Merge pull request #2652 from annando/1606-diaspora-fetch3
Diaspora: Support for reading the /fetch/post/ functionality
This commit is contained in:
commit
9262afef93
|
@ -100,6 +100,59 @@ class diaspora {
|
||||||
return($signature);
|
return($signature);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @brief verify the envelope and return the verified data
|
||||||
|
*
|
||||||
|
* @param string $envelope The magic envelope
|
||||||
|
*
|
||||||
|
* @return string verified data
|
||||||
|
*/
|
||||||
|
private function verify_magic_envelope($envelope) {
|
||||||
|
|
||||||
|
$basedom = parse_xml_string($envelope, false);
|
||||||
|
|
||||||
|
if (!is_object($basedom)) {
|
||||||
|
logger("Envelope is no XML file");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$children = $basedom->children('http://salmon-protocol.org/ns/magic-env');
|
||||||
|
|
||||||
|
if (sizeof($children) == 0) {
|
||||||
|
logger("XML has no children");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$handle = "";
|
||||||
|
|
||||||
|
$data = base64url_decode($children->data);
|
||||||
|
$type = $children->data->attributes()->type[0];
|
||||||
|
|
||||||
|
$encoding = $children->encoding;
|
||||||
|
|
||||||
|
$alg = $children->alg;
|
||||||
|
|
||||||
|
$sig = base64url_decode($children->sig);
|
||||||
|
$key_id = $children->sig->attributes()->key_id[0];
|
||||||
|
if ($key_id != "")
|
||||||
|
$handle = base64url_decode($key_id);
|
||||||
|
|
||||||
|
$b64url_data = base64url_encode($data);
|
||||||
|
$msg = str_replace(array("\n", "\r", " ", "\t"), array("", "", "", ""), $b64url_data);
|
||||||
|
|
||||||
|
$signable_data = $msg.".".base64url_encode($type).".".base64url_encode($encoding).".".base64url_encode($alg);
|
||||||
|
|
||||||
|
$key = self::key($handle);
|
||||||
|
|
||||||
|
$verify = rsa_verify($signable_data, $sig, $key);
|
||||||
|
if (!$verify) {
|
||||||
|
logger('Message did not verify. Discarding.');
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
return $data;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief: Decodes incoming Diaspora message
|
* @brief: Decodes incoming Diaspora message
|
||||||
*
|
*
|
||||||
|
@ -233,7 +286,6 @@ class diaspora {
|
||||||
return array('message' => (string)$inner_decrypted,
|
return array('message' => (string)$inner_decrypted,
|
||||||
'author' => unxmlify($author_link),
|
'author' => unxmlify($author_link),
|
||||||
'key' => (string)$key);
|
'key' => (string)$key);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -816,11 +868,30 @@ class diaspora {
|
||||||
if ($level > 5)
|
if ($level > 5)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
// This will work for Diaspora and newer Friendica servers
|
// This will work for new Diaspora servers and Friendica servers from 3.5
|
||||||
|
$source_url = $server."/fetch/post/".$guid;
|
||||||
|
logger("Fetch post from ".$source_url, LOGGER_DEBUG);
|
||||||
|
|
||||||
|
$envelope = fetch_url($source_url);
|
||||||
|
if($envelope) {
|
||||||
|
logger("Envelope was fetched.", LOGGER_DEBUG);
|
||||||
|
$x = self::verify_magic_envelope($envelope);
|
||||||
|
if (!$x)
|
||||||
|
logger("Envelope could not be verified.", LOGGER_DEBUG);
|
||||||
|
else
|
||||||
|
logger("Envelope was verified.", LOGGER_DEBUG);
|
||||||
|
} else
|
||||||
|
$x = false;
|
||||||
|
|
||||||
|
// This will work for older Diaspora and Friendica servers
|
||||||
|
if (!$x) {
|
||||||
$source_url = $server."/p/".$guid.".xml";
|
$source_url = $server."/p/".$guid.".xml";
|
||||||
|
logger("Fetch post from ".$source_url, LOGGER_DEBUG);
|
||||||
|
|
||||||
$x = fetch_url($source_url);
|
$x = fetch_url($source_url);
|
||||||
if(!$x)
|
if(!$x)
|
||||||
return false;
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
$source_xml = parse_xml_string($x, false);
|
$source_xml = parse_xml_string($x, false);
|
||||||
|
|
||||||
|
@ -829,9 +900,11 @@ class diaspora {
|
||||||
|
|
||||||
if ($source_xml->post->reshare) {
|
if ($source_xml->post->reshare) {
|
||||||
// Reshare of a reshare - old Diaspora version
