Merge pull request #8944 from annando/signed-requests
AP: Always sign HTTP requests
This commit is contained in:
commit
7aa43dc2f4
4 changed files with 43 additions and 29 deletions
|
@ -3705,8 +3705,10 @@ class Item
|
||||||
*/
|
*/
|
||||||
public static function fetchByLink(string $uri, int $uid = 0)
|
public static function fetchByLink(string $uri, int $uid = 0)
|
||||||
{
|
{
|
||||||
|
Logger::info('Trying to fetch link', ['uid' => $uid, 'uri' => $uri]);
|
||||||
$item_id = self::searchByLink($uri, $uid);
|
$item_id = self::searchByLink($uri, $uid);
|
||||||
if (!empty($item_id)) {
|
if (!empty($item_id)) {
|
||||||
|
Logger::info('Link found', ['uid' => $uid, 'uri' => $uri, 'id' => $item_id]);
|
||||||
return $item_id;
|
return $item_id;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -3717,9 +3719,11 @@ class Item
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!empty($item_id)) {
|
if (!empty($item_id)) {
|
||||||
|
Logger::info('Link fetched', ['uid' => $uid, 'uri' => $uri, 'id' => $item_id]);
|
||||||
return $item_id;
|
return $item_id;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Logger::info('Link not found', ['uid' => $uid, 'uri' => $uri]);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -185,6 +185,24 @@ class User
|
||||||
return DBA::selectFirst('user', $fields, ['email' => $email]);
|
return DBA::selectFirst('user', $fields, ['email' => $email]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Fetch the user array of the administrator. The first one if there are several.
|
||||||
|
*
|
||||||
|
* @param array $fields
|
||||||
|
* @return array user
|
||||||
|
*/
|
||||||
|
public static function getFirstAdmin(array $fields = [])
|
||||||
|
{
|
||||||
|
if (!empty(DI::config()->get('config', 'admin_nickname'))) {
|
||||||
|
return self::getByNickname(DI::config()->get('config', 'admin_nickname'), $fields);
|
||||||
|
} elseif (!empty(DI::config()->get('config', 'admin_email'))) {
|
||||||
|
$adminList = explode(',', str_replace(' ', '', DI::config()->get('config', 'admin_email')));
|
||||||
|
return self::getByEmail($adminList[0], $fields);
|
||||||
|
} else {
|
||||||
|
return [];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get owner data by user id
|
* Get owner data by user id
|
||||||
*
|
*
|
||||||
|
|
|
@ -130,21 +130,13 @@ class Friendica extends BaseModule
|
||||||
$register_policy = $register_policies[$register_policy_int];
|
$register_policy = $register_policies[$register_policy_int];
|
||||||
}
|
}
|
||||||
|
|
||||||
$condition = [];
|
$admin = [];
|
||||||
$admin = false;
|
$administrator = User::getFirstAdmin(['username', 'nickname']);
|
||||||
if (!empty($config->get('config', 'admin_nickname'))) {
|
if (!empty($administrator)) {
|
||||||
$condition['nickname'] = $config->get('config', 'admin_nickname');
|
$admin = [
|
||||||
}
|
'name' => $administrator['username'],
|
||||||
if (!empty($config->get('config', 'admin_email'))) {
|
'profile' => DI::baseUrl()->get() . '/profile/' . $administrator['nickname'],
|
||||||
$adminList = explode(',', str_replace(' ', '', $config->get('config', 'admin_email')));
|
];
|
||||||
$condition['email'] = $adminList[0];
|
|
||||||
$administrator = User::getByEmail($adminList[0], ['username', 'nickname']);
|
|
||||||
if (!empty($administrator)) {
|
|
||||||
$admin = [
|
|
||||||
'name' => $administrator['username'],
|
|
||||||
'profile' => DI::baseUrl()->get() . '/profile/' . $administrator['nickname'],
|
|
||||||
];
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$visible_addons = Addon::getVisibleList();
|
$visible_addons = Addon::getVisibleList();
|
||||||
|
|
|
@ -22,6 +22,7 @@
|
||||||
namespace Friendica\Protocol;
|
namespace Friendica\Protocol;
|
||||||
|
|
||||||
use Friendica\Core\Protocol;
|
use Friendica\Core\Protocol;
|
||||||
|
use Friendica\Database\DBA;
|
||||||
use Friendica\DI;
|
use Friendica\DI;
|
||||||
use Friendica\Model\APContact;
|
use Friendica\Model\APContact;
|
||||||
use Friendica\Model\User;
|
use Friendica\Model\User;
|
||||||
|
@ -89,22 +90,21 @@ class ActivityPub
|
||||||
*/
|
*/
|
||||||
public static function fetchContent(string $url, int $uid = 0)
|
public static function fetchContent(string $url, int $uid = 0)
|
||||||
{
|
{
|
||||||
if (!empty($uid)) {
|
if (empty($uid)) {
|
||||||
return HTTPSignature::fetch($url, $uid);
|
$user = User::getFirstAdmin(['uid']);
|
||||||
|
|
||||||
|
if (empty($user['uid'])) {
|
||||||
|
// When the system setup is missing an admin we just take the first user
|
||||||
|
$condition = ['verified' => true, 'blocked' => false, 'account_removed' => false, 'account_expired' => false];
|
||||||
|
$user = DBA::selectFirst('user', ['uid'], $condition);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!empty($user['uid'])) {
|
||||||
|
$uid = $user['uid'];
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$curlResult = DI::httpRequest()->get($url, false, ['accept_content' => 'application/activity+json, application/ld+json']);
|
return HTTPSignature::fetch($url, $uid);
|
||||||
if (!$curlResult->isSuccess() || empty($curlResult->getBody())) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
$content = json_decode($curlResult->getBody(), true);
|
|
||||||
|
|
||||||
if (empty($content) || !is_array($content)) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
return $content;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private static function getAccountType($apcontact)
|
private static function getAccountType($apcontact)
|
||||||
|
|
Loading…
Reference in a new issue