/**
* Renders the fbml into text and returns it.
*
* @param RingsideSocialSession $network_session
* @param unknown_type $fbmlText
* @return unknown
*/
public function render(RingsideSocialSession $network_session, $fbmlText)
{
$response = array();
$error = null;
// Exceptions are valid FBML and should be returned
// to the end user.
//try {
$api_key = $this->getParam('api_key');
// build a Social Session to get the properties for the api key passed in
$apiSessionKey = RingsideSocialUtils::getApiSessionKey(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $network_session);
$apiClientSocial = new RingsideApiClientsRest(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $apiSessionKey);
// Get the app properties
$result = $apiClientSocial->admin_getAppProperties("application_id,application_name,api_key,secret_key,callback_url", null, null, $api_key);
$secret = $result['secret_key'];
$app_id = $result['application_id'];
// Now create the real session for this api
$session_key = RingsideSocialUtils::getApiSessionKey($api_key, $secret, $network_session);
$restClient = new RingsideApiClientsRest($api_key, $secret, $session_key);
$text = $this->renderFbml($fbmlText, $network_session, $restClient, $app_id);
if (!empty($text)) {
$response['content'] = $text;
}
// } catch ( Exception $exception ) {
// error_log( "Exception : " . $exception->getMessage()." \n".$exception->getTraceAsString() );
// $error = RingsideSocialUtils::SOCIAL_ERROR_RENDER_EXCEPTION;
// }
if ($error != null) {
$response['error'] = $error;
}
return $response;
}
public function execute($api_key, $callback_url, $params)
{
$admin_client = RingsideSocialUtils::getAdminClient();
// TODO: SECURITY: Possibly security hole. We're signing and giving the signed payload to any URL, just by using the API key, which is public. A 3rd-party could hijack the signed payload and implement an offline brute force attack on the secret key
$app_props = $admin_client->admin_getAppProperties("application_id,application_name,api_key,secret_key,callback_url", null, null, $api_key);
// From RingsideSocialServerRender:
// Recreate Session if we have it
if (array_key_exists('social_session_key', $params)) {
$session_key = $params['social_session_key'];
$network_session = new RingsideSocialSession($session_key);
$uid = $network_session->getUserId();
if (null == $uid || strlen($uid) == 0) {
setcookie('social_session_key', $network_session->getSessionKey());
$uid = $_REQUEST['uid'];
$network_session->setUserId($uid);
$network_session->setLoggedIn(true);
}
} else {
if (isset($_COOKIE['PHPSESSID'])) {
// Optimization if user is already logged into web front-end
$network_session = new RingsideSocialSession($_COOKIE['PHPSESSID']);
$uid = $network_session->getUserId();
} else {
// Not logged in, so login via annonymous user
$trust = new RingsideSocialApiTrust($request);
$network_session = $trust->getAnonymousSession();
}
}
$ctx = self::buildCallContext($api_key, $network_session);
$sig_params = $ctx->getParameters($app_props['secret_key']);
$req_params = array_merge($params, $sig_params);
// error_log("Ajax Proxy to $callback_url with params:".var_export($req_params, true));
$result = RingsideSocialUtils::get_request($callback_url, $req_params, $headers);
echo str_replace('+', '+', $result);
}
private static function determineAppCanvasUrl(&$params)
{
//get the api_key for the app and retrieve the current canvas
$admin_rest = RingsideSocialUtils::getAdminClient();
$appKey = isset($_REQUEST['api_key']) ? $_REQUEST['api_key'] : NULL;
$props = $admin_rest->admin_getAppProperties("canvas_url", null, NULL, $appKey);
if ($props != null) {
$params['app'] = $props["canvas_url"];
} else {
throw new Exception('unknown application key supplied: ' . $params['appKey']);
}
}
function isAuthorized()
{
$params = array();
$params['xid'] = $_GET['xid'];
if (!empty($callbackurl)) {
$params['c_url'] = $_GET['callbackurl'];
}
if (!empty($returnurl)) {
$params['r_url'] = $_GET['returnurl'];
}
$params['aid'] = $_GET['aid'];
$params['sig'] = RingsideSocialUtils::makeSig($params, RingsideSocialConfig::$secretKey);
// print 'secret: ' . RingsideSocialConfig::$secretKey . '<br />';
// print_r( $params );
// print '<br />received sig: ' . $_GET['sig'] . '<br />';
// print 'generated sig: ' . $params['sig'] . '<br />';
return $params['sig'] == $_GET['sig'];
}
public static function get_request($server, $params, &$headers, &$status)
{
$post_string = http_build_query($params, '', '&');
$result = null;
// error_log("Posting social request $post_string");
if (function_exists('curl_init')) {
// Use CURL if installed...
