eliseuamaro/gnu-social
1
0
Fork 0
forked from GNUsocial/gnu-social
Code Issues Pull Requests Releases Wiki Activity
306d80de94
gnu-social/plugins/WebFinger/WebFingerPlugin.php
Diogo Cordeiro 46f98b3142 [VersionBump] 1.19.0, fairly late 
The core plugins whose version was attached to GS's were reseted to 2.0.0.

2.0.0 was chosen as reset version for plugins because it is higher than
  the one that was set by inheriting GS version. Furthermore, it's a
  major change from prior plugin versioning system thus it also makes
  semantic sense.

Justification for version bump:

== GS ==
9a4ab31f26 1.19.0
c13b935201 1.18.3
c13b935201 1.18.2
18fc39d2cf 1.18.1
c083a8bcc2 1.18.0
e8783d46d0 1.17.1
d9a42550ff 1.17.0
1536d3ef29 1.16.0
c03ed457a6 1.15.0
d2e6519bad 1.14.2
fe411e8138 1.14.1
b17e0b4169 1.14.0
daa5f87fd4 1.13.0
d75b5d2f4a 1.11.7
f6dbf66983 1.11.6
6cf674f8f8 1.11.5
7845a09b34 1.11.4
e4d432295d 1.11.3
339204f1ee 1.11.2
a4e679a118 1.11.1
7967db6ff5 1.11.0
bc030da320 1.10.1
9cc7df51d6 1.10.0
bf7f17474d 1.9.2
8a07edec5f 1.9.1
0042971d74 1.9.0
6b5450b7e6 1.8.0
5dcc98d1c6 1.7.0
e6667db0cd 1.6.0
3290227b50 1.5.0
a59c439b46 1.4.0
496ab8c920 1.3.10
986030060b 1.3.9
1d529c021a 1.3.8
f89c052cf8 1.3.7
38f2ecefac 1.3.6
e473937cb9 1.3.5
9a39ebe66f 1.3.4
ddc3cecfc0 1.3.3
2b43d484eb 1.3.2
e8e487187e 1.3.1

== Plugins ==
XMPP plugin
e0887220b0 bump patch
e186ad57d0 bump patch

OStatus
e186ad57d0 bump patch

Nodeinfo
ceae66a30f bump minor
586fb5a517 bump major
195296846e bump minor
2019-06-07 15:02:08 +01:00

