/** * generates the library string (core:caja:etc.js) including a checksum of all the * javascript content (?v=<md5 of js>) for cache busting * * @param array $features * @return string the list of libraries in core:caja:etc.js?v=checksum> format */ protected function getJsUrl($features) { if (!is_array($features) || !count($features)) { return 'null'; } $registry = $this->context->getRegistry(); // Given the JsServlet automatically expends the js library, we just need // to include the "leaf" nodes of the features. $ret = $features; foreach ($features as $feature) { $depFeatures = $registry->features[$feature]['deps']; $ret = array_diff($ret, $depFeatures); } $ret = implode(':', $ret); $cache = Cache::createCache(Config::get('feature_cache'), 'FeatureCache'); if (($md5 = $cache->get(md5('getJsUrlMD5'))) === false) { $features = $registry->features; // Build a version string from the md5() checksum of all included javascript // to ensure the client always has the right version $inlineJs = ''; foreach ($features as $feature => $content) { $inlineJs .= $registry->getFeatureContent($feature, $this->context, true); } $md5 = md5($inlineJs); $cache->set(md5('getJsUrlMD5'), $md5); } $ret .= ".js?v=" . $md5; return $ret; }
public static function invalidateGadgetCache(GadgetContext $context) { $request = new RemoteContentRequest($context->getUrl()); $cache = Cache::createCache(Shindig_Config::get('data_cache'), 'RemoteContent'); $cacheData = $cache->get($request->toHash()); if ($cacheData) { $uris = array(); $xml = $cacheData->getResponseContent(); $parserClass = Shindig_Config::get('gadget_spec_parser'); $parser = new $parserClass(); $gadgetSpec = $parser->parse($xml, $context); if ($gadgetSpec->locales) { foreach ($gadgetSpec->locales as $locale) { if (!empty($locale['messages'])) { $uris[] = RemoteContentRequest::transformRelativeUrl($locale['messages'], $context->getUrl()); } } } if (is_array($gadgetSpec->preloads)) { foreach ($gadgetSpec->preloads as $preload) { if (!empty($preload['href'])) { $uris[] = RemoteContentRequest::transformRelativeUrl($preload['href'], $context->getUrl()); } } } if (is_array($gadgetSpec->templatesRequireLibraries)) { foreach ($gadgetSpec->templatesRequireLibraries as $libraryUrl) { $uris[] = RemoteContentRequest::transformRelativeUrl($locale['messages'], $context->getUrl()); } } $uris[] = $request->getUrl(); self::invalidateRemoteContents($uris); } }
protected function fetch($postParam, $token) { $context = new GadgetContext('GADGET'); $context->setIgnoreCache(true); $url = OpenPNEServiceConfig::SNSURL . OpenPNEServiceConfig::ACTION; $postData = json_encode($postParam); $headers = 'Content-Type: application/json; charaset=utf-8'; $request = new RemoteContentRequest($url . '?st=' . $token->toSerialForm(), $headers, $postData); return $this->getResponseData($context->getHttpFetcher()->fetch($request, $context)); }
/** * Prepares the environment before running a test. */ protected function setUp() { parent::setUp(); $this->gadgetContext = new GadgetContext('GADGET'); $gadgetSpecFactory = new MockRewriterGadgetFactory($this->gadgetContext, null); $gadgetSpecFactory->fetchGadget = null; $this->gadget = $gadgetSpecFactory->createGadget(); $this->gadgetRewriter = new GadgetRewriter($this->gadgetContext); $this->view = $this->gadget->getView($this->gadgetContext->getView()); }
/** * Prepares the environment before running a test. */ protected function setUp() { parent::setUp(); $this->GadgetServer = new GadgetServer(); // prevent polution from other test cases + make sure we're not testing // a cached result $_GET = array('nocache' => 1); $_POST = array(); $GadgetContext = new GadgetContext('GADGET'); $GadgetContext->setUrl('http://test.chabotc.com/testGadget.xml'); $this->gadget = $this->GadgetServer->processGadget($GadgetContext); }
public function getSupportedFields($parameters) { $context = new GadgetContext('GADGET'); $container = $context->getContainer(); $containerConfig = new ContainerConfig(Config::get('container_path')); $config = $containerConfig->getConfig($container, 'gadgets.features'); $version = $this->getOpenSocialVersion($config); $supportedFields = $config[$version]['supportedFields']; if (in_array('people', $parameters)) { $ret = $supportedFields['person']; } else { $ret = $supportedFields['activity']; } return new ResponseItem(null, null, $ret); }
public function getFeatureContent($feature, GadgetContext $context, $isGadgetContext) { if (empty($feature)) { return ''; } if (!isset($this->features[$feature])) { throw new GadgetException("Invalid feature: " . htmlentities($feature)); } $featureName = $feature; $feature = $this->features[$feature]; $filesContext = $isGadgetContext ? 'gadgetJs' : 'containerJs'; if (!isset($feature[$filesContext])) { // no javascript specified for this context return ''; } $ret = ''; if (Config::get('compress_javascript')) { $featureCache = Cache::createCache(Config::get('feature_cache'), 'FeatureCache'); if ($featureContent = $featureCache->get(md5('features:' . $featureName . $isGadgetContext))) { return $featureContent; } } foreach ($feature[$filesContext] as $entry) { switch ($entry['type']) { case 'URL': $request = new RemoteContentRequest($entry['content']); $request->getOptions()->ignoreCache = $context->getIgnoreCache(); $response = $context->getHttpFetcher()->fetch($request); if ($response->getHttpCode() == '200') { $ret .= $response->getResponseContent() . "\n"; } break; case 'FILE': $file = $feature['basePath'] . '/' . $entry['content']; $ret .= file_get_contents($file) . "\n"; break; case 'INLINE': $ret .= $entry['content'] . "\n"; break; } } if (Config::get('compress_javascript')) { $ret = JsMin::minify($ret); $featureCache->set(md5('features:' . $featureName . $isGadgetContext), $ret); } return $ret; }
/** * * @param object $jsonContext * @param string $url */ public function __construct($jsonContext, $url) { parent::__construct('GADGET'); $this->url = $url; $this->view = $jsonContext->view; $this->locale = array('lang' => $jsonContext->language, 'country' => $jsonContext->country); $this->container = $jsonContext->container; }
/** * Sets the caching (Cache-Control & Expires) with a cache age of $lastModified * or if $lastModified === false, sets Pragma: no-cache & Cache-Control: no-cache */ protected function setCachingHeaders($lastModified = false) { $maxAge = $this->context->getIgnoreCache() ? false : $this->context->getRefreshInterval(); if ($maxAge) { if ($lastModified) { header("Last-Modified: {$lastModified}"); } // time() is a kernel call, so lets avoid it and use the request time instead $time = $_SERVER['REQUEST_TIME']; $expires = $maxAge !== false ? $time + $maxAge : $time - 3000; $public = $maxAge ? 'public' : 'private'; $maxAge = $maxAge === false ? '0' : $maxAge; header("Cache-Control: {$public}; max-age={$maxAge}", true); header("Expires: " . gmdate("D, d M Y H:i:s", $expires) . " GMT", true); } else { header("Cache-Control: no-cache", true); header("Pragma: no-cache", true); } }
private function getIframeURL(Gadget $gadget, GadgetContext $context) { $v = $gadget->getChecksum(); $view = $gadget->getView($context->getView()); $up = ''; foreach ($gadget->gadgetSpec->userPrefs as $pref) { $up .= '&up_' . urlencode($pref['name']) . '=' . urlencode($pref['value']); } $locale = $context->getLocale(); //Note: putting the URL last, else some browsers seem to get confused (reported by hi5) return Config::get('default_iframe_prefix') . 'container=' . $context->getContainer() . ($context->getIgnoreCache() ? '&nocache=1' : '&v=' . $v) . ($context->getModuleId() != 0 ? '&mid=' . $context->getModuleId() : '') . '&lang=' . $locale['lang'] . '&country=' . $locale['country'] . '&view=' . $view['view'] . $up . '&url=' . urlencode($context->getUrl()); }
/** * Fetches the gadget xml for the requested URL using the http fetcher * * @param unknown_type $gadgetUrl * @return string gadget's xml content */ protected function fetchGadget($gadgetUrl) { $request = new RemoteContentRequest($gadgetUrl); $request->setToken($this->token); $request->getOptions()->ignoreCache = $this->context->getIgnoreCache(); $xml = $this->context->getHttpFetcher()->fetch($request); if ($xml->getHttpCode() != '200') { throw new GadgetException("Failed to retrieve gadget content (recieved http code " . $xml->getHttpCode() . ")"); } return $xml->getResponseContent(); }
/** * */ protected function setCachingHeaders() { $this->setContentType("text/html; charset=UTF-8"); if ($this->context->getIgnoreCache()) { // no cache was requested, set non-caching-headers $this->setNoCache(true); } elseif (isset($_GET['v'])) { // version was given, cache for a long long time (a year) $this->setCacheTime(365 * 24 * 60 * 60); } else { // no version was given, cache for 5 minutes $this->setCacheTime(5 * 60); } }
private function loadOsmlLibrary() { $container = $this->gadgetContext->getContainer(); $containerConfig = $this->gadgetContext->getContainerConfig(); $gadgetsFeatures = $containerConfig->getConfig($container, 'gadgets.features'); if (!isset($gadgetsFeatures['osml'])) { throw new ExpressionException("Missing OSML configuration key in config/config.js"); } elseif (!isset($gadgetsFeatures['osml']['library'])) { throw new ExpressionException("Missing OSML.Library configuration key in config/config.js"); } $osmlLibrary = Config::get('container_path') . str_replace('config/', '', $gadgetsFeatures['osml']['library']); if (!File::exists($osmlLibrary)) { throw new ExpressionException("Missing OSML Library ({$osmlLibrary})"); } $this->addTemplateLibrary(file_get_contents($osmlLibrary)); $this->osmlLoaded = true; }
/** * Tests GadgetHtmlRenderer->addHeadTags() */ public function testAddHeadTags() { ob_start(); $this->GadgetHtmlRenderer->renderGadget($this->gadget, $this->view); ob_end_clean(); $this->GadgetHtmlRenderer->addHeadTags($this->domElement, $this->domDocument); $tmpNodeList = $this->domElement->getElementsByTagName("style"); $tmpNodeList = $this->domElement->getElementsByTagName("script"); $script = ''; foreach ($this->GadgetHtmlRenderer->gadget->features as $feature) { $script .= $this->gadgetContext->getRegistry()->getFeatureContent($feature, $this->gadgetContext, true); } foreach ($tmpNodeList as $tmpNode) { $this->assertEquals('text/javascript', $tmpNode->getAttribute('type')); $nodeValue = substr($tmpNode->nodeValue, 0, strpos($tmpNode->nodeValue, 'gadgets.config.init(')); $this->assertEquals(trim($script), trim($nodeValue)); } }
/** * Peforms the actual http fetching of the data-pipelining requests, all social requests * are made to $_SERVER['HTTP_HOST'] (the virtual host name of this server) / (optional) web_prefix / social / rpc, and * the httpRequest's are made to $_SERVER['HTTP_HOST'] (the virtual host name of this server) / (optional) web_prefix / gadgets / makeRequest * both request types use the current security token ($_GET['st']) when performing the requests so they happen in the correct context * * @param array $requests * @param GadgetContext $context * @return array response */ private static function performRequests($requests, GadgetContext $context) { $jsonRequests = array(); $httpRequests = array(); $decodedResponse = array(); // Using the same gadget security token for all social & http requests so everything happens in the right context if (!BasicSecurityToken::getTokenStringFromRequest()) { throw new ExpressionException("No security token set, required for data-pipeling"); } $securityToken = $_GET['st']; foreach ($requests as $request) { switch ($request['type']) { case 'os:DataRequest': // Add to the social request batch $id = $request['key']; $method = $request['method']; // remove our internal fields so we can use the remainder as params unset($request['key']); unset($request['method']); unset($request['type']); if (isset($request['fields'])) { $request['fields'] = explode(',', $request['fields']); } $jsonRequests[] = array('method' => $method, 'id' => $id, 'params' => $request); break; case 'os:HttpRequest': $id = $request['key']; $url = $request['href']; $format = isset($request['format']) ? $request['format'] : 'json'; unset($request['key']); unset($request['type']); unset($request['href']); $httpRequests[$url] = array('id' => $id, 'url' => $url, 'format' => $format, 'queryStr' => implode('&', $request)); break; } } if (count($jsonRequests)) { // perform social api requests $request = new RemoteContentRequest('http://' . $_SERVER['HTTP_HOST'] . Config::get('web_prefix') . '/rpc?st=' . urlencode($securityToken) . '&format=json', "Content-Type: application/json\n", json_encode($jsonRequests)); $request->setMethod('POST'); $remoteFetcherClass = Config::get('remote_content_fetcher'); $remoteFetcher = new $remoteFetcherClass(); $basicRemoteContent = new BasicRemoteContent($remoteFetcher); $response = $basicRemoteContent->fetch($request); $decodedResponse = json_decode($response->getResponseContent(), true); } if (count($httpRequests)) { $requestQueue = array(); foreach ($httpRequests as $request) { $req = new RemoteContentRequest($_SERVER['HTTP_HOST'] . Config::get('web_prefix') . '/gadgets/makeRequest?url=' . urlencode($request['url']) . '&st=' . urlencode($securityToken) . (!empty($request['queryStr']) ? '&' . $request['queryStr'] : '')); $req->getOptions()->ignoreCache = $context->getIgnoreCache(); $req->setNotSignedUri($request['url']); $requestQueue[] = $req; } $basicRemoteContent = new BasicRemoteContent(); $resps = $basicRemoteContent->multiFetch($requestQueue); foreach ($resps as $response) { //FIXME: this isn't completely correct yet since this picks up the status code and headers // as they are returned by the makeRequest handler and not the ones from the original request $url = $response->getNotSignedUrl(); $id = $httpRequests[$url]['id']; // strip out the UNPARSEABLE_CRUFT (see makeRequestHandler.php) on assigning the body $resp = json_decode(str_replace("throw 1; < don't be evil' >", '', $response->getResponseContent()), true); if (is_array($resp)) { $statusCode = $response->getHttpCode(); $statusCodeMessage = $response->getHttpCodeMsg(); $headers = $response->getHeaders(); if (intval($statusCode) == 200) { $content = $httpRequests[$url]['format'] == 'json' ? json_decode($resp[$url]['body'], true) : $resp[$url]['body']; $toAdd = array('result' => array('content' => $content, 'status' => $statusCode, 'headers' => $headers)); } else { $content = $resp[$url]['body']; $toAdd = array('error' => array('code' => $statusCode, 'message' => $statusCodeMessage, 'result' => array('content' => $content, 'headers' => $headers))); } //$toAdd[$id] = array('id' => $id, 'result' => $httpRequests[$url]['format'] == 'json' ? json_decode($resp[$url]['body'], true) : $resp[$url]['body']); $decodedResponse[] = array('id' => $id, 'result' => $toAdd); } } } return $decodedResponse; }
/** * Builds a request to retrieve the actual content. * * @param GadgetContext $context The rendering context. * @param MakeRequestOptions $params Options for crafting the request. * @param SecurityTokenDecoder $signer A signer needed for signed requests. * @return RemoteContentRequest An initialized request object. */ public function buildRequest(GadgetContext $context, MakeRequestOptions $params, SecurityTokenDecoder $signer = null) { // Check the protocol requested - curl doesn't really support file:// // requests but the 'error' should be handled properly $protocolSplit = explode('://', $params->getHref(), 2); if (count($protocolSplit) < 2) { throw new Exception("Invalid protocol