2018-09-27 22:28:49 +02:00
|
|
|
<?php
|
2019-02-24 12:07:41 +01:00
|
|
|
namespace Activitypub\Rest;
|
|
|
|
|
2018-09-27 22:28:49 +02:00
|
|
|
/**
|
2019-02-24 13:01:28 +01:00
|
|
|
* ActivityPub Inbox REST-Class
|
2018-09-27 22:28:49 +02:00
|
|
|
*
|
|
|
|
* @author Matthias Pfefferle
|
2019-02-24 13:01:28 +01:00
|
|
|
*
|
|
|
|
* @see https://www.w3.org/TR/activitypub/#inbox
|
2018-09-27 22:28:49 +02:00
|
|
|
*/
|
2019-02-24 12:07:41 +01:00
|
|
|
class Inbox {
|
2019-02-24 13:01:28 +01:00
|
|
|
/**
|
|
|
|
* Initialize the class, registering WordPress hooks
|
|
|
|
*/
|
2019-02-24 12:07:41 +01:00
|
|
|
public static function init() {
|
2019-09-27 10:12:59 +02:00
|
|
|
\add_action( 'rest_api_init', array( '\Activitypub\Rest\Inbox', 'register_routes' ) );
|
|
|
|
//\add_filter( 'rest_pre_serve_request', array( '\Activitypub\Rest\Inbox', 'serve_request' ), 11, 4 );
|
|
|
|
\add_action( 'activitypub_inbox_follow', array( '\Activitypub\Rest\Inbox', 'handle_follow' ), 10, 2 );
|
|
|
|
\add_action( 'activitypub_inbox_unfollow', array( '\Activitypub\Rest\Inbox', 'handle_unfollow' ), 10, 2 );
|
|
|
|
//\add_action( 'activitypub_inbox_like', array( '\Activitypub\Rest\Inbox', 'handle_reaction' ), 10, 2 );
|
|
|
|
//\add_action( 'activitypub_inbox_announce', array( '\Activitypub\Rest\Inbox', 'handle_reaction' ), 10, 2 );
|
|
|
|
\add_action( 'activitypub_inbox_create', array( '\Activitypub\Rest\Inbox', 'handle_create' ), 10, 2 );
|
2019-02-24 12:07:41 +01:00
|
|
|
}
|
2019-02-28 19:31:55 +01:00
|
|
|
|
2018-09-27 22:28:49 +02:00
|
|
|
/**
|
|
|
|
* Register routes
|
|
|
|
*/
|
|
|
|
public static function register_routes() {
|
2019-09-27 10:12:59 +02:00
|
|
|
\register_rest_route(
|
2018-09-27 22:28:49 +02:00
|
|
|
'activitypub/1.0', '/inbox', array(
|
|
|
|
array(
|
2019-02-24 12:07:41 +01:00
|
|
|
'methods' => \WP_REST_Server::EDITABLE,
|
2019-11-18 20:57:00 +01:00
|
|
|
'callback' => array( '\Activitypub\Rest\Inbox', 'shared_inbox' ),
|
2018-09-27 22:28:49 +02:00
|
|
|
),
|
|
|
|
)
|
|
|
|
);
|
|
|
|
|
2019-09-27 10:12:59 +02:00
|
|
|
\register_rest_route(
|
2018-09-27 22:28:49 +02:00
|
|
|
'activitypub/1.0', '/users/(?P<id>\d+)/inbox', array(
|
|
|
|
array(
|
2019-02-24 12:07:41 +01:00
|
|
|
'methods' => \WP_REST_Server::EDITABLE,
|
|
|
|
'callback' => array( '\Activitypub\Rest\Inbox', 'user_inbox' ),
|
2018-09-27 22:28:49 +02:00
|
|
|
'args' => self::request_parameters(),
|
|
|
|
),
|
|
|
|
)
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
2018-12-20 11:33:08 +01:00
|
|
|
/**
|
|
|
|
* Hooks into the REST API request to verify the signature.
|
|
|
|
*
|
|
|
|
* @param bool $served Whether the request has already been served.
