aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Zotlabs/Module/Owa.php39
-rw-r--r--Zotlabs/Module/Rmagic.php54
2 files changed, 63 insertions, 30 deletions
diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php
index e30aa5fb4..0922eb5d4 100644
--- a/Zotlabs/Module/Owa.php
+++ b/Zotlabs/Module/Owa.php
@@ -32,14 +32,14 @@ class Owa extends Controller {
$keyId = $sigblock['keyId'];
if ($keyId) {
$r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash
- WHERE hubloc_id_url = '%s' AND xchan_pubkey != '' ",
+ WHERE hubloc_id_url = '%s' AND hubloc_deleted = 0 ORDER BY hubloc_id DESC",
dbesc($keyId)
);
if (! $r) {
- $found = discover_by_webbie(str_replace('acct:','',$keyId));
+ $found = discover_by_webbie($keyId);
if ($found) {
$r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash
- WHERE hubloc_id_url = '%s' AND xchan_pubkey != '' ",
+ WHERE hubloc_id_url = '%s' AND hubloc_deleted = 0 ORDER BY hubloc_id DESC ",
dbesc($keyId)
);
}
@@ -61,10 +61,43 @@ class Owa extends Controller {
logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_id_url']);
}
}
+
+ if (!$ret['success']) {
+
+ // Possible a reinstall?
+ // In this case we probably already have an old hubloc
+ // but not the new one yet.
+
+ $found = discover_by_webbie($keyId);
+
+ if ($found) {
+ $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash
+ WHERE hubloc_id_url = '%s' AND hubloc_deleted = 0 ORDER BY hubloc_id DESC LIMIT 1",
+ dbesc($keyId)
+ );
+
+ if ($r) {
+ $verified = HTTPSig::verify(file_get_contents('php://input'), $r[0]['xchan_pubkey']);
+ if ($verified && $verified['header_signed'] && $verified['header_valid'] && ($verified['content_valid'] || (! $verified['content_signed']))) {
+ logger('OWA header: ' . print_r($verified,true), LOGGER_DATA);
+ logger('OWA success: ' . $r[0]['hubloc_id_url'], LOGGER_DATA);
+ $ret['success'] = true;
+ $token = random_string(32);
+ Verify::create('owt', 0, $token, $r[0]['hubloc_id_url']);
+ $result = '';
+ openssl_public_encrypt($token, $result, $r[0]['xchan_pubkey']);
+ $ret['encrypted_token'] = base64url_encode($result);
+ } else {
+ logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_id_url']);
+ }
+ }
+ }
+ }
}
}
}
}
+
json_return_and_die($ret,'application/x-zot+json');
}
}
diff --git a/Zotlabs/Module/Rmagic.php b/Zotlabs/Module/Rmagic.php
index ab9ad059e..2950dca5e 100644
--- a/Zotlabs/Module/Rmagic.php
+++ b/Zotlabs/Module/Rmagic.php
@@ -6,21 +6,21 @@ use Zotlabs\Lib\Libzot;
class Rmagic extends \Zotlabs\Web\Controller {
function init() {
-
+
if(local_channel())
goaway(z_root());
-
+
$me = get_my_address();
if($me) {
- $r = q("select hubloc_url from hubloc where hubloc_addr = '%s'",
+ $r = q("select hubloc_url, hubloc_network from hubloc where hubloc_addr = '%s' and hubloc_deleted = 0",
dbesc($me)
- );
+ );
if(! $r) {
$w = discover_by_webbie($me);
if($w) {
- $r = q("select hubloc_url from hubloc where hubloc_addr = '%s'",
+ $r = q("select hubloc_url, hubloc_network from hubloc where hubloc_addr = '%s' and hubloc_deleted = 0",
dbesc($me)
- );
+ );
}
}
@@ -33,39 +33,39 @@ class Rmagic extends \Zotlabs\Web\Controller {
}
}
}
-
+
function post() {
-
+
$address = trim($_REQUEST['address']);
-
+
if(strpos($address,'@') === false) {
$arr = array('address' => $address);
- call_hooks('reverse_magic_auth', $arr);
-
+ call_hooks('reverse_magic_auth', $arr);
+
// if they're still here...
- notice( t('Authentication failed.') . EOL);
+ notice( t('Authentication failed.') . EOL);
return;
}
else {
-
+
// Presumed Red identity. Perform reverse magic auth
-
+
if(strpos($address,'@') === false) {
notice('Invalid address.');
return;
}
-
+
$r = null;
if($address) {
- $r = q("select hubloc_url from hubloc where hubloc_addr = '%s'",
+ $r = q("select hubloc_url, hubloc_network from hubloc where hubloc_addr = '%s' and hubloc_deleted = 0",
dbesc($address)
- );
+ );
if(! $r) {
$w = discover_by_webbie($address);
if($w) {
- $r = q("select hubloc_url from hubloc where hubloc_addr = '%s'",
+ $r = q("select hubloc_url, hubloc_network from hubloc where hubloc_addr = '%s' and hubloc_deleted = 0",
dbesc($address)
- );
+ );
}
}
}
@@ -76,20 +76,20 @@ class Rmagic extends \Zotlabs\Web\Controller {
}
else {
$url = 'https://' . substr($address,strpos($address,'@')+1);
- }
-
- if($url) {
- if($_SESSION['return_url'])
+ }
+
+ if($url) {
+ if($_SESSION['return_url'])
$dest = bin2hex(z_root() . '/' . str_replace('zid=','zid_=',$_SESSION['return_url']));
else
$dest = bin2hex(z_root() . '/' . str_replace([ 'rmagic', 'zid=' ] ,[ '', 'zid_='],\App::$query_string));
-
+
goaway($url . '/magic' . '?f=&owa=1&bdest=' . $dest);
}
}
}
-
-
+
+
function get() {
return replace_macros(get_markup_template('rmagic.tpl'),
[
@@ -97,6 +97,6 @@ class Rmagic extends \Zotlabs\Web\Controller {
'$address' => [ 'address', t('Enter your channel address (e.g. channel@example.com)'), '', '' ],
'$submit' => t('Authenticate')
]
- );
+ );
}
}