/**
* Generates a new `curl` request without going through HTTP connection,
* this allow user session can be shared between both request `client` and `server`.
*
* The request is then set to be the active request.
*
* Usage:
*
* <code>\Hybrid\Request::connect('GET controller/method?hello=world');</code>
*
* @access public
* @param string $uri - The URI of the request
* @param array $dataset - Set a dataset for GET, POST, PUT or DELETE
* @return object \Hybrid\Request instance
*/
public static function connect($uri, $dataset = array())
{
$uri_segments = explode(' ', $uri);
$type = Input::method();
if (in_array(strtoupper($uri_segments[0]), array('DELETE', 'POST', 'PUT', 'GET'))) {
$uri = $uri_segments[1];
$type = $uri_segments[0];
}
$query_dataset = array();
$query_string = parse_url($uri);
if (isset($query_string['query'])) {
$uri = $query_string['path'];
parse_str($query_string['query'], $query_dataset);
}
$dataset = array_merge($query_dataset, $dataset);
logger(Fuel::L_INFO, 'Creating a new Request with URI = "' . $uri . '"', __METHOD__);
$request = new static($uri, true, $dataset, $type);
if (static::$active) {
$request->parent = static::$active;
static::$active->children[] = $request;
}
return $request;
}
/**
* Requests are not made to methods directly The request will be for an "object".
* this simply maps the object and method to the correct Controller method.
*
* @access public
* @param Request $resource
* @param array $arguments
* @return void
*/
public function router($resource, $arguments)
{
$pattern = Restserver::$pattern;
// Remove the extension from arguments too
$resource = preg_replace($pattern, '', $resource);
// If they call user, go to $this->post_user();
$controller_method = strtolower(Input::method()) . '_' . $resource;
if (method_exists($this, $controller_method) and true === $this->rest) {
return call_user_func(array($this, $controller_method));
} elseif (method_exists($this, 'action_' . $resource)) {
if (true === $this->rest) {
$this->response->status = $this->no_method_status;
return;
}
return call_user_func_array(array($this, 'action_' . $resource), $arguments);
} else {
if (true === $this->rest) {
$this->response->status = $this->no_method_status;
return;
} else {
throw new HttpNotFoundException();
}
}
}
/**
* Prepare authentication to use Digest auth
*
* @static
* @access protected
*/
protected static function prepare_digest_auth()
{
$uniqid = uniqid("");
// Empty argument for backward compatibility
// We need to test which server authentication variable to use
// because the PHP ISAPI module in IIS acts different from CGI
if (Input::server('PHP_AUTH_DIGEST')) {
$digest_string = Input::server('PHP_AUTH_DIGEST');
} elseif (Input::server('HTTP_AUTHORIZATION')) {
$digest_string = Input::server('HTTP_AUTHORIZATION');
} else {
$digest_string = "";
}
/* The $_SESSION['error_prompted'] variabile is used to ask
the password again if none given or if the user enters
a wrong auth. informations. */
if (empty($digest_string)) {
static::force_login($uniqid);
}
// We need to retrieve authentication informations from the $auth_data variable
preg_match_all('@(username|nonce|uri|nc|cnonce|qop|response)=[\'"]?([^\'",]+)@', $digest_string, $matches);
$digest = array_combine($matches[1], $matches[2]);
if (!array_key_exists('username', $digest) or !static::check_login($digest['username'])) {
static::force_login($uniqid);
}
$valid_logins = Config::get('rest.valid_logins');
$valid_pass = $valid_logins[$digest['username']];
// This is the valid response expected
$A1 = md5($digest['username'] . ':' . Config::get('rest.realm') . ':' . $valid_pass);
$A2 = md5(strtoupper(Input::method()) . ':' . $digest['uri']);
$valid_response = md5($A1 . ':' . $digest['nonce'] . ':' . $digest['nc'] . ':' . $digest['cnonce'] . ':' . $digest['qop'] . ':' . $A2);
if ($digest['response'] != $valid_response) {
header('HTTP/1.0 401 Unauthorized');
header('HTTP/1.1 401 Unauthorized');
exit;
}
}
/**
* Requests are not made to methods directly The request will be for an "object".
* this simply maps the object and method to the correct Controller method.
*
* @param Request $resource
* @param array $arguments
*/
public function router($resource, $arguments)
{
$pattern = \Hybrid\Restful::$pattern;
// Remove the extension from arguments too
$resource = preg_replace($pattern, '', $resource);
// If they call user, go to $this->post_user();
$controller_method = strtolower(\Hybrid\Input::method()) . '_' . $resource;
if (method_exists($this, $controller_method)) {
call_user_func(array($this, $controller_method));
} else {
$this->response->status = 404;
return;
}
}
