*
* Details of failure conditions are dumped to output log and not exposed to caller.
*
- * @param Profile $profile optional profile used to get locally cached public signature key.
+ * @param Profile $profile profile used to get locally cached public signature key
+ * or if necessary perform discovery on.
*
* @return boolean
*/
- public function verify(Profile $profile=null)
+ public function verify(Profile $profile)
{
if ($this->alg != 'RSA-SHA256') {
common_log(LOG_DEBUG, "Salmon error: bad algorithm");
{
protected $needPost = true;
- protected $verified = false;
-
var $xml = null;
var $activity = null;
var $target = null;
$this->clientError(_m('Salmon requires "application/magic-envelope+xml".'));
}
- $envxml = file_get_contents('php://input');
- $magic_env = new MagicEnvelope($envxml); // parse incoming XML as a MagicEnvelope
-
- $entry = $magic_env->getPayload(); // Not cryptographically verified yet!
- $this->activity = new Activity($entry->documentElement);
-
try {
- $profile = Profile::fromUri($this->activity->actor->id);
- $this->verified = $magic_env->verify($profile);
- } catch (UnknownUriException $e) {
- // If we don't know the profile, perform some discovery instead
- $this->verified = $magic_env->verify();
+ $envxml = file_get_contents('php://input');
+ $magic_env = new MagicEnvelope($envxml); // parse incoming XML as a MagicEnvelope
+
+ $entry = $magic_env->getPayload(); // Not cryptographically verified yet!
+ $this->activity = new Activity($entry->documentElement);
+ $oprofile = $this->ensureProfile();
+ } catch (Exception $e) {
+ common_debug('Salmon envelope parsing failed with: '.$e->getMessage());
+ $this->clientError($e->getMessage());
}
- if (!$this->verified) {
+ // Cryptographic verification test
+ if (!$magic_env->verify($oprofile->localProfile())) {
common_log(LOG_DEBUG, "Salmon signature verification failed.");
// TRANS: Client error.
$this->clientError(_m('Salmon signature verification failed.'));
echo "== Testing local verification ==\n\n";
$magic_env = new MagicEnvelope($envxml);
-$ok = $magic_env->verify();
+$activity = new Activity($magic_env->getPayload()->documentElement);
+$profile = Profile::fromUri($activity->actor->id);
+$ok = $magic_env->verify($profile);
if ($ok) {
print "OK\n\n";
} else {