| 
									
										
										
										
											2013-09-30 17:13:03 +02:00
										 |  |  | <?php | 
					
						
							|  |  |  | /* | 
					
						
							|  |  |  |  * GNU Social - a federating social network | 
					
						
							|  |  |  |  * Copyright (C) 2013, Free Software Foundation, Inc. | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * This program is free software: you can redistribute it and/or modify | 
					
						
							|  |  |  |  * it under the terms of the GNU Affero General Public License as published by | 
					
						
							|  |  |  |  * the Free Software Foundation, either version 3 of the License, or | 
					
						
							|  |  |  |  * (at your option) any later version. | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * This program is distributed in the hope that it will be useful, | 
					
						
							|  |  |  |  * but WITHOUT ANY WARRANTY; without even the implied warranty of | 
					
						
							|  |  |  |  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | 
					
						
							|  |  |  |  * GNU Affero General Public License for more details. | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * You should have received a copy of the GNU Affero General Public License | 
					
						
							|  |  |  |  * along with this program.  If not, see <http://www.gnu.org/licenses/>. | 
					
						
							|  |  |  |  */ | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | /** | 
					
						
							|  |  |  |  * Implements WebFinger for GNU Social, as well as support for the | 
					
						
							|  |  |  |  * '.well-known/host-meta' resource. | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * Depends on: LRDD plugin | 
					
						
							|  |  |  |  * | 
					
						
							| 
									
										
										
										
											2013-10-15 00:20:36 +02:00
										 |  |  |  * @package GNUsocial | 
					
						
							| 
									
										
										
										
											2013-09-30 17:13:03 +02:00
										 |  |  |  * @author  Mikael Nordfeldth <mmn@hethane.se> | 
					
						
							|  |  |  |  */ | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | if (!defined('GNUSOCIAL')) { exit(1); } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | class WebFingerPlugin extends Plugin | 
					
						
							|  |  |  | { | 
					
						
							| 
									
										
										
										
											2019-06-03 01:56:52 +01:00
										 |  |  |     const PLUGIN_VERSION = '2.0.0'; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-06-04 18:54:09 +02:00
										 |  |  |     const OAUTH_ACCESS_TOKEN_REL    = 'http://apinamespace.org/oauth/access_token'; | 
					
						
							|  |  |  |     const OAUTH_REQUEST_TOKEN_REL   = 'http://apinamespace.org/oauth/request_token'; | 
					
						
							|  |  |  |     const OAUTH_AUTHORIZE_REL       = 'http://apinamespace.org/oauth/authorize'; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-08-27 15:00:29 +02:00
										 |  |  |     public function onRouterInitialized(URLMapper $m) | 
					
						
							| 
									
										
										
										
											2013-09-30 17:13:03 +02:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2019-07-11 19:14:03 +01:00
										 |  |  |         $m->connect('.well-known/host-meta', ['action' => 'hostmeta']); | 
					
						
							| 
									
										
										
										
											2013-09-30 17:13:03 +02:00
										 |  |  |         $m->connect('.well-known/host-meta.:format', | 
					
						
							| 
									
										
										
										
											2019-07-11 19:14:03 +01:00
										 |  |  |                     ['action' => 'hostmeta'], | 
					
						
							|  |  |  |                     ['format' => '(xml|json)']); | 
					
						
							| 
									
										
										
										
											2013-09-30 17:13:03 +02:00
										 |  |  |         // the resource GET parameter can be anywhere, so don't mention it here
 | 
					
						
							| 
									
										
										
										
											2019-07-11 19:14:03 +01:00
										 |  |  |         $m->connect('.well-known/webfinger', ['action' => 'webfinger']); | 
					
						
							| 
									
										
										
										
											2013-09-30 17:13:03 +02:00
										 |  |  |         $m->connect('.well-known/webfinger.:format', | 
					
						
							| 
									
										
										
										
											2019-07-11 19:14:03 +01:00
										 |  |  |                     ['action' => 'webfinger'], | 
					
						
							|  |  |  |                     ['format' => '(xml|json)']); | 
					
						
							|  |  |  |         $m->connect('main/ownerxrd', ['action' => 'ownerxrd']); | 
					
						
							| 
									
										
										
										
											2013-09-30 17:13:03 +02:00
										 |  |  |         return true; | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     public function onLoginAction($action, &$login) | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         switch ($action) { | 
					
						
							|  |  |  |         case 'hostmeta': | 
					
						
							|  |  |  |         case 'webfinger': | 
					
						
							|  |  |  |             $login = true; | 
					
						
							|  |  |  |             return false; | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |          | 
					
						
							|  |  |  |         return true; | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2013-10-28 18:26:00 +01:00
										 |  |  |     public function onStartGetProfileAcctUri(Profile $profile, &$acct) | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         $wfr = new WebFingerResource_Profile($profile); | 
					
						
							|  |  |  |         try { | 
					
						
							|  |  |  |             $acct = $wfr->reconstructAcct(); | 
					
						
							|  |  |  |         } catch (Exception $e) { | 
					
						
							|  |  |  |             return true; | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return false; | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2013-10-20 15:32:56 +02:00
										 |  |  |     public function onEndGetWebFingerResource($resource, WebFingerResource &$target=null, array $args=array()) | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         $profile = null; | 
					
						
							|  |  |  |         if (Discovery::isAcct($resource)) { | 
					
						
							|  |  |  |             $parts = explode('@', substr(urldecode($resource), 5)); // 5 is strlen of 'acct:'
 | 
					
						
							|  |  |  |             if (count($parts) == 2) { | 
					
						
							|  |  |  |                 list($nick, $domain) = $parts; | 
					
						
							| 
									
										
										
										
											2016-03-30 01:32:11 +02:00
										 |  |  |                 if ($domain !== common_config('site', 'server')) { | 
					
						
							| 
									
										
										
										
											2013-10-20 15:32:56 +02:00
										 |  |  |                     throw new Exception(_('Remote profiles not supported via WebFinger yet.')); | 
					
						
							|  |  |  |                 } | 
					
						
							| 
									
										
										
										
											2016-03-30 01:32:11 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |                 $nick = common_canonical_nickname($nick); | 
					
						
							|  |  |  |                 $user = User::getKV('nickname', $nick); | 
					
						
							|  |  |  |                 if (!($user instanceof User)) { | 
					
						
							|  |  |  |                     throw new NoSuchUserException(array('nickname'=>$nick)); | 
					
						
							|  |  |  |                 } | 
					
						
							|  |  |  |                 $profile = $user->getProfile(); | 
					
						
							| 
									
										
										
										
											2013-10-20 15:32:56 +02:00
										 |  |  |             } | 
					
						
							| 
									
										
										
										
											2016-03-30 01:32:11 +02:00
										 |  |  |         } elseif (!common_valid_http_url($resource)) { | 
					
						
							|  |  |  |             // If it's not a URL, we can't do our http<->https legacy fix thingie anyway,
 | 
					
						
							|  |  |  |             // so just try the User URI lookup!
 | 
					
						
							| 
									
										
										
										
											2016-02-21 18:48:48 +01:00
										 |  |  |             try { | 
					
						
							|  |  |  |                 $user = User::getByUri($resource); | 
					
						
							| 
									
										
										
										
											2013-10-20 15:32:56 +02:00
										 |  |  |                 $profile = $user->getProfile(); | 
					
						
							| 
									
										
										
										
											2016-02-21 18:48:48 +01:00
										 |  |  |             } catch (NoResultException $e) { | 
					
						
							| 
									
										
										
										
											2016-03-30 01:32:11 +02:00
										 |  |  |                 // not a User, maybe a Notice? we'll try that further down...
 | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  |         } else { | 
					
						
							|  |  |  |             // this means $resource is a common_valid_http_url (or https)
 | 
					
						
							|  |  |  |             // First build up a set of alternative resource URLs that we can use.
 | 
					
						
							|  |  |  |             $alt_urls = [$resource => true]; | 
					
						
							|  |  |  |             if (strtolower(parse_url($resource, PHP_URL_SCHEME)) === 'https' | 
					
						
							|  |  |  |                     && common_config('fix', 'legacy_http')) { | 
					
						
							|  |  |  |                 $alt_urls[preg_replace('/^https:/i', 'http:', $resource, 1)] = true; | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  |             if (common_config('fix', 'fancyurls')) { | 
					
						
							|  |  |  |                 foreach (array_keys($alt_urls) as $url) { | 
					
						
							|  |  |  |                     try {   // if it's a /index.php/ url
 | 
					
						
							|  |  |  |                         // common_fake_local_fancy_url can throw an exception
 | 
					
						
							|  |  |  |                         $alt_url = common_fake_local_fancy_url($url); | 
					
						
							|  |  |  |                     } catch (Exception $e) {    // let's try to create a fake local /index.php/ url
 | 
					
						
							|  |  |  |                         // this too if it can't do anything about the URL
 | 
					
						
							|  |  |  |                         $alt_url = common_fake_local_nonfancy_url($url); | 
					
						
							| 
									
										
										
										
											2016-02-21 20:05:32 +01:00
										 |  |  |                     } | 
					
						
							| 
									
										
										
										
											2016-03-30 01:32:11 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |                     $alt_urls[$alt_url] = true; | 
					
						
							| 
									
										
										
										
											2016-02-21 18:48:48 +01:00
										 |  |  |                 } | 
					
						
							| 
									
										
										
										
											2013-10-20 15:32:56 +02:00
										 |  |  |             } | 
					
						
							| 
									
										
										
										
											2016-03-30 01:32:11 +02:00
										 |  |  |             common_debug(__METHOD__.': Generated these alternative URLs for various federation fixes: '._ve(array_keys($alt_urls))); | 
					
						
							| 
									
										
										
										
											2013-10-20 15:32:56 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-03-30 01:32:11 +02:00
										 |  |  |             try { | 
					
						
							|  |  |  |                 common_debug(__METHOD__.': Finding User URI for WebFinger lookup on resource=='._ve($resource)); | 
					
						
							|  |  |  |                 $user = new User(); | 
					
						
							|  |  |  |                 $user->whereAddIn('uri', array_keys($alt_urls), $user->columnType('uri')); | 
					
						
							|  |  |  |                 $user->limit(1); | 
					
						
							|  |  |  |                 if ($user->find(true)) { | 
					
						
							|  |  |  |                     $profile = $user->getProfile(); | 
					
						
							|  |  |  |                 } | 
					
						
							|  |  |  |                 unset($user); | 
					
						
							|  |  |  |             } catch (Exception $e) { | 
					
						
							|  |  |  |                 // Most likely a UserNoProfileException, if it ever happens
 | 
					
						
							|  |  |  |                 // and then we need to do some debugging and perhaps fixes.
 | 
					
						
							|  |  |  |                 common_log(LOG_ERR, get_class($e).': '._ve($e->getMessage())); | 
					
						
							|  |  |  |                 throw $e; | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-06-25 20:13:19 +02:00
										 |  |  |             try { | 
					
						
							|  |  |  |                 common_debug(__METHOD__.': Finding User_group URI for WebFinger lookup on resource=='._ve($resource)); | 
					
						
							|  |  |  |                 $group = new User_group(); | 
					
						
							|  |  |  |                 $group->whereAddIn('uri', array_keys($alt_urls), $group->columnType('uri')); | 
					
						
							|  |  |  |                 $group->limit(1); | 
					
						
							|  |  |  |                 if ($group->find(true)) { | 
					
						
							|  |  |  |                     $profile = $group->getProfile(); | 
					
						
							|  |  |  |                 } | 
					
						
							|  |  |  |                 unset($group); | 
					
						
							|  |  |  |             } catch (Exception $e) { | 
					
						
							|  |  |  |                 common_log(LOG_ERR, get_class($e).': '._ve($e->getMessage())); | 
					
						
							|  |  |  |                 throw $e; | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-03-30 01:32:11 +02:00
										 |  |  |             // User URI did not match, so let's try our alt_urls as Profile URL values
 | 
					
						
							|  |  |  |             if (!$profile instanceof Profile) { | 
					
						
							|  |  |  |                 common_debug(__METHOD__.': Finding Profile URLs for WebFinger lookup on resource=='._ve($resource)); | 
					
						
							|  |  |  |                 // if our rewrite hack didn't work, try to get something by profile URL
 | 
					
						
							|  |  |  |                 $profile = new Profile(); | 
					
						
							|  |  |  |                 $profile->whereAddIn('profileurl', array_keys($alt_urls), $profile->columnType('profileurl')); | 
					
						
							|  |  |  |                 $profile->limit(1); | 
					
						
							|  |  |  |                 if (!$profile->find(true) || !$profile->isLocal()) { | 
					
						
							|  |  |  |                     // * Either we didn't find the profile, then we want to make
 | 
					
						
							|  |  |  |                     //   the $profile variable null for clarity.
 | 
					
						
							|  |  |  |                     // * Or we did find it but for a possibly malicious remote
 | 
					
						
							|  |  |  |                     //   user who might've set their profile URL to a Notice URL
 | 
					
						
							|  |  |  |                     //   which would've caused a sort of DoS unless we continue
 | 
					
						
							|  |  |  |                     //   our search here by discarding the remote profile.
 | 
					
						
							|  |  |  |                     $profile = null; | 
					
						
							|  |  |  |                 } | 
					
						
							|  |  |  |             } | 
					
						
							| 
									
										
										
