diff options
-rw-r--r-- | plugins/OStatus/lib/salmon.php | 17 | ||||
-rw-r--r-- | plugins/OStatus/lib/salmonaction.php | 8 |
2 files changed, 21 insertions, 4 deletions
diff --git a/plugins/OStatus/lib/salmon.php b/plugins/OStatus/lib/salmon.php index df17a7006..53925dc3f 100644 --- a/plugins/OStatus/lib/salmon.php +++ b/plugins/OStatus/lib/salmon.php @@ -34,6 +34,8 @@ class Salmon return FALSE; } + $xml = $this->createMagicEnv($xml); + $headers = array('Content-type: application/atom+xml'); try { @@ -52,16 +54,25 @@ class Salmon } - public function createMagicEnv($text, $userid) + public function createMagicEnv($text) { + $magic_env = new MagicEnvelope(); + // TODO: Should probably be getting the signer uri as an argument? + $signer_uri = $magic_env->getAuthor($text); + $env = $magic_env->signMessage($text, 'application/atom+xml', $signer_uri); + + return $magic_env->unfold($env); } - public function verifyMagicEnv($env) + public function verifyMagicEnv($dom) { + $magic_env = new MagicEnvelope(); + + $env = $magic_env->fromDom($dom); - + return $magic_env->verify($env); } } diff --git a/plugins/OStatus/lib/salmonaction.php b/plugins/OStatus/lib/salmonaction.php index 4aba20cc4..09a042975 100644 --- a/plugins/OStatus/lib/salmonaction.php +++ b/plugins/OStatus/lib/salmonaction.php @@ -54,8 +54,14 @@ class SalmonAction extends Action common_log(LOG_DEBUG, "Got invalid Salmon post: $xml"); $this->clientError(_m('Salmon post must be an Atom entry.')); } - // XXX: check the signature + // Check the signature + $salmon = new Salmon; + if (!$salmon->verifyMagicEnv($dom)) { + common_log(LOG_DEBUG, "Salmon signature verification failed."); + $this->clientError(_m('Salmon signature verification failed.')); + } + $this->act = new Activity($dom->documentElement); return true; } |