streams/Zotlabs/Module/Webfinger.php

<?php
namespace Zotlabs\Module;


class Webfinger extends \Zotlabs\Web\Controller {

	function init() {
	
		// This is a public resource with relaxed CORS policy. Close the current login session.
		session_write_close();

		header('Access-Control-Allow-Origin: *');

		$result = [];
		
		if(! is_https_request()) {
			header($_SERVER['SERVER_PROTOCOL'] . ' ' . 500 . ' ' . 'Webfinger requires HTTPS');
			killme();
		}
	
	
		$resource = $_REQUEST['resource'];

		if(! $resource) {
			http_status_exit(404,'Not found');
		}


		logger('webfinger: ' . $resource,LOGGER_DEBUG);
	
		// Response for a site resource

		if(strcasecmp(rtrim($resource,'/'),z_root()) === 0) {
			$result['subject'] = $resource;
			$result['properties'] = [
					'https://w3id.org/security/v1#publicKeyPem' => get_config('system','pubkey')
			];
			$result['links'] = [
				[
					'rel'  => 'http://purl.org/openwebauth/v1',
					'type' => 'application/x-zot+json',
					'href' => z_root() . '/owa',
				],
			
				[ 
					'rel'  => 'http://purl.org/zot/protocol/6.0', 
					'type' => 'application/x-zot+json', 
					'href' => z_root(),
				],

			];
		}
		else {

			// some other resource

			if(strpos($resource,'tag:' === 0)) {
				$arr = explode(':',$resource);
				if(count($arr) > 3 && $arr[2] === 'zotid') {
					$guid = $arr[3];
					$r = q("select * from channel left join xchan on channel_hash = xchan_hash 
						where channel_hash = '%s' limit 1",
						dbesc($guid)
					);
					if($r) {
						$channel_target = $r[0];
					}
				}
			}
 
			if(strpos($resource,'acct:') === 0) {
				$channel_nickname = punify(str_replace('acct:','',$resource));
				if(strpos($channel_nickname,'@') !== false) {
					$host = punify(substr($channel_nickname,strpos($channel_nickname,'@')+1));

					// If the webfinger address points off site, redirect to the correct site

					if(strcasecmp($host,\App::get_hostname())) {
						goaway('https://' . $host . '/.well-known/webfinger?f=&resource=' . $resource);
					}
					$channel_nickname = substr($channel_nickname,0,strpos($channel_nickname,'@'));
				}		
			}
			if(strpos($resource,'http') === 0) {
				$channel_nickname = str_replace('~','',basename($resource));
			}

			if($channel_nickname) {	
				$r = q("select * from channel left join xchan on channel_hash = xchan_hash 
					where channel_address = '%s' limit 1",
					dbesc($channel_nickname)
				);
				if($r) {
					$channel_target = $r[0];
				}
			}
		}

		if($channel_target) {
	
			$h = q("select hubloc_addr from hubloc where hubloc_hash = '%s' and hubloc_deleted = 0",
				dbesc($channel_target['channel_hash'])
			);
	
			$result['subject'] = $resource;
	
			$aliases = array(
				z_root() . '/channel/' . $channel_target['channel_address'],
				z_root() . '/~' . $channel_target['channel_address'],
				z_root() . '/@' . $channel_target['channel_address']

			);
	
			if($h) {
				foreach($h as $hh) {
					$aliases[] = 'acct:' . $hh['hubloc_addr'];
				}
			}
	
			$result['aliases'] = [];
	
			$result['properties'] = [
					'http://webfinger.net/ns/name'   => $channel_target['channel_name'],
					'http://xmlns.com/foaf/0.1/name' => $channel_target['channel_name'],
					'https://w3id.org/security/v1#publicKeyPem' => $channel_target['xchan_pubkey'],
					'http://purl.org/zot/federation' => 'zot6,activitypub'
			];
	
			foreach($aliases as $alias) { 
				if($alias != $resource) {
					$result['aliases'][] = $alias;
				}
			}
	
			$result['links'] = [

				[
					'rel'  => 'http://webfinger.net/rel/avatar',
					'type' => $channel_target['xchan_photo_mimetype'],
					'href' => $channel_target['xchan_photo_l']	
				],

				[
					'rel'  => 'http://webfinger.net/rel/blog',
					'href' => z_root() . '/channel/' . $channel_target['channel_address'],
				],
	
				[
					'rel'  => 'http://openid.net/specs/connect/1.0/issuer',
					'href' => z_root()
				],

				[ 
					'rel'  => 'http://purl.org/zot/protocol/6.0', 
					'type' => 'application/x-zot+json', 
					'href' => z_root() . '/channel/' . $channel_target['channel_address'],
				],

				[
					'rel'  => 'http://purl.org/openwebauth/v1',
					'type' => 'application/x-zot+json',
					'href' => z_root() . '/owa'
				],
				
