diff options
-rw-r--r-- | include/salmon.php | 37 |
1 files changed, 34 insertions, 3 deletions
diff --git a/include/salmon.php b/include/salmon.php index 7f4c32265..de0ea3802 100644 --- a/include/salmon.php +++ b/include/salmon.php @@ -130,7 +130,13 @@ EOT; $rsa->setHash('sha256'); $rsa->loadKey($owner['sprvkey']); - $signature = base64url_encode($rsa->sign($data)); + // precomputed base64url encoding of data_type, encoding, algorithm concatenated with periods + + $precomputed = '.YXBwbGljYXRpb24vYXRvbSt4bWw=.YmFzZTY0dXJs.UlNBLVNIQTI1Ng=='; + + $signature = base64url_encode($rsa->sign($data . $precomputed)); + + $signature2 = base64url_encode($rsa->sign($data)); $salmon_tpl = load_view_file('view/magicsig.tpl'); $salmon = replace_macros($salmon_tpl,array( @@ -148,7 +154,32 @@ EOT; )); $a = get_app(); - echo "CURL returned: " . $a->get_curl_code() . "\n"; + $return_code = trim($a->get_curl_code); + + // check for success, e.g. 2xx + + if(substr($return_code,0,1) !== '2') { + + // Entirely likely that their salmon implementation is + // non-compliant. Let's try once more, this time only signing + // the data, without the precomputed blob + + $salmon = replace_macros($salmon_tpl,array( + '$data' => $data, + '$encoding' => $encoding, + '$algorithm' => $algorithm, + '$keyhash' => $keyhash, + '$signature' => $signature2 + )); + + // slap them + post_url($contact['notify'],$salmon, array( + 'Content-type: application/magic-envelope+xml', + 'Content-length: ' . strlen($salmon) + )); + $return_code = trim($a->get_curl_code); + } return; -}
\ No newline at end of file +} + |