/**
* Generates a token from an input array of values
* @param owner owner of this gadget
* @param viewer viewer of this gadget
* @param app application id
* @param domain domain of the container
* @param appUrl url where the application lives
* @param moduleId module id of this gadget
* @throws BlobCrypterException
*/
public static function createFromSocialSession($stringToken)
{
ini_set('session.use_cookies', '0');
ini_set('session.save_handler', 'user');
session_set_save_handler(array('Session', 'open'), array('Session', 'close'), array('Session', 'read'), array('Session', 'write'), array('Session', 'destroy'), array('Session', 'gc'));
$partsArry = explode(":", $stringToken);
$session_key = $partsArry[0];
$api_key = $partsArry[2];
$network_session = new RingsideSocialSession($session_key);
$uid = $network_session->getUserId();
$owner = $partsArry[5];
if ($owner == '' || $owner == 'null' || $owner == 'undefined') {
$owner = $uid;
}
$viewer = $uid;
$app = $api_key;
$domain = $partsArry[4];
$adminClient = RingsideSocialUtils::getAdminClient();
$app_properties = $adminClient->admin_getAppProperties(array('api_key', 'callback_url', 'canvas_url'), null, null, $api_key);
$moduleId = $app_properties['canvas_url'];
$appUrl = $app_properties['callback_url'];
$app = $app_properties['api_key'];
error_log("******* Creating RingsideGadgetToken(null,null,{$owner}, {$viewer}, {$app}, {$domain}, {$appUrl}, {$moduleId})");
$rsToken = new RingsideGadgetToken(null, null, $owner, $viewer, $app, $domain, $appUrl, $moduleId);
$rsToken->setSocialSession($network_session);
return $rsToken;
}
/**
* Get the session key between an application and the API server.
*
* @param unknown_type $api_key
* @param unknown_type $secret_key
* @param RingsideSocialSession $socialSession
* @return string session key for the API container
*/
public static function getApiSessionKey($api_key, $secret_key, RingsideSocialSession $socialSession)
{
$uid = $socialSession->getUserId();
$sessionKey = $socialSession->getApiSessionKey($api_key);
if ($sessionKey != null) {
// Validate Session Key is still valid.
$apiClient = new RingsideApiClientsRest($api_key, $secret_key, $sessionKey);
$apiClient->setNetworkKey($socialSession->getNetwork());
try {
$apiClient->users_getLoggedInUser();
} catch (Exception $e) {
// error_log( "Session expired? " . $e->getMessage() ) ;
// error_log($e->getTraceAsString());
$sessionKey = null;
$socialSession->unsetApiSessionKey($api_key);
}
}
if ($sessionKey == null && $uid != null) {
// Need to simulate being app and auth, approve, get... which of course
// TODO we need to re-think once we are working.
// TODO catch some exceptions.
try {
// Configure where we get the URL for the REST SERVER from.
$apiClient = new RingsideApiClientsRest($api_key, $secret_key, null, null, RingsideSocialConfig::$apiKey);
// Once the client is authenticated with a session, the network key will be associated via the session
$apiClient->setNetworkKey($socialSession->getNetwork());
$auth_token = $apiClient->auth_createToken($socialSession->getExpiry() == null ? true : false);
$result = $apiClient->auth_approveToken($uid);
$result = $apiClient->auth_getSession($auth_token);
if (!empty($apiClient->session_key)) {
$sessionKey = trim($apiClient->session_key);
$socialSession->addApiSessionKey($api_key, $sessionKey);
}
} catch (Exception $exception) {
error_log("Error creating session key " . $exception);
}
}
return $sessionKey;
}
public function execute($params)
{
$this->debug('Entering');
$this->debugVar($params);
$network_session = null;
/*
foreach($params as $k => $v)
{
error_log("RingsideSocialServerRender: $k=$v");
}
*/
// Recreate Session if we have it
error_log("Parameters for widget render are: " . var_export($params, true));
error_log("PHPSESSID=" . (isset($_COOKIE['PHPSESSID']) ? $_COOKIE['PHPSESSID'] : '<empty>'));
if (array_key_exists('social_session_key', $params)) {
$session_key = $params['social_session_key'];
$network_session = new RingsideSocialSession($session_key);
$uid = $network_session->getUserId();
if (null == $uid || strlen($uid) == 0) {
setcookie('social_session_key', $network_session->getSessionKey());
$uid = $network_session->getUserId();
if (isset($_REQUEST['uid'])) {
// TODO: SECURITY: I don't think we should just be able to override the uid.
$uid = $_REQUEST['uid'];
// TODO: SECURITY: This shouldn't be a valid way to log in.