				[ 
					'rel' => 'http://ostatus.org/schema/1.0/subscribe',
					'template' => z_root() . '/follow?url={uri}'
				],
			];
		}

		if(! defined('NOMADIC')) {
			$result['links'][] = 
				[
					'rel'  => 'self',
					'type' => 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
					'href' => z_root() . '/channel/' . $channel_target['channel_address']
    			];
			$result['links'][] = 	
				[
					'rel'  => 'self',
					'type' => 'application/activity+json',
					'href' => z_root() . '/channel/' . $channel_target['channel_address']
    			];
		}

		if(! $result) {
			header($_SERVER['SERVER_PROTOCOL'] . ' ' . 400 . ' ' . 'Bad Request');
			killme();
		}
	
		$arr = [ 'channel' => $channel_target, 'request' => $_REQUEST, 'result' => $result ];
		call_hooks('webfinger',$arr);


		json_return_and_die($arr['result'],'application/jrd+json');
	
	}
	
}
module updates 2016-04-19 03:38:38 +00:00			`<?php`
			`namespace Zotlabs\Module;`


			`class Webfinger extends \Zotlabs\Web\Controller {`

checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00			`function init() {`

			`// This is a public resource with relaxed CORS policy. Close the current login session.`
			`session_write_close();`

lots more zot6 work 2018-05-23 06:20:29 +00:00			`header('Access-Control-Allow-Origin: *');`

checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00			`$result = [];`
lots more zot6 work 2018-05-23 06:20:29 +00:00
			`if(! is_https_request()) {`
			`header($_SERVER['SERVER_PROTOCOL'] . ' ' . 500 . ' ' . 'Webfinger requires HTTPS');`
checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00			`killme();`
			`}`


			`$resource = $_REQUEST['resource'];`

lots more zot6 work 2018-05-23 06:20:29 +00:00			`if(! $resource) {`
			`http_status_exit(404,'Not found');`
checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00			`}`


lots more zot6 work 2018-05-23 06:20:29 +00:00			`logger('webfinger: ' . $resource,LOGGER_DEBUG);`
checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00
lots more zot6 work 2018-05-23 06:20:29 +00:00			`// Response for a site resource`
checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00
lots more zot6 work 2018-05-23 06:20:29 +00:00			`if(strcasecmp(rtrim($resource,'/'),z_root()) === 0) {`
checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00			`$result['subject'] = $resource;`
			`$result['properties'] = [`
			`'https://w3id.org/security/v1#publicKeyPem' => get_config('system','pubkey')`
			`];`
			`$result['links'] = [`
			`[`
			`'rel' => 'http://purl.org/openwebauth/v1',`
			`'type' => 'application/x-zot+json',`
			`'href' => z_root() . '/owa',`
			`],`

			`[`
			`'rel' => 'http://purl.org/zot/protocol/6.0',`
			`'type' => 'application/x-zot+json',`
			`'href' => z_root(),`
			`],`

			`];`
lots more zot6 work 2018-05-23 06:20:29 +00:00			`}`
			`else {`

			`// some other resource`

			`if(strpos($resource,'tag:' === 0)) {`
			`$arr = explode(':',$resource);`
			`if(count($arr) > 3 && $arr[2] === 'zotid') {`
			`$guid = $arr[3];`
			`$r = q("select * from channel left join xchan on channel_hash = xchan_hash`
			`where channel_hash = '%s' limit 1",`
			`dbesc($guid)`
			`);`
			`if($r) {`
			`$channel_target = $r[0];`
			`}`
			`}`
			`}`

			`if(strpos($resource,'acct:') === 0) {`
			`$channel_nickname = punify(str_replace('acct:','',$resource));`
			`if(strpos($channel_nickname,'@') !== false) {`
			`$host = punify(substr($channel_nickname,strpos($channel_nickname,'@')+1));`

			`// If the webfinger address points off site, redirect to the correct site`

			`if(strcasecmp($host,\App::get_hostname())) {`
			`goaway('https://' . $host . '/.well-known/webfinger?f=&resource=' . $resource);`
			`}`
			`$channel_nickname = substr($channel_nickname,0,strpos($channel_nickname,'@'));`
			`}`
			`}`
			`if(strpos($resource,'http') === 0) {`
			`$channel_nickname = str_replace('~','',basename($resource));`
			`}`

