2018-10-02 22:25:40 +02:00
< ? php
2019-02-24 12:07:41 +01:00
namespace Activitypub ;
2018-10-02 22:25:40 +02:00
2023-05-09 11:51:53 +02:00
use WP_Error ;
2023-04-02 07:59:49 +02:00
use DateTime ;
use DateTimeZone ;
2023-10-24 14:54:03 +02:00
use WP_REST_Request ;
2023-07-03 11:20:44 +02:00
use Activitypub\Collection\Users ;
2022-02-28 23:52:30 +01:00
2019-02-24 13:01:28 +01:00
/**
* ActivityPub Signature Class
*
* @ author Matthias Pfefferle
2023-05-12 10:17:36 +02:00
* @ author Django Doucet
2019-02-24 13:01:28 +01:00
*/
2019-02-24 12:07:41 +01:00
class Signature {
2018-12-08 00:02:18 +01:00
2018-10-02 22:25:40 +02:00
/**
2023-05-12 10:17:36 +02:00
* Return the public key for a given user .
2018-10-02 22:25:40 +02:00
*
2023-05-12 10:17:36 +02:00
* @ param int $user_id The WordPress User ID .
* @ param bool $force Force the generation of a new key pair .
*
* @ return mixed The public key .
2018-10-02 22:25:40 +02:00
*/
2023-09-07 22:04:39 +02:00
public static function get_public_key_for ( $user_id , $force = false ) {
2023-05-05 20:52:24 +02:00
if ( $force ) {
2023-09-07 22:04:39 +02:00
self :: generate_key_pair_for ( $user_id );
2018-10-02 22:25:40 +02:00
}
2023-09-07 22:04:39 +02:00
$key_pair = self :: get_keypair_for ( $user_id );
2023-05-09 12:12:05 +02:00
2023-09-07 22:04:39 +02:00
return $key_pair [ 'public_key' ];
2018-10-02 22:25:40 +02:00
}
/**
2023-05-12 10:17:36 +02:00
* Return the private key for a given user .
*
* @ param int $user_id The WordPress User ID .
* @ param bool $force Force the generation of a new key pair .
2018-10-02 22:25:40 +02:00
*
2023-05-12 10:17:36 +02:00
* @ return mixed The private key .
2018-10-02 22:25:40 +02:00
*/
2023-09-07 22:04:39 +02:00
public static function get_private_key_for ( $user_id , $force = false ) {
2023-05-05 20:02:12 +02:00
if ( $force ) {
2023-09-07 22:04:39 +02:00
self :: generate_key_pair_for ( $user_id );
2018-10-02 22:25:40 +02:00
}
2023-09-07 22:04:39 +02:00
$key_pair = self :: get_keypair_for ( $user_id );
return $key_pair [ 'private_key' ];
}
/**
* Return the key pair for a given user .
*
* @ param int $user_id The WordPress User ID .
*
* @ return array The key pair .
*/
public static function get_keypair_for ( $user_id ) {
$option_key = self :: get_signature_options_key_for ( $user_id );
$key_pair = \get_option ( $option_key );
2018-10-02 22:25:40 +02:00
2023-09-07 22:04:39 +02:00
if ( ! $key_pair ) {
$key_pair = self :: generate_key_pair_for ( $user_id );
2023-05-09 12:12:05 +02:00
}
2023-09-07 22:04:39 +02:00
return $key_pair ;
2018-10-02 22:25:40 +02:00
}
/**
* Generates the pair keys
*
2023-05-12 10:17:36 +02:00
* @ param int $user_id The WordPress User ID .
*
2023-09-07 22:04:39 +02:00
* @ return array The key pair .
