hubloc confusion in magic auth

This commit is contained in:
Zot
2019-04-25 11:54:37 +02:00
committed by Mario
parent c123fa5422
commit 3c8f8b76aa
6 changed files with 89 additions and 28 deletions

View File

@@ -1812,13 +1812,16 @@ function zid_init() {
call_hooks('zid_init', $arr);
if(! local_channel()) {
$r = q("select * from hubloc where hubloc_addr = '%s' order by hubloc_connected desc limit 1",
$r = q("select * from hubloc where hubloc_addr = '%s' order by hubloc_connected desc",
dbesc($tmp_str)
);
if(! $r) {
Master::Summon(array('Gprobe',bin2hex($tmp_str)));
}
if($r && remote_channel() && remote_channel() === $r[0]['hubloc_hash'])
if($r) {
$r = zot_record_preferred($r);
}
if($r && remote_channel() && remote_channel() === $r['hubloc_hash'])
return;
logger('Not authenticated. Invoking reverse magic-auth for ' . $tmp_str);
@@ -1826,8 +1829,8 @@ function zid_init() {
$query = App::$query_string;
$query = str_replace(array('?zid=','&zid='),array('?rzid=','&rzid='),$query);
$dest = '/' . $query;
if($r && ($r[0]['hubloc_url'] != z_root()) && (! strstr($dest,'/magic')) && (! strstr($dest,'/rmagic'))) {
goaway($r[0]['hubloc_url'] . '/magic' . '?f=&rev=1&owa=1&bdest=' . bin2hex(z_root() . $dest));
if($r && ($r['hubloc_url'] != z_root()) && (! strstr($dest,'/magic')) && (! strstr($dest,'/rmagic'))) {
goaway($r['hubloc_url'] . '/magic' . '?f=&rev=1&owa=1&bdest=' . bin2hex(z_root() . $dest));
}
else
logger('No hubloc found.');

View File

@@ -1,5 +1,6 @@
<?php
use Zotlabs\Lib\Verify;
function is_matrix_url($url) {
@@ -270,34 +271,45 @@ function red_zrlify_img_callback($matches) {
*/
function owt_init($token) {
\Zotlabs\Lib\Verify::purge('owt', '3 MINUTE');
Verify::purge('owt', '3 MINUTE');
$ob_hash = \Zotlabs\Lib\Verify::get_meta('owt', 0, $token);
$key = Verify::get_meta('owt', 0, $token);
if($ob_hash === false) {
if($key === false) {
return;
}
$parts = explode(',',$key,2);
if(count($parts) < 2) {
return;
}
$r = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash
where hubloc_addr = '%s' order by hubloc_id desc",
dbesc($ob_hash)
where hubloc_network = '%s' and hubloc_addr = '%s' order by hubloc_id desc",
dbesc($parts[0]),
dbesc($parts[1])
);
if(! $r) {
// finger them if they can't be found.
$j = \Zotlabs\Zot\Finger::run($ob_hash, null);
// @todo check that this is still needed. Discovery should have been performed in the Owa module.
$j = \Zotlabs\Zot\Finger::run($parts[1], null);
if ($j['success']) {
import_xchan($j);
$r = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash
where hubloc_addr = '%s' order by hubloc_id desc",
dbesc($ob_hash)
where hubloc_network = '%s' and hubloc_addr = '%s' order by hubloc_id desc",
dbesc($parts[0]),
dbesc($parts[1])
);
}
}
if(! $r) {
logger('owt: unable to finger ' . $ob_hash);
logger('owt: unable to finger ' . $key);
return;
}
$hubloc = $r[0];
$_SESSION['authenticated'] = 1;
@@ -324,7 +336,7 @@ function owt_init($token) {
if (! $delegate_success) {
// normal visitor (remote_channel) login session credentials
$_SESSION['visitor_id'] = $hubloc['xchan_hash'];
$_SESSION['my_url'] = $hubloc['xchan_url'];
$_SESSION['my_url'] = $hubloc['xchan_url'];
$_SESSION['my_address'] = $hubloc['hubloc_addr'];
$_SESSION['remote_hub'] = $hubloc['hubloc_url'];
$_SESSION['DNT'] = 1;
@@ -332,7 +344,7 @@ function owt_init($token) {
$arr = [
'xchan' => $hubloc,
'url' => \App::$query_string,
'url' => App::$query_string,
'session' => $_SESSION
];
/**
@@ -344,11 +356,11 @@ function owt_init($token) {
*/
call_hooks('magic_auth_success', $arr);
\App::set_observer($hubloc);
App::set_observer($hubloc);
require_once('include/security.php');
\App::set_groups(init_groups_visitor($_SESSION['visitor_id']));
App::set_groups(init_groups_visitor($_SESSION['visitor_id']));
if(! get_config('system', 'hide_owa_greeting'))
info(sprintf( t('OpenWebAuth: %1$s welcomes %2$s'),\App::get_hostname(), $hubloc['xchan_name']));
info(sprintf( t('OpenWebAuth: %1$s welcomes %2$s'),App::get_hostname(), $hubloc['xchan_name']));
logger('OpenWebAuth: auth success from ' . $hubloc['xchan_addr']);
}
@@ -384,7 +396,9 @@ function observer_auth($ob_hash) {
return;
}
$hubloc = $r[0];
// Note: this has no Libzot namespace so prefers zot over zot6
$hubloc = zot_record_preferred($r);
$_SESSION['authenticated'] = 1;
@@ -395,8 +409,8 @@ function observer_auth($ob_hash) {
$_SESSION['remote_hub'] = $hubloc['hubloc_url'];
$_SESSION['DNT'] = 1;
\App::set_observer($hubloc);
App::set_observer($hubloc);
require_once('include/security.php');
\App::set_groups(init_groups_visitor($_SESSION['visitor_id']));
App::set_groups(init_groups_visitor($_SESSION['visitor_id']));
}

View File

@@ -5286,3 +5286,25 @@ function zot_reply_notify($data) {
$ret['success'] = true;
json_return_and_die($ret);
}
function zot_record_preferred($arr, $check = 'hubloc_network') {
if(! $arr) {
return $arr;
}
foreach($arr as $v) {
if($v[$check] === 'zot') {
return $v;
}
}
foreach($arr as $v) {
if($v[$check] === 'zot6') {
return $v;
}
}
return $arr[0];
}