summaryrefslogtreecommitdiff
path: root/plugins/OStatus
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/OStatus')
-rw-r--r--plugins/OStatus/lib/magicenvelope.php22
-rw-r--r--plugins/OStatus/lib/salmon.php18
-rw-r--r--plugins/OStatus/lib/salmonaction.php26
3 files changed, 47 insertions, 19 deletions
diff --git a/plugins/OStatus/lib/magicenvelope.php b/plugins/OStatus/lib/magicenvelope.php
index f33119b8f..230d81ba1 100644
--- a/plugins/OStatus/lib/magicenvelope.php
+++ b/plugins/OStatus/lib/magicenvelope.php
@@ -83,6 +83,28 @@ class MagicEnvelope
}
+ public function toXML($env) {
+ $dom = new DOMDocument();
+
+ $envelope = $dom->createElementNS(MagicEnvelope::NS, 'me:env');
+ $envelope->setAttribute('xmlns:me', MagicEnvelope::NS);
+ $data = $dom->createElementNS(MagicEnvelope::NS, 'me:data', $env['data']);
+ $data->setAttribute('type', $env['data_type']);
+ $envelope->appendChild($data);
+ $enc = $dom->createElementNS(MagicEnvelope::NS, 'me:encoding', $env['encoding']);
+ $envelope->appendChild($enc);
+ $alg = $dom->createElementNS(MagicEnvelope::NS, 'me:alg', $env['alg']);
+ $envelope->appendChild($alg);
+ $sig = $dom->createElementNS(MagicEnvelope::NS, 'me:sig', $env['sig']);
+ $envelope->appendChild($sig);
+
+ $dom->appendChild($envelope);
+
+
+ return $dom->saveXML();
+ }
+
+
public function unfold($env)
{
$dom = new DOMDocument();
diff --git a/plugins/OStatus/lib/salmon.php b/plugins/OStatus/lib/salmon.php
index 6e2459544..68883a410 100644
--- a/plugins/OStatus/lib/salmon.php
+++ b/plugins/OStatus/lib/salmon.php
@@ -48,12 +48,17 @@ class Salmon
return false;
}
- if (!common_config('ostatus', 'skip_signatures')) {
+ try {
$xml = $this->createMagicEnv($xml, $actor);
+ } catch (Exception $e) {
+ common_log(LOG_ERR, "Salmon unable to sign: " . $e->getMessage());
+ return false;
}
- $headers = array('Content-Type: application/atom+xml');
+ $headers = array('Content-Type: application/magic-envelope+xml');
+ common_log(LOG_DEBUG, "Salmon: going to post " . $xml);
+
try {
$client = new HTTPClient();
$client->setBody($xml);
@@ -72,7 +77,6 @@ class Salmon
public function createMagicEnv($text, $actor)
{
- common_log(LOG_DEBUG, "Got actor as : ". print_r($actor, true));
$magic_env = new MagicEnvelope();
$user = User::staticGet('id', $actor->id);
@@ -84,7 +88,6 @@ class Salmon
$magickey = new Magicsig();
$magickey->generate($user->id);
}
- common_log(LOG_DEBUG, "Salmon: Loaded key for ". $user->id);
} else {
throw new Exception("Salmon invalid actor for signing");
}
@@ -95,15 +98,16 @@ class Salmon
common_log(LOG_ERR, "Salmon signing failed: ". $e->getMessage());
return $text;
}
- return $magic_env->unfold($env);
+ return $magic_env->toXML($env);
}
- public function verifyMagicEnv($dom)
+ public function verifyMagicEnv($text)
{
+ common_log(LOG_DEBUG, "Going to verify ". $text);
$magic_env = new MagicEnvelope();
- $env = $magic_env->fromDom($dom);
+ $env = $magic_env->parse($text);
return $magic_env->verify($env);
}
diff --git a/plugins/OStatus/lib/salmonaction.php b/plugins/OStatus/lib/salmonaction.php
index a03169101..9ca350e67 100644
--- a/plugins/OStatus/lib/salmonaction.php
+++ b/plugins/OStatus/lib/salmonaction.php
@@ -41,29 +41,31 @@ class SalmonAction extends Action
$this->clientError(_m('This method requires a POST.'));
}
- if (empty($_SERVER['CONTENT_TYPE']) || $_SERVER['CONTENT_TYPE'] != 'application/atom+xml') {
- $this->clientError(_m('Salmon requires application/atom+xml'));
+ if (empty($_SERVER['CONTENT_TYPE']) || $_SERVER['CONTENT_TYPE'] != 'application/magic-envelope+xml') {
+ $this->clientError(_m('Salmon requires application/magic-envelope+xml'));
}
$xml = file_get_contents('php://input');
- $dom = DOMDocument::loadXML($xml);
+ // Check the signature
+ $salmon = new Salmon;
+ if (!$salmon->verifyMagicEnv($xml)) {
+ common_log(LOG_DEBUG, "Salmon signature verification failed.");
+ $this->clientError(_m('Salmon signature verification failed.'));
+ } else {
+ $env = MagicEnvelope::parse($xml);
+ $xml = MagicEnvelope::unfold($env);
+ }
+
+
+ $dom = DOMDocument::loadXML($xml);
if ($dom->documentElement->namespaceURI != Activity::ATOM ||
$dom->documentElement->localName != 'entry') {
common_log(LOG_DEBUG, "Got invalid Salmon post: $xml");
$this->clientError(_m('Salmon post must be an Atom entry.'));
}
- // Check the signature
- $salmon = new Salmon;
- if (!common_config('ostatus', 'skip_signatures')) {
- if (!$salmon->verifyMagicEnv($dom)) {
- common_log(LOG_DEBUG, "Salmon signature verification failed.");
- $this->clientError(_m('Salmon signature verification failed.'));
- }
- }
-
$this->act = new Activity($dom->documentElement);
return true;
}