function handle()
{
$nick = $this->user->nickname;
$profile = $this->user->getProfile();
if (empty($this->xrd)) {
$xrd = new XRD();
} else {
$xrd = $this->xrd;
}
if (empty($xrd->subject)) {
$xrd->subject = Discovery::normalize($this->uri);
}
// Possible aliases for the user
$uris = array($this->user->uri, $profile->profileurl);
// FIXME: Webfinger generation code should live somewhere on its own
$path = common_config('site', 'path');
if (empty($path)) {
$uris[] = sprintf('acct:%s@%s', $nick, common_config('site', 'server'));
}
foreach ($uris as $uri) {
if ($uri != $xrd->subject) {
$xrd->alias[] = $uri;
}
}
$xrd->links[] = array('rel' => Discovery::PROFILEPAGE, 'type' => 'text/html', 'href' => $profile->profileurl);
$xrd->links[] = array('rel' => Discovery::UPDATESFROM, 'href' => common_local_url('ApiTimelineUser', array('id' => $this->user->id, 'format' => 'atom')), 'type' => 'application/atom+xml');
// hCard
$xrd->links[] = array('rel' => Discovery::HCARD, 'type' => 'text/html', 'href' => common_local_url('hcard', array('nickname' => $nick)));
// XFN
$xrd->links[] = array('rel' => 'http://gmpg.org/xfn/11', 'type' => 'text/html', 'href' => $profile->profileurl);
// FOAF
$xrd->links[] = array('rel' => 'describedby', 'type' => 'application/rdf+xml', 'href' => common_local_url('foaf', array('nickname' => $nick)));
// Salmon
$salmon_url = common_local_url('usersalmon', array('id' => $this->user->id));
$xrd->links[] = array('rel' => Salmon::REL_SALMON, 'href' => $salmon_url);
// XXX : Deprecated - to be removed.
$xrd->links[] = array('rel' => Salmon::NS_REPLIES, 'href' => $salmon_url);
$xrd->links[] = array('rel' => Salmon::NS_MENTIONS, 'href' => $salmon_url);
// Get this user's keypair
$magickey = Magicsig::staticGet('user_id', $this->user->id);
if (!$magickey) {
// No keypair yet, let's generate one.
$magickey = new Magicsig();
$magickey->generate($this->user->id);
}
$xrd->links[] = array('rel' => Magicsig::PUBLICKEYREL, 'href' => 'data:application/magic-public-key,' . $magickey->toString(false));
// TODO - finalize where the redirect should go on the publisher
$url = common_local_url('ostatussub') . '?profile={uri}';
$xrd->links[] = array('rel' => 'http://ostatus.org/schema/1.0/subscribe', 'template' => $url);
$url = common_local_url('tagprofile') . '?uri={uri}';
$xrd->links[] = array('rel' => 'http://ostatus.org/schema/1.0/tag', 'template' => $url);
header('Content-type: application/xrd+xml');
print $xrd->toXML();
}
public function createMagicEnv($text, $actor)
{
$magic_env = new MagicEnvelope();
$user = User::staticGet('id', $actor->id);
if ($user->id) {
// Use local key
$magickey = Magicsig::staticGet('user_id', $user->id);
if (!$magickey) {
// No keypair yet, let's generate one.
$magickey = new Magicsig();
$magickey->generate($user->id);
}
} else {
throw new Exception("Salmon invalid actor for signing");
}
try {
$env = $magic_env->signMessage($text, 'application/atom+xml', $magickey->toString());
} catch (Exception $e) {
return $text;
}
return $magic_env->toXML($env);
}
function handle()
{
$nick = $this->user->nickname;
if (empty($this->xrd)) {
$xrd = new XRD();
} else {
$xrd = $this->xrd;
}
if (empty($xrd->subject)) {
$xrd->subject = Discovery::normalize($this->uri);
}
$xrd->alias[] = $this->user->uri;
$xrd->links[] = array('rel' => Discovery::PROFILEPAGE, 'type' => 'text/html', 'href' => $this->user->uri);
$xrd->links[] = array('rel' => Discovery::UPDATESFROM, 'href' => common_local_url('ApiTimelineUser', array('id' => $this->user->id, 'format' => 'atom')), 'type' => 'application/atom+xml');
// hCard
$xrd->links[] = array('rel' => Discovery::HCARD, 'type' => 'text/html', 'href' => common_local_url('hcard', array('nickname' => $nick)));
// XFN
$xrd->links[] = array('rel' => 'http://gmpg.org/xfn/11', 'type' => 'text/html', 'href' => $this->user->uri);
// FOAF
$xrd->links[] = array('rel' => 'describedby', 'type' => 'application/rdf+xml', 'href' => common_local_url('foaf', array('nickname' => $nick)));
// Salmon
$salmon_url = common_local_url('usersalmon', array('id' => $this->user->id));
$xrd->links[] = array('rel' => Salmon::NS_REPLIES, 'href' => $salmon_url);
$xrd->links[] = array('rel' => Salmon::NS_MENTIONS, 'href' => $salmon_url);
// Get this user's keypair
$magickey = Magicsig::staticGet('user_id', $this->user->id);
if (!$magickey) {
// No keypair yet, let's generate one.
