/** * This method parses the $_POST and $_GET superglobals and looks for * the following information: * 1/ user authentication - username+password or token (wsusername, wspassword and wstoken parameters) * 2/ function name (wsfunction parameter) * 3/ function parameters (all other parameters except those above) * 4/ text format parameters * 5/ return rest format xml/json */ protected function parse_request() { // Retrieve and clean the POST/GET parameters from the parameters specific to the server. parent::set_web_service_call_settings(); // Get GET and POST parameters. $methodvariables = array_merge($_GET, $_POST); // Retrieve REST format parameter - 'xml' (default) or 'json'. $restformatisset = isset($methodvariables['moodlewsrestformat']) && ($methodvariables['moodlewsrestformat'] == 'xml' || $methodvariables['moodlewsrestformat'] == 'json'); $this->restformat = $restformatisset ? $methodvariables['moodlewsrestformat'] : 'xml'; unset($methodvariables['moodlewsrestformat']); if ($this->authmethod == WEBSERVICE_AUTHMETHOD_USERNAME) { $this->username = isset($methodvariables['wsusername']) ? $methodvariables['wsusername'] : null; unset($methodvariables['wsusername']); $this->password = isset($methodvariables['wspassword']) ? $methodvariables['wspassword'] : null; unset($methodvariables['wspassword']); $this->functionname = isset($methodvariables['wsfunction']) ? $methodvariables['wsfunction'] : null; unset($methodvariables['wsfunction']); $this->parameters = $methodvariables; } else { $this->token = isset($methodvariables['wstoken']) ? $methodvariables['wstoken'] : null; unset($methodvariables['wstoken']); $this->functionname = isset($methodvariables['wsfunction']) ? $methodvariables['wsfunction'] : null; unset($methodvariables['wsfunction']); $this->parameters = $methodvariables; } }
/** * This method parses the request input, it needs to get: * 1/ user authentication - username+password or token * 2/ function name * 3/ function parameters */ protected function parse_request() { // Retrieve and clean the POST/GET parameters from the parameters specific to the server. parent::set_web_service_call_settings(); // Get GET and POST parameters. $methodvariables = array_merge($_GET, $_POST); if ($this->authmethod == WEBSERVICE_AUTHMETHOD_USERNAME) { $this->username = isset($methodvariables['wsusername']) ? $methodvariables['wsusername'] : null; unset($methodvariables['wsusername']); $this->password = isset($methodvariables['wspassword']) ? $methodvariables['wspassword'] : null; unset($methodvariables['wspassword']); } else { $this->token = isset($methodvariables['wstoken']) ? $methodvariables['wstoken'] : null; unset($methodvariables['wstoken']); } // Get the XML-RPC request data. $rawpostdata = file_get_contents("php://input"); $methodname = null; // Decode the request to get the decoded parameters and the name of the method to be called. $decodedparams = xmlrpc_decode_request($rawpostdata, $methodname); $methodinfo = external_api::external_function_info($methodname); $methodparams = array_keys($methodinfo->parameters_desc->keys); // Add the decoded parameters to the methodvariables array. if (is_array($decodedparams)) { foreach ($decodedparams as $index => $param) { // See MDL-53962 - XML-RPC requests will usually be sent as an array (as in, one with indicies). // We need to use a bit of "magic" to add the correct index back. Zend used to do this for us. $methodvariables[$methodparams[$index]] = $param; } } $this->functionname = $methodname; $this->parameters = $methodvariables; }
/** * This method parses the request input, it needs to get: * 1/ user authentication - username+password or token * 2/ function name * 3/ function parameters */ protected function parse_request() { // Retrieve and clean the POST/GET parameters from the parameters specific to the server. parent::set_web_service_call_settings(); // Get GET and POST parameters. $methodvariables = array_merge($_GET, $_POST); if ($this->authmethod == WEBSERVICE_AUTHMETHOD_USERNAME) { $this->username = isset($methodvariables['wsusername']) ? $methodvariables['wsusername'] : null; unset($methodvariables['wsusername']); $this->password = isset($methodvariables['wspassword']) ? $methodvariables['wspassword'] : null; unset($methodvariables['wspassword']); } else { $this->token = isset($methodvariables['wstoken']) ? $methodvariables['wstoken'] : null; unset($methodvariables['wstoken']); } // Get the XML-RPC request data. $rawpostdata = file_get_contents("php://input"); $methodname = null; // Decode the request to get the decoded parameters and the name of the method to be called. $decodedparams = xmlrpc_decode_request($rawpostdata, $methodname); // Add the decoded parameters to the methodvariables array. if (is_array($decodedparams)) { foreach ($decodedparams as $param) { // Check if decoded param is an associative array. if (is_array($param) && array_keys($param) !== range(0, count($param) - 1)) { $methodvariables = array_merge($methodvariables, $param); } else { $methodvariables[] = $param; } } } $this->functionname = $methodname; $this->parameters = $methodvariables; }
/** * This method parses the $_POST and $_GET superglobals and looks for the following information: * - User authentication parameters: * - Username + password (wsusername and wspassword), or * - Token (wstoken) */ protected function parse_request() { // Retrieve and clean the POST/GET parameters from the parameters specific to the server. parent::set_web_service_call_settings(); if ($this->authmethod == WEBSERVICE_AUTHMETHOD_USERNAME) { $this->username = optional_param('wsusername', null, PARAM_RAW); $this->password = optional_param('wspassword', null, PARAM_RAW); if (!$this->username or !$this->password) { // Workaround for the trouble with & in soap urls. $authdata = get_file_argument(); $authdata = explode('/', trim($authdata, '/')); if (count($authdata) == 2) { list($this->username, $this->password) = $authdata; } } $this->serverurl = new moodle_url('/webservice/soap/simpleserver.php/' . $this->username . '/' . $this->password); } else { $this->token = optional_param('wstoken', null, PARAM_RAW); $this->serverurl = new moodle_url('/webservice/soap/server.php'); $this->serverurl->param('wstoken', $this->token); } if ($wsdl = optional_param('wsdl', 0, PARAM_INT)) { $this->wsdlmode = true; } }
