Merge pull request #8944 from annando/signed-requests

AP: Always sign HTTP requests
This commit is contained in:
Hypolite Petovan 2020-07-30 17:09:22 -04:00 committed by GitHub
commit 7aa43dc2f4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 43 additions and 29 deletions

View file

@ -3705,8 +3705,10 @@ class Item
*/ */
public static function fetchByLink(string $uri, int $uid = 0) public static function fetchByLink(string $uri, int $uid = 0)
{ {
Logger::info('Trying to fetch link', ['uid' => $uid, 'uri' => $uri]);
$item_id = self::searchByLink($uri, $uid); $item_id = self::searchByLink($uri, $uid);
if (!empty($item_id)) { if (!empty($item_id)) {
Logger::info('Link found', ['uid' => $uid, 'uri' => $uri, 'id' => $item_id]);
return $item_id; return $item_id;
} }
@ -3717,9 +3719,11 @@ class Item
} }
if (!empty($item_id)) { if (!empty($item_id)) {
Logger::info('Link fetched', ['uid' => $uid, 'uri' => $uri, 'id' => $item_id]);
return $item_id; return $item_id;
} }
Logger::info('Link not found', ['uid' => $uid, 'uri' => $uri]);
return 0; return 0;
} }

View file

@ -185,6 +185,24 @@ class User
return DBA::selectFirst('user', $fields, ['email' => $email]); return DBA::selectFirst('user', $fields, ['email' => $email]);
} }
/**
* Fetch the user array of the administrator. The first one if there are several.
*
* @param array $fields
* @return array user
*/
public static function getFirstAdmin(array $fields = [])
{
if (!empty(DI::config()->get('config', 'admin_nickname'))) {
return self::getByNickname(DI::config()->get('config', 'admin_nickname'), $fields);
} elseif (!empty(DI::config()->get('config', 'admin_email'))) {
$adminList = explode(',', str_replace(' ', '', DI::config()->get('config', 'admin_email')));
return self::getByEmail($adminList[0], $fields);
} else {
return [];
}
}
/** /**
* Get owner data by user id * Get owner data by user id
* *

View file

@ -130,21 +130,13 @@ class Friendica extends BaseModule
$register_policy = $register_policies[$register_policy_int]; $register_policy = $register_policies[$register_policy_int];
} }
$condition = []; $admin = [];
$admin = false; $administrator = User::getFirstAdmin(['username', 'nickname']);
if (!empty($config->get('config', 'admin_nickname'))) { if (!empty($administrator)) {
$condition['nickname'] = $config->get('config', 'admin_nickname'); $admin = [
} 'name' => $administrator['username'],
if (!empty($config->get('config', 'admin_email'))) { 'profile' => DI::baseUrl()->get() . '/profile/' . $administrator['nickname'],
$adminList = explode(',', str_replace(' ', '', $config->get('config', 'admin_email'))); ];
$condition['email'] = $adminList[0];
$administrator = User::getByEmail($adminList[0], ['username', 'nickname']);
if (!empty($administrator)) {
$admin = [
'name' => $administrator['username'],
'profile' => DI::baseUrl()->get() . '/profile/' . $administrator['nickname'],
];
}
} }
$visible_addons = Addon::getVisibleList(); $visible_addons = Addon::getVisibleList();

View file

@ -22,6 +22,7 @@
namespace Friendica\Protocol; namespace Friendica\Protocol;
use Friendica\Core\Protocol; use Friendica\Core\Protocol;
use Friendica\Database\DBA;
use Friendica\DI; use Friendica\DI;
use Friendica\Model\APContact; use Friendica\Model\APContact;
use Friendica\Model\User; use Friendica\Model\User;
@ -89,22 +90,21 @@ class ActivityPub
*/ */
public static function fetchContent(string $url, int $uid = 0) public static function fetchContent(string $url, int $uid = 0)
{ {
if (!empty($uid)) { if (empty($uid)) {
return HTTPSignature::fetch($url, $uid); $user = User::getFirstAdmin(['uid']);
if (empty($user['uid'])) {
// When the system setup is missing an admin we just take the first user
$condition = ['verified' => true, 'blocked' => false, 'account_removed' => false, 'account_expired' => false];
$user = DBA::selectFirst('user', ['uid'], $condition);
}
if (!empty($user['uid'])) {
$uid = $user['uid'];
}
} }
$curlResult = DI::httpRequest()->get($url, false, ['accept_content' => 'application/activity+json, application/ld+json']); return HTTPSignature::fetch($url, $uid);
if (!$curlResult->isSuccess() || empty($curlResult->getBody())) {
return false;
}
$content = json_decode($curlResult->getBody(), true);
if (empty($content) || !is_array($content)) {
return false;
}
return $content;
} }
private static function getAccountType($apcontact) private static function getAccountType($apcontact)