use Friendica\BaseModule;
use Friendica\Core\System;
-use Friendica\Database\DBM;
-use Friendica\Model\Verify;
-use Friendica\Network\Probe;
-use Friendica\Util\DateTimeFormat;
-use Friendica\Util\HTTPSig;
-
-use dba;
+use Friendica\Database\DBA;
+use Friendica\Model\Contact;
+use Friendica\Model\OpenWebAuthToken;
+use Friendica\Util\HTTPSignature;
/**
* @brief OpenWebAuth verifier and token generator
- *
+ *
* See https://macgirvin.com/wiki/mike/OpenWebAuth/Home
* Requests to this endpoint should be signed using HTTP Signatures
* using the 'Authorization: Signature' authentication method
* If the signature verifies a token is returned.
*
* This token may be exchanged for an authenticated cookie.
- *
+ *
* Ported from Hubzilla: https://framagit.org/hubzilla/core/blob/master/Zotlabs/Module/Owa.php
*/
class Owa extends BaseModule
continue;
}
- $sigblock = HTTPSig::parseSigheader($_SERVER[$head]);
+ $sigblock = HTTPSignature::parseSigheader($_SERVER[$head]);
if ($sigblock) {
$keyId = $sigblock['keyId'];
if ($keyId) {
// Try to find the public contact entry of the handle.
- $handle = str_replace("acct:", "", $keyId);
- $fields = ["id", "url", "addr", "pubkey"];
- $condition = ["addr" => $handle, "uid" => 0];
+ $handle = str_replace('acct:', '', $keyId);
- $contact = dba::selectFirst("contact", $fields, $condition);
+ $cid = Contact::getIdForURL($handle);
+ $fields = ['id', 'url', 'addr', 'pubkey'];
+ $condition = ['id' => $cid];
- // Not found? Try to probe with the handle.
- if(!DBM::is_result($contact)) {
- Probe::uri($handle, '', -1, true, true);
- $contact = dba::selectFirst("contact", $fields, $condition);
- }
+ $contact = DBA::selectFirst('contact', $fields, $condition);
- if (DBM::is_result($contact)) {
+ if (DBA::isResult($contact)) {
// Try to verify the signed header with the public key of the contact record
// we have found.
- $verified = HTTPSig::verify('', $contact['pubkey']);
+ $verified = HTTPSignature::verifyMagic($contact['pubkey']);
if ($verified && $verified['header_signed'] && $verified['header_valid']) {
logger('OWA header: ' . print_r($verified, true), LOGGER_DATA);
$token = random_string(32);
// Store the generated token in the databe.
- Verify::create('owt', 0, $token, $contact['addr']);
+ OpenWebAuthToken::create('owt', 0, $token, $contact['addr']);
$result = '';
projects / friendica.git / blobdiff