/**
* Check that this token is either a user token or the
* site's API token, and auth the current request for that user if so.
*
* @return \Idno\Entities\User user on success
*/
private static function authenticate()
{
$access_token = \Idno\Core\Input::getInput('access_token');
$headers = \Idno\Common\Page::getallheaders();
if (!empty($headers['Authorization'])) {
$token = $headers['Authorization'];
$token = trim(str_replace('Bearer', '', $token));
} else {
if ($token = \Idno\Core\Input::getInput('access_token')) {
$token = trim($token);
}
}
if (!empty($token)) {
$found = Token::findUserForToken($token);
if (!empty($found)) {
\Idno\Core\Idno::site()->session()->setIsAPIRequest(true);
$user = $found['user'];
\Idno\Core\Idno::site()->session()->refreshSessionUser($user);
return $user;
}
$user = \Idno\Entities\User::getOne(array('admin' => true));
if ($token == $user->getAPIkey()) {
\Idno\Core\Idno::site()->session()->setIsAPIRequest(true);
\Idno\Core\Idno::site()->session()->refreshSessionUser($user);
return $user;
}
}
return false;
}
/**
* Sets the page owner on the homepage
*/
function init()
{
\Idno\Core\Idno::site()->events()->addListener('page/get', function (\Idno\Core\Event $event) {
if ($event->data()['page_class'] == 'Idno\\Pages\\Homepage') {
\Idno\Core\Idno::site()->currentPage()->setOwner(\Idno\Entities\User::getOne(['admin' => 1]));
}
});
}
/**
* Sets the page owner on the homepage
*/
function init()
{
\Idno\Core\site()->events()->addListener('page/get', function (\Idno\Core\Event $event) {
if ($event->data()['page_class'] == 'Idno\\Pages\\Homepage') {
\Idno\Core\site()->currentPage()->setOwner(\Idno\Entities\User::getOne(['admin' => true]));
}
});
\Idno\Core\site()->addPageHandler('/admin/cherwell/?', 'Themes\\Cherwell\\Pages\\Admin');
}
/**
* Sets the page owner on the homepage
*/
function init()
{
\Idno\Core\Idno::site()->events()->addListener('page/get', function (\Idno\Core\Event $event) {
if ($event->data()['page_class'] == 'Idno\\Pages\\Homepage') {
if (!empty(\Idno\Core\Idno::site()->config()->cherwell['profile_user'])) {
if ($profile_user = User::getByHandle(\Idno\Core\Idno::site()->config()->cherwell['profile_user'])) {
\Idno\Core\Idno::site()->currentPage()->setOwner($profile_user);
}
}
if (empty($profile_user)) {
\Idno\Core\Idno::site()->currentPage()->setOwner(\Idno\Entities\User::getOne(['admin' => true]));
}
}
});
\Idno\Core\Idno::site()->addPageHandler('/admin/cherwell/?', 'Themes\\Cherwell\\Pages\\Admin');
}
function post()
{
// Get parameters
$code = $this->getInput('code');
$me = $this->getInput('me');
$redirect_uri = $this->getInput('redirect_uri');
$state = $this->getInput('state');
$client_id = $this->getInput('client_id');
// Verify code
$response = Webservice::post('https://indieauth.com/auth', array('me' => $me, 'code' => $code, 'redirect_uri' => $redirect_uri, 'state' => $state, 'client_id' => $client_id));
if ($response['response'] == 200) {
parse_str($response['content'], $content);
if (!empty($content['me']) && (parse_url($content['me'], PHP_URL_HOST) == parse_url(\Idno\Core\site()->config()->getURL(), PHP_URL_HOST) || 'www.' . parse_url($content['me'], PHP_URL_HOST) == parse_url(\Idno\Core\site()->config()->getURL(), PHP_URL_HOST))) {
// Get user & existing tokens
$user = \Idno\Entities\User::getOne(array('admin' => true));
$indieauth_tokens = $user->indieauth_tokens;
if (empty($indieauth_tokens)) {
$indieauth_tokens = array();
}
// Generate access token and save it to the user
$token = md5(rand(0, 99999) . time() . $user->getUUID() . $client_id . $state . rand(0, 999999));
$indieauth_tokens[$token] = array('me' => $me, 'redirect_uri' => $redirect_uri, 'scope' => 'post', 'client_id' => $client_id, 'issued_at' => time(), 'nonce' => mt_rand(1000000, pow(2, 30)));
$user->indieauth_tokens = $indieauth_tokens;
$user->save();
if (\Idno\Core\site()->session()->isLoggedOn() && $user->getUUID() == \Idno\Core\site()->session()->currentUser()->getUUID()) {
\Idno\Core\site()->session()->refreshSessionUser($user);
}
// Output to the browser
$this->setResponse(200);
header('Content-Type: application/x-www-form-urlencoded');
echo http_build_query(array('access_token' => $token, 'scope' => 'post', 'me' => $me));
exit;
} else {
$this->setResponse(404);
echo "Client mismatch.";
}
}
}
function getContent()
{
