more robust (though wasteful) salmon, try both encodings
This commit is contained in:
parent
d2e20d029a
commit
d453560be9
1 changed files with 34 additions and 3 deletions
|
@ -130,7 +130,13 @@ EOT;
|
|||
$rsa->setHash('sha256');
|
||||
$rsa->loadKey($owner['sprvkey']);
|
||||
|
||||
$signature = base64url_encode($rsa->sign($data));
|
||||
// precomputed base64url encoding of data_type, encoding, algorithm concatenated with periods
|
||||
|
||||
$precomputed = '.YXBwbGljYXRpb24vYXRvbSt4bWw=.YmFzZTY0dXJs.UlNBLVNIQTI1Ng==';
|
||||
|
||||
$signature = base64url_encode($rsa->sign($data . $precomputed));
|
||||
|
||||
$signature2 = base64url_encode($rsa->sign($data));
|
||||
|
||||
$salmon_tpl = load_view_file('view/magicsig.tpl');
|
||||
$salmon = replace_macros($salmon_tpl,array(
|
||||
|
@ -148,7 +154,32 @@ EOT;
|
|||
));
|
||||
|
||||
$a = get_app();
|
||||
echo "CURL returned: " . $a->get_curl_code() . "\n";
|
||||
$return_code = trim($a->get_curl_code);
|
||||
|
||||
// check for success, e.g. 2xx
|
||||
|
||||
if(substr($return_code,0,1) !== '2') {
|
||||
|
||||
// Entirely likely that their salmon implementation is
|
||||
// non-compliant. Let's try once more, this time only signing
|
||||
// the data, without the precomputed blob
|
||||
|
||||
$salmon = replace_macros($salmon_tpl,array(
|
||||
'$data' => $data,
|
||||
'$encoding' => $encoding,
|
||||
'$algorithm' => $algorithm,
|
||||
'$keyhash' => $keyhash,
|
||||
'$signature' => $signature2
|
||||
));
|
||||
|
||||
// slap them
|
||||
post_url($contact['notify'],$salmon, array(
|
||||
'Content-type: application/magic-envelope+xml',
|
||||
'Content-length: ' . strlen($salmon)
|
||||
));
|
||||
$return_code = trim($a->get_curl_code);
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue