Merge remote-tracking branch 'mike/master' into dev
This commit is contained in:
commit
108bb7649b
@ -17,6 +17,7 @@ class Magic extends \Zotlabs\Web\Controller {
|
|||||||
$dest = ((x($_REQUEST,'dest')) ? $_REQUEST['dest'] : '');
|
$dest = ((x($_REQUEST,'dest')) ? $_REQUEST['dest'] : '');
|
||||||
$test = ((x($_REQUEST,'test')) ? intval($_REQUEST['test']) : 0);
|
$test = ((x($_REQUEST,'test')) ? intval($_REQUEST['test']) : 0);
|
||||||
$rev = ((x($_REQUEST,'rev')) ? intval($_REQUEST['rev']) : 0);
|
$rev = ((x($_REQUEST,'rev')) ? intval($_REQUEST['rev']) : 0);
|
||||||
|
$owa = ((x($_REQUEST,'owa')) ? intval($_REQUEST['owa']) : 0);
|
||||||
$delegate = ((x($_REQUEST,'delegate')) ? $_REQUEST['delegate'] : '');
|
$delegate = ((x($_REQUEST,'delegate')) ? $_REQUEST['delegate'] : '');
|
||||||
|
|
||||||
$parsed = parse_url($dest);
|
$parsed = parse_url($dest);
|
||||||
@ -132,12 +133,44 @@ class Magic extends \Zotlabs\Web\Controller {
|
|||||||
if(local_channel()) {
|
if(local_channel()) {
|
||||||
$channel = \App::get_channel();
|
$channel = \App::get_channel();
|
||||||
|
|
||||||
$token = random_string();
|
// OpenWebAuth
|
||||||
// $token_sig = base64url_encode(rsa_sign($token,$channel['channel_prvkey']));
|
|
||||||
|
|
||||||
|
if($owa) {
|
||||||
|
|
||||||
|
$headers = [];
|
||||||
|
$headers['Accept'] = 'application/x-zot+json' ;
|
||||||
|
$headers['X-Open-Web-Auth'] = random_string();
|
||||||
|
$headers = \Zotlabs\Web\HTTPSig::create_sig('',$headers,$channel['channel_prvkey'],
|
||||||
|
'acct:' . $channel['channel_address'] . '@' . \App::get_hostname(),false,true,'sha512');
|
||||||
|
|
||||||
|
$x = z_fetch_url($basepath . '/owa',false,$redirects,[ 'headers' => $headers ]);
|
||||||
|
|
||||||
|
logger('owtfetch: ' . print_r($x,true));
|
||||||
|
|
||||||
|
if($x['success']) {
|
||||||
|
$j = json_decode($x['body'],true);
|
||||||
|
if($j['success'] && $j['token']) {
|
||||||
|
$x = strpbrk($dest,'?&');
|
||||||
|
$args = (($x) ? '&owt=' . $j['token'] : '?f=&owt=' . $j['token']) . (($delegate) ? '&delegate=1' : '');
|
||||||
|
goaway($dest . $args);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
goaway($dest);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
$token = random_string();
|
||||||
|
|
||||||
|
// $token_sig = base64url_encode(rsa_sign($token,$channel['channel_prvkey']));
|
||||||
// $channel['token'] = $token;
|
// $channel['token'] = $token;
|
||||||
// $channel['token_sig'] = $token_sig;
|
// $channel['token_sig'] = $token_sig;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
\Zotlabs\Zot\Verify::create('auth',$channel['channel_id'],$token,$x[0]['hubloc_url']);
|
\Zotlabs\Zot\Verify::create('auth',$channel['channel_id'],$token,$x[0]['hubloc_url']);
|
||||||
|
|
||||||
$target_url = $x[0]['hubloc_callback'] . '/?f=&auth=' . urlencode(channel_reddress($channel))
|
$target_url = $x[0]['hubloc_callback'] . '/?f=&auth=' . urlencode(channel_reddress($channel))
|
||||||
|
57
Zotlabs/Module/Owa.php
Normal file
57
Zotlabs/Module/Owa.php
Normal file
@ -0,0 +1,57 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
|
||||||
|
namespace Zotlabs\Module;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
class Owa extends \Zotlabs\Web\Controller {
|
||||||
|
|
||||||
|
function init() {
|
||||||
|