$ch = curl_init();
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_URL, $server);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT, 'Ringside.API Client (curl) ' . phpversion());
curl_setopt($ch, CURLOPT_HEADER, true);
$result = curl_exec($ch);
$headersize = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
// error_log("CURL status for $server is $status");
$http_headers = substr($result, 0, $headersize - 1);
$result = substr($result, $headersize);
if ($headers !== null) {
$parsed_headers = RingsideSocialUtils::parse_headers($http_headers);
// error_log("Render headers are");
// error_log(var_export($parsed_headers, true));
foreach ($parsed_headers as $http_header => $value) {
$headers[$http_header] = $value;
}
}
curl_close($ch);
} else {
// Non-CURL based version...
$context = array('http' => array('method' => 'POST', 'header' => 'Content-type: application/x-www-form-urlencoded' . "\r\n" . 'User-Agent: OpenFB Client (non-curl) ' . phpversion() . "\r\n" . 'Content-length: ' . strlen($post_string), 'content' => $post_string));
$contextid = stream_context_create($context);
$sock = fopen($server, 'r', false, $contextid);
if ($sock) {
$result = '';
while (!feof($sock)) {
$result .= fgets($sock, 4096);
}
fclose($sock);
}
}
return $result;
}
public function execute()
{
// TODO: This ONLY will work if API and Social tiers are co-located!
$response = array();
// Finish the API session, because we need to start a social session
session_regenerate_id(true);
$_SESSION = array();
$network_session = new RingsideSocialSession();
$rest = RingsideSocialUtils::getAdminClient();
$session_key = $rest->auth_createAppSession($this->uid, RingsideSocialConfig::$apiKey, false);
$network_session->addApiSessionKey(RingsideSocialConfig::$apiKey, $session_key);
$network_session->setNetwork($this->user_network_key);
//$network_session->addApiSessionKey($apiKey, $session_key);
$network_session->setUserId($this->uid);
// TODO: Do user identity mapping right now
//$network_session->setPrincipalId($pid);
//$network_session->setTrust($trust_key);
//$network_session->setCallbackUrl($social_callback);
$network_session->setLoggedIn(true);
$response[self::RESPONSE_SOCIAL_SESSION]['session_id'] = $network_session->getSessionKey();
$response[self::RESPONSE_SOCIAL_SESSION]['initial_expiry'] = $network_session->getExpiry();
session_write_close();
return $response;
}
/**
* Returns a valid app client using the information inside this gadget token.
* The client will act on behalf of the api_key inside this gadget token.
*
* @return unknown
*/
public function getAppClient()
{
$apiKey = $this->getAppId();
$socialSession = $this->getSocialSession();
$secretKey = $this->getAppSecret();
error_log("OS Producing Client: apiKey= {$apiKey} secretKey= {$secretKey} ");
$apiSessionKeyApp = RingsideSocialUtils::getApiSessionKey($apiKey, $secretKey, $socialSession);
$apiClientApplication = new RingsideApiClientsRest($apiKey, $secretKey, $apiSessionKeyApp);
return $apiClientApplication;
}
public function renderRemote($callbackUrl, $apiKey, $secretKey, $canvasType, $isAppAdded, $sessionKey, RingsideSocialClientInterface $socialClient, &$headers, &$status)
{
// error_log( "renderRemote : enter ($callbackUrl) ($apiKey) " );
$response = null;
if (!empty($this->path)) {
// error_log( "renderRemote : path set" );
$callbackUrl .= $this->path;
}
// Create openFB request.
$ctx = new RingsideSocialAppContext();
$ctx->setFlavor($this->flavor);
if ($canvasType == RingsideSocialApiRender::CANVASTYPE_IFRAME || $canvasType == RingsideSocialApiRender::CANVASTYPE_OS) {
$ctx->setIFrame(1);
} else {
$ctx->setIFrame(0);
}
$ctx->setInCanvas(1);
$ctx->setTime(time());
if ($socialClient->inSession()) {
// We don't know whether the app is added unless the user is logged in, so don't send that part of the context
$ctx->setIsAppAdded($isAppAdded);
$ctx->setUser($socialClient->getCurrentUser());
$ctx->setSessionKey($sessionKey);
// $ctx->setProfileUpdateTime();
$ctx->setExpires(0);
if ($socialClient->getNetworkSession()->getPrincipalId()) {
$ctx->setPrincipalId($socialClient->getNetworkSession()->getPrincipalId());
}
}
$ctx->setApiKey($apiKey);
$ctx->setRequestMethod($_SERVER['REQUEST_METHOD']);
$ctx->setNetworkId($socialClient->getCurrentNetwork());
// $ctx->setDeployedNetwork( RingsideSocialConfig::$apiKey );
// $ctx->setHostNetwork(RingsideSocialConfig::$apiKey);
$ctx->setSocialSessionKey($socialClient->getNetworkSession()->getSessionKey());
$deployed_ctx = new RingsideSocialAppContext(array(), RingsideSocialConfig::$apiKey);
// $deployed_ctx->setRestUrl(RingsideApiClientsConfig::$serverUrl);
// $deployed_ctx->setLoginUrl(RingsideApiClientsConfig::$webUrl.'/login.php');
// $deployed_ctx->setCanvasUrl(RingsideApiClientsConfig::$webUrl.'/canvas.php');
// $ctx->addNetwork($deployed_ctx);
$cbReq = $ctx->getParameters($secretKey);
// error_log(var_export($cbReq, true));
/*
* Special case if we are to return an IFRAME, then the only thing we are returning is the
* URL to ship out. It is up to the returning application to place this inside some form of content
* frame.