|
|
|
|
* @param WP_HTTP_ResponseInterface $result Result to send to the client. Usually a WP_REST_Response.
|
|
|
|
* @param WP_REST_Request $request Request used to generate the response.
|
|
|
|
* @param WP_REST_Server $server Server instance.
|
|
|
|
*
|
|
|
|
* @return true
|
|
|
|
*/
|
|
|
|
public static function serve_request( $served, $result, $request, $server ) {
|
2019-09-27 10:12:59 +02:00
|
|
|
if ( '/activitypub' !== \substr( $request->get_route(), 0, 12 ) ) {
|
2018-12-20 11:33:08 +01:00
|
|
|
return $served;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( 'POST' !== $request->get_method() ) {
|
|
|
|
return $served;
|
|
|
|
}
|
|
|
|
|
|
|
|
$signature = $request->get_header( 'signature' );
|
|
|
|
|
|
|
|
if ( ! $signature ) {
|
|
|
|
return $served;
|
|
|
|
}
|
|
|
|
|
|
|
|
$headers = $request->get_headers();
|
|
|
|
|
2019-02-24 12:07:41 +01:00
|
|
|
//\Activitypub\Signature::verify_signature( $headers, $key );
|
2018-12-20 11:33:08 +01:00
|
|
|
|
|
|
|
return $served;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Renders the user-inbox
|
|
|
|
*
|
|
|
|
* @param WP_REST_Request $request
|
2019-02-28 19:31:55 +01:00
|
|
|
*
|
2018-12-20 11:33:08 +01:00
|
|
|
* @return WP_REST_Response
|
|
|
|
*/
|
2018-09-30 22:51:22 +02:00
|
|
|
public static function user_inbox( $request ) {
|
2018-09-27 22:28:49 +02:00
|
|
|
$author_id = $request->get_param( 'id' );
|
|
|
|
|
2019-09-27 10:12:59 +02:00
|
|
|
$data = \json_decode( $request->get_body(), true );
|
2018-09-27 22:28:49 +02:00
|
|
|
|
2018-10-02 22:16:47 +02:00
|
|
|
$type = 'create';
|
|
|
|
if ( ! empty( $data['type'] ) ) {
|
2019-09-27 10:12:59 +02:00
|
|
|
$type = \strtolower( $data['type'] );
|
2018-10-02 22:16:47 +02:00
|
|
|
}
|
|
|
|
|
2019-09-27 10:12:59 +02:00
|
|
|
if ( ! \is_array( $data ) || ! \array_key_exists( 'type', $data ) ) {
|
|
|
|
return new \WP_Error( 'rest_invalid_data', \__( 'Invalid payload', 'activitypub' ), array( 'status' => 422 ) );
|
2018-09-27 22:28:49 +02:00
|
|
|
}
|
|
|
|
|
2019-09-27 10:12:59 +02:00
|
|
|
\do_action( 'activitypub_inbox', $data, $author_id, $type );
|
|
|
|
\do_action( "activitypub_inbox_{$type}", $data, $author_id );
|
2018-12-20 11:33:08 +01:00
|
|
|
|
2019-02-24 12:07:41 +01:00
|
|
|
return new \WP_REST_Response( array(), 202 );
|
2018-09-27 22:28:49 +02:00
|
|
|
}
|
|
|
|
|
2018-09-30 22:51:22 +02:00
|
|
|
/**
|
|
|
|
* The shared inbox
|
|
|
|
*
|
|
|
|
* @param [type] $request [description]
|
|
|
|
*
|
|
|
|
* @return WP_Error not yet implemented
|
|
|
|
*/
|
2019-11-18 20:57:00 +01:00
|
|
|
public static function shared_inbox( $request ) {
|
|
|
|
$data = \json_decode( $request->get_body(), true );
|
|
|
|
|
|
|
|
if ( empty( $data['to'] ) ) {
|
|
|
|
return new \WP_Error( 'rest_invalid_data', \__( 'No receiving actor set', 'activitypub' ), array( 'status' => 422 ) );