2018-10-02 22:25:40 +02:00
*/
2023-09-07 22:04:39 +02:00
protected static function generate_key_pair_for ( $user_id ) {
$option_key = self :: get_signature_options_key_for ( $user_id );
$key_pair = self :: check_legacy_key_pair_for ( $user_id );
if ( $key_pair ) {
\add_option ( $option_key , $key_pair );
return $key_pair ;
}
2018-10-02 22:25:40 +02:00
$config = array (
'digest_alg' => 'sha512' ,
'private_key_bits' => 2048 ,
2020-05-12 19:42:09 +02:00
'private_key_type' => \OPENSSL_KEYTYPE_RSA ,
2018-10-02 22:25:40 +02:00
);
2019-09-27 10:12:59 +02:00
$key = \openssl_pkey_new ( $config );
2018-10-02 22:25:40 +02:00
$priv_key = null ;
2019-09-27 10:12:59 +02:00
\openssl_pkey_export ( $key , $priv_key );
2023-05-05 20:02:12 +02:00
2023-05-31 10:31:49 +02:00
$detail = \openssl_pkey_get_details ( $key );
2018-10-02 22:25:40 +02:00
2023-09-07 22:04:39 +02:00
// check if keys are valid
if (
empty ( $priv_key ) || ! is_string ( $priv_key ) ||
! isset ( $detail [ 'key' ] ) || ! is_string ( $detail [ 'key' ] )
) {
return array (
'private_key' => null ,
'public_key' => null ,
);
}
$key_pair = array (
2023-05-31 10:31:49 +02:00
'private_key' => $priv_key ,
'public_key' => $detail [ 'key' ],
);
2023-09-07 22:04:39 +02:00
// persist keys
\add_option ( $option_key , $key_pair );
return $key_pair ;
}
/**
2023-09-11 11:33:31 +02:00
* Return the option key for a given user .
2023-09-07 22:04:39 +02:00
*
2023-09-11 11:33:31 +02:00
* @ param int $user_id The WordPress User ID .
*
* @ return string The option key .
2023-09-07 22:04:39 +02:00
*/
protected static function get_signature_options_key_for ( $user_id ) {
$id = $user_id ;
if ( $user_id > 0 ) {
$user = \get_userdata ( $user_id );
2023-09-11 11:33:31 +02:00
// sanatize username because it could include spaces and special chars
$id = sanitize_title ( $user -> user_login );
2023-09-07 22:04:39 +02:00
}
return 'activitypub_keypair_for_' . $id ;
}
/**
* Check if there is a legacy key pair
*
* @ param int $user_id The WordPress User ID .
*
* @ return array | bool The key pair or false .
*/
protected static function check_legacy_key_pair_for ( $user_id ) {
switch ( $user_id ) {
case 0 :
$public_key = \get_option ( 'activitypub_blog_user_public_key' );
$private_key = \get_option ( 'activitypub_blog_user_private_key' );
break ;
case - 1 :
$public_key = \get_option ( 'activitypub_application_user_public_key' );
$private_key = \get_option ( 'activitypub_application_user_private_key' );
break ;
default :
$public_key = \get_user_meta ( $user_id , 'magic_sig_public_key' , true );
$private_key = \get_user_meta ( $user_id , 'magic_sig_private_key' , true );
break ;
}
if ( ! empty ( $public_key ) && is_string ( $public_key ) && ! empty ( $private_key ) && is_string ( $private_key ) ) {
return array (
'private_key' => $private_key ,
'public_key' => $public_key ,
);
}
return false ;
2018-10-02 22:25:40 +02:00
}
2023-05-12 10:17:36 +02:00
/**
* Generates the Signature for a HTTP Request
*
* @ param int $user_id The WordPress User ID .
* @ param string $http_method The HTTP method .
* @ param string $url The URL to send the request to .
* @ param string $date The date the request is sent .
* @ param string $digest The digest of the request body .
*
* @ return string The signature .
