"heavy lifting" - zot messages flowing, now just need to be parsed and stored at the other end.

3 files changed, 154 insertions, 10 deletions

diff --git a/include/items.php b/include/items.php
index 5a8ecb540..28b19caad 100755
--- a/include/items.php
+++ b/include/items.php
@@ -522,6 +522,7 @@ function import_author_xchan($x) {
 
 function encode_item($item) {
 	$x = array();
+	$x['type'] = 'activity';
 
 	logger('encode_item: ' . print_r($item,true));
 
diff --git a/include/zot.php b/include/zot.php
index 9e9f5099d..ba2a6a834 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -564,4 +564,72 @@ function zot_process_response($arr,$outq) {
 	}
 
 	logger('zot_process_response: ' . print_r($x,true), LOGGER_DATA);
-}
\ No newline at end of file
+}
+
+function zot_fetch($arr) {
+
+	logger('zot_fetch: ' . print_r($arr,true), LOGGER_DATA);
+
+	$url = $arr['sender']['url'] . $arr['callback'];
+
+	$ret_hub = zot_gethub($arr['sender']);
+	if(! $ret_hub) {
+		logger('zot_fetch: not ret_hub');
+		return;
+	}
+	
+
+	$ret_secret = json_encode(array($arr['secret'],'secret_sig' => base64url_encode(rsa_sign($arr['secret'],get_config('system','prvkey')))));
+	
+
+	$data = array(
+		'type'    => 'pickup',
+		'url'     => z_root(),
+		'callback_sig' => base64url_encode(rsa_sign(z_root() . '/post',get_config('system','prvkey'))),
+		'callback' => z_root() . '/post',
+		'secret' => $arr['secret'],
+		'secret_sig' => base64url_encode(rsa_sign($arr['secret'],get_config('system','prvkey')))
+	);
+
+
+	$datatosend = json_encode(aes_encapsulate(json_encode($data),$ret_hub['hubloc_sitekey']));
+	
+	$fetch = zot_zot($url,$datatosend);
+
+	$result = zot_import($fetch);
+
+}
+
+
+function zot_import($arr) {
+
+	logger('zot_import: ' . print_r($arr,true), LOGGER_DATA);
+	logger('zot_import: data' . print_r($data,true), LOGGER_DATA);
+
+	$data = json_decode($arr['body'],true);
+	if(array_key_exists('iv',$data)) {
+		$data = json_decode(aes_unencapsulate($data,get_config('system','prvkey')),true);
+    }
+
+	$incoming = $data['pickup'];
+	if(is_array($incoming)) {
+		foreach($incoming as $i) {
+			if($i['notify'] && $i['notify']['recipients']) {
+				// look for our site members in the recipient list
+				// (fix the notifier to send them...)
+
+			}
+			else {
+				// look for any site members who are accepting posts from this sender
+
+			}
+			if($i['message'] && $i['message']['type'] === 'activity') {
+				// process the message
+
+
+
+
+			}
+		}
+	}
+}
diff --git a/mod/post.php b/mod/post.php
index 320e9fdd9..bdb50ac48 100644
--- a/mod/post.php
+++ b/mod/post.php
@@ -13,18 +13,85 @@ function post_post(&$a) {
 
 	$ret = array('result' => false);
 
-	if(array_key_exists('iv',$_REQUEST)) {
-		// hush-hush ultra top secret mode
-		$data = json_decode(aes_unencapsulate($_REQUEST['data'],get_config('system','site_prvkey')),true);
-	}
-	else {
-		$data = json_decode($_REQUEST['data'],true);
-	}
+	$data = json_decode($_REQUEST['data'],true);
 
+	logger('mod_zot: data: ' . print_r($data,true), LOGGER_DATA);
+
+	if(array_key_exists('iv',$data)) {
+		$data = aes_unencapsulate($data,get_config('system','prvkey'));
+		logger('mod_zot: decrypt1: ' . $data);
+		$data = json_decode($data,true);
+	}
 
+	logger('mod_zot: decoded data: ' . print_r($data,true), LOGGER_DATA);
 
 	$msgtype = ((array_key_exists('type',$data)) ? $data['type'] : '');
 
+
+	if($msgtype === 'pickup') {
+
+		if((! $data['secret']) || (! $data['secret_sig'])) {
+			$ret['message'] = 'no verification signature';
+			logger('mod_zot: pickup: ' . $ret['message']);
+			json_return_and_die($ret);
+		}
+		$r = q("select hubloc_sitekey from hubloc where hubloc_url = '%s' and hubloc_callback = '%s' and hubloc_sitekey != '' limit 1",
+			dbesc($data['url']),
+			dbesc($data['callback'])
+		);
+		if(! $r) {
+			$ret['message'] = 'site not found';
+			logger('mod_zot: pickup: ' . $ret['message']);
+			json_return_and_die($ret);
+		}
+		// verify the url_sig
+		$sitekey = $r[0]['hubloc_sitekey'];
+		logger('sitekey: ' . $sitekey);
+
+		if(! rsa_verify($data['callback'],base64url_decode($data['callback_sig']),$sitekey)) {
+			$ret['message'] = 'possible site forgery';
+			logger('mod_zot: pickup: ' . $ret['message']);
+			json_return_and_die($ret);
+		}
+
+		if(! rsa_verify($data['secret'],base64url_decode($data['secret_sig']),$sitekey)) {
+			$ret['message'] = 'secret validation failed';
+			logger('mod_zot: pickup: ' . $ret['message']);
+			json_return_and_die($ret);
+		}
+
+		// If we made it to here, we've got a valid pickup. Grab everything for this host and send it.
+
+		$r = q("select outq_posturl from outq where outq_hash = '%s' and outq_posturl = '%s' limit 1",
+			dbesc($data['secret']),
+			dbesc($data['callback'])
+		);
+		if(! $r) {
+			$ret['message'] = 'nothing to pick up';
+			logger('mod_zot: pickup: ' . $ret['message']);
+			json_return_and_die($ret);
+		}
+
+		$r = q("select * from outq where outq_posturl = '%s'",
+			dbesc($data['callback'])
+		);
+		if($r) {
+			$ret['success'] = true;
+			$ret['pickup'] = array();
+			foreach($r as $rr) {
+				$ret['pickup'][] = array('notify' => $rr['outq_notify'],'message' => $rr['outq_msg']);
+
+				$x = q("delete from outq where outq_hash = '%s' limit 1",
+					dbesc($rr['outq_hash'])
+				);
+			}
+		}
+		$encrypted = aes_encapsulate(json_encode($ret),$sitekey);
+		json_return_and_die($encrypted);
+	}
+
+
+
 	if(array_key_exists('sender',$data)) {
 		$sender = $data['sender'];
 	}	
@@ -84,8 +151,16 @@ function post_post(&$a) {
 	}
 
 	if($msgtype === 'notify') {
-		// add to receive queue
-		// qreceive_add($data);
+		$async = get_config('system','queued_fetch');
+
+		
+		if($async) {
+			// add to receive queue
+			// qreceive_add($data);
+		}
+		else {
+			$x = zot_fetch($data);
+		}
 
 		$ret['result'] = true;
 		json_return_and_die($ret);