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( \filter_var( $data['to'], \FILTER_VALIDATE_URL ) ) {
|
|
|
|
$author_id = \Activitypub\url_to_authorid( $data['to'] );
|
|
|
|
|
|
|
|
if ( ! $author_id ) {
|
|
|
|
return new \WP_Error( 'rest_invalid_data', \__( 'No matching user', 'activitypub' ), array( 'status' => 422 ) );
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
// get the identifier at the left of the '@'
|
|
|
|
$parts = \explode( '@', $data['to'] );
|
|
|
|
|
|
|
|
if ( 3 === \count( $parts ) ) {
|
|
|
|
$username = $parts[1];
|
|
|
|
$host = $parts[2];
|
|
|
|
} elseif ( 2 === \count( $parts ) ) {
|
|
|
|
$username = $parts[0];
|
|
|
|
$host = $parts[1];
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( ! $username || ! $host ) {
|
|
|
|
return new \WP_Error( 'rest_invalid_data', \__( 'Invalid actor identifier', 'activitypub' ), array( 'status' => 422 ) );
|
|
|
|
}
|
|
|
|
|
|
|
|
// check domain
|
|
|
|
if ( ! \wp_parse_url( \home_url(), \PHP_URL_HOST ) !== $host ) {
|
|
|
|
return new \WP_Error( 'rest_invalid_data', \__( 'Invalid host', 'activitypub' ), array( 'status' => 422 ) );
|
|
|
|
}
|
|
|
|
|
|
|
|
$author = \get_user_by( 'login', $username );
|
|
|
|
|
|
|
|
if ( ! $author ) {
|
|
|
|
return new \WP_Error( 'rest_invalid_data', \__( 'No matching user', 'activitypub' ), array( 'status' => 422 ) );
|
|
|
|
}
|
|
|
|
|
|
|
|
$author_id = $author->ID;
|
|
|
|
}
|
|
|
|
|
|
|
|
$type = 'create';
|
|
|
|
if ( ! empty( $data['type'] ) ) {
|
|
|
|
$type = \strtolower( $data['type'] );
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( ! \is_array( $data ) || ! \array_key_exists( 'type', $data ) ) {
|
|
|
|
return new \WP_Error( 'rest_invalid_data', \__( 'Invalid payload', 'activitypub' ), array( 'status' => 422 ) );
|
|
|
|
}
|
|
|
|
|
|
|
|
\do_action( 'activitypub_inbox', $data, $author_id, $type );
|
|
|
|
\do_action( "activitypub_inbox_{$type}", $data, $author_id );
|
|
|
|
|
|
|
|
return new \WP_REST_Response( array(), 202 );
|
2018-09-27 22:28:49 +02:00
|
|
|
}
|
|
|
|
|
2018-09-30 22:51:22 +02:00
|
|
|
/**
|
|
|
|
* The supported parameters
|
|
|
|
*
|
|
|
|
* @return array list of parameters
|
|
|
|
*/
|
2018-09-27 22:28:49 +02:00
|
|
|
public static function request_parameters() {
|
|
|
|
$params = array();
|
|
|
|
|
|
|
|
$params['page'] = array(
|
|
|
|
'type' => 'integer',
|
|
|
|
);
|
|
|
|
|
|
|
|
$params['id'] = array(
|
|
|
|
'required' => true,
|
|
|
|
'type' => 'integer',
|
|
|
|
);
|
|
|
|
|
|
|
|
return $params;
|
|
|
|
}
|
2018-12-20 11:33:08 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Handles "Follow" requests
|
|
|
|
*
|
|
|
|
* @param array $object The activity-object
|
|
|
|
* @param int $user_id The id of the local blog-user
|
|
|
|
*/
|
|
|
|
public static function handle_follow( $object, $user_id ) {
|
2019-09-27 10:12:59 +02:00
|
|
|
if ( ! \array_key_exists( 'actor', $object ) ) {
|
|
|
|
