public function write()
{
$resource = $this->context->channel;
if (!empty($this->context->more)) {
$resource .= '.' . $this->context->more;
}
$history = array('_id' => (string) new MongoID(), 'origin' => $this->context->origin, 'origin_description' => $this->context->origin_description, 'origin_domain' => $this->context->origin_domain, 'endpoint' => $this->endpoint, 'method' => $this->method, 'resource' => $resource, 'timestamp' => GalaxyAPI::datetime());
$application_id = GalaxyAPI::applicationIdForChannelId($this->context->channel);
$options = array('default' => GalaxyAPI::databaseForId($application_id));
$db = GalaxyAPI::database(GalaxyAPIConstants::kDatabaseMongoDB, null, $options);
$logs = $db->selectCollection(GalaxyAPIConstants::kDatabaseLog);
// this might be a bottle neck
// how much value is in the individual channel quests count?
if (empty($this->context->more)) {
$inc_key = array('_id' => $this->context->channel);
$inc_value = array('$inc' => array('requests' => 1));
$master = $db->selectCollection(GalaxyAPIConstants::kDatabaseChannels);
$master->update($inc_key, $inc_value);
// update the request counter for the subscriber copy as well
if (GalaxyAPI::applicationIdForChannelId($this->context->channel) != $this->context->origin) {
$options_local = array('default' => GalaxyAPI::databaseForId($this->context->origin));
$subscriber = GalaxyAPI::database(GalaxyAPIConstants::kDatabaseMongoDB, GalaxyAPIConstants::kDatabaseChannels, $options_local);
$subscriber->update($inc_key, $inc_value);
}
} else {
$requests = $db->selectCollection(GalaxyAPI::databaseforId($this->context->channel));
$requests->update(array('_id' => $this->context->more), array('$inc' => array('requests' => 1)));
}
// this definitely is important
$logs->insert($history);
}
public function channels_get(GalaxyContext $context)
{
$options = array('default' => GalaxyAPI::databaseForId($context->application));
$channels = GalaxyAPI::database(GalaxyAPIConstants::kDatabaseMongoDB, GalaxyAPIConstants::kDatabaseChannels, $options);
$result = $channels->find();
$data = array();
foreach ($result as $channel) {
$data[] = array('id' => $channel['_id'], 'type' => $channel['type'], 'label' => $channel['label'], 'description' => $channel['description'], 'source' => array('id' => $channel['application'], 'description' => $context->origin_description, 'domain' => $context->origin_domain), 'requests' => $channel['requests']);
}
return GalaxyResponse::responseWithData($data);
}
public function isAuthorized()
{
$result = false;
$db_certificates = GalaxyAPI::database(GalaxyAPIConstants::kDatabaseRedis, GalaxyAPIConstants::kDatabaseCertificates);
$certificate = json_decode($db_certificates->get(GalaxyAPIConstants::kTypeCertificate . ':' . $this->oauth->oauth_consumer_key), true);
if ($certificate) {
$this->application = $certificate['application'];
$this->instance = $certificate['instance'];
$this->description = $certificate['description'];
$this->domain = $certificate['domain'];
$secret = $certificate['secret'];
$base_string = array();
$base_string['oauth_consumer_key'] = $this->oauth->oauth_consumer_key;
$base_string['oauth_nonce'] = $this->oauth->oauth_nonce;
$base_string['oauth_signature_method'] = $this->oauth->oauth_signature_method;
$base_string['oauth_timestamp'] = $this->oauth->oauth_timestamp;
$base_string['oauth_token'] = '';
$base_string['oauth_version'] = $this->oauth->oauth_version;
if (count($_REQUEST)) {
// with arrays in the request we might need to iterate over this to ensure
// the proper sort order
$this->sortRequestParams($_REQUEST);
$base_string = array_merge($base_string, $_REQUEST);
ksort($base_string);
}
// we will be sending arrays in this, and http_build_query() builds the right thing for recursive arrays
// but it encodes it wrong for our needs, which is why we are decoding it, and then rawurlencoding it afterwards
$params = urldecode(http_build_query($base_string));
$string = rawurlencode(strtoupper($_SERVER['REQUEST_METHOD']) . "&http://" . $_SERVER['SERVER_NAME'] . '/' . GalaxyAPI::endpoint() . "&" . $params);
