getRequestTarget())['path'] ?? ""; if (!strlen($id) || strpos($id, "/") !== false) { return new EmptyResponse(404); } $id = rawurldecode($id); // gather the query parameters and act on the "proc" parameter $method = "do".ucfirst(strtolower($req->getQueryParams()['proc'] ?? "discovery")); if (!method_exists($this, $method)) { return new EmptyResponse(404); } else { return $this->$method($id, $req); } } protected function doDiscovery(string $user, ServerRequestInterface $req): ResponseInterface { // construct the base user identifier URL; the user is never checked against the database // as this route is publicly accessible, for reasons of privacy requests for user discovery work regardless of whether the user exists $s = $req->getServerParams(); $https = (strlen($s['HTTPS'] ?? "") && $s['HTTPS'] !== "off"); $port = (int) $s['SERVER_PORT']; $port = (!$port || ($https && $port == 443) || (!$https && $port == 80)) ? "" : ":$port"; $base = URL::normalize(($https ? "https" : "http")."://".$s['HTTP_HOST'].$port."/"); $id = $base."u/".rawurlencode($user); // prepare authroizer, token, and Microsub endpoint URLs $urlAuth = $id."?proc=login"; $urlToken = $id."?proc=issue"; $urlService = $base."microsub"; // output an extremely basic identity resource $html = ''; return new Response($html, 200, [ "Link: <$urlAuth>; rel=\"authorization_endpoint\"", "Link: <$urlToken>; rel=\"token_endpoint\"", "Link: <$urlService>; rel=\"microsub\"", ]); } }