Make WebFinger fancyurlfix configurable
This commit is contained in:
parent
ce803f6d06
commit
c67b89e56b
@ -36,10 +36,12 @@ class WebFingerPlugin extends Plugin
|
||||
const OAUTH_AUTHORIZE_REL = 'http://apinamespace.org/oauth/authorize';
|
||||
|
||||
public $http_alias = false;
|
||||
public $fancyurlfix = true; // adds + interprets some extra aliases related to 'index.php/' URLs
|
||||
|
||||
public function initialize()
|
||||
{
|
||||
common_config_set('webfinger', 'http_alias', $this->http_alias);
|
||||
common_config_set('webfinger', 'fancyurlfix', $this->fancyurlfix);
|
||||
}
|
||||
|
||||
public function onRouterInitialized($m)
|
||||
@ -104,25 +106,32 @@ class WebFingerPlugin extends Plugin
|
||||
$user = User::getByUri($resource);
|
||||
$profile = $user->getProfile();
|
||||
} catch (NoResultException $e) {
|
||||
try {
|
||||
try { // if it's a /index.php/ url
|
||||
// common_fake_local_fancy_url can throw an exception
|
||||
$alt_url = common_fake_local_fancy_url($resource);
|
||||
} catch (Exception $e) { // let's try to create a fake local /index.php/ url
|
||||
// this too if it can't do anything about the URL
|
||||
$alt_url = common_fake_local_nonfancy_url($resource);
|
||||
}
|
||||
if (common_config('webfinger', 'fancyurlfix')) {
|
||||
try {
|
||||
try { // if it's a /index.php/ url
|
||||
// common_fake_local_fancy_url can throw an exception
|
||||
$alt_url = common_fake_local_fancy_url($resource);
|
||||
} catch (Exception $e) { // let's try to create a fake local /index.php/ url
|
||||
// this too if it can't do anything about the URL
|
||||
$alt_url = common_fake_local_nonfancy_url($resource);
|
||||
}
|
||||
|
||||
// and this will throw a NoResultException if not found
|
||||
$user = User::getByUri($alt_url);
|
||||
$profile = $user->getProfile();
|
||||
} catch (Exception $e) {
|
||||
// if our rewrite hack didn't work, try to get something by profile URL
|
||||
$profile = Profile::getKV('profileurl', $resource);
|
||||
// and this will throw a NoResultException if not found
|
||||
$user = User::getByUri($alt_url);
|
||||
$profile = $user->getProfile();
|
||||
} catch (Exception $e) {
|
||||
// apparently we didn't get any matches with that, so continue...
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// if we still haven't found a match...
|
||||
if (!$profile instanceof Profile) {
|
||||
// if our rewrite hack didn't work, try to get something by profile URL
|
||||
$profile = Profile::getKV('profileurl', $resource);
|
||||
}
|
||||
|
||||
if ($profile instanceof Profile) {
|
||||
$target = new WebFingerResource_Profile($profile);
|
||||
return false; // We got our target, stop handler execution
|
||||
|
@ -47,33 +47,33 @@ abstract class WebFingerResource
|
||||
// getUrl failed because no valid URL could be returned, just ignore it
|
||||
}
|
||||
|
||||
/**
|
||||
* Here we add some hacky hotfixes for remote lookups that have been taught the
|
||||
* (at least now) wrong URI but it's still obviously the same user. Such as:
|
||||
* - https://site.example/user/1 even if the client requests https://site.example/index.php/user/1
|
||||
* - https://site.example/user/1 even if the client requests https://site.example//index.php/user/1
|
||||
* - https://site.example/index.php/user/1 even if the client requests https://site.example/user/1
|
||||
* - https://site.example/index.php/user/1 even if the client requests https://site.example///index.php/user/1
|
||||
*/
|
||||
|
||||
|
||||
foreach(array_keys($aliases) as $alias) {
|
||||
try {
|
||||
// get a "fancy url" version of the alias, even without index.php/
|
||||
$alt_url = common_fake_local_fancy_url($alias);
|
||||
// store this as well so remote sites can be sure we really are the same profile
|
||||
$aliases[$alt_url] = true;
|
||||
} catch (Exception $e) {
|
||||
// Apparently we couldn't rewrite that, the $alias was as the function wanted it to be
|
||||
}
|
||||
|
||||
try {
|
||||
// get a non-"fancy url" version of the alias, i.e. add index.php/
|
||||
$alt_url = common_fake_local_nonfancy_url($alias);
|
||||
// store this as well so remote sites can be sure we really are the same profile
|
||||
$aliases[$alt_url] = true;
|
||||
} catch (Exception $e) {
|
||||
// Apparently we couldn't rewrite that, the $alias was as the function wanted it to be
|
||||
if (common_config('webfinger', 'fancyurlfix')) {
|
||||
/**
|
||||
* Here we add some hacky hotfixes for remote lookups that have been taught the
|
||||
* (at least now) wrong URI but it's still obviously the same user. Such as:
|
||||
* - https://site.example/user/1 even if the client requests https://site.example/index.php/user/1
|
||||
* - https://site.example/user/1 even if the client requests https://site.example//index.php/user/1
|
||||
* - https://site.example/index.php/user/1 even if the client requests https://site.example/user/1
|
||||
* - https://site.example/index.php/user/1 even if the client requests https://site.example///index.php/user/1
|
||||
*/
|
||||
foreach(array_keys($aliases) as $alias) {
|
||||
try {
|
||||
// get a "fancy url" version of the alias, even without index.php/
|
||||
$alt_url = common_fake_local_fancy_url($alias);
|
||||
// store this as well so remote sites can be sure we really are the same profile
|
||||
$aliases[$alt_url] = true;
|
||||
} catch (Exception $e) {
|
||||
// Apparently we couldn't rewrite that, the $alias was as the function wanted it to be
|
||||
}
|
||||
|
||||
try {
|
||||
// get a non-"fancy url" version of the alias, i.e. add index.php/
|
||||
$alt_url = common_fake_local_nonfancy_url($alias);
|
||||
// store this as well so remote sites can be sure we really are the same profile
|
||||
$aliases[$alt_url] = true;
|
||||
} catch (Exception $e) {
|
||||
// Apparently we couldn't rewrite that, the $alias was as the function wanted it to be
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user