wamo/gnu-social
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
24d9d76644
gnu-social/plugins/OStatus/classes/HubSub.php

336 lines
13 KiB
PHP
Raw Normal View History

First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
<?php
/*
* StatusNet - the distributed open-source microblogging tool
* Copyright (C) 2010, StatusNet, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
Normalize execution guards on OStatus php files; mostly helps cut down on annoying 'class not found' errors when something spiders the dirs. :P
2010-10-09 02:42:59 +09:00
if (!defined('STATUSNET')) {
exit(1);
}
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
/**
* PuSH feed subscription record
* @package Hub
* @author Brion Vibber <brion@status.net>
*/
Updating all Memcached_DataObject extended classes to Managed_DataObject In some brief tests, this causes no problems. In this state however, you would need to modify DB_DataObject to have a static declaration of staticget (and probably pkeyGet). The next commit will change the staticGet overload to a unique function name (like getKV for getKeyValue), which means we can properly call the function by PHP Strict Standards.
2013-08-18 19:10:44 +09:00
class HubSub extends Managed_DataObject
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
{
public $__table = 'hubsub';
public $hashkey; // sha1(topic . '|' . $callback); (topic, callback) key is too long for myisam in utf8
utf8mb4 conversion on database with index adjusts
2015-02-13 02:18:55 +09:00
public $topic; // varchar(191) not 255 because utf8mb4 takes more space
public $callback; // varchar(191) not 255 because utf8mb4 takes more space
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
public $secret;
public $sub_start;
public $sub_end;
public $created;
OStatus PuSH fixes: - hub now defers subscription state updates until after verification, per spec - hub now supports synchronous verification when requested (if async is not requested after) - client now requests synchronous verification (it's a bit safer) - cleanup on subscription logging/error responses
2010-02-22 07:46:26 +09:00
public $modified;
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
Update PuSH callback URL if remote side switched to HTTPS See the comment in the source on why we're not following Location headers...
2016-01-12 03:55:02 +09:00
static function hashkey($topic, $callback)
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
{
return sha1($topic . '|' . $callback);
}
IMPORTANT - fixed HubSub to properly fetch primary keys In commit e95f77d34c501d345e731ccf6bc722034d155b77 HubSub lost the 'staticGet' function in a consolidation into the Managed_DataObject class. This was done carelessly by me as HubSub::staticGet was actually taking two arguments, none of which was a key and merging them in HubSub::hashkey() (staticGet was renamed getKV 2a4dc77a633cc78907934fd93200ac16d55be78e). NOTE: This complements commit 7e4718a4eb8d0e932398d6f150339fa6aec05267 which fixed a similar issue for the Magicsig class.
2013-08-21 18:25:08 +09:00
public static function getByHashkey($topic, $callback)
{
return self::getKV('hashkey', self::hashkey($topic, $callback));
}
OStatus classes now has modern schemaDef
2013-08-21 18:01:31 +09:00
public static function schemaDef()
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
{
OStatus classes now has modern schemaDef
2013-08-21 18:01:31 +09:00
return array(
'fields' => array(
'hashkey' => array('type' => 'char', 'not null' => true, 'length' => 40, 'description' => 'HubSub hashkey'),
utf8mb4 conversion on database with index adjusts
2015-02-13 02:18:55 +09:00
'topic' => array('type' => 'varchar', 'not null' => true, 'length' => 191, 'description' => 'HubSub topic'),
'callback' => array('type' => 'varchar', 'not null' => true, 'length' => 191, 'description' => 'HubSub callback'),
OStatus classes now has modern schemaDef
2013-08-21 18:01:31 +09:00
'secret' => array('type' => 'text', 'description' => 'HubSub stored secret'),
'sub_start' => array('type' => 'datetime', 'description' => 'subscription start'),
'sub_end' => array('type' => 'datetime', 'description' => 'subscription end'),
'created' => array('type' => 'datetime', 'not null' => true, 'description' => 'date this record was created'),
'modified' => array('type' => 'timestamp', 'not null' => true, 'description' => 'date this record was modified'),
),
'primary key' => array('hashkey'),
'indexes' => array(
'hubsub_topic_idx' => array('topic'),
),
);
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
}
/**
* Validates a requested lease length, sets length plus
* subscription start & end dates.
*
* Does not save to database -- use before insert() or update().
*
* @param int $length in seconds
*/
function setLease($length)
{
HubSub didn't save sub start and end datetimes
2016-01-14 03:23:34 +09:00
common_debug('PuSH hub got requested lease_seconds=='._ve($length));
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
assert(is_int($length));
Minor PuSH comment and debug stuff
2016-01-14 03:24:38 +09:00
$min = 86400; // 3600*24 (one day)
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
$max = 86400 * 30;
if ($length == 0) {
// We want to garbage collect dead subscriptions!
$length = $max;
} elseif( $length < $min) {
$length = $min;
} else if ($length > $max) {
$length = $max;
}
HubSub didn't save sub start and end datetimes
2016-01-14 03:23:34 +09:00
common_debug('PuSH hub after sanitation: lease_seconds=='._ve($length));
$this->sub_start = common_sql_now();
$this->sub_end = common_sql_date(time() + $length);
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
}
s/getLease/getLeaseTime/ just to be a bit more clear
2016-01-14 03:55:17 +09:00
function getLeaseTime()
Don't store lease seconds, just sub start and end The seconds can always be calculated from the dates!
2016-01-14 03:45:20 +09:00
{
if (empty($this->sub_start) || empty($this->sub_end)) {
return null;
}
$length = strtotime($this->sub_end) - strtotime($this->sub_start);
assert($length > 0);
return $length;
}
function getLeaseRemaining()
{
if (empty($this->sub_end)) {
return null;
}
return strtotime($this->sub_end) - time();
}
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
/**
OStatus PuSH fixes: - hub now defers subscription state updates until after verification, per spec - hub now supports synchronous verification when requested (if async is not requested after) - client now requests synchronous verification (it's a bit safer) - cleanup on subscription logging/error responses
2010-02-22 07:46:26 +09:00
* Schedule a future verification ping to the subscriber.
* If queues are disabled, will be immediate.
*
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
* @param string $mode 'subscribe' or 'unsubscribe'
OStatus sub/unsub updates: - fix for PuSH unsub verification - send Salmon notification on unsub
2010-02-19 03:20:48 +09:00
* @param string $token hub.verify_token value, if provided by client
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
*/
OStatus PuSH fixes: - hub now defers subscription state updates until after verification, per spec - hub now supports synchronous verification when requested (if async is not requested after) - client now requests synchronous verification (it's a bit safer) - cleanup on subscription logging/error responses
2010-02-22 07:46:26 +09:00
function scheduleVerify($mode, $token=null, $retries=null)
{
if ($retries === null) {
$retries = intval(common_config('ostatus', 'hub_retries'));
}
$data = array('sub' => clone($this),
'mode' => $mode,
PuSH 0.4: No outgoing 'sync' verifications. Feed renewal script. No auto-renewal. Among other things (such as permanent subscriptions), Pubsubhubbub 0.4 removed the "sync" verification method. This means that any incoming PuSH subscription requests that follow the 0.4 spec won't really _require_that we handle it as a background process, but if we were to try direct verification of the subscription - and fail - there's no way we could pick up the ball again. So _essentially_ we require background processing with retries. This means we must implement something like the "poorman cron" or similar, so background processing can be handled on-demand/on-site-visit. This is how Friendica, Drupal etc. handles it and is necessary for environments where we can't run separate queue daemons. When the poorman-cron-ish thing is implemented, auto-renewal will work for all users. PuSH 0.4 spec: https://pubsubhubbub.googlecode.com/git/pubsubhubbub-core-0.4.html More on PuSH 0.4 release (incl. breaking changes): https://groups.google.com/forum/#!msg/pubsubhubbub/7RPlYMds4RI/2mIHQTdV3aoJ
2013-11-03 04:02:28 +09:00
'token' => $token, // let's put it in there if remote uses PuSH <0.4
OStatus PuSH fixes: - hub now defers subscription state updates until after verification, per spec - hub now supports synchronous verification when requested (if async is not requested after) - client now requests synchronous verification (it's a bit safer) - cleanup on subscription logging/error responses
2010-02-22 07:46:26 +09:00
'retries' => $retries);
$qm = QueueManager::get();
- break OMB profile update pings to a background queue - add event hooks to profile update pings - send Salmon pings with custom update-profile event to OStatus subscribees and groups (subscribers will see it on your next post) - fix OStatus queues with overlong transport names, should work on DB queues now - Ostatus_profile::notifyActivity() and ::notifyDeferred() now can take XML, Notice, or Activity for convenience
2010-02-25 05:36:36 +09:00
$qm->enqueue($data, 'hubconf');
OStatus PuSH fixes: - hub now defers subscription state updates until after verification, per spec - hub now supports synchronous verification when requested (if async is not requested after) - client now requests synchronous verification (it's a bit safer) - cleanup on subscription logging/error responses
2010-02-22 07:46:26 +09:00
}
Update PuSH callback URL if remote side switched to HTTPS See the comment in the source on why we're not following Location headers...
2016-01-12 03:55:02 +09:00
public function getTopic()
{
return $this->topic;
}
OStatus PuSH fixes: - hub now defers subscription state updates until after verification, per spec - hub now supports synchronous verification when requested (if async is not requested after) - client now requests synchronous verification (it's a bit safer) - cleanup on subscription logging/error responses
2010-02-22 07:46:26 +09:00
/**
* Send a verification ping to subscriber, and if confirmed apply the changes.
* This may create, update, or delete the database record.
*
* @param string $mode 'subscribe' or 'unsubscribe'
* @param string $token hub.verify_token value, if provided by client
* @throws ClientException on failure
*/
OStatus sub/unsub updates: - fix for PuSH unsub verification - send Salmon notification on unsub
2010-02-19 03:20:48 +09:00
function verify($mode, $token=null)
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
{
assert($mode == 'subscribe' || $mode == 'unsubscribe');
Replace common_good_random with common_random_hexstr
2013-10-21 20:20:30 +09:00
$challenge = common_random_hexstr(32);
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
$params = array('hub.mode' => $mode,
Update PuSH callback URL if remote side switched to HTTPS See the comment in the source on why we're not following Location headers...
2016-01-12 03:55:02 +09:00
'hub.topic' => $this->getTopic(),
OStatus PuSH fixes: - hub now defers subscription state updates until after verification, per spec - hub now supports synchronous verification when requested (if async is not requested after) - client now requests synchronous verification (it's a bit safer) - cleanup on subscription logging/error responses
2010-02-22 07:46:26 +09:00
'hub.challenge' => $challenge);
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
if ($mode == 'subscribe') {
s/getLease/getLeaseTime/ just to be a bit more clear
2016-01-14 03:55:17 +09:00
$params['hub.lease_seconds'] = $this->getLeaseTime();
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
}
PuSH 0.4: No outgoing 'sync' verifications. Feed renewal script. No auto-renewal. Among other things (such as permanent subscriptions), Pubsubhubbub 0.4 removed the "sync" verification method. This means that any incoming PuSH subscription requests that follow the 0.4 spec won't really _require_that we handle it as a background process, but if we were to try direct verification of the subscription - and fail - there's no way we could pick up the ball again. So _essentially_ we require background processing with retries. This means we must implement something like the "poorman cron" or similar, so background processing can be handled on-demand/on-site-visit. This is how Friendica, Drupal etc. handles it and is necessary for environments where we can't run separate queue daemons. When the poorman-cron-ish thing is implemented, auto-renewal will work for all users. PuSH 0.4 spec: https://pubsubhubbub.googlecode.com/git/pubsubhubbub-core-0.4.html More on PuSH 0.4 release (incl. breaking changes): https://groups.google.com/forum/#!msg/pubsubhubbub/7RPlYMds4RI/2mIHQTdV3aoJ
2013-11-03 04:02:28 +09:00
if ($token !== null) { // TODO: deprecated in PuSH 0.4
$params['hub.verify_token'] = $token; // let's put it in there if remote uses PuSH <0.4
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
}
OStatus PuSH fixes: - hub now defers subscription state updates until after verification, per spec - hub now supports synchronous verification when requested (if async is not requested after) - client now requests synchronous verification (it's a bit safer) - cleanup on subscription logging/error responses
2010-02-22 07:46:26 +09:00
// Any existing query string parameters must be preserved
$url = $this->callback;
wrong param order to strpos()
2010-03-09 15:24:21 +09:00
if (strpos($url, '?') !== false) {
OStatus PuSH fixes: - hub now defers subscription state updates until after verification, per spec - hub now supports synchronous verification when requested (if async is not requested after) - client now requests synchronous verification (it's a bit safer) - cleanup on subscription logging/error responses
2010-02-22 07:46:26 +09:00
$url .= '&';
} else {
$url .= '?';
}
$url .= http_build_query($params, '', '&');
$request = new HTTPClient();
$response = $request->get($url);
$status = $response->getStatus();
if ($status >= 200 && $status < 300) {
Update PuSH callback URL if remote side switched to HTTPS See the comment in the source on why we're not following Location headers...
2016-01-12 03:55:02 +09:00
common_log(LOG_INFO, "Verified {$mode} of {$this->callback}:{$this->getTopic()}");
OStatus PuSH fixes: - hub now defers subscription state updates until after verification, per spec - hub now supports synchronous verification when requested (if async is not requested after) - client now requests synchronous verification (it's a bit safer) - cleanup on subscription logging/error responses
2010-02-22 07:46:26 +09:00
} else {
* i18n/L10n update * translator comments added * remove superfluous whitespace
2010-09-19 22:17:36 +09:00
// TRANS: Client exception. %s is a HTTP status code.
throw new ClientException(sprintf(_m('Hub subscriber verification returned HTTP %s.'),$status));
OStatus PuSH fixes: - hub now defers subscription state updates until after verification, per spec - hub now supports synchronous verification when requested (if async is not requested after) - client now requests synchronous verification (it's a bit safer) - cleanup on subscription logging/error responses
2010-02-22 07:46:26 +09:00
}
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
Update PuSH callback URL if remote side switched to HTTPS See the comment in the source on why we're not following Location headers...
2016-01-12 03:55:02 +09:00
$old = HubSub::getByHashkey($this->getTopic(), $this->callback);
OStatus PuSH fixes: - hub now defers subscription state updates until after verification, per spec - hub now supports synchronous verification when requested (if async is not requested after) - client now requests synchronous verification (it's a bit safer) - cleanup on subscription logging/error responses
2010-02-22 07:46:26 +09:00
if ($mode == 'subscribe') {
We don't do local_push_bypass
2013-11-03 01:42:32 +09:00
if ($old instanceof HubSub) {
OStatus PuSH fixes: - hub now defers subscription state updates until after verification, per spec - hub now supports synchronous verification when requested (if async is not requested after) - client now requests synchronous verification (it's a bit safer) - cleanup on subscription logging/error responses
2010-02-22 07:46:26 +09:00
$this->update($old);
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
} else {
OStatus PuSH fixes: - hub now defers subscription state updates until after verification, per spec - hub now supports synchronous verification when requested (if async is not requested after) - client now requests synchronous verification (it's a bit safer) - cleanup on subscription logging/error responses
2010-02-22 07:46:26 +09:00
$ok = $this->insert();
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
}
OStatus PuSH fixes: - hub now defers subscription state updates until after verification, per spec - hub now supports synchronous verification when requested (if async is not requested after) - client now requests synchronous verification (it's a bit safer) - cleanup on subscription logging/error responses
2010-02-22 07:46:26 +09:00
} else if ($mode == 'unsubscribe') {
We don't do local_push_bypass
2013-11-03 01:42:32 +09:00
if ($old instanceof HubSub) {
OStatus PuSH fixes: - hub now defers subscription state updates until after verification, per spec - hub now supports synchronous verification when requested (if async is not requested after) - client now requests synchronous verification (it's a bit safer) - cleanup on subscription logging/error responses
2010-02-22 07:46:26 +09:00
$old->delete();
} else {
// That's ok, we're already unsubscribed.
