diff options
| -rw-r--r-- | Zotlabs/Web/HTTPSig.php | 13 | ||||
| -rw-r--r-- | Zotlabs/Zot/Finger.php | 5 |
2 files changed, 13 insertions, 5 deletions
diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php index e9e262125..2b139a2a1 100644 --- a/Zotlabs/Web/HTTPSig.php +++ b/Zotlabs/Web/HTTPSig.php @@ -126,9 +126,16 @@ class HTTPSig { function get_activitypub_key($id) { - $x = q("select xchan_pubkey from xchan where xchan_hash = '%s' and xchan_network = 'activitypub' ", - dbesc($id) - ); + if(strpos($id,'acct:') === 0) { + $x = q("select xchan_pubkey from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_addr = '%s' limit 1", + dbesc(str_replace('acct:','',$id)) + ); + } + else { + $x = q("select xchan_pubkey from xchan where xchan_hash = '%s' and xchan_network = 'activitypub' ", + dbesc($id) + ); + } if($x && $x[0]['xchan_pubkey']) { return ($x[0]['xchan_pubkey']); diff --git a/Zotlabs/Zot/Finger.php b/Zotlabs/Zot/Finger.php index 865e78517..e205b136f 100644 --- a/Zotlabs/Zot/Finger.php +++ b/Zotlabs/Zot/Finger.php @@ -120,9 +120,10 @@ class Finger { return $ret; } - $verify = \Zotlabs\Web\HTTPSig::verify($result); - $x = json_decode($result['body'], true); + + $verify = \Zotlabs\Web\HTTPSig::verify($result,(($x) ? $x['key'] : ''); + if($x && (! $verify['header_valid'])) { $signed_token = ((is_array($x) && array_key_exists('signed_token', $x)) ? $x['signed_token'] : null); if($signed_token) { |