foreach([ 'REDIRECT_REMOTE_USER', 'HTTP_AUTHORIZATION' ] as $head) {
|
||||||
|
|
||||||
|
if(array_key_exists($head,$_SERVER) && substr(trim($_SERVER[$head]),0,9) === 'Signature') {
|
||||||
|
if($head !== 'HTTP_AUTHORIZATION') {
|
||||||
|
$_SERVER['HTTP_AUTHORIZATION'] = $_SERVER[$head];
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
$sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER[$head]);
|
||||||
|
if($sigblock) {
|
||||||
|
$keyId = $sigblock['keyId'];
|
||||||
|
|
||||||
|
if($keyId) {
|
||||||
|
$r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash
|
||||||
|
where hubloc_addr = '%s' limit 1",
|
||||||
|
dbesc(str_replace('acct:','',$keyId))
|
||||||
|
);
|
||||||
|
if($r) {
|
||||||
|
$hubloc = $r[0];
|
||||||
|
$verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']);
|
||||||
|
|
||||||
|
logger('verified: ' . print_r($verified,true));
|
||||||
|
|
||||||
|
if($verified && $verified['header_signed'] && $verified['header_valid']) {
|
||||||
|
$token = random_string(32);
|
||||||
|
\Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']);
|
||||||
|
$x = json_encode([ 'success' => true, 'token' => $token ]);
|
||||||
|
header('Content-Type: application/x-zot+json');
|
||||||
|
echo $x;
|
||||||
|
killme();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$x = json_encode([ 'success' => false ]);
|
||||||
|
header('Content-Type: application/x-zot+json');
|
||||||
|
echo $x;
|
||||||
|
killme();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$x = json_encode([ 'success' => false ]);
|
||||||
|
header('Content-Type: application/x-zot+json');
|
||||||
|
echo $x;
|
||||||
|
killme();
|
||||||
|
}
|
||||||
|
}
|
@ -18,7 +18,7 @@ class Rmagic extends \Zotlabs\Web\Controller {
|
|||||||
if($r[0]['hubloc_url'] === z_root())
|
if($r[0]['hubloc_url'] === z_root())
|
||||||
goaway(z_root() . '/login');
|
goaway(z_root() . '/login');
|
||||||
$dest = z_root() . '/' . str_replace('zid=','zid_=',\App::$query_string);
|
$dest = z_root() . '/' . str_replace('zid=','zid_=',\App::$query_string);
|
||||||
goaway($r[0]['hubloc_url'] . '/magic' . '?f=&dest=' . $dest);
|
goaway($r[0]['hubloc_url'] . '/magic' . '?f=&owa=1&dest=' . $dest);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -63,7 +63,7 @@ class Rmagic extends \Zotlabs\Web\Controller {
|
|||||||
else
|
else
|
||||||
$dest = urlencode(z_root() . '/' . str_replace('zid=','zid_=',\App::$query_string));
|
$dest = urlencode(z_root() . '/' . str_replace('zid=','zid_=',\App::$query_string));
|
||||||
|
|
||||||
goaway($url . '/magic' . '?f=&dest=' . $dest);
|
goaway($url . '/magic' . '?f=&owa=1&dest=' . $dest);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -30,9 +30,15 @@ class Wfinger extends \Zotlabs\Web\Controller {
|
|||||||
$resource = $_REQUEST['resource'];
|
$resource = $_REQUEST['resource'];
|
||||||
logger('webfinger: ' . $resource,LOGGER_DEBUG);
|
logger('webfinger: ' . $resource,LOGGER_DEBUG);
|
||||||
|
|
||||||
|
|
||||||
|
$root_resource = false;
|
||||||
|
|
||||||
|
if(strcasecmp(rtrim($resource,'/'),z_root()) === 0)
|
||||||
|
$root_resource = true;
|
||||||
|
|
||||||
$r = null;
|
$r = null;
|
||||||
|
|
||||||
if($resource) {
|
if(($resource) && (! $root_resource)) {
|
||||||
|
|
||||||
if(strpos($resource,'acct:') === 0) {
|
if(strpos($resource,'acct:') === 0) {
|
||||||
