forked from GNUsocial/gnu-social
[ActivityPub] Slightly increase robustness on exception handling
Also ported Activitypub_rsa to PHP7 Minor indentation fixes
This commit is contained in:
parent
d9b5ef1cee
commit
6423750250
@ -57,15 +57,33 @@ class apInboxAction extends ManagedAction
|
||||
|
||||
common_debug('ActivityPub Inbox: Received a POST request.');
|
||||
$body = $data = file_get_contents('php://input');
|
||||
common_debug('ActivityPub Inbox: Request contents: '.$data);
|
||||
common_debug('ActivityPub Inbox: Request contents: ' . $data);
|
||||
$data = json_decode(file_get_contents('php://input'), true);
|
||||
|
||||
if (!isset($data['actor'])) {
|
||||
ActivityPubReturn::error('Actor not found in the request.');
|
||||
}
|
||||
|
||||
try {
|
||||
$actor = Activitypub_explorer::get_profile_from_url($data['actor']);
|
||||
} catch (HTTP_Request2_Exception $e) {
|
||||
ActivityPubReturn::error('Failed to retrieve remote actor information.');
|
||||
} catch (NoProfileException $e) {
|
||||
// Assert: This won't happen.
|
||||
common_log(LOG_ERR, 'PLEASE REPORT THIS: ActivityPub Inbox Handler failed with NoProfileException while retrieving remote actor information: ' . $e->getMessage());
|
||||
ActivityPubReturn::error('An unknown error has occurred. This was logged, please alert the sysadmin.');
|
||||
} catch (ServerException $e) {
|
||||
ActivityPubReturn::error('Could not store this remote actor.');
|
||||
} catch (Exception $e) {
|
||||
ActivityPubReturn::error('Invalid actor.');
|
||||
}
|
||||
try {
|
||||
$aprofile = Activitypub_profile::from_profile($actor);
|
||||
} catch (Exception $e) {
|
||||
// Assert: This won't happen.
|
||||
common_log(LOG_ERR, 'PLEASE REPORT THIS: ActivityPub Inbox Handler failed while retrieving AProfile from Profile: ' . $e->getMessage());
|
||||
ActivityPubReturn::error('An unknown error has occurred. This was logged, please alert the sysadmin.');
|
||||
}
|
||||
|
||||
$actor_public_key = new Activitypub_rsa();
|
||||
$actor_public_key = $actor_public_key->ensure_public_key($actor);
|
||||
@ -73,7 +91,7 @@ class apInboxAction extends ManagedAction
|
||||
common_debug('ActivityPub Inbox: HTTP Signature: Validation will now start!');
|
||||
|
||||
$headers = $this->get_all_headers();
|
||||
common_debug('ActivityPub Inbox: Request Headers: '.print_r($headers, true));
|
||||
common_debug('ActivityPub Inbox: Request Headers: ' . print_r($headers, true));
|
||||
|
||||
if (!isset($headers['signature'])) {
|
||||
common_debug('ActivityPub Inbox: HTTP Signature: Missing Signature header.');
|
||||
@ -82,25 +100,33 @@ class apInboxAction extends ManagedAction
|
||||
|
||||
// Extract the signature properties
|
||||
$signatureData = HTTPSignature::parseSignatureHeader($headers['signature']);
|
||||
common_debug('ActivityPub Inbox: HTTP Signature Data: '.print_r($signatureData, true));
|
||||
common_debug('ActivityPub Inbox: HTTP Signature Data: ' . print_r($signatureData, true));
|
||||
if (isset($signatureData['error'])) {
|
||||
common_debug('ActivityPub Inbox: HTTP Signature: '.json_encode($signatureData, true));
|
||||
common_debug('ActivityPub Inbox: HTTP Signature: ' . json_encode($signatureData, true));
|
||||
ActivityPubReturn::error(json_encode($signatureData, true), 400);
|
||||
}
|
||||
|
||||
list($verified, $headers) = HTTPSignature::verify($actor_public_key, $signatureData, $headers, $path, $body);
|
||||
|
||||
// If the signature fails verification the first time, update profile as it might have change public key
|
||||
if($verified !== 1) {
|
||||
// If the signature fails verification the first time, update profile as it might have changed public key
|
||||
if ($verified !== 1) {
|
||||
try {
|
||||
$res = Activitypub_explorer::get_remote_user_activity($aprofile->getUri());
|
||||
} catch (Exception $e) {
|
||||
ActivityPubReturn::error('Invalid remote actor.');
|
||||
}
|
||||
try {
|
||||
$actor = Activitypub_profile::update_profile($aprofile, $res);
|
||||
} catch (Exception $e) {
|
||||
ActivityPubReturn::error('Failed to updated remote actor information.');
|
||||
}
|
||||
$actor_public_key = new Activitypub_rsa();
|
||||
$actor_public_key = $actor_public_key->ensure_public_key($actor);
|
||||
list($verified, $headers) = HTTPSignature::verify($actor_public_key, $signatureData, $headers, $path, $body);
|
||||
list($verified, /*$headers*/) = HTTPSignature::verify($actor_public_key, $signatureData, $headers, $path, $body);
|
||||
}
|
||||
|
||||
// If it still failed despite profile update
|
||||
if($verified !== 1) {
|
||||
if ($verified !== 1) {
|
||||
common_debug('ActivityPub Inbox: HTTP Signature: Invalid signature.');
|
||||
ActivityPubReturn::error('Invalid signature.');
|
||||
}
|
||||
|
@ -53,8 +53,8 @@ class Activitypub_profile extends Managed_DataObject
|
||||
/**
|
||||
* Return table definition for Schema setup and DB_DataObject usage.