$user = \Idno\Entities\User::getOne(array('admin' => true));
// This is for single user sites; will retrieve the main user
$code = $this->getInput('code');
if (!empty($code)) {
$client = new Webservice();
$response = Webservice::post('http://indieauth.com/auth', array('code' => $code, 'redirect_uri' => \Idno\Core\Idno::site()->config()->getURL(), 'client_id' => \Idno\Core\Idno::site()->config()->getURL()));
if ($response['response'] == 200) {
parse_str($response['content'], $content);
if (!empty($content['me']) && parse_url($content['me'], PHP_URL_HOST) == parse_url(\Idno\Core\Idno::site()->config()->getURL, PHP_URL_HOST)) {
$user = \Idno\Core\Idno::site()->session()->currentUser();
$user->indieauth_code = $code;
$user->save();
\Idno\Core\Idno::site()->session()->logUserOn($user);
} else {
\Idno\Core\Idno::site()->session()->addMessage("Couldn't log you in: the token hostname didn't match.");
}
} else {
\Idno\Core\Idno::site()->session()->addMessage("Uh oh! We got a " . $response['response'] . " response.");
}
}
}
function post()
{
$headers = $this->getallheaders();
$user = \Idno\Entities\User::getOne(array('admin' => true));
\Idno\Core\site()->session()->refreshSessionUser($user);
$indieauth_tokens = $user->indieauth_tokens;
if (!empty($headers['Authorization'])) {
$token = $headers['Authorization'];
$token = trim(str_replace('Bearer', '', $token));
} else {
if ($token = $this->getInput('access_token')) {
$token = trim($token);
}
}
$user_token = $user->getAPIkey();
if (!empty($indieauth_tokens[$token]) || $token == $user_token) {
// If we're here, we're authorized
// Get details
$type = $this->getInput('h');
$content = $this->getInput('content');
$name = $this->getInput('name');
$in_reply_to = $this->getInput('in-reply-to');
$syndicate = $this->getInput('syndicate-to');
if ($type == 'entry') {
if (!empty($_FILES['photo'])) {
$type = 'photo';
if (empty($name) && !empty($content)) {
$name = $content;
$content = '';
}
} else {
if (empty($name)) {
$type = 'note';
} else {
$type = 'article';
}
}
}
// Get an appropriate plugin, given the content type
if ($contentType = ContentType::getRegisteredForIndieWebPostType($type)) {
if ($entity = $contentType->createEntity()) {
$this->setInput('title', $name);
$this->setInput('body', $content);
$this->setInput('inreplyto', $in_reply_to);
if ($created = $this->getInput('published')) {
$this->setInput('created', $created);
}
if (!empty($syndicate)) {
$syndication = array(trim(str_replace('.com', '', $syndicate)));
$this->setInput('syndication', $syndication);
}
if ($entity->saveDataFromInput()) {
//$this->setResponse(201);
header('Location: ' . $entity->getURL());
exit;
} else {
$this->setResponse(500);
echo "Couldn't create {$type}";
exit;
}
}
} else {
$this->setResponse(500);
echo "Couldn't find content type {$type}";
exit;
}
}
$this->setResponse(403);
echo 'Bad token';
}
/**
* A webmention to the homepage means someone mentioned our site's root.
*/
function webmentionContent($source, $target, $source_response, $source_mf2)
{
// if this is a single-user site, let's forward on the root mention
// to their user page
\Idno\Core\Idno::site()->logging()->info("received homepage mention from {$source}");
if (\Idno\Core\Idno::site()->config()->single_user) {
$user = \Idno\Entities\User::getOne(['admin' => true]);
if ($user) {
\Idno\Core\Idno::site()->logging()->debug("pass on webmention to solo user: {$user->getHandle()}");
$userPage = \Idno\Core\Idno::site()->getPageHandler($user->getURL());
if ($userPage) {
return $userPage->webmentionContent($source, $target, $source_response, $source_mf2);
} else {
\Idno\Core\Idno::site()->logging()->debug("failed to find a Page to serve route " . $user->getURL());
}
} else {
\Idno\Core\Idno::site()->logging()->debug("query for an admin-user failed to find one");
}
} else {
\Idno\Core\Idno::site()->logging()->debug("disregarding mention to multi-user site");
}
return false;
}
private function validateToken($token)
{
if (!empty($token)) {
$found = Token::findUserForToken($token);
if (!empty($found)) {
$user = $found['user'];
\Idno\Core\Idno::site()->session()->refreshSessionUser($user);
return true;
}
$user = \Idno\Entities\User::getOne(array('admin' => true));
if ($token == $user->getAPIkey()) {
\Idno\Core\Idno::site()->session()->refreshSessionUser($user);
return true;
}
}
return false;
}
