public function invalidateApplicationResources(array $uris, SecurityToken $token) { foreach ($uris as $uri) { $request = new RemoteContentRequest($uri); $this->cache->invalidate($request->toHash()); // GET $request = new RemoteContentRequest($uri); $request->createRemoteContentRequestWithUri($uri); $this->cache->invalidate($request->toHash()); // GET & SIGNED $request = new RemoteContentRequest($uri); $request->setAuthType(RemoteContentRequest::$AUTH_SIGNED); $request->setNotSignedUri($uri); $this->cache->invalidate($request->toHash()); } if (Doctrine::getTable('SnsConfig')->get('is_use_outer_shindig', false) && Doctrine::getTable('SnsConfig')->get('is_relay_invalidation_notice', true)) { require_once 'OAuth.php'; $shindigUrl = Doctrine::getTable('SnsConfig')->get('shindig_url'); if (substr($shindigUrl, -1) !== '/') { $shindigUrl .= '/'; } $invalidateUrl = $shindigUrl . 'gadgets/api/rest/cache'; $key = Doctrine::getTable('SnsConfig')->get('shindig_backend_key'); $secret = Doctrine::getTable('SnsConfig')->get('shindig_backend_secret'); $consumer = new OAuthConsumer($key, $secret); $oauthRequest = OAuthRequest::from_consumer_and_token($consumer, null, 'POST', $invalidateUrl); $oauthRequest->set_parameter('xoauth_requestor_id', 1); $oauthRequest->sign_request(new OAuthSignatureMethod_HMAC_SHA1(), $consumer, null); $request = new RemoteContentRequest($invalidateUrl . '?xoauth_requestor_id=1'); $request->setMethod('POST'); $request->setContentType('application/json'); $request->setPostBody(json_encode(array('invalidationKeys' => $uris))); $request->setHeaders($oauthRequest->to_header()); $request->getOptions()->ignoreCache = true; $remoteContent = Shindig_Config::get('remote_content'); $fetcher = new $remoteContent(); $fetcher->fetch($request); } }
/** * Builds a request to retrieve the actual content. * * @param GadgetContext $context The rendering context. * @param MakeRequestOptions $params Options for crafting the request. * @param SecurityTokenDecoder $signer A signer needed for signed requests. * @return RemoteContentRequest An initialized request object. */ public function buildRequest(GadgetContext $context, MakeRequestOptions $params, SecurityTokenDecoder $signer = null) { // Check the protocol requested - curl doesn't really support file:// // requests but the 'error' should be handled properly $protocolSplit = explode('://', $params->getHref(), 2); if (count($protocolSplit) < 2) { throw new Exception("Invalid protocol specified"); } $protocol = strtoupper($protocolSplit[0]); if ($protocol != "HTTP" && $protocol != "HTTPS") { throw new Exception("Invalid protocol specified in url: " . htmlentities($protocol)); } $method = $params->getHttpMethod(); if ($method == 'POST' || $method == 'PUT') { // even if postData is an empty string, it will still post // (since RemoteContentRquest checks if its false) // so the request to POST is still honored $request = new RemoteContentRequest($params->getHref(), null, $params->getRequestBody()); } else { if ($method == 'DELETE' || $method == 'GET' || $method == 'HEAD') { $request = new RemoteContentRequest($params->getHref()); } else { throw new Exception("Invalid HTTP method."); } } $request->setMethod($method); if ($signer) { switch ($params->getAuthz()) { case 'SIGNED': $request->setAuthType(RemoteContentRequest::$AUTH_SIGNED); break; case 'OAUTH': $request->setAuthType(RemoteContentRequest::$AUTH_OAUTH); $request->setOAuthRequestParams($params->getOAuthRequestParameters()); break; } $st = $params->getSecurityTokenString(); if ($st === false) { throw new Exception("A security token is required for signed requests"); } $token = $context->validateToken($st, $signer); $request->setToken($token); } // Strip invalid request headers. This limits the utility of the // MakeRequest class a little bit, but ensures that none of the invalid // headers are present in any request going through this class. $headers = $params->getRequestHeadersArray(); if ($headers !== false) { $headers = $this->stripInvalidArrayKeys($headers, MakeRequest::$BAD_REQUEST_HEADERS); $params->setRequestHeaders($headers); } // The request expects headers to be stored as a normal header text blob. // ex: Content-Type: application/atom+xml // Accept-Language: en-us $formattedHeaders = $params->getFormattedRequestHeaders(); if ($formattedHeaders !== false) { $request->setHeaders($formattedHeaders); } return $request; }
/** * Tests SigningFetcher->fetchRequest */ public function testFetchRequestForBodyHash() { $request = new RemoteContentRequest('http://example.org/signed'); $request->setAuthType(RemoteContentRequest::$AUTH_SIGNED); $request->setToken(BasicSecurityToken::createFromValues('owner', 'viewer', 'app', 'domain', 'appUrl', '1', 'default')); $request->setPostBody('Hello World!'); $request->setHeaders('Content-Type: text/plain'); $this->signingFetcher->fetchRequest($request); $this->verifySignedRequest($request); $url = parse_url($request->getUrl()); $query = array(); parse_str($url['query'], $query); // test example 'Hello World!' and 'Lve95gjOVATpfV8EL5X4nxwjKHE=' are from // OAuth Request Body Hash 1.0 Draft 4 Example $this->assertEquals('Lve95gjOVATpfV8EL5X4nxwjKHE=', $query['oauth_body_hash']); }