/** * @throws GadgetException */ public function doGet() { try { if (empty($_GET['url'])) { throw new GadgetException("Missing required parameter: url"); } $contextClass = Config::get('gadget_context_class'); $this->context = new $contextClass('GADGET'); $gadgetSigner = Config::get('security_token_signer'); $gadgetSigner = new $gadgetSigner(); try { $token = $this->context->extractAndValidateToken($gadgetSigner); } catch (Exception $e) { // no token given, this is a fatal error if 'render_token_required' is set to true if (Config::get('render_token_required')) { $this->showError($e); } else { $token = ''; } } $factoryClass = Config::get('gadget_factory_class'); $gadgetSpecFactory = new $factoryClass($this->context, $token); $gadget = $gadgetSpecFactory->createGadget(); $this->setCachingHeaders(); $this->renderGadget($gadget); } catch (Exception $e) { $this->showError($e); } }
/** * Appends data from <Preload> elements to make them available to * gadgets.io. * * @param gadget */ private function appendPreloads(Gadget $gadget, GadgetContext $context) { $resp = array(); $gadgetSigner = Config::get('security_token_signer'); $gadgetSigner = new $gadgetSigner(); $token = ''; try { $token = $context->extractAndValidateToken($gadgetSigner); } catch (Exception $e) { $token = ''; // no token given, safe to ignore } $unsignedRequests = $unsignedContexts = array(); $signedRequests = array(); foreach ($gadget->getPreloads() as $preload) { try { if (($preload->getAuth() == Auth::$NONE || $token != null) && (count($preload->getViews()) == 0 || in_array($context->getView(), $preload->getViews()))) { $request = new RemoteContentRequest($preload->getHref()); $request->createRemoteContentRequestWithUri($preload->getHref()); $request->getOptions()->ownerSigned = $preload->isSignOwner(); $request->getOptions()->viewerSigned = $preload->isSignViewer(); switch (strtoupper(trim($preload->getAuth()))) { case "NONE": // Unify all unsigned requests to one single multi request $unsignedRequests[] = $request; $unsignedContexts[] = $context; break; case "SIGNED": // Unify all signed requests to one single multi request $signingFetcherFactory = new SigningFetcherFactory(Config::get("private_key_file")); $fetcher = $signingFetcherFactory->getSigningFetcher(new BasicRemoteContentFetcher(), $token); $req = $fetcher->signRequest($preload->getHref(), $request->getMethod()); $req->setNotSignedUri($preload->getHref()); $signedRequests[] = $req; break; default: @ob_end_clean(); header("HTTP/1.0 500 Internal Server Error", true); echo "<html><body><h1>" . "500 - Internal Server Error" . "</h1></body></html>"; die; } } } catch (Exception $e) { throw new Exception($e); } } if (count($unsignedRequests)) { try { $brc = new BasicRemoteContent(); $responses = $brc->multiFetch($unsignedRequests, $unsignedContexts); foreach ($responses as $response) { $resp[$response->getUrl()] = array('body' => $response->getResponseContent(), 'rc' => $response->getHttpCode()); } } catch (Exception $e) { throw new Exception($e); } } if (count($signedRequests)) { try { $fetcher = $signingFetcherFactory->getSigningFetcher(new BasicRemoteContentFetcher(), $token); $responses = $fetcher->multiFetchRequest($signedRequests); foreach ($responses as $response) { $resp[$response->getNotSignedUrl()] = array('body' => $response->getResponseContent(), 'rc' => $response->getHttpCode()); } } catch (Exception $e) { throw new Exception($e); } } $resp = count($resp) ? json_encode($resp) : "{}"; return "gadgets.io.preloaded_ = " . $resp . ";\n"; }