|
// Reshare of a reshare - old Diaspora version
|
||||||
|
logger("Message is a reshare", LOGGER_DEBUG);
|
||||||
return self::message($source_xml->post->reshare->root_guid, $server, ++$level);
|
return self::message($source_xml->post->reshare->root_guid, $server, ++$level);
|
||||||
} elseif ($source_xml->getName() == "reshare") {
|
} elseif ($source_xml->getName() == "reshare") {
|
||||||
// Reshare of a reshare - new Diaspora version
|
// Reshare of a reshare - new Diaspora version
|
||||||
|
logger("Message is a new reshare", LOGGER_DEBUG);
|
||||||
return self::message($source_xml->root_guid, $server, ++$level);
|
return self::message($source_xml->root_guid, $server, ++$level);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -844,8 +917,10 @@ class diaspora {
|
||||||
$author = (string)$source_xml->author;
|
$author = (string)$source_xml->author;
|
||||||
|
|
||||||
// If this isn't a "status_message" then quit
|
// If this isn't a "status_message" then quit
|
||||||
if (!$author)
|
if (!$author) {
|
||||||
|
logger("Message doesn't seem to be a status message", LOGGER_DEBUG);
|
||||||
return false;
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
$msg = array("message" => $x, "author" => $author);
|
$msg = array("message" => $x, "author" => $author);
|
||||||
|
|
||||||
|
@ -1912,27 +1987,15 @@ class diaspora {
|
||||||
|
|
||||||
if (!$r) {
|
if (!$r) {
|
||||||
$server = "https://".substr($orig_author, strpos($orig_author, "@") + 1);
|
$server = "https://".substr($orig_author, strpos($orig_author, "@") + 1);
|
||||||
logger("1st try: reshared message ".$guid." will be fetched from original server: ".$server);
|
logger("1st try: reshared message ".$guid." will be fetched via SSL from the server ".$server);
|
||||||
$item_id = self::store_by_guid($guid, $server);
|
$item_id = self::store_by_guid($guid, $server);
|
||||||
|
|
||||||
if (!$item_id) {
|
if (!$item_id) {
|
||||||
$server = "http://".substr($orig_author, strpos($orig_author, "@") + 1);
|
$server = "http://".substr($orig_author, strpos($orig_author, "@") + 1);
|
||||||
logger("2nd try: reshared message ".$guid." will be fetched from original server: ".$server);
|
logger("2nd try: reshared message ".$guid." will be fetched without SLL from the server ".$server);
|
||||||
$item_id = self::store_by_guid($guid, $server);
|
$item_id = self::store_by_guid($guid, $server);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Deactivated by now since there is a risk that someone could manipulate postings through this method
|
|
||||||
/* if (!$item_id) {
|
|
||||||
$server = "https://".substr($author, strpos($author, "@") + 1);
|
|
||||||
logger("3rd try: reshared message ".$guid." will be fetched from sharer's server: ".$server);
|
|
||||||
$item_id = self::store_by_guid($guid, $server);
|
|
||||||
}
|
|
||||||
if (!$item_id) {
|
|
||||||
$server = "http://".substr($author, strpos($author, "@") + 1);
|
|
||||||
logger("4th try: reshared message ".$guid." will be fetched from sharer's server: ".$server);
|
|
||||||
$item_id = self::store_by_guid($guid, $server);
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
if ($item_id) {
|
if ($item_id) {
|
||||||
$r = q("SELECT `body`, `tag`, `app`, `created`, `object-type`, `uri`, `guid`,
|
$r = q("SELECT `body`, `tag`, `app`, `created`, `object-type`, `uri`, `guid`,
|
||||||
`author-name`, `author-link`, `author-avatar`
|
`author-name`, `author-link`, `author-avatar`
|
||||||
|
@ -2265,7 +2328,7 @@ class diaspora {
|
||||||
* @return string The envelope
|
* @return string The envelope
|
||||||
*/
|
*/
|
||||||
|
|
||||||
function build_magic_envelope($msg, $user) {
|
public static function build_magic_envelope($msg, $user) {
|
||||||
|
|
||||||
$b64url_data = base64url_encode($msg);
|
$b64url_data = base64url_encode($msg);
|
||||||
$data = str_replace(array("\n", "\r", " ", "\t"), array("", "", "", ""), $b64url_data);
|
$data = str_replace(array("\n", "\r", " ", "\t"), array("", "", "", ""), $b64url_data);
|
||||||
|
|
Loading…
Reference in a new issue