diff options
Diffstat (limited to 'Zotlabs/Module/Owa.php')
| -rw-r--r-- | Zotlabs/Module/Owa.php | 20 |
1 files changed, 9 insertions, 11 deletions
diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index 561e35754..28c70d168 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -11,9 +11,9 @@ use Zotlabs\Web\Controller; * See spec/OpenWebAuth/Home.md * Requests to this endpoint should be signed using HTTP Signatures * using the 'Authorization: Signature' authentication method - * If the signature verifies a token is returned. + * If the signature verifies a token is returned. * - * This token may be exchanged for an authenticated cookie. + * This token may be exchanged for an authenticated cookie. */ class Owa extends Controller { @@ -31,17 +31,15 @@ class Owa extends Controller { if ($sigblock) { $keyId = $sigblock['keyId']; if ($keyId) { - $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash - where ( hubloc_addr = '%s' or hubloc_id_url = '%s' ) ", - dbesc(str_replace('acct:','',$keyId)), + $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash + WHERE hubloc_id_url = '%s'", dbesc($keyId) ); if (! $r) { $found = discover_by_webbie(str_replace('acct:','',$keyId)); if ($found) { - $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash - where ( hubloc_addr = '%s' or hubloc_id_url = '%s' ) ", - dbesc(str_replace('acct:','',$keyId)), + $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash + WHERE OR hubloc_id_url = '%s'", dbesc($keyId) ); } @@ -51,16 +49,16 @@ class Owa extends Controller { $verified = HTTPSig::verify(file_get_contents('php://input')); if ($verified && $verified['header_signed'] && $verified['header_valid'] && ($verified['content_valid'] || (! $verified['content_signed']))) { logger('OWA header: ' . print_r($verified,true),LOGGER_DATA); - logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA); + logger('OWA success: ' . $hubloc['hubloc_id_url'],LOGGER_DATA); $ret['success'] = true; $token = random_string(32); - Verify::create('owt',0,$token,$hubloc['hubloc_addr']); + Verify::create('owt',0,$token,$hubloc['hubloc_id_url']); $result = ''; openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']); $ret['encrypted_token'] = base64url_encode($result); break; } else { - logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_addr']); + logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_id_url']); } } } |