*/
if ($this->flavor == 'canvas' && $canvasType == RingsideSocialApiRender::CANVASTYPE_IFRAME) {
$callbackQuery = http_build_query(array_merge($cbReq, $this->params));
// TODO iframe generationg is off should be more expressive and configurable.
$this->iframe = "{$callbackUrl}?{$callbackQuery}";
// error_log( "renderRemote: iframe : " . $this->iframe );
} else {
if ($this->flavor == 'canvas' && $canvasType == RingsideSocialApiRender::CANVASTYPE_OS) {
//Open Social Gadget description is the $callbackUrl
$callbackQuery = http_build_query(array_merge($cbReq, $this->params));
// We also need to define fbsig_owner_id if the param id is present
if (array_key_exists('id', $this->params)) {
$callbackQuery . '&fb_sig_owner_id=' . $this->params['id'];
}
//TODO These parm options should be configurable
$callbackQuery = $callbackQuery . '&view=canvas&synd=ringside&nocache=1';
//If you change this you must change container.js
$this->iframe = RingsideApiClientsConfig::$socialUrl . "/gadgets/ifr?url=" . urlencode($callbackUrl) . "&{$callbackQuery}";
if (isset($this->params['forceIFrame']) && $this->params['forceIFrame'] == 'true') {
$headers['content-type'] = 'text/html';
$response = "<iframe width='100%' frameborder='0' src='" . $this->iframe . "' height='" . $this->params['forceIFrameHeight'] . "'/>";
}
// error_log( "renderRemote: OS iframe : " . $this->iframe );
} else {
$response = RingsideSocialUtils::get_request($callbackUrl, array_merge($cbReq, $this->params), $headers, $status);
if (isset($headers['location'])) {
$this->redirect = $headers['location'];
}
}
}
return $response;
}
public function execute($params)
{
$this->debug('Entering');
$this->debugVar($params);
$network_session = null;
/*
foreach($params as $k => $v)
{
error_log("RingsideSocialServerRender: $k=$v");
}
*/
// Recreate Session if we have it
error_log("Parameters for widget render are: " . var_export($params, true));
error_log("PHPSESSID=" . (isset($_COOKIE['PHPSESSID']) ? $_COOKIE['PHPSESSID'] : '<empty>'));
if (array_key_exists('social_session_key', $params)) {
$session_key = $params['social_session_key'];
$network_session = new RingsideSocialSession($session_key);
$uid = $network_session->getUserId();
if (null == $uid || strlen($uid) == 0) {
setcookie('social_session_key', $network_session->getSessionKey());
$uid = $network_session->getUserId();
if (isset($_REQUEST['uid'])) {
// TODO: SECURITY: I don't think we should just be able to override the uid.
$uid = $_REQUEST['uid'];
// TODO: SECURITY: This shouldn't be a valid way to log in.
