wordpress-activitypub/includes/class-webfinger.php

204 lines
5.2 KiB
PHP
Raw Permalink Normal View History

<?php
namespace Activitypub;
2023-04-20 15:22:11 +02:00
use WP_Error;
2023-07-10 14:08:51 +02:00
use Activitypub\Collection\Users;
2023-04-20 15:22:11 +02:00
/**
* ActivityPub WebFinger Class
*
* @author Matthias Pfefferle
*
* @see https://webfinger.net/
*/
class Webfinger {
/**
* Returns a users WebFinger "resource"
*
* @param int $user_id
*
* @return string The user-resource
*/
2022-11-15 20:50:56 +01:00
public static function get_user_resource( $user_id ) {
// use WebFinger plugin if installed
if ( \function_exists( '\get_webfinger_resource' ) ) {
return \get_webfinger_resource( $user_id, false );
}
2023-07-03 11:20:44 +02:00
$user = Users::get_by_id( $user_id );
if ( ! $user || is_wp_error( $user ) ) {
return '';
}
return $user->get_resource();
}
2022-12-05 20:48:07 +01:00
2023-05-26 16:08:08 +02:00
/**
* Resolve a WebFinger resource
*
* @param string $resource The WebFinger resource
*
* @return string|WP_Error The URL or WP_Error
*/
public static function resolve( $resource ) {
if ( ! preg_match( '/^@?' . ACTIVITYPUB_USERNAME_REGEXP . '$/i', $resource, $m ) ) {
2022-12-05 20:48:07 +01:00
return null;
}
2023-05-26 16:08:08 +02:00
$transient_key = 'activitypub_resolve_' . ltrim( $resource, '@' );
2022-12-09 19:05:43 +01:00
$link = \get_transient( $transient_key );
if ( $link ) {
return $link;
}
2023-05-26 16:08:08 +02:00
$url = \add_query_arg( 'resource', 'acct:' . ltrim( $resource, '@' ), 'https://' . $m[2] . '/.well-known/webfinger' );
2022-12-05 20:48:07 +01:00
if ( ! \wp_http_validate_url( $url ) ) {
2023-04-20 15:22:11 +02:00
$response = new WP_Error( 'invalid_webfinger_url', null, $url );
\set_transient( $transient_key, $response, HOUR_IN_SECONDS ); // Cache the error for a shorter period.
return $response;
2022-12-05 20:48:07 +01:00
}
// try to access author URL
$response = \wp_remote_get(
$url,
array(
'headers' => array( 'Accept' => 'application/jrd+json' ),
2022-12-05 20:48:07 +01:00
'redirection' => 0,
'timeout' => 2,
2022-12-05 20:48:07 +01:00
)
);
if ( \is_wp_error( $response ) ) {
2023-04-20 15:22:11 +02:00
$link = new WP_Error( 'webfinger_url_not_accessible', null, $url );
2022-12-09 19:05:43 +01:00
\set_transient( $transient_key, $link, HOUR_IN_SECONDS ); // Cache the error for a shorter period.
return $link;
2022-12-05 20:48:07 +01:00
}
$body = \wp_remote_retrieve_body( $response );
$body = \json_decode( $body, true );
if ( empty( $body['links'] ) ) {
2023-04-20 15:22:11 +02:00
$link = new WP_Error( 'webfinger_url_invalid_response', null, $url );
2022-12-09 19:05:43 +01:00
\set_transient( $transient_key, $link, HOUR_IN_SECONDS ); // Cache the error for a shorter period.
return $link;
2022-12-05 20:48:07 +01:00
}
foreach ( $body['links'] as $link ) {
if ( 'self' === $link['rel'] && 'application/activity+json' === $link['type'] ) {
2022-12-09 19:05:43 +01:00
\set_transient( $transient_key, $link['href'], WEEK_IN_SECONDS );
2022-12-05 20:48:07 +01:00
return $link['href'];
}
}
2023-05-26 16:08:08 +02:00
$link = new WP_Error( 'webfinger_url_no_activitypub', null, $body );
2022-12-09 19:05:43 +01:00
\set_transient( $transient_key, $link, HOUR_IN_SECONDS ); // Cache the error for a shorter period.
return $link;
2022-12-05 20:48:07 +01:00
}
/**
* Convert a URI string to an identifier and its host.
* Automatically adds acct: if it's missing.
*
* @param string $url The URI (acct:, mailto:, http:, https:)
*
* @return WP_Error|array Error reaction or array with
* identifier and host as values
*/
public static function get_identifier_and_host( $url ) {
// remove leading @
$url = ltrim( $url, '@' );
if ( ! preg_match( '/^([a-zA-Z+]+):/', $url, $match ) ) {
$identifier = 'acct:' . $url;
$scheme = 'acct';
} else {
$identifier = $url;
$scheme = $match[1];
}
$host = null;
switch ( $scheme ) {
case 'acct':
case 'mailto':
case 'xmpp':
if ( strpos( $identifier, '@' ) !== false ) {
$host = substr( $identifier, strpos( $identifier, '@' ) + 1 );
}
break;
default:
$host = wp_parse_url( $identifier, PHP_URL_HOST );
break;
}
if ( empty( $host ) ) {
return new WP_Error( 'invalid_identifier', __( 'Invalid Identifier', 'activitypub' ) );
}
return array( $identifier, $host );
}
/**
* Get the WebFinger data for a given URI
*
* @param string $identifier The Identifier: <identifier>@<host>
* @param string $host The Host: <identifier>@<host>
*
* @return WP_Error|array Error reaction or array with
* identifier and host as values
*/
public static function get_data( $identifier, $host ) {
$webfinger_url = 'https://' . $host . '/.well-known/webfinger?resource=' . rawurlencode( $identifier );
$response = wp_safe_remote_get(
$webfinger_url,
array(
'headers' => array( 'Accept' => 'application/jrd+json' ),
'redirection' => 0,
'timeout' => 2,
)
);
if ( is_wp_error( $response ) ) {
return new WP_Error( 'webfinger_url_not_accessible', null, $webfinger_url );
}
$body = wp_remote_retrieve_body( $response );
return json_decode( $body, true );
}
/**
* Undocumented function
*
* @return void
*/
public static function get_remote_follow_endpoint( $uri ) {
$identifier_and_host = self::get_identifier_and_host( $uri );
if ( is_wp_error( $identifier_and_host ) ) {
return $identifier_and_host;
}
list( $identifier, $host ) = $identifier_and_host;
$data = self::get_data( $identifier, $host );
if ( is_wp_error( $data ) ) {
return $data;
}
if ( empty( $data['links'] ) ) {
return new WP_Error( 'webfinger_url_invalid_response', null, $data );
}
foreach ( $data['links'] as $link ) {
if ( 'http://ostatus.org/schema/1.0/subscribe' === $link['rel'] ) {
return $link['template'];
}
}
return new WP_Error( 'webfinger_remote_follow_endpoint_invalid', $data, array( 'status' => 417 ) );
}
}