2018-09-24 20:47:15 +02:00
< ? php
2019-02-24 12:07:41 +01:00
namespace Activitypub ;
2018-09-27 22:26:57 +02:00
/**
2018-09-30 22:51:22 +02:00
* Returns the ActivityPub default JSON - context
2018-09-27 22:26:57 +02:00
*
2018-09-30 22:51:22 +02:00
* @ return array the activitypub context
2018-09-27 22:26:57 +02:00
*/
2019-02-24 12:07:41 +01:00
function get_context () {
2018-09-30 22:51:22 +02:00
$context = array (
'https://www.w3.org/ns/activitystreams' ,
'https://w3id.org/security/v1' ,
array (
'manuallyApprovesFollowers' => 'as:manuallyApprovesFollowers' ,
'PropertyValue' => 'schema:PropertyValue' ,
2019-11-18 20:57:00 +01:00
'schema' => 'http://schema.org#' ,
2018-09-30 22:51:22 +02:00
'value' => 'schema:value' ,
),
);
2019-09-27 10:12:59 +02:00
return \apply_filters ( 'activitypub_json_context' , $context );
2018-09-27 22:26:57 +02:00
}
2018-12-08 00:02:18 +01:00
2019-02-24 12:07:41 +01:00
function safe_remote_post ( $url , $body , $user_id ) {
2019-09-27 10:12:59 +02:00
$date = \gmdate ( 'D, d M Y H:i:s T' );
2019-02-24 12:07:41 +01:00
$signature = \Activitypub\Signature :: generate_signature ( $user_id , $url , $date );
2018-12-08 00:02:18 +01:00
2019-09-27 10:12:59 +02:00
$wp_version = \get_bloginfo ( 'version' );
$user_agent = \apply_filters ( 'http_headers_useragent' , 'WordPress/' . $wp_version . '; ' . \get_bloginfo ( 'url' ) );
2018-12-08 00:02:18 +01:00
$args = array (
'timeout' => 100 ,
'limit_response_size' => 1048576 ,
'redirection' => 3 ,
'user-agent' => " $user_agent ; ActivityPub " ,
'headers' => array (
'Accept' => 'application/activity+json' ,
'Content-Type' => 'application/activity+json' ,
'Signature' => $signature ,
'Date' => $date ,
),
'body' => $body ,
);
2019-09-27 10:12:59 +02:00
$response = \wp_safe_remote_post ( $url , $args );
2019-03-14 23:10:11 +01:00
2019-09-27 10:12:59 +02:00
\do_action ( 'activitypub_safe_remote_post_response' , $response , $url , $body , $user_id );
2019-03-14 23:10:11 +01:00
return $response ;
2018-12-20 11:33:08 +01:00
}
2020-02-21 11:05:17 +01:00
function safe_remote_get ( $url , $user_id ) {
$date = \gmdate ( 'D, d M Y H:i:s T' );
$signature = \Activitypub\Signature :: generate_signature ( $user_id , $url , $date );
$wp_version = \get_bloginfo ( 'version' );
$user_agent = \apply_filters ( 'http_headers_useragent' , 'WordPress/' . $wp_version . '; ' . \get_bloginfo ( 'url' ) );
$args = array (
'timeout' => 100 ,
'limit_response_size' => 1048576 ,
'redirection' => 3 ,
'user-agent' => " $user_agent ; ActivityPub " ,
'headers' => array (
'Accept' => 'application/activity+json' ,
'Content-Type' => 'application/activity+json' ,
'Signature' => $signature ,
'Date' => $date ,
),
);
$response = \wp_safe_remote_get ( $url , $args );
\do_action ( 'activitypub_safe_remote_get_response' , $response , $url , $user_id );
return $response ;
}
2018-12-20 11:33:08 +01:00
/**
* Returns a users WebFinger " resource "
*
* @ param int $user_id
*
* @ return string The user - resource
*/
2019-02-24 12:07:41 +01:00
function get_webfinger_resource ( $user_id ) {
2018-12-20 11:33:08 +01:00
// use WebFinger plugin if installed
2019-09-27 10:12:59 +02:00
if ( \function_exists ( '\get_webfinger_resource' ) ) {
2019-02-24 12:07:41 +01:00
return \get_webfinger_resource ( $user_id , false );
2018-12-20 11:33:08 +01:00
}
2019-09-27 10:12:59 +02:00
$user = \get_user_by ( 'id' , $user_id );
2018-12-20 11:33:08 +01:00
2020-05-12 19:42:09 +02:00
return $user -> user_login . '@' . \wp_parse_url ( \home_url (), \PHP_URL_HOST );
2018-12-20 11:33:08 +01:00
}
/**
* [ get_metadata_by_actor description ]
*
2019-03-14 23:10:11 +01:00
* @ param sting $actor
*
* @ return array
2018-12-20 11:33:08 +01:00
*/
2019-02-24 12:07:41 +01:00
function get_remote_metadata_by_actor ( $actor ) {
2019-09-27 10:12:59 +02:00
$metadata = \get_transient ( 'activitypub_' . $actor );
2018-12-20 11:33:08 +01:00
if ( $metadata ) {
return $metadata ;
}
2019-09-27 10:12:59 +02:00
if ( ! \wp_http_validate_url ( $actor ) ) {
return new \WP_Error ( 'activitypub_no_valid_actor_url' , \__ ( 'The "actor" is no valid URL' , 'activitypub' ), $actor );
2018-12-20 11:33:08 +01:00
}
2020-02-21 11:05:17 +01:00
$user = \get_users ( array (
2020-01-18 19:56:30 +01:00
'number' => 1 ,
'who' => 'authors' ,
2020-02-21 11:05:17 +01:00
'fields' => 'ID' ,
) );
2020-01-18 19:56:30 +01:00
2020-02-21 11:05:17 +01:00
// we just need any user to generate a request signature
$user_id = \reset ( $user );
2018-12-20 11:33:08 +01:00
2020-02-21 11:05:17 +01:00
$response = \Activitypub\safe_remote_get ( $actor , $user_id );
2018-12-20 11:33:08 +01:00
2019-09-27 10:12:59 +02:00
if ( \is_wp_error ( $response ) ) {
2018-12-20 11:33:08 +01:00
return $response ;
}
2019-09-27 10:12:59 +02:00
$metadata = \wp_remote_retrieve_body ( $response );
$metadata = \json_decode ( $metadata , true );
2018-12-20 11:33:08 +01:00
if ( ! $metadata ) {
2019-09-27 10:12:59 +02:00
return new \WP_Error ( 'activitypub_invalid_json' , \__ ( 'No valid JSON data' , 'activitypub' ), $actor );
2018-12-20 11:33:08 +01:00
}
2019-09-27 10:12:59 +02:00
\set_transient ( 'activitypub_' . $actor , $metadata , WEEK_IN_SECONDS );
2018-12-20 11:33:08 +01:00
return $metadata ;
}
/**
* [ get_inbox_by_actor description ]
* @ param [ type ] $actor [ description ]
* @ return [ type ] [ description ]
*/
2019-02-24 12:07:41 +01:00
function get_inbox_by_actor ( $actor ) {
2019-02-24 12:21:25 +01:00
$metadata = \Activitypub\get_remote_metadata_by_actor ( $actor );
2018-12-20 11:33:08 +01:00
2019-09-27 10:12:59 +02:00
if ( \is_wp_error ( $metadata ) ) {
2018-12-20 11:33:08 +01:00
return $metadata ;
}
if ( isset ( $metadata [ 'endpoints' ] ) && isset ( $metadata [ 'endpoints' ][ 'sharedInbox' ] ) ) {
return $metadata [ 'endpoints' ][ 'sharedInbox' ];
}
2019-09-27 10:12:59 +02:00
if ( \array_key_exists ( 'inbox' , $metadata ) ) {
2018-12-20 11:33:08 +01:00
return $metadata [ 'inbox' ];
}
2020-05-12 20:30:06 +02:00
return new \WP_Error ( 'activitypub_no_inbox' , \__ ( 'No "Inbox" found' , 'activitypub' ), $metadata );
2018-12-20 11:33:08 +01:00
}
/**
* [ get_inbox_by_actor description ]
* @ param [ type ] $actor [ description ]
* @ return [ type ] [ description ]
*/
2019-02-24 12:07:41 +01:00
function get_publickey_by_actor ( $actor , $key_id ) {
2019-02-24 12:21:25 +01:00