$network_session->setUserId($uid);
$network_session->setLoggedIn(true);
}
}
} else {
if (isset($_COOKIE['PHPSESSID'])) {
// Optimization if user is already logged into web front-end
$network_session = new RingsideSocialSession($_COOKIE['PHPSESSID']);
error_log("PHPSESSID says session is as follows: " . var_export($network_session, true));
$uid = $network_session->getUserId();
if (!isset($uid)) {
// The user has a network session but is not logged in
// Run as an anonymous user
$trust = new RingsideSocialApiTrust($_REQUEST);
$network_session = $trust->getAnonymousSession();
}
} else {
// Not logged in, so login via annonymous user
$trust = new RingsideSocialApiTrust($_REQUEST);
$network_session = $trust->getAnonymousSession();
}
}
$api_session_key = $network_session->getApiSessionKey($params['api_key']);
if (null == $api_session_key) {
$rest = RingsideSocialUtils::getAdminClient();
$app_props = $rest->admin_getAppProperties(array('secret_key'), null, null, $params['api_key'], $network_session->getNetwork());
error_log("Adding API key for " . $params['api_key'] . " to social session for user " . $network_session->getUserID());
RingsideSocialUtils::getApiSessionKey($params['api_key'], $app_props['secret_key'], $network_session);
} else {
error_log("Using API session key {$api_session_key} for user " . $network_session->getUserID());
}
if (array_key_exists('method', $params)) {
$method = $params['method'];
if (strcasecmp($method, 'fbml') == 0 && array_key_exists('fbml', $params)) {
$fbml = $params['fbml'];
//error_log("fbml: $fbml");
$render = new RingsideSocialApiRenderFBML($params);
$result = $render->render($network_session, $fbml);
//error_log("content: ".$result['content']);
return isset($result['content']) ? $result['content'] : $result['error'];
} else {
if (strcasecmp($method, 'app') == 0) {
$social = new RingsideSocialClientLocal(RingsideWebConfig::$networkKey, null, $network_session->getSessionKey());
$inSession = $social->inSession();
error_log("User " . ($inSession ? 'is' : 'is not') . " in session");
if ($inSession) {
$path = '';
if (array_key_exists('path', $params)) {
$path = $params['path'];
}
$view = 'canvas';
if (array_key_exists('view', $params)) {
$view = $params['view'];
}
//error_log("About to render: ".$params['app']." view: $view, path: $path");
$rest = RingsideSocialUtils::getAdminClient();
$app_props = $rest->admin_getAppProperties(array('application_id', 'canvas_url'), null, null, $params['api_key'], null, $network_session->getNetwork());
$domain_props = $rest->admin_getDomainProperties(array('resize_url'), null, $network_session->getNetwork());
$content = $social->render($view, $app_props['application_id'], $app_props['canvas_url'], $path);
// TODO: Is this where error reporting should happen?
//error_log("content: $content");
if (isset($domain_props['resize_url'])) {
$content = "<html><head><script type=\"text/javascript\">\n function resizeIframe(id) {\n var iframe = document.getElementById( 'xdiframe' );\n var wrapper = document.getElementById( 'wrapper' );\n var height = Math.max( document.body.offsetHeight, document.body.scrollHeight );\n var width = Math.max( document.body.offsetWidth, document.body.scrollWidth );\n iframe.src = '{$domain_props['resize_url']}?height='+height+'&width='+width+'&id='+id;\n }\n</script></head><body onload=\"resizeIframe('if_" . $params['api_key'] . "');\">" . $content . "<iframe id='xdiframe' width='1' height='1' frameborder='0'/></body></html>";
}
return $content;
} else {
echo "<error>User not Logged in!</error>";
}
}
}
} else {
error_log("No method specified for render request");
}
}
/**
* Emits form and comments as divs.
*/
public function emitDivs($application, $parentHandler, $args)
{
$xid = $args['xid'];
$canpost = isset($args['canpost']) ? $args['canpost'] : "false";
$candelete = isset($args['candelete']) ? $args['candelete'] : "false";
$numposts = isset($args['numposts']) ? $args['numposts'] : 10;
$uid = $application->getCurrentUser();
$aid = isset($args['aid']) ? $args['aid'] : $application->getApplicationId();
$callbackurl = isset($args['callbackurl']) ? $args['callbackurl'] : '';
$returnurl = isset($args['returnurl']) ? $args['returnurl'] : '';
$showform = isset($args['showform']) ? $args['showform'] : 'false';
$client = $application->getClient();
$comments = $client->comments_get($xid, null, null, $aid);
$params = array();
$params['xid'] = $xid;
if (!empty($callbackurl)) {
$params['c_url'] = $callbackurl;
}
if (!empty($returnurl)) {
$params['r_url'] = $returnurl;
}
$params['aid'] = $aid;
$params['sig'] = RingsideSocialUtils::makeSig($params, RingsideSocialConfig::$secretKey);
//number of comments
$theString = "";
if (!isset($comments) || empty($comments)) {
$theString .= ' <div class="comments_numposts">There are no posts yet.</div>';
if ($canpost == 'true' && $showform == 'false') {
