/** * Renders the fbml into text and returns it. * * @param RingsideSocialSession $network_session * @param unknown_type $fbmlText * @return unknown */ public function render(RingsideSocialSession $network_session, $fbmlText) { $response = array(); $error = null; // Exceptions are valid FBML and should be returned // to the end user. //try { $api_key = $this->getParam('api_key'); // build a Social Session to get the properties for the api key passed in $apiSessionKey = RingsideSocialUtils::getApiSessionKey(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $network_session); $apiClientSocial = new RingsideApiClientsRest(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $apiSessionKey); // Get the app properties $result = $apiClientSocial->admin_getAppProperties("application_id,application_name,api_key,secret_key,callback_url", null, null, $api_key); $secret = $result['secret_key']; $app_id = $result['application_id']; // Now create the real session for this api $session_key = RingsideSocialUtils::getApiSessionKey($api_key, $secret, $network_session); $restClient = new RingsideApiClientsRest($api_key, $secret, $session_key); $text = $this->renderFbml($fbmlText, $network_session, $restClient, $app_id); if (!empty($text)) { $response['content'] = $text; } // } catch ( Exception $exception ) { // error_log( "Exception : " . $exception->getMessage()." \n".$exception->getTraceAsString() ); // $error = RingsideSocialUtils::SOCIAL_ERROR_RENDER_EXCEPTION; // } if ($error != null) { $response['error'] = $error; } return $response; }
/** * Returns a valid app client using the information inside this gadget token. * The client will act on behalf of the api_key inside this gadget token. * * @return unknown */ public function getAppClient() { $apiKey = $this->getAppId(); $socialSession = $this->getSocialSession(); $secretKey = $this->getAppSecret(); error_log("OS Producing Client: apiKey= {$apiKey} secretKey= {$secretKey} "); $apiSessionKeyApp = RingsideSocialUtils::getApiSessionKey($apiKey, $secretKey, $socialSession); $apiClientApplication = new RingsideApiClientsRest($apiKey, $secretKey, $apiSessionKeyApp); return $apiClientApplication; }
public function execute(RingsideSocialClientInterface $socialClient) { $coreApp = $this->canvasUrl != null ? $this->plugin($this->canvasUrl) : false; $text = 'empty'; $status = 200; $callback = ''; // if this is not a core (aka system) app, then make a remote call to the remote app // otherwise, render the results of the system app via a local call if ($coreApp === false) { $text = null; try { $adminClient = RingsideSocialUtils::getAdminClient(); $result = $adminClient->admin_getAppProperties("application_name,use_iframe,api_key,secret_key,callback_url,application_id", $this->appId, $this->canvasUrl, null, $socialClient->getCurrentNetwork()); $callback = isset($result['callback_url']) ? $result['callback_url'] : ''; $apiKey = isset($result['api_key']) ? $result['api_key'] : ''; $apiSecret = isset($result['secret_key']) ? $result['secret_key'] : ''; $canvasType = isset($result['use_iframe']) ? $result['use_iframe'] : ''; $applicationid = isset($result['application_id']) ? $result['application_id'] : ''; $networkSession = $socialClient->getNetworkSession(); $principalId = $networkSession->getPrincipalId(); $apiSessionKeyApp = RingsideSocialUtils::getApiSessionKey($apiKey, $apiSecret, $socialClient->getNetworkSession()); $apiClientApplication = new RingsideApiClientsRest($apiKey, $apiSecret, $apiSessionKeyApp, null, $socialClient->getCurrentNetwork()); $isAppAdded = false; if ($socialClient->inSession()) { $isAppAdded = $apiClientApplication->users_isAppAdded(); $idmaps = $apiClientApplication->users_mapToPrincipal(array($socialClient->getCurrentUser())); $nuser = null; if (!empty($idmaps) && null != $socialClient->getCurrentUser()) { foreach ($idmaps as $idmap) { if ($idmap['uid'] == $socialClient->getCurrentUser()) { $nuser = $idmap['pid']; } } } // TODO: Move setting network user in network session into login.php and map.php? $networkSession->setPrincipalId($nuser); } $headers = array(); $fbmlText = $this->renderRemote($callback, $apiKey, $apiSecret, $canvasType, $isAppAdded, $apiSessionKeyApp, $socialClient, $headers, $status); // error_log("Status for $callback is $status"); if ($fbmlText !== null && !empty($fbmlText)) { if (strncmp($headers['content-type'], 'text/html', 9) === 0) { $this->raw = false; $text = $this->renderFbml($fbmlText, $socialClient->getNetworkSession(), $apiClientApplication, $applicationid); // Need $socialUrl if (include 'LocalSettings.php') { $extra_end_scripts = <<<EOF <script type='text/javascript'><!-- if ( typeof Ajax != 'undefined' ) { Ajax.API_KEY='{$apiKey}'; Ajax.RENDER_URL='{$socialUrl}/render.php'; Ajax.PROXY_URL='{$socialUrl}/proxyjs.php'; } //--></script> EOF; // These are ONLY emitted for FBML remote applications to support FBJS! $text .= $extra_end_scripts; } } else { if (strncmp($headers['content-type'], 'text/', 5) === 0) { // Send all other text (text/xml, text/css, etc.) back raw $this->raw = true; $text = $fbmlText; } else { error_log("No way to handle content type " . $headers['content-type']); $this->error = RingsideSocialUtils::SOCIAL_ERROR_RENDER_EXCEPTION; } } } else { if ($status < 200) { $text = "The application did not finish processing prior to the timeout."; } else { if ($status < 300) { $text = "The application returned an HTTP status code of 200 but no content."; } else { if ($status < 400) { $text = "The application returned too many redirects."; } else { if ($status < 500) { $text = "The application is configured to point to an incorrect page."; } else { if ($status < 600) { $text = "The application encountered an error during processing."; } } } } } } } catch (Exception $exception) { error_log("Remote Render Exception : " . $exception->getMessage()); error_log($exception->getTraceAsString()); $this->error = RingsideSocialUtils::SOCIAL_ERROR_NO_SUCH_PAGE; } } else { // making a request to a local system app try { $apiSessionKey = RingsideSocialUtils::getApiSessionKey(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $socialClient->getNetworkSession()); $apiClientSocial = new RingsideApiClientsRest(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $apiSessionKey); $callback = "System Application " . $this->canvasUrl; error_log("Rendering system application {$callback}"); $fbmlText = $this->renderLocal(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $apiSessionKey, $socialClient); if (isset($coreApp->canvas_type) && $coreApp->canvas_type == RingsideAppsCommon::CANVASTYPE_IFRAME) { $text = $fbmlText; } else { if ($socialClient->inSession()) { $apiSessionKey = RingsideSocialUtils::getApiSessionKey(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $socialClient->getNetworkSession()); $apiClientSocial = new RingsideApiClientsRest(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $apiSessionKey); } $text = $this->renderFbml($fbmlText, $socialClient->getNetworkSession(), $apiClientSocial, $socialClient->getCurrentUser()); } } catch (Exception $exception) { error_log("Remote Local Exception : " . $exception->getMessage()); error_log($exception->getTraceAsString()); $this->error = RingsideSocialUtils::SOCIAL_ERROR_NO_SUCH_PAGE; } } $response = array(); if (!empty($text)) { $response['content'] = $text; } if ($this->iframe != null) { $response['iframe'] = $this->iframe; } if ($this->redirect != null) { $response['redirect'] = $this->redirect; } if ($this->error != null) { $response['error'] = $this->error; } $response['status'] = $status; if (empty($response)) { $response['error'] = "The URL {$callback} returned no data"; } $response['raw'] = $this->raw; return $response; }
public function execute($params) { $this->debug('Entering'); $this->debugVar($params); $network_session = null; /* foreach($params as $k => $v) { error_log("RingsideSocialServerRender: $k=$v"); } */ // Recreate Session if we have it error_log("Parameters for widget render are: " . var_export($params, true)); error_log("PHPSESSID=" . (isset($_COOKIE['PHPSESSID']) ? $_COOKIE['PHPSESSID'] : '<empty>')); if (array_key_exists('social_session_key', $params)) { $session_key = $params['social_session_key']; $network_session = new RingsideSocialSession($session_key); $uid = $network_session->getUserId(); if (null == $uid || strlen($uid) == 0) { setcookie('social_session_key', $network_session->getSessionKey()); $uid = $network_session->getUserId(); if (isset($_REQUEST['uid'])) { // TODO: SECURITY: I don't think we should just be able to override the uid. $uid = $_REQUEST['uid']; // TODO: SECURITY: This shouldn't be a valid way to log in. $network_session->setUserId($uid); $network_session->setLoggedIn(true); } } } else { if (isset($_COOKIE['PHPSESSID'])) { // Optimization if user is already logged into web front-end $network_session = new RingsideSocialSession($_COOKIE['PHPSESSID']); error_log("PHPSESSID says session is as follows: " . var_export($network_session, true)); $uid = $network_session->getUserId(); if (!isset($uid)) { // The user has a network session but is not logged in // Run as an anonymous user $trust = new RingsideSocialApiTrust($_REQUEST); $network_session = $trust->getAnonymousSession(); } } else { // Not logged in, so login via annonymous user $trust = new RingsideSocialApiTrust($_REQUEST); $network_session = $trust->getAnonymousSession(); } } $api_session_key = $network_session->getApiSessionKey($params['api_key']); if (null == $api_session_key) { $rest = RingsideSocialUtils::getAdminClient(); $app_props = $rest->admin_getAppProperties(array('secret_key'), null, null, $params['api_key'], $network_session->getNetwork()); error_log("Adding API key for " . $params['api_key'] . " to social session for user " . $network_session->getUserID()); RingsideSocialUtils::getApiSessionKey($params['api_key'], $app_props['secret_key'], $network_session); } else { error_log("Using API session key {$api_session_key} for user " . $network_session->getUserID()); } if (array_key_exists('method', $params)) { $method = $params['method']; if (strcasecmp($method, 'fbml') == 0 && array_key_exists('fbml', $params)) { $fbml = $params['fbml']; //error_log("fbml: $fbml"); $render = new RingsideSocialApiRenderFBML($params); $result = $render->render($network_session, $fbml); //error_log("content: ".$result['content']); return isset($result['content']) ? $result['content'] : $result['error']; } else { if (strcasecmp($method, 'app') == 0) { $social = new RingsideSocialClientLocal(RingsideWebConfig::$networkKey, null, $network_session->getSessionKey()); $inSession = $social->inSession(); error_log("User " . ($inSession ? 'is' : 'is not') . " in session"); if ($inSession) { $path = ''; if (array_key_exists('path', $params)) { $path = $params['path']; } $view = 'canvas'; if (array_key_exists('view', $params)) { $view = $params['view']; } //error_log("About to render: ".$params['app']." view: $view, path: $path"); $rest = RingsideSocialUtils::getAdminClient(); $app_props = $rest->admin_getAppProperties(array('application_id', 'canvas_url'), null, null, $params['api_key'], null, $network_session->getNetwork()); $domain_props = $rest->admin_getDomainProperties(array('resize_url'), null, $network_session->getNetwork()); $content = $social->render($view, $app_props['application_id'], $app_props['canvas_url'], $path); // TODO: Is this where error reporting should happen? //error_log("content: $content"); if (isset($domain_props['resize_url'])) { $content = "<html><head><script type=\"text/javascript\">\n function resizeIframe(id) {\n var iframe = document.getElementById( 'xdiframe' );\n var wrapper = document.getElementById( 'wrapper' );\n var height = Math.max( document.body.offsetHeight, document.body.scrollHeight );\n var width = Math.max( document.body.offsetWidth, document.body.scrollWidth );\n iframe.src = '{$domain_props['resize_url']}?height='+height+'&width='+width+'&id='+id;\n }\n</script></head><body onload=\"resizeIframe('if_" . $params['api_key'] . "');\">" . $content . "<iframe id='xdiframe' width='1' height='1' frameborder='0'/></body></html>"; } return $content; } else { echo "<error>User not Logged in!</error>"; } } } } else { error_log("No method specified for render request"); } }
/** * Creates a REST client for the session. * * @param string $social_session_key the session key generated by the social renderer when the application was rendered. * @return RingsideApiClientsRest the REST client */ private static function createRestClient(&$social_session_key) { if (empty($social_session_key)) { unset($social_session_key); } // error_log("Using session key $social_session_key"); $network_session = new RingsideSocialSession(isset($social_session_key) ? $social_session_key : null); if ($network_session->getUserId() == null) { // This is the Ringside user $network_session->setUserId(1); } $api_session_key = RingsideSocialUtils::getApiSessionKey(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $network_session); // error_log("API session key is $api_session_key"); $social_session_key = $network_session->getSessionKey(); return new RingsideApiClientsRest(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $api_session_key, RingsideApiClientsConfig::$serverUrl, RingsideApiClientsConfig::$webUrl, RingsideApiClientsConfig::$socialUrl); }
/** * Handle the trust situation for a web application, this * will force redirects to canvas or callback url as specified. * * @param Application $application * @param int $uid * @param boolean $infinite * @param boolean $canvas * @param string next * @return boolean success failure */ function handleWebAppTrust($apikey, $application, $uid, $infinite, $canvas, $trust, $next) { $this->trustUser($application, $uid, $infinite); try { // Get a client which is represents this SOCIAL engine to API relationship $apiSessionKey = RingsideSocialUtils::getApiSessionKey(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $application->getSocialSession()); $apiClientSocial = new RingsideApiClientsRest(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $apiSessionKey, null, RingsideSocialConfig::$apiKey); // Get information about a given application. $result = $apiClientSocial->admin_getAppProperties("application_id,secret_key,canvas_url,callback_url", null, null, $apikey); $canvas_url = isset($result['canvas_url']) ? $result['canvas_url'] : ""; $callback_url = isset($result['callback_url']) ? $result['callback_url'] : ""; $secret = isset($result['secret_key']) ? $result['secret_key'] : ""; if ($canvas === true) { $trust_info = $apiClientSocial->admin_getTrustInfo(array(RingsideSocialConfig::$apiKey)); $canvas_root = $trust_info[0]['trust_canvas_url']; $this->redirect = $canvas_root . '/' . $canvas_url . $next; } else { // get the clients applications and create $appClient = new RingsideApiClientsRest($apikey, $secret, null, null, RingsideSocialConfig::$apiKey); $token = $appClient->auth_createToken($infinite); $appClient->auth_approveToken($uid); if (strpos($next, "?") === false) { $next = $next . "?"; } else { if (strpos($next, "&") !== false) { $next = $next . "&"; } } if ($trust === true) { $redir = $next . "auth_token=" . $token; } else { if (strpos($next, $callback_url) === 0) { $redir = $next . "auth_token=" . $token; } else { $redir = $callback_url . $next . "auth_token=" . $token; } } $this->redirect = $redir; } return true; } catch (Exception $e) { error_log($e->getMessage()); $this->removeTrust($application, $uid); return false; } }