From ccede6a45c4ca2c19b13be0612e1c941b4fb8409 Mon Sep 17 00:00:00 2001 From: Jeremy Dormitzer Date: Wed, 17 Oct 2018 07:08:48 -0400 Subject: [PATCH] [WIP] Add logging; start debugging request signing --- .gitignore | 1 + includes/init.php | 9 +++------ includes/server/actors.php | 12 +++++++++--- includes/server/deliver.php | 16 ++++++++++++---- includes/util.php | 30 ++++++++++++++++++++++++++++++ 5 files changed, 55 insertions(+), 13 deletions(-) diff --git a/.gitignore b/.gitignore index 61ead86..c01a117 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ /vendor +/log diff --git a/includes/init.php b/includes/init.php index 0df30be..56462e1 100644 --- a/includes/init.php +++ b/includes/init.php @@ -1,6 +1,7 @@ get_row( $wpdb->prepare( "SELECT * FROM {$wpdb->prefix}pterotype_actors WHERE id = %d", $id ) ); - return get_user_from_row( $row ); + return get_actor_from_row( $row ); } function get_actor_by_slug ( $slug ) { @@ -48,7 +48,10 @@ function get_actor_from_row( $row ) { function get_blog_actor() { $actor_id = get_actor_id( PTEROTYPE_BLOG_ACTOR_SLUG ); $actor = array( - '@context' => array( 'https://www.w3.org/ns/activitystreams' ), + '@context' => array( + 'https://www.w3.org/ns/activitystreams', + 'https://w3id.org/security/v1', + ), 'type' => 'Organization', 'id' => get_rest_url( null, sprintf( '/pterotype/v1/actor/%s', PTEROTYPE_BLOG_ACTOR_SLUG ) @@ -93,7 +96,10 @@ function get_user_actor( $user ) { $handle = get_the_author_meta( 'user_nicename', $user->get('ID')); $actor_id = get_actor_id( $handle ); $actor = array( - '@context' => array( 'https://www.w3.org/ns/activitystreams' ), + '@context' => array( + 'https://www.w3.org/ns/activitystreams', + 'https://w3id.org/security/v1', + ), 'type' => 'Person', 'id' => get_rest_url( null, sprintf( '/pterotype/v1/actor/%s', $handle ) ), 'following' => get_rest_url( diff --git a/includes/server/deliver.php b/includes/server/deliver.php index a60c0c1..6de9f3b 100644 --- a/includes/server/deliver.php +++ b/includes/server/deliver.php @@ -131,17 +131,21 @@ function post_activity_to_inboxes( $actor_id, $activity, $recipients ) { $request->add_header( 'Content-Type', 'application/ld+json' ); $request->add_header( 'Signature', signature_header( $inbox, $actor_id ) ); $server = rest_get_server(); - $server->dispatch( $request ); + $response = $server->dispatch( $request ); } else { $args = array( 'body' => wp_json_encode( $activity ), 'headers' => array( 'Content-Type' => 'application/ld+json', - 'Signature' => get_signing_string( $inbox, $actor_id ), + 'Signature' => signature_header( $inbox, $actor_id ), ), 'data_format' => 'body', ); - wp_remote_post( $inbox, $args ); + \util\log( 'debug.html', 'Request:', false ); + \util\log_var( 'debug.html', $args ); + $response = wp_remote_post( $inbox, $args ); + \util\log( 'debug.html', 'Response:' ); + \util\log_var( 'debug.html', $response ); } } } @@ -156,6 +160,10 @@ date: $now_str"; } function signature_header( $inbox_url, $actor_id ) { - return \pgp\sign_data( get_signing_string( $inbox_url ), $actor_id ); + $actor = \actors\get_actor( $actor_id ); + $key_id = $actor['publicKey']['id']; + $signature = \pgp\sign_data( get_signing_string( $inbox_url ), $actor_id ); + $headers = '(request-target) host date'; + return "keyId=\"$key_id\",headers=\"$headers\",signature=\"$signature\""; } ?> diff --git a/includes/util.php b/includes/util.php index 3861007..18e17d3 100644 --- a/includes/util.php +++ b/includes/util.php @@ -95,4 +95,34 @@ function get_id( $object ) { return $object; } } + +function get_log_dir() { + return plugin_dir_path( __FILE__ ) . '../log'; +} + +function log( $log_file, $str, $append = true ) { + if ( ! WP_DEBUG ) { + return; + } + $log_dir = get_log_dir(); + $log_file = '/' . $log_file; + if ( ! file_exists( $log_dir ) ) { + mkdir( $log_dir, 0777, true ); + } + if ( $append ) { + file_put_contents( $log_dir . $log_file, $str, FILE_APPEND ); + } else { + file_put_contents( $log_dir . $log_file, $str ); + } +} + +function log_var( $log_file, $var, $append = true ) { + if ( ! WP_DEBUG ) { + return; + } + ob_start(); + var_dump( $var ); + $dump = ob_get_clean(); + log( $log_file, $dump, $append ); +} ?>