public function actionApiData()
{
/* @var $clientModel bdApi_Model_Client */
$clientModel = $this->getModelFromCache('bdApi_Model_Client');
/* @var $userScopeModel bdApi_Model_UserScope */
$userScopeModel = $this->getModelFromCache('bdApi_Model_UserScope');
/* @var $userModel bdApi_XenForo_Model_User */
$userModel = $this->getModelFromCache('XenForo_Model_User');
$callback = $this->_input->filterSingle('callback', XenForo_Input::STRING);
$cmd = $this->_input->filterSingle('cmd', XenForo_Input::STRING);
$clientId = $this->_input->filterSingle('client_id', XenForo_Input::STRING);
$data = array();
$data[$cmd] = 0;
$client = $clientModel->getClientById($clientId);
$visitorObj = XenForo_Visitor::getInstance();
$visitorArray = $visitorObj->toArray();
if (!empty($client) and $visitorArray['user_id'] > 0) {
switch ($cmd) {
case 'authorized':
$scope = $this->_input->filterSingle('scope', XenForo_Input::STRING);
$requestedScopes = bdApi_Template_Helper_Core::getInstance()->scopeSplit($scope);
if (empty($requestedScopes)) {
// no scope requested, check for scope `read`
$requestedScopes[] = bdApi_Model_OAuth2::SCOPE_READ;
}
$requestedScopesAccepted = array();
if ($data[$cmd] === 0 and $clientModel->canAutoAuthorize($client, $scope)) {
// this client has auto authorize setting for the requested scope
// response with authorized = 1
// note: we don't have (and don't need) an access token for now
// but in case the client application request authorization, it
// will be granted automatically anyway
$requestedScopesAccepted = $requestedScopes;
$data[$cmd] = 1;
}
if ($data[$cmd] === 0) {
// start looking for accepted scopes
$userScopes = $userScopeModel->getUserScopes($client['client_id'], $visitorArray['user_id']);
foreach ($requestedScopes as $scope) {
foreach ($userScopes as $userScope) {
if ($userScope['scope'] === $scope) {
$requestedScopesAccepted[] = $scope;
}
}
}
if (count($requestedScopes) === count($requestedScopesAccepted)) {
$data[$cmd] = 1;
}
}
if ($data[$cmd] === 1) {
if (!empty($scope)) {
// some actual scopes were requested, return user data according to those scopes
$session = new bdApi_Session();
$session->fakeStart($client, $visitorObj, $requestedScopesAccepted);
$visitorPrepared = $userModel->prepareApiDataForUser($visitorArray);
$data = array_merge($visitorPrepared, $data);
} else {
// just checking for connection status, return user_id only
$data['user_id'] = $visitorArray['user_id'];
}
}
// switch ($cmd)
break;
}
}
$clientModel->signApiData($client, $data);
$viewParams = array('callback' => $callback, 'cmd' => $cmd, 'client_id' => $clientId, 'data' => $data);
$this->_routeMatch->setResponseType('raw');
return $this->responseView('bdApi_ViewPublic_Misc_Api_Data', '', $viewParams);
}
/**
* Starts running the API session handler. This will automatically log in the
* user via OAuth if needed, and setup the visitor object. The session will be
* registered in the registry.
*
* @param Zend_Controller_Request_Http|null $request
*
* @return XenForo_Session
*/
public static function startApiSession(Zend_Controller_Request_Http $request = null)
{
if (!$request) {
$request = new Zend_Controller_Request_Http();
}
if (XenForo_Application::$versionId >= 1020000) {
$addOns = XenForo_Application::get('addOns');
if (empty($addOns['bdApi'])) {
die('The API is currently disabled.');
}
}
$session = new bdApi_Session();
$session->start();
XenForo_Application::set('session', $session);
$options = $session->getAll();
$visitor = XenForo_Visitor::setup($session->get('user_id'), $options);
if (empty($visitor['user_id'])) {
$guestUsername = $request->getParam('guestUsername');
if (!empty($guestUsername)) {
$visitor['username'] = $guestUsername;
}
}
return $session;
}
protected function _setupSession($action)
{
if (XenForo_Application::isRegistered('session')) {
return;
}
bdApi_Session::startApiSession($this->_request);
}
/**
* Starts running the API session handler. This will automatically log in the
* user via OAuth if needed, and setup the visitor object. The session will be
* registered in the registry.
