Cover Foto

Lasantha Ranaweera

lasantha@hubzilla.a-zwenkau.de

Hubzilla User Registration with API

  zuletzt bearbeitet: Tue, 19 Jun 2018 12:25:57 +0200  
Hi !Hubzilla Development,

First of all sorry about my limited knowledge in Hubzilla.

We are thinking to use Hubzilla as our enterprise social media platform inside in our organisation. Currently our user profiles are exist in KeyCloack server (https://www.keycloak.org/) which acts as identity provider for various services in the organisation. So the question we have right now is whether we can reuse existing user profiles in our identify provider to login to the hubzilla or not. Even if we managed to reuse the existing user profiles we may have to create channels for the users hubzilla.  So I am thinking which is the best approach implement this.

Does Hubzilla API support for for account, profile and channel creation ?
  
ok here it is. i think i had to modify the hubzilla code to get image uploading to work, but this was quite some time ago and maybe that works now? if not i should have the bits laying around here somewhere. i haven't used this for awhile so it might need some tweaking.


<?php

class HubZilla {

private $auth;public $page;public $reponse;public $form_url;public $post_title;public $post_channel;public $post_status;public $new_email;public $new_pwd;public $new_uname;public $follow_url;public $machine;public $uinfo;public $msg_subject;public $msg_txt;public $msg_screen_name;public $filename;public $lat;public $long;public function __construct($user=null,$pass=null,$form_url=null){ if (!$user||!$pass||!$form_url) { $this->response = 'Error loading, not authorized.'; } else { $this->auth = base64_encode($user.':'.$pass); $this->form_url = $form_url; $this->page = '/account/verify_credentials'; $this->qp(); }}private function qp(){ if (!$this->auth||!$this->form_url) { $this->response = 'Error, not authorized.'; } else { if ($this->filename != '') { $postdata = http_build_query( array( 'title'=>$this->post_title, 'channel'=>$this->post_channel, 'status'=>$this->post_status, 'media'=>base64_encode(file_get_contents($this->filename)), 'media_name'=>basename($this->filename), ) ); } else { $postdata = http_build_query( array( 'title'=>$this->post_title, 'channel'=>$this->post_channel, 'status'=>$this->post_status, 'new_email'=>$this->new_email, 'new_password'=>$this->new_pwd, 'new_uname'=>$this->new_uname, 'follow_url'=>$this->follow_url, 'machine'=>$this->machine, 'uinfo'=>$this->uinfo, 'text' => $this->msg_txt, 'screen_name' => $this->msg_screen_name, 'title' => $this->msg_subject, 'lat' => $this->lat, 'long' => $this->long ) ); }

/* at the moment no verify_peer or cn check, todo - needs a ca */

$opts = array( 'http' => array( 'method' => 'POST', 'header' => [ 'Content-type: application/x-www-form-urlencoded', 'Content-length: '.strlen($postdata), 'Authorization: Basic '.$this->auth ], 'content' => $postdata ), 'ssl' => array( 'verify_peer' => false, 'ciphers' => 'HIGH:!SSLv2:!SSLv3' ) ); $ctx = stream_context_create($opts); $form = file_get_contents($this->form_url.$this->page, false, $ctx); $this->response = $form;

/* remove ghosts */
unset($this->post_title);
unset($this->post_channel);
unset($this->post_status);
unset($this->filename);
unset($this->new_email);
unset($this->new_pwd);
unset($this->new_uname);
unset($this->follow_url);
unset($this->machine);
unset($this->uinfo);
unset($this->msg_txt);
unset($this->msg_screen_name);
unset($this->msg_subject);

} } public function __toString() { return $this->response; } public function status_update($title,$channel,$status,$path=null) { if ($path) { $this->filename = $path; $this->page = '/statuses/mediap'; $this->qp(); $status .= $this->response; } $this->post_title=$title; $this->post_channel=$channel; $this->post_status=$status; $this->page = '/statuses/update'; $this->qp(); return $this->response; } public function status_show($channel) { $this->post_channel=$channel; $this->page = '/statuses/user_timeline'; $this->qp(); return $this->response; } public function create_account($email,$pwd,$uname) { $this->new_email = $email; $this->new_pwd = $pwd; $this->new_uname = $uname; $this->page = '/accounts/create'; $this->qp(); return $this->response; } public function follow_request($url) { $this->follow_url = $url; $this->page = '/follow/request'; $this->qp(); return $this->response; } public function up_about($machine) { $this->machine = $machine; $this->page = '/up/about'; $this->qp(); return $this->response; } public function show_about($user) { $this->uinfo = $user; $this->page = '/show/about'; $this->qp(); return $this->response; } public function send_message($subject,$txt,$screen_name) { $this->msg_subject = $subject; $this->msg_txt = $txt; $this->msg_screen_name = $screen_name; $this->page = '/direct_messages/new'; $this->qp(); return $this->response; } public function send_reply($id,$uri,$subject,$txt,$screen_name) { $this->msg_subject = $subject; $this->msg_txt = $txt; $this->msg_screen_name = $screen_name; $this->page = '/direct_messages/new?replyto='.urlencode($id).'&uri='.urlencode($uri); $this->qp(); return $this->response; } public function inbox() { $this->page = '/direct_messages'; $this->qp(); return $this->response; } public function conversation($uri) { $this->page = '/direct_messages/conversation?uri='.urlencode($uri); $this->qp(); return $this->response; } public function send_file($path) { $this->filename = $path; $this->page = '/statuses/mediap'; $this->qp(); return $this->response; } public function set_geo($lat,$long) { $this->lat = $lat; $this->long = $long; }

}

$uri = '[zrl=https://hub.zilla.tech/api]https://hub.zilla.tech/api[/zrl]';

/* example 1, log in as admin and create account */
$test = new HubZilla('admin@example.com','password',$url);
echo $test->create_account('email@example.com','password','dummy7');
exit();

/* example 2, log in as created user and post status update */
$test = new HubZilla('email@example.com','password',$url);
$test->status_update('another test','dummy7','This is another test');
exit();

/* example 3, log in as created user and update about */

$machine = array();
$machine['caps']=array('image','rfid-read','nfc-read');
$test = new HubZilla('email@example.com','password',$url);
$test->up_about(json_encode($machine));
exit();

/* example 4, log in as created user and get 'about' from other local users */

$test = new HubZilla('email@example.com','password',$url);
echo $test->show_about('dummy7')."\n";
echo $test->show_about('waitman')."\n";
exit();

/* example 5, log in as created user and view status */

$test = new HubZilla('email@example.com','password',$url);
echo $test->status_show('dummy7');
exit();

/* example 6, log in as created user and connect to admin */
$test = new HubZilla('email@example.com','password',$url);
echo $test->follow_request('waitman@hub.zilla.tech');
exit();

/* example 7, upload image */

$test = new HubZilla('email@example.com','password',$url);
echo $test->send_file('X206-0.jpg')."\n";
exit();

/* example 8, status post with image - also set geo coord */

$test = new HubZilla('email@example.com','password',$url);
$test->set_geo(40.7464969,-74.0094471);
echo $test->status_update('test with photo','dummy6','This is a test with photo.','X206-0.jpg');
exit();

/* example 9, get direct message inbox */

$test = new HubZilla('email@example.com','password',$url);
$js= $test->inbox();
$inbox = json_decode($js,true);

foreach ($inbox as $k=>$v)
{
$msg = $test->conversation($v['parent_mid']);
$jr = json_decode($msg,true);
foreach ($jr as $jk=>$jm)
{
$id = $jm['id'];
$uid = $jm['uid'];
$parent_mid = $jm['parent_mid'];
$sender = $jm['sender_screen_name'];
$recipient = $jm['recipient_screen_name'];
$date = date('m/d/Y g:i a',strtotime($jm['created_at']));

$message = $jm['text']; echo "Message Id: ".$id."\n"."UID: ".$uid."\n"."Parent Mid: ".$parent_mid."\n". "From: ".$sender."\n"."To: ".$recipient."\n"."Date: ".$date."\n".$message."\n"; echo "---------------------------------------------------\n"; }

}
exit();

/* example 10, send direct message */
$test = new HubZilla('email@example.com','password',$url);
echo $test->send_message('A test subject','Hey there, this is totally like a test.','waitman');
exit();

/* example 11, send direct message reply */
$test = new HubZilla('email@example.com','password',$url);

/* use previous subject */
echo $test->send_reply(33,'e8846d41bb5a884780f21093d4c0eebcd30712583994f76e7e6457867d045534@hub.zilla.tech','','a test reply.','waitman');

/* change the subject */
echo $test->send_reply(33,'e8846d41bb5a884780f21093d4c0eebcd30712583994f76e7e6457867d045534@hub.zilla.tech','A New Subject','a test reply.','waitman');
exit();
  
oops, i haven't actually noticed that happening before on a code paste. :)

https://hub.zilla.tech/cli.txt
  
Thanks @Waitman.
Hubzilla with OAuth2 and OpenID Connect

  zuletzt bearbeitet: Tue, 19 Jun 2018 08:40:41 +0200  
Hi !Hubzilla Development,
I want to authenticate Hubzilla with external authentication provider like KeyCloak. Basically I don't want to create accounts in Hubzilla server and just want to use trusted tokens issued by third party to login to the system. Does Hubzilla support OAuth2 and OpenID Connect? Any documentation will be greatly appreciated.
  
@Mike Macgirvin - I didn't mentally process all your changes and so didn't comprehend the api_zot and api_auth changes you referenced.  I ended up simply making a /userinfo endpoint to go along with the /token and /authorize endpoints.  I think it makes more sense since the OAUTH2 library has it's own authentication scheme for the /userinfo endpoint.  

As you'll note, for the OAUTH stuff itself, almost all of the changes I made were to the Identity/OAuth2Storage.php and Identity/OAuth2Server.php files to implement the appropriate things from the OAuth2 library itself.

As frustrating as that exercise was (and believe me.... it was frustrating as all get out!), I'm VERY pleased with the results.  There are some things to do to tighten it up, but I don't think any of them are "make-it-or-break-it".  So, we should have a working OAuth2 connect-with-openid framework now.

One thing that DOES need to happen (GDPR and all that), is that the authorization screen needs to include the info about what may be "shared" (username, webbie, but really, not much else, I was going to do some profile stuff (picture/etc), but decided against it at this point).  That authorization screen needs someone who knows how to work UI magic...  it's functional, but that's about it.  (ABSOLUTELY NOT disparaging @Andrew Manning  or whoever put it together!!  Basically just saying, "Looks like *I* did it!" LOL.
  
@poVoq - unfortunately, I don't personally have the resources to do that kind of testing.  But with a few base considerations, anyone should be able to test and report.  Basically (1) Don't put in a "client_secret" setting.  (2) make sure the "scope" includes openid.  (3) The only Claims currently supported are  name, preferred_username, zotwebbie, and zothash.  No other claims are returned and if you include them in the scope, your request will be rejected.

I expect the updates will be pushed into dev in the next few days for anyone who wants to try it out.
  
I'll merge in my fixes after I see what parts don't overlap.
Bangladesh lost 3rd T20 to Afganistan

  zuletzt bearbeitet: Fri, 08 Jun 2018 06:44:18 +0200  
Afghanistan vs Bangladesh Highlights || 3rd T20 || 2018

Bild/Foto


Afghanistan vs Bangladesh Highlights || 3rd T20 || 2018 Afghanistan won by 1 run against Bangladesh Match Date: 07.06.2018 Series: Afghanistan v Bangladesh i...
  
Bild/Foto
  
Lasantha Ranaweera updated their cover photo

Bild/Foto
  
Lasantha Ranaweera updated their cover photo

Bild/Foto
  
Lasantha Ranaweera updated their profile photo

Bild/Foto