X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModule%2FMagic.php;h=491ed31cbd4a4bd0c24036ea45a398325d078251;hb=e4439a5fe3be491365f1018635a5c711b4076030;hp=0b4126e0e965528fba0c9170a725c2b2dec262c9;hpb=505350c9fb9b16dde6c86d418947592ab3720282;p=friendica.git

diff --git a/src/Module/Magic.php b/src/Module/Magic.php
index 0b4126e0e9..491ed31cbd 100644
--- a/src/Module/Magic.php
+++ b/src/Module/Magic.php
@@ -5,10 +5,13 @@
 namespace Friendica\Module;
 
 use Friendica\BaseModule;
+use Friendica\Core\Logger;
+use Friendica\Core\System;
 use Friendica\Database\DBA;
 use Friendica\Model\Contact;
 use Friendica\Util\HTTPSignature;
 use Friendica\Util\Network;
+use Friendica\Util\Strings;
 
 /**
  * Magic Auth (remote authentication) module.
@@ -21,14 +24,14 @@ class Magic extends BaseModule
 	{
 		$a = self::getApp();
 		$ret = ['success' => false, 'url' => '', 'message' => ''];
-		logger('magic mdule: invoked', LOGGER_DEBUG);
+		Logger::log('magic mdule: invoked', Logger::DEBUG);
 
-		logger('args: ' . print_r($_REQUEST, true), LOGGER_DATA);
+		Logger::log('args: ' . print_r($_REQUEST, true), Logger::DATA);
 
-		$addr = ((x($_REQUEST, 'addr')) ? $_REQUEST['addr'] : '');
-		$dest = ((x($_REQUEST, 'dest')) ? $_REQUEST['dest'] : '');
-		$test = ((x($_REQUEST, 'test')) ? intval($_REQUEST['test']) : 0);
-		$owa  = ((x($_REQUEST, 'owa'))  ? intval($_REQUEST['owa'])  : 0);
+		$addr = defaults($_REQUEST, 'addr', '');
+		$dest = defaults($_REQUEST, 'dest', '');
+		$test = (!empty($_REQUEST['test']) ? intval($_REQUEST['test']) : 0);
+		$owa  = (!empty($_REQUEST['owa'])  ? intval($_REQUEST['owa'])  : 0);
 
 		// NOTE: I guess $dest isn't just the profile url (could be also
 		// other profile pages e.g. photo). We need to find a solution
@@ -40,22 +43,22 @@ class Magic extends BaseModule
 		}
 
 		if (!$cid) {
-			logger('No contact record found: ' . print_r($_REQUEST, true), LOGGER_DEBUG);
-			goaway($dest);
+			Logger::log('No contact record found: ' . json_encode($_REQUEST), Logger::DEBUG);
+			// @TODO Finding a more elegant possibility to redirect to either internal or external URL
+			$a->redirect($dest);
 		}
-
 		$contact = DBA::selectFirst('contact', ['id', 'nurl', 'url'], ['id' => $cid]);
 
 		// Redirect if the contact is already authenticated on this site.
-		if (!empty($a->contact) && array_key_exists('id', $a->contact) && strpos($contact['nurl'], normalise_link(self::getApp()->get_baseurl())) !== false) {
+		if (!empty($a->contact) && array_key_exists('id', $a->contact) && strpos($contact['nurl'], Strings::normaliseLink(self::getApp()->getBaseURL())) !== false) {
 			if ($test) {
 				$ret['success'] = true;
 				$ret['message'] .= 'Local site - you are already authenticated.' . EOL;
 				return $ret;
 			}
 
-			logger('Contact is already authenticated', LOGGER_DEBUG);
-			goaway($dest);
+			Logger::log('Contact is already authenticated', Logger::DEBUG);
+			System::externalRedirect($dest);
 		}
 
 		if (local_user()) {
@@ -71,38 +74,38 @@ class Magic extends BaseModule
 				$basepath = $exp[0];
 
 				$headers = [];
-				$headers['Accept'] = 'application/x-dfrn+json';
-				$headers['X-Open-Web-Auth'] = random_string();
+				$headers['Accept'] = 'application/x-dfrn+json, application/x-zot+json';
+				$headers['X-Open-Web-Auth'] = Strings::getRandomHex();
 
 				// Create a header that is signed with the local users private key.
 				$headers = HTTPSignature::createSig(
 					$headers,
 					$user['prvkey'],
-					'acct:' . $user['nickname'] . '@' . $a->get_hostname() . ($a->urlpath ? '/' . $a->urlpath : '')
+					'acct:' . $user['nickname'] . '@' . $a->getHostName() . ($a->getURLPath() ? '/' . $a->getURLPath() : '')
 				);
 
 				// Try to get an authentication token from the other instance.
-				$x = Network::curl($basepath . '/owa', false, $redirects, ['headers' => $headers]);
+				$curlResult = Network::curl($basepath . '/owa', false, $redirects, ['headers' => $headers]);
 
-				if ($x['success']) {
-					$j = json_decode($x['body'], true);
+				if ($curlResult->isSuccess()) {
+					$j = json_decode($curlResult->getBody(), true);
 
 					if ($j['success']) {
 						$token = '';
 						if ($j['encrypted_token']) {
 							// The token is encrypted. If the local user is really the one the other instance
 							// thinks he/she is, the token can be decrypted with the local users public key.
-							openssl_private_decrypt(base64url_decode($j['encrypted_token']), $token, $user['prvkey']);
+							openssl_private_decrypt(Strings::base64UrlDecode($j['encrypted_token']), $token, $user['prvkey']);
 						} else {
 							$token = $j['token'];
 						}
 						$x = strpbrk($dest, '?&');
 						$args = (($x) ? '&owt=' . $token : '?f=&owt=' . $token);
 
-						goaway($dest . $args);
+						System::externalRedirect($dest . $args);
 					}
 				}
-				goaway($dest);
+				System::externalRedirect($dest);
 			}
 		}
 
@@ -111,6 +114,7 @@ class Magic extends BaseModule
 			return $ret;
 		}
 
-		goaway($dest);
+		// @TODO Finding a more elegant possibility to redirect to either internal or external URL
+		$a->redirect($dest);
 	}
 }