harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'mike/master' into dev

Browse Source
This commit is contained in:
Mario Vavti
2017-09-08 09:22:36 +02:00
parent 7b3aa92b5a 1104e2652f
commit 108bb7649b
18 changed files with 258 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
Zotlabs/Module/Magic.php
View File

@@ -17,6 +17,7 @@ class Magic extends \Zotlabs\Web\Controller {
$dest = ((x($_REQUEST,'dest')) ? $_REQUEST['dest'] : '');
$test = ((x($_REQUEST,'test')) ? intval($_REQUEST['test']) : 0);
$rev = ((x($_REQUEST,'rev')) ? intval($_REQUEST['rev']) : 0);
$owa = ((x($_REQUEST,'owa')) ? intval($_REQUEST['owa']) : 0);
$delegate = ((x($_REQUEST,'delegate')) ? $_REQUEST['delegate'] : '');
$parsed = parse_url($dest);
@@ -132,12 +133,44 @@ class Magic extends \Zotlabs\Web\Controller {
if(local_channel()) {
$channel = \App::get_channel();
// OpenWebAuth
if($owa) {
$headers = [];
$headers['Accept'] = 'application/x-zot+json' ;
$headers['X-Open-Web-Auth'] = random_string();
$headers = \Zotlabs\Web\HTTPSig::create_sig('',$headers,$channel['channel_prvkey'],
'acct:' . $channel['channel_address'] . '@' . \App::get_hostname(),false,true,'sha512');
$x = z_fetch_url($basepath . '/owa',false,$redirects,[ 'headers' => $headers ]);
logger('owtfetch: ' . print_r($x,true));
if($x['success']) {
$j = json_decode($x['body'],true);
if($j['success'] && $j['token']) {
$x = strpbrk($dest,'?&');
$args = (($x) ? '&owt=' . $j['token'] : '?f=&owt=' . $j['token']) . (($delegate) ? '&delegate=1' : '');
goaway($dest . $args);
}
}
goaway($dest);
}
$token = random_string();
// $token_sig = base64url_encode(rsa_sign($token,$channel['channel_prvkey']));
// $channel['token'] = $token;
// $channel['token_sig'] = $token_sig;
\Zotlabs\Zot\Verify::create('auth',$channel['channel_id'],$token,$x[0]['hubloc_url']);
$target_url = $x[0]['hubloc_callback'] . '/?f=&auth=' . urlencode(channel_reddress($channel))

57
Zotlabs/Module/Owa.php Normal file
View File

@@ -0,0 +1,57 @@
<?php
namespace Zotlabs\Module;
class Owa extends \Zotlabs\Web\Controller {
function init() {
foreach([ 'REDIRECT_REMOTE_USER', 'HTTP_AUTHORIZATION' ] as $head) {
if(array_key_exists($head,$_SERVER) && substr(trim($_SERVER[$head]),0,9) === 'Signature') {
if($head !== 'HTTP_AUTHORIZATION') {
$_SERVER['HTTP_AUTHORIZATION'] = $_SERVER[$head];
continue;
}
$sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER[$head]);
if($sigblock) {
$keyId = $sigblock['keyId'];
if($keyId) {
$r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash
where hubloc_addr = '%s' limit 1",
dbesc(str_replace('acct:','',$keyId))
);
if($r) {
$hubloc = $r[0];
$verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']);
logger('verified: ' . print_r($verified,true));
if($verified && $verified['header_signed'] && $verified['header_valid']) {
$token = random_string(32);
\Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']);
$x = json_encode([ 'success' => true, 'token' => $token ]);
header('Content-Type: application/x-zot+json');
echo $x;
killme();
}
}
}
}
$x = json_encode([ 'success' => false ]);
header('Content-Type: application/x-zot+json');
echo $x;
killme();
}
}
$x = json_encode([ 'success' => false ]);
header('Content-Type: application/x-zot+json');
echo $x;
killme();
}
}

4
Zotlabs/Module/Rmagic.php
View File

@@ -18,7 +18,7 @@ class Rmagic extends \Zotlabs\Web\Controller {
if($r[0]['hubloc_url'] === z_root())
goaway(z_root() . '/login');
$dest = z_root() . '/' . str_replace('zid=','zid_=',\App::$query_string);
goaway($r[0]['hubloc_url'] . '/magic' . '?f=&dest=' . $dest);
goaway($r[0]['hubloc_url'] . '/magic' . '?f=&owa=1&dest=' . $dest);
}
}
}
@@ -63,7 +63,7 @@ class Rmagic extends \Zotlabs\Web\Controller {
else
$dest = urlencode(z_root() . '/' . str_replace('zid=','zid_=',\App::$query_string));
goaway($url . '/magic' . '?f=&dest=' . $dest);
goaway($url . '/magic' . '?f=&owa=1&dest=' . $dest);
}
}
}

42
Zotlabs/Module/Wfinger.php
View File

@@ -30,9 +30,15 @@ class Wfinger extends \Zotlabs\Web\Controller {
$resource = $_REQUEST['resource'];
logger('webfinger: ' . $resource,LOGGER_DEBUG);
$root_resource = false;
if(strcasecmp(rtrim($resource,'/'),z_root()) === 0)
$root_resource = true;
$r = null;
if($resource) {
if(($resource) && (! $root_resource)) {
if(strpos($resource,'acct:') === 0) {
$channel = str_replace('acct:','',$resource);
@@ -60,7 +66,25 @@ class Wfinger extends \Zotlabs\Web\Controller {
header('Access-Control-Allow-Origin: *');
if($root_resource) {
$result['subject'] = $resource;
$result['properties'] = [
'https://w3id.org/security/v1#publicKeyPem' => get_config('system','pubkey')
];
$result['links'] = [
[
'rel' => 'http://purl.org/openwebauth/v1',
'type' => 'application/x-zot+json',
'href' => z_root() . '/owa',
],
];
}
if($resource && $r) {
$h = q("select hubloc_addr from hubloc where hubloc_hash = '%s' and hubloc_deleted = 0",
@@ -84,7 +108,8 @@ class Wfinger extends \Zotlabs\Web\Controller {
$result['properties'] = [
'http://webfinger.net/ns/name' => $r[0]['channel_name'],
'http://xmlns.com/foaf/0.1/name' => $r[0]['channel_name']
'http://xmlns.com/foaf/0.1/name' => $r[0]['channel_name'],
'https://w3id.org/security/v1#publicKeyPem' => $r[0]['xchan_pubkey']
];
foreach($aliases as $alias)
@@ -124,6 +149,13 @@ class Wfinger extends \Zotlabs\Web\Controller {
'rel' => 'http://purl.org/zot/protocol',
'href' => z_root() . '/.well-known/zot-info' . '?address=' . $r[0]['xchan_addr'],
],
[
'rel' => 'http://purl.org/openwebauth/v1',
'type' => 'application/x-zot+json',
'href' => z_root() . '/owa',
],
[
'rel' => 'magic-public-key',
@@ -136,14 +168,16 @@ class Wfinger extends \Zotlabs\Web\Controller {
$result['zot'] = zotinfo( [ 'address' => $r[0]['xchan_addr'] ]);
}
}
else {
if(! $result) {
header($_SERVER["SERVER_PROTOCOL"] . ' ' . 400 . ' ' . 'Bad Request');
killme();
}
$arr = [ 'channel' => $r[0], 'request' => $_REQUEST, 'result' => $result ];
call_hooks('webfinger',$arr);
json_return_and_die($arr['result'],'application/jrd+json');
}