I am livestreaming ActivityPub development: https://www.twitch.tv/utdliyvlyuc
I hope that no human or computer will actually watch 9 hour videos to see the issue that I am running to, but am linking it because I want to see if the stars align by exercising some possibility that since I am currently almost every day actively streaming it, an expert who is also passionate about ActivityPub can clearly understand the issue that I am running into. Mostly HTTP Signature-related. Specifically the context is follow requests, both incoming and outgoing.
Here is a current opinion that I would rather not think about changing yet: As much as possible, I should rely on
Therefore, when I am inspecting the incoming requests (my test case is Mastodon @ https://activitypub.academy, the code is looking like this:
$server = $activityPubRequest->activityPubServer(); $httpSignature = new HttpSignature($server); $incomingRequest = \Symfony\Component\HttpFoundation\Request::create( $_SERVER['REQUEST_URI'], 'POST', $_REQUEST, // parameters $_COOKIE, // cookies , // files $_SERVER // $_SERVER, ); error_log('test1'); error_log(print_r($_SERVER, true)); error_log('test2'); error_log(print_r($httpSignature, true)); error_log('test3'); error_log(print_r($httpSignature->verify($incomingRequest) ? 'yes' : 'why', true)); error_log(print_r('test23423423424', true)); exit('test2342342342');
$httpSignature->verify($incomingRequest) never seems to return
false. Of course I need to be able to verify signatures from 3rd party ActivityPub servers.
Now, posting this code is only somewhat relevant at all, due to the scope of this issue.
Despite my discomfort with streaming from some angles, I think the main reason I am posting this is with a hope that someone who is both an expert on the subject and happens to click on the stream at the right time (please do not watch any 9 hour videos for this), can help guide me in a good direction for signing HTTP requests and successfully processing follow requests.