-
-
Notifications
You must be signed in to change notification settings - Fork 32
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HttpSignature use - (Failing requests from Mastodon) #39
Comments
I'm running into this problem as well. |
Hi @daemionfox and @jorijn , could you please provide the following informations :
Thanks |
Hi @landrok Here's a Symfony controller that is able to reproduce the issue. <?php
namespace App\Controller;
use ActivityPhp\Server;
use ActivityPhp\Server\Http\HttpSignature;
use ActivityPhp\Type;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
class InboxController
{
public function __construct(private Server $server)
{
}
public function index(Request $request)
{
$httpSignature = new HttpSignature($this->server);
if (!$httpSignature->verify($request)) {
return new JsonResponse(['error' => 'Unauthorized'], 401);
}
// validation passed
return new JsonResponse('Hello World!');
}
} The server object is created by a factory method: public function createServer(): Server
{
return new Server([
'logger' => [],
'instance' => [
'host' => 'localhost',
'port' => 8000,
'types' => 'include'
],
'cache' => [
'enabled' => false
],
'http' => [],
'dialects' => [],
'ontologies' => [
'*'
],
]);
} |
Thanks for your quick return. At each step of the validation process, If the info level is not sufficient, you can activate the debug one. https://github.com/landrok/activitypub/blob/master/src/ActivityPhp/Server/Http/HttpSignature.php#L72 The goal is to identifiy which step fails. First, a Can you test with those different levels and provide logs if needed ? |
Sure. Here you go:
I'm playing around with the idea of building an ActivityPub relay in PHP, so this request is the first follow request the Mastodon instance sends after adding it to the Relay list in the administration panel. |
So this is less a problem with the library and more of a problem with my use of it. But when trying to validate signatures coming from a mastodon Follow request, the httpsignature->verify fails every time.
I'm following the examples and I don't know where things are going sideways on this. Any information to help clear this up would be great.
Thanks
@[email protected]
The text was updated successfully, but these errors were encountered: