From 468e976a88fe3027dde1a56b116e495f7edd7d1a Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 11 Jan 2018 12:13:57 -0800 Subject: OpenWebAuth: can fail after site re-installs; this may need to be pushed forward to master --- Zotlabs/Module/Owa.php | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) (limited to 'Zotlabs/Module/Owa.php') diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index d58fd7a41..9a39fe4c0 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -31,19 +31,21 @@ class Owa extends \Zotlabs\Web\Controller { if($keyId) { $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash - where hubloc_addr = '%s' limit 1", + where hubloc_addr = '%s' ", dbesc(str_replace('acct:','',$keyId)) ); if($r) { - $hubloc = $r[0]; - $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); - if($verified && $verified['header_signed'] && $verified['header_valid']) { - $ret['success'] = true; - $token = random_string(32); - \Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']); - $result = ''; - openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']); - $ret['encrypted_token'] = base64url_encode($result); + foreach($r as $hubloc) { + $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); + if($verified && $verified['header_signed'] && $verified['header_valid']) { + $ret['success'] = true; + $token = random_string(32); + \Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']); + $result = ''; + openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']); + $ret['encrypted_token'] = base64url_encode($result); + break; + } } } } -- cgit v1.2.3 From 8892568652c2fc56e39611660d9bec4770c4354b Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sat, 13 Jan 2018 12:24:55 -0800 Subject: improve owa logging --- Zotlabs/Module/Owa.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'Zotlabs/Module/Owa.php') diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index 9a39fe4c0..8764a33ee 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -38,14 +38,18 @@ class Owa extends \Zotlabs\Web\Controller { foreach($r as $hubloc) { $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); if($verified && $verified['header_signed'] && $verified['header_valid']) { + logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA); $ret['success'] = true; $token = random_string(32); - \Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']); + \Zotlabs\Zot\Verify::create('owt',0,$token,$hubloc['hubloc_addr']); $result = ''; openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']); $ret['encrypted_token'] = base64url_encode($result); break; } + else { + logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_addr']); + } } } } -- cgit v1.2.3 From 08bea83c032675e93c789070e681aab212c1d2a4 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sat, 13 Jan 2018 13:45:33 -0800 Subject: unexpected openssl result --- Zotlabs/Module/Owa.php | 1 + 1 file changed, 1 insertion(+) (limited to 'Zotlabs/Module/Owa.php') diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index 8764a33ee..537489687 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -38,6 +38,7 @@ class Owa extends \Zotlabs\Web\Controller { foreach($r as $hubloc) { $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); if($verified && $verified['header_signed'] && $verified['header_valid']) { + logger('OWA header: ' . print_r($verified,true)); logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA); $ret['success'] = true; $token = random_string(32); -- cgit v1.2.3 From eb3e43feec4e2de439de5398fcf498c0de5afbd4 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sat, 13 Jan 2018 14:08:15 -0800 Subject: cleanup of last fix --- Zotlabs/Module/Owa.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Zotlabs/Module/Owa.php') diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index 537489687..23ee14f39 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -38,7 +38,7 @@ class Owa extends \Zotlabs\Web\Controller { foreach($r as $hubloc) { $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); if($verified && $verified['header_signed'] && $verified['header_valid']) { - logger('OWA header: ' . print_r($verified,true)); + logger('OWA header: ' . print_r($verified,true),LOGGER_DATA); logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA); $ret['success'] = true; $token = random_string(32); -- cgit v1.2.3 From 2d69b419ff9a0b2186d9479447f75f37b9102fa6 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 21 Feb 2018 20:59:30 -0800 Subject: move Zotlabs\Zot\Verify to Zotlabs\Lib\Verify as part of the z6 re-org --- Zotlabs/Module/Owa.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Zotlabs/Module/Owa.php') diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index 23ee14f39..e62fc9592 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -42,7 +42,7 @@ class Owa extends \Zotlabs\Web\Controller { logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA); $ret['success'] = true; $token = random_string(32); - \Zotlabs\Zot\Verify::create('owt',0,$token,$hubloc['hubloc_addr']); + \Zotlabs\Lib\Verify::create('owt',0,$token,$hubloc['hubloc_addr']); $result = ''; openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']); $ret['encrypted_token'] = base64url_encode($result); -- cgit v1.2.3