|
||||
*
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
* @return array array of column definitions
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
*/
|
||||
public static function schemaDef()
|
||||
{
|
||||
@ -81,6 +81,7 @@ class Activitypub_profile extends Managed_DataObject
|
||||
* @return array array to be used in a response
|
||||
* @throws InvalidUrlException
|
||||
* @throws ServerException
|
||||
* @throws Exception
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
*/
|
||||
public static function profile_to_array($profile)
|
||||
@ -111,7 +112,7 @@ class Activitypub_profile extends Managed_DataObject
|
||||
'url' => $profile->getUrl(),
|
||||
'manuallyApprovesFollowers' => false,
|
||||
'publicKey' => [
|
||||
'id' => $uri."#public-key",
|
||||
'id' => $uri . "#public-key",
|
||||
'owner' => $uri,
|
||||
'publicKeyPem' => $public_key
|
||||
],
|
||||
@ -140,9 +141,9 @@ class Activitypub_profile extends Managed_DataObject
|
||||
/**
|
||||
* Insert the current object variables into the database
|
||||
*
|
||||
* @throws ServerException
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
* @access public
|
||||
* @throws ServerException
|
||||
*/
|
||||
public function do_insert()
|
||||
{
|
||||
@ -179,7 +180,7 @@ class Activitypub_profile extends Managed_DataObject
|
||||
/**
|
||||
* Fetch the locally stored profile for this Activitypub_profile
|
||||
*
|
||||
* @return Profile
|
||||
* @return get_called_class
|
||||
* @throws NoProfileException if it was not found
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
*/
|
||||
@ -195,10 +196,10 @@ class Activitypub_profile extends Managed_DataObject
|
||||
/**
|
||||
* Generates an Activitypub_profile from a Profile
|
||||
*
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
* @param Profile $profile
|
||||
* @return Activitypub_profile
|
||||
* @throws Exception if no Activitypub_profile exists for given Profile
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
*/
|
||||
public static function from_profile(Profile $profile)
|
||||
{
|
||||
@ -211,7 +212,7 @@ class Activitypub_profile extends Managed_DataObject
|
||||
// create one!
|
||||
$aprofile = self::create_from_local_profile($profile);
|
||||
} else {
|
||||
throw new Exception('No Activitypub_profile for Profile ID: '.$profile_id. ', this is a local user.');
|
||||
throw new Exception('No Activitypub_profile for Profile ID: ' . $profile_id . ', this is a local user.');
|
||||
}
|
||||
}
|
||||
|
||||
@ -229,7 +230,8 @@ class Activitypub_profile extends Managed_DataObject
|
||||
return $aprofile;
|
||||
}
|
||||
|
||||
public static function from_profile_collection(array $profiles): array {
|
||||
public static function from_profile_collection(array $profiles): array
|
||||
{
|
||||
$ap_profiles = [];
|
||||
|
||||
foreach ($profiles as $profile) {
|
||||
@ -251,6 +253,8 @@ class Activitypub_profile extends Managed_DataObject
|
||||
* @param Profile $profile
|
||||
* @return Activitypub_profile
|
||||
* @throws HTTP_Request2_Exception
|
||||
* @throws Exception
|
||||
* @throws Exception
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
*/
|
||||
private static function create_from_local_profile(Profile $profile)
|
||||
@ -283,8 +287,8 @@ class Activitypub_profile extends Managed_DataObject
|
||||
/**
|
||||
* Returns sharedInbox if possible, inbox otherwise
|
||||
*
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
* @return string Inbox URL
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
*/
|
||||
public function get_inbox()
|
||||
{
|
||||
@ -298,8 +302,8 @@ class Activitypub_profile extends Managed_DataObject
|
||||
/**
|
||||
* Getter for uri property
|
||||
*
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
* @return string URI
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
*/
|
||||
public function getUri()
|
||||
{
|
||||
@ -309,8 +313,8 @@ class Activitypub_profile extends Managed_DataObject
|
||||
/**
|
||||
* Getter for url property
|
||||
*
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
* @return string URL
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
*/
|
||||
public function getUrl()
|
||||
{
|
||||
@ -320,8 +324,8 @@ class Activitypub_profile extends Managed_DataObject
|
||||
/**
|
||||
* Getter for id property
|
||||
*
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
* @return int
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
*/
|
||||
public function getID()
|
||||
{
|
||||
@ -352,11 +356,11 @@ class Activitypub_profile extends Managed_DataObject
|
||||
* This should never return null -- you will either get an object or
|
||||
* an exception will be thrown.
