summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJames Walker <walkah@walkah.net>2010-02-22 09:05:52 -0500
committerJames Walker <walkah@walkah.net>2010-02-22 09:05:52 -0500
commit2f65fa646acc9a0739e779de9e472b9957c2e7eb (patch)
tree9ebc1ef6d3e5a5b467fe149c89c029c84145d901
parente0388cc1d3922002596c2ec0531ac2f06d91806a (diff)
wiring in magicsig
-rw-r--r--plugins/OStatus/lib/salmon.php17
-rw-r--r--plugins/OStatus/lib/salmonaction.php8
2 files changed, 21 insertions, 4 deletions
diff --git a/plugins/OStatus/lib/salmon.php b/plugins/OStatus/lib/salmon.php
index df17a7006..53925dc3f 100644
--- a/plugins/OStatus/lib/salmon.php
+++ b/plugins/OStatus/lib/salmon.php
@@ -34,6 +34,8 @@ class Salmon
return FALSE;
}
+ $xml = $this->createMagicEnv($xml);
+
$headers = array('Content-type: application/atom+xml');
try {
@@ -52,16 +54,25 @@ class Salmon
}
- public function createMagicEnv($text, $userid)
+ public function createMagicEnv($text)
{
+ $magic_env = new MagicEnvelope();
+ // TODO: Should probably be getting the signer uri as an argument?
+ $signer_uri = $magic_env->getAuthor($text);
+ $env = $magic_env->signMessage($text, 'application/atom+xml', $signer_uri);
+
+ return $magic_env->unfold($env);
}
- public function verifyMagicEnv($env)
+ public function verifyMagicEnv($dom)
{
+ $magic_env = new MagicEnvelope();
+
+ $env = $magic_env->fromDom($dom);
-
+ return $magic_env->verify($env);
}
}
diff --git a/plugins/OStatus/lib/salmonaction.php b/plugins/OStatus/lib/salmonaction.php
index 4aba20cc4..09a042975 100644
--- a/plugins/OStatus/lib/salmonaction.php
+++ b/plugins/OStatus/lib/salmonaction.php
@@ -54,8 +54,14 @@ class SalmonAction extends Action
common_log(LOG_DEBUG, "Got invalid Salmon post: $xml");
$this->clientError(_m('Salmon post must be an Atom entry.'));
}
- // XXX: check the signature
+ // Check the signature
+ $salmon = new Salmon;
+ if (!$salmon->verifyMagicEnv($dom)) {
+ common_log(LOG_DEBUG, "Salmon signature verification failed.");
+ $this->clientError(_m('Salmon signature verification failed.'));
+ }
+
$this->act = new Activity($dom->documentElement);
return true;
}