$metadata = \Activitypub\get_remote_metadata_by_actor ( $actor );
2018-12-20 11:33:08 +01:00
2019-09-27 10:12:59 +02:00
if ( \is_wp_error ( $metadata ) ) {
2018-12-20 11:33:08 +01:00
return $metadata ;
}
if (
isset ( $metadata [ 'publicKey' ] ) &&
isset ( $metadata [ 'publicKey' ][ 'id' ] ) &&
isset ( $metadata [ 'publicKey' ][ 'owner' ] ) &&
isset ( $metadata [ 'publicKey' ][ 'publicKeyPem' ] ) &&
$key_id === $metadata [ 'publicKey' ][ 'id' ] &&
$actor === $metadata [ 'publicKey' ][ 'owner' ]
) {
return $metadata [ 'publicKey' ][ 'publicKeyPem' ];
}
2019-09-27 10:12:59 +02:00
return new \WP_Error ( 'activitypub_no_public_key' , \__ ( 'No "Public-Key" found' , 'activitypub' ), $metadata );
2018-12-20 11:33:08 +01:00
}
2019-03-14 23:10:11 +01:00
function get_follower_inboxes ( $user_id ) {
2019-11-18 20:57:00 +01:00
$followers = \Activitypub\Peer\Followers :: get_followers ( $user_id );
2018-12-20 11:33:08 +01:00
$inboxes = array ();
2019-03-14 23:10:11 +01:00
2018-12-20 11:33:08 +01:00
foreach ( $followers as $follower ) {
2019-03-14 23:10:11 +01:00
$inbox = \Activitypub\get_inbox_by_actor ( $follower );
2019-09-27 10:12:59 +02:00
if ( ! $inbox || \is_wp_error ( $inbox ) ) {
2019-07-26 17:07:43 +02:00
continue ;
}
2019-03-14 23:10:11 +01:00
// init array if empty
2019-07-26 17:07:43 +02:00
if ( ! isset ( $inboxes [ $inbox ] ) ) {
2019-03-14 23:10:11 +01:00
$inboxes [ $inbox ] = array ();
}
$inboxes [ $inbox ][] = $follower ;
2018-12-20 11:33:08 +01:00
}
2019-03-14 23:10:11 +01:00
return $inboxes ;
2018-12-08 00:02:18 +01:00
}
2019-01-16 21:50:45 +01:00
2019-02-24 12:07:41 +01:00
function get_identifier_settings ( $user_id ) {
2019-01-16 21:50:45 +01:00
?>
< table class = " form-table " >
< tbody >
< tr >
< th scope = " row " >
2019-09-27 10:12:59 +02:00
< label >< ? php \esc_html_e ( 'Profile identifier' , 'activitypub' ); ?> </label>
2019-01-16 21:50:45 +01:00
</ th >
< td >
2019-09-27 10:12:59 +02:00
< p >< code >< ? php echo \esc_html ( \Activitypub\get_webfinger_resource ( $user_id ) ); ?> </code> or <code><?php echo \esc_url( \get_author_posts_url( $user_id ) ); ?></code></p>
2019-03-14 23:10:11 +01:00
< ? php // translators: the webfinger resource ?>
2019-12-01 21:20:26 +01:00
< p class = " description " >< ? php \printf ( \esc_html__ ( 'Try to follow "@%s" in the Mastodon/Friendica search field.' , 'activitypub' ), \esc_html ( \Activitypub\get_webfinger_resource ( $user_id ) ) ); ?> </p>
2019-01-16 21:50:45 +01:00
</ td >
</ tr >
</ tbody >
</ table >
< ? php
}
2019-01-22 21:16:37 +01:00
2019-02-24 12:07:41 +01:00
function get_followers ( $user_id ) {
2019-11-18 20:57:00 +01:00
$followers = \Activitypub\Peer\Followers :: get_followers ( $user_id );
2019-01-22 21:16:37 +01:00
if ( ! $followers ) {
return array ();
}
return $followers ;
}
2019-02-24 12:07:41 +01:00
function count_followers ( $user_id ) {
$followers = \Activitypub\get_followers ( $user_id );
2019-01-22 21:16:37 +01:00
2019-09-27 10:12:59 +02:00
return \count ( $followers );
2019-01-22 21:16:37 +01:00
}
2019-11-18 20:57:00 +01:00
/**
* Examine a url and try to determine the author ID it represents .
