Merge pull request #8944 from annando/signed-requests

AP: Always sign HTTP requests
2020-07-30 17:09:22 -04:00 · 2020-07-30 17:09:22 -04:00 · 7aa43dc2f4
parent f4e1acedfc a3ba0ccc93
commit 7aa43dc2f4
4 changed files with 43 additions and 29 deletions
--- a/src/Model/Item.php
+++ b/src/Model/Item.php
@ -3705,8 +3705,10 @@ class Item
 	 */
 	public static function fetchByLink(string $uri, int $uid = 0)
 	{
 		Logger::info('Trying to fetch link', ['uid' => $uid, 'uri' => $uri]);
 		$item_id = self::searchByLink($uri, $uid);
 		if (!empty($item_id)) {
 			Logger::info('Link found', ['uid' => $uid, 'uri' => $uri, 'id' => $item_id]);
 			return $item_id;
 		}
@ -3717,9 +3719,11 @@ class Item
 		}
 		if (!empty($item_id)) {
 			Logger::info('Link fetched', ['uid' => $uid, 'uri' => $uri, 'id' => $item_id]);
 			return $item_id;
 		}
 		Logger::info('Link not found', ['uid' => $uid, 'uri' => $uri]);
 		return 0;
 	}
--- a/src/Model/User.php
+++ b/src/Model/User.php
@ -185,6 +185,24 @@ class User
 		return DBA::selectFirst('user', $fields, ['email' => $email]);
 	}
 	/**
 	 * Fetch the user array of the administrator. The first one if there are several.
 	 *
 	 * @param array $fields
 	 * @return array user
 	 */
 	public static function getFirstAdmin(array $fields = [])
 	{
 		if (!empty(DI::config()->get('config', 'admin_nickname'))) {
 			return self::getByNickname(DI::config()->get('config', 'admin_nickname'), $fields);
 		} elseif (!empty(DI::config()->get('config', 'admin_email'))) {
 			$adminList = explode(',', str_replace(' ', '', DI::config()->get('config', 'admin_email')));
 			return self::getByEmail($adminList[0], $fields);
 		} else {
 			return [];
 		}
 	}
 	/**
 	 * Get owner data by user id
 	 *
--- a/src/Module/Friendica.php
+++ b/src/Module/Friendica.php
@ -130,22 +130,14 @@ class Friendica extends BaseModule
 			$register_policy = $register_policies[$register_policy_int];
 		}
-		$condition = [];
+		$admin = [];
-		$admin = false;
+		$administrator = User::getFirstAdmin(['username', 'nickname']);
 		if (!empty($config->get('config', 'admin_nickname'))) {
 			$condition['nickname'] = $config->get('config', 'admin_nickname');
 		}
 		if (!empty($config->get('config', 'admin_email'))) {
 			$adminList = explode(',', str_replace(' ', '', $config->get('config', 'admin_email')));
 			$condition['email'] = $adminList[0];
 			$administrator = User::getByEmail($adminList[0], ['username', 'nickname']);
 		if (!empty($administrator)) {
 			$admin = [
 				'name'    => $administrator['username'],
 				'profile' => DI::baseUrl()->get() . '/profile/' . $administrator['nickname'],
 			];
 		}
 		}
 		$visible_addons = Addon::getVisibleList();
--- a/src/Protocol/ActivityPub.php
+++ b/src/Protocol/ActivityPub.php
@ -22,6 +22,7 @@
 namespace Friendica\Protocol;
 use Friendica\Core\Protocol;
 use Friendica\Database\DBA;
 use Friendica\DI;
 use Friendica\Model\APContact;
 use Friendica\Model\User;
@ -89,24 +90,23 @@ class ActivityPub
 	 */
 	public static function fetchContent(string $url, int $uid = 0)
 	{
-		if (!empty($uid)) {
+		if (empty($uid)) {
 			$user = User::getFirstAdmin(['uid']);
 			if (empty($user['uid'])) {
 				// When the system setup is missing an admin we just take the first user
 				$condition = ['verified' => true, 'blocked' => false, 'account_removed' => false, 'account_expired' => false];
 				$user = DBA::selectFirst('user', ['uid'], $condition);
 			}
 			if (!empty($user['uid'])) {
 				$uid = $user['uid'];
 			}
 		}
 		return HTTPSignature::fetch($url, $uid);
 	}
 		$curlResult = DI::httpRequest()->get($url, false, ['accept_content' => 'application/activity+json, application/ld+json']);
 		if (!$curlResult->isSuccess() || empty($curlResult->getBody())) {
 			return false;
 		}
 		$content = json_decode($curlResult->getBody(), true);
 		if (empty($content) || !is_array($content)) {
 			return false;
 		}
 		return $content;
 	}
 	private static function getAccountType($apcontact)
 	{
 		$accounttype = -1;