return new \WP_Error( 'activitypub_no_actor', __( 'No "Actor" found', 'activitypub' ) );
|
2018-12-20 11:33:08 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// save follower
|
2019-11-18 20:57:00 +01:00
|
|
|
\Activitypub\Peer\Followers::add_follower( $object['actor'], $user_id );
|
2018-12-20 11:33:08 +01:00
|
|
|
|
|
|
|
// get inbox
|
2019-02-24 12:07:41 +01:00
|
|
|
$inbox = \Activitypub\get_inbox_by_actor( $object['actor'] );
|
2018-12-20 11:33:08 +01:00
|
|
|
|
|
|
|
// send "Accept" activity
|
2019-11-18 20:57:00 +01:00
|
|
|
$activity = new \Activitypub\Model\Activity( 'Accept', \Activitypub\Model\Activity::TYPE_SIMPLE );
|
2018-12-20 11:33:08 +01:00
|
|
|
$activity->set_object( $object );
|
2019-09-27 10:12:59 +02:00
|
|
|
$activity->set_actor( \get_author_posts_url( $user_id ) );
|
2018-12-20 11:33:08 +01:00
|
|
|
$activity->set_to( $object['actor'] );
|
2019-09-27 10:12:59 +02:00
|
|
|
$activity->set_id( \get_author_posts_url( $user_id ) . '#follow' . \preg_replace( '~^https?://~', '', $object['actor'] ) );
|
2018-12-20 11:33:08 +01:00
|
|
|
|
|
|
|
$activity = $activity->to_simple_json();
|
|
|
|
|
2019-02-24 12:07:41 +01:00
|
|
|
$response = \Activitypub\safe_remote_post( $inbox, $activity, $user_id );
|
2018-12-20 11:33:08 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Handles "Unfollow" requests
|
|
|
|
*
|
|
|
|
* @param array $object The activity-object
|
|
|
|
* @param int $user_id The id of the local blog-user
|
|
|
|
*/
|
|
|
|
public static function handle_unfollow( $object, $user_id ) {
|
2019-09-27 10:12:59 +02:00
|
|
|
if ( ! \array_key_exists( 'actor', $object ) ) {
|
|
|
|
return new \WP_Error( 'activitypub_no_actor', \__( 'No "Actor" found', 'activitypub' ) );
|
2018-12-20 11:33:08 +01:00
|
|
|
}
|
|
|
|
|
2019-11-18 20:57:00 +01:00
|
|
|
\Activitypub\Peer\Followers::remove_follower( $object['actor'], $user_id );
|
2018-12-20 11:33:08 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2019-09-08 04:32:58 +02:00
|
|
|
* Handles "Reaction" requests
|
2018-12-20 11:33:08 +01:00
|
|
|
*
|
|
|
|
* @param array $object The activity-object
|
|
|
|
* @param int $user_id The id of the local blog-user
|
|
|
|
*/
|
|
|
|
public static function handle_reaction( $object, $user_id ) {
|
2019-09-27 10:12:59 +02:00
|
|
|
if ( ! \array_key_exists( 'actor', $object ) ) {
|
|
|
|
return new \WP_Error( 'activitypub_no_actor', \__( 'No "Actor" found', 'activitypub' ) );
|
2018-12-20 11:33:08 +01:00
|
|
|
}
|
|
|
|
|
2019-02-24 12:07:41 +01:00
|
|
|
$meta = \Activitypub\get_remote_metadata_by_actor( $object['actor'] );
|
2018-12-20 11:33:08 +01:00
|
|
|
|
|
|
|
$commentdata = array(
|
2019-09-27 10:12:59 +02:00
|
|
|
'comment_post_ID' => \url_to_postid( $object['object'] ),
|
|
|
|
'comment_author' => \esc_attr( $meta['name'] ),
|
2018-12-20 11:33:08 +01:00
|
|
|
'comment_author_email' => '',
|
2019-09-27 10:12:59 +02:00
|
|
|
