src/Module/Xrd.php

   1 <?php
   2 /**
   3  * @copyright Copyright (C) 2010-2022, the Friendica project
   4  *
   5  * @license GNU AGPL version 3 or any later version
   6  *
   7  * This program is free software: you can redistribute it and/or modify
   8  * it under the terms of the GNU Affero General Public License as
   9  * published by the Free Software Foundation, either version 3 of the
  10  * License, or (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU Affero General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU Affero General Public License
  18  * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  19  *
  20  */
  21
  22 namespace Friendica\Module;
  23
  24 use Friendica\BaseModule;
  25 use Friendica\Core\Hook;
  26 use Friendica\Core\Renderer;
  27 use Friendica\Core\System;
  28 use Friendica\DI;
  29 use Friendica\Model\Photo;
  30 use Friendica\Model\User;
  31 use Friendica\Protocol\ActivityNamespace;
  32 use Friendica\Protocol\Salmon;
  33
  34 /**
  35  * Prints responses to /.well-known/webfinger  or /xrd requests
  36  */
  37 class Xrd extends BaseModule
  38 {
  39         protected function rawContent(array $request = [])
  40         {
  41                 // @TODO: Replace with parameter from router
  42                 if (DI::args()->getArgv()[0] == 'xrd') {
  43                         if (empty($_GET['uri'])) {
  44                                 return;
  45                         }
  46
  47                         $uri = urldecode(trim($_GET['uri']));
  48                         if (strpos($_SERVER['HTTP_ACCEPT'] ?? '', 'application/jrd+json') !== false)  {
  49                                 $mode = 'json';
  50                         } else {
  51                                 $mode = 'xml';
  52                         }
  53                 } else {
  54                         if (empty($_GET['resource'])) {
  55                                 return;
  56                         }
  57
  58                         $uri = urldecode(trim($_GET['resource']));
  59                         if (strpos($_SERVER['HTTP_ACCEPT'] ?? '', 'application/xrd+xml') !== false)  {
  60                                 $mode = 'xml';
  61                         } else {
  62                                 $mode = 'json';
  63                         }
  64                 }
  65
  66                 if (substr($uri, 0, 4) === 'http') {
  67                         $name = ltrim(basename($uri), '~');
  68                 } else {
  69                         $local = str_replace('acct:', '', $uri);
  70                         if (substr($local, 0, 2) == '//') {
  71                                 $local = substr($local, 2);
  72                         }
  73
  74                         $name = substr($local, 0, strpos($local, '@'));
  75                 }
  76
  77                 if ($name == User::getActorName()) {
  78                         $owner = User::getSystemAccount();
  79                         if (empty($owner)) {
  80                                 throw new \Friendica\Network\HTTPException\NotFoundException();
  81                         }
  82                         self::printSystemJSON($owner);
  83                 } else {
  84                         $user = User::getByNickname($name);
  85                         if (empty($user)) {
  86                                 throw new \Friendica\Network\HTTPException\NotFoundException();
  87                         }
  88
  89                         $owner = User::getOwnerDataById($user['uid']);
  90                         if (empty($owner)) {
  91                                 DI::logger()->warning('No owner data for user id', ['uri' => $uri, 'name' => $name, 'user' => $user]);
  92                                 throw new \Friendica\Network\HTTPException\NotFoundException();
  93                         }
  94
  95                         $alias = str_replace('/profile/', '/~', $owner['url']);
  96
  97                         $avatar = Photo::selectFirst(['type'], ['uid' => $owner['uid'], 'profile' => true]);
  98                 }
  99
 100                 if (empty($avatar)) {
 101                         $avatar = ['type' => 'image/jpeg'];
 102                 }
 103
 104                 if ($mode == 'xml') {
 105                         self::printXML($alias, DI::baseUrl()->get(), $user, $owner, $avatar);
 106                 } else {
 107                         self::printJSON($alias, DI::baseUrl()->get(), $owner, $avatar);
 108                 }
 109         }
 110
 111         private static function printSystemJSON(array $owner)
 112         {
 113                 $json = [
 114                         'subject' => 'acct:' . $owner['addr'],
 115                         'aliases' => [$owner['url']],
 116                         'links'   => [
 117                                 [
 118                                         'rel'  => 'http://webfinger.net/rel/profile-page',
 119                                         'type' => 'text/html',
 120                                         'href' => $owner['url'],
 121                                 ],
 122                                 [
 123                                         'rel'  => 'self',
 124                                         'type' => 'application/activity+json',
 125                                         'href' => $owner['url'],
 126                                 ],
 127                                 [
 128                                         'rel'      => 'http://ostatus.org/schema/1.0/subscribe',
 129                                         'template' => DI::baseUrl()->get() . '/follow?url={uri}',
 130                                 ],
 131                                 [
 132                                         'rel'  => ActivityNamespace::FEED,
 133                                         'type' => 'application/atom+xml',
 134                                         'href' => $owner['poll'] ?? DI::baseUrl()->get(),
 135                                 ],
 136                                 [
 137                                         'rel'  => 'salmon',
 138                                         'href' => DI::baseUrl()->get() . '/salmon/' . $owner['nickname'],
 139                                 ],
 140                                 [
 141                                         'rel'  => 'http://microformats.org/profile/hcard',
 142                                         'type' => 'text/html',
 143                                         'href' => DI::baseUrl()->get() . '/hcard/' . $owner['nickname'],
 144                                 ],
 145                                 [
 146                                         'rel'  => 'http://joindiaspora.com/seed_location',
 147                                         'type' => 'text/html',
 148                                         'href' => DI::baseUrl()->get(),
 149                                 ],
 150                         ]
 151                 ];
 152                 header('Access-Control-Allow-Origin: *');
 153                 System::jsonExit($json, 'application/jrd+json; charset=utf-8');
 154         }
 155
 156         private static function printJSON($alias, $baseURL, $owner, $avatar)
 157         {
 158                 $salmon_key = Salmon::salmonKey($owner['spubkey']);
 159
 160                 $json = [
 161                         'subject' => 'acct:' . $owner['addr'],
 162                         'aliases' => [
 163                                 $alias,
 164                                 $owner['url'],
 165                         ],
 166                         'links'   => [
 167                                 [
 168                                         'rel'  => ActivityNamespace::DFRN ,
 169                                         'href' => $owner['url'],
 170                                 ],
 171                                 [
 172                                         'rel'  => ActivityNamespace::FEED,
 173                                         'type' => 'application/atom+xml',
 174                                         'href' => $owner['poll'],
 175                                 ],
 176                                 [
 177                                         'rel'  => 'http://webfinger.net/rel/profile-page',
 178                                         'type' => 'text/html',
 179                                         'href' => $owner['url'],
 180                                 ],
 181                                 [
 182                                         'rel'  => 'self',
 183                                         'type' => 'application/activity+json',
 184                                         'href' => $owner['url'],
 185                                 ],
 186                                 [
 187                                         'rel'  => 'http://microformats.org/profile/hcard',
 188                                         'type' => 'text/html',
 189                                         'href' => $baseURL . '/hcard/' . $owner['nickname'],
 190                                 ],
 191                                 [
 192                                         'rel'  => ActivityNamespace::POCO,
 193                                         'href' => $owner['poco'],
 194                                 ],
 195                                 [
 196                                         'rel'  => 'http://webfinger.net/rel/avatar',
 197                                         'type' => $avatar['type'],
 198                                         'href' => User::getAvatarUrl($owner),
 199                                 ],
 200                                 [
 201                                         'rel'  => 'http://joindiaspora.com/seed_location',
 202                                         'type' => 'text/html',
 203                                         'href' => $baseURL,
 204                                 ],
 205                                 [
 206                                         'rel'  => 'salmon',
 207                                         'href' => $baseURL . '/salmon/' . $owner['nickname'],
 208                                 ],
 209                                 [
 210                                         'rel'  => 'http://salmon-protocol.org/ns/salmon-replies',
 211                                         'href' => $baseURL . '/salmon/' . $owner['nickname'],
 212                                 ],
 213                                 [
 214                                         'rel'  => 'http://salmon-protocol.org/ns/salmon-mention',
 215                                         'href' => $baseURL . '/salmon/' . $owner['nickname'] . '/mention',
 216                                 ],
 217                                 [
 218                                         'rel'      => 'http://ostatus.org/schema/1.0/subscribe',
 219                                         'template' => $baseURL . '/follow?url={uri}',
 220                                 ],
 221                                 [
 222                                         'rel'  => 'magic-public-key',
 223                                         'href' => 'data:application/magic-public-key,' . $salmon_key,
 224                                 ],
 225                                 [
 226                                         'rel'  => 'http://purl.org/openwebauth/v1',
 227                                         'type' => 'application/x-zot+json',
 228                                         'href' => $baseURL . '/owa',
 229                                 ],
 230                         ],
 231                 ];
 232
 233                 header('Access-Control-Allow-Origin: *');
 234                 System::jsonExit($json, 'application/jrd+json; charset=utf-8');
 235         }
 236
 237         private static function printXML($alias, $baseURL, $user, $owner, $avatar)
 238         {
 239                 $salmon_key = Salmon::salmonKey($owner['spubkey']);
 240
 241                 header('Access-Control-Allow-Origin: *');
 242                 header('Content-type: text/xml');
 243
 244                 $tpl = Renderer::getMarkupTemplate('xrd_person.tpl');
 245
 246                 $o = Renderer::replaceMacros($tpl, [
 247                         '$nick'        => $owner['nickname'],
 248                         '$accturi'     => 'acct:' . $owner['addr'],
 249                         '$alias'       => $alias,
 250                         '$profile_url' => $owner['url'],
 251                         '$hcard_url'   => $baseURL . '/hcard/' . $owner['nickname'],
 252                         '$atom'        => $owner['poll'],
 253                         '$poco_url'    => $owner['poco'],
 254                         '$photo'       => User::getAvatarUrl($owner),
 255                         '$type'        => $avatar['type'],
 256                         '$salmon'      => $baseURL . '/salmon/' . $owner['nickname'],
 257                         '$salmen'      => $baseURL . '/salmon/' . $owner['nickname'] . '/mention',
 258                         '$subscribe'   => $baseURL . '/follow?url={uri}',
 259                         '$openwebauth' => $baseURL . '/owa',
 260                         '$modexp'      => 'data:application/magic-public-key,' . $salmon_key
 261                 ]);
 262
 263                 $arr = ['user' => $user, 'xml' => $o];
 264                 Hook::callAll('personal_xrd', $arr);
 265
 266                 echo $arr['xml'];
 267                 exit();
 268         }
 269 }