* * This is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as * published by the Free Software Foundation; either version 2.1 of * the License, or (at your option) any later version. * * This software is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this software; if not, write to the Free * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * 02110-1301 USA, or see the FSF site: http://www.fsf.org. ******************************************************************************/ include_once 'include.php'; require_once 'ringside/web/RingsideWebUtils.php'; require_once 'ringside/web/config/RingsideWebConfig.php'; require_once 'ringside/web/session/RingsideWebSession.php'; require_once 'ringside/social/client/RingsideSocialClientLocal.php'; $webSession = new RingsideWebSession(); $social = new RingsideSocialClientLocal(RingsideWebConfig::$networkKey, null, $webSession->getSocial()); $inSession = $social->inSession(); if ($inSession === false) { $next = $_SERVER['REQUEST_URI']; RingsideWebUtils::redirect(RingsideWebConfig::$webRoot . "/login.php?next={$next}"); } $left = array('welcome', 'advert'); $canvas_content = $social->render('canvas', null, 'apps', ''); include 'oneapp.inc';
} RingsideWebUtils::redirect(RingsideWebConfig::$webRoot . '/ringside.php/' . $canvas); } else { if (empty($canvas) || strlen(trim($canvas)) < 2) { $canvas = 'welcome'; $pathInfo = ''; } } } try { $text = $social->render('canvas', null, $canvas, $pathInfo); } catch (Exception $exception) { error_log('Getting application page failed. $exception'); } if ($social->getRedirect() != null) { RingsideWebUtils::redirect($social->getRedirect()); } else { if ($social->isRaw()) { echo $text; } else { ?> <html> <head> <link rel="stylesheet" href="<?php echo RingsideWebConfig::$webRoot; ?> /css.php/ringside.css" type="text/css" /> </head> <body> <div style="background-color: white; color: #222; width: 711px; padding: 4px"><?php
* is set, then we are processing the request to add. */ if (isset($_POST['app_id'])) { // Process the form submit. This needs to become an API call. // allows_status_update, allows_create_listing,allows_photo_upload,auth_information,auth_profile,auth_leftnav,auth_newsfeeds $app_id = $_POST['app_id']; error_log("Attempting to add app: " . $app_id); //users_setApp($params, $app_id) try { $client->api_client->users_setApp($_POST, $app_id); $result = $client->api_client->admin_getAppProperties("canvas_url", $app_id); $canvas = isset($result['canvas_url']) ? $result['canvas_url'] : ''; // TODO move this pretty much to a utility function for keeping parameters. // $next = isset( $_GET['next'] ) ? $_GET['next'] : "canvas/$name" ; // Which page to go to? Default index.php RingsideWebUtils::redirect(RingsideWebConfig::$webRoot . "/canvas.php/{$canvas}"); } catch (Exception $exception) { error_log("Caught Exception Saving User App Settings: " . $exception->getMessage()); error_log($exception->getTraceAsString()); $error = $exception->getMessage(); include 'add_empty.php'; } } else { if (isset($_GET['app_id'])) { $app_id = $_GET['app_id']; //application_getPublicInfo( $application_id = null, $application_canvas_name = null, $application_api_key = null) try { // If the app doesn't exist this method will throw an exception $client->api_client->application_getPublicInfo($app_id, null, null); $status = $client->api_client->users_isAppEnabled($uid, $app_id); include 'add_form.php';
* published by the Free Software Foundation; either version 2.1 of * the License, or (at your option) any later version. * * This software is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this software; if not, write to the Free * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * 02110-1301 USA, or see the FSF site: http://www.fsf.org. ******************************************************************************/ include_once 'include.php'; require_once 'ringside/web/RingsideWebUtils.php'; require_once 'ringside/web/config/RingsideWebConfig.php'; require_once 'ringside/web/session/RingsideWebSession.php'; require_once 'ringside/social/client/RingsideSocialClientLocal.php'; $webSession = new RingsideWebSession(); $social = new RingsideSocialClientLocal(RingsideWebConfig::$networkKey, null, $webSession->getSocial()); $inSession = $social->inSession(); if ($inSession === false) { $register = $social->render('canvas', null, 'register', ''); if ($social->getRedirect() != null) { RingsideWebUtils::redirect($social->getRedirect()); } } else { RingsideWebUtils::redirect(RingsideWebConfig::$webRoot . "/index.php"); } $canvas_content = $register; include 'oneapp.inc';
RingsideWebUtils::redirect($social->getRedirect()); return; } } else { if ($social->inSession() === false || !$social->getCurrentUser()) { $canvas_content = $social->render('canvas', null, 'login', ''); if ($social->inSession() !== false) { $webSession->setSocial($social->getNetworkSessionKey()); RingsideWebUtils::redirect($social->getRedirect()); return; } } else { // error_log("Already logged in as ".$social->getCurrentUser().' on '.$social->getCurrentNetwork()); $redirect_url = RingsideWebConfig::$webRoot . '/index.php'; if (isset($_GET['next'])) { $redirect_url = $_GET['next']; } else { if (isset($_POST['next'])) { $redirect_url = $_POST['next']; } } RingsideWebUtils::redirect($redirect_url); return; } } if ($popUp === true) { include 'popup.inc'; } else { // $left = array( 'welcome', 'advert' ); include 'oneapp.inc'; }
$errorMessage = null; $formAction = getRequestParam('form_action'); $appId = getRequestParam('app_id'); if ($formAction == 'delete') { if ($appId == null) { $errorMessage = 'No app ID specified.'; } if ($errorMessage == null) { try { DeveloperAppUtils::deleteApp($appId, $uid); } catch (Exception $e) { $errorMessage = 'Could not delete app: ' . $e->getMessage(); } } if ($errorMessage == null) { RingsideWebUtils::redirect('index.php'); } } else { if ($formAction == null) { if ($appId == null) { $errorMessage = 'No app ID specified.'; } if ($errorMessage == null) { $formAction = 'delete'; $props = array('application_name'); $resp = $client->api_client->admin_getAppProperties($props, $appId); $appName = $resp['application_name']; $statusMessage = "Are you sure you want to delete the application '{$appName}'?"; } } }
$errorMessage = 'Please specify an canvas URL.'; } $webUrl = getRequestParam('web_url', ''); if (strlen($webUrl) == 0) { $errorMessage = 'Please specify an web URL.'; } if ($errorMessage == null) { try { $resp = $client->api_client->admin_createNetwork($name, $authUrl, $loginUrl, $canvasUrl, $webUrl); $key = $resp['network']['key']; } catch (Exception $e) { $errorMessage = "Error creating app: " . $e->getMessage(); } } if ($errorMessage == null) { RingsideWebUtils::redirect("edit_network.php?key={$key}&created=true&form_action=edit"); } } else { $pageHeader = 'Create a New Network'; $statusMessage = 'Please select a unique name for your network. ' . 'A key will be created for you.'; $formAction = 'new'; $submitText = 'Create Application'; $name = ''; } } } ?> <h1>community properties</h1> <input type="button" value="Create A New Network" style="display:<?php print $createButtonDisplay; ?>
* This is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as * published by the Free Software Foundation; either version 2.1 of * the License, or (at your option) any later version. * * This software is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this software; if not, write to the Free * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * 02110-1301 USA, or see the FSF site: http://www.fsf.org. ******************************************************************************/ include_once 'include.php'; require_once 'ringside/web/RingsideWebUtils.php'; require_once 'ringside/web/config/RingsideWebConfig.php'; require_once 'ringside/web/session/RingsideWebSession.php'; require_once 'ringside/social/client/RingsideSocialClientLocal.php'; $webSession = new RingsideWebSession(); $social = new RingsideSocialClientLocal(RingsideWebConfig::$networkKey, null, $webSession->getSocial()); $inSession = $social->inSession(); if ($inSession === false) { $next = $_SERVER['REQUEST_URI']; RingsideWebUtils::redirect(RingsideWebConfig::$webRoot . "/login.php?next=" . urlencode($next)); } $left = array('apps', 'welcome', 'advert'); $top = 'menu'; $canvas_content = $social->render('canvas', null, 'friends', ''); include 'oneapp.inc';
/** * Re-routes an api request to another network. If trust.php is used as a rest server URL * and a path info is provided such that the request looks like the one below: * * http://localhost/trust.php/facebook/footprints/restserver.php * or * http://localhost/trust.php/{network}/{canvas url}/{restserver path} * * Attempts to remap and resign the api call using the app's secret on the new network * and then to change the uid to the equivelent uid on the forgin network. * * The api call is then re-signed and issued and the response is returned. * * @param unknown_type $params */ private static function proxy_app_request(&$params) { $matches = array(); // All these special cases are to ensure we aren't adding an additional "/" character to the URL. preg_match(',^/([^/]*)/([^/]*)(/?.*)$,', $_SERVER['PATH_INFO'], $matches); $network_key = $matches[1]; $canvas_url = $matches[2]; $rest = $matches[3]; if ($rest == '') { $rest = '/'; } if ($network_key != RingsideSocialConfig::$apiKey) { $skey = isset($_REQUEST['fb_sig_session_key']) ? $_REQUEST['fb_sig_session_key'] : ''; $apiKey = isset($_REQUEST['fb_sig_api_key']) ? $_REQUEST['fb_sig_api_key'] : ''; $ringside_rest = self::createRestClient($params['fb_sig_session_key']); $admin_rest = RingsideSocialUtils::getAdminClient(); $props = $admin_rest->admin_getAppProperties("application_id,application_name,api_key,secret_key,callback_url", null, $canvas_url, NULL); $network_app_props = $admin_rest->admin_getAppKeys(null, null, $props['api_key']); $network_api_key = $props['api_key']; $network_secret = $props['secret_key']; self::getApiKeyAndSecretForNetwork($network_key, $network_app_props, $network_api_key, $network_secret); $network_session = new RingsideSocialSession($params['fb_sig_session_key']); $idmaps = $ringside_rest->users_mapToPrincipal(array($params['fb_sig_user']), $network_key, $props['application_id']); // Create openFB request. These are just overrides for the original request. $has_fb_sig = isset($params['fb_sig']); $cbReq = array(); // We can't append fb_sig unless Facebook has already passed fb_sig; this would prevent the app's client from creating a session during login if ($has_fb_sig) { if (isset($params['fb_sig_nuser'])) { // Since we're proxying a request, do NOT forward the user mapping! unset($params['fb_sig_nuser']); } $cbReq['fb_sig_flavor'] = 'canvas'; // $cbReq['fb_sig_in_iframe'] = 0; $cbReq['fb_sig_nid'] = $network_key; // The social session key needs to be for _this_ social session! $cbReq['fb_sig_soc_session_key'] = $network_session->getSessionKey(); if (!empty($idmaps) && isset($idmaps[0]) && $idmaps[0] !== null) { $cbReq['fb_sig_nuser'] = $idmaps[0]['pid']; } } // error_log("cbReq social session key is {$cbReq['fb_sig_soc_session_key']}; params is $fb_sig_soc_session_key"); // TODO: Set up social session key for trust-based proxy // $cbReq['fb_sig_soc_session_key'] = ; $req_params = array_merge($params, $cbReq); error_log("Invoking {$canvas_url} with params: " . var_export($req_params, true)); // Now, we need to re-sign the parameters, since we've added the "nid" and "nuser" fb_sig params if ($has_fb_sig) { unset($req_params['fb_sig']); $sig = RingsideSocialUtils::makeSig($req_params, $network_secret, 'fb_sig'); $req_params['fb_sig'] = $sig; } // error_log("Logged in user is principal ".$pids[0]); // error_log("Proxying to app callback URL ".$props['callback_url']); $headers = array(); $callback_url = self::safe_append_url($props['callback_url'], $rest); $result = RingsideSocialUtils::get_request($callback_url, $req_params, $headers); // error_log("Result: $result"); if (isset($headers['location'])) { $proxy_redir_url = self::buildProxyUrl($props['callback_url'], $headers['location']); error_log("Proxying for redirect to {$proxy_redir_url}"); // Build the remote network's callback_url // We'll redirect _within_ the frame (the commented-out script will redirect the _top_ of the frame if (isset($params['fb_sig_in_iframe']) && 0 != $params['fb_sig_in_iframe']) { // RingsideWebUtils::redirect($headers['location']); $apps_url = RingsideApiClientsConfig::$webUrl . '/canvas.php'; if ($nid == 'facebook') { $apps_url = 'http://apps.facebook.com/'; } // $real_location = self::buildProxyUrl($props['callback_url'], $headers['location']); // echo "<script>top.location.href='".$real_location."';</script>"; RingsideWebUtils::redirect($proxy_redir_url); } else { // $real_location = self::buildProxyUrl($props['callback_url'], $headers['location']); if (isset($params['fb_sig_in_canvas']) && 0 != $params['fb_sig_in_canvas']) { echo "<fb:redirect url='{$proxy_redir_url}'/>"; } else { RingsideWebUtils::redirect($proxy_redir_url); } } return; } echo $result; return; } // Map network user to principal // Rewrite fb_sig // Proxy to callback_url echo '<ERROR>Unknown Callback_Url!</ERROR>'; }
} else { if ($formAction == "new") { $pageHeader = "Create a New Application"; $formAction = "new"; $submitText = "Create Application"; $appName = getRequestParam("app_name"); if ($appName == null) { $errorMessage = "Please specify an application name."; } if ($errorMessage == null) { try { $appId = DeveloperAppUtils::createApp($uid, $appName); } catch (Exception $e) { $errorMessage = "Error creating app: " . $e->getMessage(); } } if ($errorMessage == null) { RingsideWebUtils::redirect("new_app_success.php?app_id={$appId}"); } } else { if ($formAction == null) { $pageHeader = "Create a New Application"; $statusMessage = "Please select a unique name for your application. " . "An API key and secret will be created for you."; $formAction = "new"; $submitText = "Create Application"; $appName = ''; } } } } include "ringside/apps/developer/templates/edit_app.tpl";
} } } //convert $netKeys to something user.setAppKeys can understand $keyProps = array(); foreach ($netKeys as $nid => $props) { $keyProps[] = array('network_id' => $nid, 'api_key' => $props['api_key'], 'secret' => $props['secret']); } //set keys try { $client->api_client->admin_setAppKeys($keyProps, $appId); } catch (Exception $e) { $errorMessage = 'Could not set keys: ' . $e->getMessage(); } if ($errorMessage == null) { RingsideWebUtils::redirect("edit_app_keys.php?app_id={$appId}&success=true"); } else { try { $keySets = $client->api_client->admin_getAppKeys($appId); } catch (Exception $e) { $errorMessage .= '<br />Could not retrieve app keys with given application ID.'; } } } else { $keySets = $client->api_client->admin_getAppKeys($appId); $success = getRequestParam('success'); if ($success != null && $success == 'true') { $statusMessage = 'Keys saved successfully.'; } $formAction = 'update'; }