Merge pull request #8944 from annando/signed-requests

AP: Always sign HTTP requests
This commit is contained in:
Hypolite Petovan 2020-07-30 17:09:22 -04:00 committed by GitHub
commit 7aa43dc2f4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 43 additions and 29 deletions

View file

@ -3705,8 +3705,10 @@ class Item
*/
public static function fetchByLink(string $uri, int $uid = 0)
{
Logger::info('Trying to fetch link', ['uid' => $uid, 'uri' => $uri]);
$item_id = self::searchByLink($uri, $uid);
if (!empty($item_id)) {
Logger::info('Link found', ['uid' => $uid, 'uri' => $uri, 'id' => $item_id]);
return $item_id;
}
@ -3717,9 +3719,11 @@ class Item
}
if (!empty($item_id)) {
Logger::info('Link fetched', ['uid' => $uid, 'uri' => $uri, 'id' => $item_id]);
return $item_id;
}
Logger::info('Link not found', ['uid' => $uid, 'uri' => $uri]);
return 0;
}

View file

@ -185,6 +185,24 @@ class User
return DBA::selectFirst('user', $fields, ['email' => $email]);
}
/**
* Fetch the user array of the administrator. The first one if there are several.
*
* @param array $fields
* @return array user
*/
public static function getFirstAdmin(array $fields = [])
{
if (!empty(DI::config()->get('config', 'admin_nickname'))) {
return self::getByNickname(DI::config()->get('config', 'admin_nickname'), $fields);
} elseif (!empty(DI::config()->get('config', 'admin_email'))) {
$adminList = explode(',', str_replace(' ', '', DI::config()->get('config', 'admin_email')));
return self::getByEmail($adminList[0], $fields);
} else {
return [];
}
}
/**
* Get owner data by user id
*

View file

@ -130,21 +130,13 @@ class Friendica extends BaseModule
$register_policy = $register_policies[$register_policy_int];
}
$condition = [];
$admin = false;
if (!empty($config->get('config', 'admin_nickname'))) {
$condition['nickname'] = $config->get('config', 'admin_nickname');
}
if (!empty($config->get('config', 'admin_email'))) {
$adminList = explode(',', str_replace(' ', '', $config->get('config', 'admin_email')));
$condition['email'] = $adminList[0];
$administrator = User::getByEmail($adminList[0], ['username', 'nickname']);
if (!empty($administrator)) {
$admin = [
'name' => $administrator['username'],
'profile' => DI::baseUrl()->get() . '/profile/' . $administrator['nickname'],
];
}
$admin = [];
$administrator = User::getFirstAdmin(['username', 'nickname']);
if (!empty($administrator)) {
$admin = [
'name' => $administrator['username'],
'profile' => DI::baseUrl()->get() . '/profile/' . $administrator['nickname'],
];
}
$visible_addons = Addon::getVisibleList();

View file

@ -22,6 +22,7 @@
namespace Friendica\Protocol;
use Friendica\Core\Protocol;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\APContact;
use Friendica\Model\User;
@ -89,22 +90,21 @@ class ActivityPub
*/
public static function fetchContent(string $url, int $uid = 0)
{
if (!empty($uid)) {
return HTTPSignature::fetch($url, $uid);
if (empty($uid)) {
$user = User::getFirstAdmin(['uid']);
if (empty($user['uid'])) {
// When the system setup is missing an admin we just take the first user
$condition = ['verified' => true, 'blocked' => false, 'account_removed' => false, 'account_expired' => false];
$user = DBA::selectFirst('user', ['uid'], $condition);
}
if (!empty($user['uid'])) {
$uid = $user['uid'];
}
}
$curlResult = DI::httpRequest()->get($url, false, ['accept_content' => 'application/activity+json, application/ld+json']);
if (!$curlResult->isSuccess() || empty($curlResult->getBody())) {
return false;
}
$content = json_decode($curlResult->getBody(), true);
if (empty($content) || !is_array($content)) {
return false;
}
return $content;
return HTTPSignature::fetch($url, $uid);
}
private static function getAccountType($apcontact)