public function write() { $resource = $this->context->channel; if (!empty($this->context->more)) { $resource .= '.' . $this->context->more; } $history = array('_id' => (string) new MongoID(), 'origin' => $this->context->origin, 'origin_description' => $this->context->origin_description, 'origin_domain' => $this->context->origin_domain, 'endpoint' => $this->endpoint, 'method' => $this->method, 'resource' => $resource, 'timestamp' => GalaxyAPI::datetime()); $application_id = GalaxyAPI::applicationIdForChannelId($this->context->channel); $options = array('default' => GalaxyAPI::databaseForId($application_id)); $db = GalaxyAPI::database(GalaxyAPIConstants::kDatabaseMongoDB, null, $options); $logs = $db->selectCollection(GalaxyAPIConstants::kDatabaseLog); // this might be a bottle neck // how much value is in the individual channel quests count? if (empty($this->context->more)) { $inc_key = array('_id' => $this->context->channel); $inc_value = array('$inc' => array('requests' => 1)); $master = $db->selectCollection(GalaxyAPIConstants::kDatabaseChannels); $master->update($inc_key, $inc_value); // update the request counter for the subscriber copy as well if (GalaxyAPI::applicationIdForChannelId($this->context->channel) != $this->context->origin) { $options_local = array('default' => GalaxyAPI::databaseForId($this->context->origin)); $subscriber = GalaxyAPI::database(GalaxyAPIConstants::kDatabaseMongoDB, GalaxyAPIConstants::kDatabaseChannels, $options_local); $subscriber->update($inc_key, $inc_value); } } else { $requests = $db->selectCollection(GalaxyAPI::databaseforId($this->context->channel)); $requests->update(array('_id' => $this->context->more), array('$inc' => array('requests' => 1))); } // this definitely is important $logs->insert($history); }
public function channels_get(GalaxyContext $context) { $options = array('default' => GalaxyAPI::databaseForId($context->application)); $channels = GalaxyAPI::database(GalaxyAPIConstants::kDatabaseMongoDB, GalaxyAPIConstants::kDatabaseChannels, $options); $result = $channels->find(); $data = array(); foreach ($result as $channel) { $data[] = array('id' => $channel['_id'], 'type' => $channel['type'], 'label' => $channel['label'], 'description' => $channel['description'], 'source' => array('id' => $channel['application'], 'description' => $context->origin_description, 'domain' => $context->origin_domain), 'requests' => $channel['requests']); } return GalaxyResponse::responseWithData($data); }
public function isAuthorized() { $result = false; $db_certificates = GalaxyAPI::database(GalaxyAPIConstants::kDatabaseRedis, GalaxyAPIConstants::kDatabaseCertificates); $certificate = json_decode($db_certificates->get(GalaxyAPIConstants::kTypeCertificate . ':' . $this->oauth->oauth_consumer_key), true); if ($certificate) { $this->application = $certificate['application']; $this->instance = $certificate['instance']; $this->description = $certificate['description']; $this->domain = $certificate['domain']; $secret = $certificate['secret']; $base_string = array(); $base_string['oauth_consumer_key'] = $this->oauth->oauth_consumer_key; $base_string['oauth_nonce'] = $this->oauth->oauth_nonce; $base_string['oauth_signature_method'] = $this->oauth->oauth_signature_method; $base_string['oauth_timestamp'] = $this->oauth->oauth_timestamp; $base_string['oauth_token'] = ''; $base_string['oauth_version'] = $this->oauth->oauth_version; if (count($_REQUEST)) { // with arrays in the request we might need to iterate over this to ensure // the proper sort order $this->sortRequestParams($_REQUEST); $base_string = array_merge($base_string, $_REQUEST); ksort($base_string); } // we will be sending arrays in this, and http_build_query() builds the right thing for recursive arrays // but it encodes it wrong for our needs, which is why we are decoding it, and then rawurlencoding it afterwards $params = urldecode(http_build_query($base_string)); $string = rawurlencode(strtoupper($_SERVER['REQUEST_METHOD']) . "&http://" . $_SERVER['SERVER_NAME'] . '/' . GalaxyAPI::endpoint() . "&" . $params); $signature = base64_encode(hash_hmac('sha1', $string, $secret, true)); // the inbound signature $sig1 = base64_decode(urldecode($this->oauth->oauth_signature)); // the rebuilt signature $sig2 = base64_decode($signature); $result = rawurlencode($sig1) == rawurlencode($sig2); } return $result; }
private function requestWithAuthorizationOAuth() { //print_r($_POST); $authorization = new GalaxyAuthorizationOAuth($this->headers['Authorization']); if ($authorization->isAuthorized()) { // load the application command context: $api = null; $response = null; // GalaxyResponse // At this point we know the user has a valid application // if they are attempting to access a channel, we need to confirm the channel // permissions, if they are accessing the root of their application, they are good // to go at this point. $context = $this->context_for_realm($authorization->realm); $context->origin = $authorization->application; $context->origin_description = $authorization->description; $context->origin_domain = $authorization->domain; if ($context) { $api = $this->commandLibraryForType($authorization->instance); // format: command_method e.g., channels_get, topics_post, topics_delete $method = GalaxyAPI::methodForEndpoint(GalaxyAPI::endpoint()); if (!$api) { GalaxyResponse::unauthorized(); } // accessing the application if (!$context->channel) { if ($context->application == $authorization->application) { if (method_exists($api, $method)) { $response = $api->{$method}($context); } else { GalaxyResponse::unauthorized(); } echo $response; } else { GalaxyResponse::unauthorized(); } } else { $has_permission = false; $db_certificates = GalaxyAPI::database(GalaxyAPIConstants::kDatabaseRedis, GalaxyAPIConstants::kDatabaseCertificates); $permissions = json_decode($db_certificates->get(GalaxyAPIConstants::kTypeCertificate . ':' . $authorization->oauth_consumer_key . ':' . $context->channel)); $verb = strtolower($_SERVER['REQUEST_METHOD']); switch ($verb) { case 'get': $has_permission = $permissions & GalaxyAPIConstants::kPermissionRead ? true : false; break; case 'post': case 'put': $has_permission = $permissions & GalaxyAPIConstants::kPermissionWrite ? true : false; break; case 'delete': $has_permission = $permissions & GalaxyAPIConstants::kPermissionDelete ? true : false; break; } if ($has_permission && method_exists($api, $method)) { $log = new GalaxyLog(); $log->setEndpoint(GalaxyAPI::endpoint()); $log->setContext($context); $log->setMethod($verb); $log->write(); $response = $api->{$method}($context); } else { echo GalaxyResponse::unauthorized(); } echo $response; } } else { echo GalaxyResponse::unauthorized(); } } else { echo "*****"; echo GalaxyResponse::unauthorized(); } }
public function topics_get(GalaxyContext $context) { $options = array('default' => GalaxyAPI::databaseForId($context->application)); $channel = GalaxyAPI::database(GalaxyAPIConstants::kDatabaseMongoDB, GalaxyAPI::databaseForId($context->channel), $options); $result = $channel->find(array('type' => GalaxyAPIConstants::kTypeForumTopic)); $data = array(); foreach ($result as $topic) { $data[] = array('id' => $topic['_id'], 'requests' => $topic['requests'], 'replies' => $topic['replies'], 'title' => $topic['title'], 'author' => $topic['author'], 'source' => $topic['source'], 'last_message' => $topic['last_message'], 'created' => $topic['created'], 'type' => $topic['type']); } return GalaxyResponse::responseWithData($data); }