X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModule%2FMagic.php;h=441fe7f157a33c61609744422dd94385a2cbb3ae;hb=2aea2861432fe4035363333a6de214a5c9e601a3;hp=ce41f228d32f8845c036eb87602b54e8e07f2383;hpb=8a3cae686b9067b43055a5d3ee7ba3313b88f495;p=friendica.git

diff --git a/src/Module/Magic.php b/src/Module/Magic.php
index ce41f228d3..441fe7f157 100644
--- a/src/Module/Magic.php
+++ b/src/Module/Magic.php
@@ -5,15 +5,17 @@
 namespace Friendica\Module;
 
 use Friendica\BaseModule;
+use Friendica\Core\Logger;
+use Friendica\Core\System;
+use Friendica\Database\DBA;
 use Friendica\Model\Contact;
 use Friendica\Util\HTTPSignature;
 use Friendica\Util\Network;
-
-use dba;
+use Friendica\Util\Strings;
 
 /**
  * Magic Auth (remote authentication) module.
- * 
+ *
  * Ported from Hubzilla: https://framagit.org/hubzilla/core/blob/master/Zotlabs/Module/Magic.php
  */
 class Magic extends BaseModule
@@ -22,16 +24,16 @@ class Magic extends BaseModule
 	{
 		$a = self::getApp();
 		$ret = ['success' => false, 'url' => '', 'message' => ''];
-		logger('magic mdule: invoked', LOGGER_DEBUG);
+		Logger::log('magic mdule: invoked', Logger::DEBUG);
 
-		logger('args: ' . print_r($_REQUEST, true), LOGGER_DATA);
+		Logger::log('args: ' . print_r($_REQUEST, true), Logger::DATA);
 
-		$addr = ((x($_REQUEST, 'addr')) ? $_REQUEST['addr'] : '');
-		$dest = ((x($_REQUEST, 'dest')) ? $_REQUEST['dest'] : '');
-		$test = ((x($_REQUEST, 'test')) ? intval($_REQUEST['test']) : 0);
-		$owa  = ((x($_REQUEST, 'owa'))  ? intval($_REQUEST['owa'])  : 0);
+		$addr = defaults($_REQUEST, 'addr', '');
+		$dest = defaults($_REQUEST, 'dest', '');
+		$test = (!empty($_REQUEST['test']) ? intval($_REQUEST['test']) : 0);
+		$owa  = (!empty($_REQUEST['owa'])  ? intval($_REQUEST['owa'])  : 0);
 
-		// NOTE: I guess $dest isn't just the profile url (could be also 
+		// NOTE: I guess $dest isn't just the profile url (could be also
 		// other profile pages e.g. photo). We need to find a solution
 		// to be able to redirct to other pages than the contact profile.
 		$cid = Contact::getIdForURL($dest);
@@ -41,22 +43,22 @@ class Magic extends BaseModule
 		}
 
 		if (!$cid) {
-			logger('No contact record found: ' . print_r($_REQUEST, true), LOGGER_DEBUG);
-			goaway($dest);
+			Logger::log('No contact record found: ' . json_encode($_REQUEST), Logger::DEBUG);
+			// @TODO Finding a more elegant possibility to redirect to either internal or external URL
+			$a->redirect($dest);
 		}
-
-		$contact = dba::selectFirst('contact', ['id', 'nurl', 'url'], ['id' => $cid]);
+		$contact = DBA::selectFirst('contact', ['id', 'nurl', 'url'], ['id' => $cid]);
 
 		// Redirect if the contact is already authenticated on this site.
-		if (array_key_exists('id', $a->contact) && strpos($contact['nurl'], normalise_link(self::getApp()->get_baseurl())) !== false) {
-			if($test) {
+		if (!empty($a->contact) && array_key_exists('id', $a->contact) && strpos($contact['nurl'], Strings::normaliseLink(self::getApp()->getBaseURL())) !== false) {
+			if ($test) {
 				$ret['success'] = true;
 				$ret['message'] .= 'Local site - you are already authenticated.' . EOL;
 				return $ret;
 			}
 
-			logger('Contact is already authenticated', LOGGER_DEBUG);
-			goaway($dest);
+			Logger::log('Contact is already authenticated', Logger::DEBUG);
+			System::externalRedirect($dest);
 		}
 
 		if (local_user()) {
@@ -72,50 +74,47 @@ class Magic extends BaseModule
 				$basepath = $exp[0];
 
 				$headers = [];
-				$headers['Accept'] = 'application/x-dfrn+json';
-				$headers['X-Open-Web-Auth'] = random_string();
+				$headers['Accept'] = 'application/x-dfrn+json, application/x-zot+json';
+				$headers['X-Open-Web-Auth'] = Strings::getRandomHex();
 
 				// Create a header that is signed with the local users private key.
 				$headers = HTTPSignature::createSig(
-					'',
 					$headers,
 					$user['prvkey'],
-					'acct:' . $user['nickname'] . '@' . $a->get_hostname() . ($a->path ? '/' . $a->path : ''),
-					false,
-					true,
-					'sha512'
+					'acct:' . $user['nickname'] . '@' . $a->getHostName() . ($a->getURLPath() ? '/' . $a->getURLPath() : '')
 				);
 
 				// Try to get an authentication token from the other instance.
-				$x = Network::curl($basepath . '/owa', false, $redirects, ['headers' => $headers]);
+				$curlResult = Network::curl($basepath . '/owa', false, ['headers' => $headers]);
 
-				if ($x['success']) {
-					$j = json_decode($x['body'], true);
+				if ($curlResult->isSuccess()) {
+					$j = json_decode($curlResult->getBody(), true);
 
 					if ($j['success']) {
 						$token = '';
 						if ($j['encrypted_token']) {
 							// The token is encrypted. If the local user is really the one the other instance
 							// thinks he/she is, the token can be decrypted with the local users public key.
-							openssl_private_decrypt(base64url_decode($j['encrypted_token']), $token, $user['prvkey']);
+							openssl_private_decrypt(Strings::base64UrlDecode($j['encrypted_token']), $token, $user['prvkey']);
 						} else {
 							$token = $j['token'];
 						}
 						$x = strpbrk($dest, '?&');
 						$args = (($x) ? '&owt=' . $token : '?f=&owt=' . $token);
 
-						goaway($dest . $args);
+						System::externalRedirect($dest . $args);
 					}
 				}
-				goaway($dest);
+				System::externalRedirect($dest);
 			}
 		}
 
-		if($test) {
+		if ($test) {
 			$ret['message'] = 'Not authenticated or invalid arguments' . EOL;
 			return $ret;
 		}
 
-		goaway($dest);
+		// @TODO Finding a more elegant possibility to redirect to either internal or external URL
+		$a->redirect($dest);
 	}
 }