$signature = base64_encode(hash_hmac('sha1', $string, $secret, true));
// the inbound signature
$sig1 = base64_decode(urldecode($this->oauth->oauth_signature));
// the rebuilt signature
$sig2 = base64_decode($signature);
$result = rawurlencode($sig1) == rawurlencode($sig2);
}
return $result;
}
public function data()
{
$last_message = $this->last_message ? $this->last_message->data() : null;
return array('_id' => (string) new MongoID(), 'replies' => $this->replies, 'requests' => $this->requests, 'title' => $this->title, 'author' => $this->author, 'origin_message_id' => $this->origin_message_id, 'source' => $this->context->source(), 'last_message' => $last_message, 'created' => GalaxyAPI::datetime(), 'type' => GalaxyAPIConstants::kTypeForumTopic);
}
private function requestWithAuthorizationOAuth()
{
//print_r($_POST);
$authorization = new GalaxyAuthorizationOAuth($this->headers['Authorization']);
if ($authorization->isAuthorized()) {
// load the application command context:
$api = null;
$response = null;
// GalaxyResponse
// At this point we know the user has a valid application
// if they are attempting to access a channel, we need to confirm the channel
// permissions, if they are accessing the root of their application, they are good
// to go at this point.
$context = $this->context_for_realm($authorization->realm);
$context->origin = $authorization->application;
$context->origin_description = $authorization->description;
$context->origin_domain = $authorization->domain;
if ($context) {
$api = $this->commandLibraryForType($authorization->instance);
// format: command_method e.g., channels_get, topics_post, topics_delete
$method = GalaxyAPI::methodForEndpoint(GalaxyAPI::endpoint());
if (!$api) {
GalaxyResponse::unauthorized();
}
// accessing the application
if (!$context->channel) {
if ($context->application == $authorization->application) {
if (method_exists($api, $method)) {
$response = $api->{$method}($context);
} else {
GalaxyResponse::unauthorized();
}
echo $response;
} else {
GalaxyResponse::unauthorized();
}
} else {
$has_permission = false;
$db_certificates = GalaxyAPI::database(GalaxyAPIConstants::kDatabaseRedis, GalaxyAPIConstants::kDatabaseCertificates);
$permissions = json_decode($db_certificates->get(GalaxyAPIConstants::kTypeCertificate . ':' . $authorization->oauth_consumer_key . ':' . $context->channel));
$verb = strtolower($_SERVER['REQUEST_METHOD']);
switch ($verb) {
case 'get':
$has_permission = $permissions & GalaxyAPIConstants::kPermissionRead ? true : false;
break;
case 'post':
case 'put':
$has_permission = $permissions & GalaxyAPIConstants::kPermissionWrite ? true : false;
break;
case 'delete':
$has_permission = $permissions & GalaxyAPIConstants::kPermissionDelete ? true : false;
break;
}
if ($has_permission && method_exists($api, $method)) {
$log = new GalaxyLog();
$log->setEndpoint(GalaxyAPI::endpoint());
$log->setContext($context);
$log->setMethod($verb);
$log->write();
$response = $api->{$method}($context);
} else {
echo GalaxyResponse::unauthorized();
}
echo $response;
}
} else {
echo GalaxyResponse::unauthorized();
}
} else {
echo "*****";
echo GalaxyResponse::unauthorized();
}
}
public function __construct()
{
$this->id = (string) new MongoID();
$this->created = GalaxyAPI::datetime();
}
public function topics_get(GalaxyContext $context)
{
$options = array('default' => GalaxyAPI::databaseForId($context->application));
$channel = GalaxyAPI::database(GalaxyAPIConstants::kDatabaseMongoDB, GalaxyAPI::databaseForId($context->channel), $options);
$result = $channel->find(array('type' => GalaxyAPIConstants::kTypeForumTopic));
$data = array();
foreach ($result as $topic) {
$data[] = array('id' => $topic['_id'], 'requests' => $topic['requests'], 'replies' => $topic['replies'], 'title' => $topic['title'], 'author' => $topic['author'], 'source' => $topic['source'], 'last_message' => $topic['last_message'], 'created' => $topic['created'], 'type' => $topic['type']);
}
return GalaxyResponse::responseWithData($data);
}