|
||||
*
|
||||
* @author GNU social
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
* @param string $addr WebFinger address
|
||||
* @return Activitypub_profile
|
||||
* @throws Exception on error conditions
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
* @author GNU social
|
||||
*/
|
||||
public static function ensure_webfinger($addr)
|
||||
{
|
||||
@ -441,7 +445,7 @@ class Activitypub_profile extends Managed_DataObject
|
||||
* @param Activitypub_profile $aprofile
|
||||
* @param array $res remote response
|
||||
* @return Profile remote Profile object
|
||||
* @throws Exception
|
||||
* @throws NoProfileException
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
*/
|
||||
public static function update_profile($aprofile, $res)
|
||||
@ -482,7 +486,7 @@ class Activitypub_profile extends Managed_DataObject
|
||||
Activitypub_explorer::update_avatar($profile, $res['icon']['url']);
|
||||
} catch (Exception $e) {
|
||||
// Let the exception go, it isn't a serious issue
|
||||
common_debug('An error ocurred while grabbing remote avatar'.$e->getMessage());
|
||||
common_debug('An error ocurred while grabbing remote avatar' . $e->getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
@ -497,7 +501,8 @@ class Activitypub_profile extends Managed_DataObject
|
||||
* @return int number of subscribers
|
||||
* @author Bruno Casteleiro <brunoccast@fc.up.pt>
|
||||
*/
|
||||
public static function subscriberCount(Profile $profile): int {
|
||||
public static function subscriberCount(Profile $profile): int
|
||||
{
|
||||
$cnt = self::cacheGet(sprintf('activitypub_profile:subscriberCount:%d', $profile->id));
|
||||
|
||||
if ($cnt !== false && is_int($cnt)) {
|
||||
@ -523,7 +528,8 @@ class Activitypub_profile extends Managed_DataObject
|
||||
* @return int number of subscriptions
|
||||
* @author Bruno Casteleiro <brunoccast@fc.up.pt>
|
||||
*/
|
||||
public static function subscriptionCount(Profile $profile): int {
|
||||
public static function subscriptionCount(Profile $profile): int
|
||||
{
|
||||
$cnt = self::cacheGet(sprintf('activitypub_profile:subscriptionCount:%d', $profile->id));
|
||||
|
||||
if ($cnt !== false && is_int($cnt)) {
|
||||
@ -541,19 +547,21 @@ class Activitypub_profile extends Managed_DataObject
|
||||
return $cnt;
|
||||
}
|
||||
|
||||
public static function updateSubscriberCount(Profile $profile, $adder) {
|
||||
public static function updateSubscriberCount(Profile $profile, $adder)
|
||||
{
|
||||
$cnt = self::cacheGet(sprintf('activitypub_profile:subscriberCount:%d', $profile->id));
|
||||
|
||||
if ($cnt !== false && is_int($cnt)) {
|
||||
self::cacheSet(sprintf('activitypub_profile:subscriberCount:%d', $profile->id), $cnt+$adder);
|
||||
self::cacheSet(sprintf('activitypub_profile:subscriberCount:%d', $profile->id), $cnt + $adder);
|
||||
}
|
||||
}
|
||||
|
||||
public static function updateSubscriptionCount(Profile $profile, $adder) {
|
||||
public static function updateSubscriptionCount(Profile $profile, $adder)
|
||||
{
|
||||
$cnt = self::cacheGet(sprintf('activitypub_profile:subscriptionCount:%d', $profile->id));
|
||||
|
||||
if ($cnt !== false && is_int($cnt)) {
|
||||
self::cacheSet(sprintf('activitypub_profile:subscriptionCount:%d', $profile->id), $cnt+$adder);
|
||||
self::cacheSet(sprintf('activitypub_profile:subscriptionCount:%d', $profile->id), $cnt + $adder);
|
||||
}
|
||||
}
|
||||
|
||||
@ -567,7 +575,8 @@ class Activitypub_profile extends Managed_DataObject
|
||||
* @return array subscriber profile objects
|
||||