'comment_author_url' => \esc_url_raw( $object['actor'] ),
|
|
|
|
'comment_content' => \esc_url_raw( $object['actor'] ),
|
|
|
|
'comment_type' => \esc_attr( strtolower( $object['type'] ) ),
|
2018-12-20 11:33:08 +01:00
|
|
|
'comment_parent' => 0,
|
|
|
|
'comment_meta' => array(
|
2019-09-27 10:12:59 +02:00
|
|
|
'source_url' => \esc_url_raw( $object['id'] ),
|
|
|
|
'avatar_url' => \esc_url_raw( $meta['icon']['url'] ),
|
2018-12-20 11:33:08 +01:00
|
|
|
'protocol' => 'activitypub',
|
|
|
|
),
|
|
|
|
);
|
|
|
|
|
|
|
|
// disable flood control
|
2019-09-27 10:12:59 +02:00
|
|
|
\remove_action( 'check_comment_flood', 'check_comment_flood_db', 10 );
|
2018-12-20 11:33:08 +01:00
|
|
|
|
2019-09-27 10:12:59 +02:00
|
|
|
$state = \wp_new_comment( $commentdata, true );
|
2018-12-20 11:33:08 +01:00
|
|
|
|
|
|
|
// re-add flood control
|
2019-09-27 10:12:59 +02:00
|
|
|
\add_action( 'check_comment_flood', 'check_comment_flood_db', 10, 4 );
|
2018-12-20 11:33:08 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2019-09-08 04:32:58 +02:00
|
|
|
* Handles "Create" requests
|
2018-12-20 11:33:08 +01:00
|
|
|
*
|
|
|
|
* @param array $object The activity-object
|
|
|
|
* @param int $user_id The id of the local blog-user
|
|
|
|
*/
|
|
|
|
public static function handle_create( $object, $user_id ) {
|
2019-09-27 10:12:59 +02:00
|
|
|
if ( ! \array_key_exists( 'actor', $object ) ) {
|
|
|
|
return new \WP_Error( 'activitypub_no_actor', __( 'No "Actor" found', 'activitypub' ) );
|
2018-12-20 11:33:08 +01:00
|
|
|
}
|
|
|
|
|
2019-02-24 12:07:41 +01:00
|
|
|
$meta = \Activitypub\get_remote_metadata_by_actor( $object['actor'] );
|
2018-12-20 11:33:08 +01:00
|
|
|
|
|
|
|
$commentdata = array(
|
2019-09-27 10:12:59 +02:00
|
|
|
'comment_post_ID' => \url_to_postid( $object['object']['inReplyTo'] ),
|
|
|
|
'comment_author' => \esc_attr( $meta['name'] ),
|
|
|
|
'comment_author_url' => \esc_url_raw( $object['actor'] ),
|
|
|
|
'comment_content' => \wp_filter_kses( $object['object']['content'] ),
|
2018-12-20 11:33:08 +01:00
|
|
|
'comment_type' => '',
|
|
|
|
'comment_author_email' => '',
|
|
|
|
'comment_parent' => 0,
|
|
|
|
'comment_meta' => array(
|
2019-09-27 10:12:59 +02:00
|
|
|
'source_url' => \esc_url_raw( $object['object']['url'] ),
|
|
|
|
'avatar_url' => \esc_url_raw( $meta['icon']['url'] ),
|
2018-12-20 11:33:08 +01:00
|
|
|
'protocol' => 'activitypub',
|
|
|
|
),
|
|
|
|
);
|
|
|
|
|
|
|
|
// disable flood control
|
2019-09-27 10:12:59 +02:00
|
|
|
\remove_action( 'check_comment_flood', 'check_comment_flood_db', 10 );
|
2018-12-20 11:33:08 +01:00
|
|
|
|
2019-09-27 10:12:59 +02:00
|
|
|
$state = \wp_new_comment( $commentdata, true );
|
2018-12-20 11:33:08 +01:00
|
|
|
|
|
|
|
// re-add flood control
|
2019-09-27 10:12:59 +02:00
|
|
|
\add_action( 'check_comment_flood', 'check_comment_flood_db', 10, 4 );
|
2018-12-20 11:33:08 +01:00
|
|
|
}
|
2018-09-27 22:28:49 +02:00
|
|
|
}
|