/**
* Process a Request.
*
*
* There are a few different type's of method calls currently.
* 1. Auth related methods, which all start with "auth.". These
* methods do not yet typically have a session key or in process of creating/validating/removing one.
* Other inner/inter systems security methods can be here as well. Note, you should NOT add a method
* to authenticate a user, that should be done else where. Use the inner-method of approveToken and lock
* it down within a system.
*
* 2. Application method calls. This is really the catchalll and executes the request handling mechanism.
*
* 3. Systems Management calls. (coming soon).
*
*/
function execute($request)
{
ini_set('session.use_cookies', '0');
ini_set('session.save_handler', 'user');
session_set_save_handler(array('Session', 'open'), array('Session', 'close'), array('Session', 'read'), array('Session', 'write'), array('Session', 'destroy'), array('Session', 'gc'));
session_cache_limiter('none');
set_error_handler(array('OpenFBServer', 'errorHandler'), E_ERROR);
// There is a change dependending on magic quotes settings
// that PHP will add in extra slashes, not good for us.
// This is removed as of PHP 6 as well.
if (get_magic_quotes_gpc()) {
foreach ($request as $rname => $rval) {
$request[$rname] = stripslashes($rval);
}
}
$context = Api_RequestContext::createRequestContext($request);
if ($context->getNetworkKey() == null) {
$keyService = Api_Bo_KeyService::create();
$ids = $keyService->getIds($context->getApiKey());
$domain_keys = $keyService->getKeyset($ids['domain_id'], $ids['domain_id']);
if ($domain_keys != null) {
$context->setNetworkKey($domain_keys['api_key']);
}
}
//error_log( "method $method requested" );
try {
$response = $this->executeRequest($context, $request);
$this->send_response($context->getMethod(), $response, $context->getFormat(), $context->getCallback());
} catch (Exception $exception) {
error_log("When executing {$context->getMethod()} request in OpenFBServer: " . $exception->getMessage());
error_log($exception->getTraceAsString());
$this->send_exception($exception, $request, $context->getFormat(), $context->getCallback());
}
// TODO - This would hurt infinite session concepts, should we just bag this concept?
// Should session cache be extended after each call?
// Should it be validated against expires time in session?
// session_cache_expire ( 24 * 60 );
}
/**
* Process API request to get an applications properties.
*
*/
public function execute()
{
$response = array();
$ds = Api_Bo_DomainService::create();
$ks = Api_Bo_KeyService::create();
$domain = null;
if (!isset($this->m_nid)) {
$this->m_nid = $ds->getNativeIdByApiKey($this->m_apiKey);
}
$domain = $ds->getDomain($this->m_nid);
$domain_keys = $ks->getKeyset($this->m_nid, $this->m_nid);
$domain = array_merge($domain, $domain_keys);
error_log("Retrieved domain for " . $this->m_nid . ":" . var_export($domain, true));
if (!empty($domain)) {
foreach ($this->m_properties as $prop) {
if (!isset(self::$map[$prop])) {
throw new OpenFBAPIException(FB_ERROR_MSG_PARAMETER_MISSING, FB_ERROR_CODE_PARAMETER_MISSING);
}
$key = self::$map[$prop];
if (!isset($domain[$key])) {
$response[$prop] = '';
} else {
$response[$prop] = $domain[$key];
}
}
}
return array('result' => json_encode($response));
}
/**
* Process API request to get an applications properties.
*
*/
public function execute()
{
$appService = Api_ServiceFactory::create('AppService');
$response = array();
if ($this->m_canvasName != null) {
$ids = $appService->getNativeIdsByProperty('canvas_url', $this->m_canvasName);
if ($ids == NULL || count($ids) == 0) {
throw new OpenFBAPIException("No such application known, canvas name is '{$this->m_canvasName}'", FB_ERROR_CODE_NO_APP);
}
$this->m_aid = $ids[0];
} else {
if ($this->m_apiKey != null) {
$id = $appService->getNativeIdByApiKey($this->m_apiKey);
if ($id == NULL) {
throw new OpenFBAPIException("No such application known, API key is '{$this->m_apiKey}' on '{$this->m_nid}' network.", FB_ERROR_CODE_NO_APP);
}
$this->m_aid = $id;
}
}
/*
* You can only cross check application information if
* the calling application is a default application
*/
// TODO: SECURITY: This disables cross-app calling security if uncommented!
if (false && $this->m_aid != $this->getAppId()) {
$isDefault = $this->checkDefaultApp($this->m_aid);
if (!$isDefault) {
throw new OpenFBAPIException('Application with id ' . $this->getAppId() . ' is not a default app: ' . FB_ERROR_MSG_GRAPH_EXCEPTION, FB_ERROR_CODE_GRAPH_EXCEPTION);
}
}
$app = $appService->getApp($this->m_aid);
$domainService = Api_Bo_DomainService::create();
$did = $domainService->getNativeIdByApiKey($this->m_nid);
$keyService = Api_Bo_KeyService::create();
$keyset = $keyService->getKeyset($this->m_aid, $did);
$app['api_key'] = isset($keyset['api_key']) ? $keyset['api_key'] : '';
$app['secret_key'] = isset($keyset['secret']) ? $keyset['secret'] : '';
$response = array();
if ($app != NULL) {
foreach ($this->m_properties as $prop) {
if (!isset(self::$map[$prop])) {
throw new OpenFBAPIException(FB_ERROR_MSG_PARAMETER_MISSING, FB_ERROR_CODE_PARAMETER_MISSING);
}
$key = self::$map[$prop];
if (!isset($app[$key])) {
$response[$prop] = '';
} else {
$response[$prop] = $app[$key];
}
}
}
return array('result' => json_encode($response));
}
