mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-22 01:35:26 +00:00
the rest of the bits
This commit is contained in:
parent
09f137233b
commit
b62879d044
16 changed files with 69 additions and 14 deletions
|
@ -207,7 +207,8 @@ class Libzot {
|
||||||
$headers = [
|
$headers = [
|
||||||
'X-Zot-Token' => random_string(),
|
'X-Zot-Token' => random_string(),
|
||||||
'Digest' => HTTPSig::generate_digest_header($data),
|
'Digest' => HTTPSig::generate_digest_header($data),
|
||||||
'Content-type' => 'application/x-zot+json'
|
'Content-type' => 'application/x-zot+json',
|
||||||
|
'(request-target)' => 'post ' . get_request_string($url)
|
||||||
];
|
];
|
||||||
|
|
||||||
$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel),false,'sha512',
|
$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel),false,'sha512',
|
||||||
|
|
|
@ -238,6 +238,8 @@ class Queue {
|
||||||
$ret = $outq['outq_msg'];
|
$ret = $outq['outq_msg'];
|
||||||
logger('ActivityPub send: ' . $ret, LOGGER_DATA);
|
logger('ActivityPub send: ' . $ret, LOGGER_DATA);
|
||||||
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
||||||
|
$headers['(request-target)'] = 'post ' . get_request_string($outq['outq_posturl']);
|
||||||
|
|
||||||
$xhead = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
|
$xhead = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
|
||||||
if(strpos($outq['outq_posturl'],'http') !== 0) {
|
if(strpos($outq['outq_posturl'],'http') !== 0) {
|
||||||
logger('bad url: ' . $outq['outq_posturl']);
|
logger('bad url: ' . $outq['outq_posturl']);
|
||||||
|
|
|
@ -24,6 +24,7 @@ class Zotfinger {
|
||||||
'X-Zot-Token' => random_string(),
|
'X-Zot-Token' => random_string(),
|
||||||
'Digest' => HTTPSig::generate_digest_header($data),
|
'Digest' => HTTPSig::generate_digest_header($data),
|
||||||
'Host' => $m['host'],
|
'Host' => $m['host'],
|
||||||
|
'(request-target)' => 'post ' . get_request_string($resource)
|
||||||
];
|
];
|
||||||
$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel),false);
|
$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel),false);
|
||||||
}
|
}
|
||||||
|
|
|
@ -51,6 +51,8 @@ class Activity extends \Zotlabs\Web\Controller {
|
||||||
$x['signature'] = LDSignatures::sign($x,$channel);
|
$x['signature'] = LDSignatures::sign($x,$channel);
|
||||||
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
|
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
|
||||||
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
||||||
|
$headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
|
||||||
|
|
||||||
$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
|
$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
|
||||||
HTTPSig::set_headers($h);
|
HTTPSig::set_headers($h);
|
||||||
echo $ret;
|
echo $ret;
|
||||||
|
|
|
@ -93,7 +93,11 @@ class Channel extends Controller {
|
||||||
$data = json_encode(Libzot::zotinfo([ 'address' => $channel['channel_address'] ]));
|
$data = json_encode(Libzot::zotinfo([ 'address' => $channel['channel_address'] ]));
|
||||||
}
|
}
|
||||||
|
|
||||||
$headers = [ 'Content-Type' => 'application/x-zot+json', 'Digest' => HTTPSig::generate_digest_header($data) ];
|
$headers = [
|
||||||
|
'Content-Type' => 'application/x-zot+json',
|
||||||
|
'Digest' => HTTPSig::generate_digest_header($data),
|
||||||
|
'(request-target)' => strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI']
|
||||||
|
];
|
||||||
$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
|
$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
|
||||||
HTTPSig::set_headers($h);
|
HTTPSig::set_headers($h);
|
||||||
echo $data;
|
echo $data;
|
||||||
|
@ -113,6 +117,7 @@ class Channel extends Controller {
|
||||||
$x['signature'] = LDSignatures::sign($x,$channel);
|
$x['signature'] = LDSignatures::sign($x,$channel);
|
||||||
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
|
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
|
||||||
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
||||||
|
$headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
