Add InstanceActor generate command

This commit is contained in:
Daniel Supernault 2021-01-17 01:43:57 -07:00
parent 2159eecdbc
commit 844ae6224a
No known key found for this signature in database
GPG Key ID: 0DEF1C662C9033F7
3 changed files with 114 additions and 1 deletions

View File

@ -0,0 +1,75 @@
<?php
namespace App\Console\Commands;
use Illuminate\Console\Command;
use Illuminate\Support\Facades\Schema;
use Illuminate\Support\Facades\DB;
use App\Models\InstanceActor;
use Cache;
class GenerateInstanceActor extends Command
{
protected $signature = 'instance:actor';
protected $description = 'Generate instance actor';
public function __construct()
{
parent::__construct();
}
public function handle()
{
if(Schema::hasTable('instance_actors') == false) {
$this->line(' ');
$this->error('Missing instance_actors table.');
$this->info('Run "php artisan migrate" and try again.');
$this->line(' ');
exit;
}
if(InstanceActor::exists()) {
$this->line(' ');
$this->error('Instance actor already exists!');
$this->line(' ');
$actor = InstanceActor::whereNotNull('public_key')
->whereNotNull('private_key')
->firstOrFail();
Cache::rememberForever(InstanceActor::PKI_PUBLIC, function() use($actor) {
return $actor->public_key;
});
Cache::rememberForever(InstanceActor::PKI_PRIVATE, function() use($actor) {
return $actor->private_key;
});
exit;
}
$pkiConfig = [
'digest_alg' => 'sha512',
'private_key_bits' => 2048,
'private_key_type' => OPENSSL_KEYTYPE_RSA,
];
$pki = openssl_pkey_new($pkiConfig);
openssl_pkey_export($pki, $pki_private);
$pki_public = openssl_pkey_get_details($pki);
$pki_public = $pki_public['key'];
$actor = new InstanceActor();
$actor->public_key = $pki_public;
$actor->private_key = $pki_private;
$actor->save();
Cache::rememberForever(InstanceActor::PKI_PUBLIC, function() use($actor) {
return $actor->public_key;
});
Cache::rememberForever(InstanceActor::PKI_PRIVATE, function() use($actor) {
return $actor->private_key;
});
$this->info('Instance actor succesfully generated. You do not need to run this command again.');
return 0;
}
}

View File

@ -2,7 +2,8 @@
namespace App\Util\ActivityPub;
use Log;
use Cache, Log;
use App\Models\InstanceActor;
use App\Profile;
use \DateTime;
@ -32,6 +33,29 @@ class HttpSignature {
return self::_headersToCurlArray($headers);
}
public static function instanceActorSign($url, $body = false, $addlHeaders = [])
{
$keyId = config('app.url') . '/i/actor#main-key';
$privateKey = Cache::rememberForever(InstanceActor::PKI_PRIVATE, function() {
return InstanceActor::first()->private_key;
});
if($body) {
$digest = self::_digest($body);
}
$headers = self::_headersToSign($url, $body ? $digest : false);
$headers = array_merge($headers, $addlHeaders);
$stringToSign = self::_headersToSigningString($headers);
$signedHeaders = implode(' ', array_map('strtolower', array_keys($headers)));
$key = openssl_pkey_get_private($privateKey);
openssl_sign($stringToSign, $signature, $key, OPENSSL_ALGO_SHA256);
$signature = base64_encode($signature);
$signatureHeader = 'keyId="'.$keyId.'",headers="'.$signedHeaders.'",algorithm="rsa-sha256",signature="'.$signature.'"';
unset($headers['(request-target)']);
$headers['Signature'] = $signatureHeader;
return self::_headersToCurlArray($headers);
}
public static function parseSignatureHeader($signature) {
$parts = explode(',', $signature);
$signatureData = [];

View File

@ -98,6 +98,8 @@ class RestrictedNames
'aboutus',
'about-us',
'abuse',
'actor',
'actors',
'account',
'admins',
'api',
@ -179,6 +181,7 @@ class RestrictedNames
'help-center_',
'help_center-',
'i',
'instance',
'inbox',
'img',
'imgs',
@ -208,6 +211,17 @@ class RestrictedNames
'media',
'menu',
'music',
'my2020',
'my2021',
'my2022',
'my2023',
'my2024',
'my2025',
'my2026',
'my2027',
'my2028',
'my2029',
'my2030',
'n',
'news',
'new',