$this->clientError(_m('This method requires a POST.'));
}
- if (empty($_SERVER['CONTENT_TYPE']) || $_SERVER['CONTENT_TYPE'] != 'application/atom+xml') {
- $this->clientError(_m('Salmon requires application/atom+xml'));
+ if (empty($_SERVER['CONTENT_TYPE']) || $_SERVER['CONTENT_TYPE'] != 'application/magic-envelope+xml') {
+ $this->clientError(_m('Salmon requires "application/magic-envelope+xml".'));
}
$xml = file_get_contents('php://input');
- $dom = DOMDocument::loadXML($xml);
+ // Check the signature
+ $salmon = new Salmon;
+ if (!$salmon->verifyMagicEnv($xml)) {
+ common_log(LOG_DEBUG, "Salmon signature verification failed.");
+ $this->clientError(_m('Salmon signature verification failed.'));
+ } else {
+ $magic_env = new MagicEnvelope();
+ $env = $magic_env->parse($xml);
+ $xml = $magic_env->unfold($env);
+ }
+ $dom = DOMDocument::loadXML($xml);
if ($dom->documentElement->namespaceURI != Activity::ATOM ||
$dom->documentElement->localName != 'entry') {
common_log(LOG_DEBUG, "Got invalid Salmon post: $xml");
$this->clientError(_m('Salmon post must be an Atom entry.'));
}
- // Check the signature
- $salmon = new Salmon;
- if (!common_config('ostatus', 'skip_signatures')) {
- if (!$salmon->verifyMagicEnv($dom)) {
- common_log(LOG_DEBUG, "Salmon signature verification failed.");
- $this->clientError(_m('Salmon signature verification failed.'));
- }
- }
-
- $this->act = new Activity($dom->documentElement);
+ $this->activity = new Activity($dom->documentElement);
return true;
}
{
StatusNet::setApi(true); // Send smaller error pages
- common_log(LOG_DEBUG, "Got a " . $this->act->verb);
+ common_log(LOG_DEBUG, "Got a " . $this->activity->verb);
if (Event::handle('StartHandleSalmon', array($this->activity))) {
- switch ($this->act->verb)
+ switch ($this->activity->verb)
{
case ActivityVerb::POST:
$this->handlePost();
*/
function handleUpdateProfile()
{
- $oprofile = Ostatus_profile::getActorProfile($this->act);
+ $oprofile = Ostatus_profile::getActorProfile($this->activity);
if ($oprofile) {
common_log(LOG_INFO, "Got a profile-update ping from $oprofile->uri");
- $oprofile->updateFromActivityObject($this->act->actor);
+ $oprofile->updateFromActivityObject($this->activity->actor);
} else {
- common_log(LOG_INFO, "Ignoring profile-update ping from unknown " . $this->act->actor->id);
+ common_log(LOG_INFO, "Ignoring profile-update ping from unknown " . $this->activity->actor->id);
}
}
*/
function ensureProfile()
{
- $actor = $this->act->actor;
+ $actor = $this->activity->actor;
if (empty($actor->id)) {
common_log(LOG_ERR, "broken actor: " . var_export($actor, true));
- common_log(LOG_ERR, "activity with no actor: " . var_export($this->act, true));
+ common_log(LOG_ERR, "activity with no actor: " . var_export($this->activity, true));
throw new Exception("Received a salmon slap from unidentified actor.");
}
function saveNotice()
{
$oprofile = $this->ensureProfile();
- return $oprofile->processPost($this->act, 'salmon');
+ return $oprofile->processPost($this->activity, 'salmon');
}
}