* @author Bruno Casteleiro <brunoccast@fc.up.pt>
|
||||
*/
|
||||
public static function getSubscribers(Profile $profile, $offset = 0, $limit = null): array {
|
||||
public static function getSubscribers(Profile $profile, $offset = 0, $limit = null): array
|
||||
{
|
||||
$cache = false;
|
||||
if ($offset + $limit <= Subscription::CACHE_WINDOW) {
|
||||
$subs = self::cacheGet(sprintf('activitypub_profile:subscriberCollection:%d', $profile->id));
|
||||
@ -612,7 +621,8 @@ class Activitypub_profile extends Managed_DataObject
|
||||
* @return array subscribed profile objects
|
||||
* @author Bruno Casteleiro <brunoccast@fc.up.pt>
|
||||
*/
|
||||
public static function getSubscribed(Profile $profile, $offset = 0, $limit = null): array {
|
||||
public static function getSubscribed(Profile $profile, $offset = 0, $limit = null): array
|
||||
{
|
||||
$cache = false;
|
||||
if ($offset + $limit <= Subscription::CACHE_WINDOW) {
|
||||
$subs = self::cacheGet(sprintf('activitypub_profile:subscribedCollection:%d', $profile->id));
|
||||
@ -654,9 +664,11 @@ class Activitypub_profile extends Managed_DataObject
|
||||
* @param Profile $actor subscriber profile object
|
||||
* @param Profile $other subscribed profile object
|
||||
* @return void
|
||||
* @throws Exception
|
||||
* @author Bruno Casteleiro <brunoccast@fc.up.pt>
|
||||
*/
|
||||
public static function subscribeCacheUpdate(Profile $actor, Profile $other) {
|
||||
public static function subscribeCacheUpdate(Profile $actor, Profile $other)
|
||||
{
|
||||
self::blow('activitypub_profile:subscribedCollection:%d', $actor->getID());
|
||||
self::blow('activitypub_profile:subscriberCollection:%d', $other->id);
|
||||
self::updateSubscriptionCount($actor, +1);
|
||||
@ -670,9 +682,11 @@ class Activitypub_profile extends Managed_DataObject
|
||||
* @param Profile $actor subscriber profile object
|
||||
* @param Profile $other subscribed profile object
|
||||
* @return void
|
||||
* @throws Exception
|
||||
* @author Bruno Casteleiro <brunoccast@fc.up.pt>
|
||||
*/
|
||||
public static function unsubscribeCacheUpdate(Profile $actor, Profile $other) {
|
||||
public static function unsubscribeCacheUpdate(Profile $actor, Profile $other)
|
||||
{
|
||||
self::blow('activitypub_profile:subscribedCollection:%d', $actor->getID());
|
||||
self::blow('activitypub_profile:subscriberCollection:%d', $other->id);
|
||||
self::updateSubscriptionCount($actor, -1);
|
||||
|
@ -46,8 +46,8 @@ class Activitypub_rsa extends Managed_DataObject
|
||||
/**
|
||||
* Return table definition for Schema setup and DB_DataObject usage.
|
||||
*
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
* @return array array of column definitions
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
*/
|
||||
public static function schemaDef()
|
||||
{
|
||||
@ -66,7 +66,15 @@ class Activitypub_rsa extends Managed_DataObject
|
||||
];
|
||||
}
|
||||
|
||||
public function get_private_key($profile)
|
||||
/**
|
||||
* Private key getter
|
||||
*
|
||||
* @param Profile $profile
|
||||
* @return string
|
||||
* @throws ServerException
|
||||
* @throws Exception
|
||||
*/
|
||||
public function get_private_key(Profile $profile): string
|
||||
{
|
||||
$this->profile_id = $profile->getID();
|
||||
$apRSA = self::getKV('profile_id', $this->profile_id);
|
||||
@ -90,9 +98,10 @@ class Activitypub_rsa extends Managed_DataObject
|
||||
* @param bool $fetch
|
||||
* @return string The public key
|
||||
* @throws ServerException It should never occur, but if so, we break everything!