			`if($channel_nickname) {`
			`$r = q("select * from channel left join xchan on channel_hash = xchan_hash`
			`where channel_address = '%s' limit 1",`
			`dbesc($channel_nickname)`
			`);`
			`if($r) {`
			`$channel_target = $r[0];`
			`}`
			`}`
checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00			`}`

lots more zot6 work 2018-05-23 06:20:29 +00:00			`if($channel_target) {`
module updates 2016-04-19 03:38:38 +00:00
checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00			`$h = q("select hubloc_addr from hubloc where hubloc_hash = '%s' and hubloc_deleted = 0",`
			`dbesc($channel_target['channel_hash'])`
			`);`
module updates 2016-04-19 03:38:38 +00:00
checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00			`$result['subject'] = $resource;`
module updates 2016-04-19 03:38:38 +00:00
checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00			`$aliases = array(`
Time to celebrate: Z6 basic messaging -> posts, replies, and likes working 2018-06-28 01:43:39 +00:00			`z_root() . '/channel/' . $channel_target['channel_address'],`
checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00			`z_root() . '/~' . $channel_target['channel_address'],`
			`z_root() . '/@' . $channel_target['channel_address']`
imagemagick preserves exif when scaling. GD does not. We do not want to preserve exif on thumbnails which we have rotated, as a browser reading the exif information could rotate them yet again. This checkin adds an abstract function to the generic photo driver which makes the behaviour consistent by stripping EXIF from imagick processed images. However, we will attempt to preserve any ICC colour profiles. See http://php.net/manual/en/imagick.stripimage.php 2018-04-23 01:12:16 +00:00
checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00			`);`

			`if($h) {`
			`foreach($h as $hh) {`
			`$aliases[] = 'acct:' . $hh['hubloc_addr'];`
			`}`
module updates 2016-04-19 03:38:38 +00:00			`}`

checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00			`$result['aliases'] = [];`

			`$result['properties'] = [`
			`'http://webfinger.net/ns/name' => $channel_target['channel_name'],`
			`'http://xmlns.com/foaf/0.1/name' => $channel_target['channel_name'],`
			`'https://w3id.org/security/v1#publicKeyPem' => $channel_target['xchan_pubkey'],`
For Osada, move activitypub into core. 2018-08-23 06:04:37 +00:00			`'http://purl.org/zot/federation' => 'zot6,activitypub'`
checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00			`];`

Time to celebrate: Z6 basic messaging -> posts, replies, and likes working 2018-06-28 01:43:39 +00:00			`foreach($aliases as $alias) {`
			`if($alias != $resource) {`
checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00			`$result['aliases'][] = $alias;`
Time to celebrate: Z6 basic messaging -> posts, replies, and likes working 2018-06-28 01:43:39 +00:00			`}`
			`}`
checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00
			`$result['links'] = [`

			`[`
			`'rel' => 'http://webfinger.net/rel/avatar',`
			`'type' => $channel_target['xchan_photo_mimetype'],`
			`'href' => $channel_target['xchan_photo_l']`
			`],`

			`[`
			`'rel' => 'http://webfinger.net/rel/blog',`
			`'href' => z_root() . '/channel/' . $channel_target['channel_address'],`
			`],`

Merge branch 'red' 2018-08-14 03:36:40 +00:00			`[`
			`'rel' => 'http://openid.net/specs/connect/1.0/issuer',`
			`'href' => z_root()`
			`],`

checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00			`[`
			`'rel' => 'http://purl.org/zot/protocol/6.0',`
			`'type' => 'application/x-zot+json',`
			`'href' => z_root() . '/channel/' . $channel_target['channel_address'],`
			`],`

			`[`
			`'rel' => 'http://purl.org/openwebauth/v1',`
			`'type' => 'application/x-zot+json',`
keep the follow url 2018-08-06 06:15:15 +00:00			`'href' => z_root() . '/owa'`
			`],`

			`[`
			`'rel' => 'http://ostatus.org/schema/1.0/subscribe',`
			`'template' => z_root() . '/follow?url={uri}'`
checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00			`],`
zap/osada repo merger 2018-10-04 02:10:52 +00:00			`];`
			`}`

			`if(! defined('NOMADIC')) {`
			`$result['links'][] =`
For Osada, move activitypub into core. 2018-08-23 06:04:37 +00:00			`[`
			`'rel' => 'self',`
			`'type' => 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"',`
			`'href' => z_root() . '/channel/' . $channel_target['channel_address']`
zap/osada repo merger 2018-10-04 02:10:52 +00:00			`];`
			`$result['links'][] =`
For Osada, move activitypub into core. 2018-08-23 06:04:37 +00:00			`[`
			`'rel' => 'self',`
			`'type' => 'application/activity+json',`
			`'href' => z_root() . '/channel/' . $channel_target['channel_address']`
zap/osada repo merger 2018-10-04 02:10:52 +00:00			`];`
module updates 2016-04-19 03:38:38 +00:00			`}`
checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00
			`if(! $result) {`
lots more zot6 work 2018-05-23 06:20:29 +00:00			`header($_SERVER['SERVER_PROTOCOL'] . ' ' . 400 . ' ' . 'Bad Request');`
checkin lots of recent zap/zot6 work 2018-05-18 10:09:38 +00:00			`killme();`
			`}`

			`$arr = [ 'channel' => $channel_target, 'request' => $_REQUEST, 'result' => $result ];`
			`call_hooks('webfinger',$arr);`


			`json_return_and_die($arr['result'],'application/jrd+json');`

module updates 2016-04-19 03:38:38 +00:00			`}`

			`}`