|
||||||
$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
|
$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
|
||||||
HTTPSig::set_headers($h);
|
HTTPSig::set_headers($h);
|
||||||
|
|
||||||
|
|
|
@ -55,6 +55,7 @@ class Follow extends \Zotlabs\Web\Controller {
|
||||||
$x['signature'] = LDSignatures::sign($x,$chan);
|
$x['signature'] = LDSignatures::sign($x,$chan);
|
||||||
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
|
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
|
||||||
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
||||||
|
$headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
|
||||||
$h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],channel_url($chan));
|
$h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],channel_url($chan));
|
||||||
HTTPSig::set_headers($h);
|
HTTPSig::set_headers($h);
|
||||||
echo $ret;
|
echo $ret;
|
||||||
|
|
|
@ -51,6 +51,7 @@ class Followers extends \Zotlabs\Web\Controller {
|
||||||
$x['signature'] = LDSignatures::sign($x,$channel);
|
$x['signature'] = LDSignatures::sign($x,$channel);
|
||||||
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
|
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
|
||||||
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
||||||
|
$headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
|
||||||
$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
|
$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
|
||||||
HTTPSig::set_headers($h);
|
HTTPSig::set_headers($h);
|
||||||
echo $ret;
|
echo $ret;
|
||||||
|
|
|
@ -50,6 +50,7 @@ class Following extends \Zotlabs\Web\Controller {
|
||||||
$x['signature'] = LDSignatures::sign($x,$channel);
|
$x['signature'] = LDSignatures::sign($x,$channel);
|
||||||
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
|
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
|
||||||
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
||||||
|
$headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
|
||||||
$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
|
$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
|
||||||
HTTPSig::set_headers($h);
|
HTTPSig::set_headers($h);
|
||||||
echo $ret;
|
echo $ret;
|
||||||
|
|
|
@ -22,6 +22,7 @@ class Home extends \Zotlabs\Web\Controller {
|
||||||
$ret = json_encode(Libzot::site_info());
|
$ret = json_encode(Libzot::site_info());
|
||||||
|
|
||||||
$headers = [ 'Content-Type' => 'application/x-zot+json', 'Digest' => HTTPSig::generate_digest_header($ret) ];
|
$headers = [ 'Content-Type' => 'application/x-zot+json', 'Digest' => HTTPSig::generate_digest_header($ret) ];
|
||||||
|
$headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
|
||||||
$h = HTTPSig::create_sig($headers, $key, z_root());
|
$h = HTTPSig::create_sig($headers, $key, z_root());
|
||||||
HTTPSig::set_headers($h);
|
HTTPSig::set_headers($h);
|
||||||
echo $ret;
|
echo $ret;
|
||||||
|
|
|
@ -16,6 +16,16 @@ class Inbox extends Controller {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// This SHOULD be handled by the webserver, but in the RFC it is only indicated as
|
||||||
|
// a SHOULD and not a MUST, so some webservers fail to reject appropriately.
|
||||||
|
|
||||||
|
logger('accepting: ' . $_SERVER['HTTP_ACCEPT'],LOGGER_DEBUG);
|
||||||
|
|
||||||
|
if((array_key_exists('HTTP_ACCEPT',$_SERVER)) && ($_SERVER['HTTP_ACCEPT'])
|
||||||
|
&& (strpos($_SERVER['HTTP_ACCEPT'],'*') === false) && (! ActivityStreams::is_as_request())) {
|
||||||
|
http_status_exit(406,'not acceptable');
|
||||||
|
}
|
||||||
|
|
||||||
$sys_disabled = ((get_config('system','disable_discover_tab') || get_config('system','disable_activitypub_discover_tab')) ? true : false);
|
$sys_disabled = ((get_config('system','disable_discover_tab') || get_config('system','disable_activitypub_discover_tab')) ? true : false);
|
||||||
|
|
||||||
$is_public = false;
|
$is_public = false;
|
||||||
|
|
|
@ -91,6 +91,7 @@ class Item extends \Zotlabs\Web\Controller {
|
||||||
$x['signature'] = LDSignatures::sign($x,$chan);
|
$x['signature'] = LDSignatures::sign($x,$chan);
|
||||||
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
|
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
|
||||||
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
||||||
|
$headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
|
||||||
$h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],channel_url($chan));
|
$h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],channel_url($chan));
|
||||||
HTTPSig::set_headers($h);
|
HTTPSig::set_headers($h);
|
||||||
echo $ret;
|
echo $ret;
|
||||||
|
@ -179,6 +180,7 @@ class Item extends \Zotlabs\Web\Controller {
|
||||||
$x['signature'] = LDSignatures::sign($x,$chan);
|
$x['signature'] = LDSignatures::sign($x,$chan);
|
||||||
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
|
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
|
||||||
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
||||||
|
$headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
|
||||||
$h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],channel_url($chan));
|
$h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],channel_url($chan));
|
||||||
HTTPSig::set_headers($h);
|
HTTPSig::set_headers($h);
|
||||||
echo $ret;
|
echo $ret;
|
||||||
|
|
|
@ -102,6 +102,7 @@ class Magic extends \Zotlabs\Web\Controller {
|
||||||
$headers['X-Open-Web-Auth'] = random_string();
|
$headers['X-Open-Web-Auth'] = random_string();
|
||||||
$headers['Digest'] = HTTPSig::generate_digest_header($data);
|
$headers['Digest'] = HTTPSig::generate_digest_header($data);
|
||||||
$headers['Host'] = $parsed['host'];
|
$headers['Host'] = $parsed['host'];
|
||||||
|
$headers['(request-target)'] = 'get ' . '/owa';
|
||||||
|
|
||||||
$headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'], channel_url($channel),true,'sha512');
|
$headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'], channel_url($channel),true,'sha512');
|
||||||
$x = z_post_url($basepath . '/owa',$data,$redirects,[ 'headers' => $headers ]);
|
$x = z_post_url($basepath . '/owa',$data,$redirects,[ 'headers' => $headers ]);
|
||||||
|
|
|
@ -75,6 +75,7 @@ class Outbox extends \Zotlabs\Web\Controller {
|
||||||
$x['signature'] = LDSignatures::sign($x,$channel);
|
$x['signature'] = LDSignatures::sign($x,$channel);
|
||||||
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
|
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
|
||||||
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
||||||
|
$headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
|
||||||
$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
|
$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
|
||||||
HTTPSig::set_headers($h);
|
HTTPSig::set_headers($h);
|
||||||
echo $ret;
|
echo $ret;
|
||||||
|
|
|
@ -90,6 +90,7 @@ class Profile extends \Zotlabs\Web\Controller {
|
||||||
$x['signature'] = LDSignatures::sign($x,$chan);
|
$x['signature'] = LDSignatures::sign($x,$chan);
|
||||||
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
|
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
|
||||||
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
||||||
|
$headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
|
||||||
$h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],channel_url($chan));
|
$h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],channel_url($chan));
|
||||||
HTTPSig::set_headers($h);
|
HTTPSig::set_headers($h);
|
||||||
echo $ret;
|
echo $ret;
|
||||||
|
|
|
@ -47,6 +47,7 @@ class HTTPSig {
|
||||||
$h = new HTTPHeaders($data['header']);
|
$h = new HTTPHeaders($data['header']);
|
||||||
$headers = $h->fetcharr();
|
$headers = $h->fetcharr();
|
||||||
$body = $data['body'];
|
$body = $data['body'];
|
||||||
|
$headers['(request-target)'] = $data['request_target'];
|
||||||
}
|
}
|
||||||
|
|
||||||
else {
|
else {
|
||||||
|
@ -120,10 +121,6 @@ class HTTPSig {
|
||||||
if(array_key_exists($h,$headers)) {
|
if(array_key_exists($h,$headers)) {
|
||||||
$signed_data .= $h . ': ' . $headers[$h] . "\n";
