diff options
-rw-r--r-- | actions/finishremotesubscribe.php | 3 | ||||
-rw-r--r-- | actions/remotesubscribe.php | 15 | ||||
-rw-r--r-- | lib/omb.php | 28 |
3 files changed, 25 insertions, 21 deletions
diff --git a/actions/finishremotesubscribe.php b/actions/finishremotesubscribe.php index e2276b5a4..df5fe6476 100644 --- a/actions/finishremotesubscribe.php +++ b/actions/finishremotesubscribe.php @@ -254,7 +254,8 @@ class FinishremotesubscribeAction extends Action { $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); $result = $fetcher->post($req->get_normalized_http_url(), - $req->to_postdata()); + $req->to_postdata(), + array('User-Agent' => 'Laconica/' . LACONICA_VERSION)); common_debug('got result: "'.print_r($result,TRUE).'"', __FILE__); diff --git a/actions/remotesubscribe.php b/actions/remotesubscribe.php index 0adcc0848..c3a09bcfc 100644 --- a/actions/remotesubscribe.php +++ b/actions/remotesubscribe.php @@ -33,14 +33,14 @@ class RemotesubscribeAction extends Action { } if ($_SERVER['REQUEST_METHOD'] == 'POST') { - + # CSRF protection $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { $this->show_form(_('There was a problem with your session token. Try again, please.')); return; } - + $this->remote_subscription(); } else { $this->show_form(); @@ -115,7 +115,7 @@ class RemotesubscribeAction extends Action { } # XXX: a little liberal for sites that accidentally put whitespace before the xml declaration - + $xrds =& Auth_Yadis_XRDS::parseXRDS(trim($yadis->response_text)); if (!$xrds) { @@ -141,7 +141,7 @@ class RemotesubscribeAction extends Action { $this->show_form(_('That\'s a local profile! Login to subscribe.')); return; } - + list($token, $secret) = $this->request_token($omb); if (!$token || !$secret) { @@ -287,7 +287,8 @@ class RemotesubscribeAction extends Action { $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); $result = $fetcher->post($req->get_normalized_http_url(), - $req->to_postdata()); + $req->to_postdata(), + array('User-Agent' => 'Laconica/' . LACONICA_VERSION)); if ($result->status != 200) { return NULL; @@ -332,7 +333,7 @@ class RemotesubscribeAction extends Action { $this->server_error(_('User without matching profile')); return; } - + if ($profile->fullname) { $req->set_parameter('omb_listenee_fullname', $profile->fullname); } @@ -370,7 +371,7 @@ class RemotesubscribeAction extends Action { $omb['update_profile_url'] = omb_service_uri($omb[OMB_ENDPOINT_UPDATEPROFILE]); common_ensure_session(); - + $_SESSION['oauth_authorization_request'] = $omb; # Redirect to authorization service diff --git a/lib/omb.php b/lib/omb.php index 8d33fee15..96736b4d4 100644 --- a/lib/omb.php +++ b/lib/omb.php @@ -128,7 +128,7 @@ function omb_broadcast_remote_subscribers($notice) { if (!$posted[$rp->postnoticeurl]) { common_log(LOG_DEBUG, 'Posting to ' . $rp->postnoticeurl); if (omb_post_notice_keys($notice, $rp->postnoticeurl, $rp->token, $rp->secret)) { - common_log(LOG_DEBUG, 'Finished to ' . $rp->postnoticeurl); + common_log(LOG_DEBUG, 'Finished to ' . $rp->postnoticeurl); $posted[$rp->postnoticeurl] = TRUE; } else { common_log(LOG_DEBUG, 'Failed posting to ' . $rp->postnoticeurl); @@ -138,7 +138,7 @@ function omb_broadcast_remote_subscribers($notice) { $rp->free(); unset($rp); - + return true; } @@ -149,7 +149,7 @@ function omb_post_notice($notice, $remote_profile, $subscription) { function omb_post_notice_keys($notice, $postnoticeurl, $tk, $secret) { common_debug('Posting notice ' . $notice->id . ' to ' . $postnoticeurl, __FILE__); - + $user = User::staticGet('id', $notice->profile_id); if (!$user) { @@ -158,17 +158,17 @@ function omb_post_notice_keys($notice, $postnoticeurl, $tk, $secret) { } $con = omb_oauth_consumer(); - + $token = new OAuthToken($tk, $secret); - + $url = $postnoticeurl; $parsed = parse_url($url); $params = array(); parse_str($parsed['query'], $params); - + $req = OAuthRequest::from_consumer_and_token($con, $token, 'POST', $url, $params); - + $req->set_parameter('omb_version', OMB_VERSION_01); $req->set_parameter('omb_listenee', $user->uri); $req->set_parameter('omb_notice', $notice->uri); @@ -177,23 +177,24 @@ function omb_post_notice_keys($notice, $postnoticeurl, $tk, $secret) { array('notice' => $notice->id))); $req->set_parameter('omb_notice_license', common_config('license', 'url')); - + $user->free(); unset($user); - + $req->sign_request(omb_hmac_sha1(), $con, $token); # We re-use this tool's fetcher, since it's pretty good - + $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); if (!$fetcher) { common_log(LOG_WARNING, 'Failed to initialize Yadis fetcher.', __FILE__); return false; } - + $result = $fetcher->post($req->get_normalized_http_url(), - $req->to_postdata()); + $req->to_postdata(), + array('User-Agent' => 'Laconica/' . LACONICA_VERSION)); common_debug('Got HTTP result "'.print_r($result,TRUE).'"', __FILE__); @@ -275,7 +276,8 @@ function omb_update_profile($profile, $remote_profile, $subscription) { common_debug('request URL = '.$req->get_normalized_http_url(), __FILE__); common_debug('postdata = '.$req->to_postdata(), __FILE__); $result = $fetcher->post($req->get_normalized_http_url(), - $req->to_postdata()); + $req->to_postdata(), + array('User-Agent' => 'Laconica/' . LACONICA_VERSION)); common_debug('Got HTTP result "'.print_r($result,TRUE).'"', __FILE__); |