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
}
}
}
/**
* Insert wrapper; transparently set the hash key from topic and callback columns.
OStatus PuSH fixes: - hub now defers subscription state updates until after verification, per spec - hub now supports synchronous verification when requested (if async is not requested after) - client now requests synchronous verification (it's a bit safer) - cleanup on subscription logging/error responses
2010-02-22 07:46:26 +09:00
* @return mixed success
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
*/
function insert()
{
Update PuSH callback URL if remote side switched to HTTPS See the comment in the source on why we're not following Location headers...
2016-01-12 03:55:02 +09:00
$this->hashkey = self::hashkey($this->getTopic(), $this->callback);
OStatus PuSH fixes: - hub now defers subscription state updates until after verification, per spec - hub now supports synchronous verification when requested (if async is not requested after) - client now requests synchronous verification (it's a bit safer) - cleanup on subscription logging/error responses
2010-02-22 07:46:26 +09:00
$this->created = common_sql_now();
$this->modified = common_sql_now();
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
return parent::insert();
}
OStatus PuSH fixlets: - set minimal error page output on PuSH callback - allow hub to retry ($config['ostatus']['hub_retries']), simplify internal iface a bit. Retries are pushed to end of queue but otherwise not delayed yet; makes delivery more robust to one-off transitory errors but not yet against downtime.
2010-02-22 07:28:06 +09:00
/**
* Schedule delivery of a 'fat ping' to the subscriber's callback
* endpoint. If queues are disabled, this will run immediately.
*
* @param string $atom well-formed Atom feed
* @param int $retries optional count of retries if POST fails; defaults to hub_retries from config or 0 if unset
*/
function distribute($atom, $retries=null)
{
if ($retries === null) {
$retries = intval(common_config('ostatus', 'hub_retries'));
}
High-priority OStatus fixes: * PuSHing out to multiple client services could fail; only first callback got reached * Correction for re-sub request to a known sub
2010-03-02 11:46:34 +09:00
// We dare not clone() as when the clone is discarded it'll
// destroy the result data for the parent query.
// @fixme use clone() again when it's safe to copy an
// individual item from a multi-item query again.
Update PuSH callback URL if remote side switched to HTTPS See the comment in the source on why we're not following Location headers...
2016-01-12 03:55:02 +09:00
$sub = HubSub::getByHashkey($this->getTopic(), $this->callback);
High-priority OStatus fixes: * PuSHing out to multiple client services could fail; only first callback got reached * Correction for re-sub request to a known sub
2010-03-02 11:46:34 +09:00
$data = array('sub' => $sub,
OStatus PuSH fixlets: - set minimal error page output on PuSH callback - allow hub to retry ($config['ostatus']['hub_retries']), simplify internal iface a bit. Retries are pushed to end of queue but otherwise not delayed yet; makes delivery more robust to one-off transitory errors but not yet against downtime.
2010-02-22 07:28:06 +09:00
'atom' => $atom,
'retries' => $retries);
Update PuSH callback URL if remote side switched to HTTPS See the comment in the source on why we're not following Location headers...
2016-01-12 03:55:02 +09:00
common_log(LOG_INFO, "Queuing PuSH: {$this->getTopic()} to {$this->callback}");
OStatus PuSH fixlets: - set minimal error page output on PuSH callback - allow hub to retry ($config['ostatus']['hub_retries']), simplify internal iface a bit. Retries are pushed to end of queue but otherwise not delayed yet; makes delivery more robust to one-off transitory errors but not yet against downtime.
