From 4bf26eff4ccf96624f47ac27be51c6de221f7f01 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 13 Feb 2016 13:57:15 +0100 Subject: [PATCH] socialfy-your-domain updated for webfinger (not tested) --- socialfy-your-domain/README.txt | 59 +++++++------------ socialfy-your-domain/dot-well-known/host-meta | 9 +-- .../webfinger}/example@example.com.xml | 22 +++---- .../webfinger}/index.php | 31 +++++----- 4 files changed, 49 insertions(+), 72 deletions(-) rename socialfy-your-domain/{xrd => dot-well-known/webfinger}/example@example.com.xml (54%) rename socialfy-your-domain/{xrd => dot-well-known/webfinger}/index.php (65%) diff --git a/socialfy-your-domain/README.txt b/socialfy-your-domain/README.txt index 3e2688f86b..b7691abe8d 100644 --- a/socialfy-your-domain/README.txt +++ b/socialfy-your-domain/README.txt @@ -4,65 +4,46 @@ Initial simple way to Webfinger enable your domain -- needs PHP. Step 1 ====== -First, put the folders 'xrd' and 'dot-well-known' on your website, so -they load at: +Put the 'dot-well-known' on your website, so it loads at: - http://yourname.com/xrd/ + https://example.com/.well-known/ - and - - http://yourname.com/.well-known/ - - (Remember the . at the beginning of this one) - -NOTE: If you're using https, make sure each instance of http:// for - your own domain ("example.com") is replaced with https:// +(Remember the . at the beginning of this one, which is common practice +for "hidden" files and why we have renamed it "dot-") Step 2 ====== -Next, edit xrd/index.php and enter a secret in this line: - -$s = ""; - -This can be anything you like... - -$s = "johnny5"; - -or - -$s = "12345"; - -It really doesn't matter too much. +Edit the .well-known/host-meta file and replace "example.com" with the +domain name you're hosting the .well-known directory on. +Using vim you can do this as a quick method: + $ vim .well-known/host-meta [ENTER] + :%s/example.com/domain.com/ [ENTER] + :wq [ENTER] Step 3 ====== -Edit the .well-known/host-meta file and replace all occurrences of -"example.com" with your domain name. - -Step 4 -====== - For each user on your site, and this might only be you... -In the xrd directory, make a copy of the example@example.com.xml file -so that it's called... +In the webfinger directory, make a copy of the example@example.com.xml file +so that it's called (replace username and example.com with appropriate +values, the domain name should be the same as you're "socialifying"): - yoursecretusername@domain.com.xml + username@example.com.xml -So, if your secret from step 2 is 'johnny5' and your name is 'ben' and -your domain is 'titanictoycorp.biz', your file should be called -johnny5ben@titanictoycorp.biz.xml - -Then edit the file, replacing "social.example.com" with your GNU -social instance's base path, and change the user ID number (and +Then edit the file contents, replacing "social.example.com" with your +GNU social instance's base path, and change the user ID number (and nickname for the FOAF link) to that of your account on your social site. If you don't know your user ID number, you can see this on your GNU social profile page by looking at the destination URLs in the Feeds links. +PROTIP: You can get the bulk of the contents (note the element though) + from curling down your real webfinger data: +$ curl https://social.example.com/.well-known/webfinger?resource=acct:username@social.example.com + Finally ======= diff --git a/socialfy-your-domain/dot-well-known/host-meta b/socialfy-your-domain/dot-well-known/host-meta index 1929b2eb8e..bba942f673 100644 --- a/socialfy-your-domain/dot-well-known/host-meta +++ b/socialfy-your-domain/dot-well-known/host-meta @@ -1,8 +1,5 @@ - - example.com - - WebFinger resource descriptor - + + diff --git a/socialfy-your-domain/xrd/example@example.com.xml b/socialfy-your-domain/dot-well-known/webfinger/example@example.com.xml similarity index 54% rename from socialfy-your-domain/xrd/example@example.com.xml rename to socialfy-your-domain/dot-well-known/webfinger/example@example.com.xml index b713efe95b..e95662b6fe 100644 --- a/socialfy-your-domain/xrd/example@example.com.xml +++ b/socialfy-your-domain/dot-well-known/webfinger/example@example.com.xml @@ -1,35 +1,35 @@ - acct:example@example.com - acct:example@social.example.com - http://social.example.com/user/1 + acct:username@example.com + acct:username@social.example.com + https://social.example.com/user/1 + href="https://social.example.com/user/1"/> + href="https://social.example.com/api/statuses/user_timeline/1.atom"/> + href="https://social.example.com/hcard"/> --> + href="https://social.example.com/user/1"/> + href="https://social.example.com/username/foaf"/> + href="https://social.example.com/main/salmon/user/1"/> + href="https://social.example.com/main/salmon/user/1"/> + template="https://social.example.com/main/ostatussub?profile={uri}"/> diff --git a/socialfy-your-domain/xrd/index.php b/socialfy-your-domain/dot-well-known/webfinger/index.php similarity index 65% rename from socialfy-your-domain/xrd/index.php rename to socialfy-your-domain/dot-well-known/webfinger/index.php index 25f1d8bf3c..989b3203be 100644 --- a/socialfy-your-domain/xrd/index.php +++ b/socialfy-your-domain/dot-well-known/webfinger/index.php @@ -19,23 +19,22 @@ */ -$s = ""; +// basename should make sure we can't escape this directory +$u = basename($_GET['resource']); -/* this should be a secret */ - -$u = $_GET['uri']; - -$u = substr($u, 5); - -$f = $s . $u . ".xml"; - -if (file_exists($f)) { - $fh = fopen($f, 'r'); - $c = fread($fh, filesize($f)); - fclose($fh); - header('Content-type: text/xml'); - echo $c; +if (!strpos($u, '@')) { + throw new Exception('Bad resource'); + exit(1); } +if (mb_strpos($u, 'acct:')===0) { + $u = substr($u, 5); +} -?> \ No newline at end of file +$f = $u . ".xml"; + +if (file_exists($f)) { + header('Content-Disposition: attachment; filename="'.urlencode($f).'"'); + header('Content-type: application/xrd+xml'); + echo file_get_contents($f); +}