*
* @param Zend_Controller_Request_Http|null $request
*
* @return XenForo_Session
*/
public static function startApiSession(Zend_Controller_Request_Http $request = null)
{
if (!$request) {
$request = new Zend_Controller_Request_Http();
}
if (XenForo_Application::$versionId >= 1020000) {
$addOns = XenForo_Application::get('addOns');
if (empty($addOns['bdApi'])) {
die('The API is currently disabled.');
}
}
$session = new bdApi_Session();
$session->start();
// XenForo_ControllerPublic_Abstract::_executePromotionUpdate
// avoid running promotion check
$session->set('promotionChecked', true);
// XenForo_ControllerPublic_Abstract::_updateDismissedNoticeSessionCache
// avoid querying dismissed notices
$session->set('dismissedNotices', array());
// XenForo_ControllerPublic_Abstract::_updateModeratorSessionReportCounts
// XenForo_ControllerPublic_Abstract::_updateModeratorSessionModerationCounts
// avoid recounting moderator counters
$session->set('reportCounts', array('activeCount' => 0, 'lastBuildDate' => XenForo_Application::$time));
$session->set('moderationCounts', array('total' => 0, 'lastBuildDate' => XenForo_Application::$time));
// XenForo_ControllerPublic_Abstract::_updateAdminSessionModerationCounts
// avoid recounting admin counters
$session->set('canAdminUsers', false);
$session->set('userModerationCounts', array('total' => 0, 'lastBuildDate' => XenForo_Application::$time));
// sondh@2015-10-04
// added support for locale via XenForo languages
// api requests containing `locale` parameter will use one of the installed languages that matches
// the specified locale. The value must be a valid language code (ISO 639-1) with optional inclusion of
// a valid country code (ISO 3166-1 alpha 2) separated by hyphen ("-").
$requestLanguageId = 0;
$requestLocale = $request->getParam('locale');
if (!empty($requestLocale) && preg_match('#^(?<lang>\\w{2})(\\-(?<country>\\w{2}))?$#', $requestLocale, $matches)) {
$requestLang = utf8_strtolower($matches['lang']);
$requestCountry = utf8_strtoupper(isset($matches['country']) ? $matches['country'] : '');
$requestLocale = !empty($requestCountry) ? sprintf('%s-%s', $requestLang, $requestCountry) : $requestLang;
$languages = XenForo_Application::get('languages');
ksort($languages);
foreach ($languages as $language) {
if (utf8_substr($language['language_code'], 0, 2) === $requestLang && (empty($requestLanguageId) || !empty($requestCountry) && $requestLocale === $language['language_code'])) {
$requestLanguageId = $language['language_id'];
}
}
}
$session->set('languageId', $requestLanguageId);
XenForo_Application::set('session', $session);
$options = $session->getAll();
$visitor = XenForo_Visitor::setup($session->get('user_id'), $options);
if (empty($visitor['user_id'])) {
$guestUsername = $request->getParam('guestUsername');
if (!empty($guestUsername)) {
$visitor['username'] = $guestUsername;
}
}
if (!empty($requestLocale) && $requestLanguageId > 0) {
if ($visitor['user_id'] == 0) {
if ($requestLanguageId != XenForo_Application::getOptions()->get('defaultLanguageId')) {
$session->set('requestLocale', $requestLocale);
}
} else {
if ($requestLanguageId != $visitor['language_id']) {
$session->set('requestLocale', $requestLocale);
}
}
}
return $session;
}
