diff options
author | Mario Vavti <mario@mariovavti.com> | 2017-09-09 20:22:45 +0200 |
---|---|---|
committer | Mario Vavti <mario@mariovavti.com> | 2017-09-09 20:22:45 +0200 |
commit | edada2b7869d9565b4534114b6ed171e588185f6 (patch) | |
tree | ccf4fe404f07dbc08634a538f5e5af91f532af67 | |
parent | ccc9cc8202b271d5b9b4126a10f997af17ade6d3 (diff) | |
parent | 84c86f01c853f87be93807b3e190f954aca2e6e6 (diff) | |
download | volse-hubzilla-edada2b7869d9565b4534114b6ed171e588185f6.tar.gz volse-hubzilla-edada2b7869d9565b4534114b6ed171e588185f6.tar.bz2 volse-hubzilla-edada2b7869d9565b4534114b6ed171e588185f6.zip |
Merge remote-tracking branch 'mike/master' into dev
-rw-r--r-- | Zotlabs/Module/Owa.php | 18 | ||||
-rw-r--r-- | include/zid.php | 9 |
2 files changed, 17 insertions, 10 deletions
diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index 0b625dbe5..900ab9f85 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -1,9 +1,16 @@ <?php - namespace Zotlabs\Module; - +/** + * OpenWebAuth verifier and token generator + * See https://macgirvin.com/wiki/mike/OpenWebAuth/Home + * Requests to this endpoint should be signed using HTTP Signatures + * using the 'Authorization: Signature' authentication method + * If the signature verifies a token is returned. + * + * This token may be exchanged for an authenticated cookie. + */ class Owa extends \Zotlabs\Web\Controller { @@ -29,8 +36,6 @@ class Owa extends \Zotlabs\Web\Controller { $hubloc = $r[0]; $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); -logger('verified: ' . print_r($verified,true)); - if($verified && $verified['header_signed'] && $verified['header_valid']) { $token = random_string(32); \Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']); @@ -42,13 +47,8 @@ logger('verified: ' . print_r($verified,true)); } } } - $x = json_encode([ 'success' => false ]); - header('Content-Type: application/x-zot+json'); - echo $x; - killme(); } } - $x = json_encode([ 'success' => false ]); header('Content-Type: application/x-zot+json'); echo $x; diff --git a/include/zid.php b/include/zid.php index d5d863be6..08d8f061b 100644 --- a/include/zid.php +++ b/include/zid.php @@ -296,6 +296,13 @@ function owt_init($token) { $_SESSION['DNT'] = 1; } - logger('owa success!'); + $arr = array('xchan' => $hubloc, 'url' => \App::query_string, 'session' => $_SESSION); + call_hooks('magic_auth_success',$arr); + \App::set_observer($hubloc); + require_once('include/security.php'); + \App::set_groups(init_groups_visitor($_SESSION['visitor_id'])); + info(sprintf( t('Welcome %s. Remote authentication successful.'),$hubloc['xchan_name'])); + logger('OpenWebAuth: auth success from ' . $hubloc['xchan_addr']); + }
\ No newline at end of file |