X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=plugins%2FOStatus%2Flib%2Fsalmon.php;h=7f685665fa9a8268c3acf48c34ea37da0fa1eb43;hb=734287cfd37b9833a2d0fdf93c25934c2cae9e53;hp=c93b314f8ab4161b084eb1e469b84f6180d53fdf;hpb=2a4dc77a633cc78907934fd93200ac16d55be78e;p=quix0rs-gnu-social.git diff --git a/plugins/OStatus/lib/salmon.php b/plugins/OStatus/lib/salmon.php index c93b314f8a..7f685665fa 100644 --- a/plugins/OStatus/lib/salmon.php +++ b/plugins/OStatus/lib/salmon.php @@ -43,123 +43,41 @@ class Salmon * * @param string $endpoint_uri * @param string $xml string representation of payload - * @param Profile $actor local user profile whose keys to sign with + * @param User $user local user profile whose keys we sign with * @return boolean success */ - public function post($endpoint_uri, $xml, $actor) + public static function post($endpoint_uri, $xml, User $user) { if (empty($endpoint_uri)) { + common_debug('No endpoint URI for Salmon post to '.$user->getUri()); return false; } - foreach ($this->formatClasses() as $class) { - try { - $envelope = $this->createMagicEnv($xml, $actor, $class); - } catch (Exception $e) { - common_log(LOG_ERR, "Salmon unable to sign: " . $e->getMessage()); - return false; - } - - $headers = array('Content-Type: application/magic-envelope+xml'); - - try { - $client = new HTTPClient(); - $client->setBody($envelope); - $response = $client->post($endpoint_uri, $headers); - } catch (HTTP_Request2_Exception $e) { - common_log(LOG_ERR, "Salmon ($class) post to $endpoint_uri failed: " . $e->getMessage()); - continue; - } - if ($response->getStatus() != 200) { - common_log(LOG_ERR, "Salmon ($class) at $endpoint_uri returned status " . - $response->getStatus() . ': ' . $response->getBody()); - continue; - } - - // Success! - return true; - } - return false; - } - - /** - * List the magic envelope signature class variants in the order we try them. - * Multiples are needed for backwards-compat with StatusNet prior to 0.9.7, - * which used a draft version of the magic envelope spec. - */ - protected function formatClasses() { - return array('MagicEnvelope', 'MagicEnvelopeCompat'); - } - - /** - * Encode the given string as a signed MagicEnvelope XML document, - * using the keypair for the given local user profile. - * - * Side effects: will create and store a keypair on-demand if one - * hasn't already been generated for this user. This can be very slow - * on some systems. - * - * @param string $text XML fragment to sign, assumed to be Atom - * @param Profile $actor Profile of a local user to use as signer - * @param string $class to override the magic envelope signature version, pass a MagicEnvelope subclass here - * - * @return string XML string representation of magic envelope - * - * @throws Exception on bad profile input or key generation problems - * @fixme if signing fails, this seems to return the original text without warning. Is there a reason for this? - */ - public function createMagicEnv($text, $actor, $class='MagicEnvelope') - { - $magic_env = new $class(); - - $user = User::getKV('id', $actor->id); - if ($user->id) { - // Use local key - $magickey = Magicsig::getKV('user_id', $user->id); - if (!$magickey) { - // No keypair yet, let's generate one. - $magickey = new Magicsig(); - $magickey->generate($user->id); - } - } else { - // TRANS: Exception. - throw new Exception(_m('Salmon invalid actor for signing.')); - } - try { - $env = $magic_env->signMessage($text, 'application/atom+xml', $magickey->toString()); + $magic_env = MagicEnvelope::signAsUser($xml, $user); + $envxml = $magic_env->toXML(); } catch (Exception $e) { - return $text; + common_log(LOG_ERR, "Salmon unable to sign: " . $e->getMessage()); + return false; } - return $magic_env->toXML($env); - } - - /** - * Check if the given magic envelope is well-formed and correctly signed. - * Needs to have network access to fetch public keys over the web. - * Both current and back-compat signature formats will be checked. - * - * Side effects: exceptions and caching updates may occur during network - * fetches. - * - * @param string $text XML fragment of magic envelope - * @return boolean - * - * @throws Exception on bad profile input or key generation problems - * @fixme could hit fatal errors or spew output on invalid XML - */ - public function verifyMagicEnv($text) - { - foreach ($this->formatClasses() as $class) { - $magic_env = new $class(); - $env = $magic_env->parse($text); + $headers = array('Content-Type: application/magic-envelope+xml'); - if ($magic_env->verify($env)) { - return true; - } + try { + $client = new HTTPClient(); + $client->setBody($envxml); + $response = $client->post($endpoint_uri, $headers); + } catch (HTTP_Request2_Exception $e) { + common_log(LOG_ERR, "Salmon post to $endpoint_uri failed: " . $e->getMessage()); + return false; + } + if ($response->getStatus() != 200) { + common_log(LOG_ERR, sprintf('Salmon (from profile %d) endpoint %s returned status %s: %s', + $user->id, $endpoint_uri, $response->getStatus(), $response->getBody())); + return false; } - return false; + // Success! + return true; } }