$channel = str_replace('acct:','',$resource);
|
$channel = str_replace('acct:','',$resource);
|
||||||
@ -61,6 +67,24 @@ class Wfinger extends \Zotlabs\Web\Controller {
|
|||||||
header('Access-Control-Allow-Origin: *');
|
header('Access-Control-Allow-Origin: *');
|
||||||
|
|
||||||
|
|
||||||
|
if($root_resource) {
|
||||||
|
$result['subject'] = $resource;
|
||||||
|
$result['properties'] = [
|
||||||
|
'https://w3id.org/security/v1#publicKeyPem' => get_config('system','pubkey')
|
||||||
|
];
|
||||||
|
$result['links'] = [
|
||||||
|
[
|
||||||
|
'rel' => 'http://purl.org/openwebauth/v1',
|
||||||
|
'type' => 'application/x-zot+json',
|
||||||
|
'href' => z_root() . '/owa',
|
||||||
|
],
|
||||||
|
];
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
if($resource && $r) {
|
if($resource && $r) {
|
||||||
|
|
||||||
$h = q("select hubloc_addr from hubloc where hubloc_hash = '%s' and hubloc_deleted = 0",
|
$h = q("select hubloc_addr from hubloc where hubloc_hash = '%s' and hubloc_deleted = 0",
|
||||||
@ -84,7 +108,8 @@ class Wfinger extends \Zotlabs\Web\Controller {
|
|||||||
|
|
||||||
$result['properties'] = [
|
$result['properties'] = [
|
||||||
'http://webfinger.net/ns/name' => $r[0]['channel_name'],
|
'http://webfinger.net/ns/name' => $r[0]['channel_name'],
|
||||||
'http://xmlns.com/foaf/0.1/name' => $r[0]['channel_name']
|
'http://xmlns.com/foaf/0.1/name' => $r[0]['channel_name'],
|
||||||
|
'https://w3id.org/security/v1#publicKeyPem' => $r[0]['xchan_pubkey']
|
||||||
];
|
];
|
||||||
|
|
||||||
foreach($aliases as $alias)
|
foreach($aliases as $alias)
|
||||||
@ -125,6 +150,13 @@ class Wfinger extends \Zotlabs\Web\Controller {
|
|||||||
'href' => z_root() . '/.well-known/zot-info' . '?address=' . $r[0]['xchan_addr'],
|
'href' => z_root() . '/.well-known/zot-info' . '?address=' . $r[0]['xchan_addr'],
|
||||||
],
|
],
|
||||||
|
|
||||||
|
[
|
||||||
|
'rel' => 'http://purl.org/openwebauth/v1',
|
||||||
|
'type' => 'application/x-zot+json',
|
||||||
|
'href' => z_root() . '/owa',
|
||||||
|
],
|
||||||
|
|
||||||
|
|
||||||
[
|
[
|
||||||
'rel' => 'magic-public-key',
|
'rel' => 'magic-public-key',
|
||||||
'href' => 'data:application/magic-public-key,' . salmon_key($r[0]['channel_pubkey']),
|
'href' => 'data:application/magic-public-key,' . salmon_key($r[0]['channel_pubkey']),
|
||||||
@ -136,7 +168,8 @@ class Wfinger extends \Zotlabs\Web\Controller {
|
|||||||
$result['zot'] = zotinfo( [ 'address' => $r[0]['xchan_addr'] ]);
|
$result['zot'] = zotinfo( [ 'address' => $r[0]['xchan_addr'] ]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
|
||||||
|
if(! $result) {
|
||||||
header($_SERVER["SERVER_PROTOCOL"] . ' ' . 400 . ' ' . 'Bad Request');
|
header($_SERVER["SERVER_PROTOCOL"] . ' ' . 400 . ' ' . 'Bad Request');
|
||||||
killme();
|
killme();
|
||||||
}
|
}
|
||||||
@ -144,6 +177,7 @@ class Wfinger extends \Zotlabs\Web\Controller {
|
|||||||
$arr = [ 'channel' => $r[0], 'request' => $_REQUEST, 'result' => $result ];
|
$arr = [ 'channel' => $r[0], 'request' => $_REQUEST, 'result' => $result ];
|
||||||
call_hooks('webfinger',$arr);
|
call_hooks('webfinger',$arr);
|
||||||
|
|
||||||
|
|
||||||
json_return_and_die($arr['result'],'application/jrd+json');
|
json_return_and_die($arr['result'],'application/jrd+json');
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -91,6 +91,9 @@ class HTTPSig {
|
|||||||
if($sig_block['algorithm'] === 'rsa-sha256') {
|
if($sig_block['algorithm'] === 'rsa-sha256') {
|
||||||
$algorithm = 'sha256';
|
$algorithm = 'sha256';
|
||||||
}
|
}
|
||||||
|
if($sig_block['algorithm'] === 'rsa-sha512') {
|
||||||
|
$algorithm = 'sha512';
|
||||||
|
}
|
||||||
|
|
||||||
if(! $key) {
|
if(! $key) {
|
||||||
$result['signer'] = $sig_block['keyId'];
|
$result['signer'] = $sig_block['keyId'];
|
||||||
@ -113,6 +116,8 @@ class HTTPSig {
|
|||||||
$digest = explode('=', $headers['digest']);
|
$digest = explode('=', $headers['digest']);
|
||||||
if($digest[0] === 'SHA-256')
|
if($digest[0] === 'SHA-256')
|
||||||
$hashalg = 'sha256';
|
$hashalg = 'sha256';
|
||||||
|
if($digest[0] === 'SHA-512')
|
||||||
|
$hashalg = 'sha512';
|
||||||
|
|
||||||
// The explode operation will have stripped the '=' padding, so compare against unpadded base64
|
// The explode operation will have stripped the '=' padding, so compare against unpadded base64
|
||||||
if(rtrim(base64_encode(hash($hashalg,$body,true)),'=') === $digest[1]) {
|
if(rtrim(base64_encode(hash($hashalg,$body,true)),'=') === $digest[1]) {
|
||||||
@ -164,6 +169,9 @@ class HTTPSig {
|
|||||||
if($alg === 'sha256') {
|
if($alg === 'sha256') {
|
||||||
$algorithm = 'rsa-sha256';
|
$algorithm = 'rsa-sha256';
|
||||||
}
|
}
|
||||||
|
if($alg === 'sha512') {
|
||||||
|
$algorithm = 'rsa-sha512';
|
||||||
|
}
|
||||||
|
|
||||||
$x = self::sign($request,$head,$prvkey,$alg);
|
$x = self::sign($request,$head,$prvkey,$alg);
|
||||||
|
|
||||||
|
@ -70,6 +70,12 @@ class WebServer {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if((x($_REQUEST,'owt')) && (! \App::$install)) {
|
||||||
|
$token = $_REQUEST['owt'];
|
||||||
|
\App::$query_string = strip_query_param(\App::$query_string,'owt');
|
||||||
|
owt_init($token);
|
||||||
|
}
|
||||||
|
|
||||||
if((x($_SESSION, 'authenticated')) || (x($_POST, 'auth-params')) || (\App::$module === 'login'))
|
if((x($_SESSION, 'authenticated')) || (x($_POST, 'auth-params')) || (\App::$module === 'login'))
|
||||||
require('include/auth.php');
|
require('include/auth.php');
|
||||||
|
|
||||||
|
@ -31,6 +31,22 @@ class Verify {
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
function get_meta($type,$channel_id,$token) {
|
||||||
|
$r = q("select id, meta from verify where vtype = '%s' and channel = %d and token = '%s' limit 1",
|
||||||
|
dbesc($type),
|
||||||
|
intval($channel_id),
|
||||||
|
dbesc($token)
|
||||||
|
);
|
||||||
|
if($r) {
|
||||||
|
q("delete from verify where id = %d",
|
||||||
|
intval($r[0]['id'])
|
||||||
|
);
|
||||||
|
return $r[0]['meta'];
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
function purge($type,$interval) {
|
function purge($type,$interval) {
|
||||||
q("delete from verify where vtype = '%s' and created < %s - INTERVAL %s",
|
q("delete from verify where vtype = '%s' and created < %s - INTERVAL %s",
|
||||||
dbesc($type),
|
dbesc($type),
|
||||||
|
@ -1633,7 +1633,7 @@ function zid_init() {
|
|||||||
$query = str_replace(array('?zid=','&zid='),array('?rzid=','&rzid='),$query);
|
$query = str_replace(array('?zid=','&zid='),array('?rzid=','&rzid='),$query);
|
||||||
$dest = '/' . urlencode($query);
|
$dest = '/' . urlencode($query);
|
||||||
if($r && ($r[0]['hubloc_url'] != z_root()) && (! strstr($dest,'/magic')) && (! strstr($dest,'/rmagic'))) {
|
if($r && ($r[0]['hubloc_url'] != z_root()) && (! strstr($dest,'/magic')) && (! strstr($dest,'/rmagic'))) {
|
||||||
goaway($r[0]['hubloc_url'] . '/magic' . '?f=&rev=1&dest=' . z_root() . $dest);
|
goaway($r[0]['hubloc_url'] . '/magic' . '?f=&rev=1&owa=1&dest=' . z_root() . $dest);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
logger('zid_init: no hubloc found.');
|
logger('zid_init: no hubloc found.');
|
||||||
|
@ -115,7 +115,7 @@ function vcard_from_xchan($xchan, $observer = null, $mode = '') {
|
|||||||
App::$profile_uid = $xchan['channel_id'];
|
App::$profile_uid = $xchan['channel_id'];
|
||||||
|
|
||||||
$url = (($observer)
|
$url = (($observer)
|
||||||
? z_root() . '/magic?f=&dest=' . $xchan['xchan_url'] . '&addr=' . $xchan['xchan_addr']
|
? z_root() . '/magic?f=&owa=1&dest=' . $xchan['xchan_url'] . '&addr=' . $xchan['xchan_addr']
|
||||||
: $xchan['xchan_url']
|
: $xchan['xchan_url']
|
||||||
);
|
);
|
||||||
|
|
||||||
|
@ -602,6 +602,11 @@ function import_items($channel, $items, $sync = false, $relocate = null) {
|
|||||||
if(! $item)
|
if(! $item)
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
|
// deprecated
|
||||||
|
|
||||||
|
if(array_key_exists('diaspora_meta',$item))
|
||||||
|
unset($item['diaspora_meta']);
|
||||||
|
|
||||||
if($relocate && $item['mid'] === $item['parent_mid']) {
|
if($relocate && $item['mid'] === $item['parent_mid']) {
|
||||||
item_url_replace($channel,$item,$relocate['url'],z_root(),$relocate['channel_address']);
|
item_url_replace($channel,$item,$relocate['url'],z_root(),$relocate['channel_address']);
|
||||||
}
|
}
|
||||||
|
@ -2004,17 +2004,17 @@ function item_store_update($arr,$allow_exec = false, $deliver = true) {
|
|||||||
$arr = $translate['item'];
|
$arr = $translate['item'];
|
||||||
}
|
}
|
||||||
|
|
||||||
if((x($arr,'obj')) && is_array($arr['obj'])) {
|
if((array_key_exists('obj',$arr)) && is_array($arr['obj'])) {
|
||||||
activity_sanitise($arr['obj']);
|
activity_sanitise($arr['obj']);
|
||||||
$arr['obj'] = json_encode($arr['obj']);
|
$arr['obj'] = json_encode($arr['obj']);
|
||||||
}
|
}
|
||||||
|
|
||||||
if((x($arr,'target')) && is_array($arr['target'])) {
|
if((array_key_exists('target',$arr)) && is_array($arr['target'])) {
|
||||||
activity_sanitise($arr['target']);
|
activity_sanitise($arr['target']);
|
||||||
$arr['target'] = json_encode($arr['target']);
|
$arr['target'] = json_encode($arr['target']);
|
||||||
}
|
}
|
||||||
|
|
||||||
if((x($arr,'attach')) && is_array($arr['attach'])) {
|
if((array_key_exists('attach',$arr)) && is_array($arr['attach'])) {
|
||||||
activity_sanitise($arr['attach']);
|
activity_sanitise($arr['attach']);
|
||||||
$arr['attach'] = json_encode($arr['attach']);
|
$arr['attach'] = json_encode($arr['attach']);
|
||||||
}
|
}
|
||||||
|
@ -225,6 +225,17 @@ function oembed_fetch_url($embedurl){
|
|||||||
if($j['html']) {
|
if($j['html']) {
|
||||||
$orig = $j['html'];
|
$orig = $j['html'];
|
||||||
$allow_position = (($is_matrix) ? true : false);
|
$allow_position = (($is_matrix) ? true : false);
|
||||||
|
|
||||||
|
// some sites wrap their entire embed in an iframe
|
||||||
|
// which we will purify away and which we provide anyway.
