Avoid a notice in HTTP signature check, preparation for authentication

This commit is contained in:
Michael 2019-01-15 06:31:12 +00:00
parent b00481ce2b
commit ae2a8b796c
3 changed files with 20 additions and 5 deletions

View file

@ -9,6 +9,7 @@ use Friendica\Protocol\ActivityPub;
use Friendica\Core\System; use Friendica\Core\System;
use Friendica\Model\Item; use Friendica\Model\Item;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Util\HTTPSignature;
/** /**
* ActivityPub Objects * ActivityPub Objects
@ -27,6 +28,9 @@ class Objects extends BaseModule
$a->internalRedirect(str_replace('objects/', 'display/', $a->query_string)); $a->internalRedirect(str_replace('objects/', 'display/', $a->query_string));
} }
/// @todo Add Authentication to enable fetching of non public content
// $requester = HTTPSignature::getSigner('', $_SERVER);
$item = Item::selectFirst(['id'], ['guid' => $a->argv[1], 'origin' => true, 'private' => false]); $item = Item::selectFirst(['id'], ['guid' => $a->argv[1], 'origin' => true, 'private' => false]);
if (!DBA::isResult($item)) { if (!DBA::isResult($item)) {
System::httpExit(404); System::httpExit(404);

View file

@ -8,6 +8,7 @@ use Friendica\BaseModule;
use Friendica\Protocol\ActivityPub; use Friendica\Protocol\ActivityPub;
use Friendica\Core\System; use Friendica\Core\System;
use Friendica\Model\User; use Friendica\Model\User;
use Friendica\Util\HTTPSignature;
/** /**
* ActivityPub Outbox * ActivityPub Outbox
@ -29,6 +30,9 @@ class Outbox extends BaseModule
$page = defaults($_REQUEST, 'page', null); $page = defaults($_REQUEST, 'page', null);
/// @todo Add Authentication to enable fetching of non public content
// $requester = HTTPSignature::getSigner('', $_SERVER);
$outbox = ActivityPub\Transmitter::getOutbox($owner, $page); $outbox = ActivityPub\Transmitter::getOutbox($owner, $page);
header('Content-Type: application/activity+json'); header('Content-Type: application/activity+json');

View file

@ -217,7 +217,7 @@ class HTTPSignature
$ret['signature'] = base64_decode(preg_replace('/\s+/', '', $matches[1])); $ret['signature'] = base64_decode(preg_replace('/\s+/', '', $matches[1]));
} }
if (($ret['signature']) && ($ret['algorithm']) && (!$ret['headers'])) { if (!empty($ret['signature']) && !empty($ret['algorithm']) && empty($ret['headers'])) {
$ret['headers'] = ['date']; $ret['headers'] = ['date'];
} }
@ -376,13 +376,20 @@ class HTTPSignature
*/ */
public static function getSigner($content, $http_headers) public static function getSigner($content, $http_headers)
{ {
$object = json_decode($content, true); if (empty($http_headers['HTTP_SIGNATURE'])) {
return false;
}
if (!empty($content)) {
$object = json_decode($content, true);
if (empty($object)) { if (empty($object)) {
return false; return false;
} }
$actor = JsonLD::fetchElement($object, 'actor', 'id'); $actor = JsonLD::fetchElement($object, 'actor', 'id');
} else {
$actor = '';
}
$headers = []; $headers = [];
$headers['(request-target)'] = strtolower($http_headers['REQUEST_METHOD']) . ' ' . $http_headers['REQUEST_URI']; $headers['(request-target)'] = strtolower($http_headers['REQUEST_METHOD']) . ' ' . $http_headers['REQUEST_URI'];