merge-requests/5/head
Terence Eden 2024-02-13 13:30:36 +00:00
rodzic 911ba84220
commit a4360594df
1 zmienionych plików z 53 dodań i 36 usunięć

Wyświetl plik

@ -16,6 +16,7 @@
// Set up the Actor's information
$username = rawurlencode("example"); // Encoded as it is often used as part of a URl
$realName = "E. Xample. Jr.";
$summary = "Some text about the user.";
$server = $_SERVER['SERVER_NAME']; // Domain name this is hosted on
// Generate locally or from https://cryptotools.net/rsagen
@ -28,15 +29,15 @@
// Get all headers and requests sent to this server
$headers = print_r( getallheaders(), true );
$postData = print_r( $_POST, true );
$getData = print_r( $_GET, true );
$filesData = print_r( $_FILES, true );
$body = json_decode( file_get_contents( "php://input"), true );
$bodyData = print_r( $input, true );
$postData = print_r( $_POST, true );
$getData = print_r( $_GET, true );
$filesData = print_r( $_FILES, true );
$body = json_decode( file_get_contents( "php://input" ), true );
$bodyData = print_r( $input, true );
$requestData = print_r( $_REQUEST, true );
$serverData = print_r( $_SERVER, true );
$serverData = print_r( $_SERVER, true );
// Get the type of request
// Get the type of request - used in the log filename
if ( isset( $body["type"] ) ) {
$type = " " . $body["type"];
} else {
@ -48,10 +49,12 @@
// Filename for the log
$filename = "{$timestamp}{$type}.txt";
// Save headers and request data to the timestamped file
file_put_contents( $filename,
// Save headers and request data to the timestamped file in the logs directory
if( ! is_dir( "logs" ) ) { mkdir( "logs"); }
file_put_contents( "logs/{$filename}",
"Headers: \n$headers \n\n" .
"Body Data: \n$bodyData \n\n" .
"Body Data: \n$bodyData \n\n" .
"POST Data: \n$postData \n\n" .
"GET Data: \n$getData \n\n" .
"Files Data: \n$filesData \n\n" .
@ -64,10 +67,10 @@
$path = $_GET["path"];
switch ($path) {
case "":
echo "Silence";
die();
case ".well-known/webfinger":
webfinger();
case "{$username}":
case rawurldecode( $username ):
username();
case "following":
following();
@ -97,7 +100,7 @@
)
)
);
header("Content-Type: application/json");
header( "Content-Type: application/json" );
echo json_encode( $webfinger );
die();
}
@ -118,7 +121,7 @@
"inbox" => "https://{$server}/inbox",
"preferredUsername" => rawurldecode($username),
"name" => "{$realName}",
"summary" => "A single file ActivityPub server.",
"summary" => "{$summary}",
"url" => "https://{$server}",
"manuallyApprovesFollowers" => true,
"discoverable" => true,
@ -134,7 +137,7 @@
"publicKeyPem" => $key_public
]
);
header("Content-Type: application/activity+json");
header( "Content-Type: application/activity+json" );
echo json_encode( $user );
die();
}
@ -150,7 +153,7 @@
"totalItems" => 0,
"items" => []
);
header("Content-Type: application/activity+json");
header( "Content-Type: application/activity+json" );
echo json_encode( $following );
die();
}
@ -165,7 +168,7 @@
"totalItems" => 0,
"items" => []
);
header("Content-Type: application/activity+json");
header( "Content-Type: application/activity+json" );
echo json_encode( $followers );
die();
}
@ -184,8 +187,8 @@
// Get the parameters
$inbox_id = $inbox_message["id"];
$inbox_actor = $inbox_message["actor"];
$inbox_url = parse_url($inbox_actor, PHP_URL_SCHEME) . "://" . parse_url($inbox_actor, PHP_URL_HOST);
$inbox_host = parse_url($inbox_actor, PHP_URL_HOST);
$inbox_url = parse_url( $inbox_actor, PHP_URL_SCHEME ) . "://" . parse_url( $inbox_actor, PHP_URL_HOST );
$inbox_host = parse_url( $inbox_actor, PHP_URL_HOST );
// Does this account have any followers?