|
||||||
|
// So if we see this, grab the frame src url and use that
|
||||||
|
// as the embed content - which will still need to be purified.
|
||||||
|
|
||||||
|
if(preg_match('#<iframe(.*?)src=[\'\"](.?*)[\'\"]#',$matches,$j['html'])) {
|
||||||
|
$x = z_fetch_url($matches[2]);
|
||||||
|
$j['html'] = $x['body'];
|
||||||
|
}
|
||||||
|
|
||||||
$j['html'] = purify_html($j['html'],$allow_position);
|
$j['html'] = purify_html($j['html'],$allow_position);
|
||||||
if($j['html'] != $orig) {
|
if($j['html'] != $orig) {
|
||||||
logger('oembed html was purified. original: ' . $orig . ' purified: ' . $j['html'], LOGGER_DEBUG, LOG_INFO);
|
logger('oembed html was purified. original: ' . $orig . ' purified: ' . $j['html'], LOGGER_DEBUG, LOG_INFO);
|
||||||
|
@ -987,7 +987,7 @@ function chanlink_cid($d) {
|
|||||||
|
|
||||||
function magiclink_url($observer,$myaddr,$url) {
|
function magiclink_url($observer,$myaddr,$url) {
|
||||||
return (($observer)
|
return (($observer)
|
||||||
? z_root() . '/magic?f=&dest=' . $url . '&addr=' . $myaddr
|
? z_root() . '/magic?f=&owa=1&dest=' . $url . '&addr=' . $myaddr
|
||||||
: $url
|
: $url
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
@ -1389,7 +1389,7 @@ function theme_attachments(&$item) {
|
|||||||
if(is_foreigner($item['author_xchan']))
|
if(is_foreigner($item['author_xchan']))
|
||||||
$url = $r['href'];
|
$url = $r['href'];
|
||||||
else
|
else
|
||||||
$url = z_root() . '/magic?f=&hash=' . $item['author_xchan'] . '&dest=' . $r['href'] . '/' . $r['revision'];
|
$url = z_root() . '/magic?f=&owa=1&hash=' . $item['author_xchan'] . '&dest=' . $r['href'] . '/' . $r['revision'];
|
||||||
|
|
||||||
//$s .= '<a href="' . $url . '" title="' . $title . '" class="attachlink" >' . $icon . '</a>';
|
//$s .= '<a href="' . $url . '" title="' . $title . '" class="attachlink" >' . $icon . '</a>';
|
||||||
$attaches[] = array('label' => $label, 'url' => $url, 'icon' => $icon, 'title' => $title);
|
$attaches[] = array('label' => $label, 'url' => $url, 'icon' => $icon, 'title' => $title);
|
||||||
|
@ -81,6 +81,10 @@ function zid($s,$address = '') {
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
function strip_query_param($s,$param) {
|
||||||
|
return preg_replace('/[\?&]' . $param . '=(.*?)(&|$)/ism','$2',$s);
|
||||||
|
}
|
||||||
|
|
||||||
function strip_zids($s) {
|
function strip_zids($s) {
|
||||||
return preg_replace('/[\?&]zid=(.*?)(&|$)/ism','$2',$s);
|
return preg_replace('/[\?&]zid=(.*?)(&|$)/ism','$2',$s);
|
||||||
}
|
}
|
||||||
@ -230,3 +234,68 @@ function red_zrlify_img_callback($matches) {
|
|||||||
return $matches[0];
|
return $matches[0];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function owt_init($token) {
|
||||||
|
|
||||||
|
\Zotlabs\Zot\Verify::purge('owt','3 MINUTE');
|
||||||
|
|
||||||
|
$ob_hash = \Zotlabs\Zot\Verify::get_meta('owt',0,$token);
|
||||||
|
|
||||||
|
if($ob_hash === false) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$r = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash
|
||||||
|
where hubloc_addr = '%s' order by hubloc_id desc",
|
||||||
|
dbesc($ob_hash)
|
||||||
|
);
|
||||||
|
|
||||||
|
if(! $r) {
|
||||||
|
// finger them if they can't be found.
