X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModule%2FXrd.php;h=6a4c0e860d31be4c12b07e005074a705d3647ba8;hb=c58dd5b471f9d2712893137308afa8436a19bd2f;hp=48623bf70d093c8457f58c66f952845fe1e9f9b8;hpb=24ecf5954c59f88c4adc56425bf1520d158d7da6;p=friendica.git diff --git a/src/Module/Xrd.php b/src/Module/Xrd.php index 48623bf70d..6a4c0e860d 100644 --- a/src/Module/Xrd.php +++ b/src/Module/Xrd.php @@ -1,6 +1,6 @@ getArgv()[0] == 'xrd') { @@ -45,52 +44,53 @@ class Xrd extends BaseModule return; } - $uri = urldecode(Strings::escapeTags(trim($_GET['uri']))); + $uri = urldecode(trim($_GET['uri'])); if (strpos($_SERVER['HTTP_ACCEPT'] ?? '', 'application/jrd+json') !== false) { - $mode = 'json'; + $mode = Response::TYPE_JSON; } else { - $mode = 'xml'; + $mode = Response::TYPE_XML; } } else { if (empty($_GET['resource'])) { return; } - $uri = urldecode(Strings::escapeTags(trim($_GET['resource']))); + $uri = urldecode(trim($_GET['resource'])); if (strpos($_SERVER['HTTP_ACCEPT'] ?? '', 'application/xrd+xml') !== false) { - $mode = 'xml'; + $mode = Response::TYPE_XML; } else { - $mode = 'json'; + $mode = Response::TYPE_JSON; } } if (substr($uri, 0, 4) === 'http') { $name = ltrim(basename($uri), '~'); + $host = parse_url($uri, PHP_URL_HOST); } else { $local = str_replace('acct:', '', $uri); if (substr($local, 0, 2) == '//') { $local = substr($local, 2); } - $name = substr($local, 0, strpos($local, '@')); + list($name, $host) = explode('@', $local); + } + + if (!empty($host) && $host !== DI::baseUrl()->getHost()) { + DI::logger()->notice('Invalid host name for xrd query',['host' => $host, 'uri' => $uri]); + throw new NotFoundException('Invalid host name for xrd query: ' . $host); } if ($name == User::getActorName()) { $owner = User::getSystemAccount(); if (empty($owner)) { - throw new \Friendica\Network\HTTPException\NotFoundException(); + throw new NotFoundException('System account was not found. Please setup your Friendica installation properly.'); } - self::printSystemJSON($owner); + $this->printSystemJSON($owner); } else { - $user = User::getByNickname($name); - if (empty($user)) { - throw new \Friendica\Network\HTTPException\NotFoundException(); - } - - $owner = User::getOwnerDataById($user['uid']); + $owner = User::getOwnerDataByNick($name); if (empty($owner)) { - DI::logger()->warning('No owner data for user id', ['uri' => $uri, 'name' => $name, 'user' => $user]); - throw new \Friendica\Network\HTTPException\NotFoundException(); + DI::logger()->notice('No owner data for user id', ['uri' => $uri, 'name' => $name]); + throw new NotFoundException('Owner was not found for user->uid=' . $name); } $alias = str_replace('/profile/', '/~', $owner['url']); @@ -102,15 +102,16 @@ class Xrd extends BaseModule $avatar = ['type' => 'image/jpeg']; } - if ($mode == 'xml') { - self::printXML($alias, DI::baseUrl()->get(), $user, $owner, $avatar); + if ($mode == Response::TYPE_XML) { + $this->printXML($alias, $owner, $avatar); } else { - self::printJSON($alias, DI::baseUrl()->get(), $owner, $avatar); + $this->printJSON($alias, $owner, $avatar); } } - private static function printSystemJSON(array $owner) + private function printSystemJSON(array $owner) { + $baseURL = (string)$this->baseUrl; $json = [ 'subject' => 'acct:' . $owner['addr'], 'aliases' => [$owner['url']], @@ -127,26 +128,26 @@ class Xrd extends BaseModule ], [ 'rel' => 'http://ostatus.org/schema/1.0/subscribe', - 'template' => DI::baseUrl()->get() . '/follow?url={uri}', + 'template' => $baseURL . '/contact/follow?url={uri}', ], [ 'rel' => ActivityNamespace::FEED, 'type' => 'application/atom+xml', - 'href' => $owner['poll'] ?? DI::baseUrl()->get(), + 'href' => $owner['poll'] ?? $baseURL, ], [ 'rel' => 'salmon', - 'href' => DI::baseUrl()->get() . '/salmon/' . $owner['nickname'], + 'href' => $baseURL . '/salmon/' . $owner['nickname'], ], [ 'rel' => 'http://microformats.org/profile/hcard', 'type' => 'text/html', - 'href' => DI::baseUrl()->get() . '/hcard/' . $owner['nickname'], + 'href' => $baseURL . '/hcard/' . $owner['nickname'], ], [ 'rel' => 'http://joindiaspora.com/seed_location', 'type' => 'text/html', - 'href' => DI::baseUrl()->get(), + 'href' => $baseURL, ], ] ]; @@ -154,9 +155,9 @@ class Xrd extends BaseModule System::jsonExit($json, 'application/jrd+json; charset=utf-8'); } - private static function printJSON($alias, $baseURL, $owner, $avatar) + private function printJSON(string $alias, array $owner, array $avatar) { - $salmon_key = Salmon::salmonKey($owner['spubkey']); + $baseURL = (string)$this->baseUrl; $json = [ 'subject' => 'acct:' . $owner['addr'], @@ -189,14 +190,10 @@ class Xrd extends BaseModule 'type' => 'text/html', 'href' => $baseURL . '/hcard/' . $owner['nickname'], ], - [ - 'rel' => ActivityNamespace::POCO, - 'href' => $owner['poco'], - ], [ 'rel' => 'http://webfinger.net/rel/avatar', 'type' => $avatar['type'], - 'href' => User::getAvatarUrlForId($owner['uid']), + 'href' => User::getAvatarUrl($owner), ], [ 'rel' => 'http://joindiaspora.com/seed_location', @@ -217,11 +214,11 @@ class Xrd extends BaseModule ], [ 'rel' => 'http://ostatus.org/schema/1.0/subscribe', - 'template' => $baseURL . '/follow?url={uri}', + 'template' => $baseURL . '/contact/follow?url={uri}', ], [ 'rel' => 'magic-public-key', - 'href' => 'data:application/magic-public-key,' . $salmon_key, + 'href' => 'data:application/magic-public-key,' . Salmon::salmonKey($owner['spubkey']), ], [ 'rel' => 'http://purl.org/openwebauth/v1', @@ -235,36 +232,101 @@ class Xrd extends BaseModule System::jsonExit($json, 'application/jrd+json; charset=utf-8'); } - private static function printXML($alias, $baseURL, $user, $owner, $avatar) + private function printXML(string $alias, array $owner, array $avatar) { - $salmon_key = Salmon::salmonKey($owner['spubkey']); - - header('Access-Control-Allow-Origin: *'); - header('Content-type: text/xml'); + $baseURL = (string)$this->baseUrl; - $tpl = Renderer::getMarkupTemplate('xrd_person.tpl'); - - $o = Renderer::replaceMacros($tpl, [ - '$nick' => $owner['nickname'], - '$accturi' => 'acct:' . $owner['addr'], - '$alias' => $alias, - '$profile_url' => $owner['url'], - '$hcard_url' => $baseURL . '/hcard/' . $owner['nickname'], - '$atom' => $owner['poll'], - '$poco_url' => $owner['poco'], - '$photo' => User::getAvatarUrlForId($owner['uid']), - '$type' => $avatar['type'], - '$salmon' => $baseURL . '/salmon/' . $owner['nickname'], - '$salmen' => $baseURL . '/salmon/' . $owner['nickname'] . '/mention', - '$subscribe' => $baseURL . '/follow?url={uri}', - '$openwebauth' => $baseURL . '/owa', - '$modexp' => 'data:application/magic-public-key,' . $salmon_key + $xmlString = XML::fromArray([ + 'XRD' => [ + '@attributes' => [ + 'xmlns' => 'http://docs.oasis-open.org/ns/xri/xrd-1.0', + ], + 'Subject' => 'acct:' . $owner['addr'], + '1:Alias' => $owner['url'], + '2:Alias' => $alias, + '1:link' => [ + '@attributes' => [ + 'rel' => 'http://purl.org/macgirvin/dfrn/1.0', + 'href' => $owner['url'] + ] + ], + '2:link' => [ + '@attributes' => [ + 'rel' => 'http://schemas.google.com/g/2010#updates-from', + 'type' => 'application/atom+xml', + 'href' => $owner['poll'] + ] + ], + '3:link' => [ + '@attributes' => [ + 'rel' => 'http://webfinger.net/rel/profile-page', + 'type' => 'text/html', + 'href' => $owner['url'] + ] + ], + '4:link' => [ + '@attributes' => [ + 'rel' => 'http://microformats.org/profile/hcard', + 'type' => 'text/html', + 'href' => $baseURL . '/hcard/' . $owner['nickname'] + ] + ], + '5:link' => [ + '@attributes' => [ + 'rel' => 'http://webfinger.net/rel/avatar', + 'type' => $avatar['type'], + 'href' => User::getAvatarUrl($owner) + ] + ], + '6:link' => [ + '@attributes' => [ + 'rel' => 'http://joindiaspora.com/seed_location', + 'type' => 'text/html', + 'href' => $baseURL + ] + ], + '7:link' => [ + '@attributes' => [ + 'rel' => 'salmon', + 'href' => $baseURL . '/salmon/' . $owner['nickname'] + ] + ], + '8:link' => [ + '@attributes' => [ + 'rel' => 'http://salmon-protocol.org/ns/salmon-replies', + 'href' => $baseURL . '/salmon/' . $owner['nickname'] + ] + ], + '9:link' => [ + '@attributes' => [ + 'rel' => 'http://salmon-protocol.org/ns/salmon-mention', + 'href' => $baseURL . '/salmon/' . $owner['nickname'] . '/mention' + ] + ], + '10:link' => [ + '@attributes' => [ + 'rel' => 'http://ostatus.org/schema/1.0/subscribe', + 'template' => $baseURL . '/contact/follow?url={uri}' + ] + ], + '11:link' => [ + '@attributes' => [ + 'rel' => 'magic-public-key', + 'href' => 'data:application/magic-public-key,' . Salmon::salmonKey($owner['spubkey']) + ] + ], + '12:link' => [ + '@attributes' => [ + 'rel' => 'http://purl.org/openwebauth/v1', + 'type' => 'application/x-zot+json', + 'href' => $baseURL . '/owa' + ] + ], + ], ]); - $arr = ['user' => $user, 'xml' => $o]; - Hook::callAll('personal_xrd', $arr); + header('Access-Control-Allow-Origin: *'); - echo $arr['xml']; - exit(); + System::httpExit($xmlString, Response::TYPE_XML, 'application/xrd+xml'); } }