예제 #1
0
파일: api.php 프로젝트: sammarks/publisher
function publisher_authenticate_request()
{
    // Make sure the API key header exists.
    $headers = publisher_get_request_headers();
    if (!array_key_exists('x-publisher-apikey', $headers)) {
        return publisher_authentication_error('The header X-Publisher-APIKey does not exist.', 'NoAPIKeyHeader');
    }
    // Make sure this is a POST request.
    if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
        return publisher_authentication_error('The publisher API only supports POST requests.', 'POSTOnly');
    }
    // Check the validity of the API key.
    $valid = false;
    if ($headers['x-publisher-apikey'] == publisher_get_api_key()) {
        $valid = true;
    } elseif (defined('AC_API_MASTER_KEY') && $headers['x-publisher-apikey'] == AC_API_MASTER_KEY) {
        $valid = true;
    }
    if (!$valid) {
        return publisher_authentication_error('The provided API key is incorrect.', 'IncorrectAPIKey');
    }
    // Make sure we have a remote key.
    if (!array_key_exists('x-publisher-remote', $headers)) {
        return publisher_authentication_error('The header X-Publisher-Remote does not exist.', 'NoRemoteHeader');
    }
    // Make sure the remote header is valid.
    $remote = publisher_get_remote_by_key($headers['x-publisher-remote']);
    if ($remote === false) {
        return publisher_authentication_error('The specified remote does not exist.', 'RemoteDoesntExist');
    }
    // Make sure we have an origin header.
    if (!array_key_exists('origin', $headers)) {
        return publisher_authentication_error('The origin header does not exist.', 'NoOriginHeader');
    }
    // Check to see if the URL in the remote matches the origin.
    if (publisher_normalize_remote_url($remote->url) != publisher_normalize_remote_url($headers['origin'])) {
        return publisher_authentication_error('The remote URL (' . publisher_normalize_remote_url($remote->url) . ') does not match the origin URL (' . publisher_normalize_remote_url($headers['origin']) . ').', 'OriginRemoteMismatch');
    }
    // Make sure the remote is enabled.
    if (!$remote->enabled) {
        return publisher_authentication_error('The remote is not enabled.', 'RemoteNotEnabled');
    }
    // Make sure the remote is set to receive content.
    if (!$remote->receive) {
        return publisher_authentication_error('This site cannot receive content from this remote.', 'CantReceiveContent');
    }
    return $remote;
}
예제 #2
0
 protected function generateHeaders()
 {
     global $base_url;
     $headers = array();
     $headers['x-publisher-apikey'] = $this->remote->api_key;
     $headers['x-publisher-remote'] = \publisher_get_api_key();
     $headers['origin'] = $base_url;
     $headers['Content-Type'] = 'application/json';
     $curl_headers = array();
     foreach ($headers as $key => $value) {
         $curl_headers[] = $key . ': ' . $value;
     }
     return $curl_headers;
 }