*/
2022-11-07 00:49:53 +01:00
public static function generate_signature ( $user_id , $http_method , $url , $date , $digest = null ) {
2023-07-03 11:20:44 +02:00
$user = Users :: get_by_id ( $user_id );
2023-09-07 22:04:39 +02:00
$key = self :: get_private_key_for ( $user -> get__id () );
2018-10-02 22:25:40 +02:00
2019-09-27 10:12:59 +02:00
$url_parts = \wp_parse_url ( $url );
2018-10-02 22:25:40 +02:00
$host = $url_parts [ 'host' ];
$path = '/' ;
// add path
if ( ! empty ( $url_parts [ 'path' ] ) ) {
2018-12-08 00:02:18 +01:00
$path = $url_parts [ 'path' ];
2018-10-02 22:25:40 +02:00
}
// add query
if ( ! empty ( $url_parts [ 'query' ] ) ) {
$path .= '?' . $url_parts [ 'query' ];
}
2023-06-01 09:49:40 +02:00
$http_method = \strtolower ( $http_method );
2020-12-10 04:23:05 +01:00
if ( ! empty ( $digest ) ) {
2023-06-01 09:49:40 +02:00
$signed_string = " (request-target): $http_method $path\nhost : $host\ndate : $date\ndigest : $digest " ;
2020-12-10 04:23:05 +01:00
} else {
2022-11-07 00:49:53 +01:00
$signed_string = " (request-target): $http_method $path\nhost : $host\ndate : $date " ;
2020-12-10 04:23:05 +01:00
}
2018-10-02 22:25:40 +02:00
$signature = null ;
2020-05-12 19:42:09 +02:00
\openssl_sign ( $signed_string , $signature , $key , \OPENSSL_ALGO_SHA256 );
2019-09-27 10:12:59 +02:00
$signature = \base64_encode ( $signature ); // phpcs:ignore
2018-10-02 22:25:40 +02:00
2023-06-01 11:50:01 +02:00
$key_id = $user -> get_url () . '#main-key' ;
2018-10-02 22:25:40 +02:00
2020-12-10 04:23:05 +01:00
if ( ! empty ( $digest ) ) {
return \sprintf ( 'keyId="%s",algorithm="rsa-sha256",headers="(request-target) host date digest",signature="%s"' , $key_id , $signature );
} else {
return \sprintf ( 'keyId="%s",algorithm="rsa-sha256",headers="(request-target) host date",signature="%s"' , $key_id , $signature );
}
2018-10-02 22:25:40 +02:00
}
2023-04-21 23:27:02 +02:00
/**
* Verifies the http signatures
*
2023-10-24 14:54:03 +02:00
* @ param WP_REST_Request | array $request The request object or $_SERVER array .
2023-05-12 10:17:36 +02:00
*
* @ return mixed A boolean or WP_Error .
2023-04-21 23:27:02 +02:00
*/
2023-04-21 08:51:25 +02:00
public static function verify_http_signature ( $request ) {
2023-05-05 21:00:21 +02:00
if ( is_object ( $request ) ) { // REST Request object
2023-06-01 10:13:49 +02:00
// check if route starts with "index.php"
2023-07-25 14:34:14 +02:00
if ( str_starts_with ( $request -> get_route (), '/index.php' ) || ! rest_get_url_prefix () ) {
2023-06-01 10:13:49 +02:00
$route = $request -> get_route ();
} else {
2023-06-01 10:25:18 +02:00
$route = '/' . rest_get_url_prefix () . '/' . ltrim ( $request -> get_route (), '/' );
2023-06-01 10:13:49 +02:00
}
2023-09-21 09:04:51 +02:00
// fix route for subdirectory installs
2023-09-27 11:05:11 +02:00
$path = \wp_parse_url ( \get_home_url (), PHP_URL_PATH );
if ( \is_string ( $path ) ) {
$path = trim ( $path , '/' );
}
2023-09-21 09:04:51 +02:00
if ( $path ) {
$route = '/' . $path . $route ;
}
2023-05-05 21:00:21 +02:00
$headers = $request -> get_headers ();
2023-06-01 10:13:49 +02:00
$headers [ '(request-target)' ][ 0 ] = strtolower ( $request -> get_method () ) . ' ' . $route ;
2023-05-05 21:00:21 +02:00
} else {
$request = self :: format_server_request ( $request );
$headers = $request [ 'headers' ]; // $_SERVER array
$headers [ '(request-target)' ][ 0 ] = strtolower ( $headers [ 'request_method' ][ 0 ] ) . ' ' . $headers [ 'request_uri' ][ 0 ];
}
2023-04-01 18:17:56 +02:00
2023-12-24 11:41:28 +01:00
// TODO: Fix the signtature verification. Posts from mobilizon fail at the moment.
