// All responses of this API are valid JSON
header('Content-Type: application/json');
// Start classes we need to work
$error = new Error($config['application']);
$oauth = new OAuth($config['oauth']);
$ldap = new LDAP($config['ldap']);
try {
$database = new Database($config['database']);
} catch (Exception $e) {
$error->send(500, 'database_unavailable', 'Cannot connect to database', 'Adapt configuration to be able to create a valid database connection');
}
// Validate we have a proper access token
if (!isset($_GET['access_token'])) {
$error->send(401, 'oauth_token_missing', 'Missing OAuth token', 'Client must supply a valid OAuth2 access token with board-level permissions');
}
if (!$oauth->validToken($_SERVER['REQUEST_URI'], $_GET['access_token'])) {
$error->send(403, 'oauth_token_invalid', 'OAuth token invalid', 'Access token is invalid, has expired, or does not have sufficient access privileges');
}
// Setup the LDAP connection
if (!$ldap->connect()) {
$error->send(502, 'ldap_unavailable', 'LDAP server not responding', 'The API cannot connect to the LDAP server');
}
if (!$ldap->login()) {
$error->send(500, 'ldap_login_failure', 'Cannot login to LDAP server', 'The API cannot login to the LDAP server');
}
/*
* API endpoint definition
*/
$app = new \Slim\Slim();
// JSON-encoded data of all current members with passes
$app->get('/users', function () use($ldap, $database) {
