function handle() { $nick = $this->user->nickname; $profile = $this->user->getProfile(); if (empty($this->xrd)) { $xrd = new XRD(); } else { $xrd = $this->xrd; } if (empty($xrd->subject)) { $xrd->subject = Discovery::normalize($this->uri); } // Possible aliases for the user $uris = array($this->user->uri, $profile->profileurl); // FIXME: Webfinger generation code should live somewhere on its own $path = common_config('site', 'path'); if (empty($path)) { $uris[] = sprintf('acct:%s@%s', $nick, common_config('site', 'server')); } foreach ($uris as $uri) { if ($uri != $xrd->subject) { $xrd->alias[] = $uri; } } $xrd->links[] = array('rel' => Discovery::PROFILEPAGE, 'type' => 'text/html', 'href' => $profile->profileurl); $xrd->links[] = array('rel' => Discovery::UPDATESFROM, 'href' => common_local_url('ApiTimelineUser', array('id' => $this->user->id, 'format' => 'atom')), 'type' => 'application/atom+xml'); // hCard $xrd->links[] = array('rel' => Discovery::HCARD, 'type' => 'text/html', 'href' => common_local_url('hcard', array('nickname' => $nick))); // XFN $xrd->links[] = array('rel' => 'http://gmpg.org/xfn/11', 'type' => 'text/html', 'href' => $profile->profileurl); // FOAF $xrd->links[] = array('rel' => 'describedby', 'type' => 'application/rdf+xml', 'href' => common_local_url('foaf', array('nickname' => $nick))); // Salmon $salmon_url = common_local_url('usersalmon', array('id' => $this->user->id)); $xrd->links[] = array('rel' => Salmon::REL_SALMON, 'href' => $salmon_url); // XXX : Deprecated - to be removed. $xrd->links[] = array('rel' => Salmon::NS_REPLIES, 'href' => $salmon_url); $xrd->links[] = array('rel' => Salmon::NS_MENTIONS, 'href' => $salmon_url); // Get this user's keypair $magickey = Magicsig::staticGet('user_id', $this->user->id); if (!$magickey) { // No keypair yet, let's generate one. $magickey = new Magicsig(); $magickey->generate($this->user->id); } $xrd->links[] = array('rel' => Magicsig::PUBLICKEYREL, 'href' => 'data:application/magic-public-key,' . $magickey->toString(false)); // TODO - finalize where the redirect should go on the publisher $url = common_local_url('ostatussub') . '?profile={uri}'; $xrd->links[] = array('rel' => 'http://ostatus.org/schema/1.0/subscribe', 'template' => $url); $url = common_local_url('tagprofile') . '?uri={uri}'; $xrd->links[] = array('rel' => 'http://ostatus.org/schema/1.0/tag', 'template' => $url); header('Content-type: application/xrd+xml'); print $xrd->toXML(); }
public function createMagicEnv($text, $actor) { $magic_env = new MagicEnvelope(); $user = User::staticGet('id', $actor->id); if ($user->id) { // Use local key $magickey = Magicsig::staticGet('user_id', $user->id); if (!$magickey) { // No keypair yet, let's generate one. $magickey = new Magicsig(); $magickey->generate($user->id); } } else { throw new Exception("Salmon invalid actor for signing"); } try { $env = $magic_env->signMessage($text, 'application/atom+xml', $magickey->toString()); } catch (Exception $e) { return $text; } return $magic_env->toXML($env); }
function handle() { $nick = $this->user->nickname; if (empty($this->xrd)) { $xrd = new XRD(); } else { $xrd = $this->xrd; } if (empty($xrd->subject)) { $xrd->subject = Discovery::normalize($this->uri); } $xrd->alias[] = $this->user->uri; $xrd->links[] = array('rel' => Discovery::PROFILEPAGE, 'type' => 'text/html', 'href' => $this->user->uri); $xrd->links[] = array('rel' => Discovery::UPDATESFROM, 'href' => common_local_url('ApiTimelineUser', array('id' => $this->user->id, 'format' => 'atom')), 'type' => 'application/atom+xml'); // hCard $xrd->links[] = array('rel' => Discovery::HCARD, 'type' => 'text/html', 'href' => common_local_url('hcard', array('nickname' => $nick))); // XFN $xrd->links[] = array('rel' => 'http://gmpg.org/xfn/11', 'type' => 'text/html', 'href' => $this->user->uri); // FOAF $xrd->links[] = array('rel' => 'describedby', 'type' => 'application/rdf+xml', 'href' => common_local_url('foaf', array('nickname' => $nick))); // Salmon $salmon_url = common_local_url('usersalmon', array('id' => $this->user->id)); $xrd->links[] = array('rel' => Salmon::NS_REPLIES, 'href' => $salmon_url); $xrd->links[] = array('rel' => Salmon::NS_MENTIONS, 'href' => $salmon_url); // Get this user's keypair $magickey = Magicsig::staticGet('user_id', $this->user->id); if (!$magickey) { // No keypair yet, let's generate one. $magickey = new Magicsig(); $magickey->generate($this->user->id); } $xrd->links[] = array('rel' => Magicsig::PUBLICKEYREL, 'href' => 'data:application/magic-public-key,' . $magickey->toString(false)); // TODO - finalize where the redirect should go on the publisher $url = common_local_url('ostatussub') . '?profile={uri}'; $xrd->links[] = array('rel' => 'http://ostatus.org/schema/1.0/subscribe', 'template' => $url); header('Content-type: text/xml'); print $xrd->toXML(); }
