Merge branch 'httpsig' into 'dev'
http signature consolidation See merge request hubzilla/core!1685
This commit is contained in:
Mario
@@ -4,6 +4,7 @@ namespace Zotlabs\Module;
|
||||
use App;
|
||||
use Zotlabs\Lib\Apps;
|
||||
use Zotlabs\Web\Controller;
|
||||
use Zotlabs\Web\HTTPSig;
|
||||
|
||||
require_once('include/event.php');
|
||||
|
||||
@@ -41,7 +42,7 @@ class Cdav extends Controller {
|
||||
continue;
|
||||
}
|
||||
|
||||
$sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER[$head]);
|
||||
$sigblock = HTTPSig::parse_sigheader($_SERVER[$head]);
|
||||
if($sigblock) {
|
||||
$keyId = str_replace('acct:','',$sigblock['keyId']);
|
||||
if($keyId) {
|
||||
@@ -64,7 +65,7 @@ class Cdav extends Controller {
|
||||
continue;
|
||||
|
||||
if($record) {
|
||||
$verified = \Zotlabs\Web\HTTPSig::verify('',$record['channel']['channel_pubkey']);
|
||||
$verified = HTTPSig::verify('',$record['channel']['channel_pubkey']);
|
||||
if(! ($verified && $verified['header_signed'] && $verified['header_valid'])) {
|
||||
$record = null;
|
||||
}
|
||||
|
||||
@@ -6,7 +6,7 @@ namespace Zotlabs\Module;
|
||||
use App;
|
||||
use Zotlabs\Web\Controller;
|
||||
use Zotlabs\Lib\PermissionDescription;
|
||||
use Zotlabs\Zot6\HTTPSig;
|
||||
use Zotlabs\Web\HTTPSig;
|
||||
use Zotlabs\Lib\Libzot;
|
||||
|
||||
require_once('include/items.php');
|
||||
|
||||
@@ -8,8 +8,9 @@
|
||||
|
||||
namespace Zotlabs\Module;
|
||||
|
||||
use \Sabre\DAV as SDAV;
|
||||
use \Zotlabs\Storage;
|
||||
use Sabre\DAV as SDAV;
|
||||
use Zotlabs\Storage;
|
||||
use Zotlabs\Web\HTTPSig;
|
||||
|
||||
require_once('include/attach.php');
|
||||
require_once('include/auth.php');
|
||||
@@ -46,7 +47,7 @@ class Dav extends \Zotlabs\Web\Controller {
|
||||
continue;
|
||||
}
|
||||
|
||||
$sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER[$head]);
|
||||
$sigblock = HTTPSig::parse_sigheader($_SERVER[$head]);
|
||||
if($sigblock) {
|
||||
$keyId = str_replace('acct:','',$sigblock['keyId']);
|
||||
if($keyId) {
|
||||
@@ -69,7 +70,7 @@ class Dav extends \Zotlabs\Web\Controller {
|
||||
continue;
|
||||
|
||||
if($record) {
|
||||
$verified = \Zotlabs\Web\HTTPSig::verify('',$record['channel']['channel_pubkey']);
|
||||
$verified = HTTPSig::verify('',$record['channel']['channel_pubkey']);
|
||||
if(! ($verified && $verified['header_signed'] && $verified['header_valid'])) {
|
||||
$record = null;
|
||||
}
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
<?php
|
||||
namespace Zotlabs\Module;
|
||||
|
||||
use Zotlabs\Web\HTTPSig;
|
||||
|
||||
/**
|
||||
* module: getfile
|
||||
*
|
||||
@@ -46,7 +48,7 @@ class Getfile extends \Zotlabs\Web\Controller {
|
||||
continue;
|
||||
}
|
||||
|
||||
$sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER[$head]);
|
||||
$sigblock = HTTPSig::parse_sigheader($_SERVER[$head]);
|
||||
if($sigblock) {
|
||||
$keyId = $sigblock['keyId'];
|
||||
|
||||
@@ -57,7 +59,7 @@ class Getfile extends \Zotlabs\Web\Controller {
|
||||
);
|
||||
if($r) {
|
||||
$hubloc = $r[0];
|
||||
$verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']);
|
||||
$verified = HTTPSig::verify('',$hubloc['xchan_pubkey']);
|
||||
if($verified && $verified['header_signed'] && $verified['header_valid'] && $hash == $hubloc['hubloc_hash']) {
|
||||
$header_verified = true;
|
||||
}
|
||||
|
||||
@@ -12,7 +12,7 @@ namespace Zotlabs\Module;
|
||||
use Zotlabs\Lib\Activity;
|
||||
use Zotlabs\Lib\ActivityStreams;
|
||||
use Zotlabs\Lib\LDSignatures;
|
||||
use Zotlabs\Zot6\HTTPSig;
|
||||
use Zotlabs\Web\HTTPSig;
|
||||
use Zotlabs\Web\Controller;
|
||||
use Zotlabs\Lib\Libzot;
