chris
/
pixelfed
forked from mirror/pixelfed
1
0
Fork 0
Code Pull Requests Activity

Update ActivityPubFetchService

This commit is contained in:
Daniel Supernault 2023-06-25 23:02:02 -06:00
parent b89c4f1cdc
commit 63a7879c29
No known key found for this signature in database
GPG Key ID: 0DEF1C662C9033F7
2 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/Services/ActivityPubFetchService.php
View File

@ -21,9 +21,9 @@ class ActivityPubFetchService
'Accept' => 'application/activity+json, application/ld+json',
];
$headers = HttpSignature::instanceActorSign($url, false, $baseHeaders);
$headers = HttpSignature::instanceActorSign($url, false, $baseHeaders, 'get');
$headers['Accept'] = 'application/activity+json, application/ld+json';
$headers['User-Agent'] = '(Pixelfed/'.config('pixelfed.version').'; +'.config('app.url').')';
$headers['User-Agent'] = 'PixelFedBot/1.0.0 (Pixelfed/'.config('pixelfed.version').'; +'.config('app.url').')';
try {
$res = Http::withHeaders($headers)

11
app/Util/ActivityPub/HttpSignature.php
View File

@ -33,7 +33,7 @@ class HttpSignature {
return self::_headersToCurlArray($headers);
}
public static function instanceActorSign($url, $body = false, $addlHeaders = [])
public static function instanceActorSign($url, $body = false, $addlHeaders = [], $method = 'post')
{
$keyId = config('app.url') . '/i/actor#main-key';
$privateKey = Cache::rememberForever(InstanceActor::PKI_PRIVATE, function() {
@ -42,7 +42,7 @@ class HttpSignature {
if($body) {
$digest = self::_digest($body);
}
$headers = self::_headersToSign($url, $body ? $digest : false);
$headers = self::_headersToSign($url, $body ? $digest : false, $method);
$headers = array_merge($headers, $addlHeaders);
$stringToSign = self::_headersToSigningString($headers);
$signedHeaders = implode(' ', array_map('strtolower', array_keys($headers)));
@ -125,11 +125,14 @@ class HttpSignature {
return base64_encode(hash('sha256', $body, true));
}
protected static function _headersToSign($url, $digest = false) {
protected static function _headersToSign($url, $digest = false, $method = 'post') {
$date = new DateTime('UTC');
if(!in_array($method, ['post', 'get'])) {
throw new \Exception('Invalid method used to sign headers in HttpSignature');
}
$headers = [
'(request-target)' => 'post '.parse_url($url, PHP_URL_PATH),
'(request-target)' => $method . ' '.parse_url($url, PHP_URL_PATH),
'Host' => parse_url($url, PHP_URL_HOST),
'Date' => $date->format('D, d M Y H:i:s \G\M\T'),
];