2012-08-22 04:18:01 +00:00
< ? php
function zfinger_init ( & $a ) {
2012-08-22 04:39:21 +00:00
require_once ( 'include/zot.php' );
2012-09-10 04:17:06 +00:00
require_once ( 'include/crypto.php' );
2012-08-22 04:18:01 +00:00
2012-08-27 06:05:00 +00:00
$ret = array ( 'success' => false );
2013-01-04 03:34:04 +00:00
$zhash = (( x ( $_REQUEST , 'guid_hash' )) ? $_REQUEST [ 'guid_hash' ] : '' );
$zguid = (( x ( $_REQUEST , 'guid' )) ? $_REQUEST [ 'guid' ] : '' );
$zguid_sig = (( x ( $_REQUEST , 'guid_sig' )) ? $_REQUEST [ 'guid_sig' ] : '' );
$zaddr = (( x ( $_REQUEST , 'address' )) ? $_REQUEST [ 'address' ] : '' );
$ztarget = (( x ( $_REQUEST , 'target' )) ? $_REQUEST [ 'target' ] : '' );
$zsig = (( x ( $_REQUEST , 'target_sig' )) ? $_REQUEST [ 'target_sig' ] : '' );
$zkey = (( x ( $_REQUEST , 'key' )) ? $_REQUEST [ 'key' ] : '' );
$mindate = (( x ( $_REQUEST , 'mindate' )) ? $_REQUEST [ 'mindate' ] : '' );
$feed = (( x ( $_REQUEST , 'feed' )) ? intval ( $_REQUEST [ 'feed' ]) : 0 );
2012-11-02 22:34:35 +00:00
if ( $ztarget ) {
if (( ! $zkey ) || ( ! $zsig ) || ( ! rsa_verify ( $ztarget , base64url_decode ( $zsig ), $zkey ))) {
logger ( 'zfinger: invalid target signature' );
$ret [ 'message' ] = t ( " invalid target signature " );
json_return_and_die ( $ret );
}
}
2012-11-01 03:53:02 +00:00
2012-12-26 00:57:48 +00:00
// allow re-written domains so bob@foo.example.com can provide an address of bob@example.com
// The top-level domain also needs to redirect .well-known/zot-info to the sub-domain with a 301 or 308
// TODO: Make 308 work in include/network.php for zot_fetch_url and zot_post_url
if (( $zaddr ) && ( $s = get_config ( 'system' , 'zotinfo_domainrewrite' ))) {
$arr = explode ( '^' , $s );
if ( count ( $arr ) == 2 )
$zaddr = str_replace ( $arr [ 0 ], $arr [ 1 ], $zaddr );
}
2012-08-27 06:05:00 +00:00
$r = null ;
2012-11-13 00:16:37 +00:00
if ( strlen ( $zhash )) {
2012-11-01 00:38:22 +00:00
$r = q ( " select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash
2012-11-11 04:08:07 +00:00
where channel_hash = '%s' limit 1 " ,
dbesc ( $zhash )
2012-08-27 06:05:00 +00:00
);
}
2013-01-03 00:28:47 +00:00
elseif ( strlen ( $zguid ) && strlen ( $zguid_sig )) {
2012-11-13 00:16:37 +00:00
$r = q ( " select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash
where channel_guid = '%s' and channel_guid_sig = '%s' limit 1 " ,
dbesc ( $zguid ),
dbesc ( $zguid_sig )
);
}
2012-08-27 06:05:00 +00:00
elseif ( strlen ( $zaddr )) {
2012-11-01 00:38:22 +00:00
$r = q ( " select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash
where channel_address = '%s' limit 1 " ,
2012-08-27 06:05:00 +00:00
dbesc ( $zaddr )
);
}
else {
$ret [ 'message' ] = 'Invalid request' ;
json_return_and_die ( $ret );
}
2012-08-22 04:18:01 +00:00
2012-11-13 00:16:37 +00:00
if ( ! $r ) {
2012-08-27 06:05:00 +00:00
$ret [ 'message' ] = 'Item not found.' ;
json_return_and_die ( $ret );
}
$e = $r [ 0 ];