2010-02-22 07:28:06 +09:00
$qm = QueueManager::get();
$qm->enqueue($data, 'hubout');
}
OStatus plugin: Rolling batch queueing for PuSH output to >50 subscribing sites. Keeps latency down for other things enqueued while we work...
2010-06-05 03:48:54 +09:00
/**
* Queue up a large batch of pushes to multiple subscribers
* for this same topic update.
* i18n/L10n updates and FIXMEs added * whitespace fixes
2010-09-03 08:35:04 +09:00
*
OStatus plugin: Rolling batch queueing for PuSH output to >50 subscribing sites. Keeps latency down for other things enqueued while we work...
2010-06-05 03:48:54 +09:00
* If queues are disabled, this will run immediately.
* i18n/L10n updates and FIXMEs added * whitespace fixes
2010-09-03 08:35:04 +09:00
*
OStatus plugin: Rolling batch queueing for PuSH output to >50 subscribing sites. Keeps latency down for other things enqueued while we work...
2010-06-05 03:48:54 +09:00
* @param string $atom well-formed Atom feed
* @param array $pushCallbacks list of callback URLs
*/
function bulkDistribute($atom, $pushCallbacks)
{
$data = array('atom' => $atom,
Update PuSH callback URL if remote side switched to HTTPS See the comment in the source on why we're not following Location headers...
2016-01-12 03:55:02 +09:00
'topic' => $this->getTopic(),
OStatus plugin: Rolling batch queueing for PuSH output to >50 subscribing sites. Keeps latency down for other things enqueued while we work...
2010-06-05 03:48:54 +09:00
'pushCallbacks' => $pushCallbacks);
Update PuSH callback URL if remote side switched to HTTPS See the comment in the source on why we're not following Location headers...
2016-01-12 03:55:02 +09:00
common_log(LOG_INFO, "Queuing PuSH batch: {$this->getTopic()} to ".count($pushCallbacks)." sites");
OStatus plugin: Rolling batch queueing for PuSH output to >50 subscribing sites. Keeps latency down for other things enqueued while we work...
2010-06-05 03:48:54 +09:00
$qm = QueueManager::get();
$qm->enqueue($data, 'hubprep');
}
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
/**
* Send a 'fat ping' to the subscriber's callback endpoint
* containing the given Atom feed chunk.
*
* Determination of which items to send should be done at
* a higher level; don't just shove in a complete feed!
*
* @param string $atom well-formed Atom feed
OStatus PuSH fixlets: - set minimal error page output on PuSH callback - allow hub to retry ($config['ostatus']['hub_retries']), simplify internal iface a bit. Retries are pushed to end of queue but otherwise not delayed yet; makes delivery more robust to one-off transitory errors but not yet against downtime.
2010-02-22 07:28:06 +09:00
* @throws Exception (HTTP or general)
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
*/
function push($atom)
{
$headers = array('Content-Type: application/atom+xml');
if ($this->secret) {
OStatus PuSH fixes: * HMAC now calculated correctly - confirmed interop with Google's public hub * Can optionally use an external PuSH hub, set URL in $config['ostatus']['hub'] (may have issues in replication environment, and will ping the hub for every update rather than just those with subscribers) Internal hub will still function when this is set, but won't be advertised. Warning: setting this, then turning it off later will break subscriptions as that hub will no longer receive pings.
2010-02-11 07:58:39 +09:00
$hmac = hash_hmac('sha1', $atom, $this->secret);
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
$headers[] = "X-Hub-Signature: sha1=$hmac";
} else {
$hmac = '(none)';
}
Update PuSH callback URL if remote side switched to HTTPS See the comment in the source on why we're not following Location headers...
2016-01-12 03:55:02 +09:00
common_log(LOG_INFO, "About to push feed to $this->callback for {$this->getTopic()}, HMAC $hmac");
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
OStatus PuSH fixlets: - set minimal error page output on PuSH callback - allow hub to retry ($config['ostatus']['hub_retries']), simplify internal iface a bit. Retries are pushed to end of queue but otherwise not delayed yet; makes delivery more robust to one-off transitory errors but not yet against downtime.