235 lines
9.7 KiB
PHP
Raw Blame History

<?php
/*
* GNU Social - a federating social network
* Copyright (C) 2013, Free Software Foundation, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* Implements WebFinger for GNU Social, as well as support for the
* '.well-known/host-meta' resource.
*
* Depends on: LRDD plugin
*
* @package GNUsocial
* @author Mikael Nordfeldth <mmn@hethane.se>
*/
if (!defined('GNUSOCIAL')) { exit(1); }
class WebFingerPlugin extends Plugin
{
const PLUGIN_VERSION = '2.0.0';
const OAUTH_ACCESS_TOKEN_REL = 'http://apinamespace.org/oauth/access_token';
const OAUTH_REQUEST_TOKEN_REL = 'http://apinamespace.org/oauth/request_token';
const OAUTH_AUTHORIZE_REL = 'http://apinamespace.org/oauth/authorize';
public function onRouterInitialized(URLMapper $m)
{
$m->connect('.well-known/host-meta', array('action' => 'hostmeta'));
$m->connect('.well-known/host-meta.:format',
array('action' => 'hostmeta',
'format' => '(xml|json)'));
// the resource GET parameter can be anywhere, so don't mention it here
$m->connect('.well-known/webfinger', array('action' => 'webfinger'));
$m->connect('.well-known/webfinger.:format',
array('action' => 'webfinger',
'format' => '(xml|json)'));
$m->connect('main/ownerxrd', array('action' => 'ownerxrd'));
return true;
}
public function onLoginAction($action, &$login)
{
switch ($action) {
case 'hostmeta':
case 'webfinger':
$login = true;
return false;
}
return true;
}
public function onStartGetProfileAcctUri(Profile $profile, &$acct)
{
$wfr = new WebFingerResource_Profile($profile);
try {
$acct = $wfr->reconstructAcct();
} catch (Exception $e) {
return true;
}
return false;
}
public function onEndGetWebFingerResource($resource, WebFingerResource &$target=null, array $args=array())
{
$profile = null;
if (Discovery::isAcct($resource)) {
$parts = explode('@', substr(urldecode($resource), 5)); // 5 is strlen of 'acct:'
if (count($parts) == 2) {
list($nick, $domain) = $parts;
if ($domain !== common_config('site', 'server')) {
throw new Exception(_('Remote profiles not supported via WebFinger yet.'));
}
$nick = common_canonical_nickname($nick);
$user = User::getKV('nickname', $nick);
if (!($user instanceof User)) {
throw new NoSuchUserException(array('nickname'=>$nick));
}
$profile = $user->getProfile();
}
} elseif (!common_valid_http_url($resource)) {
// If it's not a URL, we can't do our http<->https legacy fix thingie anyway,
// so just try the User URI lookup!
try {
$user = User::getByUri($resource);
$profile = $user->getProfile();
} catch (NoResultException $e) {
// not a User, maybe a Notice? we'll try that further down...
}
} else {
// this means $resource is a common_valid_http_url (or https)
// First build up a set of alternative resource URLs that we can use.
$alt_urls = [$resource => true];
if (strtolower(parse_url($resource, PHP_URL_SCHEME)) === 'https'
&& common_config('fix', 'legacy_http')) {
$alt_urls[preg_replace('/^https:/i', 'http:', $resource, 1)] = true;
}
if (common_config('fix', 'fancyurls')) {
foreach (array_keys($alt_urls) as $url) {
try { // if it's a /index.php/ url
// common_fake_local_fancy_url can throw an exception
$alt_url = common_fake_local_fancy_url($url);
} catch (Exception $e) { // let's try to create a fake local /index.php/ url
// this too if it can't do anything about the URL
$alt_url = common_fake_local_nonfancy_url($url);
}
$alt_urls[$alt_url] = true;
}
}
common_debug(__METHOD__.': Generated these alternative URLs for various federation fixes: '._ve(array_keys($alt_urls)));
try {
common_debug(__METHOD__.': Finding User URI for WebFinger lookup on resource=='._ve($resource));
$user = new User();
$user->whereAddIn('uri', array_keys($alt_urls), $user->columnType('uri'));
$user->limit(1);
if ($user->find(true)) {
$profile = $user->getProfile();
}
unset($user);
} catch (Exception $e) {
// Most likely a UserNoProfileException, if it ever happens
// and then we need to do some debugging and perhaps fixes.
common_log(LOG_ERR, get_class($e).': '._ve($e->getMessage()));
throw $e;
}
try {
common_debug(__METHOD__.': Finding User_group URI for WebFinger lookup on resource=='._ve($resource));
$group = new User_group();
$group->whereAddIn('uri', array_keys($alt_urls), $group->columnType('uri'));
$group->limit(1);
if ($group->find(true)) {
$profile = $group->getProfile();
}
unset($group);
} catch (Exception $e) {
common_log(LOG_ERR, get_class($e).': '._ve($e->getMessage()));
throw $e;
}
// User URI did not match, so let's try our alt_urls as Profile URL values
if (!$profile instanceof Profile) {
common_debug(__METHOD__.': Finding Profile URLs for WebFinger lookup on resource=='._ve($resource));
// if our rewrite hack didn't work, try to get something by profile URL
$profile = new Profile();
$profile->whereAddIn('profileurl', array_keys($alt_urls), $profile->columnType('profileurl'));
$profile->limit(1);
if (!$profile->find(true) || !$profile->isLocal()) {
// * Either we didn't find the profile, then we want to make
// the $profile variable null for clarity.
// * Or we did find it but for a possibly malicious remote
// user who might've set their profile URL to a Notice URL
// which would've caused a sort of DoS unless we continue
// our search here by discarding the remote profile.
$profile = null;
}
}
}
if ($profile instanceof Profile) {
common_debug(__METHOD__.': Found Profile with ID=='._ve($profile->getID()).' for resource=='._ve($resource));
$target = new WebFingerResource_Profile($profile);
return false; // We got our target, stop handler execution
}
$notice = Notice::getKV('uri', $resource);
if ($notice instanceof Notice) {
$target = new WebFingerResource_Notice($notice);
return false;
}
return true;
}
public function onStartHostMetaLinks(array &$links)
{
foreach (Discovery::supportedMimeTypes() as $type) {
$links[] = new XML_XRD_Element_Link(Discovery::LRDD_REL,
common_local_url('webfinger') . '?resource={uri}',
$type,
true); // isTemplate
}
// OAuth connections
$links[] = new XML_XRD_Element_link(self::OAUTH_ACCESS_TOKEN_REL, common_local_url('ApiOAuthAccessToken'));
$links[] = new XML_XRD_Element_link(self::OAUTH_REQUEST_TOKEN_REL, common_local_url('ApiOAuthRequestToken'));
$links[] = new XML_XRD_Element_link(self::OAUTH_AUTHORIZE_REL, common_local_url('ApiOAuthAuthorize'));
}
/**
* Add a link header for LRDD Discovery
*/
public function onStartShowHTML($action)
{
if ($action instanceof ShowstreamAction) {
$resource = $action->getTarget()->getUri();
$url = common_local_url('webfinger') . '?resource='.urlencode($resource);
foreach (array(Discovery::JRD_MIMETYPE, Discovery::XRD_MIMETYPE) as $type) {
header('Link: <'.$url.'>; rel="'. Discovery::LRDD_REL.'"; type="'.$type.'"', false);
}
}
}
public function onPluginVersion(array &$versions)
{
$versions[] = array('name' => 'WebFinger',
'version' => self::PLUGIN_VERSION,
'author' => 'Mikael Nordfeldth',
'homepage' => 'http://www.gnu.org/software/social/',
// TRANS: Plugin description.
'rawdescription' => _m('Adds WebFinger lookup to GNU Social'));
return true;
}
}
Reference in New Issue View Git Blame Copy Permalink