Event-Federation/wordpress-activitypub
Event-Federation/wordpress-activitypub
7
1
Fork 0
Code Issues 5 Pull requests Projects Releases Wiki Activity Actions 1

fixes

Browse source
This commit is contained in:
Django Doucet 2022-02-28 19:32:26 -07:00
parent 86c796090d
commit 99630a58bb
1 changed files with 5 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
includes/class-signature.php
View file

@ -22,18 +22,6 @@ class Signature {
/x'; /x';
/** /**
* Allowed keys when splitting signature
*
* @var array
*/
private $allowedKeys = [
'keyId',
'algorithm', // optional
'headers', // optional
'signature',
];
/**
* @param int $user_id * @param int $user_id
* *
* @return mixed * @return mixed
@ -132,7 +120,7 @@ class Signature {
} }
} }
public static function verify_signature( $headers, $signature ) { public static function verify_signature( $request ) {
// https://github.com/landrok/activitypub/blob/master/src/ActivityPhp/Server/Http/HttpSignature.php // https://github.com/landrok/activitypub/blob/master/src/ActivityPhp/Server/Http/HttpSignature.php
$header_data = $request->get_headers(); $header_data = $request->get_headers();
@ -140,6 +128,7 @@ class Signature {
if ( !$header_data['signature'][0] ) { if ( !$header_data['signature'][0] ) {
return false; return false;
} }
// Split it into its parts ( keyId, headers and signature ) // Split it into its parts ( keyId, headers and signature )
$signature_parts = self::splitSignature( $header_data['signature'][0] ); $signature_parts = self::splitSignature( $header_data['signature'][0] );
if ( !count($signature_parts ) ) { if ( !count($signature_parts ) ) {
@ -157,6 +146,7 @@ class Signature {
if ( $digest_gen !== $header_data['digest'][0] ) { if ( $digest_gen !== $header_data['digest'][0] ) {
return false; return false;
} }
// Create a comparison string from the plaintext headers we got // Create a comparison string from the plaintext headers we got
// in the same order as was given in the signature header, // in the same order as was given in the signature header,
$data_plain = self::getPlainText( $data_plain = self::getPlainText(
@ -177,12 +167,8 @@ class Signature {
} else { } else {
return false; return false;
} }
} else {
$activity = json_decode($body);
if ( $activity->type === 'Delete' ) {
// TODO eventually process ld signatures
}
} }
return true;
} }
/** /**
@ -198,7 +184,6 @@ class Signature {
]; ];
if (!preg_match(self::SIGNATURE_PATTERN, $signature, $matches)) { if (!preg_match(self::SIGNATURE_PATTERN, $signature, $matches)) {
\error_log('Signature pattern failed' . print_r( $signature, true ) );
return []; return [];
} }