|
||||||
|
$j = \Zotlabs\Zot\Finger::run($ob_hash, null);
|
||||||
|
if ($j['success']) {
|
||||||
|
import_xchan($j);
|
||||||
|
$r = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash
|
||||||
|
where hubloc_addr = '%s' order by hubloc_id desc",
|
||||||
|
dbesc($ob_hash)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if(! $r) {
|
||||||
|
logger('owt: unable to finger ' . $ob_hash);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
$hubloc = $r[0];
|
||||||
|
|
||||||
|
$_SESSION['authenticated'] = 1;
|
||||||
|
|
||||||
|
$delegate_success = false;
|
||||||
|
if($_REQUEST['delegate']) {
|
||||||
|
$r = q("select * from channel left join xchan on channel_hash = xchan_hash where xchan_addr = '%s' limit 1",
|
||||||
|
dbesc($_REQUEST['delegate'])
|
||||||
|
);
|
||||||
|
if ($r && intval($r[0]['channel_id'])) {
|
||||||
|
$allowed = perm_is_allowed($r[0]['channel_id'],$hubloc['xchan_hash'],'delegate');
|
||||||
|
if($allowed) {
|
||||||
|
$_SESSION['delegate_channel'] = $r[0]['channel_id'];
|
||||||
|
$_SESSION['delegate'] = $hubloc['xchan_hash'];
|
||||||
|
$_SESSION['account_id'] = intval($r[0]['channel_account_id']);
|
||||||
|
require_once('include/security.php');
|
||||||
|
// this will set the local_channel authentication in the session
|
||||||
|
change_channel($r[0]['channel_id']);
|
||||||
|
$delegate_success = true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (! $delegate_success) {
|
||||||
|
// normal visitor (remote_channel) login session credentials
|
||||||
|
$_SESSION['visitor_id'] = $hubloc['xchan_hash'];
|
||||||
|
$_SESSION['my_url'] = $hubloc['xchan_url'];
|
||||||
|
$_SESSION['my_address'] = $hubloc['hubloc_addr'];
|
||||||
|
$_SESSION['remote_hub'] = $hubloc['hubloc_url'];
|
||||||
|
$_SESSION['DNT'] = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
logger('owa success!');
|
||||||
|
|
||||||
|
}
|
4
view/css/bootstrap-red.css
vendored
4
view/css/bootstrap-red.css
vendored
@ -71,10 +71,6 @@ nav .dropdown-menu {
|
|||||||
min-width: auto;
|
min-width: auto;
|
||||||
}
|
}
|
||||||
|
|
||||||
code {
|
|
||||||
white-space: normal;
|
|
||||||
}
|
|
||||||
|
|
||||||
label {
|
label {
|
||||||
font-weight: bold;
|
font-weight: bold;
|
||||||
}
|
}
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
|
||||||
/* jot */
|
/* jot */
|
||||||
|
|
||||||
.jothidden input[type="text"] {
|
.jothidden input[type="text"] {
|
||||||
@ -273,6 +274,7 @@ code {
|
|||||||
font-size: 1em;
|
font-size: 1em;
|
||||||
padding: 1em 1.5em;
|
padding: 1em 1.5em;
|
||||||
display: block;
|
display: block;
|
||||||
|
white-space: pre-wrap;
|
||||||
}
|
}
|
||||||
|
|
||||||
code.inline-code {
|
code.inline-code {
|
||||||
|
@ -136,6 +136,8 @@ input, optgroup, select, textarea {
|
|||||||
|
|
||||||
pre code {
|
pre code {
|
||||||
border: none;
|
border: none;
|
||||||
|
padding: 1em 1.5em;
|
||||||
|
border-radius: $radius;
|
||||||
}
|
}
|
||||||
|
|
||||||
code {
|
code {
|
||||||
|
Reference in New Issue
Block a user