2012-08-22 04:18:01 +00:00
2012-09-26 00:57:20 +00:00
$id = $e [ 'channel_id' ];
2012-11-13 00:16:37 +00:00
2012-12-20 06:45:49 +00:00
$searchable = (( $e [ 'channel_pageflags' ] & PAGE_HIDDEN ) ? false : true );
2013-01-22 08:20:25 +00:00
if ( $e [ 'xchan_flags' ] & XCHAN_FLAGS_HIDDEN )
$searchable = false ;
2012-12-27 00:43:13 +00:00
// This is for birthdays and keywords, but must check access permissions
$p = q ( " select * from profile where uid = %d and is_default = 1 " ,
intval ( $e [ 'channel_id' ])
);
$profile = array ();
if ( $p ) {
2012-12-28 07:33:37 +00:00
$profile [ 'description' ] = $p [ 0 ][ 'pdesc' ];
$profile [ 'birthday' ] = $p [ 0 ][ 'dob' ];
if ( $profile [ 'birthday' ] != '0000-00-00' )
$profile [ 'next_birthday' ] = z_birthday ( $p [ 0 ][ 'dob' ], $e [ 'channel_timezone' ]);
$profile [ 'gender' ] = $p [ 0 ][ 'gender' ];
$profile [ 'marital' ] = $p [ 0 ][ 'marital' ];
$profile [ 'sexual' ] = $p [ 0 ][ 'sexual' ];
$profile [ 'locale' ] = $p [ 0 ][ 'locality' ];
$profile [ 'region' ] = $p [ 0 ][ 'region' ];
$profile [ 'postcode' ] = $p [ 0 ][ 'postal_code' ];
$profile [ 'country' ] = $p [ 0 ][ 'country_name' ];
2012-12-27 00:50:52 +00:00
if ( $p [ 0 ][ 'keywords' ]) {
$tags = array ();
$k = explode ( ' ' , $p [ 0 ][ 'keywords' ]);
if ( $k )
foreach ( $k as $kk )
if ( trim ( $kk ))
$tags [] = trim ( $kk );
if ( $tags )
$profile [ 'keywords' ] = $tags ;
}
2012-12-27 00:43:13 +00:00
}
2012-08-31 01:17:38 +00:00
2012-08-27 06:05:00 +00:00
$ret [ 'success' ] = true ;
2012-08-22 06:11:27 +00:00
2012-08-27 06:05:00 +00:00
// Communication details
2012-08-22 06:11:27 +00:00
2012-11-01 08:49:00 +00:00
$ret [ 'guid' ] = $e [ 'xchan_guid' ];
$ret [ 'guid_sig' ] = $e [ 'xchan_guid_sig' ];
$ret [ 'key' ] = $e [ 'xchan_pubkey' ];
$ret [ 'name' ] = $e [ 'xchan_name' ];
$ret [ 'name_updated' ] = $e [ 'xchan_name_date' ];
$ret [ 'address' ] = $e [ 'xchan_addr' ];
2012-11-01 09:00:25 +00:00
$ret [ 'photo_mimetype' ] = $e [ 'xchan_photo_mimetype' ];
2012-11-01 08:49:00 +00:00
$ret [ 'photo' ] = $e [ 'xchan_photo_l' ];
$ret [ 'photo_updated' ] = $e [ 'xchan_photo_date' ];
2012-11-01 08:53:57 +00:00
$ret [ 'url' ] = $e [ 'xchan_url' ];
2013-01-01 09:57:20 +00:00
$ret [ 'connections_url' ] = (( $e [ 'xchan_connurl' ]) ? $e [ 'xchan_connurl' ] : z_root () . '/poco/' . $e [ 'channel_address' ]);
2012-11-01 08:53:57 +00:00
$ret [ 'name_updated' ] = $e [ 'xchan_name_date' ];
2012-11-01 08:49:00 +00:00
$ret [ 'target' ] = $ztarget ;
$ret [ 'target_sig' ] = $zsig ;
2012-12-20 06:45:49 +00:00
$ret [ 'searchable' ] = $searchable ;
2012-11-01 03:53:02 +00:00
2013-01-04 09:41:18 +00:00
// wtf
// if(! $e['xchan_connurl'])
2013-01-01 09:57:20 +00:00
2012-11-02 21:48:33 +00:00
// FIXME encrypt permissions when targeted so that only the target can view them, requires sending the pubkey and also checking that the target_sig is signed with that pubkey and isn't a forgery.
