Browse Source

support sending signed websub notifications

master
Aaron Parecki 6 years ago
parent
commit
4d48c3cdd1
No known key found for this signature in database GPG Key ID: 276C2817346D6056
4 changed files with 17 additions and 4 deletions
  1. +4
    -1
      controllers/push.php
  2. +10
    -3
      lib/PushTask.php
  3. +2
    -0
      schema/0001.sql
  4. +1
    -0
      schema/schema.sql

+ 4
- 1
controllers/push.php View File

@ -7,7 +7,7 @@ function push_error(&$app, $msg) {
}
function push_param($params, $name) {
// Look 'mode' first, fall back to 'hub_mode'
// Look for 'mode' first, fall back to 'hub_mode'
if(k($params, $name))
return k($params, $name);
return k($params, 'hub_'.$name);
@ -93,6 +93,9 @@ $app->post('/', function() use($app) {
$subscription->date_requested = db\now();
$subscription->challenge = db\random_hash();
$subscription->namespaced = $namespaced;
if($secret=push_param($params, 'secret')) {
$subscription->secret = $secret;
}
db\set_updated($subscription);
$subscription->save();

+ 10
- 3
lib/PushTask.php View File

@ -160,10 +160,17 @@ class PushTask {
echo "Notifying subscriber!\n";
$subscription->date_last_ping_sent = db\now();
$response = request\post($subscription->callback_url, $feed->content, false, [
$headers = [
'Content-Type: ' . ($feed->content_type ?: 'text/plain')
]);
];
if($subscription->secret) {
$signature = hash_hmac('sha256', $feed->content, $subscription->secret);
$headers[] = 'X-Hub-Signature: sha256=' . $signature;
}
$subscription->date_last_ping_sent = db\now();
$response = request\post($subscription->callback_url, $feed->content, false, $headers);
$subscription->last_ping_status = $response['status'];
$subscription->last_ping_headers = $response['headers'];
$subscription->last_ping_body = $response['body'];

+ 2
- 0
schema/0001.sql View File

@ -0,0 +1,2 @@
ALTER TABLE subscriptions
ADD COLUMN `secret` varchar(200) DEFAULT '' AFTER `challenge`;

+ 1
- 0
schema/schema.sql View File

@ -4,6 +4,7 @@ CREATE TABLE `subscriptions` (
`feed_id` bigint(20) DEFAULT NULL,
`callback_url` text,
`challenge` varchar(100) DEFAULT '',
`secret` varchar(200) DEFAULT '',
`active` tinyint(4) DEFAULT '0',
`namespaced` tinyint(4) DEFAULT '1',
`lease_seconds` int(11) DEFAULT NULL,

Loading…
Cancel
Save