|
$signed_data .= $h . ': ' . $headers[$h] . "\n";
|
||||||
}
|
}
|
||||||
if($h === 'host' && (strpos(strtolower(\App::get_hostname()),strtolower($headers[$h])) === false)) {
|
|
||||||
logger('bad host: ' . $sig_block['keyId'] . ' != ' . $headers[$h]);
|
|
||||||
return $result;
|
|
||||||
}
|
|
||||||
if($h === 'date') {
|
if($h === 'date') {
|
||||||
$d = new \DateTime($headers[$h]);
|
$d = new \DateTime($headers[$h]);
|
||||||
$d->setTimeZone(new \DateTimeZone('UTC'));
|
$d->setTimeZone(new \DateTimeZone('UTC'));
|
||||||
|
@ -161,8 +158,10 @@ class HTTPSig {
|
||||||
|
|
||||||
logger('verified: ' . $x, LOGGER_DEBUG);
|
logger('verified: ' . $x, LOGGER_DEBUG);
|
||||||
|
|
||||||
if(! $x)
|
if(! $x) {
|
||||||
|
logger('verify failed for ' . $result['signer'] . ' alg=' . $algorithm . (($key['public_key']) ? '' : ' no key'));
|
||||||
return $result;
|
return $result;
|
||||||
|
}
|
||||||
|
|
||||||
$result['portable_id'] = $key['portable_id'];
|
$result['portable_id'] = $key['portable_id'];
|
||||||
$result['header_valid'] = true;
|
$result['header_valid'] = true;
|
||||||
|
|
|
@ -55,6 +55,11 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) {
|
||||||
if(($redirects > 8) || (! $ch))
|
if(($redirects > 8) || (! $ch))
|
||||||
return $ret;
|
return $ret;
|
||||||
|
|
||||||
|
if(! array_key_exists('request_target',$opts)) {
|
||||||
|
$opts['request_target'] = 'get ' . get_request_string($url);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
@curl_setopt($ch, CURLOPT_HEADER, true);
|
@curl_setopt($ch, CURLOPT_HEADER, true);
|
||||||
@curl_setopt($ch, CURLINFO_HEADER_OUT, true);
|
@curl_setopt($ch, CURLINFO_HEADER_OUT, true);
|
||||||
@curl_setopt($ch, CURLOPT_CAINFO, get_capath());
|
@curl_setopt($ch, CURLOPT_CAINFO, get_capath());
|
||||||
|
@ -186,6 +191,7 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) {
|
||||||
}
|
}
|
||||||
$ret['body'] = substr($s,strlen($header));
|
$ret['body'] = substr($s,strlen($header));
|
||||||
$ret['header'] = $header;
|
$ret['header'] = $header;
|
||||||
|
$ret['request_target'] = $opts['request_target'];
|
||||||
|
|
||||||
if(x($opts,'debug')) {
|
if(x($opts,'debug')) {
|
||||||
$ret['debug'] = $curl_info;
|
$ret['debug'] = $curl_info;
|
||||||
|
@ -234,6 +240,11 @@ function z_post_url($url, $params, $redirects = 0, $opts = array()) {
|
||||||
if(($redirects > 8) || (! $ch))
|
if(($redirects > 8) || (! $ch))
|
||||||
return $ret;
|
return $ret;
|
||||||
|
|
||||||
|
if(! array_key_exists('request_target',$opts)) {
|
||||||
|
$opts['request_target'] = 'post ' . get_request_string($url);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
@curl_setopt($ch, CURLOPT_HEADER, true);
|
@curl_setopt($ch, CURLOPT_HEADER, true);
|
||||||
@curl_setopt($ch, CURLINFO_HEADER_OUT, true);
|
@curl_setopt($ch, CURLINFO_HEADER_OUT, true);
|
||||||
@curl_setopt($ch, CURLOPT_CAINFO, get_capath());
|
@curl_setopt($ch, CURLOPT_CAINFO, get_capath());
|
||||||
|
@ -366,6 +377,7 @@ function z_post_url($url, $params, $redirects = 0, $opts = array()) {
|
||||||
|
|
||||||
$ret['body'] = substr($s, strlen($header));
|
$ret['body'] = substr($s, strlen($header));
|
||||||
$ret['header'] = $header;
|
$ret['header'] = $header;
|
||||||
|
$ret['request_target'] = $opts['request_target'];
|
||||||
|
|
||||||
if(x($opts,'debug')) {
|
if(x($opts,'debug')) {
|
||||||
$ret['debug'] = $curl_info;
|
$ret['debug'] = $curl_info;
|
||||||
|
@ -2165,3 +2177,17 @@ function is_https_request() {
|
||||||
|
|
||||||
return $https;
|
return $https;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @brief Given a URL, return everything after the host portion.
|
||||||
|
* example https://foobar.com/gravy?g=5&y=6
|
||||||
|
* returns /gravy?g=5&y=6
|
||||||
|
* result always returns the leading slash
|
||||||
|
*/
|
||||||
|
|
||||||
|
function get_request_string($url) {
|
||||||
|
|
||||||
|
$a = explode('/',$url,4);
|
||||||
|
return '/' . ((count($a) > 3) ? $a[3] : EMPTY_STR);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue