/** * Generates a token from an input array of values * @param owner owner of this gadget * @param viewer viewer of this gadget * @param app application id * @param domain domain of the container * @param appUrl url where the application lives * @param moduleId module id of this gadget * @throws BlobCrypterException */ public static function createFromSocialSession($stringToken) { ini_set('session.use_cookies', '0'); ini_set('session.save_handler', 'user'); session_set_save_handler(array('Session', 'open'), array('Session', 'close'), array('Session', 'read'), array('Session', 'write'), array('Session', 'destroy'), array('Session', 'gc')); $partsArry = explode(":", $stringToken); $session_key = $partsArry[0]; $api_key = $partsArry[2]; $network_session = new RingsideSocialSession($session_key); $uid = $network_session->getUserId(); $owner = $partsArry[5]; if ($owner == '' || $owner == 'null' || $owner == 'undefined') { $owner = $uid; } $viewer = $uid; $app = $api_key; $domain = $partsArry[4]; $adminClient = RingsideSocialUtils::getAdminClient(); $app_properties = $adminClient->admin_getAppProperties(array('api_key', 'callback_url', 'canvas_url'), null, null, $api_key); $moduleId = $app_properties['canvas_url']; $appUrl = $app_properties['callback_url']; $app = $app_properties['api_key']; error_log("******* Creating RingsideGadgetToken(null,null,{$owner}, {$viewer}, {$app}, {$domain}, {$appUrl}, {$moduleId})"); $rsToken = new RingsideGadgetToken(null, null, $owner, $viewer, $app, $domain, $appUrl, $moduleId); $rsToken->setSocialSession($network_session); return $rsToken; }
/** * Builds a calling context to invoke the application's AJAX endpoint. * * @param array $request the request array * @param RingsideSocialSession $session the social session * @return RingsideSocialAppContext the context */ private static function buildCallContext($api_key, RingsideSocialSession $session) { $ctx = new RingsideSocialAppContext(); $ctx->setApiKey($api_key); $ctx->setIsAjax(1); $ctx->setFlavor('ajax'); // TODO: $ctx->setNetworkId(); $ctx->setSessionKey($session->getApiSessionKey($api_key)); $ctx->setExpires($session->getExpiry() == null ? 0 : $session->getExpiry()); $ctx->setNetworkId(RingsideSocialConfig::$apiKey); if ($session->isLoggedIn()) { // We only know these if the user is logged in $ctx->setUser($session->getUserId()); // TODO: Is App Added? $ctx->setIsAppAdded(1); } $ctx->setTime(microtime(true)); return $ctx; }
public function execute() { // TODO: This ONLY will work if API and Social tiers are co-located! $response = array(); // Finish the API session, because we need to start a social session session_regenerate_id(true); $_SESSION = array(); $network_session = new RingsideSocialSession(); $rest = RingsideSocialUtils::getAdminClient(); $session_key = $rest->auth_createAppSession($this->uid, RingsideSocialConfig::$apiKey, false); $network_session->addApiSessionKey(RingsideSocialConfig::$apiKey, $session_key); $network_session->setNetwork($this->user_network_key); //$network_session->addApiSessionKey($apiKey, $session_key); $network_session->setUserId($this->uid); // TODO: Do user identity mapping right now //$network_session->setPrincipalId($pid); //$network_session->setTrust($trust_key); //$network_session->setCallbackUrl($social_callback); $network_session->setLoggedIn(true); $response[self::RESPONSE_SOCIAL_SESSION]['session_id'] = $network_session->getSessionKey(); $response[self::RESPONSE_SOCIAL_SESSION]['initial_expiry'] = $network_session->getExpiry(); session_write_close(); return $response; }
/** * Returns an array of all app fbml blocks * formatted for display. * $location enum(narrow|wide) indicates the style to be used when fbml is returned * $arryExcludeAppNames is an array of app names which should not appear in the list * */ function getAllFormattedHtmlForUserOpenSocialApps($location = "narrow", $arryExcludeAppNames = null) { $userAppList = Api_Bo_App::getApplicationListByUserId($this->uid); $this->debug("******************** DUMPING OS userAppList for {$this->uid}" . " which is " . count($userAppList) . " apps"); $aggregateFbml = ""; $fbmlArry = array(); if (!empty($userAppList)) { foreach ($userAppList as $index => $appInfo1) { $appInfo = $appInfo1['RingsideApp']; $this->debug("Processing " . $appInfo['name'] . " " . $appInfo['app_id']); $this->debug("{$appInfo1}=" . var_export($appInfo1, true)); //$returnedFbml=$this->getFbmlForApp($appInfo1['app_id'],$this->uid); $app_id = $appInfo1['app_id']; $app_name = $appInfo['name']; $enabled = true; // Don't show this app if it is not open social if ($appInfo['canvas_type'] != 2) { $enabled = false; $this->debug("{$app_name} rejected as not open social."); } if ($enabled) { //$app_appBlock=$this->getFormatedFbmlFromAppName($app_name,$location,true,$returnedFbml); //$fbmlArry=array_merge($fbmlArry,$app_appBlock); $block = array("<div id='app-{$app_name}-header' class='wide_app_header'> "); $block[] = $app_name; //$block[]="<div style='float: right;' ><form id='formmove' name='formmove' method='post' ><input name='action' type='hidden' value='saveColChange'/><input name='appname' type='hidden' value='$app_name'/><a onClick='form.submit();' href=''> [move] </a></form></div>"; $block[] = "</div>"; $frameParams = $_REQUEST; $callbackQuery = http_build_query($frameParams); $owner_id = $_REQUEST['id']; if ($owner_id == '') { $owner_id = $this->uid; } // Get api_key $keyService = Api_ServiceFactory::create('KeyService'); $domainService = Api_ServiceFactory::create('DomainService'); $domainId = $domainService->getNativeIdByName('Ringside'); $app_keysArray = $keyService->getKeyset($app_id, $domainId); $app_keys = $app_keysArray; /* $app_keysArray=Api_Bo_App::getUsersAppKeys($this->uid,$app_id); $app_keys=$app_keysArray[0]; $this->debug(var_export($app_keysArray,true)); foreach($app_keysArray as $testApp_keys){ if($testApp_keys['network_id']==$socialApiKey){ $app_keys=$testApp_keys; } } $app_keys=$app_keysArray[0]; */ $this->debug("{$app_keys}=" . var_export($app_keys, true)); $social_session = new RingsideSocialSession(); $social_session->addApiSessionKey($app_keys['api_key'], $app_keys['secret']); $this->debug("Building Social Session with " . $app_keys['api_key'] . " and " . $app_keys['secret']); $osGadgetUrl = RingsideSocialConfig::$socialRoot . '/gadgets/ifr?view=profile&synd=ringside&fb_sig_api_key=' . $app_keys['api_key'] . '&fb_sig_owner_id=' . $owner_id . '&url=' . urlencode($appInfo['callback_url']) . '&social_session_key=' . $social_session->getSessionKey(); $this->debug("osGadgetUrl= {$osGadgetUrl}"); $block[] = '<iframe src="' . $osGadgetUrl . '" height="400" width="450"></iframe>'; $fbmlArry = array_merge($fbmlArry, $block); } } } return $fbmlArry; }
/** * Get the session key between an application and the API server. * * @param unknown_type $api_key * @param unknown_type $secret_key * @param RingsideSocialSession $socialSession * @return string session key for the API container */ public static function getApiSessionKey($api_key, $secret_key, RingsideSocialSession $socialSession) { $uid = $socialSession->getUserId(); $sessionKey = $socialSession->getApiSessionKey($api_key); if ($sessionKey != null) { // Validate Session Key is still valid. $apiClient = new RingsideApiClientsRest($api_key, $secret_key, $sessionKey); $apiClient->setNetworkKey($socialSession->getNetwork()); try { $apiClient->users_getLoggedInUser(); } catch (Exception $e) { // error_log( "Session expired? " . $e->getMessage() ) ; // error_log($e->getTraceAsString()); $sessionKey = null; $socialSession->unsetApiSessionKey($api_key); } } if ($sessionKey == null && $uid != null) { // Need to simulate being app and auth, approve, get... which of course // TODO we need to re-think once we are working. // TODO catch some exceptions. try { // Configure where we get the URL for the REST SERVER from. $apiClient = new RingsideApiClientsRest($api_key, $secret_key, null, null, RingsideSocialConfig::$apiKey); // Once the client is authenticated with a session, the network key will be associated via the session $apiClient->setNetworkKey($socialSession->getNetwork()); $auth_token = $apiClient->auth_createToken($socialSession->getExpiry() == null ? true : false); $result = $apiClient->auth_approveToken($uid); $result = $apiClient->auth_getSession($auth_token); if (!empty($apiClient->session_key)) { $sessionKey = trim($apiClient->session_key); $socialSession->addApiSessionKey($api_key, $sessionKey); } } catch (Exception $exception) { error_log("Error creating session key " . $exception); } } return $sessionKey; }