$theString .= '<div class="comments_top_links"><a href="' . RingsideSocialConfig::$webRoot . '/wall.php?xid=' . $xid . '&aid=' . $aid . '&sig=' . $params['sig'];
if (!empty($callbackurl) && isset($callbackurl)) {
$theString .= '&r_url=' . $callbackurl;
}
$theString .= '">Write Something</a>';
$theString .= '</div>';
}
} else {
if (sizeof($comments) === 1) {
$theString .= ' <div class="comments_numposts">Displaying the only post.</div>';
if ($canpost == 'true' && $showform == 'false') {
$theString .= '<div class="comments_top_links"><a href="' . RingsideSocialConfig::$webRoot . '/wall.php?xid=' . $xid . '&aid=' . $aid . '&sig=' . $params['sig'];
if (!empty($callbackurl) && isset($callbackurl)) {
$theString .= '&r_url=' . $callbackurl;
}
$theString .= '">Write Something</a>';
$theString .= '</div>';
}
} else {
if (sizeof($comments) > 0 && sizeof($comments) < $numposts) {
$theString .= ' <div class="comments_numposts">Displaying all ' . sizeof($comments) . ' posts.</div>';
if ($canpost == 'true' && $showform == 'false') {
$theString .= '<div class="comments_top_links"><a href="' . RingsideSocialConfig::$webRoot . '/wall.php?xid=' . $xid . '&aid=' . $aid . '&sig=' . $params['sig'];
if (!empty($callbackurl) && isset($callbackurl)) {
$theString .= '&r_url=' . $callbackurl;
}
$theString .= '">Write Something</a>';
$theString .= '</div>';
}
} else {
$theString .= ' <div class="comments_numposts">Displaying ' . $numposts . ' of ' . sizeof($comments) . '.</div>';
$theString .= '<div class="comments_top_links">';
if ($canpost == 'true' && $showform == 'false') {
$theString .= '<a href="' . RingsideSocialConfig::$webRoot . '/wall.php?xid=' . $xid . '&aid=' . $aid . '&sig=' . $params['sig'];
if (!empty($callbackurl) && isset($callbackurl)) {
$theString .= '&r_url=' . $callbackurl;
}
$theString .= '">Write Something</a> ';
}
$theString .= '<a href="' . RingsideSocialConfig::$webRoot . '/wall.php?xid=' . $xid . '&aid=' . $aid . '">See All</a>';
$theString .= '</div>';
}
}
}
//showform
if ($showform == 'true') {
$theString .= ' <div class="comments_post_form">';
$theString .= ' <form name="form1" id="form1" method="get" action="' . RingsideSocialConfig::$webRoot . '/wall.php">';
$theString .= ' <input type="hidden" name="xid" value="' . $xid . '"/>';
$theString .= ' <input type="hidden" name="xid_action" value="post"/>';
$theString .= ' <input type="hidden" name="aid" value="' . $aid . '"/>';
$theString .= ' <input type="hidden" name="sig" value="' . $params['sig'] . '"/>';
if (!empty($callbackurl)) {
$theString .= ' <input type="hidden" name="callbackurl" value="' . $callbackurl . '"/>';
}
$theString .= ' <div class="comments_text_box"><textarea class="comments_text_area" name="text" cols="80"></textarea></div>';
$theString .= ' <br/>';
$theString .= ' <div class="comments_submit_button"><input type="submit" name="Submit" value="Post" /></div>';
$theString .= ' </form>';
$theString .= ' </div>';
}
//comments
$currentCount = 0;
if (isset($comments) && !empty($comments)) {
foreach ($comments as $comment) {
$params['xid_action'] = 'delete';
$params['cid'] = $comment['cid'];
$paramString = http_build_query($params, '', '&');
if ($currentCount < $numposts) {
$theString .= ' <div class="comment">';
$name = $client->users_getInfo($comment['uid'], "first_name,pic");
$theString .= ' <div class="comment_author_pic"><image src="' . $name[0]['pic'] . '" width="50"/></div>';
$theString .= ' <div class="comment_author">' . $name[0]['first_name'] . ' wrote</div>';
$time = $comment['created'];
$theString .= ' <div class="comment_time">at ' . $time . '</div>';
$theString .= ' <div class="comment_text">' . $comment['text'] . '</div>';
$theString .= ' <div class="comment_links"><a href="#">message</a>';
if (isset($candelete) && $candelete == 'true') {
$theString .= ' - <a href="' . RingsideSocialConfig::$webRoot . '/wall.php?' . $paramString . '">delete</a></div>';
}
$theString .= ' </div>';
$currentCount++;
}
}
}
$theString .= '</div>';
echo $theString;
}
$snid = isset($_REQUEST['snid']) ? $_REQUEST['snid'] : null;
$api_key = isset($_REQUEST['api_key']) ? $_REQUEST['api_key'] : null;
$canvas = isset($_REQUEST['canvas']) ? true : false;
$network = isset($_REQUEST['network']) ? true : false;
$social_session_key = isset($_REQUEST['social_session_key']) ? $_REQUEST['social_session_key'] : null;
$sig = '';
$network_session = null;
$authorities = null;
try {
// We are expecting a social session key in the request, this can help us understand the current map request
// the network it is coming from and more.
// In the map process not sure where we need this, but its good to load it here.
$network_session = new RingsideSocialSession($social_session_key);
// The mapping process is happening relative to some NETWORK, the user might not be logged in to the DEPLOYED NETWORK.
// And we should not care. However we have to ask some system questions.
