From fbcf2dbabce9ae236d068af667b3b409933648c3 Mon Sep 17 00:00:00 2001 From: Ben Lubar Date: Sat, 18 Jan 2020 12:56:30 -0600 Subject: [PATCH] support authorized fetch to avoid having comments from "Anonymous" --- includes/functions.php | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/includes/functions.php b/includes/functions.php index a2587ee..30e91a0 100644 --- a/includes/functions.php +++ b/includes/functions.php @@ -84,6 +84,16 @@ function get_remote_metadata_by_actor( $actor ) { return new \WP_Error( 'activitypub_no_valid_actor_url', \__( 'The "actor" is no valid URL', 'activitypub' ), $actor ); } + // we just need any user to generate a request signature + $user_id = \reset( \get_users( array ( + 'number' => 1, + 'who' => 'authors', + 'fields' => 'ID' + ) ) ); + + $date = \gmdate( 'D, d M Y H:i:s T' ); + $signature = \Activitypub\Signature::generate_signature( $user_id, $url, $date ); + $wp_version = \get_bloginfo( 'version' ); $user_agent = \apply_filters( 'http_headers_useragent', 'WordPress/' . $wp_version . '; ' . \get_bloginfo( 'url' ) ); @@ -94,6 +104,8 @@ function get_remote_metadata_by_actor( $actor ) { 'user-agent' => "$user_agent; ActivityPub", 'headers' => array( 'accept' => 'application/activity+json, application/ld+json, application/ld+json; profile="https://www.w3.org/ns/activitystreams"', + 'Signature' => $signature, + 'Date' => $date, ), );