public function run(ServerRequestInterface $request, ResponseBuilder $responseBuilder) : ResponseInterface
{
try {
$qp = $request->getQueryParams();
$options = ['profileId' => null, 'seek' => ['limit' => $request->getAttribute('limit'), 'offset' => $request->getAttribute('offset')], 'filter' => []];
if (isset($qp['profileId'])) {
$options['profileId'] = (int) $qp['profileId'];
} else {
$options['profileId'] = $this->currentAccountService->getCurrentAccount()->getCurrentProfile()->getId();
}
if (isset($qp['read'])) {
$options['filter']['read'] = QueryBoolean::extract($qp['read']);
}
if (isset($qp['answer'])) {
$options['filter']['answer'] = QueryBoolean::extract($qp['answer']);
}
$feedbackEntities = $this->feedbackService->getFeedbackEntities($options);
$responseBuilder->setStatusSuccess()->setJson(['entities' => array_map(function (Feedback $feedback) {
return $feedback->toJSON();
}, $feedbackEntities)]);
} catch (ProfileNotFoundException $e) {
$responseBuilder->setStatusNotFound()->setError($e);
} catch (SeekException $e) {
$responseBuilder->setStatusBadRequest()->setError($e);
}
return $responseBuilder->build();
}
/**
* @param Request $request
* @return JsonResponse|EmptyResponse
*/
public function handle(Request $request)
{
$actor = $request->getAttribute('actor');
$Referer = $request->getHeader('Referer');
$params = array_only($request->getParsedBody(), ['identification', 'password']);
$response = $this->apiClient->send(TokenController::class, $actor, [], $params);
if ($response->getStatusCode() === 200) {
$data = json_decode($response->getBody());
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $data->userId);
$token = AccessToken::find($data->token);
event(new UserLoggedIn($this->users->findOrFail($data->userId), $token));
$response = FigResponseCookies::set($response, SetCookie::create("lastLoginName")->withValue($request->getParsedBody()['identification'])->withPath('/'));
$response = $this->rememberer->remember($response, $token);
} elseif ($response->getStatusCode() === 401) {
$responseNew = $this->apiClient->send(PingxxTokenController::class, $actor, [], $params);
if ($responseNew->getStatusCode() === 200) {
$data = json_decode($responseNew->getBody());
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $data->userId);
$token = AccessToken::find($data->token);
event(new UserLoggedIn($this->users->findOrFail($data->userId), $token));
$responseNew = FigResponseCookies::set($responseNew, SetCookie::create("lastLoginName")->withValue($request->getParsedBody()['identification'])->withPath('/')->withDomain('dashboard.pingxx.com'));
$responseNew = $this->rememberer->remember($responseNew, $token);
return $responseNew;
} else {
return $response;
}
}
return $response;
}
/**
* @param \Wandu\DI\ContainerInterface $container
* @param \Psr\Http\Message\ServerRequestInterface $request
*/
private function bindParameter(ContainerInterface $container, ServerRequestInterface $request)
{
if ($queryParams = $request->getAttribute('server_params')) {
$container->instance(ServerParams::class, $queryParams);
$container->alias(ServerParamsInterface::class, ServerParams::class);
$container->alias('server_params', ServerParams::class);
}
if ($queryParams = $request->getAttribute('query_params')) {
$container->instance(QueryParams::class, $queryParams);
$container->alias(QueryParamsInterface::class, QueryParams::class);
$container->alias('query_params', QueryParams::class);
}
if ($parsedBody = $request->getAttribute('parsed_body')) {
$container->instance(ParsedBody::class, $parsedBody);
$container->alias(ParsedBodyInterface::class, ParsedBody::class);
$container->alias('parsed_body', ParsedBody::class);
}
if ($cookie = $request->getAttribute('cookie')) {
$container->instance(CookieJar::class, $cookie);
$container->alias(CookieJarInterface::class, CookieJar::class);
$container->alias('cookie', CookieJar::class);
}
if ($session = $request->getAttribute('session')) {
$container->instance(Session::class, $session);
$container->alias(SessionInterface::class, Session::class);
$container->alias('session', Session::class);
}
}
/**
* Returns the view for the ExtJS admin interface
*
* @param ContainerInterface $container Dependency injection container
* @param ServerRequestInterface $request Request object
* @param ResponseInterface $response Response object
* @param array $args Associative list of route parameters
* @return ResponseInterface $response Modified response object with generated output
*/
public static function indexAction(ContainerInterface $container, ServerRequestInterface $request, ResponseInterface $response, array $args)
{
$site = isset($args['site']) ? $args['site'] : 'default';
$lang = isset($args['lang']) ? $args['lang'] : 'en';
$tab = isset($args['tab']) ? $args['tab'] : 0;
$aimeos = $container->get('aimeos');
$cntlPaths = $aimeos->getCustomPaths('controller/extjs');
$context = $container->get('aimeos_context')->get(false, $args, 'backend');
$context = self::setLocale($context, $site, $lang);
$controller = new \Aimeos\Controller\ExtJS\JsonRpc($context, $cntlPaths);
$cssFiles = array();
foreach ($aimeos->getCustomPaths('admin/extjs') as $base => $paths) {
foreach ($paths as $path) {
$jsbAbsPath = $base . '/' . $path;
if (!is_file($jsbAbsPath)) {
throw new \Exception(sprintf('JSB2 file "%1$s" not found', $jsbAbsPath));
}
$jsb2 = new \Aimeos\MW\Jsb2\Standard($jsbAbsPath, dirname($path));
$cssFiles = array_merge($cssFiles, $jsb2->getUrls('css'));
}
}
$csrfname = $request->getAttribute('csrf_name');
$csrfvalue = $request->getAttribute('csrf_value');
$router = $container->get('router');
$jqadmUrl = $router->pathFor('aimeos_shop_jqadm_search', array('site' => $site, 'resource' => 'product'));
$jsonUrl = $router->pathFor('aimeos_shop_extadm_json', array('site' => $site, $csrfname => $csrfvalue));
$adminUrl = $router->pathFor('aimeos_shop_extadm', array('site' => '<site>', 'lang' => '<lang>', 'tab' => '<tab>'));
$vars = array('lang' => $lang, 'cssFiles' => $cssFiles, 'languages' => self::getJsonLanguages($aimeos), 'config' => self::getJsonClientConfig($context), 'site' => self::getJsonSiteItem($context, $site), 'i18nContent' => self::getJsonClientI18n($aimeos->getI18nPaths(), $lang), 'uploaddir' => $context->getConfig()->get('uploaddir', '/.'), 'searchSchemas' => $controller->getJsonSearchSchemas(), 'itemSchemas' => $controller->getJsonItemSchemas(), 'smd' => $controller->getJsonSmd($jsonUrl), 'urlTemplate' => $adminUrl, 'jqadmurl' => $jqadmUrl, 'activeTab' => $tab, 'version' => \Aimeos\Slim\Bootstrap::getVersion());
return $container->get('view')->render($response, 'Extadm/index.html.twig', $vars);
}
/**
* @param Request $request
* @return \Psr\Http\Message\ResponseInterface|RedirectResponse
*/
public function handle(Request $request)
{
$redirectUri = (string) $request->getAttribute('originalUri', $request->getUri())->withQuery('');
$server = new Twitter(['identifier' => $this->settings->get('flarum-auth-twitter.api_key'), 'secret' => $this->settings->get('flarum-auth-twitter.api_secret'), 'callback_uri' => $redirectUri]);
$session = $request->getAttribute('session');
$queryParams = $request->getQueryParams();
$oAuthToken = array_get($queryParams, 'oauth_token');
$oAuthVerifier = array_get($queryParams, 'oauth_verifier');
if (!$oAuthToken || !$oAuthVerifier) {
$temporaryCredentials = $server->getTemporaryCredentials();
$session->set('temporary_credentials', serialize($temporaryCredentials));
$session->save();
// Second part of OAuth 1.0 authentication is to redirect the
// resource owner to the login screen on the server.
$server->authorize($temporaryCredentials);
exit;
}
// Retrieve the temporary credentials we saved before
$temporaryCredentials = unserialize($session->get('temporary_credentials'));
// We will now retrieve token credentials from the server
$tokenCredentials = $server->getTokenCredentials($temporaryCredentials, $oAuthToken, $oAuthVerifier);
$user = $server->getUserDetails($tokenCredentials);
$identification = ['twitter_id' => $user->uid];
$suggestions = ['username' => $user->nickname, 'avatarUrl' => str_replace('_normal', '', $user->imageUrl)];
return $this->authResponse->make($request, $identification, $suggestions);
}
public function loginPost(Request $request, Response $response, $args)
{
$identifier = Input::post('identifier');
$password = Input::post('password');
$v = new Validator(new User());
$v->validate(['identifier' => [$identifier, 'required|email'], 'password' => [$password, 'required']]);
if ($request->getAttribute('csrf_status') === false) {
$flash = 'CSRF faiure';
$this->view->render($response, 'login.twig', ['errors' => $v->errors(), 'flash' => $flash, 'request' => $request]);
} else {
if ($v->passes()) {
$user = User::where('username', $identifier)->orWhere('email', $identifier)->first();
if ($user && $this->hash->passwordCheck($password, $user->password)) {
$this->session->set($this->auth['session'], $user->id);
$this->session->set($this->auth['group'], $user->group_id);
return $response->withRedirect('dashboard');
} else {
$flash = 'Sorry, you couldn\'t be logged in.';
$this->view->render($response, 'login.twig', ['errors' => $v->errors(), 'flash' => $flash, 'request' => $request]);
}
} else {
$this->view->render($response, 'login.twig', ['errors' => $v->errors(), 'request' => $request, 'csrf' => ['name' => $request->getAttribute('csrf_name'), 'value' => $request->getAttribute('csrf_value')]]);
}
}
return $response;
}
public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next = null)
{
if ($request->getAttribute('resourceId') == 666) {
throw new ApiProblemException('You had the try huh?', 666);
}
return new JsonResponse(['ack' => time(), 'action' => 'Read', 'resource' => $request->getAttribute('resource'), 'resourceId' => $request->getAttribute('resourceId')]);
}
public function __invoke(ServerRequestInterface $request)
{
// return ['todoId' => $request->getQueryParams()['todoId'], 'description' => $request->getQueryParams()['description']];
// return [$request->getQueryParams()['todoId'], $request->getQueryParams()['description']];
$todoId = $request->getAttribute('todoId');
$description = $request->getAttribute('description');
return array('todoId' => $todoId, 'description' => $description);
}
/**
* @param Request $request
* @return \Illuminate\Contracts\View\View
* @throws InvalidConfirmationTokenException
*/
public function render(Request $request)
{
$token = array_get($request->getQueryParams(), 'token');
$token = PasswordToken::findOrFail($token);
if ($token->created_at < new DateTime('-1 day')) {
throw new InvalidConfirmationTokenException();
}
return $this->view->make('flarum::reset')->with('translator', $this->translator)->with('passwordToken', $token->id)->with('csrfToken', $request->getAttribute('session')->get('csrf_token'))->with('error', $request->getAttribute('session')->get('error'));
}
public function __invoke(ServerRequestInterface $req, ResponseInterface $res, callable $next)
{
$nameKey = $this->csrf->getTokenNameKey();
$valueKey = $this->csrf->getTokenValueKey();
$name = $req->getAttribute($nameKey);
$value = $req->getAttribute($valueKey);
$this->view['csrf'] = ['name_key' => $nameKey, 'value_key' => $valueKey, 'name' => $name, 'value' => $value];
return $next($req, $res);
}
public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
{
$nameKey = $this->container->csrf->getTokenNameKey();
$valueKey = $this->container->csrf->getTokenValueKey();
$name = $request->getAttribute($nameKey);
$value = $request->getAttribute($valueKey);
$this->container->view->getEnvironment()->addGlobal('csrf', ['keys' => ['name' => $nameKey, 'value' => $valueKey], 'name' => $name, 'value' => $value]);
$response = $next($request, $response);
return $response;
}
public function __invoke(Request $req, Response $res, callable $next) : Response
{
$tag = $req->getAttribute('tag');
$type = $req->getAttribute('type', 'rss');
$path = $tag ? $this->getTagFeedPath($tag, $type) : $this->getFeedPath($type);
if (!file_exists($path)) {
return $next($req, $res->withStatus(404), 'Not found');
}
return $res->withHeader('Content-Type', sprintf('application/%s+xml', $type))->withBody(new Stream(fopen($path, 'r')));
}
public function __invoke(ServerRequestInterface $request, ResponseInterface $response)
