diff --git a/includes/class-signature.php b/includes/class-signature.php index 64467b7..2c5be60 100644 --- a/includes/class-signature.php +++ b/includes/class-signature.php @@ -242,6 +242,11 @@ class Signature { * @return string $publicKeyPem */ public static function get_remote_key( $key_id ) { // phpcs:ignore + $pre = apply_filters( 'pre_get_remote_key', false, $key_id ); + if ( $pre ) { + return $pre; + } + $actor = \Activitypub\get_remote_metadata_by_actor( strtok( strip_fragment_from_url( $key_id ), '?' ) ); // phpcs:ignore if ( \is_wp_error( $actor ) ) { return $actor; diff --git a/tests/test-class-activitypub-rest-post-signature-verification.php b/tests/test-class-activitypub-rest-post-signature-verification.php index e9335fa..e87b1fd 100644 --- a/tests/test-class-activitypub-rest-post-signature-verification.php +++ b/tests/test-class-activitypub-rest-post-signature-verification.php @@ -1,6 +1,35 @@ server = $wp_rest_server; + + do_action( 'rest_api_init' ); + + } + + /** + * Tear down after test ends + */ + public function tearDown() : void { + remove_filter( 'pre_get_remote_key', array( get_called_class(), 'pre_get_remote_key' ) ); + parent::tearDown(); + + global $wp_rest_server; + $wp_rest_server = null; + + } public function test_activity_signature() { @@ -55,5 +84,61 @@ class Test_Activitypub_Rest_Post_Signature_Verification extends WP_UnitTestCase remove_filter( 'pre_http_request', array( $pre_http_request, 'filter' ), 10 ); } + public function test_rest_activity_signature() { + + $pre_http_request = new MockAction(); + // $pre_get_remote_key = new MockAction(); + add_filter( 'pre_http_request', array( $pre_http_request, 'filter' ), 10, 3 ); + add_filter( 'pre_get_remote_key', array( get_called_class(), 'pre_get_remote_key' ), 10, 2 ); + + // Activity Object + $post = \wp_insert_post( + array( + 'post_author' => 1, + 'post_content' => 'hello world', + ) + ); + $remote_actor = \get_author_posts_url( 2 ); + $remote_actor_inbox = \get_rest_url( null, 'activitypub/1.0/inbox' ); + $activitypub_post = new \Activitypub\Model\Post( $post ); + $activitypub_activity = new Activitypub\Model\Activity( 'Create' ); + $activitypub_activity->from_post( $activitypub_post ); + $activitypub_activity->add_cc( $remote_actor_inbox ); + $activity = $activitypub_activity->to_json(); + + // generate_digest & generate_signature + $digest = Activitypub\Signature::generate_digest( $activity ); + $date = gmdate( 'D, d M Y H:i:s T' ); + $signature = Activitypub\Signature::generate_signature( 1, 'POST', $remote_actor, $date, $digest ); + + // Signed headers + $url_parts = wp_parse_url( $remote_actor ); + $route = add_query_arg( $url_parts['query'], $url_parts['path'] ); + $host = $url_parts['host']; + + $request = new WP_REST_Request( 'POST', ACTIVITYPUB_REST_NAMESPACE . '/inbox' ); + $request->set_header( 'content-type', 'application/activity+json' ); + $request->set_header( 'digest', "SHA-256=$digest" ); + $request->set_header( 'signature', $signature ); + $request->set_header( 'date', $date ); + $request->set_header( 'host', $host ); + $request->set_body( $activity ); + + // Start verification + $verified = \Activitypub\Signature::verify_http_signature( $request ); + // $this->assertTRUE( $verified ); + + remove_filter( 'pre_get_remote_key', array( get_called_class(), 'pre_get_remote_key' ) ); + remove_filter( 'pre_http_request', array( $pre_http_request, 'filter' ), 10 ); + } + + public static function pre_get_remote_key( $pre, $key_id ) { + $query = wp_parse_url( $key_id, PHP_URL_QUERY ); + parse_str( $query, $output ); + if ( is_int( $output['author'] ) ) { + return ActivityPub\Signature::get_public_key( int( $output['author'] ) ); + } + return $pre; + } }