Sign request for profile data

index.php

@@ -889,11 +889,35 @@ HTML;
 		if ( !isset( $profileURl ) ) { echo "No profile"; die(); }
 		
 		//	Get the user's details
-		// This request does not need to be signed. But it does need to specify that it wants a JSON response
-		$context   = stream_context_create(
-			[ "http" => [ "header" => "Accept: application/activity+json" ] ] 
-		);
-		$profileJSON  = file_get_contents( $profileURl, false, $context );
+		// This request does not need to be signed normally.  
+		//	Some servers will only respond to signed requests.
+		//	It need to specify that it wants a JSON response
+
+		$profileURl_host  = parse_url( $profileURl, PHP_URL_HOST );
+		$profileURl_path  = parse_url( $profileURl, PHP_URL_PATH );
+
+		//	Request the JSON representation of the the user
+		$ch = curl_init( $profileURl );
+
+		//	Generate signed headers for this request
+		$headers  = generate_signed_headers( null, $profileURl_host, $profileURl_path, "GET" );
+
+		// Set cURL options
+		curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true);
+		curl_setopt( $ch, CURLOPT_HTTPHEADER,     $headers );
+
+		// Execute the cURL session
+		$profileJSON = curl_exec( $ch );
+
+		// Check for errors
+		if (curl_errno($ch)) {
+			// Handle cURL error
+			die();
+		} 
+		
+		// Close cURL session
+		curl_close($ch);
+
 		$profileData  = json_decode( $profileJSON, true );
 
 		// Get the user's inbox
@@ -911,7 +935,7 @@ HTML;
 			"object"   => $profileURl
 		];
 
-		// Sign a request follow
+		// Sign a request to follow
 		//	The Accept is POSTed to the inbox on the server of the user who requested the follow
 		//	Get the signed headers
 		$headers = generate_signed_headers( $message, $inbox_host, $inbox_path, "POST" );