public function onMagicsigPublicKeyFromXRD(XML_XRD $xrd, &$pubkey)
{
// See if we have a Diaspora public key in the XRD response
$link = $xrd->get(self::REL_PUBLIC_KEY, 'RSA');
if (!is_null($link)) {
// If we do, decode it so we have the PKCS1 format (starts with -----BEGIN PUBLIC KEY-----)
$pkcs1 = base64_decode($link->href);
$magicsig = new Magicsig(Magicsig::DEFAULT_SIGALG);
// Diaspora uses RSA-SHA256 (we do too)
try {
// Try to load the public key so we can get it in the standard Magic signature format
$magicsig->loadPublicKeyPKCS1($pkcs1);
// We found it and will now store it in $pubkey in a proper format!
// This is how it would be found in a well implemented XRD according to the standard.
$pubkey = 'data:application/magic-public-key,' . $magicsig->toString();
common_debug('magic-public-key found in diaspora-public-key: ' . $pubkey);
return false;
} catch (ServerException $e) {
common_log(LOG_WARNING, $e->getMessage());
}
}
return true;
}
public function testArrayAccess()
{
$xrd = new XML_XRD();
$xrd->loadFile(__DIR__ . '/../../../xrd/properties.xrd');
$link = $xrd->get('link');
$this->assertEquals('Stevie', $link['name']);
$this->assertEquals('green', $link['color']);
$this->assertNull($link['empty']);
$this->assertNull($link['doesnotexist']);
}
/**
* Loads the user XRD file for a given identifier
*
* The XRD is stored in the reaction object's $userXrd property,
* any error is stored in its $error property.
*
* @param string $identifier E-mail address like identifier ("user@host")
* @param string $host Hostname of $identifier
* @param object $hostMeta host-meta XRD object
*
* @return Net_WebFinger_Reaction Reaction object
*
* @see Net_WebFinger_Reaction::$error
*/
protected function loadLrdd($identifier, $host, XML_XRD $hostMeta)
{
$link = $hostMeta->get('lrdd', 'application/xrd+xml');
if ($link === null || !$link->template) {
$react = new Net_WebFinger_Reaction();
$react->error = new Net_WebFinger_Error('No lrdd link in host-meta for ' . $host, Net_WebFinger_Error::NO_LRDD_LINK);
$this->mergeHostMeta($react, $hostMeta);
return $react;
}
$account = $identifier;
$userUrl = str_replace('{uri}', urlencode($account), $link->template);
$react = $this->loadXrdCached($userUrl);
if ($react->error && $this->isHttps($userUrl)) {
//fall back to HTTP
$userUrl = 'http://' . substr($userUrl, 8);
$react = $this->loadXrdCached($userUrl);
}
if ($react->error) {
$react->error = new Net_WebFinger_Error('LRDD file not found', Net_WebFinger_Error::NO_LRDD, $react->error);
$this->mergeHostMeta($react, $hostMeta);
return $react;
}
if (!$this->isHttps($userUrl)) {
$react->secure = false;
}
$this->verifyDescribes($react, $account);
$this->mergeHostMeta($react, $hostMeta);
return $react;
}
<?php
/**
* Basic WebFinger implementation to discover a user's OpenID provider
* from just his email address
*/
if ($argc < 2) {
echo "Usage: {$argv['0']} user@example.com\n";
exit(1);
}
$email = $argv[1];
$host = substr($email, strpos($email, '@') + 1);
require_once 'XML/XRD.php';
$xrd = new XML_XRD();
try {
$xrd->loadFile('https://' . $host . '/.well-known/webfinger?resource=acct:' . $email, 'json');
} catch (XML_XRD_Exception $e) {
echo 'Loading JRD file failed: ' . $e->getMessage() . "\n";
exit(1);
}
$openIdLink = $xrd->get('http://specs.openid.net/auth/2.0/provider');
if ($openIdLink === null) {
echo "No OpenID provider found for {$email}\n";
exit(2);
}
echo $email . '\'s OpenID provider is: ' . $openIdLink->href . "\n";
