mirror of
https://github.com/friendica/friendica
synced 2025-01-07 04:04:42 +00:00
6fc9c6de3b
implement base64UrlEncode and base64UrlDecode functions
182 lines
3.6 KiB
Text
182 lines
3.6 KiB
Text
|
|
Initial cut at Zot-2012 protocol. This is a very rough draft of some very rough ideas and concepts.
|
|
It is not yet intended to be a definitive specification and many things like the security handshakes are yet to be specified precisely.
|
|
|
|
All communications are https
|
|
|
|
|
|
First create a global unique userid
|
|
|
|
|
|
Site userid:
|
|
https://macgirvin.com/1
|
|
|
|
$guuid = Strings::base64UrlEncode(hash('whirlpool','https://macgirvin.com/1.' . mt_rand(1000000,9999999),1);
|
|
|
|
|
|
Then create a hashed site destination.
|
|
|
|
$gduid = Strings::base64UrlEncode(hash('whirlpool', $guuid . 'https://macgirvin.com',1);
|
|
|
|
These two keys will identify you as a person+site pair in the future.
|
|
You will also obtain a password upon introducing yourself to a site.
|
|
This can be used to edit locations in the future. You will always keep your global unique userid
|
|
|
|
|
|
The steps to connect with somebody are to first register your location with their site.
|
|
Then introduce yourself to the person. This contains flags for the desired relationship.
|
|
At some future time, they may confirm and adjust the relationship based on their comfort level.
|
|
Lack of confirmation is tantamount to denial.
|
|
|
|
You can set either or both of FOLLOW and SHARE which indicates the relationship from your viewpoint.
|
|
They may do likewise.
|
|
|
|
A relationship is based on you as a person and provided you register new locations with the site you can post from anywhere.
|
|
You do not need to register locations with each person, only with the site.
|
|
|
|
|
|
Introduce yourself to a site:
|
|
|
|
|
|
POST https://example.com/post
|
|
|
|
{
|
|
'type' => 'register'
|
|
'person' => $guuid
|
|
'address' => $gduid
|
|
'site' => 'https://macgirvin.com'
|
|
'info' => 'mike@macgirvin.com'
|
|
}
|
|
|
|
Returns:
|
|
|
|
{
|
|
'success' => 'true'
|
|
'pass' => me_encrypt($random_string)
|
|
}
|
|
|
|
---
|
|
Add location
|
|
---
|
|
|
|
POST https://example.com/post
|
|
|
|
{
|
|
'type' => 'location'
|
|
'person' => $guuid
|
|
'address' => $new_gduid
|
|
'site' => 'https://newsite.com'
|
|
'info' => 'mike@newsite.com'
|
|
'pass' => me_encrypt($gduid . '.' . $pass)
|
|
}
|
|
|
|
Returns:
|
|
|
|
{
|
|
'success' => 'true'
|
|
'pass' => me_encrypt($random_string)
|
|
}
|
|
|
|
---
|
|
Remove location
|
|
---
|
|
|
|
POST https://example.com/post
|
|
|
|
{
|
|
'type' => 'remove_location'
|
|
'person' => $guuid
|
|
'address' => $gduid
|
|
'pass' => me_encrypt($pass)
|
|
}
|
|
|
|
Returns:
|
|
|
|
{
|
|
'success' => 'true'
|
|
'message' => 'OK'
|
|
}
|
|
|
|
|
|
------------
|
|
Make friends
|
|
------------
|
|
This message may be reversed/repeated by the destination site to confirm.
|
|
flags is the desired friendship bits. The same message may be used with different flags
|
|
to edit or remove a relationship.
|
|
|
|
|
|
POST https://example.com/post
|
|
|
|
{
|
|
'type' => 'contact'
|
|
'person' => $gduid
|
|
'address' => $guuid
|
|
'target' => 'bobjones@example.com'
|
|
'flags' => HIDDEN=0,FOLLOW=1,SHARE=1,NOHIDDEN=1,NOFOLLOW=0,NOSHARE=0
|
|
'confirm' => me_encrypt($guuid . '.' . $pass)
|
|
}
|
|
|
|
Returns:
|
|
|
|
{
|
|
'success' => 'true'
|
|
'message' => 'OK'
|
|
'flags' => PENDING=1
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
-------
|
|
Message
|
|
-------
|
|
|
|
Passing messages is done asynchronously. This may (potentially) relieve a lot of the burden of distribution from the posting site. If you're on site 'A' and make a post, site 'A' just contacts any downstream sites and informs them that there is new content (via a $post_id). The downstream site initiates the actual data transfer.
|
|
|
|
|
|
|
|
|
|
|
|
POST https://example.com/post
|
|
|
|
{
|
|
'type' => 'post'
|
|
'person' => $guuid
|
|
'address' => $gduid
|
|
'post' => $post_id
|
|
}
|
|
|
|
Returns:
|
|
{
|
|
'success' => 'true'
|
|
'message' => 'OK'
|
|
}
|
|
|
|
|
|
--------
|
|
Callback
|
|
--------
|
|
|
|
POST https://macgirvin.com/post
|
|
|
|
{
|
|
'type' => 'retrieve'
|
|
'retrieve' => $post_id
|
|
'challenge' => you_encrypt('abc123')
|
|
'verify' => me_encrypt('xyz456' . '.' . $gduid)
|
|
}
|
|
|
|
Returns:
|
|
|
|
{
|
|
'success' => 'true'
|
|
'message' => 'OK'
|
|
'response' => 'abc123'
|
|
'data' => encrypted or raw structured post
|
|
}
|
|
|
|
|