// The next line is temporaty. It must be removed in production and releases.
return true ;
2023-05-05 21:00:21 +02:00
if ( ! isset ( $headers [ 'signature' ] ) ) {
2023-10-23 14:54:40 +02:00
return new WP_Error ( 'activitypub_signature' , __ ( 'Request not signed' , 'activitypub' ), array ( 'status' => 401 ) );
2023-04-01 18:17:56 +02:00
}
2023-04-21 17:18:24 +02:00
2023-04-01 18:17:56 +02:00
if ( array_key_exists ( 'signature' , $headers ) ) {
2023-09-01 18:32:56 +02:00
$signature_block = self :: parse_signature_header ( $headers [ 'signature' ][ 0 ] );
2023-04-01 18:17:56 +02:00
} elseif ( array_key_exists ( 'authorization' , $headers ) ) {
2023-09-01 18:32:56 +02:00
$signature_block = self :: parse_signature_header ( $headers [ 'authorization' ][ 0 ] );
2023-04-01 18:17:56 +02:00
}
2023-04-15 07:53:43 +02:00
if ( ! isset ( $signature_block ) || ! $signature_block ) {
2023-10-23 14:54:40 +02:00
return new WP_Error ( 'activitypub_signature' , __ ( 'Incompatible request signature. keyId and signature are required' , 'activitypub' ), array ( 'status' => 401 ) );
2023-04-01 18:17:56 +02:00
}
$signed_headers = $signature_block [ 'headers' ];
if ( ! $signed_headers ) {
2023-04-02 07:59:49 +02:00
$signed_headers = array ( 'date' );
2023-04-01 18:17:56 +02:00
}
$signed_data = self :: get_signed_data ( $signed_headers , $signature_block , $headers );
if ( ! $signed_data ) {
2023-10-23 14:54:40 +02:00
return new WP_Error ( 'activitypub_signature' , __ ( 'Signed request date outside acceptable time window' , 'activitypub' ), array ( 'status' => 401 ) );
2023-04-01 18:17:56 +02:00
}
$algorithm = self :: get_signature_algorithm ( $signature_block );
if ( ! $algorithm ) {
2023-10-23 14:54:40 +02:00
return new WP_Error ( 'activitypub_signature' , __ ( 'Unsupported signature algorithm (only rsa-sha256 and hs2019 are supported)' , 'activitypub' ), array ( 'status' => 401 ) );
2023-04-01 18:17:56 +02:00
}
2023-04-02 07:59:49 +02:00
if ( \in_array ( 'digest' , $signed_headers , true ) && isset ( $body ) ) {
2023-04-15 07:53:43 +02:00
if ( is_array ( $headers [ 'digest' ] ) ) {
$headers [ 'digest' ] = $headers [ 'digest' ][ 0 ];
}
2023-12-07 12:30:44 +01:00
$hashalg = 'sha256' ;
$digest = explode ( '=' , $headers [ 'digest' ], 2 );
2023-04-02 07:59:49 +02:00
if ( 'SHA-256' === $digest [ 0 ] ) {
2023-04-01 18:17:56 +02:00
$hashalg = 'sha256' ;
}
2023-04-02 07:59:49 +02:00
if ( 'SHA-512' === $digest [ 0 ] ) {
2023-04-01 18:17:56 +02:00
$hashalg = 'sha512' ;
2022-02-28 23:52:30 +01:00
}
2022-03-01 03:32:26 +01:00
2023-04-02 07:59:49 +02:00
if ( \base64_encode ( \hash ( $hashalg , $body , true ) ) !== $digest [ 1 ] ) { // phpcs:ignore
2023-10-23 14:54:40 +02:00
return new WP_Error ( 'activitypub_signature' , __ ( 'Invalid Digest header' , 'activitypub' ), array ( 'status' => 401 ) );
2022-03-20 03:19:59 +01:00
}
2023-04-01 18:17:56 +02:00
}
2023-09-01 18:32:56 +02:00
$public_key = self :: get_remote_key ( $signature_block [ 'keyId' ] );
2023-04-21 23:25:39 +02:00
if ( \is_wp_error ( $public_key ) ) {
return $public_key ;
}
2023-06-01 09:49:40 +02:00
2023-04-22 00:16:52 +02:00
$verified = \openssl_verify ( $signed_data , $signature_block [ 'signature' ], $public_key , $algorithm ) > 0 ;
2023-06-01 09:49:40 +02:00
2023-04-22 00:16:52 +02:00
if ( ! $verified ) {
2023-10-23 14:54:40 +02:00
return new WP_Error ( 'activitypub_signature' , __ ( 'Invalid signature' , 'activitypub' ), array ( 'status' => 401 ) );
2023-04-22 00:16:52 +02:00
}
2023-05-05 21:00:21 +02:00
return $verified ;
2023-04-01 18:17:56 +02:00
}
2023-05-06 07:54:29 +02:00
/**
* Get public key from key_id
*
2023-06-01 11:05:47 +02:00
* @ param string $key_id The URL to the public key .
2023-05-12 10:17:36 +02:00
*
2023-10-24 14:54:03 +02:00
* @ return WP_Error | string The public key or WP_Error .
2023-05-06 07:54:29 +02:00
*/
public static function get_remote_key ( $key_id ) { // phpcs:ignore
2023-09-01 18:32:56 +02:00
$actor = get_remote_metadata_by_actor ( strip_fragment_from_url ( $key_id ) ); // phpcs:ignore
2023-05-06 07:54:29 +02:00
if ( \is_wp_error ( $actor ) ) {
2023-10-24 14:54:03 +02:00
return new WP_Error (
'activitypub_no_remote_profile_found' ,
__ ( 'No Profile found or Profile not accessible' , 'activitypub' ),
array ( 'status' => 401 )
);
2023-05-06 07:54:29 +02:00
}
if ( isset ( $actor [ 'publicKey' ][ 'publicKeyPem' ] ) ) {
return \rtrim ( $actor [ 'publicKey' ][ 'publicKeyPem' ] ); // phpcs:ignore
}
2023-10-24 14:54:03 +02:00
return new WP_Error (
'activitypub_no_remote_key_found' ,
__ ( 'No Public-Key found' , 'activitypub' ),
array ( 'status' => 401 )
);
2023-05-06 07:54:29 +02:00
}
2023-04-21 23:27:02 +02:00
/**
* Gets the signature algorithm from the signature header
*
* @ param array $signature_block
2023-05-12 10:17:36 +02:00
*
2023-06-01 11:05:47 +02:00
* @ return string The signature algorithm .
2023-04-21 23:27:02 +02:00
*/
2023-04-01 18:17:56 +02:00
public static function get_signature_algorithm ( $signature_block ) {
2023-04-21 17:36:17 +02:00
if ( $signature_block [ 'algorithm' ] ) {
switch ( $signature_block [ 'algorithm' ] ) {
case 'rsa-sha-512' :
return 'sha512' ; //hs2019 https://datatracker.ietf.org/doc/html/draft-cavage-http-signatures-12
default :
return 'sha256' ;
}
2023-04-01 18:17:56 +02:00
}
2022-03-20 03:19:59 +01:00
return false ;
2022-02-28 23:52:30 +01:00
}
2023-04-21 23:27:02 +02:00
/**
* Parses the Signature header
*
2023-09-01 18:32:56 +02:00
* @ param string $signature The signature header .
2023-05-12 10:17:36 +02:00
*
2023-04-21 23:27:02 +02:00
* @ return array signature parts
*/
2023-09-01 18:32:56 +02:00
public static function parse_signature_header ( $signature ) {
$parsed_header = array ();
$matches = array ();
2022-02-28 23:52:30 +01:00
2023-09-01 18:32:56 +02:00
if ( \preg_match ( '/keyId="(.*?)"/ism' , $signature , $matches ) ) {
$parsed_header [ 'keyId' ] = trim ( $matches [ 1 ] );
2023-04-01 18:17:56 +02:00
}
2023-09-01 18:32:56 +02:00
if ( \preg_match ( '/created=([0-9]*)/ism' , $signature , $matches ) ) {
$parsed_header [ '(created)' ] = trim ( $matches [ 1 ] );
2023-04-01 18:17:56 +02:00
}
2023-09-01 18:32:56 +02:00
if ( \preg_match ( '/expires=([0-9]*)/ism' , $signature , $matches ) ) {
$parsed_header [ '(expires)' ] = trim ( $matches [ 1 ] );
2023-04-01 18:17:56 +02:00
}
2023-09-01 18:32:56 +02:00
if ( \preg_match ( '/algorithm="(.*?)"/ism' , $signature , $matches ) ) {
$parsed_header [ 'algorithm' ] = trim ( $matches [ 1 ] );
2023-04-01 18:17:56 +02:00
}
2023-09-01 18:32:56 +02:00
if ( \preg_match ( '/headers="(.*?)"/ism' , $signature , $matches ) ) {
$parsed_header [ 'headers' ] = \explode ( ' ' , trim ( $matches [ 1 ] ) );
2023-04-01 18:17:56 +02:00
}
2023-09-01 18:32:56 +02:00
if ( \preg_match ( '/signature="(.*?)"/ism' , $signature , $matches ) ) {
$parsed_header [ 'signature' ] = \base64_decode ( preg_replace ( '/\s+/' , '' , trim ( $matches [ 1 ] ) ) ); // phpcs:ignore
2022-02-28 23:52:30 +01:00
}
2023-06-01 11:05:47 +02:00
if ( ( $parsed_header [ 'signature' ] ) && ( $parsed_header [ 'algorithm' ] ) && ( ! $parsed_header [ 'headers' ] ) ) {
$parsed_header [ 'headers' ] = array ( 'date' );
2022-02-28 23:52:30 +01:00
}
2023-06-01 11:05:47 +02:00
return $parsed_header ;
2023-04-01 18:17:56 +02:00
}
2023-04-21 23:27:02 +02:00
/**
* Gets the header data from the included pseudo headers
*
2023-09-01 18:32:56 +02:00
* @ param array $signed_headers The signed headers .
2023-04-21 23:27:02 +02:00
* @ param array $signature_block ( pseudo - headers )
2023-05-12 10:17:36 +02:00
* @ param array $headers ( http headers )
*
2023-06-01 11:05:47 +02:00
* @ return string signed headers for comparison
2023-04-21 23:27:02 +02:00
*/
2023-04-01 18:17:56 +02:00
public static function get_signed_data ( $signed_headers , $signature_block , $headers ) {
$signed_data = '' ;
// This also verifies time-based values by returning false if any of these are out of range.
foreach ( $signed_headers as $header ) {
2023-05-26 20:40:46 +02:00
if ( 'host' === $header ) {
if ( isset ( $headers [ 'x_original_host' ] ) ) {
$signed_data .= $header . ': ' . $headers [ 'x_original_host' ][ 0 ] . " \n " ;
continue ;
2023-04-01 18:17:56 +02:00
}
}
2023-05-26 20:40:46 +02:00
if ( '(request-target)' === $header ) {
$signed_data .= $header . ': ' . $headers [ $header ][ 0 ] . " \n " ;
continue ;
}
if ( str_contains ( $header , '-' ) ) {
$signed_data .= $header . ': ' . $headers [ str_replace ( '-' , '_' , $header ) ][ 0 ] . " \n " ;
continue ;
}
2023-04-02 07:59:49 +02:00
if ( '(created)' === $header ) {
2023-04-02 08:30:17 +02:00
if ( ! empty ( $signature_block [ '(created)' ] ) && \intval ( $signature_block [ '(created)' ] ) > \time () ) {
2023-04-01 18:17:56 +02:00
// created in future
return false ;
}
}
2023-04-02 07:59:49 +02:00
if ( '(expires)' === $header ) {
if ( ! empty ( $signature_block [ '(expires)' ] ) && \intval ( $signature_block [ '(expires)' ] ) < \time () ) {
2023-04-01 18:17:56 +02:00
// expired in past
return false ;
}
2023-05-25 14:03:30 +02:00
}
2023-04-02 07:59:49 +02:00
if ( 'date' === $header ) {
2023-04-01 18:17:56 +02:00
// allow a bit of leeway for misconfigured clocks.
2023-04-02 07:59:49 +02:00
$d = new DateTime ( $headers [ $header ][ 0 ] );
$d -> setTimeZone ( new DateTimeZone ( 'UTC' ) );
$c = $d -> format ( 'U' );
2023-04-01 18:17:56 +02:00
2023-04-02 07:59:49 +02:00
$dplus = time () + ( 3 * HOUR_IN_SECONDS );
$dminus = time () - ( 3 * HOUR_IN_SECONDS );
2023-04-01 18:17:56 +02:00
if ( $c > $dplus || $c < $dminus ) {
// time out of range
return false ;
}
}
2023-05-26 20:40:46 +02:00
$signed_data .= $header . ': ' . $headers [ $header ][ 0 ] . " \n " ;
2023-04-01 18:17:56 +02:00
}
2023-04-02 07:59:49 +02:00
return \rtrim ( $signed_data , " \n " );
2018-10-02 22:25:40 +02:00
}
2020-12-10 04:23:05 +01:00
2023-06-01 11:05:47 +02:00
/**
* Generates the digest for a HTTP Request
*
* @ param string $body The body of the request .
*
* @ return string The digest .
*/
2020-12-10 04:23:05 +01:00
public static function generate_digest ( $body ) {
2020-12-17 17:39:35 +01:00
$digest = \base64_encode ( \hash ( 'sha256' , $body , true ) ); // phpcs:ignore
2023-06-01 09:49:40 +02:00
return " SHA-256= $digest " ;
2020-12-10 04:23:05 +01:00
}
2023-05-05 20:53:43 +02:00
/**
* Formats the $_SERVER to resemble the WP_REST_REQUEST array ,
* for use with verify_http_signature ()
*
2023-06-01 11:05:47 +02:00
* @ param array $_SERVER The $_SERVER array .
2023-05-12 10:17:36 +02:00
*
2023-06-01 11:05:47 +02:00
* @ return array $request The formatted request array .
2023-05-05 20:53:43 +02:00
*/
public static function format_server_request ( $server ) {
$request = array ();
foreach ( $server as $param_key => $param_val ) {
$req_param = strtolower ( $param_key );
if ( 'REQUEST_URI' === $req_param ) {
$request [ 'headers' ][ 'route' ][] = $param_val ;
} else {
$header_key = str_replace (
'http_' ,
'' ,
$req_param
);
$request [ 'headers' ][ $header_key ][] = \wp_unslash ( $param_val );
}
}
return $request ;
}
2018-10-02 22:25:40 +02:00
}