$magickey = new Magicsig();
$magickey->generate($this->user->id);
}
$xrd->links[] = array('rel' => Magicsig::PUBLICKEYREL, 'href' => 'data:application/magic-public-key,' . $magickey->toString(false));
// TODO - finalize where the redirect should go on the publisher
$url = common_local_url('ostatussub') . '?profile={uri}';
$xrd->links[] = array('rel' => 'http://ostatus.org/schema/1.0/subscribe', 'template' => $url);
header('Content-type: text/xml');
print $xrd->toXML();
}
/**
* Encode the given string as a signed MagicEnvelope XML document,
* using the keypair for the given local user profile. We can of
* course not sign a remote profile's slap, since we don't have the
* private key.
*
* Side effects: will create and store a keypair on-demand if one
* hasn't already been generated for this user. This can be very slow
* on some systems.
*
* @param string $text XML fragment to sign, assumed to be Atom
* @param User $user User who cryptographically signs $text
*
* @return MagicEnvelope object complete with signature
*
* @throws Exception on bad profile input or key generation problems
*/
public static function signAsUser($text, User $user)
{
// Find already stored key
$magicsig = Magicsig::getKV('user_id', $user->id);
if (!$magicsig instanceof Magicsig) {
$magicsig = Magicsig::generate($user);
}
assert($magicsig instanceof Magicsig);
assert($magicsig->privateKey instanceof Crypt_RSA);
$magic_env = new MagicEnvelope();
$magic_env->signMessage($text, 'application/atom+xml', $magicsig);
return $magic_env;
}
function onEndXrdActionLinks(&$xrd, $user)
{
$xrd->links[] = array('rel' => Discovery::UPDATESFROM, 'href' => common_local_url('ApiTimelineUser', array('id' => $user->id, 'format' => 'atom')), 'type' => 'application/atom+xml');
// Salmon
$salmon_url = common_local_url('usersalmon', array('id' => $user->id));
$xrd->links[] = array('rel' => Salmon::REL_SALMON, 'href' => $salmon_url);
// XXX : Deprecated - to be removed.
$xrd->links[] = array('rel' => Salmon::NS_REPLIES, 'href' => $salmon_url);
$xrd->links[] = array('rel' => Salmon::NS_MENTIONS, 'href' => $salmon_url);
// Get this user's keypair
$magickey = Magicsig::staticGet('user_id', $user->id);
if (!$magickey) {
// No keypair yet, let's generate one.
$magickey = new Magicsig();
$magickey->generate($user->id);
}
$xrd->links[] = array('rel' => Magicsig::PUBLICKEYREL, 'href' => 'data:application/magic-public-key,' . $magickey->toString(false));
// TODO - finalize where the redirect should go on the publisher
$url = common_local_url('ostatussub') . '?profile={uri}';
$xrd->links[] = array('rel' => 'http://ostatus.org/schema/1.0/subscribe', 'template' => $url);
return true;
}
/**
*
* @param <type> $text
* @param <type> $mimetype
* @param Magicsig $magicsig Magicsig with private key available.
*
* @return MagicEnvelope object with all properties set
*
* @throws Exception of various kinds on signing failure
*/
public function signMessage($text, $mimetype)
{
if (!$this->actor instanceof Profile) {
throw new ServerException('No profile to sign message with is set.');
} elseif (!$this->actor->isLocal()) {
throw new ServerException('Cannot sign magic envelopes with remote users since we have no private key.');
}
// Find already stored key
$magicsig = Magicsig::getKV('user_id', $this->actor->getID());
if (!$magicsig instanceof Magicsig) {
// and if it doesn't exist, it is time to create one!
$magicsig = Magicsig::generate($this->actor->getUser());
}
assert($magicsig instanceof Magicsig);
assert($magicsig->privateKey instanceof Crypt_RSA);
// Prepare text and metadata for signing
$this->data = Magicsig::base64_url_encode($text);
$this->data_type = $mimetype;
$this->encoding = self::ENCODING;
$this->alg = $magicsig->getName();
// Get the actual signature
$this->sig = $magicsig->sign($this->signingText());
}
protected function addWebFingerPersonLinks(XML_XRD $xrd, Profile $target)
{
$xrd->links[] = new XML_XRD_Element_Link(Discovery::UPDATESFROM, common_local_url('ApiTimelineUser', array('id' => $target->id, 'format' => 'atom')), 'application/atom+xml');
// Get this profile's keypair
$magicsig = Magicsig::getKV('user_id', $target->id);
if (!$magicsig instanceof Magicsig && $target->isLocal()) {
$magicsig = Magicsig::generate($target->getUser());
}
if (!$magicsig instanceof Magicsig) {
return false;
// value doesn't mean anything, just figured I'd indicate this function didn't do anything
}
if (Event::handle('StartAttachPubkeyToUserXRD', array($magicsig, $xrd, $target))) {
$xrd->links[] = new XML_XRD_Element_Link(Magicsig::PUBLICKEYREL, 'data:application/magic-public-key,' . $magicsig->toString());
// The following event handles plugins like Diaspora which add their own version of the Magicsig pubkey
Event::handle('EndAttachPubkeyToUserXRD', array($magicsig, $xrd, $target));
}
}