/** * This method parses the $_POST and $_GET superglobals and looks for * the following information: * 1/ user authentication - username+password or token (wsusername, wspassword and wstoken parameters) * 2/ function name (wsfunction parameter) * 3/ function parameters (all other parameters except those above) * 4/ text format parameters * 5/ return rest format xml/json */ protected function parse_request() { // Retrieve and clean the POST/GET parameters from the parameters specific to the server. parent::set_web_service_call_settings(); // Check request content type and process appropriately. $defaultrestformat = 'xml'; if (preg_match("#application/json#", $_SERVER["CONTENT_TYPE"])) { $data = json_decode(file_get_contents('php://input'), true); $defaultrestformat = 'json'; } else { if (preg_match("#application/xml#", $_SERVER["CONTENT_TYPE"])) { $data = simplexml_load_string(file_get_contents('php://input')); $data = json_decode(json_encode($data), true); // Convert objects to assoc arrays. } else { $data = $_POST; } } // Add GET parameters. $methodvariables = array_merge($_GET, (array) $data); // Check accept header for accepted responses. if (isset($_SERVER["HTTP_ACCEPT"]) && $_SERVER['HTTP_ACCEPT'] != "*/*") { $accept = array_map('trim', explode(',', $_SERVER["HTTP_ACCEPT"])); if (!empty($accept)) { if (!in_array('application/xml', $accept)) { if (in_array('application/json', $accept)) { $defaultrestformat = 'json'; } else { http_response_code(406); throw new invalid_parameter_exception('No response types acceptable'); } } else { if ($defaultrestformat == 'json' && !in_array('application/json', $accept)) { $defaultrestformat = 'xml'; } } } } // Retrieve REST format parameter - 'xml' or 'json' if specified // where not set use same format as request for xml/json requests or xml for form data. $restformatisset = isset($methodvariables['moodlewsrestformat']) && ($methodvariables['moodlewsrestformat'] == 'xml' || $methodvariables['moodlewsrestformat'] == 'json'); $this->restformat = $restformatisset ? $methodvariables['moodlewsrestformat'] : $defaultrestformat; unset($methodvariables['moodlewsrestformat']); if ($this->authmethod == WEBSERVICE_AUTHMETHOD_USERNAME) { $this->username = isset($methodvariables['wsusername']) ? $methodvariables['wsusername'] : null; unset($methodvariables['wsusername']); $this->password = isset($methodvariables['wspassword']) ? $methodvariables['wspassword'] : null; unset($methodvariables['wspassword']); $this->functionname = isset($methodvariables['wsfunction']) ? $methodvariables['wsfunction'] : null; unset($methodvariables['wsfunction']); $this->parameters = $methodvariables; } else { $this->token = isset($methodvariables['wstoken']) ? $methodvariables['wstoken'] : null; unset($methodvariables['wstoken']); $this->functionname = isset($methodvariables['wsfunction']) ? $methodvariables['wsfunction'] : null; unset($methodvariables['wsfunction']); $this->parameters = $methodvariables; } }
/** * This method parses the $_POST and $_GET superglobals then * any body params and looks for * the following information: * 1/ Authorization token * 2/ functionname via get_functionname method */ protected function parse_request() { // Retrieve and clean the POST/GET parameters from the parameters specific to the server. parent::set_web_service_call_settings(); $methodvariables = array(); // Get GET and POST parameters. $methodvariables = array_merge($_GET, $_POST, $this->get_headers()); $this->requestmethod = (isset($methodvariables['method'])) ? $methodvariables['method'] : $_SERVER['REQUEST_METHOD']; if ($this->requestmethod == 'OPTIONS') $this->send_options(); // now how about PUT/POST bodies? These override any existing parameters. $body = @file_get_contents('php://input'); if (TCAPI_LOG_ENDPOINT) { global $DEBUGBODY; if (isset($DEBUGBODY)) $body = $DEBUGBODY; } //echo $body; if (!isset($methodvariables['content'])) $methodvariables['content'] = $body; if ($body_params = json_decode($body)) { foreach($body_params as $param_name => $param_value) { $methodvariables[$param_name] = stripslashes($param_value); } } else { $body_params = array(); parse_str($body,$body_params); foreach($body_params as $param_name => $param_value) { $methodvariables[$param_name] = stripslashes($param_value); } } // Determine Authentication method to use (WEBSERVICE_AUTHMETHOD_PERMANENT_TOKEN is default) // Simple token (as used in Bookmarklet method) and Basic authentication is supported at this time. if (isset($methodvariables['Authorization'])) { // TODO: Add support for OAuth authentication. That should really be a web service addition so we can call it here. if (substr($methodvariables['Authorization'], 0, 5) == 'Basic') { $user_auth = explode(":",base64_decode(substr($methodvariables['Authorization'], 6))); if (is_array($user_auth) && count($user_auth) == 2) { $this->username = $user_auth[0]; $this->password = $user_auth[1]; $this->authmethod = WEBSERVICE_AUTHMETHOD_USERNAME; //echo 'Uses Basic Auth with Username: '******' and Password: '******'Authorization']) ? $methodvariables['Authorization'] : null; //echo 'Uses Token Auth with Token: '.$this->token."\n"; } } //print_r($methodvariables); unset($methodvariables['Authorization']); $this->parameters = $methodvariables; $this->functionname = $this->get_functionname(); //echo $this->functionname; }