Nosial/socialbox-php
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Made message signing in Cryptography use SHA512 as the message content for... #1

Closed
netkas wants to merge 421 commits from master into dev
pull from: master
merge into: Nosial:dev
Conversation 3 Commits 421 Files changed 226 +67 -1
1 changed files with 67 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit 24e21038e8 - Show all commits

68
src/Socialbox/Socialbox.php
View file

@ -172,7 +172,7 @@
// If the peer is identifying as an external domain
else
{
// Only allow the host to identify as an external peer
// Only allow the host to identify as a host
if($clientRequest->getIdentifyAs()->getUsername() !== ReservedUsernames::HOST->value)
{
self::returnError(403, StandardError::FORBIDDEN, 'Forbidden: Any external peer must identify as the host, only the host can preform actions on behalf of it\'s peers');
@ -211,6 +211,25 @@
self::returnError(403, StandardError::FORBIDDEN, 'Unauthorized: The requested peer is disabled/banned');
return;
}
// If-clause for handling the host peer, host peers are always enabled unless the fist clause is true
// in which case the host was blocked by this server.
elseif($clientRequest->getIdentifyAs() === ReservedUsernames::HOST->value)
{
$serverInformation = self::getExternalServerInformation($clientRequest->getIdentifyAs()->getDomain());
// If the host is not registered, register it
if($registeredPeer === null)
{
$peerUuid = RegisteredPeerManager::createPeer(PeerAddress::fromAddress($clientRequest->getHeader(StandardHeaders::IDENTIFY_AS)));
RegisteredPeerManager::updateDisplayName($peerUuid, $serverInformation->getServerName());
RegisteredPeerManager::enablePeer($peerUuid);
}
// Otherwise, update the display name if it has changed
else
{
RegisteredPeerManager::updateDisplayName($registeredPeer->getUuid(), $serverInformation->getServerName());
}
}
// Otherwise the peer isn't registered, so we need to register it
else
{
@ -451,6 +470,34 @@
return;
}
// If the client has provided an identification header, further validation and resolution is required
if($clientRequest->getIdentifyAs() !== null)
{
// First check if the client is identifying as the host
if($clientRequest->getPeer()->getAddress() !== ReservedUsernames::HOST->value)
{
// TODO: Maybe allow user client to change identification but within an RPC method rather than the headers
self::returnError(403, StandardError::FORBIDDEN, 'Unauthorized: Not allowed to identify as a different peer');
return;
}
// Synchronize the peer
try
{
$client = self::getExternalSession($clientRequest->getIdentifyAs()->getDomain());
RegisteredPeerManager::synchronizeExternalPeer($client->resolvePeer($clientRequest->getIdentifyAs()));
}
catch (DatabaseOperationException $e)
{
self::returnError(500, StandardError::INTERNAL_SERVER_ERROR, 'Failed to synchronize external peer', $e);
return;
}
catch (Exception $e)
{
throw new ResolutionException(sprintf('Failed to synchronize external peer %s: %s', $clientRequest->getIdentifyAs()->getAddress(), $e->getMessage()), $e->getCode(), $e);
}
}
try
{
$clientRequests = $clientRequest->getRpcRequests($decryptedContent);
@ -635,6 +682,25 @@
return $client;
}
/**
* Retrieves external server information for the specified domain.
*
* @param string $domain The domain from which the server information is to be retrieved.
* @return ServerInformation The server information retrieved from the external session.
* @throws ResolutionException If unable to retrieve server information for the given domain.
*/
public static function getExternalServerInformation(string $domain): ServerInformation
{
try
{
return self::getExternalSession($domain)->getServerInformation();
}
catch (Exception $e)
{
throw new ResolutionException(sprintf('Failed to retrieve server information from %s: %s', $domain, $e->getMessage()), $e->getCode(), $e);
}
}
/**
* Retrieves the server information by assembling data from the configuration settings.
*