diff --git a/includes/class-signature.php b/includes/class-signature.php index 66b16ba..a91ea0e 100644 --- a/includes/class-signature.php +++ b/includes/class-signature.php @@ -245,7 +245,7 @@ class Signature { * @return string The public key. */ public static function get_remote_key( $key_id ) { // phpcs:ignore - $actor = \Activitypub\get_remote_metadata_by_actor( strtok( strip_fragment_from_url( $key_id ), '?' ) ); // phpcs:ignore + $actor = get_remote_metadata_by_actor( strtok( strip_fragment_from_url( $key_id ), '?' ) ); // phpcs:ignore if ( \is_wp_error( $actor ) ) { return $actor; } diff --git a/includes/class-user-factory.php b/includes/class-user-factory.php index 8ba4521..db3be67 100644 --- a/includes/class-user-factory.php +++ b/includes/class-user-factory.php @@ -5,6 +5,7 @@ use WP_Error; use WP_User_Query; use Activitypub\Model\User; use Activitypub\Model\Blog_User; +use Activitypub\Model\Application_User; class User_Factory { /** @@ -63,7 +64,7 @@ class User_Factory { } // check for application user. - if ( get_option( 'activitypub_application_user_identifier', null ) === $username ) { + if ( 'application' === $username ) { return self::get_by_id( self::APPLICATION_USER_ID ); } diff --git a/includes/model/class-application-user.php b/includes/model/class-application-user.php index 1e562b1..fe5fcc8 100644 --- a/includes/model/class-application-user.php +++ b/includes/model/class-application-user.php @@ -2,8 +2,11 @@ namespace Activitypub\Model; use WP_Query; +use Activitypub\Signature; use Activitypub\User_Factory; +use function Activitypub\get_rest_url_by_path; + class Application_User extends Blog_User { /** * The User-ID @@ -24,7 +27,7 @@ class Application_User extends Blog_User { * * @param int $user_id The User-ID. */ - public function __construct( $user_id ) { + public function __construct( $user_id = null ) { // do nothing } @@ -34,11 +37,15 @@ class Application_User extends Blog_User { * @return string The User-Url. */ public function get_url() { - return ''; + return get_rest_url_by_path( 'application' ); } public function get_name() { - return \esc_html( \get_option( 'activitypub_application_identifier', 'application' ) ); + return 'application'; + } + + public function get_username() { + return $this::get_name(); } public function get_public_key() { diff --git a/includes/rest/class-server.php b/includes/rest/class-server.php index 351284d..3b78af2 100644 --- a/includes/rest/class-server.php +++ b/includes/rest/class-server.php @@ -4,11 +4,7 @@ namespace Activitypub\Rest; use stdClass; use WP_REST_Response; use Activitypub\Signature; -use Activitypub\Model\User; - -use function Activitypub\get_context; -use function Activitypub\get_rest_url_by_path; - +use Activitypub\Model\Application_User; /** * ActivityPub Server REST-Class @@ -18,7 +14,6 @@ use function Activitypub\get_rest_url_by_path; * @see https://www.w3.org/TR/activitypub/#security-verification */ class Server { - /** * Initialize the class, registering WordPress hooks */ @@ -50,21 +45,8 @@ class Server { * @return WP_REST_Response The JSON profile of the Application Actor. */ public static function application_actor() { - $json = new stdClass(); - - $json->{'@context'} = get_context(); - $json->id = get_rest_url_by_path( 'application' ); - $json->type = 'Application'; - $json->preferredUsername = str_replace( array( '.' ), '-', wp_parse_url( get_site_url(), PHP_URL_HOST ) ); // phpcs:ignore WordPress.NamingConventions - $json->name = get_bloginfo( 'name' ); - $json->summary = __( 'WordPress-ActivityPub application actor', 'activitypub' ); - $json->manuallyApprovesFollowers = true; // phpcs:ignore WordPress.NamingConventions - $json->icon = array( get_site_icon_url() ); // phpcs:ignore WordPress.NamingConventions short array syntax - $json->publicKey = array( // phpcs:ignore WordPress.NamingConventions - 'id' => get_rest_url_by_path( 'application#main-key' ), - 'owner' => get_rest_url_by_path( 'application' ), - 'publicKeyPem' => Signature::get_public_key( User::APPLICATION_USER_ID ), // phpcs:ignore WordPress.NamingConventions - ); + $user = new Application_User(); + $json = $user->to_array(); $response = new WP_REST_Response( $json, 200 ); diff --git a/tests/test-class-activitypub-rest-post-signature-verification.php b/tests/test-class-activitypub-rest-post-signature-verification.php index f0acd34..2b7fc29 100644 --- a/tests/test-class-activitypub-rest-post-signature-verification.php +++ b/tests/test-class-activitypub-rest-post-signature-verification.php @@ -42,7 +42,9 @@ class Test_Activitypub_Signature_Verification extends WP_UnitTestCase { $signed_headers = $signature_block['headers']; $signed_data = Activitypub\Signature::get_signed_data( $signed_headers, $signature_block, $headers ); - $public_key = Activitypub\Signature::get_public_key( 1 ); + $user = Activitypub\User_Factory::get_by_id( 1 ); + + $public_key = $user->get_public_key(); // signature_verification $verified = \openssl_verify( $signed_data, $signature_block['signature'], $public_key, 'rsa-sha256' ) > 0; @@ -53,6 +55,8 @@ class Test_Activitypub_Signature_Verification extends WP_UnitTestCase { add_filter( 'pre_get_remote_metadata_by_actor', function( $json, $actor ) { + $user = Activitypub\User_Factory::get_by_id( 1 ); + $public_key = $user->get_public_key(); // return ActivityPub Profile with signature return array( 'id' => $actor, @@ -60,7 +64,7 @@ class Test_Activitypub_Signature_Verification extends WP_UnitTestCase { 'publicKey' => array( 'id' => $actor . '#main-key', 'owner' => $actor, - 'publicKeyPem' => \Activitypub\Signature::get_public_key( 1 ), + 'publicKeyPem' => $public_key, ), ); },