harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

owa: missed the set-observer stuff

Browse Source
This commit is contained in:
zotlabs 2017-09-08 16:00:27 -07:00
parent 1104e2652f
commit 84c86f01c8
2 changed files with 17 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
Zotlabs/Module/Owa.php
View File

@ -1,9 +1,16 @@
<?php <?php
namespace Zotlabs\Module; namespace Zotlabs\Module;
/**
* OpenWebAuth verifier and token generator
* See https://macgirvin.com/wiki/mike/OpenWebAuth/Home
* Requests to this endpoint should be signed using HTTP Signatures
* using the 'Authorization: Signature' authentication method
* If the signature verifies a token is returned.
*
* This token may be exchanged for an authenticated cookie.
*/
class Owa extends \Zotlabs\Web\Controller { class Owa extends \Zotlabs\Web\Controller {
@ -29,8 +36,6 @@ class Owa extends \Zotlabs\Web\Controller {
$hubloc = $r[0]; $hubloc = $r[0];
$verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']);
logger('verified: ' . print_r($verified,true));
if($verified && $verified['header_signed'] && $verified['header_valid']) { if($verified && $verified['header_signed'] && $verified['header_valid']) {
$token = random_string(32); $token = random_string(32);
\Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']); \Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']);
@ -42,13 +47,8 @@ logger('verified: ' . print_r($verified,true));
} }
} }
} }
$x = json_encode([ 'success' => false ]); }
header('Content-Type: application/x-zot+json'); }
echo $x;
killme();
}
}
$x = json_encode([ 'success' => false ]); $x = json_encode([ 'success' => false ]);
header('Content-Type: application/x-zot+json'); header('Content-Type: application/x-zot+json');
echo $x; echo $x;

9
include/zid.php
View File

@ -296,6 +296,13 @@ function owt_init($token) {
$_SESSION['DNT'] = 1; $_SESSION['DNT'] = 1;
} }
logger('owa success!'); $arr = array('xchan' => $hubloc, 'url' => \App::query_string, 'session' => $_SESSION);
call_hooks('magic_auth_success',$arr);
\App::set_observer($hubloc);
require_once('include/security.php');
\App::set_groups(init_groups_visitor($_SESSION['visitor_id']));
info(sprintf( t('Welcome %s. Remote authentication successful.'),$hubloc['xchan_name']));
logger('OpenWebAuth: auth success from ' . $hubloc['xchan_addr']);
} }