Fix the signature for HTTP GET requests
This commit is contained in:
parent
04db99730d
commit
eff60ed5dd
2 changed files with 5 additions and 5 deletions
|
@ -70,7 +70,7 @@ class Signature {
|
||||||
\update_user_meta( $user_id, 'magic_sig_public_key', $detail['key'] );
|
\update_user_meta( $user_id, 'magic_sig_public_key', $detail['key'] );
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function generate_signature( $user_id, $url, $date, $digest = null ) {
|
public static function generate_signature( $user_id, $http_method, $url, $date, $digest = null ) {
|
||||||
$key = self::get_private_key( $user_id );
|
$key = self::get_private_key( $user_id );
|
||||||
|
|
||||||
$url_parts = \wp_parse_url( $url );
|
$url_parts = \wp_parse_url( $url );
|
||||||
|
@ -89,9 +89,9 @@ class Signature {
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( ! empty( $digest ) ) {
|
if ( ! empty( $digest ) ) {
|
||||||
$signed_string = "(request-target): post $path\nhost: $host\ndate: $date\ndigest: SHA-256=$digest";
|
$signed_string = "(request-target): $http_method $path\nhost: $host\ndate: $date\ndigest: SHA-256=$digest";
|
||||||
} else {
|
} else {
|
||||||
$signed_string = "(request-target): post $path\nhost: $host\ndate: $date";
|
$signed_string = "(request-target): $http_method $path\nhost: $host\ndate: $date";
|
||||||
}
|
}
|
||||||
|
|
||||||
$signature = null;
|
$signature = null;
|
||||||
|
|
|
@ -35,7 +35,7 @@ function get_context() {
|
||||||
function safe_remote_post( $url, $body, $user_id ) {
|
function safe_remote_post( $url, $body, $user_id ) {
|
||||||
$date = \gmdate( 'D, d M Y H:i:s T' );
|
$date = \gmdate( 'D, d M Y H:i:s T' );
|
||||||
$digest = \Activitypub\Signature::generate_digest( $body );
|
$digest = \Activitypub\Signature::generate_digest( $body );
|
||||||
$signature = \Activitypub\Signature::generate_signature( $user_id, $url, $date, $digest );
|
$signature = \Activitypub\Signature::generate_signature( $user_id, 'post', $url, $date, $digest );
|
||||||
|
|
||||||
$wp_version = \get_bloginfo( 'version' );
|
$wp_version = \get_bloginfo( 'version' );
|
||||||
$user_agent = \apply_filters( 'http_headers_useragent', 'WordPress/' . $wp_version . '; ' . \get_bloginfo( 'url' ) );
|
$user_agent = \apply_filters( 'http_headers_useragent', 'WordPress/' . $wp_version . '; ' . \get_bloginfo( 'url' ) );
|
||||||
|
@ -63,7 +63,7 @@ function safe_remote_post( $url, $body, $user_id ) {
|
||||||
|
|
||||||
function safe_remote_get( $url, $user_id ) {
|
function safe_remote_get( $url, $user_id ) {
|
||||||
$date = \gmdate( 'D, d M Y H:i:s T' );
|
$date = \gmdate( 'D, d M Y H:i:s T' );
|
||||||
$signature = \Activitypub\Signature::generate_signature( $user_id, $url, $date );
|
$signature = \Activitypub\Signature::generate_signature( $user_id, 'get', $url, $date );
|
||||||
|
|
||||||
$wp_version = \get_bloginfo( 'version' );
|
$wp_version = \get_bloginfo( 'version' );
|
||||||
$user_agent = \apply_filters( 'http_headers_useragent', 'WordPress/' . $wp_version . '; ' . \get_bloginfo( 'url' ) );
|
$user_agent = \apply_filters( 'http_headers_useragent', 'WordPress/' . $wp_version . '; ' . \get_bloginfo( 'url' ) );
|
||||||
|
|
Loading…
Reference in a new issue