diff options
| author | zotlabs <mike@macgirvin.com> | 2018-01-11 12:13:57 -0800 |
|---|---|---|
| committer | Mario <mario@mariovavti.com> | 2018-01-12 09:20:25 +0100 |
| commit | be3bfa3806e89446c892f3a68e00bc4c7f31d5d6 (patch) | |
| tree | 31d0e7ab065a6128926b92b16d8865ae84a3b59e | |
| parent | 4f4d0e416eac87121898b8a27b1afa6065ff17a2 (diff) | |
| download | volse-hubzilla-be3bfa3806e89446c892f3a68e00bc4c7f31d5d6.tar.gz volse-hubzilla-be3bfa3806e89446c892f3a68e00bc4c7f31d5d6.tar.bz2 volse-hubzilla-be3bfa3806e89446c892f3a68e00bc4c7f31d5d6.zip | |
OpenWebAuth: can fail after site re-installs; this may need to be pushed forward to master
| -rw-r--r-- | Zotlabs/Module/Owa.php | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index d58fd7a41..9a39fe4c0 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -31,19 +31,21 @@ class Owa extends \Zotlabs\Web\Controller { if($keyId) { $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash - where hubloc_addr = '%s' limit 1", + where hubloc_addr = '%s' ", dbesc(str_replace('acct:','',$keyId)) ); if($r) { - $hubloc = $r[0]; - $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); - if($verified && $verified['header_signed'] && $verified['header_valid']) { - $ret['success'] = true; - $token = random_string(32); - \Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']); - $result = ''; - openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']); - $ret['encrypted_token'] = base64url_encode($result); + foreach($r as $hubloc) { + $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); + if($verified && $verified['header_signed'] && $verified['header_valid']) { + $ret['success'] = true; + $token = random_string(32); + \Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']); + $result = ''; + openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']); + $ret['encrypted_token'] = base64url_encode($result); + break; + } } } } |