diff --git a/includes/class-signature.php b/includes/class-signature.php index 3dffb109..5caf8846 100644 --- a/includes/class-signature.php +++ b/includes/class-signature.php @@ -70,7 +70,7 @@ public static function generate_key_pair( $user_id ) { \update_user_meta( $user_id, 'magic_sig_public_key', $detail['key'] ); } - public static function generate_signature( $user_id, $url, $date ) { + public static function generate_signature( $user_id, $url, $date, $digest = null ) { $key = self::get_private_key( $user_id ); $url_parts = \wp_parse_url( $url ); @@ -88,7 +88,11 @@ public static function generate_signature( $user_id, $url, $date ) { $path .= '?' . $url_parts['query']; } - $signed_string = "(request-target): post $path\nhost: $host\ndate: $date"; + if ( ! empty( $digest ) ) { + $signed_string = "(request-target): post $path\nhost: $host\ndate: $date\ndigest: SHA-256=$digest"; + } else { + $signed_string = "(request-target): post $path\nhost: $host\ndate: $date"; + } $signature = null; \openssl_sign( $signed_string, $signature, $key, \OPENSSL_ALGO_SHA256 ); @@ -96,10 +100,19 @@ public static function generate_signature( $user_id, $url, $date ) { $key_id = \get_author_posts_url( $user_id ) . '#main-key'; - return \sprintf( 'keyId="%s",algorithm="rsa-sha256",headers="(request-target) host date",signature="%s"', $key_id, $signature ); + if ( ! empty( $digest ) ) { + return \sprintf( 'keyId="%s",algorithm="rsa-sha256",headers="(request-target) host date digest",signature="%s"', $key_id, $signature ); + } else { + return \sprintf( 'keyId="%s",algorithm="rsa-sha256",headers="(request-target) host date",signature="%s"', $key_id, $signature ); + } } public static function verify_signature( $headers, $signature ) { } + + public static function generate_digest( $body ) { + $digest = \base64_encode( \hash( 'sha256', $body, true ) ); // phpcs:ignore + return "$digest"; + } } diff --git a/includes/functions.php b/includes/functions.php index 43cc40e0..3143eeef 100644 --- a/includes/functions.php +++ b/includes/functions.php @@ -23,7 +23,8 @@ function get_context() { function safe_remote_post( $url, $body, $user_id ) { $date = \gmdate( 'D, d M Y H:i:s T' ); - $signature = \Activitypub\Signature::generate_signature( $user_id, $url, $date ); + $digest = \Activitypub\Signature::generate_digest( $body ); + $signature = \Activitypub\Signature::generate_signature( $user_id, $url, $date, $digest ); $wp_version = \get_bloginfo( 'version' ); $user_agent = \apply_filters( 'http_headers_useragent', 'WordPress/' . $wp_version . '; ' . \get_bloginfo( 'url' ) ); @@ -35,6 +36,7 @@ function safe_remote_post( $url, $body, $user_id ) { 'headers' => array( 'Accept' => 'application/activity+json', 'Content-Type' => 'application/activity+json', + 'Digest' => "SHA-256=$digest", 'Signature' => $signature, 'Date' => $date, ), diff --git a/includes/rest/class-inbox.php b/includes/rest/class-inbox.php index ad033e78..7f77e14b 100644 --- a/includes/rest/class-inbox.php +++ b/includes/rest/class-inbox.php @@ -16,7 +16,7 @@ public static function init() { \add_action( 'rest_api_init', array( '\Activitypub\Rest\Inbox', 'register_routes' ) ); \add_filter( 'rest_pre_serve_request', array( '\Activitypub\Rest\Inbox', 'serve_request' ), 11, 4 ); \add_action( 'activitypub_inbox_follow', array( '\Activitypub\Rest\Inbox', 'handle_follow' ), 10, 2 ); - \add_action( 'activitypub_inbox_unfollow', array( '\Activitypub\Rest\Inbox', 'handle_unfollow' ), 10, 2 ); + \add_action( 'activitypub_inbox_undo', array( '\Activitypub\Rest\Inbox', 'handle_unfollow' ), 10, 2 ); //\add_action( 'activitypub_inbox_like', array( '\Activitypub\Rest\Inbox', 'handle_reaction' ), 10, 2 ); //\add_action( 'activitypub_inbox_announce', array( '\Activitypub\Rest\Inbox', 'handle_reaction' ), 10, 2 ); \add_action( 'activitypub_inbox_create', array( '\Activitypub\Rest\Inbox', 'handle_create' ), 10, 2 );