/** * Encode the given string as a signed MagicEnvelope XML document, * using the keypair for the given local user profile. We can of * course not sign a remote profile's slap, since we don't have the * private key. * * Side effects: will create and store a keypair on-demand if one * hasn't already been generated for this user. This can be very slow * on some systems. * * @param string $text XML fragment to sign, assumed to be Atom * @param User $user User who cryptographically signs $text * * @return MagicEnvelope object complete with signature * * @throws Exception on bad profile input or key generation problems */ public static function signAsUser($text, User $user) { // Find already stored key $magicsig = Magicsig::getKV('user_id', $user->id); if (!$magicsig instanceof Magicsig) { $magicsig = Magicsig::generate($user); } assert($magicsig instanceof Magicsig); assert($magicsig->privateKey instanceof Crypt_RSA); $magic_env = new MagicEnvelope(); $magic_env->signMessage($text, 'application/atom+xml', $magicsig); return $magic_env; }
function onEndXrdActionLinks(&$xrd, $user) { $xrd->links[] = array('rel' => Discovery::UPDATESFROM, 'href' => common_local_url('ApiTimelineUser', array('id' => $user->id, 'format' => 'atom')), 'type' => 'application/atom+xml'); // Salmon $salmon_url = common_local_url('usersalmon', array('id' => $user->id)); $xrd->links[] = array('rel' => Salmon::REL_SALMON, 'href' => $salmon_url); // XXX : Deprecated - to be removed. $xrd->links[] = array('rel' => Salmon::NS_REPLIES, 'href' => $salmon_url); $xrd->links[] = array('rel' => Salmon::NS_MENTIONS, 'href' => $salmon_url); // Get this user's keypair $magickey = Magicsig::staticGet('user_id', $user->id); if (!$magickey) { // No keypair yet, let's generate one. $magickey = new Magicsig(); $magickey->generate($user->id); } $xrd->links[] = array('rel' => Magicsig::PUBLICKEYREL, 'href' => 'data:application/magic-public-key,' . $magickey->toString(false)); // TODO - finalize where the redirect should go on the publisher $url = common_local_url('ostatussub') . '?profile={uri}'; $xrd->links[] = array('rel' => 'http://ostatus.org/schema/1.0/subscribe', 'template' => $url); return true; }
/** * * @param <type> $text * @param <type> $mimetype * @param Magicsig $magicsig Magicsig with private key available. * * @return MagicEnvelope object with all properties set * * @throws Exception of various kinds on signing failure */ public function signMessage($text, $mimetype) { if (!$this->actor instanceof Profile) { throw new ServerException('No profile to sign message with is set.'); } elseif (!$this->actor->isLocal()) { throw new ServerException('Cannot sign magic envelopes with remote users since we have no private key.'); } // Find already stored key $magicsig = Magicsig::getKV('user_id', $this->actor->getID()); if (!$magicsig instanceof Magicsig) { // and if it doesn't exist, it is time to create one! $magicsig = Magicsig::generate($this->actor->getUser()); } assert($magicsig instanceof Magicsig); assert($magicsig->privateKey instanceof Crypt_RSA); // Prepare text and metadata for signing $this->data = Magicsig::base64_url_encode($text); $this->data_type = $mimetype; $this->encoding = self::ENCODING; $this->alg = $magicsig->getName(); // Get the actual signature $this->sig = $magicsig->sign($this->signingText()); }
protected function addWebFingerPersonLinks(XML_XRD $xrd, Profile $target) { $xrd->links[] = new XML_XRD_Element_Link(Discovery::UPDATESFROM, common_local_url('ApiTimelineUser', array('id' => $target->id, 'format' => 'atom')), 'application/atom+xml'); // Get this profile's keypair $magicsig = Magicsig::getKV('user_id', $target->id); if (!$magicsig instanceof Magicsig && $target->isLocal()) { $magicsig = Magicsig::generate($target->getUser()); } if (!$magicsig instanceof Magicsig) { return false; // value doesn't mean anything, just figured I'd indicate this function didn't do anything } if (Event::handle('StartAttachPubkeyToUserXRD', array($magicsig, $xrd, $target))) { $xrd->links[] = new XML_XRD_Element_Link(Magicsig::PUBLICKEYREL, 'data:application/magic-public-key,' . $magicsig->toString()); // The following event handles plugins like Diaspora which add their own version of the Magicsig pubkey Event::handle('EndAttachPubkeyToUserXRD', array($magicsig, $xrd, $target)); } }