harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

encrypt the owa token

Browse Source
This commit is contained in:
zotlabs 2017-10-26 15:23:04 -07:00 committed by Mario
parent b62dee4c90
commit 1ef558d7e6
2 changed files with 13 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
Zotlabs/Module/Magic.php
View File

@ -146,10 +146,17 @@ class Magic extends \Zotlabs\Web\Controller {
if($x['success']) { if($x['success']) {
$j = json_decode($x['body'],true); $j = json_decode($x['body'],true);
if($j['success'] && $j['token']) { if($j['success']) {
$x = strpbrk($dest,'?&'); $token = '';
$args = (($x) ? '&owt=' . $j['token'] : '?f=&owt=' . $j['token']) . (($delegate) ? '&delegate=1' : ''); if($j['encrypted_token']) {
openssl_private_decrypt(base64url_decode($j['encrypted_token']),$token,$channel['channel_prvkey']);
}
else {
$token = $j['token'];
}
$x = strpbrk($dest,'?&');
$args = (($x) ? '&owt=' . $token : '?f=&owt=' . $token) . (($delegate) ? '&delegate=1' : '');
goaway($dest . $args); goaway($dest . $args);
} }
} }

4
Zotlabs/Module/Owa.php
View File

@ -41,7 +41,9 @@ class Owa extends \Zotlabs\Web\Controller {
$ret['success'] = true; $ret['success'] = true;
$token = random_string(32); $token = random_string(32);
\Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']); \Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']);
$ret['token'] = $token; $result = '';
openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']);
$ret['encrypted_token'] = base64url_encode($result);
} }
} }
} }