aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
authorMario <mario@mariovavti.com>2021-01-28 14:57:37 +0000
committerMario <mario@mariovavti.com>2021-01-28 14:57:37 +0000
commit8c2442eca5889a5ece659bdb456403b28285b26b (patch)
tree83f0ca36be46f2aa775880572a24f1a62110217f /Zotlabs
parent8b78e18fb8ade1d04dbf2e5152288f6982a462df (diff)
downloadvolse-hubzilla-8c2442eca5889a5ece659bdb456403b28285b26b.tar.gz
volse-hubzilla-8c2442eca5889a5ece659bdb456403b28285b26b.tar.bz2
volse-hubzilla-8c2442eca5889a5ece659bdb456403b28285b26b.zip
AS channel discovery with custom access header
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Lib/Activity.php10
-rw-r--r--Zotlabs/Lib/ActivityStreams.php29
-rw-r--r--Zotlabs/Module/Channel.php40
3 files changed, 66 insertions, 13 deletions
diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php
index 388d74d91..3bfdf722a 100644
--- a/Zotlabs/Lib/Activity.php
+++ b/Zotlabs/Lib/Activity.php
@@ -87,14 +87,16 @@ class Activity {
}
$headers = [
- 'Accept' => 'application/activity+json, application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
+ 'Accept' => ActivityStreams::get_accept_header_string($channel),
'Host' => $m['host'],
'Date' => datetime_convert('UTC', 'UTC', 'now', 'D, d M Y H:i:s \\G\\M\\T'),
'(request-target)' => 'get ' . get_request_string($url)
];
+
if (isset($token)) {
$headers['Authorization'] = 'Bearer ' . $token;
}
+
$h = HTTPSig::create_sig($headers, $channel['channel_prvkey'], channel_url($channel), false);
$x = z_fetch_url($url, true, $redirects, ['headers' => $h]);
}
@@ -302,7 +304,7 @@ class Activity {
$m = get_iconfig($i['id'], 'activitypub', 'rawmsg');
if ($m) {
if (is_string($m))
- $t = json_decode($m,true);
+ $t = json_decode($m, true);
else
$t = $m;
}
@@ -2563,7 +2565,7 @@ class Activity {
$allowed = true;
// reject public stream comments that weren't sent by the conversation owner
- if ($is_sys_channel && $pubstream && $item['owner_xchan'] !== $observer_hash && ! $fetch_parents) { // TODO: check why? This would make it impossible to fetch externals via zotfeed where $observer_hash = sys channel
+ if ($is_sys_channel && $pubstream && $item['owner_xchan'] !== $observer_hash && !$fetch_parents) {
$allowed = false;
}
}
@@ -2963,7 +2965,7 @@ class Activity {
break;
}
- array_unshift($p,[ $a, $item ]);
+ array_unshift($p, [$a, $item]);
if ($item['parent_mid'] === $item['mid']) {
break;
diff --git a/Zotlabs/Lib/ActivityStreams.php b/Zotlabs/Lib/ActivityStreams.php
index f877fbb45..a1d780205 100644
--- a/Zotlabs/Lib/ActivityStreams.php
+++ b/Zotlabs/Lib/ActivityStreams.php
@@ -409,16 +409,33 @@ class ActivityStreams {
return $x;
}
- static function is_as_request() {
+ static function is_as_request($channel = null) {
- $x = getBestSupportedMimeType([
- 'application/ld+json;profile="https://www.w3.org/ns/activitystreams"',
- 'application/activity+json',
- 'application/ld+json;profile="http://www.w3.org/ns/activitystreams"'
- ]);
+ $hookdata = [];
+ if($channel)
+ $hookdata['channel'] = $channel;
+ $hookdata['data'] = ['application/x-zot-activity+json'];
+
+ call_hooks('is_as_request', $hookdata);
+
+ $x = getBestSupportedMimeType($hookdata['data']);
return(($x) ? true : false);
}
+ static function get_accept_header_string($channel = null) {
+
+ $hookdata = [];
+ if($channel)
+ $hookdata['channel'] = $channel;
+
+ $hookdata['data'] = 'application/x-zot-activity+json';
+
+ call_hooks('get_accept_header_string', $hookdata);
+
+ return $hookdata['data'];
+
+ }
+
}
diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php
index 11f4d3a52..5cfcb623b 100644
--- a/Zotlabs/Module/Channel.php
+++ b/Zotlabs/Module/Channel.php
@@ -4,10 +4,12 @@ namespace Zotlabs\Module;
use App;
-use Zotlabs\Web\Controller;
+use Zotlabs\Lib\Activity;
+use Zotlabs\Lib\ActivityStreams;
+use Zotlabs\Lib\Libzot;
use Zotlabs\Lib\PermissionDescription;
+use Zotlabs\Web\Controller;
use Zotlabs\Web\HTTPSig;
-use Zotlabs\Lib\Libzot;
require_once('include/items.php');
require_once('include/security.php');
@@ -25,7 +27,7 @@ class Channel extends Controller {
function init() {
- if(in_array(substr($_GET['search'],0,1),[ '@', '!', '?']))
+ if(in_array(substr($_GET['search'],0,1),[ '@', '!', '?']) || strpos($_GET['search'], 'https://') === 0)
goaway('search' . '?f=&search=' . $_GET['search']);
$which = null;
@@ -87,6 +89,38 @@ class Channel extends Controller {
killme();
}
+ if (ActivityStreams::is_as_request($channel)) {
+
+ // Somebody may attempt an ActivityStreams fetch on one of our message permalinks
+ // Make it do the right thing.
+
+ $mid = ((x($_REQUEST,'mid')) ? $_REQUEST['mid'] : '');
+ if ($mid && strpos($mid,'b64.') === 0) {
+ $decoded = @base64url_decode(substr($mid,4));
+ if ($decoded) {
+ $mid = $decoded;
+ }
+ }
+ if ($mid) {
+ $obj = null;
+ if (strpos($mid, z_root() . '/item/') === 0) {
+ App::$argc = 2;
+ App::$argv = [ 'item', basename($mid) ];
+ $obj = new Item();
+ }
+ if (strpos($mid, z_root() . '/activity/') === 0) {
+ App::$argc = 2;
+ App::$argv = [ 'activity', basename($mid) ];
+ $obj = new Activity();
+ }
+ if ($obj) {
+ $obj->init();
+ }
+ }
+
+ as_return_and_die(Activity::encode_person($channel,true),$channel);
+ }
+
if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
$which = $channel['channel_address'];
$profile = argv(1);