Merge pull request #6044 from annando/ap-signatures

Diaspora signature transport via AP/DFRN should be repaired now
This commit is contained in:
Hypolite Petovan 2018-10-29 23:31:11 -04:00 committed by GitHub
commit 129af62c14
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 27 additions and 31 deletions

View file

@ -726,9 +726,11 @@ function item_post(App $a) {
unset($datarray['self']); unset($datarray['self']);
unset($datarray['api_source']); unset($datarray['api_source']);
$signed = Diaspora::createCommentSignature($author, $datarray); if ($origin) {
if (!empty($signed)) { $signed = Diaspora::createCommentSignature($uid, $datarray);
$datarray['diaspora_signed_text'] = json_encode($signed); if (!empty($signed)) {
$datarray['diaspora_signed_text'] = json_encode($signed);
}
} }
$post_id = Item::insert($datarray); $post_id = Item::insert($datarray);

View file

@ -3111,7 +3111,7 @@ class Item extends BaseObject
'unseen' => 1, 'unseen' => 1,
]; ];
$signed = Diaspora::createLikeSignature($item_contact, $new_item); $signed = Diaspora::createLikeSignature($uid, $new_item);
if (!empty($signed)) { if (!empty($signed)) {
$new_item['diaspora_signed_text'] = json_encode($signed); $new_item['diaspora_signed_text'] = json_encode($signed);
} }

View file

@ -4115,36 +4115,28 @@ class Diaspora
/** /**
* @brief Creates the signature for likes that are created on our system * @brief Creates the signature for likes that are created on our system
* *
* @param array $contact The contact array of the "like" * @param integer $uid The user of that comment
* @param array $item Item array * @param array $item Item array
* *
* @return array Signed content * @return array Signed content
*/ */
public static function createLikeSignature(array $contact, array $item) public static function createLikeSignature($uid, array $item)
{ {
// Is the contact the owner? Then fetch the private key $owner = User::getOwnerDataById($uid);
if (!$contact['self'] || ($contact['uid'] == 0)) { if (empty($owner)) {
logger("No owner post, so not storing signature", LOGGER_DEBUG);
return false; return false;
} }
$user = DBA::selectFirst('user', ['prvkey'], ['uid' => $contact["uid"]]);
if (!DBA::isResult($user)) {
return false;
}
$contact["uprvkey"] = $user['prvkey'];
if (!in_array($item["verb"], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) { if (!in_array($item["verb"], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) {
return false; return false;
} }
$message = self::constructLike($item, $contact); $message = self::constructLike($item, $owner);
if ($message === false) { if ($message === false) {
return false; return false;
} }
$message["author_signature"] = self::signature($contact, $message); $message["author_signature"] = self::signature($owner, $message);
return $message; return $message;
} }
@ -4152,32 +4144,34 @@ class Diaspora
/** /**
* @brief Creates the signature for Comments that are created on our system * @brief Creates the signature for Comments that are created on our system
* *
* @param array $contact The contact array of the comment * @param integer $uid The user of that comment
* @param array $item Item array * @param array $item Item array
* *
* @return array Signed content * @return array Signed content
*/ */
public static function createCommentSignature(array $contact, array $item) public static function createCommentSignature($uid, array $item)
{ {
// Is the contact the owner? Then fetch the private key $owner = User::getOwnerDataById($uid);
if (!$contact['self'] || ($contact['uid'] == 0)) { if (empty($owner)) {
logger("No owner post, so not storing signature", LOGGER_DEBUG);
return false; return false;
} }
$user = DBA::selectFirst('user', ['prvkey'], ['uid' => $contact["uid"]]); // This is a workaround for the behaviour of the "insert" function, see mod/item.php
if (!DBA::isResult($user)) { $item['thr-parent'] = $item['parent-uri'];
return false;
$parent = Item::selectFirst(['parent-uri'], ['uri' => $item['parent-uri']]);
if (!DBA::isResult($parent)) {
return;
} }
$contact["uprvkey"] = $user['prvkey']; $item['parent-uri'] = $parent['parent-uri'];
$message = self::constructComment($item, $contact); $message = self::constructComment($item, $owner);
if ($message === false) { if ($message === false) {
return false; return false;
} }
$message["author_signature"] = self::signature($contact, $message); $message["author_signature"] = self::signature($owner, $message);
return $message; return $message;
} }