Merge pull request #5926 from annando/defer-worker

[friendica.git] / src / Util / LDSignature.php

diff --git a/src/Util/LDSignature.php b/src/Util/LDSignature.php
index 6d6dd16f3a63d70b6caf18a9aef4e335573e0db3..7776ec96c26f320b8c4cb8f4b217c3b0cf11e088 100644 (file)
--- a/src/Util/LDSignature.php
+++ b/src/Util/LDSignature.php
@@ -5,6 +5,7 @@ namespace Friendica\Util;
 use Friendica\Util\JsonLD;
 use Friendica\Util\DateTimeFormat;
 use Friendica\Protocol\ActivityPub;
+use Friendica\Model\APContact;
 
 /**
  * @brief Implements JSON-LD signatures
@@ -24,37 +25,19 @@ class LDSignature
                        return false;
                }
 
-/*
-               $creator = $data['signature']['creator'];
-               $actor = JsonLD::fetchElement($data, 'actor', 'id');
-
-               $url = (strpos($creator, '#') ? substr($creator, 0, strpos($creator, '#')) : $creator);
-
-               $profile = ActivityPub::fetchprofile($url);
-               if (!empty($profile)) {
-                       logger('Taking key from creator ' . $creator, LOGGER_DEBUG);
-               } elseif ($url != $actor) {
-                       $profile = ActivityPub::fetchprofile($actor);
-                       if (empty($profile)) {
-                               return false;
-                       }
-                       logger('Taking key from actor ' . $actor, LOGGER_DEBUG);
-               }
-
-*/
                $actor = JsonLD::fetchElement($data, 'actor', 'id');
                if (empty($actor)) {
                        return false;
                }
 
-               $profile = ActivityPub::fetchprofile($actor);
+               $profile = APContact::getByURL($actor);
                if (empty($profile['pubkey'])) {
                        return false;
                }
                $pubkey = $profile['pubkey'];
 
-               $ohash = self::hash(self::signable_options($data['signature']));
-               $dhash = self::hash(self::signable_data($data));
+               $ohash = self::hash(self::signableOptions($data['signature']));
+               $dhash = self::hash(self::signableData($data));
 
                $x = Crypto::rsaVerify($ohash . $dhash, base64_decode($data['signature']['signatureValue']), $pubkey);
                logger('LD-verify: ' . intval($x));
@@ -75,32 +58,28 @@ class LDSignature
                        'created' => DateTimeFormat::utcNow(DateTimeFormat::ATOM)
                ];
 
-               $ohash = self::hash(self::signable_options($options));
-               $dhash = self::hash(self::signable_data($data));
+               $ohash = self::hash(self::signableOptions($options));
+               $dhash = self::hash(self::signableData($data));
                $options['signatureValue'] = base64_encode(Crypto::rsaSign($ohash . $dhash, $owner['uprvkey']));
 
                return array_merge($data, ['signature' => $options]);
        }
 
-
-       private static function signable_data($data)
+       private static function signableData($data)
        {
                unset($data['signature']);
                return $data;
        }
 
-
-       private static function signable_options($options)
+       private static function signableOptions($options)
        {
                $newopts = ['@context' => 'https://w3id.org/identity/v1'];
-               if (!empty($options)) {
-                       foreach ($options as $k => $v) {
-                               if (!in_array($k, ['type', 'id', 'signatureValue'])) {
-                                       $newopts[$k] = $v;
-                               }
-                       }
-               }
-               return $newopts;
+
+               unset($options['type']);
+               unset($options['id']);
+               unset($options['signatureValue']);
+
+               return array_merge($newopts, $options);
        }
 
        private static function hash($obj)