public function execute($params) { $this->debug('Entering'); $this->debugVar($params); $network_session = null; /* foreach($params as $k => $v) { error_log("RingsideSocialServerRender: $k=$v"); } */ // Recreate Session if we have it error_log("Parameters for widget render are: " . var_export($params, true)); error_log("PHPSESSID=" . (isset($_COOKIE['PHPSESSID']) ? $_COOKIE['PHPSESSID'] : '<empty>')); if (array_key_exists('social_session_key', $params)) { $session_key = $params['social_session_key']; $network_session = new RingsideSocialSession($session_key); $uid = $network_session->getUserId(); if (null == $uid || strlen($uid) == 0) { setcookie('social_session_key', $network_session->getSessionKey()); $uid = $network_session->getUserId(); if (isset($_REQUEST['uid'])) { // TODO: SECURITY: I don't think we should just be able to override the uid. $uid = $_REQUEST['uid']; // TODO: SECURITY: This shouldn't be a valid way to log in. $network_session->setUserId($uid); $network_session->setLoggedIn(true); } } } else { if (isset($_COOKIE['PHPSESSID'])) { // Optimization if user is already logged into web front-end $network_session = new RingsideSocialSession($_COOKIE['PHPSESSID']); error_log("PHPSESSID says session is as follows: " . var_export($network_session, true)); $uid = $network_session->getUserId(); if (!isset($uid)) { // The user has a network session but is not logged in // Run as an anonymous user $trust = new RingsideSocialApiTrust($_REQUEST); $network_session = $trust->getAnonymousSession(); } } else { // Not logged in, so login via annonymous user $trust = new RingsideSocialApiTrust($_REQUEST); $network_session = $trust->getAnonymousSession(); } } $api_session_key = $network_session->getApiSessionKey($params['api_key']); if (null == $api_session_key) { $rest = RingsideSocialUtils::getAdminClient(); $app_props = $rest->admin_getAppProperties(array('secret_key'), null, null, $params['api_key'], $network_session->getNetwork()); error_log("Adding API key for " . $params['api_key'] . " to social session for user " . $network_session->getUserID()); RingsideSocialUtils::getApiSessionKey($params['api_key'], $app_props['secret_key'], $network_session); } else { error_log("Using API session key {$api_session_key} for user " . $network_session->getUserID()); } if (array_key_exists('method', $params)) { $method = $params['method']; if (strcasecmp($method, 'fbml') == 0 && array_key_exists('fbml', $params)) { $fbml = $params['fbml']; //error_log("fbml: $fbml"); $render = new RingsideSocialApiRenderFBML($params); $result = $render->render($network_session, $fbml); //error_log("content: ".$result['content']); return isset($result['content']) ? $result['content'] : $result['error']; } else { if (strcasecmp($method, 'app') == 0) { $social = new RingsideSocialClientLocal(RingsideWebConfig::$networkKey, null, $network_session->getSessionKey()); $inSession = $social->inSession(); error_log("User " . ($inSession ? 'is' : 'is not') . " in session"); if ($inSession) { $path = ''; if (array_key_exists('path', $params)) { $path = $params['path']; } $view = 'canvas'; if (array_key_exists('view', $params)) { $view = $params['view']; } //error_log("About to render: ".$params['app']." view: $view, path: $path"); $rest = RingsideSocialUtils::getAdminClient(); $app_props = $rest->admin_getAppProperties(array('application_id', 'canvas_url'), null, null, $params['api_key'], null, $network_session->getNetwork()); $domain_props = $rest->admin_getDomainProperties(array('resize_url'), null, $network_session->getNetwork()); $content = $social->render($view, $app_props['application_id'], $app_props['canvas_url'], $path); // TODO: Is this where error reporting should happen? //error_log("content: $content"); if (isset($domain_props['resize_url'])) { $content = "<html><head><script type=\"text/javascript\">\n function resizeIframe(id) {\n var iframe = document.getElementById( 'xdiframe' );\n var wrapper = document.getElementById( 'wrapper' );\n var height = Math.max( document.body.offsetHeight, document.body.scrollHeight );\n var width = Math.max( document.body.offsetWidth, document.body.scrollWidth );\n iframe.src = '{$domain_props['resize_url']}?height='+height+'&width='+width+'&id='+id;\n }\n</script></head><body onload=\"resizeIframe('if_" . $params['api_key'] . "');\">" . $content . "<iframe id='xdiframe' width='1' height='1' frameborder='0'/></body></html>"; } return $content; } else { echo "<error>User not Logged in!</error>"; } } } } else { error_log("No method specified for render request"); } }
/** * Re-routes an api request to another network. If trust.php is used as a rest server URL * and a path info is provided such that the request looks like the one below: * * http://localhost/trust.php/facebook/footprints/restserver.php * or * http://localhost/trust.php/{network}/{canvas url}/{restserver path} * * Attempts to remap and resign the api call using the app's secret on the new network * and then to change the uid to the equivelent uid on the forgin network. * * The api call is then re-signed and issued and the response is returned. * * @param unknown_type $params */ private static function proxy_app_request(&$params) { $matches = array(); // All these special cases are to ensure we aren't adding an additional "/" character to the URL. preg_match(',^/([^/]*)/([^/]*)(/?.*)$,', $_SERVER['PATH_INFO'], $matches); $network_key = $matches[1]; $canvas_url = $matches[2]; $rest = $matches[3]; if ($rest == '') { $rest = '/'; } if ($network_key != RingsideSocialConfig::$apiKey) { $skey = isset($_REQUEST['fb_sig_session_key']) ? $_REQUEST['fb_sig_session_key'] : ''; $apiKey = isset($_REQUEST['fb_sig_api_key']) ? $_REQUEST['fb_sig_api_key'] : ''; $ringside_rest = self::createRestClient($params['fb_sig_session_key']); $admin_rest = RingsideSocialUtils::getAdminClient(); $props = $admin_rest->admin_getAppProperties("application_id,application_name,api_key,secret_key,callback_url", null, $canvas_url, NULL); $network_app_props = $admin_rest->admin_getAppKeys(null, null, $props['api_key']); $network_api_key = $props['api_key']; $network_secret = $props['secret_key']; self::getApiKeyAndSecretForNetwork($network_key, $network_app_props, $network_api_key, $network_secret); $network_session = new RingsideSocialSession($params['fb_sig_session_key']); $idmaps = $ringside_rest->users_mapToPrincipal(array($params['fb_sig_user']), $network_key, $props['application_id']); // Create openFB request. These are just overrides for the original request. $has_fb_sig = isset($params['fb_sig']); $cbReq = array(); // We can't append fb_sig unless Facebook has already passed fb_sig; this would prevent the app's client from creating a session during login if ($has_fb_sig) { if (isset($params['fb_sig_nuser'])) { // Since we're proxying a request, do NOT forward the user mapping! unset($params['fb_sig_nuser']); } $cbReq['fb_sig_flavor'] = 'canvas'; // $cbReq['fb_sig_in_iframe'] = 0; $cbReq['fb_sig_nid'] = $network_key; // The social session key needs to be for _this_ social session! $cbReq['fb_sig_soc_session_key'] = $network_session->getSessionKey(); if (!empty($idmaps) && isset($idmaps[0]) && $idmaps[0] !== null) { $cbReq['fb_sig_nuser'] = $idmaps[0]['pid']; } } // error_log("cbReq social session key is {$cbReq['fb_sig_soc_session_key']}; params is $fb_sig_soc_session_key"); // TODO: Set up social session key for trust-based proxy // $cbReq['fb_sig_soc_session_key'] = ; $req_params = array_merge($params, $cbReq); error_log("Invoking {$canvas_url} with params: " . var_export($req_params, true)); // Now, we need to re-sign the parameters, since we've added the "nid" and "nuser" fb_sig params if ($has_fb_sig) { unset($req_params['fb_sig']); $sig = RingsideSocialUtils::makeSig($req_params, $network_secret, 'fb_sig'); $req_params['fb_sig'] = $sig; } // error_log("Logged in user is principal ".$pids[0]); // error_log("Proxying to app callback URL ".$props['callback_url']); $headers = array(); $callback_url = self::safe_append_url($props['callback_url'], $rest); $result = RingsideSocialUtils::get_request($callback_url, $req_params, $headers); // error_log("Result: $result"); if (isset($headers['location'])) { $proxy_redir_url = self::buildProxyUrl($props['callback_url'], $headers['location']); error_log("Proxying for redirect to {$proxy_redir_url}"); // Build the remote network's callback_url // We'll redirect _within_ the frame (the commented-out script will redirect the _top_ of the frame if (isset($params['fb_sig_in_iframe']) && 0 != $params['fb_sig_in_iframe']) { // RingsideWebUtils::redirect($headers['location']); $apps_url = RingsideApiClientsConfig::$webUrl . '/canvas.php'; if ($nid == 'facebook') { $apps_url = 'http://apps.facebook.com/'; } // $real_location = self::buildProxyUrl($props['callback_url'], $headers['location']); // echo "<script>top.location.href='".$real_location."';</script>"; RingsideWebUtils::redirect($proxy_redir_url); } else { // $real_location = self::buildProxyUrl($props['callback_url'], $headers['location']); if (isset($params['fb_sig_in_canvas']) && 0 != $params['fb_sig_in_canvas']) { echo "<fb:redirect url='{$proxy_redir_url}'/>"; } else { RingsideWebUtils::redirect($proxy_redir_url); } } return; } echo $result; return; } // Map network user to principal // Rewrite fb_sig // Proxy to callback_url echo '<ERROR>Unknown Callback_Url!</ERROR>'; }
