/**
* @file include/diaspora.php
* @brief The implementation of the diaspora protocol
- *
- * Checklist:
- *
- * Checked:
- * - send status
- * - send comment
- * - send like
- * - send mail
- * - send status retraction
- * - send comment retraction on own post
- * - send like retraction on own post
- * - send comment retraction on diaspora post
- * - send like retraction on diaspora post
- * - receive status
- * - receive reshare
- * - receive comment
- * - receive like
- * - receive connect request
- * - receive profile data
- * - receive mail
- * - receive comment retraction
- * - receive like retraction
- * - relay comment
- * - relay like
- * - relay comment retraction from diaspora
- * - relay comment retraction from friendica
- * - relay like retraction from diaspora
- * - relay like retraction from friendica
- * - send share
- *
- * Should work:
- * - receive account deletion
- * - send unshare
- *
- * Unchecked:
*/
require_once("include/items.php");
* @param string $handle The handle of the signature owner
* @param integer $level This value is only set inside this function to avoid endless loops
*
- * @return the repaired signature
+ * @return string the repaired signature
*/
- function repair_signature($signature, $handle = "", $level = 1) {
+ private function repair_signature($signature, $handle = "", $level = 1) {
if ($signature == "")
return ($signature);
* 'author' -> author diaspora handle
* 'key' -> author public key (converted to pkcs#8)
*/
- function decode($importer, $xml) {
+ public static function decode($importer, $xml) {
$public = false;
$basedom = parse_xml_string($xml);
$decrypted = pkcs5_unpad($decrypted);
- /**
- * $decrypted now contains something like
- *
- * <decrypted_header>
- * <iv>8e+G2+ET8l5BPuW0sVTnQw==</iv>
- * <aes_key>UvSMb4puPeB14STkcDWq+4QE302Edu15oaprAQSkLKU=</aes_key>
- * <author_id>galaxor@diaspora.priateship.org</author_id>
- * </decrypted_header>
- */
-
logger('decrypted: '.$decrypted, LOGGER_DEBUG);
$idom = parse_xml_string($decrypted,false);
*
* @param array $msg The post that will be dispatched
*
- * @return bool Was the message accepted?
+ * @return int The message id of the generated message, "true" or "false" if there was an error
*/
public static function dispatch_public($msg) {
// Use a dummy importer to import the data for the public copy
$importer = array("uid" => 0, "page-flags" => PAGE_FREELOVE);
- $item_id = self::dispatch($importer,$msg);
+ $message_id = self::dispatch($importer,$msg);
// Now distribute it to the followers
$r = q("SELECT `user`.* FROM `user` WHERE `user`.`uid` IN
} else
logger("No subscribers for ".$msg["author"]." ".print_r($msg, true));
- return $item_id;
+ return $message_id;
}
/**
* @param array $importer Array of the importer user
* @param array $msg The post that will be dispatched
*
- * @return bool Was the message accepted?
+ * @return int The message id of the generated message, "true" or "false" if there was an error
*/
public static function dispatch($importer, $msg) {
case "comment":
return self::receive_comment($importer, $sender, $fields, $msg["message"]);
+ case "contact":
+ return self::receive_contact_request($importer, $fields);
+
case "conversation":
return self::receive_conversation($importer, $msg, $fields);
case "profile":
return self::receive_profile($importer, $fields);
- case "request":
- return self::receive_request($importer, $fields);
-
case "reshare":
return self::receive_reshare($importer, $fields, $msg["message"]);
$data = parse_xml_string($msg["message"], false);
- if (!is_object($data))
+ if (!is_object($data)) {
+ logger("No valid XML ".$msg["message"], LOGGER_DEBUG);
return false;
+ }
$first_child = $data->getName();
if (in_array($type, array("signed_retraction", "relayable_retraction")))
$type = "retraction";
+ if ($type == "request")
+ $type = "contact";
+
$fields = new SimpleXMLElement("<".$type."/>");
$signed_data = "";
}
}
- if ($fieldname == "author_signature")
+ if (($fieldname == "author_signature") AND ($entry != ""))
$author_signature = base64_decode($entry);
- elseif ($fieldname == "parent_author_signature")
+ elseif (($fieldname == "parent_author_signature") AND ($entry != ""))
$parent_author_signature = base64_decode($entry);
- elseif ($fieldname != "target_author_signature") {
+ elseif (!in_array($fieldname, array("author_signature", "parent_author_signature", "target_author_signature"))) {
if ($signed_data != "") {
$signed_data .= ";";
$signed_data_parent .= ";";
return true;
// No author_signature? This is a must, so we quit.
- if (!isset($author_signature))
+ if (!isset($author_signature)) {
+ logger("No author signature for type ".$type." - Message: ".$msg["message"], LOGGER_DEBUG);
return false;
+ }
if (isset($parent_author_signature)) {
$key = self::key($msg["author"]);
- if (!rsa_verify($signed_data, $parent_author_signature, $key, "sha256"))
+ if (!rsa_verify($signed_data, $parent_author_signature, $key, "sha256")) {
+ logger("No valid parent author signature for author ".$msg["author"]. " in type ".$type." - signed data: ".$signed_data." - Message: ".$msg["message"]." - Signature ".$parent_author_signature, LOGGER_DEBUG);
return false;
+ }
}
$key = self::key($fields->author);
- return rsa_verify($signed_data, $author_signature, $key, "sha256");
+ if (!rsa_verify($signed_data, $author_signature, $key, "sha256")) {
+ logger("No valid author signature for author ".$msg["author"]. " in type ".$type." - signed data: ".$signed_data." - Message: ".$msg["message"]." - Signature ".$author_signature, LOGGER_DEBUG);
+ return false;
+ } else
+ return true;
}
/**
if($contact['addr'] != "")
$handle = $contact['addr'];
- elseif(($contact['network'] === NETWORK_DFRN) || ($contact['self'] == 1)) {
+ else {
$baseurl_start = strpos($contact['url'],'://') + 3;
$baseurl_length = strpos($contact['url'],'/profile') - $baseurl_start; // allows installations in a subdirectory--not sure how Diaspora will handle
$baseurl = substr($contact['url'], $baseurl_start, $baseurl_length);
* @param string $handle The checked handle in the format user@domain.tld
* @param bool $is_comment Is the check for a comment?
*
- * @return bool is posting allowed?
+ * @return array The contact data
*/
private function allowed_contact_by_handle($importer, $handle, $is_comment = false) {
$contact = self::contact_by_handle($importer["uid"], $handle);
* @param int $uid The user id
* @param string $guid The guid of the message
*
- * @return bool "true" if the message already was stored into the system
+ * @return int|bool message id if the message already was stored into the system - or false.
*/
private function message_exists($uid, $guid) {
$r = q("SELECT `id` FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1",
if($r) {
logger("message ".$guid." already exists for user ".$uid);
- return true;
+ return $r[0]["id"];
}
return false;
}
/**
- * @brief sub function of "fetch_guid"
+ * @brief sub function of "fetch_guid" which checks for links in messages
*
* @param array $match array containing a link that has to be checked for a message link
* @param array $item The item array
* @param string $server The url of the server
* @param int $level Endless loop prevention
*
- * @return array of message, author and public key
+ * @return array
+ * 'message' => The message XML
+ * 'author' => The author handle
+ * 'key' => The public key of the author
*/
private function message($guid, $server, $level = 0) {
* @param array $person The record of the person
* @param int $uid The user id
*
- * @return array of contact id and network type
+ * @return array
+ * 'cid' => contact id
+ * 'network' => network type
*/
private function author_contact_by_url($contact, $person, $uid) {
* @return bool Success
*/
private function receive_account_deletion($importer, $data) {
+
+ /// @todo Account deletion should remove the contact from the global contacts as well
+
$author = notags(unxmlify($data->author));
$contact = self::contact_by_handle($importer["uid"], $author);
return true;
}
+ /**
+ * @brief Fetch the uri from our database if we already have this item (maybe from ourselves)
+ *
+ * @param string $author Author handle
+ * @param string $guid Message guid
+ *
+ * @return string The constructed uri or the one from our database
+ */
+ private function get_uri_from_guid($author, $guid) {
+
+ $r = q("SELECT `uri` FROM `item` WHERE `guid` = '%s' LIMIT 1", dbesc($guid));
+ if ($r)
+ return $r[0]["uri"];
+ else
+ return $author.":".$guid;
+ }
+
/**
* @brief Processes an incoming comment
*
if (!$contact)
return false;
- if (self::message_exists($importer["uid"], $guid))
- return false;
+ $message_id = self::message_exists($importer["uid"], $guid);
+ if ($message_id)
+ return $message_id;
$parent_item = self::parent_item($importer["uid"], $parent_guid, $author, $contact);
if (!$parent_item)
$datarray["owner-avatar"] = ((x($contact,"thumb")) ? $contact["thumb"] : $contact["photo"]);
$datarray["guid"] = $guid;
- $datarray["uri"] = $author.":".$guid;
+ $datarray["uri"] = self::get_uri_from_guid($author, $guid);
$datarray["type"] = "remote-comment";
$datarray["verb"] = ACTIVITY_POST;
if (!$contact)
return false;
- if (self::message_exists($importer["uid"], $guid))
- return false;
+ $message_id = self::message_exists($importer["uid"], $guid);
+ if ($message_id)
+ return $message_id;
$parent_item = self::parent_item($importer["uid"], $parent_guid, $author, $contact);
if (!$parent_item)
// "positive" = "false" would be a Dislike - wich isn't currently supported by Diaspora
// We would accept this anyhow.
- if ($positive === "true")
+ if ($positive == "true")
$verb = ACTIVITY_LIKE;
else
$verb = ACTIVITY_DISLIKE;
$datarray["owner-avatar"] = ((x($contact,"thumb")) ? $contact["thumb"] : $contact["photo"]);
$datarray["guid"] = $guid;
- $datarray["uri"] = $author.":".$guid;
+ $datarray["uri"] = self::get_uri_from_guid($author, $guid);
$datarray["type"] = "activity";
$datarray["verb"] = $verb;
$BPhoto = "[url=".$contact["url"]."][img]".$contact["thumb"]."[/img][/url]";
$arr["body"] = sprintf(t("%1$s is now friends with %2$s"), $A, $B)."\n\n\n".$Bphoto;
- $arr["object"] = "<object><type>".ACTIVITY_OBJ_PERSON."</type><title>".$contact["name"]."</title>"
- ."<id>".$contact["url"]."/".$contact["name"]."</id>";
- $arr["object"] .= "<link>".xmlify('<link rel="alternate" type="text/html" href="'.$contact["url"].'" />'."\n");
- $arr["object"] .= xmlify('<link rel="photo" type="image/jpeg" href="'.$contact["thumb"].'" />'."\n");
- $arr["object"] .= "</link></object>\n";
+ $arr["object"] = self::construct_new_friend_object($contact);
+
$arr["last-child"] = 1;
$arr["allow_cid"] = $user[0]["allow_cid"];
}
}
+ /**
+ * @brief Creates a XML object for a "new friend" message
+ *
+ * @param array $contact Array of the contact
+ *
+ * @return string The XML
+ */
+ private function construct_new_friend_object($contact) {
+ $objtype = ACTIVITY_OBJ_PERSON;
+ $link = '<link rel="alternate" type="text/html" href="'.$contact["url"].'" />'."\n".
+ '<link rel="photo" type="image/jpeg" href="'.$contact["thumb"].'" />'."\n";
+
+ $xmldata = array("object" => array("type" => $objtype,
+ "title" => $contact["name"],
+ "id" => $contact["url"]."/".$contact["name"],
+ "link" => $link));
+
+ return xml::from_array($xmldata, $xml, true);
+ }
+
/**
* @brief Processes incoming sharing notification
*
*
* @return bool Success
*/
- private function receive_request($importer, $data) {
+ private function receive_contact_request($importer, $data) {
$author = unxmlify($data->author);
$recipient = unxmlify($data->recipient);
if (!$author || !$recipient)
return false;
- $contact = self::contact_by_handle($importer["uid"],$author);
+ // the current protocol version doesn't know these fields
+ // That means that we will assume their existance
+ if (isset($data->following))
+ $following = (unxmlify($data->following) == "true");
+ else
+ $following = true;
- if($contact) {
+ if (isset($data->sharing))
+ $sharing = (unxmlify($data->sharing) == "true");
+ else
+ $sharing = true;
- // perhaps we were already sharing with this person. Now they're sharing with us.
- // That makes us friends.
+ $contact = self::contact_by_handle($importer["uid"],$author);
- self::receive_request_make_friend($importer, $contact);
- return true;
+ // perhaps we were already sharing with this person. Now they're sharing with us.
+ // That makes us friends.
+ if ($contact) {
+ if ($following AND $sharing) {
+ self::receive_request_make_friend($importer, $contact);
+ return true;
+ } else /// @todo Handle all possible variations of adding and retracting of permissions
+ return false;
+ }
+
+ if (!$following AND $sharing AND in_array($importer["page-flags"], array(PAGE_SOAPBOX, PAGE_NORMAL))) {
+ logger("Author ".$author." wants to share with us - but doesn't want to listen. Request is ignored.", LOGGER_DEBUG);
+ return false;
+ } elseif (!$following AND !$sharing) {
+ logger("Author ".$author." doesn't want anything - and we don't know the author. Request is ignored.", LOGGER_DEBUG);
+ return false;
}
$ret = self::person_by_handle($author);
return;
}
- $g = q("SELECT `def_gid` FROM `user` WHERE `uid` = %d LIMIT 1",
- intval($importer["uid"])
- );
+ $def_gid = get_default_group($importer['uid'], $ret["network"]);
- if($g && intval($g[0]["def_gid"]))
- group_add_member($importer["uid"], "", $contact_record["id"], $g[0]["def_gid"]);
+ if(intval($def_gid))
+ group_add_member($importer["uid"], "", $contact_record["id"], $def_gid);
+
+ update_contact_avatar($ret["photo"], $importer['uid'], $contact_record["id"], true);
if($importer["page-flags"] == PAGE_NORMAL) {
// but if our page-type is PAGE_COMMUNITY or PAGE_SOAPBOX
// we are going to change the relationship and make them a follower.
- if($importer["page-flags"] == PAGE_FREELOVE)
+ if (($importer["page-flags"] == PAGE_FREELOVE) AND $sharing AND $following)
$new_relation = CONTACT_IS_FRIEND;
+ elseif (($importer["page-flags"] == PAGE_FREELOVE) AND $sharing)
+ $new_relation = CONTACT_IS_SHARING;
else
$new_relation = CONTACT_IS_FOLLOWER;
logger("reshared message ".$guid." already exists on system.");
// Maybe it is already a reshared item?
- // Then refetch the content, since there can be many side effects with reshared posts from other networks or reshares from reshares
- if (self::is_reshare($r[0]["body"], false))
+ // Then refetch the content, if it is a reshare from a reshare.
+ // If it is a reshared post from another network then reformat to avoid display problems with two share elements
+ if (self::is_reshare($r[0]["body"], true))
$r = array();
- else
+ elseif (self::is_reshare($r[0]["body"], false)) {
+ $r[0]["body"] = diaspora2bb(bb2diaspora($r[0]["body"]));
+
+ // Add OEmbed and other information to the body
+ $r[0]["body"] = add_page_info_to_body($r[0]["body"], false, true);
+
+ return $r[0];
+ } else
return $r[0];
}
FROM `item` WHERE `id` = %d AND `visible` AND NOT `deleted` AND `body` != '' LIMIT 1",
intval($item_id));
- if ($r)
+ if ($r) {
+ // If it is a reshared post from another network then reformat to avoid display problems with two share elements
+ if (self::is_reshare($r[0]["body"], false))
+ $r[0]["body"] = diaspora2bb(bb2diaspora($r[0]["body"]));
+
return $r[0];
+ }
}
}
if (!$contact)
return false;
- if (self::message_exists($importer["uid"], $guid))
- return false;
+ $message_id = self::message_exists($importer["uid"], $guid);
+ if ($message_id)
+ return $message_id;
$original_item = self::original_item($root_guid, $root_author, $author);
if (!$original_item)
$datarray["owner-avatar"] = $datarray["author-avatar"];
$datarray["guid"] = $guid;
- $datarray["uri"] = $datarray["parent-uri"] = $author.":".$guid;
+ $datarray["uri"] = $datarray["parent-uri"] = self::get_uri_from_guid($author, $guid);
$datarray["verb"] = ACTIVITY_POST;
$datarray["gravity"] = GRAVITY_PARENT;
case "StatusMessage":
return self::item_retraction($importer, $contact, $data);;
+ case "Contact":
case "Person":
/// @todo What should we do with an "unshare"?
// Removing the contact isn't correct since we still can read the public items
- //contact_remove($contact["id"]);
+ contact_remove($contact["id"]);
return true;
default:
if (!$contact)
return false;
- if (self::message_exists($importer["uid"], $guid))
- return false;
+ $message_id = self::message_exists($importer["uid"], $guid);
+ if ($message_id)
+ return $message_id;
$address = array();
if ($data->location)
$datarray = array();
+ // Attach embedded pictures to the body
if ($data->photo) {
foreach ($data->photo AS $photo)
$body = "[img]".unxmlify($photo->remote_photo_path).
$datarray["owner-avatar"] = $datarray["author-avatar"];
$datarray["guid"] = $guid;
- $datarray["uri"] = $datarray["parent-uri"] = $author.":".$guid;
+ $datarray["uri"] = $datarray["parent-uri"] = self::get_uri_from_guid($author, $guid);
$datarray["verb"] = ACTIVITY_POST;
$datarray["gravity"] = GRAVITY_PARENT;
return $message_id;
}
- /******************************************************************************************
+ /* ************************************************************************************** *
* Here are all the functions that are needed to transmit data with the Diaspora protocol *
- ******************************************************************************************/
+ * ************************************************************************************** */
/**
* @brief returnes the handle of a contact
return $nick."@".substr(App::get_baseurl(), strpos(App::get_baseurl(),"://") + 3);
}
+ /**
+ * @brief Creates the envelope for the "fetch" endpoint
+ *
+ * @param string $msg The message that is to be transmitted
+ * @param array $user The record of the sender
+ *
+ * @return string The envelope
+ */
+
+ function build_magic_envelope($msg, $user) {
+
+ $b64url_data = base64url_encode($msg);
+ $data = str_replace(array("\n", "\r", " ", "\t"), array("", "", "", ""), $b64url_data);
+
+ $key_id = base64url_encode(diaspora::my_handle($user));
+ $type = "application/xml";
+ $encoding = "base64url";
+ $alg = "RSA-SHA256";
+ $signable_data = $data.".".base64url_encode($type).".".base64url_encode($encoding).".".base64url_encode($alg);
+ $signature = rsa_sign($signable_data, $user["prvkey"]);
+ $sig = base64url_encode($signature);
+
+ $xmldata = array("me:env" => array("me:data" => $data,
+ "@attributes" => array("type" => $type),
+ "me:encoding" => $encoding,
+ "me:alg" => $alg,
+ "me:sig" => $sig,
+ "@attributes2" => array("key_id" => $key_id)));
+
+ $namespaces = array("me" => "http://salmon-protocol.org/ns/magic-env");
+
+ return xml::from_array($xmldata, $xml, false, $namespaces);
+ }
+
/**
* @brief Creates the envelope for a public message
*
$sig = base64url_encode($signature);
$xmldata = array("diaspora" => array("header" => array("author_id" => $handle),
- "me:env" => array("me:encoding" => "base64url",
- "me:alg" => "RSA-SHA256",
- "me:data" => $data,
- "@attributes" => array("type" => "application/xml"),
- "me:sig" => $sig)));
+ "me:env" => array("me:encoding" => $encoding,
+ "me:alg" => $alg,
+ "me:data" => $data,
+ "@attributes" => array("type" => $type),
+ "me:sig" => $sig)));
$namespaces = array("" => "https://joindiaspora.com/protocol",
"me" => "http://salmon-protocol.org/ns/magic-env");
$cipher_json = base64_encode($encrypted_header_json_object);
$xmldata = array("diaspora" => array("encrypted_header" => $cipher_json,
- "me:env" => array("me:encoding" => "base64url",
- "me:alg" => "RSA-SHA256",
+ "me:env" => array("me:encoding" => $encoding,
+ "me:alg" => $alg,
"me:data" => $data,
- "@attributes" => array("type" => "application/xml"),
+ "@attributes" => array("type" => $type),
"me:sig" => $sig)));
$namespaces = array("" => "https://joindiaspora.com/protocol",
}
+ /**
+ * @brief Build the post xml
+ *
+ * @param string $type The message type
+ * @param array $message The message data
+ *
+ * @return string The post XML
+ */
+ public static function build_post_xml($type, $message) {
+
+ $data = array("XML" => array("post" => array($type => $message)));
+ return xml::from_array($data, $xml);
+ }
+
/**
* @brief Builds and transmit messages
*
*/
private function build_and_transmit($owner, $contact, $type, $message, $public_batch = false, $guid = "", $spool = false) {
- $data = array("XML" => array("post" => array($type => $message)));
-
- $msg = xml::from_array($data, $xml);
+ $msg = self::build_post_xml($type, $message);
logger('message: '.$msg, LOGGER_DATA);
logger('send guid '.$guid, LOGGER_DEBUG);
// Skip if it isn't a pure repeated messages
// Does it start with a share?
- if (strpos($body, "[share") > 0)
+ if ((strpos($body, "[share") > 0) AND $complete)
return(false);
// Does it end with a share?
$link = $matches[1];
$ret["root_guid"] = preg_replace("=https?://(.*)/posts/(.*)=ism", "$2", $link);
- if (($ret["root_guid"] == $link) OR ($ret["root_guid"] == ""))
+ if (($ret["root_guid"] == $link) OR (trim($ret["root_guid"]) == ""))
return(false);
+
return($ret);
}
/**
- * @brief Sends a post
+ * @brief Create a post (status message or reshare)
*
* @param array $item The item that will be exported
* @param array $owner the array of the item owner
- * @param array $contact Target of the communication
- * @param bool $public_batch Is it a public post?
*
- * @return int The result of the transmission
+ * @return array
+ * 'type' -> Message type ("status_message" or "reshare")
+ * 'message' -> Array of XML elements of the status
*/
- public static function send_status($item, $owner, $contact, $public_batch = false) {
+ public static function build_status($item, $owner) {
$myaddr = self::my_handle($owner);
$type = "status_message";
}
+ return array("type" => $type, "message" => $message);
+ }
- return self::build_and_transmit($owner, $contact, $type, $message, $public_batch, $item["guid"]);
+ /**
+ * @brief Sends a post
+ *
+ * @param array $item The item that will be exported
+ * @param array $owner the array of the item owner
+ * @param array $contact Target of the communication
+ * @param bool $public_batch Is it a public post?
+ *
+ * @return int The result of the transmission
+ */
+ public static function send_status($item, $owner, $contact, $public_batch = false) {
+
+ $status = diaspora::build_status($item, $owner);
+
+ return self::build_and_transmit($owner, $contact, $status["type"], $status["message"], $public_batch, $item["guid"]);
}
/**
*
* @return bool Success
*/
- function store_like_signature($contact, $post_id) {
-
- $enabled = intval(get_config('system','diaspora_enabled'));
- if (!$enabled) {
- logger('Diaspora support disabled, not storing like signature', LOGGER_DEBUG);
- return false;
- }
+ public static function store_like_signature($contact, $post_id) {
// Is the contact the owner? Then fetch the private key
if (!$contact['self'] OR ($contact['uid'] == 0)) {
*
* @return bool Success
*/
- function store_comment_signature($item, $contact, $uprvkey, $message_id) {
+ public static function store_comment_signature($item, $contact, $uprvkey, $message_id) {
if ($uprvkey == "") {
logger('No private key, so not storing comment signature', LOGGER_DEBUG);
return false;
}
- $enabled = intval(get_config('system','diaspora_enabled'));
- if (!$enabled) {
- logger('Diaspora support disabled, not storing comment signature', LOGGER_DEBUG);
- return false;
- }
-
$contact["uprvkey"] = $uprvkey;
$message = self::construct_comment($item, $contact);