/**
* Mock/Force the initialization of a REST call.
* Typically avoiding some HTTP request processing.
* Circumvents the need to go through a REST client to invoke the API.
*
* @param Api_AbstractRest $rest
* @param array $apiParams
*
* @return The initialized REST object.
*/
protected function initRest(Api_AbstractRest &$rest, $apiParams)
{
$context = Api_RequestContext::createRequestContext($apiParams);
$rest->_setContext($context);
$rest->validateRequest();
return $rest;
}
/**
* Mock/Force the initialization of a REST call.
* Typically avoiding the Session creation and other HTTP request processing.
*
* @param Api_AbstractRest $rest
* @param string $uid
* @param array $apiParams
* @return The initialized REST object.
*/
protected function initRest(Api_AbstractRest &$rest, $apiParams, $uid = null, $aid = null, $nid = null, &$session = array())
{
if ($uid != null) {
$session['uid'] = $uid;
}
if ($aid != null) {
$session['app_id'] = $aid;
}
if ($nid != null) {
$session['network_key'] = $nid;
}
$context = Api_RequestContext::createRequestContext($apiParams);
$rest->_setContext($context);
$rest->_setSession($session);
$rest->validateRequest();
return $rest;
}
/**
* Process a Request.
*
*
* There are a few different type's of method calls currently.
* 1. Auth related methods, which all start with "auth.". These
* methods do not yet typically have a session key or in process of creating/validating/removing one.
* Other inner/inter systems security methods can be here as well. Note, you should NOT add a method
* to authenticate a user, that should be done else where. Use the inner-method of approveToken and lock
* it down within a system.
*
* 2. Application method calls. This is really the catchalll and executes the request handling mechanism.
*
* 3. Systems Management calls. (coming soon).
*
*/
function execute($request)
{
ini_set('session.use_cookies', '0');
ini_set('session.save_handler', 'user');
session_set_save_handler(array('Session', 'open'), array('Session', 'close'), array('Session', 'read'), array('Session', 'write'), array('Session', 'destroy'), array('Session', 'gc'));
session_cache_limiter('none');
set_error_handler(array('OpenFBServer', 'errorHandler'), E_ERROR);
// There is a change dependending on magic quotes settings
// that PHP will add in extra slashes, not good for us.
// This is removed as of PHP 6 as well.
if (get_magic_quotes_gpc()) {
foreach ($request as $rname => $rval) {
$request[$rname] = stripslashes($rval);
}
}
$context = Api_RequestContext::createRequestContext($request);
if ($context->getNetworkKey() == null) {
$keyService = Api_Bo_KeyService::create();
$ids = $keyService->getIds($context->getApiKey());
$domain_keys = $keyService->getKeyset($ids['domain_id'], $ids['domain_id']);
if ($domain_keys != null) {
$context->setNetworkKey($domain_keys['api_key']);
}
}
//error_log( "method $method requested" );
try {
$response = $this->executeRequest($context, $request);
$this->send_response($context->getMethod(), $response, $context->getFormat(), $context->getCallback());
} catch (Exception $exception) {
error_log("When executing {$context->getMethod()} request in OpenFBServer: " . $exception->getMessage());
error_log($exception->getTraceAsString());
$this->send_exception($exception, $request, $context->getFormat(), $context->getCallback());
}
// TODO - This would hurt infinite session concepts, should we just bag this concept?
// Should session cache be extended after each call?
// Should it be validated against expires time in session?
// session_cache_expire ( 24 * 60 );
}