specified"); } $protocol = strtoupper($protocolSplit[0]); if ($protocol != "HTTP" && $protocol != "HTTPS") { throw new Exception("Invalid protocol specified in url: " . htmlentities($protocol)); } $method = $params->getHttpMethod(); if ($method == 'POST' || $method == 'PUT') { // even if postData is an empty string, it will still post // (since RemoteContentRquest checks if its false) // so the request to POST is still honored $request = new RemoteContentRequest($params->getHref(), null, $params->getRequestBody()); } else { if ($method == 'DELETE' || $method == 'GET' || $method == 'HEAD') { $request = new RemoteContentRequest($params->getHref()); } else { throw new Exception("Invalid HTTP method."); } } $request->setMethod($method); if ($signer) { switch ($params->getAuthz()) { case 'SIGNED': $request->setAuthType(RemoteContentRequest::$AUTH_SIGNED); break; case 'OAUTH': $request->setAuthType(RemoteContentRequest::$AUTH_OAUTH); $request->setOAuthRequestParams($params->getOAuthRequestParameters()); break; } $st = $params->getSecurityTokenString(); if ($st === false) { throw new Exception("A security token is required for signed requests"); } $token = $context->validateToken($st, $signer); $request->setToken($token); } // Strip invalid request headers. This limits the utility of the // MakeRequest class a little bit, but ensures that none of the invalid // headers are present in any request going through this class. $headers = $params->getRequestHeadersArray(); if ($headers !== false) { $headers = $this->stripInvalidArrayKeys($headers, MakeRequest::$BAD_REQUEST_HEADERS); $params->setRequestHeaders($headers); } // The request expects headers to be stored as a normal header text blob. // ex: Content-Type: application/atom+xml // Accept-Language: en-us $formattedHeaders = $params->getFormattedRequestHeaders(); if ($formattedHeaders !== false) { $request->setHeaders($formattedHeaders); } return $request; }
/** * Tests GadgetContext->setView() */ public function testSetView() { $view = 'Dummie_view'; $this->GadgetContext->setView($view); $this->assertEquals($view, $this->GadgetContext->getView()); }
/** * Appends data from <Preload> elements to make them available to * gadgets.io. * * @param gadget */ private function appendPreloads(Gadget $gadget, GadgetContext $context) { $resp = array(); $gadgetSigner = Config::get('security_token_signer'); $gadgetSigner = new $gadgetSigner(); $token = ''; try { $token = $context->extractAndValidateToken($gadgetSigner); } catch (Exception $e) { $token = ''; // no token given, safe to ignore } $unsignedRequests = $unsignedContexts = array(); $signedRequests = array(); foreach ($gadget->getPreloads() as $preload) { try { if (($preload->getAuth() == Auth::$NONE || $token != null) && (count($preload->getViews()) == 0 || in_array($context->getView(), $preload->getViews()))) { $request = new RemoteContentRequest($preload->getHref()); $request->createRemoteContentRequestWithUri($preload->getHref()); $request->getOptions()->ownerSigned = $preload->isSignOwner(); $request->getOptions()->viewerSigned = $preload->isSignViewer(); switch (strtoupper(trim($preload->getAuth()))) { case "NONE": // Unify all unsigned requests to one single multi request $unsignedRequests[] = $request; $unsignedContexts[] = $context; break; case "SIGNED": // Unify all signed requests to one single multi request $signingFetcherFactory = new SigningFetcherFactory(Config::get("private_key_file")); $fetcher = $signingFetcherFactory->getSigningFetcher(new BasicRemoteContentFetcher(), $token); $req = $fetcher->signRequest($preload->getHref(), $request->getMethod()); $req->setNotSignedUri($preload->getHref()); $signedRequests[] = $req; break; default: @ob_end_clean(); header("HTTP/1.0 500 Internal Server Error", true); echo "<html><body><h1>" . "500 - Internal Server Error" . "</h1></body></html>"; die; } } } catch (Exception $e) { throw new Exception($e); } } if (count($unsignedRequests)) { try { $brc = new BasicRemoteContent(); $responses = $brc->multiFetch($unsignedRequests, $unsignedContexts); foreach ($responses as $response) { $resp[$response->getUrl()] = array('body' => $response->getResponseContent(), 'rc' => $response->getHttpCode()); } } catch (Exception $e) { throw new Exception($e); } } if (count($signedRequests)) { try { $fetcher = $signingFetcherFactory->getSigningFetcher(new BasicRemoteContentFetcher(), $token); $responses = $fetcher->multiFetchRequest($signedRequests); foreach ($responses as $response) { $resp[$response->getNotSignedUrl()] = array('body' => $response->getResponseContent(), 'rc' => $response->getHttpCode()); } } catch (Exception $e) { throw new Exception($e); } } $resp = count($resp) ? json_encode($resp) : "{}"; return "gadgets.io.preloaded_ = " . $resp . ";\n"; }
/** * Outputs a html content type gadget. * It creates a html page, with the javascripts from the features inline into the page, plus * calls to 'gadgets.config.init' with the container configuration (config/container.js) and * 'gadgets.Prefs.setMessages_' with all the substitutions. For external javascripts it adds * a <script> tag. * * @param Gadget $gadget * @param GadgetContext $context */ private function outputHtmlGadget($gadget, $context) { $this->setContentType("text/html; charset=UTF-8"); $output = ''; $output .= "<html>\n<head>\n"; // TODO: This is so wrong. (todo copied from java shindig, but i would agree with it :)) $output .= "<style type=\"text/css\">body,td,div,span,p{font-family:arial,sans-serif;} a {color:#0000cc;}a:visited {color:#551a8b;}a:active {color:#ff0000;}body{margin: 0px;padding: 0px;background-color:white;}</style>\n"; $output .= "</head>\n<body>\n"; $externJs = ""; $inlineJs = ""; $externFmt = "<script src=\"%s\"></script>"; $forcedLibs = $context->getForcedJsLibs(); foreach ($gadget->getJsLibraries() as $library) { $type = $library->getType(); if ($type == 'URL') { // TODO: This case needs to be handled more gracefully by the js // servlet. We should probably inline external JS as well. $externJs .= sprintf($externFmt, $library->getContent()) . "\n"; } else { if ($type == 'INLINE') { $inlineJs .= $library->getContent() . "\n"; } else { // FILE or RESOURCE if ($forcedLibs == null) { $inlineJs .= $library->getContent() . "\n"; } // otherwise it was already included by config.forceJsLibs. } } } // Forced libs first. if (!empty($forcedLibs)) { $libs = explode(':', $forcedLibs); $output .= sprintf($externFmt, $this->getJsUrl($libs)) . "\n"; } if (strlen($inlineJs) > 0) { $output .= "<script><!--\n" . $inlineJs . "\n-->\n</script>\n"; } if (strlen($externJs) > 0) { $output .= $externJs; } $output .= "<script><!--\n"; $output .= $this->appendJsConfig($context, $gadget); $output .= $this->appendMessages($gadget); $output .= "-->\n</script>\n"; $gadgetExceptions = array(); $content = $gadget->getContentData($context->getView()); if (empty($content)) { // unknown view $gadgetExceptions[] = "View: '" . $context->getView() . "' invalid for gadget: " . $gadget->getId()->getKey(); } if (count($gadgetExceptions)) { throw new GadgetException(print_r($gadgetExceptions, true)); } $output .= $content . "\n"; $output .= "<script>gadgets.util.runOnLoadHandlers();</script>\n"; $output .= "</body>\n</html>"; if (Config::get('P3P') != '') { header("P3P: " . Config::get('P3P')); } echo $output; }
public function getGadgetSpec(GadgetContext $context) { return $this->getGadgetSpecUri($context->getUrl(), $context->getIgnoreCache()); }
/** * Tests GadgetContext->setView() */ public function testSetView() { $view = 'Dummie_view'; $this->GadgetContext->setView($view); $this->assertAttributeEquals($view, 'view', $this->GadgetContext); }
public function __construct($url) { parent::__construct('GADGET'); $this->url = $url; }