|
||||
use Zotlabs\Lib\ThreadListener;
|
||||
|
||||
@@ -9,7 +9,7 @@ use Zotlabs\Daemon\Master;
|
||||
use Zotlabs\Lib\Activity;
|
||||
use Zotlabs\Lib\ActivityStreams;
|
||||
use Zotlabs\Lib\LDSignatures;
|
||||
use Zotlabs\Zot6\HTTPSig;
|
||||
use Zotlabs\Web\HTTPSig;
|
||||
use Zotlabs\Lib\Libzot;
|
||||
use Zotlabs\Lib\ThreadListener;
|
||||
use App;
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
<?php
|
||||
namespace Zotlabs\Module;
|
||||
|
||||
use Zotlabs\Web\HTTPSig;
|
||||
|
||||
@require_once('include/zot.php');
|
||||
|
||||
|
||||
@@ -152,10 +154,9 @@ class Magic extends \Zotlabs\Web\Controller {
|
||||
$headers['Accept'] = 'application/x-zot+json' ;
|
||||
$headers['X-Open-Web-Auth'] = random_string();
|
||||
$headers['Host'] = $parsed['host'];
|
||||
$headers['Digest'] = 'SHA-256=' . \Zotlabs\Web\HTTPSig::generate_digest($data,false);
|
||||
$headers['Digest'] = HTTPSig::generate_digest_header($data);
|
||||
|
||||
$headers = \Zotlabs\Web\HTTPSig::create_sig('',$headers,$channel['channel_prvkey'],
|
||||
'acct:' . $channel['channel_address'] . '@' . \App::get_hostname(),false,true,'sha512');
|
||||
$headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'], 'acct:' . channel_reddress($channel),true,'sha512');
|
||||
$x = z_post_url($basepath . '/owa',$data,$redirects,[ 'headers' => $headers ]);
|
||||
|
||||
if($x['success']) {
|
||||
|
||||
@@ -2,6 +2,8 @@
|
||||
|
||||
namespace Zotlabs\Module;
|
||||
|
||||
use Zotlabs\Web\HTTPSig;
|
||||
|
||||
/**
|
||||
* OpenWebAuth verifier and token generator
|
||||
* See https://macgirvin.com/wiki/mike/OpenWebAuth/Home
|
||||
@@ -25,7 +27,7 @@ class Owa extends \Zotlabs\Web\Controller {
|
||||
continue;
|
||||
}
|
||||
|
||||
$sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER[$head]);
|
||||
$sigblock = HTTPSig::parse_sigheader($_SERVER[$head]);
|
||||
if($sigblock) {
|
||||
$keyId = $sigblock['keyId'];
|
||||
|
||||
@@ -65,7 +67,7 @@ class Owa extends \Zotlabs\Web\Controller {
|
||||
|
||||
if ($r) {
|
||||
foreach($r as $hubloc) {
|
||||
$verified = \Zotlabs\Web\HTTPSig::verify(file_get_contents('php://input'),$hubloc['xchan_pubkey']);
|
||||
$verified = HTTPSig::verify(file_get_contents('php://input'),$hubloc['xchan_pubkey']);
|
||||
if($verified && $verified['header_signed'] && $verified['header_valid']) {
|
||||
logger('OWA header: ' . print_r($verified,true),LOGGER_DATA);
|
||||
logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA);
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
<?php
|
||||
namespace Zotlabs\Module;
|
||||
|
||||
use Zotlabs\Web\HTTPSig;
|
||||
|
||||
class Zfinger extends \Zotlabs\Web\Controller {
|
||||
|
||||
@@ -23,10 +24,9 @@ class Zfinger extends \Zotlabs\Web\Controller {
|
||||
$ret = json_encode($x);
|
||||
|
||||
if($chan) {
|
||||
$hash = \Zotlabs\Web\HTTPSig::generate_digest($ret,false);
|
||||
$headers['Digest'] = 'SHA-256=' . $hash;
|
||||
\Zotlabs\Web\HTTPSig::create_sig('',$headers,$chan['channel_prvkey'],
|
||||
'acct:' . $chan['channel_address'] . '@' . \App::get_hostname(),true);
|
||||
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
||||
$h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],'acct:' . channel_reddress($chan));
|
||||
HTTPSig::set_headers($h);
|
||||
}
|
||||
else {
|
||||
foreach($headers as $k => $v) {
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
namespace Zotlabs\Module;
|
||||
|
||||
use Zotlabs\Lib\Zotfinger;
|
||||
use Zotlabs\Zot6\HTTPSig;
|
||||
use Zotlabs\Web\HTTPSig;
|
||||
|
||||
class Zot_probe extends \Zotlabs\Web\Controller {
|
||||
|
||||
|
||||
Reference in New Issue
Block a user