1
1
Fork 0

Use signed requests for fetching private images

This commit is contained in:
Michael 2021-06-28 10:08:51 +00:00
parent 7e200174d6
commit 6f350c1e59
3 changed files with 21 additions and 15 deletions

View file

@ -268,19 +268,20 @@ class Photo
* Construct a photo array for an external resource image * Construct a photo array for an external resource image
* *
* @param string $url Image URL * @param string $url Image URL
* @param int $uid User ID of the requesting person
* @param string $mimetype Image mime type. Defaults to "image/jpeg" * @param string $mimetype Image mime type. Defaults to "image/jpeg"
* *
* @return array * @return array
* @throws \Exception * @throws \Exception
*/ */
public static function createPhotoForExternalResource($url, $mimetype = "image/jpeg") public static function createPhotoForExternalResource($url, $uid, $mimetype = "image/jpeg")
{ {
$fields = self::getFields(); $fields = self::getFields();
$values = array_fill(0, count($fields), ""); $values = array_fill(0, count($fields), "");
$photo = array_combine($fields, $values); $photo = array_combine($fields, $values);
$photo['backend-class'] = ExternalResource::NAME; $photo['backend-class'] = ExternalResource::NAME;
$photo['backend-ref'] = $url; $photo['backend-ref'] = json_encode(['url' => $url, 'uid' => $uid]);
$photo['type'] = $mimetype; $photo['type'] = $mimetype;
$photo['cacheable'] = false; $photo['cacheable'] = false;

View file

@ -22,7 +22,7 @@
namespace Friendica\Model\Storage; namespace Friendica\Model\Storage;
use BadMethodCallException; use BadMethodCallException;
use Friendica\DI; use Friendica\Util\HTTPSignature;
/** /**
* External resource storage class * External resource storage class
@ -37,16 +37,21 @@ class ExternalResource implements IStorage
/** /**
* @inheritDoc * @inheritDoc
*/ */
public function get(string $filename) public function get(string $reference)
{ {
$parts = parse_url($filename); $data = json_decode($reference);
if (empty($data->url)) {
return "";
}
$parts = parse_url($data->url);
if (empty($parts['scheme']) || empty($parts['host'])) { if (empty($parts['scheme']) || empty($parts['host'])) {
return ""; return "";
} }
$curlResult = DI::httpRequest()->get($filename); $fetchResult = HTTPSignature::fetchRaw($data->url, $data->uid);
if ($curlResult->isSuccess()) { if ($fetchResult->isSuccess()) {
return $curlResult->getBody(); return $fetchResult->getBody();
} else { } else {
return ""; return "";
} }
@ -55,12 +60,12 @@ class ExternalResource implements IStorage
/** /**
* @inheritDoc * @inheritDoc
*/ */
public function put(string $data, string $filename = '') public function put(string $data, string $reference = '')
{ {
throw new BadMethodCallException(); throw new BadMethodCallException();
} }
public function delete(string $filename) public function delete(string $reference)
{ {
throw new BadMethodCallException(); throw new BadMethodCallException();
} }

View file

@ -171,7 +171,7 @@ class Photo extends BaseModule
$author = Contact::selectFirst([], ["`id` IN (SELECT `author-id` FROM `post` WHERE `uri-id` = ?)", $media['uri-id']]); $author = Contact::selectFirst([], ["`id` IN (SELECT `author-id` FROM `post` WHERE `uri-id` = ?)", $media['uri-id']]);
$url = Contact::magicLinkByContact($author, $url); $url = Contact::magicLinkByContact($author, $url);
return MPhoto::createPhotoForExternalResource($url); return MPhoto::createPhotoForExternalResource($url, local_user());
case "media": case "media":
$media = DBA::selectFirst('post-media', ['url', 'uri-id'], ['id' => $uid, 'type' => Post\Media::IMAGE]); $media = DBA::selectFirst('post-media', ['url', 'uri-id'], ['id' => $uid, 'type' => Post\Media::IMAGE]);
if (empty($media)) { if (empty($media)) {
@ -181,7 +181,7 @@ class Photo extends BaseModule
$author = Contact::selectFirst([], ["`id` IN (SELECT `author-id` FROM `post` WHERE `uri-id` = ?)", $media['uri-id']]); $author = Contact::selectFirst([], ["`id` IN (SELECT `author-id` FROM `post` WHERE `uri-id` = ?)", $media['uri-id']]);
$url = Contact::magicLinkByContact($author, $media['url']); $url = Contact::magicLinkByContact($author, $media['url']);
return MPhoto::createPhotoForExternalResource($url); return MPhoto::createPhotoForExternalResource($url, local_user());
case "contact": case "contact":
$contact = Contact::getById($uid, ['uid', 'url', 'avatar', 'photo', 'xmpp', 'addr']); $contact = Contact::getById($uid, ['uid', 'url', 'avatar', 'photo', 'xmpp', 'addr']);
if (empty($contact)) { if (empty($contact)) {
@ -201,7 +201,7 @@ class Photo extends BaseModule
} else { } else {
$url = Contact::getDefaultAvatar($contact, Proxy::SIZE_SMALL); $url = Contact::getDefaultAvatar($contact, Proxy::SIZE_SMALL);
} }
return MPhoto::createPhotoForExternalResource($url); return MPhoto::createPhotoForExternalResource($url, local_user());
case "header": case "header":
$contact = Contact::getById($uid, ['uid', 'url', 'header']); $contact = Contact::getById($uid, ['uid', 'url', 'header']);
if (empty($contact)) { if (empty($contact)) {
@ -215,7 +215,7 @@ class Photo extends BaseModule
} else { } else {
$url = DI::baseUrl() . '/images/blank.png'; $url = DI::baseUrl() . '/images/blank.png';
} }
return MPhoto::createPhotoForExternalResource($url); return MPhoto::createPhotoForExternalResource($url, local_user());
case "profile": case "profile":
case "custom": case "custom":
$scale = 4; $scale = 4;
@ -247,7 +247,7 @@ class Photo extends BaseModule
$parts = parse_url($default); $parts = parse_url($default);
if (!empty($parts['scheme']) || !empty($parts['host'])) { if (!empty($parts['scheme']) || !empty($parts['host'])) {
$photo = MPhoto::createPhotoForExternalResource($default); $photo = MPhoto::createPhotoForExternalResource($default, local_user());
} else { } else {
$photo = MPhoto::createPhotoForSystemResource($default); $photo = MPhoto::createPhotoForSystemResource($default);
} }