From 90f759412b32485b029c2a43f9c01372e9fc83a7 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 20 Sep 2017 16:26:33 -0700 Subject: [PATCH 1/8] fix namespace parsing issue --- Zotlabs/Lib/ActivityStreams.php | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/Zotlabs/Lib/ActivityStreams.php b/Zotlabs/Lib/ActivityStreams.php index 1b9f82ddf..10ae24670 100644 --- a/Zotlabs/Lib/ActivityStreams.php +++ b/Zotlabs/Lib/ActivityStreams.php @@ -58,7 +58,7 @@ class ActivityStreams { $this->saved_recips = $arr; } - function collect_recips($base = '',$namespace = ACTIVITYSTREAMS_JSONLD_REV) { + function collect_recips($base = '',$namespace = '') { $x = []; $fields = [ 'to','cc','bto','bcc','audience']; foreach($fields as $f) { @@ -75,7 +75,7 @@ class ActivityStreams { return $x; } - function expand($arr,$base = '',$namespace = ACTIVITYSTREAMS_JSONLD_REV) { + function expand($arr,$base = '',$namespace = '') { $ret = []; // right now use a hardwired recursion depth of 5 @@ -103,8 +103,12 @@ class ActivityStreams { function get_namespace($base,$namespace) { + if(! $namespace) + return ''; + $key = null; + foreach( [ $this->data, $base ] as $b ) { if(! $b) continue; @@ -135,7 +139,7 @@ class ActivityStreams { } - function get_property_obj($property,$base = '',$namespace = ACTIVITYSTREAMS_JSONLD_REV ) { + function get_property_obj($property,$base = '',$namespace = '' ) { $prefix = $this->get_namespace($base,$namespace); if($prefix === null) return null; @@ -158,7 +162,7 @@ class ActivityStreams { return null; } - function get_compound_property($property,$base = '',$namespace = ACTIVITYSTREAMS_JSONLD_REV) { + function get_compound_property($property,$base = '',$namespace = '') { $x = $this->get_property_obj($property,$base,$namespace); if($this->is_url($x)) { $x = $this->fetch_property($x); @@ -173,7 +177,7 @@ class ActivityStreams { return false; } - function get_primary_type($base = '',$namespace = ACTIVITYSTREAMS_JSONLD_REV) { + function get_primary_type($base = '',$namespace = '') { if(! $base) $base = $this->data; $x = $this->get_property_obj('type',$base,$namespace); From 7b060dff68841543e08e516a1dbdcdceea8fb59a Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 20 Sep 2017 19:12:23 -0700 Subject: [PATCH 2/8] add HTTP link header to channel page, making it pluggable --- Zotlabs/Web/Router.php | 19 +++++++++++++++++++ boot.php | 18 ++++++++++++++++++ doc/hooklist.bb | 3 +++ 3 files changed, 40 insertions(+) diff --git a/Zotlabs/Web/Router.php b/Zotlabs/Web/Router.php index 710aa2844..b0193652b 100644 --- a/Zotlabs/Web/Router.php +++ b/Zotlabs/Web/Router.php @@ -178,6 +178,25 @@ class Router { */ if(\App::$module_loaded) { + if (( \App::$module === 'channel' ) && argc() > 1) { + \App::$channel_links = [ + [ + 'rel' => 'lrdd', + 'type' => 'application/xrd+xml', + 'url' => z_root() . '/xrd?f=&uri=acct%3A' . argv(1) . '%40' . \App::get_hostname() + ], + [ + 'rel' => 'jrd', + 'type' => 'application/jrd+json', + 'url' => z_root() . '/.well-known/webfinger?f=&resource=acct%3A' . argv(1) . '%40' . \App::get_hostname() + ], + ]; + $x = [ 'channel_address' => argv(1), 'channel_links' => \App::$channel_links ]; + call_hooks('channel_links', $x ); + \App::$channel_links = $x['channel_links']; + header('Link: ' . \App::get_channel_links()); + } + \App::$page['page_title'] = \App::$module; $placeholder = ''; diff --git a/boot.php b/boot.php index b6a33b808..9260cea43 100755 --- a/boot.php +++ b/boot.php @@ -782,6 +782,10 @@ class App { public static $is_tablet = false; public static $comanche; + + public static $channel_links; + + public static $category; // Allow themes to control internal parameters @@ -929,6 +933,7 @@ class App { self::$module = 'home'; } + /* * See if there is any page number information, and initialise * pagination @@ -1026,6 +1031,19 @@ class App { return self::$path; } + public static function get_channel_links() { + $s = ''; + $x = self::$channel_links; + if($x && is_array($x) && count($x)) { + foreach($x as $y) { + if($s) { + $s .= ','; + } + $s .= '<' . $y['url'] . '>;rel="' . $y['rel'] . '";type="' . $y['type'] . '"'; + } + } + return $s; + } public static function set_account($acct) { self::$account = $acct; } diff --git a/doc/hooklist.bb b/doc/hooklist.bb index 9a17fdb91..1192a1506 100644 --- a/doc/hooklist.bb +++ b/doc/hooklist.bb @@ -91,6 +91,9 @@ Hooks allow plugins/addons to "hook into" the code at many points and alter the [zrl=[baseurl]/help/hook/channel_remove]channel_remove[/zrl] Called when removing a channel +[zrl=[baseurl]/help/hook/channel_links]channel_links[/zrl] + Called when generating the Link: HTTP header for a channel + [zrl=[baseurl]/help/hook/channel_settings]channel_settings[/zrl] Called when displaying the channel settings page From c4261b9c4b234cd3b2f377160c38a3aac5186690 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 20 Sep 2017 19:34:43 -0700 Subject: [PATCH 3/8] we need this in the plugin, not in core --- Zotlabs/Module/Xrd.php | 1 + 1 file changed, 1 insertion(+) diff --git a/Zotlabs/Module/Xrd.php b/Zotlabs/Module/Xrd.php index 60a8f58fa..959e31cbe 100644 --- a/Zotlabs/Module/Xrd.php +++ b/Zotlabs/Module/Xrd.php @@ -50,6 +50,7 @@ class Xrd extends \Zotlabs\Web\Controller { '$accturi' => $resource, '$subject' => $subject, '$aliases' => $aliases, + '$channel_url' => z_root() . '/channel/' . $r[0]['channel_address'], '$profile_url' => z_root() . '/channel/' . $r[0]['channel_address'], '$hcard_url' => z_root() . '/hcard/' . $r[0]['channel_address'], '$atom' => z_root() . '/ofeed/' . $r[0]['channel_address'], From 24a9c3ba79cc7639a9cc6082c13dfedbc989bc8d Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 20 Sep 2017 21:20:00 -0700 Subject: [PATCH 4/8] add more signature logging --- Zotlabs/Lib/LDSignatures.php | 5 ++++- Zotlabs/Web/HTTPSig.php | 8 +++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/Zotlabs/Lib/LDSignatures.php b/Zotlabs/Lib/LDSignatures.php index 31ffd71f1..d500799c0 100644 --- a/Zotlabs/Lib/LDSignatures.php +++ b/Zotlabs/Lib/LDSignatures.php @@ -12,7 +12,10 @@ class LDSignatures { $ohash = self::hash(self::signable_options($data['signature'])); $dhash = self::hash(self::signable_data($data)); - return rsa_verify($ohash . $dhash,base64_decode($data['signature']['signatureValue']), $pubkey); + $x = rsa_verify($ohash . $dhash,base64_decode($data['signature']['signatureValue']), $pubkey); + logger('LD-verify: ' . intval($x)); + + return $x; } static function dopplesign(&$data,$channel) { diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php index 6526fa7c8..28a7b3b55 100644 --- a/Zotlabs/Web/HTTPSig.php +++ b/Zotlabs/Web/HTTPSig.php @@ -48,7 +48,7 @@ class HTTPSig { else { $headers = []; $headers['(request-target)'] = - $_SERVER['REQUEST_METHOD'] . ' ' . + strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI']; foreach($_SERVER as $k => $v) { if(strpos($k,'HTTP_') === 0) { @@ -70,6 +70,8 @@ class HTTPSig { if(! $sig_block) return $result; + logger('sig_block: ' . print_r($sig_block,true), LOGGER_DATA); + $result['header_signed'] = true; $signed_headers = $sig_block['headers']; @@ -110,6 +112,8 @@ class HTTPSig { $x = rsa_verify($signed_data,$sig_block['signature'],$key,$algorithm); + logger('verified: ' . $x, LOGGER_DEBUG); + if($x === false) return $result; @@ -130,6 +134,8 @@ class HTTPSig { } } + logger('Content_Valid: ' . $result['content_valid']); + return $result; } From 2e9336beb5c3881b7f17cd4ffca29894344c779c Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 20 Sep 2017 23:42:57 -0700 Subject: [PATCH 5/8] change back to the ugly content-type --- Zotlabs/Lib/ActivityStreams.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Zotlabs/Lib/ActivityStreams.php b/Zotlabs/Lib/ActivityStreams.php index 10ae24670..379e78a59 100644 --- a/Zotlabs/Lib/ActivityStreams.php +++ b/Zotlabs/Lib/ActivityStreams.php @@ -156,7 +156,7 @@ class ActivityStreams { } $x = z_fetch_url($url,true,$redirects, - ['headers' => [ 'Accept: application/activity+json, application/ld+json; profile="https://www.w3.org/ns/activitystreams"']]); + ['headers' => [ 'Accept: application/ld+json; profile="https://www.w3.org/ns/activitystreams", application/activity+json' ]]); if($x['success']) return json_decode($x['body'],true); return null; From 6e9e267b2750df331a4a9d6d5910714bec738ec0 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 20 Sep 2017 23:57:44 -0700 Subject: [PATCH 6/8] provide a space between link header params --- Zotlabs/Web/HTTPSig.php | 2 +- boot.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php index 28a7b3b55..986e10d73 100644 --- a/Zotlabs/Web/HTTPSig.php +++ b/Zotlabs/Web/HTTPSig.php @@ -20,7 +20,7 @@ class HTTPSig { return $digest; } - // See draft-cavage-http-signatures-07 + // See draft-cavage-http-signatures-08 static function verify($data,$key = '') { diff --git a/boot.php b/boot.php index 9260cea43..51985a2a5 100755 --- a/boot.php +++ b/boot.php @@ -1039,7 +1039,7 @@ class App { if($s) { $s .= ','; } - $s .= '<' . $y['url'] . '>;rel="' . $y['rel'] . '";type="' . $y['type'] . '"'; + $s .= '<' . $y['url'] . '>; rel="' . $y['rel'] . '"; type="' . $y['type'] . '"'; } } return $s; From b745a143c3e622705a73f083dc3adbaf28787061 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 21 Sep 2017 13:29:48 -0700 Subject: [PATCH 7/8] go back to the un-versioned jsonld context --- boot.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/boot.php b/boot.php index 51985a2a5..2940aba54 100755 --- a/boot.php +++ b/boot.php @@ -456,7 +456,16 @@ define ( 'NAMESPACE_STATUSNET', 'http://status.net/schema/api/1/' ); define ( 'NAMESPACE_ATOM1', 'http://www.w3.org/2005/Atom' ); define ( 'NAMESPACE_YMEDIA', 'http://search.yahoo.com/mrss/' ); -define ( 'ACTIVITYSTREAMS_JSONLD_REV', 'https://www.w3.org/ns/activitystreams-history/v1.8.jsonld' ); +// We should be using versioned jsonld contexts so that signatures will be slightly more reliable. +// Why signatures are unreliable by design is a problem nobody seems to care about +// "because it's a proposed W3C standard". . + +// Anyway, if you use versioned contexts, communication with Mastodon fails. Have not yet investigated +// the reason for the dependency but for the current time, use the standard non-versioned context. +//define ( 'ACTIVITYSTREAMS_JSONLD_REV', 'https://www.w3.org/ns/activitystreams-history/v1.8.jsonld' ); + +define ( 'ACTIVITYSTREAMS_JSONLD_REV', 'https://www.w3.org/ns/activitystreams' ); + define ( 'ZOT_APSCHEMA_REV', '/apschema/v1.2' ); /** * activity stream defines From a7d339be5a80bd9b6d3c9441f37f4ad33d8afa84 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Thu, 21 Sep 2017 23:11:15 +0200 Subject: [PATCH 8/8] nav_set_selected() and minor whitespace for mod pubstream --- Zotlabs/Module/Pubstream.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Zotlabs/Module/Pubstream.php b/Zotlabs/Module/Pubstream.php index ef818845c..72d5f80fa 100644 --- a/Zotlabs/Module/Pubstream.php +++ b/Zotlabs/Module/Pubstream.php @@ -28,6 +28,8 @@ class Pubstream extends \Zotlabs\Web\Controller { if(! $update) { + nav_set_selected(t('Public Stream')); + $_SESSION['static_loadtime'] = datetime_convert(); $static = ((local_channel()) ? channel_manual_conv_update(local_channel()) : 1); @@ -108,7 +110,7 @@ class Pubstream extends \Zotlabs\Web\Controller { $simple_update = ''; if($static && $simple_update) - $simple_update .= " and item_thread_top = 0 and author_xchan = '" . protect_sprintf(get_observer_hash()) . "' "; + $simple_update .= " and item_thread_top = 0 and author_xchan = '" . protect_sprintf(get_observer_hash()) . "' "; //logger('update: ' . $update . ' load: ' . $load);