Add Indieweb related link to the HTTP headers

app/Http/Middleware/LinkHeadersMiddleware.php

@@ -16,10 +16,11 @@ class LinkHeadersMiddleware
     public function handle(Request $request, Closure $next): Response
     {
         $response = $next($request);
-        $response->header('Link', '<https://indieauth.com/auth>; rel="authorization_endpoint"', false);
-        $response->header('Link', '<' . config('app.url') . '/api/token>; rel="token_endpoint"', false);
-        $response->header('Link', '<' . config('app.url') . '/api/post>; rel="micropub"', false);
-        $response->header('Link', '<' . config('app.url') . '/webmention>; rel="webmention"', false);
+        $response->header('Link', '<' . route('indieauth.metadata') . '>; rel="indieauth-metadata"', false);
+        $response->header('Link', '<' . route('indieauth.start') . '>; rel="authorization_endpoint"', false);
+        $response->header('Link', '<' . route('indieauth.token') . '>; rel="token_endpoint"', false);
+        $response->header('Link', '<' . route('micropub-endpoint') . '>; rel="micropub"', false);
+        $response->header('Link', '<' . route('webmention-endpoint') . '>; rel="webmention"', false);
 
         return $response;
     }

bootstrap/app.php

@@ -1,5 +1,6 @@
 <?php
 
+use App\Http\Middleware\LinkHeadersMiddleware;
 use Illuminate\Foundation\Application;
 use Illuminate\Foundation\Configuration\Exceptions;
 use Illuminate\Foundation\Configuration\Middleware;
@@ -11,7 +12,9 @@ return Application::configure(basePath: dirname(__DIR__))
         health: '/up',
     )
     ->withMiddleware(function (Middleware $middleware) {
-        $middleware->validateCsrfTokens(except: [
+        $middleware
+            ->append(LinkHeadersMiddleware::class)
+            ->validateCsrfTokens(except: [
                 'auth',  // This is the IndieAuth auth endpoint
                 'token', // This is the IndieAuth token endpoint
                 'api/post',

config/url.php

@@ -29,15 +29,4 @@ return [
 
     'shorturl' => env('APP_SHORTURL', 'shorturl.local'),
 
-    /*
-    |--------------------------------------------------------------------------
-    | Authorization endpoint
-    |--------------------------------------------------------------------------
-    |
-    | The authorization endpoint for the application, used primarily for Micropub
-    |
-    */
-
-    'authorization_endpoint' => env('AUTHORIZATION_ENDPOINT', 'https://indieauth.com/auth'),
-
 ];

resources/views/master.blade.php

@@ -16,8 +16,9 @@
         <link rel="alternate" type="application/jf2feed+json" title="Notes JF2 Feed" href="/blog/feed.jf2">
         <link rel="openid.server" href="https://indieauth.com/openid">
         <link rel="openid.delegate" href="{{ config('app.url') }}">
-        <link rel="authorization_endpoint" href="{{ config('url.authorization_endpoint') }}">
-        <link rel="token_endpoint" href="{{ config('app.url') }}/api/token">
+        <link rel="indieauth-metadata" href="{{ config('app.url') }}/.well-known/indieauth-server">
+        <link rel="authorization_endpoint" href="{{ config('app.url') }}/auth }}">
+        <link rel="token_endpoint" href="{{ config('app.url') }}/token">
         <link rel="micropub" href="{{ config('app.url') }}/api/post">
         <link rel="webmention" href="{{ config('app.url') }}/webmention">
         <link rel="shortcut icon" href="{{ config('app.url') }}/assets/img/memoji-orange-bg-small-fs8.png">

routes/web.php

@@ -192,7 +192,7 @@ Route::domain(config('url.longurl'))->group(function () {
     });
 
     // IndieAuth
-    Route::get('.well-known/indieauth-server', [IndieAuthController::class, 'indieAuthMetadataEndpoint']);
+    Route::get('.well-known/indieauth-server', [IndieAuthController::class, 'indieAuthMetadataEndpoint'])->name('indieauth.metadata');
     Route::get('auth', [IndieAuthController::class, 'start'])->middleware(MyAuthMiddleware::class)->name('indieauth.start');
     Route::post('auth/confirm', [IndieAuthController::class, 'confirm'])->middleware(MyAuthMiddleware::class);
     Route::post('auth', [IndieAuthController::class, 'processCodeExchange']);
@@ -200,7 +200,7 @@ Route::domain(config('url.longurl'))->group(function () {
 
     // Micropub Endpoints
     Route::get('api/post', [MicropubController::class, 'get'])->middleware(VerifyMicropubToken::class);
-    Route::post('api/post', [MicropubController::class, 'post'])->middleware(VerifyMicropubToken::class);
+    Route::post('api/post', [MicropubController::class, 'post'])->middleware(VerifyMicropubToken::class)->name('micropub-endpoint');
     Route::get('api/media', [MicropubMediaController::class, 'getHandler'])->middleware(VerifyMicropubToken::class);
     Route::post('api/media', [MicropubMediaController::class, 'media'])
         ->middleware([VerifyMicropubToken::class, CorsHeaders::class])
@@ -208,7 +208,7 @@ Route::domain(config('url.longurl'))->group(function () {
     Route::options('/api/media', [MicropubMediaController::class, 'mediaOptionsResponse'])->middleware(CorsHeaders::class);
 
     // Webmention
-    Route::get('webmention', [WebMentionsController::class, 'get']);
+    Route::get('webmention', [WebMentionsController::class, 'get']) ->name('webmention-endpoint');
     Route::post('webmention', [WebMentionsController::class, 'receive']);
 
     // Contacts

tests/Feature/HeaderLinkTest.php

@@ -0,0 +1,25 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Tests\Feature;
+
+use PHPUnit\Framework\Attributes\Test;
+use Tests\TestCase;
+
+class HeaderLinkTest extends TestCase
+{
+    #[Test]
+    public function itShouldSeeTheIndiewebRelatedLinkHeaders(): void
+    {
+        $response = $this->get('/');
+
+        $linkHeaders = $response->headers->allPreserveCaseWithoutCookies()['Link'];
+
+        $this->assertSame('<' . config('app.url') . '/.well-known/indieauth-server>; rel="indieauth-metadata"', $linkHeaders[0]);
+        $this->assertSame('<' . config('app.url') . '/auth>; rel="authorization_endpoint"', $linkHeaders[1]);
+        $this->assertSame('<' . config('app.url') . '/token>; rel="token_endpoint"', $linkHeaders[2]);
+        $this->assertSame('<' . config('app.url') . '/api/post>; rel="micropub"', $linkHeaders[3]);
+        $this->assertSame('<' . config('app.url') . '/webmention>; rel="webmention"', $linkHeaders[4]);
+    }
+}