivityPubFetchService
|
|||
|
||||
$baseHeaders = [
|
||||
'Accept' => 'application/activity+json, application/ld+json',
|
||||
'User-Agent' => '(Pixelfed/'.config('pixelfed.version').'; +'.config('app.url').')'
|
||||
];
|
||||
|
||||
$headers = HttpSignature::instanceActorSign($url, false, $baseHeaders);
|
||||
$headers = HttpSignature::instanceActorSign($url, false, $baseHeaders, 'get');
|
||||
$headers['Accept'] = 'application/activity+json, application/ld+json';
|
||||
$headers['User-Agent'] = '(Pixelfed/'.config('pixelfed.version').'; +'.config('app.url').')';
|
||||
$headers['User-Agent'] = 'PixelFedBot/1.0.0 (Pixelfed/'.config('pixelfed.version').'; +'.config('app.url').')';
|
||||
|
||||
try {
|
||||
$res = Http::withHeaders($headers)
|
||||
|
|
|
@ -33,7 +33,7 @@ class HttpSignature {
|
|||
return self::_headersToCurlArray($headers);
|
||||
}
|
||||
|
||||
public static function instanceActorSign($url, $body = false, $addlHeaders = [])
|
||||
public static function instanceActorSign($url, $body = false, $addlHeaders = [], $method = 'post')
|
||||
{
|
||||
$keyId = config('app.url') . '/i/actor#main-key';
|
||||
$privateKey = Cache::rememberForever(InstanceActor::PKI_PRIVATE, function() {
|
||||
|
@ -42,7 +42,7 @@ class HttpSignature {
|
|||
if($body) {
|
||||
$digest = self::_digest($body);
|
||||
}
|
||||
$headers = self::_headersToSign($url, $body ? $digest : false);
|
||||
$headers = self::_headersToSign($url, $body ? $digest : false, $method);
|
||||
$headers = array_merge($headers, $addlHeaders);
|
||||
$stringToSign = self::_headersToSigningString($headers);
|
||||
$signedHeaders = implode(' ', array_map('strtolower', array_keys($headers)));
|
||||
|
@ -125,11 +125,14 @@ class HttpSignature {
|
|||
return base64_encode(hash('sha256', $body, true));
|
||||
}
|
||||
|
||||
protected static function _headersToSign($url, $digest = false) {
|
||||
protected static function _headersToSign($url, $digest = false, $method = 'post') {
|
||||
$date = new DateTime('UTC');
|
||||
|
||||
if(!in_array($method, ['post', 'get'])) {
|
||||
throw new \Exception('Invalid method used to sign headers in HttpSignature');
|
||||
}
|
||||
$headers = [
|
||||
'(request-target)' => 'post '.parse_url($url, PHP_URL_PATH),
|
||||
'(request-target)' => $method . ' '.parse_url($url, PHP_URL_PATH),
|
||||
'Host' => parse_url($url, PHP_URL_HOST),
|
||||
'Date' => $date->format('D, d M Y H:i:s \G\M\T'),
|
||||
];
|
||||
|
|
Loading…
Reference in a new issue