aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Zotlabs/Lib/ActivityStreams.php16
-rw-r--r--Zotlabs/Lib/LDSignatures.php5
-rw-r--r--Zotlabs/Module/Pubstream.php4
-rw-r--r--Zotlabs/Module/Xrd.php1
-rw-r--r--Zotlabs/Web/HTTPSig.php10
-rw-r--r--Zotlabs/Web/Router.php19
-rwxr-xr-xboot.php29
-rw-r--r--doc/hooklist.bb3
8 files changed, 76 insertions, 11 deletions
diff --git a/Zotlabs/Lib/ActivityStreams.php b/Zotlabs/Lib/ActivityStreams.php
index 1b9f82ddf..379e78a59 100644
--- a/Zotlabs/Lib/ActivityStreams.php
+++ b/Zotlabs/Lib/ActivityStreams.php
@@ -58,7 +58,7 @@ class ActivityStreams {
$this->saved_recips = $arr;
}
- function collect_recips($base = '',$namespace = ACTIVITYSTREAMS_JSONLD_REV) {
+ function collect_recips($base = '',$namespace = '') {
$x = [];
$fields = [ 'to','cc','bto','bcc','audience'];
foreach($fields as $f) {
@@ -75,7 +75,7 @@ class ActivityStreams {
return $x;
}
- function expand($arr,$base = '',$namespace = ACTIVITYSTREAMS_JSONLD_REV) {
+ function expand($arr,$base = '',$namespace = '') {
$ret = [];
// right now use a hardwired recursion depth of 5
@@ -103,8 +103,12 @@ class ActivityStreams {
function get_namespace($base,$namespace) {
+ if(! $namespace)
+ return '';
+
$key = null;
+
foreach( [ $this->data, $base ] as $b ) {
if(! $b)
continue;
@@ -135,7 +139,7 @@ class ActivityStreams {
}
- function get_property_obj($property,$base = '',$namespace = ACTIVITYSTREAMS_JSONLD_REV ) {
+ function get_property_obj($property,$base = '',$namespace = '' ) {
$prefix = $this->get_namespace($base,$namespace);
if($prefix === null)
return null;
@@ -152,13 +156,13 @@ class ActivityStreams {
}
$x = z_fetch_url($url,true,$redirects,
- ['headers' => [ 'Accept: application/activity+json, application/ld+json; profile="https://www.w3.org/ns/activitystreams"']]);
+ ['headers' => [ 'Accept: application/ld+json; profile="https://www.w3.org/ns/activitystreams", application/activity+json' ]]);
if($x['success'])
return json_decode($x['body'],true);
return null;
}
- function get_compound_property($property,$base = '',$namespace = ACTIVITYSTREAMS_JSONLD_REV) {
+ function get_compound_property($property,$base = '',$namespace = '') {
$x = $this->get_property_obj($property,$base,$namespace);
if($this->is_url($x)) {
$x = $this->fetch_property($x);
@@ -173,7 +177,7 @@ class ActivityStreams {
return false;
}
- function get_primary_type($base = '',$namespace = ACTIVITYSTREAMS_JSONLD_REV) {
+ function get_primary_type($base = '',$namespace = '') {
if(! $base)
$base = $this->data;
$x = $this->get_property_obj('type',$base,$namespace);
diff --git a/Zotlabs/Lib/LDSignatures.php b/Zotlabs/Lib/LDSignatures.php
index 31ffd71f1..d500799c0 100644
--- a/Zotlabs/Lib/LDSignatures.php
+++ b/Zotlabs/Lib/LDSignatures.php
@@ -12,7 +12,10 @@ class LDSignatures {
$ohash = self::hash(self::signable_options($data['signature']));
$dhash = self::hash(self::signable_data($data));
- return rsa_verify($ohash . $dhash,base64_decode($data['signature']['signatureValue']), $pubkey);
+ $x = rsa_verify($ohash . $dhash,base64_decode($data['signature']['signatureValue']), $pubkey);
+ logger('LD-verify: ' . intval($x));
+
+ return $x;
}
static function dopplesign(&$data,$channel) {
diff --git a/Zotlabs/Module/Pubstream.php b/Zotlabs/Module/Pubstream.php
index ef818845c..72d5f80fa 100644
--- a/Zotlabs/Module/Pubstream.php
+++ b/Zotlabs/Module/Pubstream.php
@@ -28,6 +28,8 @@ class Pubstream extends \Zotlabs\Web\Controller {
if(! $update) {
+ nav_set_selected(t('Public Stream'));
+
$_SESSION['static_loadtime'] = datetime_convert();
$static = ((local_channel()) ? channel_manual_conv_update(local_channel()) : 1);
@@ -108,7 +110,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
$simple_update = '';
if($static && $simple_update)
- $simple_update .= " and item_thread_top = 0 and author_xchan = '" . protect_sprintf(get_observer_hash()) . "' ";
+ $simple_update .= " and item_thread_top = 0 and author_xchan = '" . protect_sprintf(get_observer_hash()) . "' ";
//logger('update: ' . $update . ' load: ' . $load);
diff --git a/Zotlabs/Module/Xrd.php b/Zotlabs/Module/Xrd.php
index 60a8f58fa..959e31cbe 100644
--- a/Zotlabs/Module/Xrd.php
+++ b/Zotlabs/Module/Xrd.php
@@ -50,6 +50,7 @@ class Xrd extends \Zotlabs\Web\Controller {
'$accturi' => $resource,
'$subject' => $subject,
'$aliases' => $aliases,
+ '$channel_url' => z_root() . '/channel/' . $r[0]['channel_address'],
'$profile_url' => z_root() . '/channel/' . $r[0]['channel_address'],
'$hcard_url' => z_root() . '/hcard/' . $r[0]['channel_address'],
'$atom' => z_root() . '/ofeed/' . $r[0]['channel_address'],
diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php
index 6526fa7c8..986e10d73 100644
--- a/Zotlabs/Web/HTTPSig.php
+++ b/Zotlabs/Web/HTTPSig.php
@@ -20,7 +20,7 @@ class HTTPSig {
return $digest;
}
- // See draft-cavage-http-signatures-07
+ // See draft-cavage-http-signatures-08
static function verify($data,$key = '') {
@@ -48,7 +48,7 @@ class HTTPSig {
else {
$headers = [];
$headers['(request-target)'] =
- $_SERVER['REQUEST_METHOD'] . ' ' .
+ strtolower($_SERVER['REQUEST_METHOD']) . ' ' .
$_SERVER['REQUEST_URI'];
foreach($_SERVER as $k => $v) {
if(strpos($k,'HTTP_') === 0) {
@@ -70,6 +70,8 @@ class HTTPSig {
if(! $sig_block)
return $result;
+ logger('sig_block: ' . print_r($sig_block,true), LOGGER_DATA);
+
$result['header_signed'] = true;
$signed_headers = $sig_block['headers'];
@@ -110,6 +112,8 @@ class HTTPSig {
$x = rsa_verify($signed_data,$sig_block['signature'],$key,$algorithm);
+ logger('verified: ' . $x, LOGGER_DEBUG);
+
if($x === false)
return $result;
@@ -130,6 +134,8 @@ class HTTPSig {
}
}
+ logger('Content_Valid: ' . $result['content_valid']);
+
return $result;
}
diff --git a/Zotlabs/Web/Router.php b/Zotlabs/Web/Router.php
index 710aa2844..b0193652b 100644
--- a/Zotlabs/Web/Router.php
+++ b/Zotlabs/Web/Router.php
@@ -178,6 +178,25 @@ class Router {
*/
if(\App::$module_loaded) {
+ if (( \App::$module === 'channel' ) && argc() > 1) {
+ \App::$channel_links = [
+ [
+ 'rel' => 'lrdd',
+ 'type' => 'application/xrd+xml',
+ 'url' => z_root() . '/xrd?f=&uri=acct%3A' . argv(1) . '%40' . \App::get_hostname()
+ ],
+ [
+ 'rel' => 'jrd',
+ 'type' => 'application/jrd+json',
+ 'url' => z_root() . '/.well-known/webfinger?f=&resource=acct%3A' . argv(1) . '%40' . \App::get_hostname()
+ ],
+ ];
+ $x = [ 'channel_address' => argv(1), 'channel_links' => \App::$channel_links ];
+ call_hooks('channel_links', $x );
+ \App::$channel_links = $x['channel_links'];
+ header('Link: ' . \App::get_channel_links());
+ }
+
\App::$page['page_title'] = \App::$module;
$placeholder = '';
diff --git a/boot.php b/boot.php
index b6a33b808..2940aba54 100755
--- a/boot.php
+++ b/boot.php
@@ -456,7 +456,16 @@ define ( 'NAMESPACE_STATUSNET', 'http://status.net/schema/api/1/' );
define ( 'NAMESPACE_ATOM1', 'http://www.w3.org/2005/Atom' );
define ( 'NAMESPACE_YMEDIA', 'http://search.yahoo.com/mrss/' );
-define ( 'ACTIVITYSTREAMS_JSONLD_REV', 'https://www.w3.org/ns/activitystreams-history/v1.8.jsonld' );
+// We should be using versioned jsonld contexts so that signatures will be slightly more reliable.
+// Why signatures are unreliable by design is a problem nobody seems to care about
+// "because it's a proposed W3C standard". .
+
+// Anyway, if you use versioned contexts, communication with Mastodon fails. Have not yet investigated
+// the reason for the dependency but for the current time, use the standard non-versioned context.
+//define ( 'ACTIVITYSTREAMS_JSONLD_REV', 'https://www.w3.org/ns/activitystreams-history/v1.8.jsonld' );
+
+define ( 'ACTIVITYSTREAMS_JSONLD_REV', 'https://www.w3.org/ns/activitystreams' );
+
define ( 'ZOT_APSCHEMA_REV', '/apschema/v1.2' );
/**
* activity stream defines
@@ -782,6 +791,10 @@ class App {
public static $is_tablet = false;
public static $comanche;
+
+ public static $channel_links;
+
+
public static $category;
// Allow themes to control internal parameters
@@ -929,6 +942,7 @@ class App {
self::$module = 'home';
}
+
/*
* See if there is any page number information, and initialise
* pagination
@@ -1026,6 +1040,19 @@ class App {
return self::$path;
}
+ public static function get_channel_links() {
+ $s = '';
+ $x = self::$channel_links;
+ if($x && is_array($x) && count($x)) {
+ foreach($x as $y) {
+ if($s) {
+ $s .= ',';
+ }
+ $s .= '<' . $y['url'] . '>; rel="' . $y['rel'] . '"; type="' . $y['type'] . '"';
+ }
+ }
+ return $s;
+ }
public static function set_account($acct) {
self::$account = $acct;
}
diff --git a/doc/hooklist.bb b/doc/hooklist.bb
index 9a17fdb91..1192a1506 100644
--- a/doc/hooklist.bb
+++ b/doc/hooklist.bb
@@ -91,6 +91,9 @@ Hooks allow plugins/addons to "hook into" the code at many points and alter the
[zrl=[baseurl]/help/hook/channel_remove]channel_remove[/zrl]
Called when removing a channel
+[zrl=[baseurl]/help/hook/channel_links]channel_links[/zrl]
+ Called when generating the Link: HTTP header for a channel
+
[zrl=[baseurl]/help/hook/channel_settings]channel_settings[/zrl]
Called when displaying the channel settings page