{
$id = $request->getAttribute('id');
$secret = $request->getAttribute('secret');
if ($secret !== $this->secret) {
return $response->withStatus(400, 'not authenticated');
}
$comment = $this->repository->load($id);
$this->repository->delete($comment);
}
public function execute(Request $req, Response $res, callable $next = null)
{
try {
$id = $req->getAttribute('id');
$name = urldecode($req->getAttribute('name'));
$collection = $this->boot()->get('store')->getCollection($name);
return $next($req, new JsonResponse(['status' => 'ok', 'data' => $collection->delete($collection->item($id))]));
} catch (\Exception $ex) {
return new JsonResponse(['status' => 'error', 'error' => $ex->getMessage()], 500);
}
}
public function run(ServerRequestInterface $request, ResponseBuilder $responseBuilder) : ResponseInterface
{
try {
$profileId = $request->getAttribute('profileId');
$communitySID = $request->getAttribute('communitySID');
$this->profileCommunitiesService->leaveCommunity($this->currentAccountService->getCurrentAccount()->getProfileWithId($profileId)->getId(), $communitySID);
$responseBuilder->setStatusSuccess();
} catch (AlreadyLeavedException $e) {
$responseBuilder->setError($e)->setStatusConflict();
}
return $responseBuilder->build();
}
public function run(ServerRequestInterface $request, ResponseBuilder $responseBuilder) : ResponseInterface
{
try {
$communityId = $request->getAttribute('communityId');
$featureCode = $request->getAttribute('feature');
$community = $this->communityService->getCommunityById($communityId);
$isActivated = $this->communityFeatureService->isFeatureActivated($featureCode, $community);
$responseBuilder->setStatusSuccess()->setJson(['is_feature_activated' => $isActivated]);
} catch (CommunityNotFoundException $e) {
$responseBuilder->setStatusNotFound()->setError($e);
}
return $responseBuilder->build();
}
public function __invoke(ServerRequestInterface $request, ResponseInterface $response)
{
$checkName = null;
$queryParams = $request->getQueryParams();
if (!empty($queryParams['filter']) && !empty($queryParams['label'])) {
$checkName = sprintf('%s/%s', $queryParams['filter'], $queryParams['label']);
}
if ($checkName === null && !empty($request->getAttribute('filter')) && !empty($request->getAttribute('label'))) {
$checkName = sprintf('%s/%s', $request->getAttribute('filter'), $request->getAttribute('label'));
}
$resultCollection = $this->runner->run($checkName);
return $this->resultResponseFactory->createResponse($request, $resultCollection);
}
/**
* @param ServerRequestInterface $request
*
* @return string
*/
public static function createResource(ServerRequestInterface $request)
{
$module = preg_replace('/[^a-z0-9]+/i', '', $request->getAttribute('module'));
$controller = preg_replace('/[^a-z0-9]+/i', '', $request->getAttribute('controller'));
$action = preg_replace('/[^a-z0-9]+/i', '', $request->getAttribute('action'));
if (!$module || !$controller || !is_string($controller) || !$action) {
return '';
}
if (false !== strpos($module, '(@') && preg_match('/\\(@([^\\)]+)\\)/', $module, $matches)) {
$module = $matches[1];
}
return strtoupper(sprintf('%s_%s_%s', $module, $controller, $action));
}
/**
* @param \Psr\Http\Message\ServerRequestInterface $requestInterface
* @param \Psr\Http\Message\ResponseInterface $responseInterface
* @param callable $next
* @return \Psr\Http\Message\ResponseInterface
* @throws \Exception
*/
public function __invoke(ServerRequestInterface $requestInterface, ResponseInterface $responseInterface, callable $next)
{
if (is_array($requestInterface->getAttribute($this->permissionKey))) {
$uri = $requestInterface->getServerParams()['REQUEST_URI'];
if (in_array($uri, $requestInterface->getAttribute($this->permissionKey))) {
return $next($requestInterface, $responseInterface);
} else {
throw new \Exception("User does not have permission to view this resource");
}
} else {
throw new \Exception("Permissions Not Loaded");
}
}
public function run(ServerRequestInterface $request, ResponseBuilder $responseBuilder) : ResponseInterface
{
try {
$profileId = $request->getAttribute('profileId');
$communitySID = $request->getAttribute('communitySID');
$eq = $this->profileCommunitiesService->joinToCommunity($this->currentAccountService->getCurrentAccount()->getProfileWithId($profileId)->getId(), $communitySID);
$responseBuilder->setStatusSuccess()->setJson(['entity' => $eq->toJSON()]);
} catch (AlreadyJoinedException $e) {
$responseBuilder->setError($e)->setStatusConflict();
} catch (ProfileNotFoundException $e) {
$responseBuilder->setError($e)->setStatusNotAllowed();
}
return $responseBuilder->build();
}
/**
* Invoke middleware.
*
* @param ServerRequestInterface $request request object
* @param ResponseInterface $response response object
* @param callable $next next middleware
*
* @return ResponseInterface response object
*/
public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
{
$isValid = $request->getAttribute(self::$isValidAttribute, false);
$violations = $request->getAttribute(self::$violationsAttribute, []);
foreach ($request->getHeader($this->headerName) as $token) {
$tokenViolations = call_user_func($this->tokenValidator, $token);
if (count($tokenViolations) === 0) {
$isValid = true;
continue;
}
$violations = array_merge($violations, $tokenViolations);
}
return $next($request->withAttribute(self::$isValidAttribute, $isValid)->withAttribute(self::$violationsAttribute, $violations), $response);
}
public function run(ServerRequestInterface $request, ResponseBuilder $responseBuilder) : ResponseInterface
{
try {
$profileId = (int) $request->getAttribute('profileId');
$this->validation->validateIsProfileOwnedByAccount($this->currentAccountService->getCurrentAccount(), $this->profileService->getProfileById($profileId));
$method = $request->getAttribute('method');
$parameters = (array) $this->getRequest($request, $method)->getParameters();
$profile = $this->profileService->setGreetings($profileId, Greetings::createFromMethod($method, $parameters));
$responseBuilder->setStatusSuccess()->setJson(['greetings' => $profile->getGreetings()->toJSON()]);
} catch (ProfileNotFoundException $e) {
$responseBuilder->setError($e)->setStatusNotFound();
}
return $responseBuilder->build();
}
public function json(Request $request, Admin $app, $entityName)
{
$id = $request->getAttribute('id');
$field = $request->getAttribute('field');
$data = $request->getParsedBody();
$form = static::createForm($app, $entityName, $id);
$form['data']->val($app->getEntity($entityName)->read($id));
$form['data'][$field]->val($data['value']);
if ($form->validate()) {
$app->getEntity($entityName)->update($id, $form['data']->val());
return json_encode(['value' => $form['data'][$field]->val(), 'htmlValue' => $form['data'][$field]->valToHtml()]);
}
return Factory::createResponse(400);
}
/**
* {@inheritdoc}
*/
protected function data(ServerRequestInterface $request, Document $document)
{
$actor = $request->getAttribute('actor');
if (!$request->getAttribute('bypassFloodgate')) {
$this->floodgate->assertNotFlooding($actor);
}
$discussion = $this->bus->dispatch(new StartDiscussion($actor, array_get($request->getParsedBody(), 'data', [])));
// After creating the discussion, we assume that the user has seen all
// of the posts in the discussion; thus, we will mark the discussion
// as read if they are logged in.
if ($actor->exists) {
$this->bus->dispatch(new ReadDiscussion($discussion->id, $actor, 1));
}
return $discussion;
}
public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next = null)
{
$action = $request->getAttribute(RouterMiddleware::ACTION_ATTRIBUTE_NAME);
$parameters = $request->getAttribute(RouterMiddleware::PARAMETERS_ATTRIBUTE_NAME);
if (!$action) {
throw new \RuntimeException('Can\'t invoke controller, please check if RouterMiddleware & ControllerMiddleware are configured correctly');
}
// Instantiate controller and call
if (is_array($action)) {
$action[0] = new $action[0]($this->context, $request, $response);
return $action[0]->{$action[1]}(...array_values($parameters));
}
// Try to call any other way
return call_user_func_array($action, $parameters);
}
/**
* @param Request $request
* @return JsonResponse|EmptyResponse
*/
public function handle(Request $request)
{
$actor = $request->getAttribute('actor');
$params = array_only($request->getParsedBody(), ['identification', 'password']);
$response = $this->apiClient->send(TokenController::class, $actor, [], $params);
if ($response->getStatusCode() === 200) {
$data = json_decode($response->getBody());
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $data->userId);
$token = AccessToken::find($data->token);
event(new UserLoggedIn($this->users->findOrFail($data->userId), $token));
$response = $this->rememberer->remember($response, $token);
}
return $response;
}
/**
* @param Request $request
* @return JsonResponse
*/
public function handle(Request $request)
{
$controller = 'Flarum\\Api\\Controller\\CreateUserController';
$actor = $request->getAttribute('actor');
$body = ['data' => ['attributes' => $request->getParsedBody()]];
$response = $this->api->send($controller, $actor, [], $body);
$body = json_decode($response->getBody());
if (isset($body->data)) {
$userId = $body->data->id;
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $userId);
$response = $this->rememberer->rememberUser($response, $userId);
}
return $response;
}
public function __invoke(Request $request, Response $response, callable $out = null)
{
$responseBuilder = new CASSResponseBuilder($response);
$resolver = $this->commandService->createResolverBuilder()->attachDirect('sign-in', SignInCommand::class)->attachDirect('sign-up', SignUpCommand::class)->attachDirect('sign-out', SignOutCommand::class);
foreach (self::OAUTH2_PROVIDERS as $provider => $commandClassName) {
$resolver->attachCallable(function (Request $request) use($resolver, $provider) {
return $request->getAttribute('command') === 'oauth' && $request->getAttribute('provider') === $provider;
}, $commandClassName);
}
try {
return $resolver->resolve($request)->run($request, $responseBuilder);
} catch (AccountNotFoundException $e) {
return $responseBuilder->setStatusNotFound()->build();
}
}
public function execute(Request $req, Response $res, callable $next = null)
{
try {
$id = $req->getAttribute('id');
$name = urldecode($req->getAttribute('name'));
$params = $req->getQueryParams();
$collection = $this->boot()->get('store')->getCollection($name);
$data = $collection->item($id)->getData();
$data['@labels'] = $this->boot()->get('store')->getLabels($id);
$data['@properties'] = $this->boot()->get('store')->getProperties($id);
return $next($req, new JsonResponse(['status' => 'ok', '__params' => $params, 'data' => $data]));
} catch (\Exception $ex) {
return new JsonResponse(['status' => 'error', 'error' => $ex->getMessage()], 500);
}
}
public function __invoke(Request $request)
{
/** Check for token on header */
if (isset($this->options['header'])) {
if ($request->hasHeader($this->options['header'])) {
$header = $request->getHeader($this->options['header'])[0];
if (preg_match($this->options['regex'], $header, $matches)) {
return $matches[1];
}
}
}
/** If nothing on header, try query parameters */
if (isset($this->options['parameter'])) {
if (!empty($request->getQueryParams()[$this->options['parameter']])) {
return $request->getQueryParams()[$this->options['parameter']];
}
}
/** If nothing on parameters, try cookies */
if (isset($this->options['cookie'])) {
$cookie_params = $request->getCookieParams();
if (!empty($cookie_params[$this->options["cookie"]])) {
return $cookie_params[$this->options["cookie"]];
}
}
/** If nothing until now, check argument as last try */
if (isset($this->options['argument'])) {
if ($route = $request->getAttribute('route')) {
$argument = $route->getArgument($this->options['argument']);
if (!empty($argument)) {
return $argument;
}
}
}
throw new TokenNotFoundException('Token not found');
}