										
											2016-02-21 20:05:32 +01:00
										 |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2013-10-20 15:32:56 +02:00
										 |  |  |         if ($profile instanceof Profile) { | 
					
						
							| 
									
										
										
										
											2016-03-30 01:32:11 +02:00
										 |  |  |             common_debug(__METHOD__.': Found Profile with ID=='._ve($profile->getID()).' for resource=='._ve($resource)); | 
					
						
							| 
									
										
										
										
											2013-10-20 15:32:56 +02:00
										 |  |  |             $target = new WebFingerResource_Profile($profile); | 
					
						
							|  |  |  |             return false;   // We got our target, stop handler execution
 | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         $notice = Notice::getKV('uri', $resource); | 
					
						
							|  |  |  |         if ($notice instanceof Notice) { | 
					
						
							|  |  |  |             $target = new WebFingerResource_Notice($notice); | 
					
						
							|  |  |  |             return false; | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return true; | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2013-09-30 17:13:03 +02:00
										 |  |  |     public function onStartHostMetaLinks(array &$links) | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         foreach (Discovery::supportedMimeTypes() as $type) { | 
					
						
							|  |  |  |             $links[] = new XML_XRD_Element_Link(Discovery::LRDD_REL, | 
					
						
							|  |  |  |                             common_local_url('webfinger') . '?resource={uri}', | 
					
						
							|  |  |  |                             $type, | 
					
						
							|  |  |  |                             true);    // isTemplate
 | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2015-06-04 18:54:09 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |         // OAuth connections
 | 
					
						
							|  |  |  |         $links[] = new XML_XRD_Element_link(self::OAUTH_ACCESS_TOKEN_REL,  common_local_url('ApiOAuthAccessToken')); | 
					
						
							|  |  |  |         $links[] = new XML_XRD_Element_link(self::OAUTH_REQUEST_TOKEN_REL, common_local_url('ApiOAuthRequestToken')); | 
					
						
							|  |  |  |         $links[] = new XML_XRD_Element_link(self::OAUTH_AUTHORIZE_REL,     common_local_url('ApiOAuthAuthorize')); | 
					
						
							| 
									
										
										
										
											2013-09-30 17:13:03 +02:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Add a link header for LRDD Discovery | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function onStartShowHTML($action) | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         if ($action instanceof ShowstreamAction) { | 
					
						
							| 
									
										
										
										
											2016-02-17 22:36:33 +01:00
										 |  |  |             $resource = $action->getTarget()->getUri(); | 
					
						
							|  |  |  |             $url = common_local_url('webfinger') . '?resource='.urlencode($resource); | 
					
						
							| 
									
										
										
										
											2013-09-30 17:13:03 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |             foreach (array(Discovery::JRD_MIMETYPE, Discovery::XRD_MIMETYPE) as $type) { | 
					
						
							| 
									
										
										
										
											2015-10-25 18:42:37 +00:00
										 |  |  |                 header('Link: <'.$url.'>; rel="'. Discovery::LRDD_REL.'"; type="'.$type.'"', false); | 
					
						
							| 
									
										
										
										
											2013-09-30 17:13:03 +02:00
										 |  |  |             } | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-12 15:03:30 +01:00
										 |  |  |     public function onPluginVersion(array &$versions): bool | 
					
						
							| 
									
										
										
										
											2013-09-30 17:13:03 +02:00
										 |  |  |     { | 
					
						
							|  |  |  |         $versions[] = array('name' => 'WebFinger', | 
					
						
							| 
									
										
										
										
											2019-06-03 01:56:52 +01:00
										 |  |  |                             'version' => self::PLUGIN_VERSION, | 
					
						
							| 
									
										
										
										
											2013-09-30 17:13:03 +02:00
										 |  |  |                             'author' => 'Mikael Nordfeldth', | 
					
						
							| 
									
										
										
										
											2019-11-21 00:21:22 +00:00
										 |  |  |                             'homepage' => GNUSOCIAL_ENGINE_URL, | 
					
						
							| 
									
										
										
										
											2013-09-30 17:13:03 +02:00
										 |  |  |                             // TRANS: Plugin description.
 | 
					
						
							|  |  |  |                             'rawdescription' => _m('Adds WebFinger lookup to GNU Social')); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return true; | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | } |