Etusivu Tutki Apua
Kirjaudu sisään
TechnicalSuwako
/
gnusocial
forkattu lähteestä gnusocialjp/gnusocial
Tarkkaile 1
Äänestä 0
Fork 0
Tiedostot
Branch: main
Branchit Tagit
gnusocial
/
plugins
/
WebFinger
/
WebFingerPlugin.php

WebFingerPlugin.php 9.9 KB
Pysyvä linkki Historia Raaka

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238 
  1. <?php
    2. 

  2. /*
    3. 

  3.  * GNU Social - a federating social network
    4. 

  4.  * Copyright (C) 2013, Free Software Foundation, Inc.
    5. 

  5.  *
    6. 

  6.  * This program is free software: you can redistribute it and/or modify
    7. 

  7.  * it under the terms of the GNU Affero General Public License as published by
    8. 

  8.  * the Free Software Foundation, either version 3 of the License, or
    9. 

  9.  * (at your option) any later version.
    10. 

  10.  *
    11. 

  11.  * This program is distributed in the hope that it will be useful,
    12. 

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    13. 

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    14. 

  14.  * GNU Affero General Public License for more details.
    15. 

  15.  *
    16. 

  16.  * You should have received a copy of the GNU Affero General Public License
    17. 

  17.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    18. 

  18.  */
    19. 

  19. 

  20. /**
    21. 

  21.  * Implements WebFinger for GNU Social, as well as support for the
    22. 

  22.  * '.well-known/host-meta' resource.
    23. 

  23.  *
    24. 

  24.  * Depends on: LRDD plugin
    25. 

  25.  *
    26. 

  26.  * @package GNUsocial
    27. 

  27.  * @author  Mikael Nordfeldth <mmn@hethane.se>
    28. 

  28.  */
    29. 

  29. 

  30. if (!defined('GNUSOCIAL')) { exit(1); }
    31. 

  31. include("../plugins/WebFinger/lib/webfingerresource.php");
    32. 

  32. include("../plugins/WebFinger/lib/webfingerresource/notice.php");
    33. 

  33. include("../plugins/WebFinger/lib/webfingerresource/profile.php");
    34. 

  34. 

  35. class WebFingerPlugin extends Plugin
    36. 

  36. {
    37. 

  37.     const PLUGIN_VERSION = '2.0.0';
    38. 

  38. 

  39.     const OAUTH_ACCESS_TOKEN_REL    = 'http://apinamespace.org/oauth/access_token';
    40. 

  40.     const OAUTH_REQUEST_TOKEN_REL   = 'http://apinamespace.org/oauth/request_token';
    41. 

  41.     const OAUTH_AUTHORIZE_REL       = 'http://apinamespace.org/oauth/authorize';
    42. 

  42. 

  43.     public function onRouterInitialized(URLMapper $m)
    44. 

  44.     {
    45. 

  45.         $m->connect('.well-known/host-meta', ['action' => 'hostmeta']);
    46. 

  46.         $m->connect('.well-known/host-meta.:format',
    47. 

  47.                     ['action' => 'hostmeta'],
    48. 

  48.                     ['format' => '(xml|json)']);
    49. 

  49.         // the resource GET parameter can be anywhere, so don't mention it here
    50. 

  50.         $m->connect('.well-known/webfinger', ['action' => 'webfinger']);
    51. 

  51.         $m->connect('.well-known/webfinger.:format',
    52. 

  52.                     ['action' => 'webfinger'],
    53. 

  53.                     ['format' => '(xml|json)']);
    54. 

  54.         $m->connect('main/ownerxrd', ['action' => 'ownerxrd']);
    55. 

  55.         return true;
    56. 

  56.     }
    57. 

  57. 

  58.     public function onLoginAction($action, &$login)
    59. 

  59.     {
    60. 

  60.         switch ($action) {
    61. 

  61.         case 'hostmeta':
    62. 

  62.         case 'webfinger':
    63. 

  63.             $login = true;
    64. 

  64.             return false;
    65. 

  65.         }
    66. 

  66.         
    67. 

  67.         return true;
    68. 

  68.     }
    69. 

  69. 

  70.     public function onStartGetProfileAcctUri(Profile $profile, &$acct)
    71. 

  71.     {
    72. 

  72.         $wfr = new WebFingerResource_Profile($profile);
    73. 

  73.         try {
    74. 

  74.             $acct = $wfr->reconstructAcct();
    75. 

  75.         } catch (Exception $e) {
    76. 

  76.             return true;
    77. 

  77.         }
    78. 

  78. 

  79.         return false;
    80. 

  80.     }
    81. 

  81. 

  82.     public function onEndGetWebFingerResource($resource, WebFingerResource &$target=null, array $args=array())
    83. 

  83.     {
    84. 

  84.         $profile = null;
    85. 

  85.         if (Discovery::isAcct($resource)) {
    86. 

  86.             $parts = explode('@', substr(urldecode($resource), 5)); // 5 is strlen of 'acct:'
    87. 

  87.             if (count($parts) == 2) {
    88. 

  88.                 list($nick, $domain) = $parts;
    89. 

  89.                 if ($domain !== common_config('site', 'server')) {
    90. 

  90.                     throw new Exception(_('Remote profiles not supported via WebFinger yet.'));
    91. 

  91.                 }
    92. 

  92. 

  93.                 $nick = common_canonical_nickname($nick);
    94. 

  94.                 $user = User::getKV('nickname', $nick);
    95. 

  95.                 if (!($user instanceof User)) {
    96. 

  96.                     throw new NoSuchUserException(array('nickname'=>$nick));
    97. 

  97.                 }
    98. 

  98.                 $profile = $user->getProfile();
    99. 

  99.             }
    100. 

  100.         } elseif (!common_valid_http_url($resource)) {
    101. 

  101.             // If it's not a URL, we can't do our http<->https legacy fix thingie anyway,
    102. 

  102.             // so just try the User URI lookup!
    103. 

  103.             try {
    104. 

  104.                 $user = User::getByUri($resource);
    105. 

  105.                 $profile = $user->getProfile();
    106. 

  106.             } catch (NoResultException $e) {
    107. 

  107.                 // not a User, maybe a Notice? we'll try that further down...
    108. 

  108.             }
    109. 

  109.         } else {
    110. 

  110.             // this means $resource is a common_valid_http_url (or https)
    111. 

  111.             // First build up a set of alternative resource URLs that we can use.
    112. 

  112.             $alt_urls = [$resource => true];
    113. 

  113.             if (strtolower(parse_url($resource, PHP_URL_SCHEME)) === 'https'
    114. 

  114.                     && common_config('fix', 'legacy_http')) {
    115. 

  115.                 $alt_urls[preg_replace('/^https:/i', 'http:', $resource, 1)] = true;
    116. 

  116.             }
    117. 

  117.             if (common_config('fix', 'fancyurls')) {
    118. 

  118.                 foreach (array_keys($alt_urls) as $url) {
    119. 

  119.                     try {   // if it's a /index.php/ url
    120. 

  120.                         // common_fake_local_fancy_url can throw an exception
    121. 

  121.                         $alt_url = common_fake_local_fancy_url($url);
    122. 

  122.                     } catch (Exception $e) {    // let's try to create a fake local /index.php/ url
    123. 

  123.                         // this too if it can't do anything about the URL
    124. 

  124.                         $alt_url = common_fake_local_nonfancy_url($url);
    125. 

  125.                     }
    126. 

  126. 

  127.                     $alt_urls[$alt_url] = true;
    128. 

  128.                 }
    129. 

  129.             }
    130. 

  130.             common_debug(__METHOD__.': Generated these alternative URLs for various federation fixes: '._ve(array_keys($alt_urls)));
    131. 

  131. 

  132.             try {
    133. 

  133.                 common_debug(__METHOD__.': Finding User URI for WebFinger lookup on resource=='._ve($resource));
    134. 

  134.                 $user = new User();
    135. 

  135.                 $user->whereAddIn('uri', array_keys($alt_urls), $user->columnType('uri'));
    136. 

  136.                 $user->limit(1);
    137. 

  137.                 if ($user->find(true)) {
    138. 

  138.                     $profile = $user->getProfile();
    139. 

  139.                 }
    140. 

  140.                 unset($user);
    141. 

  141.             } catch (Exception $e) {
    142. 

  142.                 // Most likely a UserNoProfileException, if it ever happens
    143. 

  143.                 // and then we need to do some debugging and perhaps fixes.
    144. 

  144.                 common_log(LOG_ERR, get_class($e).': '._ve($e->getMessage()));
    145. 

  145.                 throw $e;
    146. 

  146.             }
    147. 

  147. 

  148.             try {
    149. 

  149.                 common_debug(__METHOD__.': Finding User_group URI for WebFinger lookup on resource=='._ve($resource));
    150. 

  150.                 $group = new User_group();
    151. 

  151.                 $group->whereAddIn('uri', array_keys($alt_urls), $group->columnType('uri'));
    152. 

  152.                 $group->limit(1);
    153. 

  153.                 if ($group->find(true)) {
    154. 

  154.                     $profile = $group->getProfile();
    155. 

  155.                 }
    156. 

  156.                 unset($group);
    157. 

  157.             } catch (Exception $e) {
    158. 

  158.                 common_log(LOG_ERR, get_class($e).': '._ve($e->getMessage()));
    159. 

  159.                 throw $e;
    160. 

  160.             }
    161. 

  161. 

  162.             // User URI did not match, so let's try our alt_urls as Profile URL values
    163. 

  163.             if (!$profile instanceof Profile) {
    164. 

  164.                 common_debug(__METHOD__.': Finding Profile URLs for WebFinger lookup on resource=='._ve($resource));
    165. 

  165.                 // if our rewrite hack didn't work, try to get something by profile URL
    166. 

  166.                 $profile = new Profile();
    167. 

  167.                 $profile->whereAddIn('profileurl', array_keys($alt_urls), $profile->columnType('profileurl'));
    168. 

  168.                 $profile->limit(1);
    169. 

  169.                 if (!$profile->find(true) || !$profile->isLocal()) {
    170. 

  170.                     // * Either we didn't find the profile, then we want to make
    171. 

  171.                     //   the $profile variable null for clarity.
    172. 

  172.                     // * Or we did find it but for a possibly malicious remote
    173. 

  173.                     //   user who might've set their profile URL to a Notice URL
    174. 

  174.                     //   which would've caused a sort of DoS unless we continue
    175. 

  175.                     //   our search here by discarding the remote profile.
    176. 

  176.                     $profile = null;
    177. 

  177.                 }
    178. 

  178.             }
    179. 

  179.         }
    180. 

  180. 

  181.         if ($profile instanceof Profile) {
    182. 

  182.             common_debug(__METHOD__.': Found Profile with ID=='._ve($profile->getID()).' for resource=='._ve($resource));
    183. 

  183.             $target = new WebFingerResource_Profile($profile);
    184. 

  184.             return false;   // We got our target, stop handler execution
    185. 

  185.         }
    186. 

  186. 

  187.         $notice = Notice::getKV('uri', $resource);
    188. 

  188.         if ($notice instanceof Notice) {
    189. 

  189.             $target = new WebFingerResource_Notice($notice);
    190. 

  190.             return false;
    191. 

  191.         }
    192. 

  192. 

  193.         return true;
    194. 

  194.     }
    195. 

  195. 

  196.     public function onStartHostMetaLinks(array &$links)
    197. 

  197.     {
    198. 

  198.         foreach (Discovery::supportedMimeTypes() as $type) {
    199. 

  199.             $links[] = new XML_XRD_Element_Link(Discovery::LRDD_REL,
    200. 

  200.                             common_local_url('webfinger') . '?resource={uri}',
    201. 

  201.                             $type,
    202. 

  202.                             true);    // isTemplate
    203. 

  203.         }
    204. 

  204. 

  205.         // OAuth connections
    206. 

  206.         $links[] = new XML_XRD_Element_link(self::OAUTH_ACCESS_TOKEN_REL,  common_local_url('ApiOAuthAccessToken'));
    207. 

  207.         $links[] = new XML_XRD_Element_link(self::OAUTH_REQUEST_TOKEN_REL, common_local_url('ApiOAuthRequestToken'));
    208. 

  208.         $links[] = new XML_XRD_Element_link(self::OAUTH_AUTHORIZE_REL,     common_local_url('ApiOAuthAuthorize'));
    209. 

  209.     }
    210. 

  210. 

  211.     /**
    212. 

  212.      * Add a link header for LRDD Discovery
    213. 

  213.      */
    214. 

  214.     public function onStartShowHTML($action)
    215. 

  215.     {
    216. 

  216.         if ($action instanceof ShowstreamAction) {
    217. 

  217.             $resource = $action->getTarget()->getUri();
    218. 

  218.             $url = common_local_url('webfinger') . '?resource='.urlencode($resource);
    219. 

  219. 

  220.             foreach (array(Discovery::JRD_MIMETYPE, Discovery::XRD_MIMETYPE) as $type) {
    221. 

  221.                 header('Link: <'.$url.'>; rel="'. Discovery::LRDD_REL.'"; type="'.$type.'"', false);
    222. 

  222.             }
    223. 

  223.         }
    224. 

  224.     }
    225. 

  225. 

  226.     public function onPluginVersion(array &$versions): bool
    227. 

  227.     {
    228. 

  228.         $versions[] = array('name' => 'WebFinger',
    229. 

  229.                             'version' => self::PLUGIN_VERSION,
    230. 

  230.                             'author' => 'Mikael Nordfeldth',
    231. 

  231.                             'homepage' => GNUSOCIAL_ENGINE_URL,
    232. 

  232.                             // TRANS: Plugin description.
    233. 

  233.                             'rawdescription' => _m('Adds WebFinger lookup to GNU Social'));
    234. 

  234. 

  235.         return true;
    236. 

  236.     }
    237. 

  237. }
    238. 

  238.