$ringside_rest = RingsideSocialUtils::getAdminClient($snid);
$authorities = $ringside_rest->admin_getTrustInfo();
} catch (Exception $e) {
include "ringside/templates/error.tpl";
return;
}
$this_authority = null;
foreach ($authorities as $authority) {
if ($authority['trust_key'] == $snid) {
$this_authority = $authority;
break;
}
}
$hiddenInputs = <<<heredoc
<input type="hidden" name="method" value="bindmap" />
<input type="hidden" name="next" value="{$next}" />
/**
* Re-routes an api request to another network. If trust.php is used as a rest server URL
* and a path info is provided such that the request looks like the one below:
*
* http://localhost/trust.php/facebook/footprints/restserver.php
* or
* http://localhost/trust.php/{network}/{canvas url}/{restserver path}
*
* Attempts to remap and resign the api call using the app's secret on the new network
* and then to change the uid to the equivelent uid on the forgin network.
*
* The api call is then re-signed and issued and the response is returned.
*
* @param unknown_type $params
*/
private static function proxy_app_request(&$params)
{
$matches = array();
// All these special cases are to ensure we aren't adding an additional "/" character to the URL.
preg_match(',^/([^/]*)/([^/]*)(/?.*)$,', $_SERVER['PATH_INFO'], $matches);
$network_key = $matches[1];
$canvas_url = $matches[2];
$rest = $matches[3];
if ($rest == '') {
$rest = '/';
}
if ($network_key != RingsideSocialConfig::$apiKey) {
$skey = isset($_REQUEST['fb_sig_session_key']) ? $_REQUEST['fb_sig_session_key'] : '';
$apiKey = isset($_REQUEST['fb_sig_api_key']) ? $_REQUEST['fb_sig_api_key'] : '';
$ringside_rest = self::createRestClient($params['fb_sig_session_key']);
$admin_rest = RingsideSocialUtils::getAdminClient();
$props = $admin_rest->admin_getAppProperties("application_id,application_name,api_key,secret_key,callback_url", null, $canvas_url, NULL);
$network_app_props = $admin_rest->admin_getAppKeys(null, null, $props['api_key']);
$network_api_key = $props['api_key'];
$network_secret = $props['secret_key'];
self::getApiKeyAndSecretForNetwork($network_key, $network_app_props, $network_api_key, $network_secret);
$network_session = new RingsideSocialSession($params['fb_sig_session_key']);
$idmaps = $ringside_rest->users_mapToPrincipal(array($params['fb_sig_user']), $network_key, $props['application_id']);
// Create openFB request. These are just overrides for the original request.
$has_fb_sig = isset($params['fb_sig']);
$cbReq = array();
// We can't append fb_sig unless Facebook has already passed fb_sig; this would prevent the app's client from creating a session during login
if ($has_fb_sig) {
if (isset($params['fb_sig_nuser'])) {
// Since we're proxying a request, do NOT forward the user mapping!
unset($params['fb_sig_nuser']);
}
$cbReq['fb_sig_flavor'] = 'canvas';
// $cbReq['fb_sig_in_iframe'] = 0;
$cbReq['fb_sig_nid'] = $network_key;
// The social session key needs to be for _this_ social session!
$cbReq['fb_sig_soc_session_key'] = $network_session->getSessionKey();
if (!empty($idmaps) && isset($idmaps[0]) && $idmaps[0] !== null) {
$cbReq['fb_sig_nuser'] = $idmaps[0]['pid'];
}
}
// error_log("cbReq social session key is {$cbReq['fb_sig_soc_session_key']}; params is $fb_sig_soc_session_key");
// TODO: Set up social session key for trust-based proxy
// $cbReq['fb_sig_soc_session_key'] = ;
$req_params = array_merge($params, $cbReq);
error_log("Invoking {$canvas_url} with params: " . var_export($req_params, true));
// Now, we need to re-sign the parameters, since we've added the "nid" and "nuser" fb_sig params
if ($has_fb_sig) {
unset($req_params['fb_sig']);
$sig = RingsideSocialUtils::makeSig($req_params, $network_secret, 'fb_sig');
$req_params['fb_sig'] = $sig;
}
// error_log("Logged in user is principal ".$pids[0]);
// error_log("Proxying to app callback URL ".$props['callback_url']);
$headers = array();
$callback_url = self::safe_append_url($props['callback_url'], $rest);
$result = RingsideSocialUtils::get_request($callback_url, $req_params, $headers);
// error_log("Result: $result");
if (isset($headers['location'])) {
$proxy_redir_url = self::buildProxyUrl($props['callback_url'], $headers['location']);
error_log("Proxying for redirect to {$proxy_redir_url}");
// Build the remote network's callback_url
// We'll redirect _within_ the frame (the commented-out script will redirect the _top_ of the frame
if (isset($params['fb_sig_in_iframe']) && 0 != $params['fb_sig_in_iframe']) {
// RingsideWebUtils::redirect($headers['location']);
$apps_url = RingsideApiClientsConfig::$webUrl . '/canvas.php';
if ($nid == 'facebook') {
$apps_url = 'http://apps.facebook.com/';
}
// $real_location = self::buildProxyUrl($props['callback_url'], $headers['location']);
// echo "<script>top.location.href='".$real_location."';</script>";
RingsideWebUtils::redirect($proxy_redir_url);
} else {
// $real_location = self::buildProxyUrl($props['callback_url'], $headers['location']);
if (isset($params['fb_sig_in_canvas']) && 0 != $params['fb_sig_in_canvas']) {
echo "<fb:redirect url='{$proxy_redir_url}'/>";
} else {
RingsideWebUtils::redirect($proxy_redir_url);
}
}
return;
}
echo $result;
return;
}
// Map network user to principal
// Rewrite fb_sig
// Proxy to callback_url
echo '<ERROR>Unknown Callback_Url!</ERROR>';
}
/**
* Builds the expected results, emitting divs.
