strip acct: from OWA auth to API endpoints

2017-12-07 18:56:26 -08:00 · 2017-12-07 18:56:26 -08:00 · 85b7c90637
commit 85b7c90637
parent e9ae51cfbc
3 changed files with 4 additions and 3 deletions
--- a/Zotlabs/Module/Cdav.php
+++ b/Zotlabs/Module/Cdav.php
@ -39,7 +39,7 @@ class Cdav extends \Zotlabs\Web\Controller {

 					$sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER[$head]);
 					if($sigblock) {
-						$keyId = $sigblock['keyId'];
+						$keyId = str_replace('acct:','',$sigblock['keyId']);
 						if($keyId) {
 							$r = q("select * from hubloc where hubloc_addr = '%s' limit 1",
 								dbesc($keyId)
--- a/Zotlabs/Module/Dav.php
+++ b/Zotlabs/Module/Dav.php
@ -48,7 +48,7 @@ class Dav extends \Zotlabs\Web\Controller {

 				$sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER[$head]);
 				if($sigblock) {
-					$keyId = $sigblock['keyId'];
+					$keyId = str_replace('acct:','',$sigblock['keyId']);
 					if($keyId) {
 						$r = q("select * from hubloc where hubloc_addr = '%s' limit 1",
 							dbesc($keyId)
--- a/include/api_auth.php
+++ b/include/api_auth.php
@ -52,6 +52,7 @@ function api_login(&$a){
 		/* Signature authentication */

 		if(array_key_exists($head,$_SERVER) && substr(trim($_SERVER[$head]),0,9) === 'Signature') {
+
 			if($head !== 'HTTP_AUTHORIZATION') {
 				$_SERVER['HTTP_AUTHORIZATION'] = $_SERVER[$head];
 				continue;
@ -59,7 +60,7 @@ function api_login(&$a){

 			$sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER[$head]);
 			if($sigblock) {
-				$keyId = $sigblock['keyId'];
+				$keyId = str_replace('acct:','',$sigblock['keyId']);
 				if($keyId) {
 					$r = q("select * from hubloc where hubloc_addr = '%s' limit 1",
 						dbesc($keyId)