Merge pull request #105 from mediaformat/digest-header
add digest header
This commit is contained in:
Matthias Pfefferle
GitHub
commit
9250749b8a
3 changed files with 20 additions and 5 deletions
|
|
@ -70,7 +70,7 @@ class Signature {
|
|||
\update_user_meta( $user_id, 'magic_sig_public_key', $detail['key'] );
|
||||
}
|
||||
|
||||
public static function generate_signature( $user_id, $url, $date ) {
|
||||
public static function generate_signature( $user_id, $url, $date, $digest = null ) {
|
||||
$key = self::get_private_key( $user_id );
|
||||
|
||||
$url_parts = \wp_parse_url( $url );
|
||||
|
|
@ -88,7 +88,11 @@ class Signature {
|
|||
$path .= '?' . $url_parts['query'];
|
||||
}
|
||||
|
||||
if ( ! empty( $digest ) ) {
|
||||
$signed_string = "(request-target): post $path\nhost: $host\ndate: $date\ndigest: SHA-256=$digest";
|
||||
} else {
|
||||
$signed_string = "(request-target): post $path\nhost: $host\ndate: $date";
|
||||
}
|
||||
|
||||
$signature = null;
|
||||
\openssl_sign( $signed_string, $signature, $key, \OPENSSL_ALGO_SHA256 );
|
||||
|
|
@ -96,10 +100,19 @@ class Signature {
|
|||
|
||||
$key_id = \get_author_posts_url( $user_id ) . '#main-key';
|
||||
|
||||
if ( ! empty( $digest ) ) {
|
||||
return \sprintf( 'keyId="%s",algorithm="rsa-sha256",headers="(request-target) host date digest",signature="%s"', $key_id, $signature );
|
||||
} else {
|
||||
return \sprintf( 'keyId="%s",algorithm="rsa-sha256",headers="(request-target) host date",signature="%s"', $key_id, $signature );
|
||||
}
|
||||
}
|
||||
|
||||
public static function verify_signature( $headers, $signature ) {
|
||||
|
||||
}
|
||||
|
||||
public static function generate_digest( $body ) {
|
||||
$digest = \base64_encode( \hash( 'sha256', $body, true ) ); // phpcs:ignore
|
||||
return "$digest";
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,7 +23,8 @@ function get_context() {
|
|||
|
||||
function safe_remote_post( $url, $body, $user_id ) {
|
||||
$date = \gmdate( 'D, d M Y H:i:s T' );
|
||||
$signature = \Activitypub\Signature::generate_signature( $user_id, $url, $date );
|
||||
$digest = \Activitypub\Signature::generate_digest( $body );
|
||||
$signature = \Activitypub\Signature::generate_signature( $user_id, $url, $date, $digest );
|
||||
|
||||
$wp_version = \get_bloginfo( 'version' );
|
||||
$user_agent = \apply_filters( 'http_headers_useragent', 'WordPress/' . $wp_version . '; ' . \get_bloginfo( 'url' ) );
|
||||
|
|
@ -35,6 +36,7 @@ function safe_remote_post( $url, $body, $user_id ) {
|
|||
'headers' => array(
|
||||
'Accept' => 'application/activity+json',
|
||||
'Content-Type' => 'application/activity+json',
|
||||
'Digest' => "SHA-256=$digest",
|
||||
'Signature' => $signature,
|
||||
'Date' => $date,
|
||||
),
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ class Inbox {
|
|||
\add_action( 'rest_api_init', array( '\Activitypub\Rest\Inbox', 'register_routes' ) );
|
||||
\add_filter( 'rest_pre_serve_request', array( '\Activitypub\Rest\Inbox', 'serve_request' ), 11, 4 );
|
||||
\add_action( 'activitypub_inbox_follow', array( '\Activitypub\Rest\Inbox', 'handle_follow' ), 10, 2 );
|
||||
\add_action( 'activitypub_inbox_unfollow', array( '\Activitypub\Rest\Inbox', 'handle_unfollow' ), 10, 2 );
|
||||
\add_action( 'activitypub_inbox_undo', array( '\Activitypub\Rest\Inbox', 'handle_unfollow' ), 10, 2 );
|
||||
//\add_action( 'activitypub_inbox_like', array( '\Activitypub\Rest\Inbox', 'handle_reaction' ), 10, 2 );
|
||||
//\add_action( 'activitypub_inbox_announce', array( '\Activitypub\Rest\Inbox', 'handle_reaction' ), 10, 2 );
|
||||
\add_action( 'activitypub_inbox_create', array( '\Activitypub\Rest\Inbox', 'handle_create' ), 10, 2 );
|
||||
|
|
|
|||
Loading…
Reference in a new issue