*
* @param $inputs Array containing fb:comments parameters.
* @param $comments Array of mock comments
* @return string Expected results
*/
public static function makeExpectedResultsDivs($inputs, $comments, $aid)
{
$xid = $inputs[0];
$canpost = $inputs[1];
$candelete = $inputs[2];
$numposts = $inputs[3];
$callbackurl = $inputs[4];
$returnurl = $inputs[5];
$showform = isset($inputs[6]) ? $inputs[6] : 'false';
$uid = $inputs[7];
$title = $inputs[8];
$params = array();
$params['xid'] = $xid;
if (!empty($callbackurl)) {
$params['c_url'] = $callbackurl;
}
if (!empty($returnurl)) {
$params['r_url'] = $returnurl;
}
$params['aid'] = $aid;
$params['sig'] = RingsideSocialUtils::makeSig($params, RingsideSocialConfig::$secretKey);
$expected = '<div class="comments">';
//title
if (!isset($title) || empty($title)) {
$expected .= ' <div class="comments_title">Comments</div>';
} else {
$expected .= ' <div class="comments_title">' . $title . '</div>';
}
//number of comments
if (!isset($comments) || empty($comments)) {
$expected .= ' <div class="comments_numposts">There are no posts yet.</div>';
if ($canpost == 'true' && $showform == 'false') {
$expected .= '<div class="comments_top_links"><a href="' . RingsideSocialConfig::$webRoot . '/wall.php?xid=' . $xid . '&aid=' . $aid . '&sig=' . $params['sig'];
if (!empty($callbackurl) && isset($callbackurl)) {
$expected .= '&r_url=' . $callbackurl;
}
$expected .= '">Write Something</a>';
$expected .= '</div>';
}
} else {
if (sizeof($comments) === 1) {
$expected .= ' <div class="comments_numposts">Displaying the only post.</div>';
if ($canpost == 'true' && $showform == 'false') {
$expected .= '<div class="comments_top_links"><a href="' . RingsideSocialConfig::$webRoot . '/wall.php?xid=' . $xid . '&aid=' . $aid . '&sig=' . $params['sig'];
if (!empty($callbackurl) && isset($callbackurl)) {
$expected .= '&r_url=' . $callbackurl;
}
$expected .= '">Write Something</a>';
$expected .= '</div>';
}
} else {
if (sizeof($comments) > 0 && sizeof($comments) < $numposts) {
$expected .= ' <div class="comments_numposts">Displaying all ' . sizeof($comments) . ' posts.</div>';
if ($canpost == 'true' && $showform == 'false') {
$expected .= '<div class="comments_top_links"><a href="' . RingsideSocialConfig::$webRoot . '/wall.php?xid=' . $xid . '&aid=' . $aid . '&sig=' . $params['sig'];
if (!empty($callbackurl) && isset($callbackurl)) {
$expected .= '&r_url=' . $callbackurl;
}
$expected .= '">Write Something</a>';
$expected .= '</div>';
}
} else {
$expected .= ' <div class="comments_numposts">Displaying ' . $numposts . ' of ' . sizeof($comments) . '.</div>';
$expected .= '<div class="comments_top_links">';
if ($canpost == 'true' && $showform == 'false') {
$expected .= '<a href="' . RingsideSocialConfig::$webRoot . '/wall.php?xid=' . $xid . '&aid=' . $aid . '&sig=' . $params['sig'];
if (!empty($callbackurl) && isset($callbackurl)) {
$expected .= '&r_url=' . $callbackurl;
}
$expected .= '">Write Something</a> ';
}
$expected .= '<a href="' . RingsideSocialConfig::$webRoot . '/wall.php?xid=' . $xid . '&aid=' . $aid . '">See All</a>';
$expected .= '</div>';
}
}
}
self::handleShowForm($showform, $expected, $xid, $aid, $callbackurl, $params['sig']);
//comments
$currentCount = 0;
if (isset($comments) && !empty($comments)) {
foreach ($comments as $comment) {
$params['xid_action'] = 'delete';
$params['cid'] = $comment['cid'];
$paramString = http_build_query($params, '', '&');
if ($currentCount < $numposts) {
$expected .= ' <div class="comment">';
$expected .= ' <div class="comment_author">' . $uid . ' wrote</div>';
$time = $comment['created'];
$expected .= ' <div class="comment_time">at ' . $time . '</div>';
$expected .= ' <div class="comment_text">' . $comment['text'] . '</div>';
$expected .= ' <div class="comment_links"><a href="#">message</a>';
if (isset($candelete) && $candelete == 'true') {
$expected .= ' - <a href="' . RingsideSocialConfig::$webRoot . '/wall.php?' . $paramString . '">delete</a></div>';
}
$expected .= ' </div>';
$currentCount++;
}
}
}
$expected .= '</div>';
return $expected;
}
<?php
/**
* Document this file.
*
* @author Jason Kinner <*****@*****.**>
*/
require_once 'ringside/api/clients/RingsideApiClients.php';
require_once 'ringside/social/RingsideSocialUtils.php';
if (isset($_REQUEST['social_session_key'])) {
$client = RingsideSocialUtils::getAdminClient();
$domain_info = $client->admin_getDomainProperties(array('secret_key'), null, $_REQUEST['network_key']);
error_log("For network " . $_REQUEST['network_key'] . ", the values are: " . var_export($domain_info, true));
$secret = $domain_info['secret_key'];
$params = array('social_session_key' => $_GET['social_session_key'], 'next' => $_GET['next']);
error_log("Verifying signature with params: " . var_export($params, true) . " and secret '{$secret}'");
$check_sig = Facebook::generate_sig($params, $secret);
if ($check_sig == $_REQUEST['sig']) {
$social_session_key = $_GET['social_session_key'];
error_log("Site connect signature verified. Setting cookie.");
setcookie('PHPSESSID', $social_session_key);
$next = $_REQUEST['next'];
// TODO: Think about restricting this redirect to the registered site's domain, like app login redirection
if (strpos($next, '?') !== false) {
$next .= "&";
} else {
$next .= "?";
}
$params = array('sc_social_session_key' => $social_session_key, 'sc_sig' => Facebook::generate_sig(array('social_session_key' => $social_session_key), $domain_info['secret']));
$next .= http_build_query($params);
header('Location: ' . $next, null, 302);
/**
* Handle the trust situation for a web application, this
* will force redirects to canvas or callback url as specified.
*
* @param Application $application
* @param int $uid
* @param boolean $infinite
* @param boolean $canvas
* @param string next
* @return boolean success failure
*/
function handleWebAppTrust($apikey, $application, $uid, $infinite, $canvas, $trust, $next)
{
$this->trustUser($application, $uid, $infinite);
try {
// Get a client which is represents this SOCIAL engine to API relationship
$apiSessionKey = RingsideSocialUtils::getApiSessionKey(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $application->getSocialSession());
$apiClientSocial = new RingsideApiClientsRest(RingsideSocialConfig::$apiKey, RingsideSocialConfig::$secretKey, $apiSessionKey, null, RingsideSocialConfig::$apiKey);
// Get information about a given application.
$result = $apiClientSocial->admin_getAppProperties("application_id,secret_key,canvas_url,callback_url", null, null, $apikey);
$canvas_url = isset($result['canvas_url']) ? $result['canvas_url'] : "";
$callback_url = isset($result['callback_url']) ? $result['callback_url'] : "";
$secret = isset($result['secret_key']) ? $result['secret_key'] : "";
if ($canvas === true) {
$trust_info = $apiClientSocial->admin_getTrustInfo(array(RingsideSocialConfig::$apiKey));
$canvas_root = $trust_info[0]['trust_canvas_url'];
$this->redirect = $canvas_root . '/' . $canvas_url . $next;
} else {
// get the clients applications and create
$appClient = new RingsideApiClientsRest($apikey, $secret, null, null, RingsideSocialConfig::$apiKey);
$token = $appClient->auth_createToken($infinite);
$appClient->auth_approveToken($uid);
if (strpos($next, "?") === false) {
$next = $next . "?";
} else {
if (strpos($next, "&") !== false) {
$next = $next . "&";
}
}
if ($trust === true) {
$redir = $next . "auth_token=" . $token;
} else {
if (strpos($next, $callback_url) === 0) {
$redir = $next . "auth_token=" . $token;
} else {
$redir = $callback_url . $next . "auth_token=" . $token;
}
}
$this->redirect = $redir;
}
return true;
} catch (Exception $e) {
error_log($e->getMessage());
$this->removeTrust($application, $uid);
return false;
}
}
