aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Web
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs/Web')
-rw-r--r--Zotlabs/Web/HTTPSig.php8
-rw-r--r--Zotlabs/Web/WebServer.php6
2 files changed, 14 insertions, 0 deletions
diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php
index 2b139a2a1..fee8aaa41 100644
--- a/Zotlabs/Web/HTTPSig.php
+++ b/Zotlabs/Web/HTTPSig.php
@@ -91,6 +91,9 @@ class HTTPSig {
if($sig_block['algorithm'] === 'rsa-sha256') {
$algorithm = 'sha256';
}
+ if($sig_block['algorithm'] === 'rsa-sha512') {
+ $algorithm = 'sha512';
+ }
if(! $key) {
$result['signer'] = $sig_block['keyId'];
@@ -113,6 +116,8 @@ class HTTPSig {
$digest = explode('=', $headers['digest']);
if($digest[0] === 'SHA-256')
$hashalg = 'sha256';
+ if($digest[0] === 'SHA-512')
+ $hashalg = 'sha512';
// The explode operation will have stripped the '=' padding, so compare against unpadded base64
if(rtrim(base64_encode(hash($hashalg,$body,true)),'=') === $digest[1]) {
@@ -164,6 +169,9 @@ class HTTPSig {
if($alg === 'sha256') {
$algorithm = 'rsa-sha256';
}
+ if($alg === 'sha512') {
+ $algorithm = 'rsa-sha512';
+ }
$x = self::sign($request,$head,$prvkey,$alg);
diff --git a/Zotlabs/Web/WebServer.php b/Zotlabs/Web/WebServer.php
index a66384c40..8431a2e0e 100644
--- a/Zotlabs/Web/WebServer.php
+++ b/Zotlabs/Web/WebServer.php
@@ -70,6 +70,12 @@ class WebServer {
}
}
+ if((x($_REQUEST,'owt')) && (! \App::$install)) {
+ $token = $_REQUEST['owt'];
+ \App::$query_string = strip_query_param(\App::$query_string,'owt');
+ owt_init($token);
+ }
+
if((x($_SESSION, 'authenticated')) || (x($_POST, 'auth-params')) || (\App::$module === 'login'))
require('include/auth.php');