X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModule%2FOwa.php;h=69abd8e871fb5a2aa4640029b17199647f4d264c;hb=706444bdb22b57f18c284044bdbdaeb7610990fe;hp=84f25024475eedeed06e41298987761d5b767312;hpb=4e44b07dfe07dde78fe8a095fbb43d9ec1ffcb53;p=friendica.git diff --git a/src/Module/Owa.php b/src/Module/Owa.php index 84f2502447..69abd8e871 100644 --- a/src/Module/Owa.php +++ b/src/Module/Owa.php @@ -1,19 +1,37 @@ . + * */ + namespace Friendica\Module; use Friendica\BaseModule; +use Friendica\Core\Logger; use Friendica\Core\System; -use Friendica\Database\dba; -use Friendica\Database\DBM; +use Friendica\Database\DBA; use Friendica\Model\Contact; use Friendica\Model\OpenWebAuthToken; use Friendica\Util\HTTPSignature; +use Friendica\Util\Strings; /** - * @brief OpenWebAuth verifier and token generator + * OpenWebAuth verifier and token generator * * See https://macgirvin.com/wiki/mike/OpenWebAuth/Home * Requests to this endpoint should be signed using HTTP Signatures @@ -26,9 +44,8 @@ use Friendica\Util\HTTPSignature; */ class Owa extends BaseModule { - public static function init() + protected function rawContent(array $request = []) { - $ret = [ 'success' => false ]; foreach (['REDIRECT_REMOTE_USER', 'HTTP_AUTHORIZATION'] as $head) { @@ -50,41 +67,40 @@ class Owa extends BaseModule $fields = ['id', 'url', 'addr', 'pubkey']; $condition = ['id' => $cid]; - $contact = dba::selectFirst('contact', $fields, $condition); + $contact = DBA::selectFirst('contact', $fields, $condition); - if (DBM::is_result($contact)) { + if (DBA::isResult($contact)) { // Try to verify the signed header with the public key of the contact record // we have found. - $verified = HTTPSignature::verify('', $contact['pubkey']); + $verified = HTTPSignature::verifyMagic($contact['pubkey']); if ($verified && $verified['header_signed'] && $verified['header_valid']) { - logger('OWA header: ' . print_r($verified, true), LOGGER_DATA); - logger('OWA success: ' . $contact['addr'], LOGGER_DATA); + Logger::debug('OWA header', ['addr' => $contact['addr'], 'data' => $verified]); $ret['success'] = true; - $token = random_string(32); + $token = Strings::getRandomHex(32); - // Store the generated token in the databe. + // Store the generated token in the database. OpenWebAuthToken::create('owt', 0, $token, $contact['addr']); $result = ''; - // Encrypt the token with the public contacts publik key. + // Encrypt the token with the public contacts public key. // Only the specific public contact will be able to encrypt it. // At a later time, we will compare weather the token we're getting // is really the same token we have stored in the database. openssl_public_encrypt($token, $result, $contact['pubkey']); - $ret['encrypted_token'] = base64url_encode($result); + $ret['encrypted_token'] = Strings::base64UrlEncode($result); } else { - logger('OWA fail: ' . $contact['id'] . ' ' . $contact['addr'] . ' ' . $contact['url'], LOGGER_DEBUG); + Logger::info('OWA fail', ['id' => $contact['id'], 'addr' => $contact['addr'], 'url' => $contact['url']]); } } else { - logger('Contact not found: ' . $handle, LOGGER_DEBUG); + Logger::info('Contact not found', ['handle' => $handle]); } } } } } - System::jsonExit($ret, 'application/x-dfrn+json'); + System::jsonExit($ret, 'application/x-zot+json'); } }