X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=src%2FModule%2FMagic.php;h=491ed31cbd4a4bd0c24036ea45a398325d078251;hb=678004e15a0118ab497a3ed6aa5e50b1147ad150;hp=1d7cb715e1c4e26eecd481a19afa782185102f25;hpb=2a881cc2e71b1677cc9ce98001ae3f157743e542;p=friendica.git diff --git a/src/Module/Magic.php b/src/Module/Magic.php index 1d7cb715e1..491ed31cbd 100644 --- a/src/Module/Magic.php +++ b/src/Module/Magic.php @@ -5,11 +5,13 @@ namespace Friendica\Module; use Friendica\BaseModule; +use Friendica\Core\Logger; +use Friendica\Core\System; use Friendica\Database\DBA; use Friendica\Model\Contact; -use Friendica\Core\System; use Friendica\Util\HTTPSignature; use Friendica\Util\Network; +use Friendica\Util\Strings; /** * Magic Auth (remote authentication) module. @@ -22,14 +24,14 @@ class Magic extends BaseModule { $a = self::getApp(); $ret = ['success' => false, 'url' => '', 'message' => '']; - logger('magic mdule: invoked', LOGGER_DEBUG); + Logger::log('magic mdule: invoked', Logger::DEBUG); - logger('args: ' . print_r($_REQUEST, true), LOGGER_DATA); + Logger::log('args: ' . print_r($_REQUEST, true), Logger::DATA); - $addr = ((x($_REQUEST, 'addr')) ? $_REQUEST['addr'] : ''); - $dest = ((x($_REQUEST, 'dest')) ? $_REQUEST['dest'] : ''); - $test = ((x($_REQUEST, 'test')) ? intval($_REQUEST['test']) : 0); - $owa = ((x($_REQUEST, 'owa')) ? intval($_REQUEST['owa']) : 0); + $addr = defaults($_REQUEST, 'addr', ''); + $dest = defaults($_REQUEST, 'dest', ''); + $test = (!empty($_REQUEST['test']) ? intval($_REQUEST['test']) : 0); + $owa = (!empty($_REQUEST['owa']) ? intval($_REQUEST['owa']) : 0); // NOTE: I guess $dest isn't just the profile url (could be also // other profile pages e.g. photo). We need to find a solution @@ -41,25 +43,21 @@ class Magic extends BaseModule } if (!$cid) { - logger('No contact record found: ' . print_r($_REQUEST, true), LOGGER_DEBUG); + Logger::log('No contact record found: ' . json_encode($_REQUEST), Logger::DEBUG); // @TODO Finding a more elegant possibility to redirect to either internal or external URL - if (filter_var($dest, FILTER_VALIDATE_URL)) { - System::externalRedirect($dest); - } else { - $a->internalRedirect($dest); - } + $a->redirect($dest); } $contact = DBA::selectFirst('contact', ['id', 'nurl', 'url'], ['id' => $cid]); // Redirect if the contact is already authenticated on this site. - if (!empty($a->contact) && array_key_exists('id', $a->contact) && strpos($contact['nurl'], normalise_link(self::getApp()->getBaseURL())) !== false) { + if (!empty($a->contact) && array_key_exists('id', $a->contact) && strpos($contact['nurl'], Strings::normaliseLink(self::getApp()->getBaseURL())) !== false) { if ($test) { $ret['success'] = true; $ret['message'] .= 'Local site - you are already authenticated.' . EOL; return $ret; } - logger('Contact is already authenticated', LOGGER_DEBUG); + Logger::log('Contact is already authenticated', Logger::DEBUG); System::externalRedirect($dest); } @@ -76,8 +74,8 @@ class Magic extends BaseModule $basepath = $exp[0]; $headers = []; - $headers['Accept'] = 'application/x-dfrn+json'; - $headers['X-Open-Web-Auth'] = random_string(); + $headers['Accept'] = 'application/x-dfrn+json, application/x-zot+json'; + $headers['X-Open-Web-Auth'] = Strings::getRandomHex(); // Create a header that is signed with the local users private key. $headers = HTTPSignature::createSig( @@ -97,7 +95,7 @@ class Magic extends BaseModule if ($j['encrypted_token']) { // The token is encrypted. If the local user is really the one the other instance // thinks he/she is, the token can be decrypted with the local users public key. - openssl_private_decrypt(base64url_decode($j['encrypted_token']), $token, $user['prvkey']); + openssl_private_decrypt(Strings::base64UrlDecode($j['encrypted_token']), $token, $user['prvkey']); } else { $token = $j['token']; } @@ -117,10 +115,6 @@ class Magic extends BaseModule } // @TODO Finding a more elegant possibility to redirect to either internal or external URL - if (filter_var($dest, FILTER_VALIDATE_URL)) { - System::externalRedirect($dest); - } else { - $a->internalRedirect($dest); - } + $a->redirect($dest); } }