mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-11-22 22:41:27 +00:00
Add InstanceActor generate command
This commit is contained in:
parent
2159eecdbc
commit
844ae6224a
3 changed files with 114 additions and 1 deletions
75
app/Console/Commands/GenerateInstanceActor.php
Normal file
75
app/Console/Commands/GenerateInstanceActor.php
Normal file
|
@ -0,0 +1,75 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace App\Console\Commands;
|
||||||
|
|
||||||
|
use Illuminate\Console\Command;
|
||||||
|
use Illuminate\Support\Facades\Schema;
|
||||||
|
use Illuminate\Support\Facades\DB;
|
||||||
|
use App\Models\InstanceActor;
|
||||||
|
use Cache;
|
||||||
|
|
||||||
|
class GenerateInstanceActor extends Command
|
||||||
|
{
|
||||||
|
protected $signature = 'instance:actor';
|
||||||
|
protected $description = 'Generate instance actor';
|
||||||
|
|
||||||
|
public function __construct()
|
||||||
|
{
|
||||||
|
parent::__construct();
|
||||||
|
}
|
||||||
|
|
||||||
|
public function handle()
|
||||||
|
{
|
||||||
|
if(Schema::hasTable('instance_actors') == false) {
|
||||||
|
$this->line(' ');
|
||||||
|
$this->error('Missing instance_actors table.');
|
||||||
|
$this->info('Run "php artisan migrate" and try again.');
|
||||||
|
$this->line(' ');
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(InstanceActor::exists()) {
|
||||||
|
$this->line(' ');
|
||||||
|
$this->error('Instance actor already exists!');
|
||||||
|
$this->line(' ');
|
||||||
|
$actor = InstanceActor::whereNotNull('public_key')
|
||||||
|
->whereNotNull('private_key')
|
||||||
|
->firstOrFail();
|
||||||
|
Cache::rememberForever(InstanceActor::PKI_PUBLIC, function() use($actor) {
|
||||||
|
return $actor->public_key;
|
||||||
|
});
|
||||||
|
|
||||||
|
Cache::rememberForever(InstanceActor::PKI_PRIVATE, function() use($actor) {
|
||||||
|
return $actor->private_key;
|
||||||
|
});
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
$pkiConfig = [
|
||||||
|
'digest_alg' => 'sha512',
|
||||||
|
'private_key_bits' => 2048,
|
||||||
|
'private_key_type' => OPENSSL_KEYTYPE_RSA,
|
||||||
|
];
|
||||||
|
$pki = openssl_pkey_new($pkiConfig);
|
||||||
|
openssl_pkey_export($pki, $pki_private);
|
||||||
|
$pki_public = openssl_pkey_get_details($pki);
|
||||||
|
$pki_public = $pki_public['key'];
|
||||||
|
|
||||||
|
$actor = new InstanceActor();
|
||||||
|
$actor->public_key = $pki_public;
|
||||||
|
$actor->private_key = $pki_private;
|
||||||
|
$actor->save();
|
||||||
|
|
||||||
|
Cache::rememberForever(InstanceActor::PKI_PUBLIC, function() use($actor) {
|
||||||
|
return $actor->public_key;
|
||||||
|
});
|
||||||
|
|
||||||
|
Cache::rememberForever(InstanceActor::PKI_PRIVATE, function() use($actor) {
|
||||||
|
return $actor->private_key;
|
||||||
|
});
|
||||||
|
|
||||||
|
$this->info('Instance actor succesfully generated. You do not need to run this command again.');
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
|
@ -2,7 +2,8 @@
|
||||||
|
|
||||||
namespace App\Util\ActivityPub;
|
namespace App\Util\ActivityPub;
|
||||||
|
|
||||||
use Log;
|
use Cache, Log;
|
||||||
|
use App\Models\InstanceActor;
|
||||||
use App\Profile;
|
use App\Profile;
|
||||||
use \DateTime;
|
use \DateTime;
|
||||||
|
|
||||||
|
@ -32,6 +33,29 @@ class HttpSignature {
|
||||||
return self::_headersToCurlArray($headers);
|
return self::_headersToCurlArray($headers);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static function instanceActorSign($url, $body = false, $addlHeaders = [])
|
||||||
|
{
|
||||||
|
$keyId = config('app.url') . '/i/actor#main-key';
|
||||||
|
$privateKey = Cache::rememberForever(InstanceActor::PKI_PRIVATE, function() {
|
||||||
|
return InstanceActor::first()->private_key;
|
||||||
|
});
|
||||||
|
if($body) {
|
||||||
|
$digest = self::_digest($body);
|
||||||
|
}
|
||||||
|
$headers = self::_headersToSign($url, $body ? $digest : false);
|
||||||
|
$headers = array_merge($headers, $addlHeaders);
|
||||||
|
$stringToSign = self::_headersToSigningString($headers);
|
||||||
|
$signedHeaders = implode(' ', array_map('strtolower', array_keys($headers)));
|
||||||
|
$key = openssl_pkey_get_private($privateKey);
|
||||||
|
openssl_sign($stringToSign, $signature, $key, OPENSSL_ALGO_SHA256);
|
||||||
|
$signature = base64_encode($signature);
|
||||||
|
$signatureHeader = 'keyId="'.$keyId.'",headers="'.$signedHeaders.'",algorithm="rsa-sha256",signature="'.$signature.'"';
|
||||||
|
unset($headers['(request-target)']);
|
||||||
|
$headers['Signature'] = $signatureHeader;
|
||||||
|
|
||||||
|
return self::_headersToCurlArray($headers);
|
||||||
|
}
|
||||||
|
|
||||||
public static function parseSignatureHeader($signature) {
|
public static function parseSignatureHeader($signature) {
|
||||||
$parts = explode(',', $signature);
|
$parts = explode(',', $signature);
|
||||||
$signatureData = [];
|
$signatureData = [];
|
||||||
|
|
|
@ -98,6 +98,8 @@ class RestrictedNames
|
||||||
'aboutus',
|
'aboutus',
|
||||||
'about-us',
|
'about-us',
|
||||||
'abuse',
|
'abuse',
|
||||||
|
'actor',
|
||||||
|
'actors',
|
||||||
'account',
|
'account',
|
||||||
'admins',
|
'admins',
|
||||||
'api',
|
'api',
|
||||||
|
@ -179,6 +181,7 @@ class RestrictedNames
|
||||||
'help-center_',
|
'help-center_',
|
||||||
'help_center-',
|
'help_center-',
|
||||||
'i',
|
'i',
|
||||||
|
'instance',
|
||||||
'inbox',
|
'inbox',
|
||||||
'img',
|
'img',
|
||||||
'imgs',
|
'imgs',
|
||||||
|
@ -208,6 +211,17 @@ class RestrictedNames
|
||||||
'media',
|
'media',
|
||||||
'menu',
|
'menu',
|
||||||
'music',
|
'music',
|
||||||
|
'my2020',
|
||||||
|
'my2021',
|
||||||
|
'my2022',
|
||||||
|
'my2023',
|
||||||
|
'my2024',
|
||||||
|
'my2025',
|
||||||
|
'my2026',
|
||||||
|
'my2027',
|
||||||
|
'my2028',
|
||||||
|
'my2029',
|
||||||
|
'my2030',
|
||||||
'n',
|
'n',
|
||||||
'news',
|
'news',
|
||||||
'new',
|
'new',
|
||||||
|
|
Loading…
Reference in a new issue