Update FederationController, fixes #680

This commit is contained in:
Daniel Supernault 2018-12-25 17:45:29 -07:00
parent 14d43ba845
commit 55ca00ba30
No known key found for this signature in database
GPG key ID: 0DEF1C662C9033F7
2 changed files with 11 additions and 3 deletions

View file

@ -181,13 +181,20 @@ XML;
return ProfileController::accountCheck($profile);
}
$body = $request->getContent();
$bodyDecoded = json_decode($body, true);
$bodyDecoded = json_decode($body, true, 8);
$signature = $request->header('signature');
if(!$signature) {
abort(400, 'Missing signature header');
}
$signatureData = HttpSignature::parseSignatureHeader($signature);
$actor = Profile::whereKeyId($signatureData['keyId'])->first();
$keyId = Helpers::validateUrl($signatureData['keyId']);
$id = Helpers::validateUrl($bodyDecoded['id']);
$keyDomain = parse_url($keyId, PHP_URL_HOST);
$idDomain = parse_url($id, PHP_URL_HOST);
if(!$keyDomain || !$idDomain || $keyDomain !== $idDomain) {
abort(400, 'Invalid request');
}
$actor = Profile::whereKeyId($keyId)->first();
if(!$actor) {
$actor = Helpers::profileFirstOrNew($bodyDecoded['actor']);
}

View file

@ -167,12 +167,13 @@ class Inbox
return;
}
$status = DB::transaction(function() use($activity, $actor) {
$status = DB::transaction(function() use($activity, $actor, $url) {
$caption = str_limit(strip_tags($activity['content']), config('pixelfed.max_caption_length'));
$status = new Status;
$status->profile_id = $actor->id;
$status->caption = $caption;
$status->visibility = $status->scope = 'public';
$status->uri = $url;
$status->url = $url;
$status->save();
return $status;