X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FProtocol%2FActivityPub.php;h=4be88b341b98c2d535ab9cbcb73e86e5b9bcdab2;hb=b218a7f218a97773d0d3419fafb5380cd8a2516c;hp=b9ab3931bd3de72ac965de2bf2d1dfd039b7607f;hpb=c2e889cfaeaa1b35333750cd6beda4090ee99f84;p=friendica.git

diff --git a/src/Protocol/ActivityPub.php b/src/Protocol/ActivityPub.php
index b9ab3931bd..4be88b341b 100644
--- a/src/Protocol/ActivityPub.php
+++ b/src/Protocol/ActivityPub.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright Copyright (C) 2010-2022, the Friendica project
+ * @copyright Copyright (C) 2010-2023, the Friendica project
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -23,7 +23,9 @@ namespace Friendica\Protocol;
 
 use Friendica\Core\Logger;
 use Friendica\Core\Protocol;
+use Friendica\Core\System;
 use Friendica\Model\APContact;
+use Friendica\Model\Contact;
 use Friendica\Model\User;
 use Friendica\Util\HTTPSignature;
 use Friendica\Util\JsonLD;
@@ -52,39 +54,46 @@ use Friendica\Util\JsonLD;
  * - Polling the outboxes for missing content?
  *
  * Missing parts from DFRN:
- * - Public Forum
- * - Private Forum
+ * - Public Group
+ * - Private Group
  * - Relocation
  */
 class ActivityPub
 {
 	const PUBLIC_COLLECTION = 'https://www.w3.org/ns/activitystreams#Public';
-	const CONTEXT = ['https://www.w3.org/ns/activitystreams', 'https://w3id.org/security/v1',
-		['vcard' => 'http://www.w3.org/2006/vcard/ns#',
-		'dfrn' => 'http://purl.org/macgirvin/dfrn/1.0/',
-		'diaspora' => 'https://diasporafoundation.org/ns/',
-		'litepub' => 'http://litepub.social/ns#',
-		'toot' => 'http://joinmastodon.org/ns#',
-		'featured' => [
-			"@id" => "toot:featured",
-			"@type" => "@id",
-		],
-		'schema' => 'http://schema.org#',
-		'manuallyApprovesFollowers' => 'as:manuallyApprovesFollowers',
-		'sensitive' => 'as:sensitive', 'Hashtag' => 'as:Hashtag',
-		'directMessage' => 'litepub:directMessage',
-		'discoverable' => 'toot:discoverable',
-		'PropertyValue' => 'schema:PropertyValue',
-		'value' => 'schema:value',
-	]];
+	const CONTEXT = [
+		'https://www.w3.org/ns/activitystreams', 'https://w3id.org/security/v1',
+		[
+			'vcard' => 'http://www.w3.org/2006/vcard/ns#',
+			'dfrn' => 'http://purl.org/macgirvin/dfrn/1.0/',
+			'diaspora' => 'https://diasporafoundation.org/ns/',
+			'litepub' => 'http://litepub.social/ns#',
+			'toot' => 'http://joinmastodon.org/ns#',
+			'featured' => [
+				"@id" => "toot:featured",
+				"@type" => "@id",
+			],
+			'schema' => 'http://schema.org#',
+			'manuallyApprovesFollowers' => 'as:manuallyApprovesFollowers',
+			'sensitive' => 'as:sensitive', 'Hashtag' => 'as:Hashtag',
+			'quoteUrl' => 'as:quoteUrl',
+			'conversation' => 'ostatus:conversation',
+			'directMessage' => 'litepub:directMessage',
+			'discoverable' => 'toot:discoverable',
+			'PropertyValue' => 'schema:PropertyValue',
+			'value' => 'schema:value',
+		]
+	];
 	const ACCOUNT_TYPES = ['Person', 'Organization', 'Service', 'Group', 'Application', 'Tombstone'];
 	/**
 	 * Checks if the web request is done for the AP protocol
 	 *
 	 * @return bool is it AP?
 	 */
-	public static function isRequest()
+	public static function isRequest(): bool
 	{
+		header('Vary: Accept', false);
+
 		$isrequest = stristr($_SERVER['HTTP_ACCEPT'] ?? '', 'application/activity+json') ||
 			stristr($_SERVER['HTTP_ACCEPT'] ?? '', 'application/json') ||
 			stristr($_SERVER['HTTP_ACCEPT'] ?? '', 'application/ld+json');
@@ -113,7 +122,7 @@ class ActivityPub
 	{
 		$accounttype = -1;
 
-		switch($apcontact['type']) {
+		switch ($apcontact['type']) {
 			case 'Person':
 				$accounttype = User::ACCOUNT_TYPE_PERSON;
 				break;
@@ -202,6 +211,7 @@ class ActivityPub
 	 *
 	 * @param string  $url
 	 * @param integer $uid User ID
+	 * @return void
 	 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
 	 */
 	public static function fetchOutbox(string $url, int $uid)
@@ -268,8 +278,42 @@ class ActivityPub
 	 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
 	 * @throws \ImagickException
 	 */
-	public static function isSupportedByContactUrl(string $url, $update = null)
+	public static function isSupportedByContactUrl(string $url, $update = null): bool
 	{
 		return !empty(APContact::getByURL($url, $update));
 	}
+
+	public static function isAcceptedRequester(int $uid = 0): bool
+	{
+		$called_by = System::callstack(1);
+
+		$signer = HTTPSignature::getSigner('', $_SERVER);
+		if (!$signer) {
+			Logger::debug('No signer or invalid signature', ['uid' => $uid, 'agent' => $_SERVER['HTTP_USER_AGENT'] ?? '', 'called_by' => $called_by]);
+			return false;
+		}
+
+		$apcontact = APContact::getByURL($signer);
+		if (empty($apcontact)) {
+			Logger::info('APContact not found', ['uid' => $uid, 'handle' => $signer, 'called_by' => $called_by]);
+			return false;
+		}
+
+		if (empty($apcontact['gsid'] || empty($apcontact['baseurl']))) {
+			Logger::debug('No server found', ['uid' => $uid, 'signer' => $signer, 'called_by' => $called_by]);
+			return false;
+		}
+
+		$contact = Contact::getByURL($signer, false, ['id', 'baseurl', 'gsid']);
+		if (!empty($contact) && Contact\User::isBlocked($contact['id'], $uid)) {
+			Logger::info('Requesting contact is blocked', ['uid' => $uid, 'id' => $contact['id'], 'signer' => $signer, 'baseurl' => $contact['baseurl'], 'called_by' => $called_by]);
+			return false;
+		}
+
+		// @todo Look for user blocked domains
+
+		Logger::debug('Server is an accepted requester', ['uid' => $uid, 'id' => $apcontact['gsid'], 'url' => $apcontact['baseurl'], 'signer' => $signer, 'called_by' => $called_by]);
+
+		return true;
+	}
 }