Nosial/socialbox-php
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Refactor session initialization and host validation logic

Browse source
This commit is contained in:
netkas 2024-12-24 19:18:06 -05:00
parent 738f8a455c
commit c380556255
5 changed files with 138 additions and 44 deletions
Download patch file Download diff file Expand all files Collapse all files

36
src/Socialbox/Classes/RpcClient.php
View file

@ -2,6 +2,7 @@
namespace Socialbox\Classes;
use Socialbox\Enums\Options\ClientOptions;
use Socialbox\Enums\StandardHeaders;
use Socialbox\Enums\Types\RequestType;
use Socialbox\Exceptions\CryptographyException;
@ -60,7 +61,19 @@
// Set the initial properties
$this->peerAddress = $peerAddress;
$this->keyPair = Cryptography::generateKeyPair();
// If the username is `host` and the domain is the same as this server's domain, we use our keypair
// Essentially this is a special case for the server to contact another server
if($this->peerAddress->isHost())
{
$this->keyPair = new KeyPair(Configuration::getInstanceConfiguration()->getPublicKey(), Configuration::getInstanceConfiguration()->getPrivateKey());
}
// Otherwise we generate a random keypair
else
{
$this->keyPair = Cryptography::generateKeyPair();
}
$this->encryptionKey = Cryptography::generateEncryptionKey();
// Resolve the domain and get the server's Public Key & RPC Endpoint
@ -97,16 +110,25 @@
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this->rpcEndpoint);
curl_setopt($ch, CURLOPT_HTTPGET, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
// Basic session details
$headers = [
StandardHeaders::REQUEST_TYPE->value . ': ' . RequestType::INITIATE_SESSION->value,
StandardHeaders::CLIENT_NAME->value . ': ' . self::CLIENT_NAME,
StandardHeaders::CLIENT_VERSION->value . ': ' . self::CLIENT_VERSION,
StandardHeaders::PUBLIC_KEY->value . ': ' . $this->keyPair->getPublicKey(),
StandardHeaders::IDENTIFY_AS->value . ': ' . $this->peerAddress->getAddress(),
]);
];
// If we're not connecting as the host, we need to provide our public key
// Otherwise, the server will obtain the public key itself from DNS records rather than trusting the client
if(!$this->peerAddress->isHost())
{
$headers[] = StandardHeaders::PUBLIC_KEY->value . ': ' . $this->keyPair->getPublicKey();
}
curl_setopt($ch, CURLOPT_URL, $this->rpcEndpoint);
curl_setopt($ch, CURLOPT_HTTPGET, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$response = curl_exec($ch);