mirror
/
activitypub-single-php-file
kopia lustrzana https://gitlab.com/edent/activitypub-single-php-file
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

Documentation

merge-requests/5/head
Terence Eden 2024-02-15 09:29:21 +00:00
rodzic 24283f5f96
commit 5311687cd6
1 zmienionych plików z 38 dodań i 12 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

50
index.php
Wyświetl plik

@ -13,6 +13,9 @@
* "Any appearance of design in the Program is purely coincidental and should not in any way be mistaken for evidence of thoughtful software construction." * "Any appearance of design in the Program is purely coincidental and should not in any way be mistaken for evidence of thoughtful software construction."
*/ */
// Preamble: Set your details here
// This is where you set up your account's name and bio. You also need to provide a public/private keypair. The posting page is protected with a password that also needs to be set here.
// Set up the Actor's information // Set up the Actor's information
$username = rawurlencode("example"); // Encoded as it is often used as part of a URl $username = rawurlencode("example"); // Encoded as it is often used as part of a URl
$realName = "E. Xample. Jr."; $realName = "E. Xample. Jr.";
@ -27,13 +30,16 @@
// Password for sending messages // Password for sending messages
$password = "P4ssW0rd"; $password = "P4ssW0rd";
// Logging:
// ActivityPub is a "chatty" protocol. This takes all the requests your server receives and saves them in `/logs/` as a datestamped text file.
// Get all headers and requests sent to this server // Get all headers and requests sent to this server
$headers = print_r( getallheaders(), true ); $headers = print_r( getallheaders(), true );
$postData = print_r( $_POST, true ); $postData = print_r( $_POST, true );
$getData = print_r( $_GET, true ); $getData = print_r( $_GET, true );
$filesData = print_r( $_FILES, true ); $filesData = print_r( $_FILES, true );
$body = json_decode( file_get_contents( "php://input" ), true ); $body = json_decode( file_get_contents( "php://input" ), true );
$bodyData = print_r( $input, true ); $bodyData = print_r( $body, true );
$requestData = print_r( $_REQUEST, true ); $requestData = print_r( $_REQUEST, true );
$serverData = print_r( $_SERVER, true ); $serverData = print_r( $_SERVER, true );
@ -62,8 +68,9 @@
"Server Data: \n$serverData \n\n" "Server Data: \n$serverData \n\n"
); );
// Routing:
// The .htaccess changes /whatever to /?path=whatever // The .htaccess changes /whatever to /?path=whatever
// What path was requested? // This runs the function of the path requested.
$path = $_GET["path"]; $path = $_GET["path"];
switch ($path) { switch ($path) {
case "": case "":
@ -86,8 +93,10 @@
die(); die();
} }
// The [WebFinger Protocol](https://docs.joinmastodon.org/spec/webfinger/) is used to identify accounts.
// It is requested with `example.com/.well-known/webfinger?resource=acct:username@example.com`
// This server only has one user, so it ignores the query string and always returns the same details.
function webfinger() { function webfinger() {
// Display the WebFinger JSON
global $username, $server; global $username, $server;
$webfinger = array( $webfinger = array(
@ -105,9 +114,10 @@
die(); die();
} }
// User:
// Requesting `example.com/username` returns a JSON document with the user's information.
function username() { function username() {
// Display the username JSON global $username, $realName, $summary, $server, $key_public;
global $username, $realName, $server, $key_public;
$user = array( $user = array(
"@context" => [ "@context" => [
@ -142,8 +152,10 @@
die(); die();
} }
// Follower / Following:
// These JSON documents show how many users are following / followers-of this account.
// The information here is self-attested. So you can lie and use any number you want.
function following() { function following() {
// Display the following JSON
global $server; global $server;
$following = array( $following = array(
@ -157,9 +169,7 @@
echo json_encode( $following ); echo json_encode( $following );
die(); die();
} }
function followers() { function followers() {
// Display the followers JSON
global $server; global $server;
$followers = array( $followers = array(
"@context" => "https://www.w3.org/ns/activitystreams", "@context" => "https://www.w3.org/ns/activitystreams",
@ -173,8 +183,14 @@
die(); die();
} }
// Inbox:
// The `/inbox` is the main server. It receives all requests.
// This server only responds to "Follow" requests.
// A remote server sends a follow request which is a JSON file saying who they are.
// This code does not cryptographically validate the headers of the received message.
// The name of the remote user's server is saved to a file so that future messages can be delivered to it.
// An accept request is cryptographically signed and POST'd back to the remote server.
function inbox() { function inbox() {
// Respond to InBox requests
global $body, $server, $username, $key_private; global $body, $server, $username, $key_private;
// Get the message and type // Get the message and type
@ -251,8 +267,11 @@
die(); die();
} }
// Unique ID:
// Every message sent should have a unique ID.
// This can be anything you like. Some servers use a random number.
// I prefer a date-sortable string.
function uuid() { function uuid() {
// Date sortable UUID
return sprintf( "%08x-%04x-%04x-%04x-%012x", return sprintf( "%08x-%04x-%04x-%04x-%012x",
time(), time(),
mt_rand(0, 0xffff), mt_rand(0, 0xffff),
@ -262,10 +281,13 @@
); );
} }
// Headers:
// Every message that your server sends needs to be cryptographically signed with your Private Key.
// This is a complicated process. Please read https://blog.joinmastodon.org/2018/07/how-to-make-friends-and-verify-requests/ for more information.
function generate_signed_headers( $message, $host, $path ) { function generate_signed_headers( $message, $host, $path ) {
global $server, $username, $key_private; global $server, $username, $key_private;
// Encode the message to JSON // Encode the message object to JSON
$message_json = json_encode( $message ); $message_json = json_encode( $message );
// Location of the Public Key // Location of the Public Key
@ -309,8 +331,9 @@
return $headers; return $headers;
} }
// User Interface for Writing:
// This creates a basic HTML form. Type in your message and your password. It then POSTs the data to the `/send` endpoint.
function write() { function write() {
// Display an HTML form for the user to enter a message.
echo <<< HTML echo <<< HTML
<!DOCTYPE html> <!DOCTYPE html>
<html lang="en-GB"> <html lang="en-GB">
@ -335,6 +358,9 @@ HTML;
die(); die();
} }
// Send Endpoint:
// This takes the submitted message and checks the password is correct.
// It reads the `followers.json` file and sends the message to every server that is following this account.
function send() { function send() {
global $password, $server, $username, $key_private; global $password, $server, $username, $key_private;