Improve debugging for Salmon slaps

diff --git a/plugins/OStatus/lib/magicenvelope.php b/plugins/OStatus/lib/magicenvelope.php
index a257656762c739d81483d6dcac389574ba966bb2..e61a04b9326d8b6991ba086a412ce6ed26d5939b 100644 (file)
--- a/plugins/OStatus/lib/magicenvelope.php
+++ b/plugins/OStatus/lib/magicenvelope.php
@@ -251,11 +251,12 @@ class MagicEnvelope
      *
      * Details of failure conditions are dumped to output log and not exposed to caller.
      *
-     * @param Profile $profile optional profile used to get locally cached public signature key.
+     * @param Profile $profile profile used to get locally cached public signature key
+     *                         or if necessary perform discovery on.
      *
      * @return boolean
      */
-    public function verify(Profile $profile=null)
+    public function verify(Profile $profile)
     {
         if ($this->alg != 'RSA-SHA256') {
             common_log(LOG_DEBUG, "Salmon error: bad algorithm");

diff --git a/plugins/OStatus/lib/salmonaction.php b/plugins/OStatus/lib/salmonaction.php
index 647187f323bbe501d268dc641fd8807a3fa9f917..e217fd5a002780cb913bde399ce427d501a9d41d 100644 (file)
--- a/plugins/OStatus/lib/salmonaction.php
+++ b/plugins/OStatus/lib/salmonaction.php
@@ -28,8 +28,6 @@ class SalmonAction extends Action
 {
     protected $needPost = true;
 
-    protected $verified = false;
-
     var $xml      = null;
     var $activity = null;
     var $target   = null;
@@ -45,21 +43,20 @@ class SalmonAction extends Action
             $this->clientError(_m('Salmon requires "application/magic-envelope+xml".'));
         }
 
-        $envxml = file_get_contents('php://input');
-        $magic_env = new MagicEnvelope($envxml);   // parse incoming XML as a MagicEnvelope
-
-        $entry = $magic_env->getPayload();  // Not cryptographically verified yet!
-        $this->activity = new Activity($entry->documentElement);
-
         try {
-            $profile = Profile::fromUri($this->activity->actor->id);
-            $this->verified = $magic_env->verify($profile);
-        } catch (UnknownUriException $e) {
-            // If we don't know the profile, perform some discovery instead
-            $this->verified = $magic_env->verify();
+            $envxml = file_get_contents('php://input');
+            $magic_env = new MagicEnvelope($envxml);   // parse incoming XML as a MagicEnvelope
+
+            $entry = $magic_env->getPayload();  // Not cryptographically verified yet!
+            $this->activity = new Activity($entry->documentElement);
+            $oprofile = $this->ensureProfile();
+        } catch (Exception $e) {
+            common_debug('Salmon envelope parsing failed with: '.$e->getMessage());
+            $this->clientError($e->getMessage());
         }
 
-        if (!$this->verified) {
+        // Cryptographic verification test
+        if (!$magic_env->verify($oprofile->localProfile())) {
             common_log(LOG_DEBUG, "Salmon signature verification failed.");
             // TRANS: Client error.
             $this->clientError(_m('Salmon signature verification failed.'));

diff --git a/plugins/OStatus/tests/slap.php b/plugins/OStatus/tests/slap.php
index 99fb6c631caa19fcba389cacc847ac5f606f04ba..afaa6810a16e2f317d6591e20560c48e5a895113 100644 (file)
--- a/plugins/OStatus/tests/slap.php
+++ b/plugins/OStatus/tests/slap.php
@@ -60,7 +60,9 @@ print "\n\n";
 
 echo "== Testing local verification ==\n\n";
 $magic_env = new MagicEnvelope($envxml);
-$ok = $magic_env->verify();
+$activity = new Activity($magic_env->getPayload()->documentElement);
+$profile = Profile::fromUri($activity->actor->id);
+$ok = $magic_env->verify($profile);
 if ($ok) {
     print "OK\n\n";
 } else {