diff options
| -rw-r--r-- | Zotlabs/Web/HTTPSig.php | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php index 9bcc2e5ec..255511ede 100644 --- a/Zotlabs/Web/HTTPSig.php +++ b/Zotlabs/Web/HTTPSig.php @@ -59,6 +59,8 @@ class HTTPSig { $headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI']; + $headers['content-type'] = $_SERVER['CONTENT_TYPE']; + foreach($_SERVER as $k => $v) { if(strpos($k,'HTTP_') === 0) { $field = str_replace('_','-',strtolower(substr($k,5))); @@ -67,6 +69,10 @@ class HTTPSig { } } + // logger('SERVER: ' . print_r($_SERVER,true), LOGGER_ALL); + + // logger('headers: ' . print_r($headers,true), LOGGER_ALL); + $sig_block = null; if(array_key_exists('signature',$headers)) { @@ -194,10 +200,10 @@ class HTTPSig { if($r) { $j = json_decode($r,true); - if($j['id'] !== $id) - return false; - if(array_key_exists('publicKey',$j) && array_key_exists('publicKeyPem',$j['publicKey'])) { + if((array_key_exists('id',$j['publicKey']) && $j['publicKey']['id'] !== $id) && $j['id'] !== $id) + return false; + return($j['publicKey']['publicKeyPem']); } } |