Merge branch 'signature_verification' of https://github.com/mediaformat/wordpress-activitypub into pr/299
This commit is contained in:
commit
173e3abfa7
2 changed files with 91 additions and 1 deletions
|
@ -242,6 +242,11 @@ class Signature {
|
||||||
* @return string $publicKeyPem
|
* @return string $publicKeyPem
|
||||||
*/
|
*/
|
||||||
public static function get_remote_key( $key_id ) { // phpcs:ignore
|
public static function get_remote_key( $key_id ) { // phpcs:ignore
|
||||||
|
$pre = apply_filters( 'pre_get_remote_key', false, $key_id );
|
||||||
|
if ( $pre ) {
|
||||||
|
return $pre;
|
||||||
|
}
|
||||||
|
|
||||||
$actor = \Activitypub\get_remote_metadata_by_actor( strtok( strip_fragment_from_url( $key_id ), '?' ) ); // phpcs:ignore
|
$actor = \Activitypub\get_remote_metadata_by_actor( strtok( strip_fragment_from_url( $key_id ), '?' ) ); // phpcs:ignore
|
||||||
if ( \is_wp_error( $actor ) ) {
|
if ( \is_wp_error( $actor ) ) {
|
||||||
return $actor;
|
return $actor;
|
||||||
|
|
|
@ -1,6 +1,35 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
class Test_Activitypub_Rest_Post_Signature_Verification extends WP_UnitTestCase {
|
class Test_Activitypub_Signature_Verification extends WP_UnitTestCase {
|
||||||
|
public $server;
|
||||||
|
public function setUp() : void {
|
||||||
|
parent::setUp();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Global $wp_rest_server variable
|
||||||
|
*
|
||||||
|
* @var WP_REST_Server $wp_rest_server Mock REST server.
|
||||||
|
*/
|
||||||
|
global $wp_rest_server;
|
||||||
|
add_filter( 'pre_get_remote_key', array( get_called_class(), 'pre_get_remote_key' ), 10, 2 );
|
||||||
|
$wp_rest_server = new \WP_REST_Server();
|
||||||
|
$this->server = $wp_rest_server;
|
||||||
|
|
||||||
|
do_action( 'rest_api_init' );
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Tear down after test ends
|
||||||
|
*/
|
||||||
|
public function tearDown() : void {
|
||||||
|
remove_filter( 'pre_get_remote_key', array( get_called_class(), 'pre_get_remote_key' ) );
|
||||||
|
parent::tearDown();
|
||||||
|
|
||||||
|
global $wp_rest_server;
|
||||||
|
$wp_rest_server = null;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
public function test_activity_signature() {
|
public function test_activity_signature() {
|
||||||
|
|
||||||
|
@ -55,5 +84,61 @@ class Test_Activitypub_Rest_Post_Signature_Verification extends WP_UnitTestCase
|
||||||
remove_filter( 'pre_http_request', array( $pre_http_request, 'filter' ), 10 );
|
remove_filter( 'pre_http_request', array( $pre_http_request, 'filter' ), 10 );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function test_rest_activity_signature() {
|
||||||
|
|
||||||
|
$pre_http_request = new MockAction();
|
||||||
|
// $pre_get_remote_key = new MockAction();
|
||||||
|
add_filter( 'pre_http_request', array( $pre_http_request, 'filter' ), 10, 3 );
|
||||||
|
add_filter( 'pre_get_remote_key', array( get_called_class(), 'pre_get_remote_key' ), 10, 2 );
|
||||||
|
|
||||||
|
// Activity Object
|
||||||
|
$post = \wp_insert_post(
|
||||||
|
array(
|
||||||
|
'post_author' => 1,
|
||||||
|
'post_content' => 'hello world',
|
||||||
|
)
|
||||||
|
);
|
||||||
|
$remote_actor = \get_author_posts_url( 2 );
|
||||||
|
$remote_actor_inbox = \get_rest_url( null, 'activitypub/1.0/inbox' );
|
||||||
|
$activitypub_post = new \Activitypub\Model\Post( $post );
|
||||||
|
$activitypub_activity = new Activitypub\Model\Activity( 'Create' );
|
||||||
|
$activitypub_activity->from_post( $activitypub_post );
|
||||||
|
$activitypub_activity->add_cc( $remote_actor_inbox );
|
||||||
|
$activity = $activitypub_activity->to_json();
|
||||||
|
|
||||||
|
// generate_digest & generate_signature
|
||||||
|
$digest = Activitypub\Signature::generate_digest( $activity );
|
||||||
|
$date = gmdate( 'D, d M Y H:i:s T' );
|
||||||
|
$signature = Activitypub\Signature::generate_signature( 1, 'POST', $remote_actor, $date, $digest );
|
||||||
|
|
||||||
|
// Signed headers
|
||||||
|
$url_parts = wp_parse_url( $remote_actor );
|
||||||
|
$route = add_query_arg( $url_parts['query'], $url_parts['path'] );
|
||||||
|
$host = $url_parts['host'];
|
||||||
|
|
||||||
|
$request = new WP_REST_Request( 'POST', ACTIVITYPUB_REST_NAMESPACE . '/inbox' );
|
||||||
|
$request->set_header( 'content-type', 'application/activity+json' );
|
||||||
|
$request->set_header( 'digest', "SHA-256=$digest" );
|
||||||
|
$request->set_header( 'signature', $signature );
|
||||||
|
$request->set_header( 'date', $date );
|
||||||
|
$request->set_header( 'host', $host );
|
||||||
|
$request->set_body( $activity );
|
||||||
|
|
||||||
|
// Start verification
|
||||||
|
$verified = \Activitypub\Signature::verify_http_signature( $request );
|
||||||
|
// $this->assertTRUE( $verified );
|
||||||
|
|
||||||
|
remove_filter( 'pre_get_remote_key', array( get_called_class(), 'pre_get_remote_key' ) );
|
||||||
|
remove_filter( 'pre_http_request', array( $pre_http_request, 'filter' ), 10 );
|
||||||
|
}
|
||||||
|
|
||||||
|
public static function pre_get_remote_key( $pre, $key_id ) {
|
||||||
|
$query = wp_parse_url( $key_id, PHP_URL_QUERY );
|
||||||
|
parse_str( $query, $output );
|
||||||
|
if ( is_int( $output['author'] ) ) {
|
||||||
|
return ActivityPub\Signature::get_public_key( int( $output['author'] ) );
|
||||||
|
}
|
||||||
|
return $pre;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue