X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModule%2FOwa.php;h=eaba8abd53025704c82cbe810bb94110e24a1b6a;hb=99284222c1d7fb4adca9077e3057faf3b36f7180;hp=306c525c062698bcdf88516d6f1b666b6700f356;hpb=78114c13d5ce27b36682a960859056d4ebf9d9be;p=friendica.git diff --git a/src/Module/Owa.php b/src/Module/Owa.php index 306c525c06..eaba8abd53 100644 --- a/src/Module/Owa.php +++ b/src/Module/Owa.php @@ -1,35 +1,51 @@ . + * */ + namespace Friendica\Module; use Friendica\BaseModule; +use Friendica\Core\Logger; use Friendica\Core\System; -use Friendica\Database\DBM; +use Friendica\Database\DBA; use Friendica\Model\Contact; use Friendica\Model\OpenWebAuthToken; use Friendica\Util\HTTPSignature; - -use dba; +use Friendica\Util\Strings; /** - * @brief OpenWebAuth verifier and token generator - * + * OpenWebAuth verifier and token generator + * * See https://macgirvin.com/wiki/mike/OpenWebAuth/Home * Requests to this endpoint should be signed using HTTP Signatures * using the 'Authorization: Signature' authentication method * If the signature verifies a token is returned. * * This token may be exchanged for an authenticated cookie. - * + * * Ported from Hubzilla: https://framagit.org/hubzilla/core/blob/master/Zotlabs/Module/Owa.php */ class Owa extends BaseModule { - public static function init() + protected function rawContent(array $request = []) { - $ret = [ 'success' => false ]; foreach (['REDIRECT_REMOTE_USER', 'HTTP_AUTHORIZATION'] as $head) { @@ -51,19 +67,18 @@ class Owa extends BaseModule $fields = ['id', 'url', 'addr', 'pubkey']; $condition = ['id' => $cid]; - $contact = dba::selectFirst('contact', $fields, $condition); + $contact = DBA::selectFirst('contact', $fields, $condition); - if (DBM::is_result($contact)) { + if (DBA::isResult($contact)) { // Try to verify the signed header with the public key of the contact record // we have found. - $verified = HTTPSignature::verify('', $contact['pubkey']); + $verified = HTTPSignature::verifyMagic($contact['pubkey']); if ($verified && $verified['header_signed'] && $verified['header_valid']) { - logger('OWA header: ' . print_r($verified, true), LOGGER_DATA); - logger('OWA success: ' . $contact['addr'], LOGGER_DATA); + Logger::debug('OWA header', ['addr' => $contact['addr'], 'data' => $verified]); $ret['success'] = true; - $token = random_string(32); + $token = Strings::getRandomHex(32); // Store the generated token in the databe. OpenWebAuthToken::create('owt', 0, $token, $contact['addr']); @@ -75,17 +90,17 @@ class Owa extends BaseModule // At a later time, we will compare weather the token we're getting // is really the same token we have stored in the database. openssl_public_encrypt($token, $result, $contact['pubkey']); - $ret['encrypted_token'] = base64url_encode($result); + $ret['encrypted_token'] = Strings::base64UrlEncode($result); } else { - logger('OWA fail: ' . $contact['id'] . ' ' . $contact['addr'] . ' ' . $contact['url'], LOGGER_DEBUG); + Logger::info('OWA fail', ['id' => $contact['id'], 'addr' => $contact['addr'], 'url' => $contact['url']]); } } else { - logger('Contact not found: ' . $handle, LOGGER_DEBUG); + Logger::info('Contact not found', ['handle' => $handle]); } } } } } - System::jsonExit($ret, 'application/x-dfrn+json'); + System::jsonExit($ret, 'application/x-zot+json'); } }