$network_session->setUserId($uid);
$network_session->setLoggedIn(true);
}
}
} else {
if (isset($_COOKIE['PHPSESSID'])) {
// Optimization if user is already logged into web front-end
$network_session = new RingsideSocialSession($_COOKIE['PHPSESSID']);
error_log("PHPSESSID says session is as follows: " . var_export($network_session, true));
$uid = $network_session->getUserId();
if (!isset($uid)) {
// The user has a network session but is not logged in
// Run as an anonymous user
$trust = new RingsideSocialApiTrust($_REQUEST);
$network_session = $trust->getAnonymousSession();
}
} else {
// Not logged in, so login via annonymous user
$trust = new RingsideSocialApiTrust($_REQUEST);
$network_session = $trust->getAnonymousSession();
}
}
$api_session_key = $network_session->getApiSessionKey($params['api_key']);
if (null == $api_session_key) {
$rest = RingsideSocialUtils::getAdminClient();
$app_props = $rest->admin_getAppProperties(array('secret_key'), null, null, $params['api_key'], $network_session->getNetwork());
error_log("Adding API key for " . $params['api_key'] . " to social session for user " . $network_session->getUserID());
RingsideSocialUtils::getApiSessionKey($params['api_key'], $app_props['secret_key'], $network_session);
} else {
error_log("Using API session key {$api_session_key} for user " . $network_session->getUserID());
}
if (array_key_exists('method', $params)) {
$method = $params['method'];
if (strcasecmp($method, 'fbml') == 0 && array_key_exists('fbml', $params)) {
$fbml = $params['fbml'];
//error_log("fbml: $fbml");
$render = new RingsideSocialApiRenderFBML($params);
$result = $render->render($network_session, $fbml);
//error_log("content: ".$result['content']);
return isset($result['content']) ? $result['content'] : $result['error'];
} else {
if (strcasecmp($method, 'app') == 0) {
$social = new RingsideSocialClientLocal(RingsideWebConfig::$networkKey, null, $network_session->getSessionKey());
$inSession = $social->inSession();
error_log("User " . ($inSession ? 'is' : 'is not') . " in session");
if ($inSession) {
$path = '';
if (array_key_exists('path', $params)) {
$path = $params['path'];
}
$view = 'canvas';
if (array_key_exists('view', $params)) {
$view = $params['view'];
}
//error_log("About to render: ".$params['app']." view: $view, path: $path");
$rest = RingsideSocialUtils::getAdminClient();
$app_props = $rest->admin_getAppProperties(array('application_id', 'canvas_url'), null, null, $params['api_key'], null, $network_session->getNetwork());
$domain_props = $rest->admin_getDomainProperties(array('resize_url'), null, $network_session->getNetwork());
$content = $social->render($view, $app_props['application_id'], $app_props['canvas_url'], $path);
// TODO: Is this where error reporting should happen?
//error_log("content: $content");
if (isset($domain_props['resize_url'])) {
$content = "<html><head><script type=\"text/javascript\">\n function resizeIframe(id) {\n var iframe = document.getElementById( 'xdiframe' );\n var wrapper = document.getElementById( 'wrapper' );\n var height = Math.max( document.body.offsetHeight, document.body.scrollHeight );\n var width = Math.max( document.body.offsetWidth, document.body.scrollWidth );\n iframe.src = '{$domain_props['resize_url']}?height='+height+'&width='+width+'&id='+id;\n }\n</script></head><body onload=\"resizeIframe('if_" . $params['api_key'] . "');\">" . $content . "<iframe id='xdiframe' width='1' height='1' frameborder='0'/></body></html>";
}
return $content;
} else {
echo "<error>User not Logged in!</error>";
}
}
}
} else {
error_log("No method specified for render request");
}
}
/**
* Creates a REST client for the session.
*
* @param string $social_session_key the session key generated by the social renderer when the application was rendered.
* @return RingsideApiClientsRest the REST client
*/
private static function createRestClient(&$social_session_key)
{
if (empty($social_session_key)) {
unset($social_session_key);
}
// error_log("Using session key $social_session_key");
$network_session = new RingsideSocialSession(isset($social_session_key) ? $social_session_key : null);
if ($network_session->getUserId() == null) {
// This is the Ringside user
$network_session->setUserId(1);
}
$api_session_key = RingsideSocialUtils::getApiSessionKey(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $network_session);
// error_log("API session key is $api_session_key");
$social_session_key = $network_session->getSessionKey();
return new RingsideApiClientsRest(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $api_session_key, RingsideApiClientsConfig::$serverUrl, RingsideApiClientsConfig::$webUrl, RingsideApiClientsConfig::$socialUrl);
}
/**
* Builds a calling context to invoke the application's AJAX endpoint.
*
* @param array $request the request array
* @param RingsideSocialSession $session the social session
* @return RingsideSocialAppContext the context
*/
private static function buildCallContext($api_key, RingsideSocialSession $session)
{
$ctx = new RingsideSocialAppContext();
$ctx->setApiKey($api_key);
$ctx->setIsAjax(1);
$ctx->setFlavor('ajax');
// TODO: $ctx->setNetworkId();
$ctx->setSessionKey($session->getApiSessionKey($api_key));
$ctx->setExpires($session->getExpiry() == null ? 0 : $session->getExpiry());
$ctx->setNetworkId(RingsideSocialConfig::$apiKey);
if ($session->isLoggedIn()) {
// We only know these if the user is logged in
$ctx->setUser($session->getUserId());
// TODO: Is App Added?
$ctx->setIsAppAdded(1);
}
$ctx->setTime(microtime(true));
return $ctx;
}
<?php
require_once 'LocalSettings.php';
require_once "ringside/social/session/RingsideSocialSession.php";
require_once 'ringside/api/Session.php';
ini_set('session.use_cookies', '0');
ini_set('session.save_handler', 'user');
session_set_save_handler(array('Session', 'open'), array('Session', 'close'), array('Session', 'read'), array('Session', 'write'), array('Session', 'destroy'), array('Session', 'gc'));
$network_session = new RingsideSocialSession($_REQUEST['social_session']);
?>
<html>
<h1>Social Session Dump</h1>
<label>User ID:</label><?php
echo $network_session->getUserId();
?>
<br/>
<label>Principal Id:</label><?php
echo $network_session->getPrincipalId();
?>
<br/>
<label>Trust:</label><?php
echo $network_session->getTrust();
?>
<br/>
<label>Expiry:</label><?php
echo $network_session->getExpiry();
?>
<br/>
<label>Network:</label><?php
echo $network_session->getNetwork();
