Some fixes to be compatible with discourse (#736)

* some fixes to be compatible with discourse

* always handle actors objects

Author: pfefferle

includes/class-signature.php

@@ -379,10 +379,10 @@ public static function parse_signature_header( $signature ) {
 		if ( \preg_match( '/keyId="(.*?)"/ism', $signature, $matches ) ) {
 			$parsed_header['keyId'] = trim( $matches[1] );
 		}
-		if ( \preg_match( '/created=([0-9]*)/ism', $signature, $matches ) ) {
+		if ( \preg_match( '/created=["|\']*([0-9]*)["|\']*/ism', $signature, $matches ) ) {
 			$parsed_header['(created)'] = trim( $matches[1] );
 		}
-		if ( \preg_match( '/expires=([0-9]*)/ism', $signature, $matches ) ) {
+		if ( \preg_match( '/expires=["|\']*([0-9]*)["|\']*/ism', $signature, $matches ) ) {
 			$parsed_header['(expires)'] = trim( $matches[1] );
 		}
 		if ( \preg_match( '/algorithm="(.*?)"/ism', $signature, $matches ) ) {
@@ -434,12 +434,22 @@ public static function get_signed_data( $signed_headers, $signature_block, $head
 					// created in future
 					return false;
 				}
+
+				if ( ! array_key_exists( '(created)', $headers ) ) {
+					$signed_data .= $header . ': ' . $signature_block['(created)'] . "\n";
+					continue;
+				}
 			}
 			if ( '(expires)' === $header ) {
 				if ( ! empty( $signature_block['(expires)'] ) && \intval( $signature_block['(expires)'] ) < \time() ) {
 					// expired in past
 					return false;
 				}
+
+				if ( ! array_key_exists( '(expires)', $headers ) ) {
+					$signed_data .= $header . ': ' . $signature_block['(expires)'] . "\n";
+					continue;
+				}
 			}
 			if ( 'date' === $header ) {
 				// allow a bit of leeway for misconfigured clocks.

includes/collection/class-interactions.php

@@ -4,6 +4,7 @@
 use WP_Error;
 use WP_Comment_Query;
 
+use function Activitypub\object_to_uri;
 use function Activitypub\url_to_commentid;
 use function Activitypub\object_id_to_comment;
 use function Activitypub\get_remote_metadata_by_actor;
@@ -46,7 +47,8 @@ public static function add_comment( $activity ) {
 			return false;
 		}
 
-		$meta = get_remote_metadata_by_actor( $activity['actor'] );
+		$actor = object_to_uri( $activity['actor'] );
+		$meta  = get_remote_metadata_by_actor( $actor );
 
 		if ( ! $meta || \is_wp_error( $meta ) ) {
 			return false;

includes/collection/class-users.php

@@ -7,6 +7,7 @@
 use Activitypub\Model\Blog_User;
 use Activitypub\Model\Application_User;
 
+use function Activitypub\object_to_uri;
 use function Activitypub\url_to_authorid;
 use function Activitypub\is_user_disabled;
 
@@ -136,6 +137,8 @@ public static function get_by_username( $username ) {
 	 * @return \Acitvitypub\Model\User The User.
 	 */
 	public static function get_by_resource( $resource ) {
+		$resource = object_to_uri( $resource );
+
 		$scheme = 'acct';
 		$match = array();
 		// try to extract the scheme and the host

includes/handler/class-undo.php

@@ -4,6 +4,8 @@
 use Activitypub\Collection\Users;
 use Activitypub\Collection\Followers;
 
+use function Activitypub\object_to_uri;
+
 /**
  * Handle Undo requests
  */
@@ -28,10 +30,10 @@ public static function handle_undo( $activity ) {
 		if (
 			isset( $activity['object']['type'] ) &&
 			'Follow' === $activity['object']['type'] &&
-			isset( $activity['object']['object'] ) &&
-			filter_var( $activity['object']['object'], FILTER_VALIDATE_URL )
+			isset( $activity['object']['object'] )
 		) {
-			$user = Users::get_by_resource( $activity['object']['object'] );
+			$user_id = object_to_uri( $activity['object']['object'] );
+			$user = Users::get_by_resource( $user_id );
 
 			if ( ! $user || is_wp_error( $user ) ) {
 				// If we can not find a user,
@@ -40,8 +42,9 @@ public static function handle_undo( $activity ) {
 			}
 
 			$user_id = $user->get__id();
+			$actor   = object_to_uri( $activity['actor'] );
 
-			Followers::remove_follower( $user_id, $activity['actor'] );
+			Followers::remove_follower( $user_id, $actor );
 		}
 	}
 }