2012-08-22 04:18:01 +00:00
< ? php
function zfinger_init ( & $a ) {
2012-08-22 04:39:21 +00:00
require_once ( 'include/zot.php' );
2012-09-10 04:17:06 +00:00
require_once ( 'include/crypto.php' );
2012-08-22 04:18:01 +00:00
2012-08-27 06:05:00 +00:00
$ret = array ( 'success' => false );
2012-11-11 04:08:07 +00:00
$zhash = (( x ( $_REQUEST , 'guid_hash' )) ? $_REQUEST [ 'guid_hash' ] : '' );
2012-11-02 22:34:35 +00:00
$zaddr = (( x ( $_REQUEST , 'address' )) ? $_REQUEST [ 'address' ] : '' );
$ztarget = (( x ( $_REQUEST , 'target' )) ? $_REQUEST [ 'target' ] : '' );
$zsig = (( x ( $_REQUEST , 'target_sig' )) ? $_REQUEST [ 'target_sig' ] : '' );
$zkey = (( x ( $_REQUEST , 'key' )) ? $_REQUEST [ 'key' ] : '' );
if ( $ztarget ) {
if (( ! $zkey ) || ( ! $zsig ) || ( ! rsa_verify ( $ztarget , base64url_decode ( $zsig ), $zkey ))) {
logger ( 'zfinger: invalid target signature' );
$ret [ 'message' ] = t ( " invalid target signature " );
json_return_and_die ( $ret );
}
}
2012-11-01 03:53:02 +00:00
2012-08-27 06:05:00 +00:00
$r = null ;
if ( strlen ( $zguid )) {
2012-11-01 00:38:22 +00:00
$r = q ( " select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash
2012-11-11 04:08:07 +00:00
where channel_hash = '%s' limit 1 " ,
dbesc ( $zhash )
2012-08-27 06:05:00 +00:00
);
}
elseif ( strlen ( $zaddr )) {
2012-11-01 00:38:22 +00:00
$r = q ( " select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash
where channel_address = '%s' limit 1 " ,
2012-08-27 06:05:00 +00:00
dbesc ( $zaddr )
);
}
else {
$ret [ 'message' ] = 'Invalid request' ;
json_return_and_die ( $ret );
}
2012-08-22 04:18:01 +00:00
2012-08-27 06:05:00 +00:00
if ( ! ( $r && count ( $r ))) {
$ret [ 'message' ] = 'Item not found.' ;
json_return_and_die ( $ret );
}
$e = $r [ 0 ];
2012-08-22 04:18:01 +00:00
2012-09-26 00:57:20 +00:00
$id = $e [ 'channel_id' ];
2012-11-01 00:38:22 +00:00
// $r = q("select contact.*, profile.*
// from contact left join profile on contact.uid = profile.uid
// where contact.uid = %d && contact.self = 1 and profile.is_default = 1 limit 1",
// intval($id)
// );
// if($r && count($r)) {
// $profile = $r[0];
// }
2012-08-31 01:17:38 +00:00
2012-08-27 06:05:00 +00:00
$ret [ 'success' ] = true ;
2012-08-22 06:11:27 +00:00
2012-08-27 06:05:00 +00:00
// Communication details
2012-08-22 06:11:27 +00:00
2012-11-01 08:49:00 +00:00
$ret [ 'guid' ] = $e [ 'xchan_guid' ];
$ret [ 'guid_sig' ] = $e [ 'xchan_guid_sig' ];
$ret [ 'key' ] = $e [ 'xchan_pubkey' ];
$ret [ 'name' ] = $e [ 'xchan_name' ];
$ret [ 'name_updated' ] = $e [ 'xchan_name_date' ];
$ret [ 'address' ] = $e [ 'xchan_addr' ];
2012-11-01 09:00:25 +00:00
$ret [ 'photo_mimetype' ] = $e [ 'xchan_photo_mimetype' ];
2012-11-01 08:49:00 +00:00
$ret [ 'photo' ] = $e [ 'xchan_photo_l' ];
$ret [ 'photo_updated' ] = $e [ 'xchan_photo_date' ];
2012-11-01 08:53:57 +00:00
$ret [ 'url' ] = $e [ 'xchan_url' ];
$ret [ 'name_updated' ] = $e [ 'xchan_name_date' ];
2012-11-01 08:49:00 +00:00
$ret [ 'target' ] = $ztarget ;
$ret [ 'target_sig' ] = $zsig ;
2012-11-01 03:53:02 +00:00
2012-11-02 21:48:33 +00:00
// FIXME encrypt permissions when targeted so that only the target can view them, requires sending the pubkey and also checking that the target_sig is signed with that pubkey and isn't a forgery.
2012-11-02 23:25:59 +00:00
$permissions = get_all_perms ( $e [ 'channel_id' ],(( $ztarget && $zsig )
2012-11-01 03:53:02 +00:00
? base64url_encode ( hash ( 'whirlpool' , $ztarget . $zsig , true ))
: '' ), false );
2012-11-02 23:25:59 +00:00
$ret [ 'permissions' ] = (( $ztarget ) ? aes_encapsulate ( json_encode ( $permissions ), $zkey ) : $permissions );
2012-11-01 03:53:02 +00:00
2012-08-22 04:18:01 +00:00
2012-11-01 00:38:22 +00:00
// $ret['profile'] = $profile;
2012-08-31 01:17:38 +00:00
2012-09-26 00:57:20 +00:00
// array of (verified) hubs this channel uses
2012-08-27 06:05:00 +00:00
2012-11-01 03:53:02 +00:00
$ret [ 'locations' ] = array ();
2012-11-01 00:38:22 +00:00
$x = zot_get_hubloc ( array ( $e [ 'channel_hash' ]));
2012-08-27 06:05:00 +00:00
if ( $x && count ( $x )) {
foreach ( $x as $hub ) {
if ( ! ( $hub [ 'hubloc_flags' ] & HUBLOC_FLAGS_UNVERIFIED )) {
2012-11-01 03:53:02 +00:00
$ret [ 'locations' ][] = array (
'host' => $hub [ 'hubloc_host' ],
'address' => $hub [ 'hubloc_addr' ],
2012-08-27 06:05:00 +00:00
'primary' => (( $hub [ 'hubloc_flags' ] & HUBLOC_FLAGS_PRIMARY ) ? true : false ),
'url' => $hub [ 'hubloc_url' ],
2012-10-31 23:55:19 +00:00
'url_sig' => $hub [ 'hubloc_url_sig' ],
2012-08-27 06:05:00 +00:00
'callback' => $hub [ 'hubloc_callback' ],
'sitekey' => $hub [ 'hubloc_sitekey' ]
);
2012-08-22 04:39:21 +00:00
}
}
2012-08-27 06:05:00 +00:00
}
2012-08-22 04:39:21 +00:00
2012-08-22 04:18:01 +00:00
json_return_and_die ( $ret );
2012-08-27 06:05:00 +00:00
2012-08-22 04:18:01 +00:00
}