code doc
This commit is contained in:
Matthias Pfefferle
parent
ec4e22f570
commit
d2b7c287fc
1 changed files with 3 additions and 1 deletions
|
|
@ -88,6 +88,7 @@ class Server {
|
||||||
public static function authorize_activitypub_requests( $response, $handler, $request ) {
|
public static function authorize_activitypub_requests( $response, $handler, $request ) {
|
||||||
$route = $request->get_route();
|
$route = $request->get_route();
|
||||||
|
|
||||||
|
// check if it is an activitypub request and exclude webfinger and nodeinfo endpoints
|
||||||
if (
|
if (
|
||||||
! str_starts_with( $route, '/' . ACTIVITYPUB_REST_NAMESPACE ) ||
|
! str_starts_with( $route, '/' . ACTIVITYPUB_REST_NAMESPACE ) ||
|
||||||
str_starts_with( $route, '/' . \trailingslashit( ACTIVITYPUB_REST_NAMESPACE ) . 'webfinger' ) ||
|
str_starts_with( $route, '/' . \trailingslashit( ACTIVITYPUB_REST_NAMESPACE ) . 'webfinger' ) ||
|
||||||
|
|
@ -96,12 +97,13 @@ class Server {
|
||||||
return $response;
|
return $response;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// POST-Requets are always signed
|
||||||
if ( 'POST' === $request->get_method() ) {
|
if ( 'POST' === $request->get_method() ) {
|
||||||
$verified_request = Signature::verify_http_signature( $request );
|
$verified_request = Signature::verify_http_signature( $request );
|
||||||
if ( \is_wp_error( $verified_request ) ) {
|
if ( \is_wp_error( $verified_request ) ) {
|
||||||
return $verified_request;
|
return $verified_request;
|
||||||
}
|
}
|
||||||
} elseif ( 'GET' === $request->get_method() ) {
|
} elseif ( 'GET' === $request->get_method() ) { // GET-Requests are only signed in secure mode
|
||||||
if ( ACTIVITYPUB_SECURE_MODE ) {
|
if ( ACTIVITYPUB_SECURE_MODE ) {
|
||||||
$verified_request = Signature::verify_http_signature( $request );
|
$verified_request = Signature::verify_http_signature( $request );
|
||||||
if ( \is_wp_error( $verified_request ) ) {
|
if ( \is_wp_error( $verified_request ) ) {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue