2023-05-31 14:35:58 +02:00
< ? php
2023-06-01 07:23:40 +02:00
class Test_Activitypub_Signature_Verification extends WP_UnitTestCase {
2023-05-31 14:35:58 +02:00
public function test_activity_signature () {
// Activity for generate_digest
$post = \wp_insert_post (
array (
'post_author' => 1 ,
'post_content' => 'hello world' ,
)
);
$remote_actor = \get_author_posts_url ( 2 );
2023-11-19 20:37:49 +01:00
$activitypub_post = \Activitypub\Transformer_Manager :: get_transformer ( get_post ( $post ) ) -> transform ( get_post ( $post ) ) -> to_object ();
2023-07-03 17:59:42 +02:00
$activitypub_activity = new Activitypub\Activity\Activity ( 'Create' );
$activitypub_activity -> set_type ( 'Create' );
$activitypub_activity -> set_object ( $activitypub_post );
2023-05-31 14:35:58 +02:00
$activitypub_activity -> add_cc ( $remote_actor );
$activity = $activitypub_activity -> to_json ();
// generate_digest & generate_signature
$digest = Activitypub\Signature :: generate_digest ( $activity );
$date = gmdate ( 'D, d M Y H:i:s T' );
$signature = Activitypub\Signature :: generate_signature ( 1 , 'POST' , $remote_actor , $date , $digest );
2023-06-01 08:05:19 +02:00
$this -> assertRegExp ( '/keyId="http:\/\/example\.org\/\?author=1#main-key",algorithm="rsa-sha256",headers="\(request-target\) host date digest",signature="[^"]*"/' , $signature );
2023-05-31 14:35:58 +02:00
// Signed headers
$url_parts = wp_parse_url ( $remote_actor );
$route = $url_parts [ 'path' ] . '?' . $url_parts [ 'query' ];
$host = $url_parts [ 'host' ];
$headers = array (
2023-06-01 09:49:40 +02:00
'digest' => array ( $digest ),
'signature' => array ( $signature ),
'date' => array ( $date ),
'host' => array ( $host ),
'(request-target)' => array ( 'post ' . $route ),
2023-05-31 14:35:58 +02:00
);
// Start verification
// parse_signature_header, get_signed_data, get_public_key
2023-09-01 18:32:56 +02:00
$signature_block = Activitypub\Signature :: parse_signature_header ( $headers [ 'signature' ][ 0 ] );
2023-05-31 14:35:58 +02:00
$signed_headers = $signature_block [ 'headers' ];
$signed_data = Activitypub\Signature :: get_signed_data ( $signed_headers , $signature_block , $headers );
2023-06-01 09:49:40 +02:00
2023-07-03 11:20:44 +02:00
$user = Activitypub\Collection\Users :: get_by_id ( 1 );
2023-06-01 11:45:07 +02:00
2023-09-07 22:04:39 +02:00
$public_key = Activitypub\Signature :: get_public_key_for ( $user -> get__id () );
2023-05-31 14:35:58 +02:00
// signature_verification
$verified = \openssl_verify ( $signed_data , $signature_block [ 'signature' ], $public_key , 'rsa-sha256' ) > 0 ;
2023-06-01 08:05:19 +02:00
$this -> assertTrue ( $verified );
2023-05-31 14:35:58 +02:00
}
2023-06-01 07:23:40 +02:00
public function test_rest_activity_signature () {
2023-06-01 09:49:40 +02:00
add_filter (
'pre_get_remote_metadata_by_actor' ,
function ( $json , $actor ) {
2023-07-03 11:20:44 +02:00
$user = Activitypub\Collection\Users :: get_by_id ( 1 );
2023-09-07 22:04:39 +02:00
$public_key = Activitypub\Signature :: get_public_key_for ( $user -> get__id () );
2023-06-01 09:49:40 +02:00
// return ActivityPub Profile with signature
return array (
'id' => $actor ,
'type' => 'Person' ,
'publicKey' => array (
'id' => $actor . '#main-key' ,
'owner' => $actor ,
2023-06-01 11:45:07 +02:00
'publicKeyPem' => $public_key ,
2023-06-01 09:49:40 +02:00
),
);
},
10 ,
2
);
2023-06-01 07:23:40 +02:00
// Activity Object
$post = \wp_insert_post (
array (
'post_author' => 1 ,
'post_content' => 'hello world' ,
)
);
$remote_actor = \get_author_posts_url ( 2 );
2023-06-01 09:49:40 +02:00
$remote_actor_inbox = Activitypub\get_rest_url_by_path ( '/inbox' );
2023-11-19 20:37:49 +01:00
$activitypub_post = \Activitypub\Transformer_Manager :: get_transformer ( get_post ( $post ) ) -> transform ( get_post ( $post ) ) -> to_object ();
2023-07-03 17:59:42 +02:00
$activitypub_activity = new Activitypub\Activity\Activity ();
$activitypub_activity -> set_type ( 'Create' );
$activitypub_activity -> set_object ( $activitypub_post );
2023-06-01 07:23:40 +02:00
$activitypub_activity -> add_cc ( $remote_actor_inbox );
$activity = $activitypub_activity -> to_json ();
// generate_digest & generate_signature
$digest = Activitypub\Signature :: generate_digest ( $activity );
$date = gmdate ( 'D, d M Y H:i:s T' );
2023-06-01 09:49:40 +02:00
$signature = Activitypub\Signature :: generate_signature ( 1 , 'POST' , $remote_actor_inbox , $date , $digest );
2023-06-01 07:23:40 +02:00
// Signed headers
2023-06-01 09:49:40 +02:00
$url_parts = wp_parse_url ( $remote_actor_inbox );
$route = $url_parts [ 'path' ] . '?' . $url_parts [ 'query' ];
2023-06-01 07:23:40 +02:00
$host = $url_parts [ 'host' ];
2023-06-01 09:49:40 +02:00
$request = new WP_REST_Request ( 'POST' , $route );
2023-06-01 07:23:40 +02:00
$request -> set_header ( 'content-type' , 'application/activity+json' );
2023-06-01 09:49:40 +02:00
$request -> set_header ( 'digest' , $digest );
2023-06-01 07:23:40 +02:00
$request -> set_header ( 'signature' , $signature );
$request -> set_header ( 'date' , $date );
$request -> set_header ( 'host' , $host );
$request -> set_body ( $activity );
// Start verification
$verified = \Activitypub\Signature :: verify_http_signature ( $request );
2023-06-01 09:49:40 +02:00
$this -> assertTrue ( $verified );
2023-06-01 07:23:40 +02:00
2023-06-01 09:49:40 +02:00
remove_filter ( 'pre_get_remote_metadata_by_actor' , array ( get_called_class (), 'pre_get_remote_key' ), 10 , 2 );
2023-06-01 07:23:40 +02:00
}
2023-05-31 14:35:58 +02:00
}