2010-02-22 07:28:06 +09:00
$request = new HTTPClient();
Don't follow redirects on PuSH POST.
2016-01-12 22:31:14 +09:00
$request->setConfig(array('follow_redirects' => false));
OStatus PuSH fixlets: - set minimal error page output on PuSH callback - allow hub to retry ($config['ostatus']['hub_retries']), simplify internal iface a bit. Retries are pushed to end of queue but otherwise not delayed yet; makes delivery more robust to one-off transitory errors but not yet against downtime.
2010-02-22 07:28:06 +09:00
$request->setBody($atom);
Update PuSH callback URL if remote side switched to HTTPS See the comment in the source on why we're not following Location headers...
2016-01-12 03:55:02 +09:00
try {
$response = $request->post($this->callback, $headers);
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
Update PuSH callback URL if remote side switched to HTTPS See the comment in the source on why we're not following Location headers...
2016-01-12 03:55:02 +09:00
if ($response->isOk()) {
return true;
}
} catch (Exception $e) {
$response = null;
common_debug('PuSH callback to '._ve($this->callback).' for '._ve($this->getTopic()).' failed with exception: '._ve($e->getMessage()));
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
}
Update PuSH callback URL if remote side switched to HTTPS See the comment in the source on why we're not following Location headers...
2016-01-12 03:55:02 +09:00
// XXX: DO NOT trust a Location header here, _especially_ from 'http' protocols,
// but not 'https' either at least if we don't do proper CA verification. Trust that
// the most common change here is simply switching 'http' to 'https' and we will
// solve 99% of all of these issues for now. There should be a proper mechanism
// if we want to change the callback URLs, preferrably just manual resubscriptions
// from the remote side, combined with implemented PuSH subscription timeouts.
// We failed the PuSH, but it might be that the remote site has changed their configuration to HTTPS
if ('http' === parse_url($this->callback, PHP_URL_SCHEME)) {
// Test if the feed callback for this node has migrated to HTTPS
$httpscallback = preg_replace('/^http/', 'https', $this->callback, 1);
if ($httpscallback === $this->callback) {
throw new ServerException('Trying to preg_replace http to https on '._ve($this->callback).' failed and resulted in an identical string: '._ve($httpscallback).'.');
}
common_debug('PuSH callback to '._ve($this->callback).' for '._ve($this->getTopic()).' testing with HTTPS callback: '._ve($httpscallback));
$response = $request->post($httpscallback, $headers);
if ($response->isOk()) {
$orig = clone($this);
$this->callback = $httpscallback;
$this->hashkey = self::hashkey($this->getTopic(), $this->callback);
common_debug('HubSub DEBUG, from '._ve($orig).' to '._ve($this));
$this->updateWithKeys($orig, 'hashkey');
return true;
}
}
// FIXME: Add 'failed' incremental count for this callback.
if (is_null($response)) {
// This means we got a lower-than-HTTP level error, like domain not found or maybe connection refused
// This should be using a more distinguishable exception class, but for now this will do.
$target was klantigtly copied from another debug message
2016-01-12 04:10:38 +09:00
throw new Exception(sprintf(_m('HTTP request failed without response to URL: %s'), _ve(isset($httpscallback) ? $httpscallback : $this->callback)));
Update PuSH callback URL if remote side switched to HTTPS See the comment in the source on why we're not following Location headers...
2016-01-12 03:55:02 +09:00
}
// TRANS: Exception. %1$s is a response status code, %2$s is the body of the response.
throw new Exception(sprintf(_m('Callback returned status: %1$s. Body: %2$s'),
$response->getStatus(),trim($response->getBody())));
First steps on converting FeedSub into the pub/sub basis for OStatus communications: * renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-09 04:06:03 +09:00
}
}
Reference in New Issue Copy Permalink