Merge pull request #8944 from annando/signed-requests

AP: Always sign HTTP requests

src/Model/Item.php

@@ -3705,8 +3705,10 @@ class Item
 	 */
 	public static function fetchByLink(string $uri, int $uid = 0)
 	{
+		Logger::info('Trying to fetch link', ['uid' => $uid, 'uri' => $uri]);
 		$item_id = self::searchByLink($uri, $uid);
 		if (!empty($item_id)) {
+			Logger::info('Link found', ['uid' => $uid, 'uri' => $uri, 'id' => $item_id]);
 			return $item_id;
 		}
 
@@ -3717,9 +3719,11 @@ class Item
 		}
 
 		if (!empty($item_id)) {
+			Logger::info('Link fetched', ['uid' => $uid, 'uri' => $uri, 'id' => $item_id]);
 			return $item_id;
 		}
 
+		Logger::info('Link not found', ['uid' => $uid, 'uri' => $uri]);
 		return 0;
 	}
 

src/Model/User.php

@@ -185,6 +185,24 @@ class User
 		return DBA::selectFirst('user', $fields, ['email' => $email]);
 	}
 
+	/**
+	 * Fetch the user array of the administrator. The first one if there are several.
+	 *
+	 * @param array $fields
+	 * @return array user
+	 */
+	public static function getFirstAdmin(array $fields = [])
+	{
+		if (!empty(DI::config()->get('config', 'admin_nickname'))) {
+			return self::getByNickname(DI::config()->get('config', 'admin_nickname'), $fields);
+		} elseif (!empty(DI::config()->get('config', 'admin_email'))) {
+			$adminList = explode(',', str_replace(' ', '', DI::config()->get('config', 'admin_email')));
+			return self::getByEmail($adminList[0], $fields);
+		} else {
+			return [];
+		}
+	}
+
 	/**
 	 * Get owner data by user id
 	 *

src/Module/Friendica.php

@@ -130,21 +130,13 @@ class Friendica extends BaseModule
 			$register_policy = $register_policies[$register_policy_int];
 		}
 
-		$condition = [];
+		$admin = [];
-		$admin = false;
+		$administrator = User::getFirstAdmin(['username', 'nickname']);
-		if (!empty($config->get('config', 'admin_nickname'))) {
+		if (!empty($administrator)) {
-			$condition['nickname'] = $config->get('config', 'admin_nickname');
+			$admin = [
-		}
+				'name'    => $administrator['username'],
-		if (!empty($config->get('config', 'admin_email'))) {
+				'profile' => DI::baseUrl()->get() . '/profile/' . $administrator['nickname'],
-			$adminList = explode(',', str_replace(' ', '', $config->get('config', 'admin_email')));
+			];
-			$condition['email'] = $adminList[0];
-			$administrator = User::getByEmail($adminList[0], ['username', 'nickname']);
-			if (!empty($administrator)) {
-				$admin = [
-					'name'    => $administrator['username'],
-					'profile' => DI::baseUrl()->get() . '/profile/' . $administrator['nickname'],
-				];
-			}
 		}
 
 		$visible_addons = Addon::getVisibleList();

src/Protocol/ActivityPub.php

@@ -22,6 +22,7 @@
 namespace Friendica\Protocol;
 
 use Friendica\Core\Protocol;
+use Friendica\Database\DBA;
 use Friendica\DI;
 use Friendica\Model\APContact;
 use Friendica\Model\User;
@@ -89,22 +90,21 @@ class ActivityPub
 	 */
 	public static function fetchContent(string $url, int $uid = 0)
 	{
-		if (!empty($uid)) {
+		if (empty($uid)) {
-			return HTTPSignature::fetch($url, $uid);
+			$user = User::getFirstAdmin(['uid']);
+		
+			if (empty($user['uid'])) {
+				// When the system setup is missing an admin we just take the first user
+				$condition = ['verified' => true, 'blocked' => false, 'account_removed' => false, 'account_expired' => false];
+				$user = DBA::selectFirst('user', ['uid'], $condition);
+			}
+
+			if (!empty($user['uid'])) {
+				$uid = $user['uid'];
+			}
 		}
 
-		$curlResult = DI::httpRequest()->get($url, false, ['accept_content' => 'application/activity+json, application/ld+json']);
+		return HTTPSignature::fetch($url, $uid);
-		if (!$curlResult->isSuccess() || empty($curlResult->getBody())) {
-			return false;
-		}
-
-		$content = json_decode($curlResult->getBody(), true);
-
-		if (empty($content) || !is_array($content)) {
-			return false;
-		}
-
-		return $content;
 	}
 
 	private static function getAccountType($apcontact)