/**
* This method parses the request input, it needs to get:
* 1/ user authentication - username+password or token
* 2/ function name
* 3/ function parameters
*/
protected function parse_request()
{
// Retrieve and clean the POST/GET parameters from the parameters specific to the server.
parent::set_web_service_call_settings();
// Get GET and POST parameters.
$methodvariables = array_merge($_GET, $_POST);
if ($this->authmethod == WEBSERVICE_AUTHMETHOD_USERNAME) {
$this->username = isset($methodvariables['wsusername']) ? $methodvariables['wsusername'] : null;
unset($methodvariables['wsusername']);
$this->password = isset($methodvariables['wspassword']) ? $methodvariables['wspassword'] : null;
unset($methodvariables['wspassword']);
} else {
$this->token = isset($methodvariables['wstoken']) ? $methodvariables['wstoken'] : null;
unset($methodvariables['wstoken']);
}
// Get the XML-RPC request data.
$rawpostdata = file_get_contents("php://input");
$methodname = null;
// Decode the request to get the decoded parameters and the name of the method to be called.
$decodedparams = xmlrpc_decode_request($rawpostdata, $methodname);
$methodinfo = external_api::external_function_info($methodname);
$methodparams = array_keys($methodinfo->parameters_desc->keys);
// Add the decoded parameters to the methodvariables array.
if (is_array($decodedparams)) {
foreach ($decodedparams as $index => $param) {
// See MDL-53962 - XML-RPC requests will usually be sent as an array (as in, one with indicies).
// We need to use a bit of "magic" to add the correct index back. Zend used to do this for us.
$methodvariables[$methodparams[$index]] = $param;
}
}
$this->functionname = $methodname;
$this->parameters = $methodvariables;
}
/**
* This method parses the $_POST and $_GET superglobals and looks for
* the following information:
* 1/ user authentication - username+password or token (wsusername, wspassword and wstoken parameters)
* 2/ function name (wsfunction parameter)
* 3/ function parameters (all other parameters except those above)
* 4/ text format parameters
* 5/ return rest format xml/json
*/
protected function parse_request()
{
// Retrieve and clean the POST/GET parameters from the parameters specific to the server.
parent::set_web_service_call_settings();
// Get GET and POST parameters.
$methodvariables = array_merge($_GET, $_POST);
// Retrieve REST format parameter - 'xml' (default) or 'json'.
$restformatisset = isset($methodvariables['moodlewsrestformat']) && ($methodvariables['moodlewsrestformat'] == 'xml' || $methodvariables['moodlewsrestformat'] == 'json');
$this->restformat = $restformatisset ? $methodvariables['moodlewsrestformat'] : 'xml';
unset($methodvariables['moodlewsrestformat']);
if ($this->authmethod == WEBSERVICE_AUTHMETHOD_USERNAME) {
$this->username = isset($methodvariables['wsusername']) ? $methodvariables['wsusername'] : null;
unset($methodvariables['wsusername']);
$this->password = isset($methodvariables['wspassword']) ? $methodvariables['wspassword'] : null;
unset($methodvariables['wspassword']);
$this->functionname = isset($methodvariables['wsfunction']) ? $methodvariables['wsfunction'] : null;
unset($methodvariables['wsfunction']);
$this->parameters = $methodvariables;
} else {
$this->token = isset($methodvariables['wstoken']) ? $methodvariables['wstoken'] : null;
unset($methodvariables['wstoken']);
$this->functionname = isset($methodvariables['wsfunction']) ? $methodvariables['wsfunction'] : null;
unset($methodvariables['wsfunction']);
$this->parameters = $methodvariables;
}
}
/**
* Contructor
*/
public function __construct($authmethod, $restformat = 'xml')
{
parent::__construct($authmethod);
$this->wsname = 'rest';
$this->restformat = $restformat != 'xml' && $restformat != 'json' ? 'xml' : $restformat;
//sanity check, we accept only xml or json
}
/**
* This method parses the request input, it needs to get:
* 1/ user authentication - username+password or token
* 2/ function name
* 3/ function parameters
*/
protected function parse_request()
{
// Retrieve and clean the POST/GET parameters from the parameters specific to the server.
parent::set_web_service_call_settings();
// Get GET and POST parameters.
$methodvariables = array_merge($_GET, $_POST);
if ($this->authmethod == WEBSERVICE_AUTHMETHOD_USERNAME) {
$this->username = isset($methodvariables['wsusername']) ? $methodvariables['wsusername'] : null;
unset($methodvariables['wsusername']);
$this->password = isset($methodvariables['wspassword']) ? $methodvariables['wspassword'] : null;
unset($methodvariables['wspassword']);
} else {
$this->token = isset($methodvariables['wstoken']) ? $methodvariables['wstoken'] : null;
unset($methodvariables['wstoken']);
}
// Get the XML-RPC request data.
$rawpostdata = file_get_contents("php://input");
$methodname = null;
// Decode the request to get the decoded parameters and the name of the method to be called.
$decodedparams = xmlrpc_decode_request($rawpostdata, $methodname);
// Add the decoded parameters to the methodvariables array.
if (is_array($decodedparams)) {
foreach ($decodedparams as $param) {
// Check if decoded param is an associative array.
if (is_array($param) && array_keys($param) !== range(0, count($param) - 1)) {
$methodvariables = array_merge($methodvariables, $param);
} else {
$methodvariables[] = $param;
}
}
}
$this->functionname = $methodname;
$this->parameters = $methodvariables;
}
/**
* This method parses the $_POST and $_GET superglobals and looks for the following information:
* - User authentication parameters:
* - Username + password (wsusername and wspassword), or
* - Token (wstoken)
*/
protected function parse_request()
{
// Retrieve and clean the POST/GET parameters from the parameters specific to the server.
parent::set_web_service_call_settings();
if ($this->authmethod == WEBSERVICE_AUTHMETHOD_USERNAME) {
$this->username = optional_param('wsusername', null, PARAM_RAW);
$this->password = optional_param('wspassword', null, PARAM_RAW);
if (!$this->username or !$this->password) {
// Workaround for the trouble with & in soap urls.
$authdata = get_file_argument();
$authdata = explode('/', trim($authdata, '/'));
if (count($authdata) == 2) {
list($this->username, $this->password) = $authdata;
}
}
$this->serverurl = new moodle_url('/webservice/soap/simpleserver.php/' . $this->username . '/' . $this->password);
} else {
$this->token = optional_param('wstoken', null, PARAM_RAW);
$this->serverurl = new moodle_url('/webservice/soap/server.php');
$this->serverurl->param('wstoken', $this->token);
}
if ($wsdl = optional_param('wsdl', 0, PARAM_INT)) {
$this->wsdlmode = true;
}
}
/**
* This method parses the $_POST and $_GET superglobals and looks for
* the following information:
* 1/ user authentication - username+password or token (wsusername, wspassword and wstoken parameters)
* 2/ function name (wsfunction parameter)
* 3/ function parameters (all other parameters except those above)
* 4/ text format parameters
* 5/ return rest format xml/json
*/
protected function parse_request()
{
// Retrieve and clean the POST/GET parameters from the parameters specific to the server.
parent::set_web_service_call_settings();
// Check request content type and process appropriately.
$defaultrestformat = 'xml';
if (preg_match("#application/json#", $_SERVER["CONTENT_TYPE"])) {
$data = json_decode(file_get_contents('php://input'), true);
$defaultrestformat = 'json';
} else {
if (preg_match("#application/xml#", $_SERVER["CONTENT_TYPE"])) {
$data = simplexml_load_string(file_get_contents('php://input'));
$data = json_decode(json_encode($data), true);
// Convert objects to assoc arrays.
} else {
$data = $_POST;
}
}
// Add GET parameters.
$methodvariables = array_merge($_GET, (array) $data);
// Check accept header for accepted responses.
if (isset($_SERVER["HTTP_ACCEPT"]) && $_SERVER['HTTP_ACCEPT'] != "*/*") {
$accept = array_map('trim', explode(',', $_SERVER["HTTP_ACCEPT"]));
if (!empty($accept)) {
if (!in_array('application/xml', $accept)) {
if (in_array('application/json', $accept)) {
$defaultrestformat = 'json';
} else {
http_response_code(406);
throw new invalid_parameter_exception('No response types acceptable');
}
} else {
if ($defaultrestformat == 'json' && !in_array('application/json', $accept)) {
$defaultrestformat = 'xml';
}
}
}
}
// Retrieve REST format parameter - 'xml' or 'json' if specified
// where not set use same format as request for xml/json requests or xml for form data.
$restformatisset = isset($methodvariables['moodlewsrestformat']) && ($methodvariables['moodlewsrestformat'] == 'xml' || $methodvariables['moodlewsrestformat'] == 'json');
$this->restformat = $restformatisset ? $methodvariables['moodlewsrestformat'] : $defaultrestformat;
unset($methodvariables['moodlewsrestformat']);
if ($this->authmethod == WEBSERVICE_AUTHMETHOD_USERNAME) {
$this->username = isset($methodvariables['wsusername']) ? $methodvariables['wsusername'] : null;
unset($methodvariables['wsusername']);
$this->password = isset($methodvariables['wspassword']) ? $methodvariables['wspassword'] : null;
unset($methodvariables['wspassword']);
$this->functionname = isset($methodvariables['wsfunction']) ? $methodvariables['wsfunction'] : null;
unset($methodvariables['wsfunction']);
$this->parameters = $methodvariables;
} else {
$this->token = isset($methodvariables['wstoken']) ? $methodvariables['wstoken'] : null;
unset($methodvariables['wstoken']);
$this->functionname = isset($methodvariables['wsfunction']) ? $methodvariables['wsfunction'] : null;
unset($methodvariables['wsfunction']);
$this->parameters = $methodvariables;
}
}
/**
* Contructor
*/
public function __construct($authmethod)
{
parent::__construct($authmethod);
$this->wsname = 'rest';
}
/**
* webservice_dummy constructor.
*
* @param int $authmethod The authentication method.
*/
public function __construct($authmethod)
{
parent::__construct($authmethod);
// Arbitrarily naming this as REST in order not to have to register another WS protocol and set capabilities.
$this->wsname = 'rest';
}
/**
* This method parses the $_POST and $_GET superglobals then
* any body params and looks for
* the following information:
* 1/ Authorization token
* 2/ functionname via get_functionname method
*/
protected function parse_request() {
// Retrieve and clean the POST/GET parameters from the parameters specific to the server.
parent::set_web_service_call_settings();
$methodvariables = array();
// Get GET and POST parameters.
$methodvariables = array_merge($_GET, $_POST, $this->get_headers());
$this->requestmethod = (isset($methodvariables['method'])) ? $methodvariables['method'] : $_SERVER['REQUEST_METHOD'];
if ($this->requestmethod == 'OPTIONS')
$this->send_options();
// now how about PUT/POST bodies? These override any existing parameters.
$body = @file_get_contents('php://input');
if (TCAPI_LOG_ENDPOINT) {
global $DEBUGBODY;
if (isset($DEBUGBODY))
$body = $DEBUGBODY;
}
//echo $body;
if (!isset($methodvariables['content']))
$methodvariables['content'] = $body;
if ($body_params = json_decode($body)) {
foreach($body_params as $param_name => $param_value) {
$methodvariables[$param_name] = stripslashes($param_value);
}
} else {
$body_params = array();
parse_str($body,$body_params);
foreach($body_params as $param_name => $param_value) {
$methodvariables[$param_name] = stripslashes($param_value);
}
}
// Determine Authentication method to use (WEBSERVICE_AUTHMETHOD_PERMANENT_TOKEN is default)
// Simple token (as used in Bookmarklet method) and Basic authentication is supported at this time.
if (isset($methodvariables['Authorization'])) {
// TODO: Add support for OAuth authentication. That should really be a web service addition so we can call it here.
if (substr($methodvariables['Authorization'], 0, 5) == 'Basic') {
$user_auth = explode(":",base64_decode(substr($methodvariables['Authorization'], 6)));
if (is_array($user_auth) && count($user_auth) == 2) {
$this->username = $user_auth[0];
$this->password = $user_auth[1];
$this->authmethod = WEBSERVICE_AUTHMETHOD_USERNAME;
//echo 'Uses Basic Auth with Username: '******' and Password: '******'Authorization']) ? $methodvariables['Authorization'] : null;
//echo 'Uses Token Auth with Token: '.$this->token."\n";
}
}
//print_r($methodvariables);
unset($methodvariables['Authorization']);
$this->parameters = $methodvariables;
$this->functionname = $this->get_functionname();
//echo $this->functionname;
}