|
||||
* @throws Exception
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
*/
|
||||
public function ensure_public_key($profile, $fetch = true)
|
||||
public function ensure_public_key(Profile $profile, bool $fetch = true): string
|
||||
{
|
||||
$this->profile_id = $profile->getID();
|
||||
$apRSA = self::getKV('profile_id', $this->profile_id);
|
||||
@ -119,11 +128,11 @@ class Activitypub_rsa extends Managed_DataObject
|
||||
/**
|
||||
* Insert the current object variables into the database.
|
||||
*
|
||||
* @throws ServerException
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
* @access public
|
||||
* @throws ServerException
|
||||
*/
|
||||
public function store_keys()
|
||||
public function store_keys(): void
|
||||
{
|
||||
$this->created = $this->modified = common_sql_now();
|
||||
$ok = $this->insert();
|
||||
@ -135,11 +144,11 @@ class Activitypub_rsa extends Managed_DataObject
|
||||
/**
|
||||
* Generates a pair of RSA keys.
|
||||
*
|
||||
* @author PHP Manual Contributed Notes <dirt@awoms.com>
|
||||
* @param string $private_key in/out
|
||||
* @param string $public_key in/out
|
||||
* @author PHP Manual Contributed Notes <dirt@awoms.com>
|
||||
*/
|
||||
public static function generate_keys(&$private_key, &$public_key)
|
||||
public static function generate_keys(string &$private_key, string &$public_key): void
|
||||
{
|
||||
$config = [
|
||||
'digest_alg' => 'sha512',
|
||||
@ -162,12 +171,12 @@ class Activitypub_rsa extends Managed_DataObject
|
||||
/**
|
||||
* Update public key.
|
||||
*
|
||||
* @param Profile $profile
|
||||
* @param Profile|Activitypub_profile $profile
|
||||
* @param string $public_key
|
||||
* @throws Exception
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
*/
|
||||
public static function update_public_key($profile, $public_key)
|
||||
public static function update_public_key($profile, string $public_key): void
|
||||
{
|
||||
// Public Key
|
||||
$apRSA = new Activitypub_rsa();
|
||||
|
@ -49,10 +49,10 @@ class Activitypub_explorer
|
||||
* @param string $url
|
||||
* @param bool $grab_online whether to try online grabbing, defaults to true
|
||||
* @return Profile
|
||||
* @throws HTTP_Request2_Exception
|
||||
* @throws NoProfileException
|
||||
* @throws Exception
|
||||
* @throws ServerException
|
||||
* @throws HTTP_Request2_Exception Network issues
|
||||
* @throws NoProfileException This won't happen
|
||||
* @throws Exception Invalid request
|
||||
* @throws ServerException Error storing remote actor
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
*/
|
||||
public static function get_profile_from_url($url, $grab_online = true)
|
||||
@ -171,6 +171,7 @@ class Activitypub_explorer
|
||||
// Is this a known filthy little mudblood?
|
||||
$aprofile = self::get_aprofile_by_url($uri);
|
||||
if ($aprofile instanceof Activitypub_profile) {
|
||||
// Assert: This AProfile has a Profile, no try catch.
|
||||
$profile = $aprofile->local_profile();
|
||||
common_debug('ActivityPub Explorer: Found a local Aprofile for ' . $uri);
|
||||
// We found something!
|
||||
@ -184,7 +185,7 @@ class Activitypub_explorer
|
||||
$ACTIVITYPUB_BASE_ACTOR_URI_length = strlen(ACTIVITYPUB_BASE_ACTOR_URI);
|
||||
if (substr($uri, 0, $ACTIVITYPUB_BASE_ACTOR_URI_length) == ACTIVITYPUB_BASE_ACTOR_URI) {
|
||||
try {
|
||||
$profile = Profile::getByID(intval(substr($uri, $ACTIVITYPUB_BASE_ACTOR_URI_length)));
|
||||
$profile = Profile::getByID((int)substr($uri, $ACTIVITYPUB_BASE_ACTOR_URI_length));
|
||||
common_debug('ActivityPub Explorer: Found a Profile for ' . $uri);
|
||||
// We found something!
|
||||
$this->discovered_actor_profiles[] = $profile;
|
||||
@ -462,8 +463,8 @@ class Activitypub_explorer
|
||||
* profile updating and shall not be used for anything else)
|
||||
*
|
||||
* @param string $url User's url
|
||||
* @return mixed
|
||||
* @throws Exception
|
||||
* @return array
|
||||
* @throws Exception Either network issues or unsupported Activity format
|
||||
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
||||
*/
|
||||
public static function get_remote_user_activity($url)
|
||||
|
Loading…
Reference in New Issue
Block a user