/** * Renders the fbml into text and returns it. * * @param RingsideSocialSession $network_session * @param unknown_type $fbmlText * @return unknown */ public function render(RingsideSocialSession $network_session, $fbmlText) { $response = array(); $error = null; // Exceptions are valid FBML and should be returned // to the end user. //try { $api_key = $this->getParam('api_key'); // build a Social Session to get the properties for the api key passed in $apiSessionKey = RingsideSocialUtils::getApiSessionKey(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $network_session); $apiClientSocial = new RingsideApiClientsRest(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $apiSessionKey); // Get the app properties $result = $apiClientSocial->admin_getAppProperties("application_id,application_name,api_key,secret_key,callback_url", null, null, $api_key); $secret = $result['secret_key']; $app_id = $result['application_id']; // Now create the real session for this api $session_key = RingsideSocialUtils::getApiSessionKey($api_key, $secret, $network_session); $restClient = new RingsideApiClientsRest($api_key, $secret, $session_key); $text = $this->renderFbml($fbmlText, $network_session, $restClient, $app_id); if (!empty($text)) { $response['content'] = $text; } // } catch ( Exception $exception ) { // error_log( "Exception : " . $exception->getMessage()." \n".$exception->getTraceAsString() ); // $error = RingsideSocialUtils::SOCIAL_ERROR_RENDER_EXCEPTION; // } if ($error != null) { $response['error'] = $error; } return $response; }
/** * Call the photo upload service, store the image and return the new URL. * * The associative array passed in must contain same parameters expected in a $_FILES entry. * name * type (mime type) * size * tmp_name * * @param string $upload entry in _FILES * @return mixed false if the cacheUpload failed, REFERENCE to url if it worked. */ public static function cacheUpload(RingsideApiClientsRest $restClient, $upload) { // Configuration - Your Options $allowed_filetypes = array('.jpg', '.gif', '.bmp', '.png'); // These will be the types of file that will pass the validation. $max_filesize = 524288; // Maximum filesize in BYTES (currently 0.5MB). $filename = $_FILES[$upload]['name']; // Get the name of the file (including file extension). $ext = substr($filename, strpos($filename, '.'), strlen($filename) - 1); // Get the extension from the filename. // Check if the filetype is allowed, if not DIE and inform the user. if (!in_array($ext, $allowed_filetypes)) { error_log("Not proper extenstion ( {$filename} ) "); return false; } // Just an extra check for images. try { $result = getimagesize($_FILES[$upload]['tmp_name']); if ($result === false) { error_log("Not really an image is it. ( {$filename} ) "); return false; } } catch (Exception $e) { return false; } // Now check the filesize, if it is too large then DIE and inform the user. if (filesize($_FILES[$upload]['tmp_name']) > $max_filesize) { error_log("File size greater than limits . ( {$filename} ) "); return false; } // Call the photo upload API on the server. try { $result = $restClient->move_upload($_FILES[$upload]['tmp_name'], $filename); return $result; } catch (Exception $e) { error_log("EXCEPTION loading photo " . $e); return false; } }
/** * Get the session key between an application and the API server. * * @param unknown_type $api_key * @param unknown_type $secret_key * @param RingsideSocialSession $socialSession * @return string session key for the API container */ public static function getApiSessionKey($api_key, $secret_key, RingsideSocialSession $socialSession) { $uid = $socialSession->getUserId(); $sessionKey = $socialSession->getApiSessionKey($api_key); if ($sessionKey != null) { // Validate Session Key is still valid. $apiClient = new RingsideApiClientsRest($api_key, $secret_key, $sessionKey); $apiClient->setNetworkKey($socialSession->getNetwork()); try { $apiClient->users_getLoggedInUser(); } catch (Exception $e) { // error_log( "Session expired? " . $e->getMessage() ) ; // error_log($e->getTraceAsString()); $sessionKey = null; $socialSession->unsetApiSessionKey($api_key); } } if ($sessionKey == null && $uid != null) { // Need to simulate being app and auth, approve, get... which of course // TODO we need to re-think once we are working. // TODO catch some exceptions. try { // Configure where we get the URL for the REST SERVER from. $apiClient = new RingsideApiClientsRest($api_key, $secret_key, null, null, RingsideSocialConfig::$apiKey); // Once the client is authenticated with a session, the network key will be associated via the session $apiClient->setNetworkKey($socialSession->getNetwork()); $auth_token = $apiClient->auth_createToken($socialSession->getExpiry() == null ? true : false); $result = $apiClient->auth_approveToken($uid); $result = $apiClient->auth_getSession($auth_token); if (!empty($apiClient->session_key)) { $sessionKey = trim($apiClient->session_key); $socialSession->addApiSessionKey($api_key, $sessionKey); } } catch (Exception $exception) { error_log("Error creating session key " . $exception); } } return $sessionKey; }
public function execute(RingsideSocialClientInterface $socialClient) { $coreApp = $this->canvasUrl != null ? $this->plugin($this->canvasUrl) : false; $text = 'empty'; $status = 200; $callback = ''; // if this is not a core (aka system) app, then make a remote call to the remote app // otherwise, render the results of the system app via a local call if ($coreApp === false) { $text = null; try { $adminClient = RingsideSocialUtils::getAdminClient(); $result = $adminClient->admin_getAppProperties("application_name,use_iframe,api_key,secret_key,callback_url,application_id", $this->appId, $this->canvasUrl, null, $socialClient->getCurrentNetwork()); $callback = isset($result['callback_url']) ? $result['callback_url'] : ''; $apiKey = isset($result['api_key']) ? $result['api_key'] : ''; $apiSecret = isset($result['secret_key']) ? $result['secret_key'] : ''; $canvasType = isset($result['use_iframe']) ? $result['use_iframe'] : ''; $applicationid = isset($result['application_id']) ? $result['application_id'] : ''; $networkSession = $socialClient->getNetworkSession(); $principalId = $networkSession->getPrincipalId(); $apiSessionKeyApp = RingsideSocialUtils::getApiSessionKey($apiKey, $apiSecret, $socialClient->getNetworkSession()); $apiClientApplication = new RingsideApiClientsRest($apiKey, $apiSecret, $apiSessionKeyApp, null, $socialClient->getCurrentNetwork()); $isAppAdded = false; if ($socialClient->inSession()) { $isAppAdded = $apiClientApplication->users_isAppAdded(); $idmaps = $apiClientApplication->users_mapToPrincipal(array($socialClient->getCurrentUser())); $nuser = null; if (!empty($idmaps) && null != $socialClient->getCurrentUser()) { foreach ($idmaps as $idmap) { if ($idmap['uid'] == $socialClient->getCurrentUser()) { $nuser = $idmap['pid']; } } } // TODO: Move setting network user in network session into login.php and map.php? $networkSession->setPrincipalId($nuser); } $headers = array(); $fbmlText = $this->renderRemote($callback, $apiKey, $apiSecret, $canvasType, $isAppAdded, $apiSessionKeyApp, $socialClient, $headers, $status); // error_log("Status for $callback is $status"); if ($fbmlText !== null && !empty($fbmlText)) { if (strncmp($headers['content-type'], 'text/html', 9) === 0) { $this->raw = false; $text = $this->renderFbml($fbmlText, $socialClient->getNetworkSession(), $apiClientApplication, $applicationid); // Need $socialUrl if (include 'LocalSettings.php') { $extra_end_scripts = <<<EOF <script type='text/javascript'><!-- if ( typeof Ajax != 'undefined' ) { Ajax.API_KEY='{$apiKey}'; Ajax.RENDER_URL='{$socialUrl}/render.php'; Ajax.PROXY_URL='{$socialUrl}/proxyjs.php'; } //--></script> EOF; // These are ONLY emitted for FBML remote applications to support FBJS! $text .= $extra_end_scripts; } } else { if (strncmp($headers['content-type'], 'text/', 5) === 0) { // Send all other text (text/xml, text/css, etc.) back raw $this->raw = true; $text = $fbmlText; } else { error_log("No way to handle content type " . $headers['content-type']); $this->error = RingsideSocialUtils::SOCIAL_ERROR_RENDER_EXCEPTION; } } } else { if ($status < 200) { $text = "The application did not finish processing prior to the timeout."; } else { if ($status < 300) { $text = "The application returned an HTTP status code of 200 but no content."; } else { if ($status < 400) { $text = "The application returned too many redirects."; } else { if ($status < 500) { $text = "The application is configured to point to an incorrect page."; } else { if ($status < 600) { $text = "The application encountered an error during processing."; } } } } } } } catch (Exception $exception) { error_log("Remote Render Exception : " . $exception->getMessage()); error_log($exception->getTraceAsString()); $this->error = RingsideSocialUtils::SOCIAL_ERROR_NO_SUCH_PAGE; } } else { // making a request to a local system app try { $apiSessionKey = RingsideSocialUtils::getApiSessionKey(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $socialClient->getNetworkSession()); $apiClientSocial = new RingsideApiClientsRest(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $apiSessionKey); $callback = "System Application " . $this->canvasUrl; error_log("Rendering system application {$callback}"); $fbmlText = $this->renderLocal(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $apiSessionKey, $socialClient); if (isset($coreApp->canvas_type) && $coreApp->canvas_type == RingsideAppsCommon::CANVASTYPE_IFRAME) { $text = $fbmlText; } else { if ($socialClient->inSession()) { $apiSessionKey = RingsideSocialUtils::getApiSessionKey(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $socialClient->getNetworkSession()); $apiClientSocial = new RingsideApiClientsRest(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $apiSessionKey); } $text = $this->renderFbml($fbmlText, $socialClient->getNetworkSession(), $apiClientSocial, $socialClient->getCurrentUser()); } } catch (Exception $exception) { error_log("Remote Local Exception : " . $exception->getMessage()); error_log($exception->getTraceAsString()); $this->error = RingsideSocialUtils::SOCIAL_ERROR_NO_SUCH_PAGE; } } $response = array(); if (!empty($text)) { $response['content'] = $text; } if ($this->iframe != null) { $response['iframe'] = $this->iframe; } if ($this->redirect != null) { $response['redirect'] = $this->redirect; } if ($this->error != null) { $response['error'] = $this->error; } $response['status'] = $status; if (empty($response)) { $response['error'] = "The URL {$callback} returned no data"; } $response['raw'] = $this->raw; return $response; }
/** * Finalize the mapping process, this ties a user on a network to a Principal id for that user. * This is typically the endpoint of a given login request on a third party social network. * The method bindmap must have been called first since that setups the request to a login request on a * foreign social network. * * @param array $params */ private static function finalizemap(&$params) { error_log("Finalizing map with parameters: " . var_export($params, true)); $next = isset($params['next']) ? $params['next'] : null; $nid = isset($params['nid']) ? $params['nid'] : null; $sid = isset($params['sid']) ? $params['sid'] : null; $snid = isset($params['snid']) ? $params['snid'] : null; $api_key = isset($params['api_key']) ? $params['api_key'] : null; $sig = isset($params['sig']) ? $params['sig'] : null; $canvas = isset($params['canvas']) ? true : false; $network = isset($params['network']) ? true : false; $iframe = isset($params['fb_sig_in_iframe']) ? $params['fb_sig_in_iframe'] == '1' ? true : false : false; $auth_token = isset($params['auth_token']) ? $params['auth_token'] : null; try { // Get some information about the calling application and registered networks. error_log("Finalizing map from {$snid} to {$nid}"); $ringside_rest = RingsideSocialUtils::getAdminClient($snid); $deployed_app = $ringside_rest->admin_getAppProperties(array('application_id', 'api_key', 'secret_key', 'canvas_url', 'callback_url'), null, null, $api_key, $snid); $trust_info = $ringside_rest->admin_getTrustInfo(array($snid, $nid)); $network_app_props = $ringside_rest->admin_getAppKeys(null, null, $deployed_app['api_key'], $snid); $host_network = $trust_info[0]; $auth_network = $trust_info[1]; $network_api_key = $deployed_app['api_key']; $network_secret = $deployed_app['secret_key']; self::getApiKeyAndSecretForNetwork($auth_network['trust_key'], $network_app_props, $network_api_key, $network_secret); // validate against social network this auth token and get registered user error_log("For auth network {$auth_network['trust_key']}, API key is {$network_api_key} and secret is {$network_secret}"); $auth_network_rest = new RingsideApiClientsRest($network_api_key, $network_secret); $auth_network_rest->setDefaultServer($auth_network['trust_auth_url'], null); $auth_user_info = $auth_network_rest->auth_getSession($auth_token); $auth_user = $auth_user_info['uid']; // if a profile was not created relative to that network, you need to 'create' profile first. $pid = null; if ($auth_user != null) { // We have successfully authenticated the user against the remote network... error_log(var_export($deployed_app, true)); $ringside_rest->admin_mapUser($auth_user, $nid, $sid, $snid, $deployed_app['application_id']); } // Map the USER // OK we mapped redirect user. self::postMapRedirect($next, $canvas, $iframe, $network, $host_network, $deployed_app); } catch (Exception $e) { error_log("Error: When finalizing the mapping: " . $e->getMessage()); error_log($e->getTraceAsString()); echo "Exception when finalizing the UID mapping, " . $e->getMessage(); } return; }
/** * Manufacure a Mock token for use with the test. * * @return unknown */ public function getToken() { $uid_ = '100000'; $vid_ = '100001'; $api_key_ = '4333592132647f39255bb066151a2099'; $api_secret_ = 'b37428ff3f4320a7af98b4eb84a4aa99'; $serverUrl = 'http://localhost:8080/restserver.php'; $app_client = new RingsideApiClientsRest($api_key_, $api_secret_, null, $serverUrl); $authToken = $app_client->auth_createToken(); $res = $app_client->auth_approveToken($uid_); $this->assertEquals("1", $res["result"]); $session_ = $app_client->auth_getSession($authToken); $methods = array(); $arguments = array(); $token = $this->getMock('RingsideGadgetToken'); //,$methods,$arguments $token->expects($this->any())->method('getAppClient')->will($this->returnValue($app_client)); $token->expects($this->any())->method('getAppId')->will($this->returnValue($api_key_)); $token->expects($this->any())->method('getDomain')->will($this->returnValue('ringside')); $token->expects($this->any())->method('getOwnerId')->will($this->returnValue($uid_)); $token->expects($this->any())->method('getViewerId')->will($this->returnValue($vid_)); $token->expects($this->any())->method('getAppUrl')->will($this->returnValue('http://localhost:8080/canvas.php/footprints')); $token->expects($this->any())->method('getModuleId')->will($this->returnValue('footprints')); return $token; }
public function getNetworkSession($apiKey, $secretKey, $session, $trust_key) { $secret = ''; if (!isset($secretKey) || strlen($secretKey) == 0) { $props = $this->getAppPropertiesByApiKey($apiKey); $secret = $props['secret_key']; } $url = $this->getAuthUrl($trust_key); $ringsideClient = new RingsideApiClientsRest($apiKey, $secret, $session, $url); // Make sure the user is logged in and get the UID $userid = $ringsideClient->users_getLoggedInUser(); if (!isset($userid) || strlen($userid) == 0) { throw new Exception("User is not logged in, invalid session: {$session} or api key: {$apiKey}"); } $network_session = new RingsideSocialSession(); $network_session->setUserId($userid); $network_session->setLoggedIn(true); return $network_session; }
/** * Handle the trust situation for a web application, this * will force redirects to canvas or callback url as specified. * * @param Application $application * @param int $uid * @param boolean $infinite * @param boolean $canvas * @param string next * @return boolean success failure */ function handleWebAppTrust($apikey, $application, $uid, $infinite, $canvas, $trust, $next) { $this->trustUser($application, $uid, $infinite); try { // Get a client which is represents this SOCIAL engine to API relationship $apiSessionKey = RingsideSocialUtils::getApiSessionKey(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $application->getSocialSession()); $apiClientSocial = new RingsideApiClientsRest(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $apiSessionKey, null, RingsideSocialConfig::$apiKey); // Get information about a given application. $result = $apiClientSocial->admin_getAppProperties("application_id,secret_key,canvas_url,callback_url", null, null, $apikey); $canvas_url = isset($result['canvas_url']) ? $result['canvas_url'] : ""; $callback_url = isset($result['callback_url']) ? $result['callback_url'] : ""; $secret = isset($result['secret_key']) ? $result['secret_key'] : ""; if ($canvas === true) { $trust_info = $apiClientSocial->admin_getTrustInfo(array(RingsideSocialConfig::$apiKey)); $canvas_root = $trust_info[0]['trust_canvas_url']; $this->redirect = $canvas_root . '/' . $canvas_url . $next; } else { // get the clients applications and create $appClient = new RingsideApiClientsRest($apikey, $secret, null, null, RingsideSocialConfig::$apiKey); $token = $appClient->auth_createToken($infinite); $appClient->auth_approveToken($uid); if (strpos($next, "?") === false) { $next = $next . "?"; } else { if (strpos($next, "&") !== false) { $next = $next . "&"; } } if ($trust === true) { $redir = $next . "auth_token=" . $token; } else { if (strpos($next, $callback_url) === 0) { $redir = $next . "auth_token=" . $token; } else { $redir = $callback_url . $next . "auth_token=" . $token; } } $this->redirect = $redir; } return true; } catch (Exception $e) { error_log($e->getMessage()); $this->removeTrust($application, $uid); return false; } }