UA-Fediland/pixelfed
2
0
Fork 0
mirror of https://github.com/pixelfed/pixelfed.git synced 2024-11-10 00:34:50 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update ActivityPubFetchService

Browse source
This commit is contained in:
Daniel Supernault 2023-06-25 23:02:02 -06:00
parent b89c4f1cdc
commit 63a7879c29
No known key found for this signature in database
GPG key ID: 0DEF1C662C9033F7
2 changed files with 9 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/Services/ActivityPubFetchService.php
View file

@ -21,9 +21,9 @@ class ActivityPubFetchService
'Accept' => 'application/activity+json, application/ld+json', 'Accept' => 'application/activity+json, application/ld+json',
]; ];
$headers = HttpSignature::instanceActorSign($url, false, $baseHeaders); $headers = HttpSignature::instanceActorSign($url, false, $baseHeaders, 'get');
$headers['Accept'] = 'application/activity+json, application/ld+json'; $headers['Accept'] = 'application/activity+json, application/ld+json';
$headers['User-Agent'] = '(Pixelfed/'.config('pixelfed.version').'; +'.config('app.url').')'; $headers['User-Agent'] = 'PixelFedBot/1.0.0 (Pixelfed/'.config('pixelfed.version').'; +'.config('app.url').')';
try { try {
$res = Http::withHeaders($headers) $res = Http::withHeaders($headers)

11
app/Util/ActivityPub/HttpSignature.php
View file

@ -33,7 +33,7 @@ class HttpSignature {
return self::_headersToCurlArray($headers); return self::_headersToCurlArray($headers);
} }
public static function instanceActorSign($url, $body = false, $addlHeaders = []) public static function instanceActorSign($url, $body = false, $addlHeaders = [], $method = 'post')
{ {
$keyId = config('app.url') . '/i/actor#main-key'; $keyId = config('app.url') . '/i/actor#main-key';
$privateKey = Cache::rememberForever(InstanceActor::PKI_PRIVATE, function() { $privateKey = Cache::rememberForever(InstanceActor::PKI_PRIVATE, function() {
@ -42,7 +42,7 @@ class HttpSignature {
if($body) { if($body) {
$digest = self::_digest($body); $digest = self::_digest($body);
} }
$headers = self::_headersToSign($url, $body ? $digest : false); $headers = self::_headersToSign($url, $body ? $digest : false, $method);
$headers = array_merge($headers, $addlHeaders); $headers = array_merge($headers, $addlHeaders);
$stringToSign = self::_headersToSigningString($headers); $stringToSign = self::_headersToSigningString($headers);
$signedHeaders = implode(' ', array_map('strtolower', array_keys($headers))); $signedHeaders = implode(' ', array_map('strtolower', array_keys($headers)));
@ -125,11 +125,14 @@ class HttpSignature {
return base64_encode(hash('sha256', $body, true)); return base64_encode(hash('sha256', $body, true));
} }
protected static function _headersToSign($url, $digest = false) { protected static function _headersToSign($url, $digest = false, $method = 'post') {
$date = new DateTime('UTC'); $date = new DateTime('UTC');
if(!in_array($method, ['post', 'get'])) {
throw new \Exception('Invalid method used to sign headers in HttpSignature');
}
$headers = [ $headers = [
'(request-target)' => 'post '.parse_url($url, PHP_URL_PATH), '(request-target)' => $method . ' '.parse_url($url, PHP_URL_PATH),
'Host' => parse_url($url, PHP_URL_HOST), 'Host' => parse_url($url, PHP_URL_HOST),
'Date' => $date->format('D, d M Y H:i:s \G\M\T'), 'Date' => $date->format('D, d M Y H:i:s \G\M\T'),
]; ];