protected function prepare(array $args = array())
{
GNUsocial::setApi(true);
// Send smaller error pages
parent::prepare($args);
if (!isset($_SERVER['CONTENT_TYPE'])) {
// TRANS: Client error. Do not translate "Content-type"
$this->clientError(_m('Salmon requires a Content-type header.'));
}
$envxml = null;
switch ($_SERVER['CONTENT_TYPE']) {
case 'application/magic-envelope+xml':
$envxml = file_get_contents('php://input');
break;
case 'application/x-www-form-urlencoded':
$envxml = Magicsig::base64_url_decode($this->trimmed('xml'));
break;
default:
// TRANS: Client error. Do not translate the quoted "application/[type]" strings.
$this->clientError(_m('Salmon requires "application/magic-envelope+xml". For Diaspora we also accept "application/x-www-form-urlencoded" with an "xml" parameter.', 415));
}
try {
if (empty($envxml)) {
throw new ClientException('No magic envelope supplied in POST.');
}
$magic_env = new MagicEnvelope($envxml);
// parse incoming XML as a MagicEnvelope
$entry = $magic_env->getPayload();
// Not cryptographically verified yet!
$this->activity = new Activity($entry->documentElement);
if (empty($this->activity->actor->id)) {
common_log(LOG_ERR, "broken actor: " . var_export($this->activity->actor->id, true));
common_log(LOG_ERR, "activity with no actor: " . var_export($this->activity, true));
// TRANS: Exception.
throw new Exception(_m('Received a salmon slap from unidentified actor.'));
}
// ensureProfiles sets $this->actor and $this->oprofile
$this->ensureProfiles();
} catch (Exception $e) {
common_debug('Salmon envelope parsing failed with: ' . $e->getMessage());
$this->clientError($e->getMessage());
}
// Cryptographic verification test
if (!$magic_env->verify($this->actor)) {
common_log(LOG_DEBUG, "Salmon signature verification failed.");
// TRANS: Client error.
$this->clientError(_m('Salmon signature verification failed.'));
}
return true;
}
$notice = Notice::getKV('id', $notice_id);
$profile = $notice->getProfile();
$entry = $notice->asAtomEntry(true);
echo "== Original entry ==\n\n";
print $entry;
print "\n\n";
$magic_env = MagicEnvelope::signAsUser($entry, $profile->getUser());
$envxml = $magic_env->toXML();
echo "== Signed envelope ==\n\n";
print $envxml;
print "\n\n";
echo "== Testing local verification ==\n\n";
$magic_env = new MagicEnvelope($envxml);
$activity = new Activity($magic_env->getPayload()->documentElement);
$actprofile = Profile::fromUri($activity->actor->id);
$ok = $magic_env->verify($actprofile);
if ($ok) {
print "OK\n\n";
} else {
print "FAIL\n\n";
}
if (have_option('--verify')) {
$url = 'http://www.madebymonsieur.com/ostatus_discovery/magic_env/validate/';
echo "== Testing remote verification ==\n\n";
print "Sending for verification to {$url} ...\n";
$client = new HTTPClient();
$response = $client->post($url, array(), array('magic_env' => $envxml));
print $response->getStatus() . "\n\n";
print $response->getBody() . "\n\n";
}
if (have_option('--slap')) {
public function verifyMagicEnv($text)
{
$magic_env = new MagicEnvelope();
$env = $magic_env->parse($text);
return $magic_env->verify($env);
}