*
* Checks are supposedly from the hosted site blog .
*
* @ param string $url Permalink to check .
*
* @ return int User ID , or 0 on failure .
*/
function url_to_authorid ( $url ) {
global $wp_rewrite ;
// check if url hase the same host
2020-05-12 20:30:06 +02:00
if ( \wp_parse_url ( \site_url (), \PHP_URL_HOST ) !== \wp_parse_url ( $url , \PHP_URL_HOST ) ) {
2019-11-18 20:57:00 +01:00
return 0 ;
}
// first, check to see if there is a 'author=N' to match against
2019-12-01 21:20:26 +01:00
if ( \preg_match ( '/[?&]author=(\d+)/i' , $url , $values ) ) {
2020-05-12 20:30:06 +02:00
$id = \absint ( $values [ 1 ] );
2019-11-18 20:57:00 +01:00
if ( $id ) {
return $id ;
}
}
// check to see if we are using rewrite rules
$rewrite = $wp_rewrite -> wp_rewrite_rules ();
// not using rewrite rules, and 'author=N' method failed, so we're out of options
if ( empty ( $rewrite ) ) {
return 0 ;
}
// generate rewrite rule for the author url
$author_rewrite = $wp_rewrite -> get_author_permastruct ();
2019-12-01 21:20:26 +01:00
$author_regexp = \str_replace ( '%author%' , '' , $author_rewrite );
2019-11-18 20:57:00 +01:00
// match the rewrite rule with the passed url
2019-12-01 21:20:26 +01:00
if ( \preg_match ( '/https?:\/\/(.+)' . \preg_quote ( $author_regexp , '/' ) . '([^\/]+)/i' , $url , $match ) ) {
2020-05-12 20:30:06 +02:00
$user = \get_user_by ( 'slug' , $match [ 2 ] );
2019-11-18 20:57:00 +01:00
if ( $user ) {
return $user -> ID ;
}
}
return 0 ;
}
2020-02-21 11:09:31 +01:00
/**
* Get the blacklist from the WordPress options table
*
* @ return array the list of blacklisted hosts
*
* @ uses apply_filters () Calls 'activitypub_blacklist' filter
*/
function get_blacklist () {
$blacklist = \get_option ( 'activitypub_blacklist' );
2020-05-12 19:42:09 +02:00
$blacklist_hosts = \explode ( \PHP_EOL , $blacklist );
2020-02-21 11:09:31 +01:00
// if no values have been set, revert to the defaults
2020-02-22 13:02:58 +01:00
if ( ! $blacklist || ! $blacklist_hosts || ! \is_array ( $blacklist_hosts ) ) {
2020-04-28 10:03:44 +02:00
$blacklist_hosts = array ();
2020-02-21 11:09:31 +01:00
}
// clean out any blank values
foreach ( $blacklist_hosts as $key => $value ) {
if ( empty ( $value ) ) {
unset ( $blacklist_hosts [ $key ] );
} else {
$blacklist_hosts [ $key ] = \trim ( $blacklist_hosts [ $key ] );
}
}
return \apply_filters ( 'activitypub_blacklist' , $blacklist_hosts );
}
/**
* Check if an URL is blacklisted
*
* @ param string $url an URL to check
*
* @ return boolean
*/
function is_blacklisted ( $url ) {
foreach ( \ActivityPub\get_blacklist () as $blacklisted_host ) {
if ( \strpos ( $url , $blacklisted_host ) !== false ) {
return true ;
}
}
return false ;
}