<?php require_once 'LocalSettings.php'; require_once "ringside/social/session/RingsideSocialSession.php"; require_once 'ringside/api/Session.php'; ini_set('session.use_cookies', '0'); ini_set('session.save_handler', 'user'); session_set_save_handler(array('Session', 'open'), array('Session', 'close'), array('Session', 'read'), array('Session', 'write'), array('Session', 'destroy'), array('Session', 'gc')); $network_session = new RingsideSocialSession($_REQUEST['social_session']); ?> <html> <h1>Social Session Dump</h1> <label>User ID:</label><?php echo $network_session->getUserId(); ?> <br/> <label>Principal Id:</label><?php echo $network_session->getPrincipalId(); ?> <br/> <label>Trust:</label><?php echo $network_session->getTrust(); ?> <br/> <label>Expiry:</label><?php echo $network_session->getExpiry(); ?> <br/> <label>Network:</label><?php echo $network_session->getNetwork();
/** * Authorize the user against the api_key, app_id, or canvas_url * * This produces a SocialSession Object. * * Possible Params: * network_key * trust_key * api_key * canvas_url * auth_token * social_callback */ public function authorize() { $network_session = null; $network_key = $this->getParam('network_key'); $auth_token = $this->getParam('auth_token'); $social_callback = $this->getParam('social_callback'); $api_key = $this->getParam('api_key'); $canvas_url = $this->getParam('canvas_url'); $user_name = $this->getParam('user_name'); $trust_key = $this->getParam('trust_key'); if (!isset($trust_key)) { $trust_key = $socialApiKey; } $result = $this->getAppProperties(); if ($result) { $callback = isset($result['callback_url']) ? $result['callback_url'] : ''; $apiKey = isset($result['api_key']) ? $result['api_key'] : ''; $apiSecret = isset($result['secret_key']) ? $result['secret_key'] : ''; if (!isset($social_callback)) { $social_callback = $callback; } try { if (isset($apiKey) && isset($apiSecret)) { $auth_url = $this->getAuthUrl($trust_key); $fb = new RingsideApiClients($apiKey, $apiSecret, null, $auth_url); //public function __construct($api_key, $secret, $session_key = null, $url = null) { $result = $fb->do_get_session($auth_token); $session_key = $fb->api_client->session_key; $uid = $fb->api_client->users_getLoggedInUser(); $pids = $fb->api_client->users_mapToSubject(array($uid), $network_key, $result['application_id']); // RingsideSocialDbPrincipal::getPrincipalForSubject($uid, $network_key, $user_name, $trust_key); //if ( isset($pids) ) { // getPrincipalForSubject accepts and returns multiple IDs $pid = 0; if (isset($pids)) { $pid = $pids[0]; } // bool setcookie ( string $name [, string $value [, int $expire [, string $path [, string $domain [, bool $secure [, bool $httponly ]]]]]] ) $network_session = new RingsideSocialSession(); $network_session->setNetwork($network_key); $network_session->addApiSessionKey($apiKey, $session_key); $network_session->setUserId($uid); $network_session->setPrincipalId($pid); $network_session->setTrust($trust_key); $network_session->setCallbackUrl($social_callback); $network_session->setLoggedIn(true); $context = $this->getContext($fb->api_client, $network_session); if (strrpos($social_callback, '?') == 0) { return $social_callback . '?' . $context; } else { return $social_callback . '&' . $context; } //} else { // $this->error = "Unable to set Principle!"; //} } } catch (Exception $exception) { error_log("Exception : " . $exception->getMessage() . "\n" . $exception->getTraceAsString()); $this->error = "Exception : " . $exception->getMessage() . "\n" . $exception->getTraceAsString(); } } if (!isset($network_session)) { error_log("Application with api_key: {$api_key} or canvas_url: {$canvas_url} not found! Creating session and redirecting to {$social_callback}!"); $network_session = new RingsideSocialSession(null); $network_session->setNetwork($network_key); $network_session->setTrust($trust_key); $network_session->setCallbackUrl($social_callback); if (strrpos($social_callback, '?') == 0) { return $social_callback . "?social_session_key=" . $network_session->getSessionKey(); } else { return $social_callback . "?social_session_key=" . $network_session->getSessionKey(); } } }