2013-01-04 09:41:18 +00:00
logger ( 'zot-info: ' . print_r ( $e , true ));
2012-11-02 23:25:59 +00:00
$permissions = get_all_perms ( $e [ 'channel_id' ],(( $ztarget && $zsig )
2012-11-01 03:53:02 +00:00
? base64url_encode ( hash ( 'whirlpool' , $ztarget . $zsig , true ))
: '' ), false );
2013-01-04 09:41:18 +00:00
$ret [ 'permissions' ] = (( $ztarget && $zkey ) ? aes_encapsulate ( json_encode ( $permissions ), $zkey ) : $permissions );
2012-08-22 04:18:01 +00:00
2012-12-27 00:43:13 +00:00
if ( $permissions [ 'view_profile' ])
$ret [ 'profile' ] = $profile ;
2012-08-31 01:17:38 +00:00
2013-01-04 03:34:04 +00:00
// if($feed && $permissions['view_stream'])
// $ret['messages'] = $zot_feed($e['channel_id'],(($ztarget && $zsig)
// ? base64url_encode(hash('whirlpool',$ztarget . $zsig,true))
// : '' ),$mindate);
2012-09-26 00:57:20 +00:00
// array of (verified) hubs this channel uses
2012-08-27 06:05:00 +00:00
2012-11-01 03:53:02 +00:00
$ret [ 'locations' ] = array ();
2012-11-01 00:38:22 +00:00
$x = zot_get_hubloc ( array ( $e [ 'channel_hash' ]));
2012-08-27 06:05:00 +00:00
if ( $x && count ( $x )) {
foreach ( $x as $hub ) {
if ( ! ( $hub [ 'hubloc_flags' ] & HUBLOC_FLAGS_UNVERIFIED )) {
2012-11-01 03:53:02 +00:00
$ret [ 'locations' ][] = array (
'host' => $hub [ 'hubloc_host' ],
'address' => $hub [ 'hubloc_addr' ],
2012-08-27 06:05:00 +00:00
'primary' => (( $hub [ 'hubloc_flags' ] & HUBLOC_FLAGS_PRIMARY ) ? true : false ),
'url' => $hub [ 'hubloc_url' ],
2012-10-31 23:55:19 +00:00
'url_sig' => $hub [ 'hubloc_url_sig' ],
2012-08-27 06:05:00 +00:00
'callback' => $hub [ 'hubloc_callback' ],
'sitekey' => $hub [ 'hubloc_sitekey' ]
);
2012-08-22 04:39:21 +00:00
}
}
2012-08-27 06:05:00 +00:00
}
2012-08-22 04:39:21 +00:00
2012-12-20 08:27:01 +00:00
$ret [ 'site' ] = array ();
$ret [ 'site' ][ 'url' ] = z_root ();
$dirmode = get_config ( 'system' , 'directory_mode' );
if (( $dirmode === false ) || ( $dirmode == DIRECTORY_MODE_NORMAL ))
$ret [ 'site' ][ 'directory_mode' ] = 'normal' ;
2012-12-20 08:33:53 +00:00
if ( $dirmode == DIRECTORY_MODE_PRIMARY )
$ret [ 'site' ][ 'directory_mode' ] = 'primary' ;
2012-12-20 08:27:01 +00:00
elseif ( $dirmode == DIRECTORY_MODE_SECONDARY )
$ret [ 'site' ][ 'directory_mode' ] = 'secondary' ;
elseif ( $dirmode == DIRECTORY_MODE_STANDALONE )
$ret [ 'site' ][ 'directory_mode' ] = 'standalone' ;
if ( $dirmode != DIRECTORY_MODE_NORMAL )
2013-01-22 10:56:32 +00:00
$ret [ 'site' ][ 'directory_url' ] = z_root () . '/dirsearch' ;
2012-12-20 08:27:01 +00:00
2012-08-22 04:18:01 +00:00
json_return_and_die ( $ret );
2012-08-27 06:05:00 +00:00
2012-08-22 04:18:01 +00:00
}