if( file_exists( "followers.json" ) ) {
@ -224,20 +227,25 @@
// The Accept is sent to the server of the user who requested the follow
// TODO: The path doesn't *always* end with/inbox
$host = $inbox_host;
$path = parse_url($inbox_actor, PHP_URL_PATH) . "/inbox";
$path = parse_url( $inbox_actor, PHP_URL_PATH ) . "/inbox";
// Set up signing
$keyId = "https://{$server}/{$username}#main-key";
// Generate signing variables
$hash = hash('sha256', $message_json, true);
$digest = base64_encode($hash);
$date = date('D, d M Y H:i:s \G\M\T');
$hash = hash( 'sha256', $message_json, true );
$digest = base64_encode( $hash );
$date = date( 'D, d M Y H:i:s \G\M\T' );
$signer = openssl_get_privatekey($key_private);
$signer = openssl_get_privatekey( $key_private );
$stringToSign = "(request-target): post $path\nhost: $host\ndate: $date\ndigest: SHA-256=$digest";
openssl_sign($stringToSign, $signature, $signer, OPENSSL_ALGO_SHA256);
$signature_b64 = base64_encode($signature);
openssl_sign(
$stringToSign,
$signature,
$signer,
OPENSSL_ALGO_SHA256
);
$signature_b64 = base64_encode( $signature );
$header = 'keyId="' . $keyId . '",algorithm="rsa-sha256",headers="(request-target) host date digest",signature="' . $signature_b64 . '"';
@ -273,7 +281,7 @@
function uuid() {
// Date sortable UUID
return sprintf('%08x-%04x-%04x-%04x-%012x',
return sprintf( '%08x-%04x-%04x-%04x-%012x',
time(),
mt_rand(0, 0xffff),
mt_rand(0, 0xffff),
@ -317,13 +325,15 @@ HTML;
// Get the posted content
$content = $_POST["content"];
// Current time
$timestamp = date("c");
// Current time - ISO8601
$timestamp = date( "c" );
// Outgoing Message ID
$guid = uuid();
// Construct the Note
// contentMap is used to prevent unnecessary "translate this post" pop ups
// hardcoded to English
$note = [
"@context" => array(
"https://www.w3.org/ns/activitystreams"
@ -354,10 +364,12 @@ HTML;
$message_json = json_encode($message);
// Create the context for the permalink
$note = [ "@context" => "https://www.w3.org/ns/activitystreams", ...$note];
$note = [ "@context" => "https://www.w3.org/ns/activitystreams", ...$note ];
// Save the permalink
$note_json = json_encode( $note );
// Check for posts/ directory and create it
if( ! is_dir( "posts" ) ) { mkdir( "posts"); }
file_put_contents( "posts/{$guid}.json", print_r( $note_json, true ) );
// Read existing users and get their hosts
@ -380,12 +392,17 @@ HTML;
$hash = hash( "sha256", $message_json, true );
$digest = base64_encode( $hash );
$date = date('D, d M Y H:i:s \G\M\T');
$date = date( 'D, d M Y H:i:s \G\M\T' );
$signer = openssl_get_privatekey( $key_private );
$stringToSign = "(request-target): post $path\nhost: $host\ndate: $date\ndigest: SHA-256=$digest";
openssl_sign( $stringToSign, $signature, $signer, OPENSSL_ALGO_SHA256 );
$signature_b64 = base64_encode($signature);
openssl_sign(
$stringToSign,
$signature,
$signer,
OPENSSL_ALGO_SHA256
);
$signature_b64 = base64_encode( $signature );
$header = 'keyId="' . $keyId . '",algorithm="rsa-sha256",headers="(request-target) host date digest",signature="' . $signature_b64 . '"';
@ -430,6 +447,6 @@ HTML;
die();
}
die();
die();
die();
die();
die();
die();