diff options
| -rw-r--r-- | Zotlabs/Module/Owa.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Zot/Finger.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Zot/Verify.php | 2 | ||||
| -rw-r--r-- | include/zid.php | 5 |
4 files changed, 7 insertions, 4 deletions
diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index f71099599..0b625dbe5 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -33,7 +33,7 @@ logger('verified: ' . print_r($verified,true)); if($verified && $verified['header_signed'] && $verified['header_valid']) { $token = random_string(32); - \Zotlabs\Zot\Verify::create('owt',0,token,$r[0]['hubloc_hash']); + \Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']); $x = json_encode([ 'success' => true, 'token' => $token ]); header('Content-Type: application/x-zot+json'); echo $x; diff --git a/Zotlabs/Zot/Finger.php b/Zotlabs/Zot/Finger.php index dab7d9e01..348171bdc 100644 --- a/Zotlabs/Zot/Finger.php +++ b/Zotlabs/Zot/Finger.php @@ -123,7 +123,7 @@ class Finger { $x = json_decode($result['body'], true); $verify = \Zotlabs\Web\HTTPSig::verify($result,(($x) ? $x['key'] : '')); - + if($x && (! $verify['header_valid'])) { $signed_token = ((is_array($x) && array_key_exists('signed_token', $x)) ? $x['signed_token'] : null); if($signed_token) { diff --git a/Zotlabs/Zot/Verify.php b/Zotlabs/Zot/Verify.php index 1f1288aa0..1d9e6de3f 100644 --- a/Zotlabs/Zot/Verify.php +++ b/Zotlabs/Zot/Verify.php @@ -33,7 +33,7 @@ class Verify { function get_meta($type,$channel_id,$token) { - $r = q("select id from verify where vtype = '%s' and channel = %d and token = '%s' limit 1", + $r = q("select id, meta from verify where vtype = '%s' and channel = %d and token = '%s' limit 1", dbesc($type), intval($channel_id), dbesc($token) diff --git a/include/zid.php b/include/zid.php index 5d58ff257..d5d863be6 100644 --- a/include/zid.php +++ b/include/zid.php @@ -239,6 +239,7 @@ function owt_init($token) { \Zotlabs\Zot\Verify::purge('owt','3 MINUTE'); $ob_hash = \Zotlabs\Zot\Verify::get_meta('owt',0,$token); + if($ob_hash === false) { return; } @@ -250,7 +251,7 @@ function owt_init($token) { if(! $r) { // finger them if they can't be found. - $j = Finger::run($ob_hash, null); + $j = \Zotlabs\Zot\Finger::run($ob_hash, null); if ($j['success']) { import_xchan($j); $r = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash @@ -265,6 +266,8 @@ function owt_init($token) { } $hubloc = $r[0]; + $_SESSION['authenticated'] = 1; + $delegate_success = false; if($_REQUEST['delegate']) { $r = q("select * from channel left join xchan on channel_hash = xchan_hash where xchan_addr = '%s' limit 1", |