diff options
author | Mario Vavti <mario@mariovavti.com> | 2017-09-10 09:30:59 +0200 |
---|---|---|
committer | Mario Vavti <mario@mariovavti.com> | 2017-09-10 09:30:59 +0200 |
commit | 2f76d6383550f790ed3ceef6fbe7b61e9d344282 (patch) | |
tree | 24a429071f1c0965b2559e72e6247d88df0789d0 /Zotlabs/Module | |
parent | edada2b7869d9565b4534114b6ed171e588185f6 (diff) | |
parent | e2e7bee3cca6f2ffc88aee9c94066e117e7a682b (diff) | |
download | volse-hubzilla-2f76d6383550f790ed3ceef6fbe7b61e9d344282.tar.gz volse-hubzilla-2f76d6383550f790ed3ceef6fbe7b61e9d344282.tar.bz2 volse-hubzilla-2f76d6383550f790ed3ceef6fbe7b61e9d344282.zip |
Merge remote-tracking branch 'mike/master' into dev
Diffstat (limited to 'Zotlabs/Module')
-rw-r--r-- | Zotlabs/Module/Magic.php | 13 | ||||
-rw-r--r-- | Zotlabs/Module/Owa.php | 18 |
2 files changed, 7 insertions, 24 deletions
diff --git a/Zotlabs/Module/Magic.php b/Zotlabs/Module/Magic.php index 342c11eb9..d1550ec89 100644 --- a/Zotlabs/Module/Magic.php +++ b/Zotlabs/Module/Magic.php @@ -142,11 +142,8 @@ class Magic extends \Zotlabs\Web\Controller { $headers['X-Open-Web-Auth'] = random_string(); $headers = \Zotlabs\Web\HTTPSig::create_sig('',$headers,$channel['channel_prvkey'], 'acct:' . $channel['channel_address'] . '@' . \App::get_hostname(),false,true,'sha512'); - $x = z_fetch_url($basepath . '/owa',false,$redirects,[ 'headers' => $headers ]); - logger('owtfetch: ' . print_r($x,true)); - if($x['success']) { $j = json_decode($x['body'],true); if($j['success'] && $j['token']) { @@ -161,16 +158,6 @@ class Magic extends \Zotlabs\Web\Controller { $token = random_string(); -// $token_sig = base64url_encode(rsa_sign($token,$channel['channel_prvkey'])); -// $channel['token'] = $token; -// $channel['token_sig'] = $token_sig; - - - - - - - \Zotlabs\Zot\Verify::create('auth',$channel['channel_id'],$token,$x[0]['hubloc_url']); $target_url = $x[0]['hubloc_callback'] . '/?f=&auth=' . urlencode(channel_reddress($channel)) diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index 900ab9f85..4b0d855c5 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -15,8 +15,10 @@ namespace Zotlabs\Module; class Owa extends \Zotlabs\Web\Controller { function init() { - foreach([ 'REDIRECT_REMOTE_USER', 'HTTP_AUTHORIZATION' ] as $head) { + $ret = [ 'success' => false ]; + + foreach([ 'REDIRECT_REMOTE_USER', 'HTTP_AUTHORIZATION' ] as $head) { if(array_key_exists($head,$_SERVER) && substr(trim($_SERVER[$head]),0,9) === 'Signature') { if($head !== 'HTTP_AUTHORIZATION') { $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER[$head]; @@ -34,24 +36,18 @@ class Owa extends \Zotlabs\Web\Controller { ); if($r) { $hubloc = $r[0]; - $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); - + $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); if($verified && $verified['header_signed'] && $verified['header_valid']) { + $ret['success'] = true; $token = random_string(32); \Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']); - $x = json_encode([ 'success' => true, 'token' => $token ]); - header('Content-Type: application/x-zot+json'); - echo $x; - killme(); + $ret['token'] = $token; } } } } } } - $x = json_encode([ 'success' => false ]); - header('Content-Type: application/x-zot+json'); - echo $x; - killme(); + json_return_and_die($ret,'application/x-zot+json'); } } |