GNUsocial/gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity
Files
e78342c4844fa935d7e455d669cb2617c6362a4b
gnu-social/actions/api.php

211 lines
7.1 KiB
PHP
Raw Normal View History

First volly at a Twitter-compatible API. Just working out the detials of 1) Basic Auth and 2) dispatch to the right Action class files to handle the requests. You can hit it with... http://localhost/laconica/api/public_timeline.json or to try Basic Auth you can try something like: http://nickname:password@localhost/laconica/api/statuses/friends_timeline.xml Although that actual method isn't done yet, so it should authenticate and then complain. darcs-hash:20080712081247-ca946-acd3e0e2762c7d9ff0cb3cd7a53cfdfcc5b26660.gz
2008-07-12 04:12:47 -04:00
<?php
/*
* Laconica - a distributed open-source microblogging tool
* Copyright (C) 2008, Controlez-Vous, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
First volly at a Twitter-compatible API. Just working out the detials of 1) Basic Auth and 2) dispatch to the right Action class files to handle the requests. You can hit it with... http://localhost/laconica/api/public_timeline.json or to try Basic Auth you can try something like: http://nickname:password@localhost/laconica/api/statuses/friends_timeline.xml Although that actual method isn't done yet, so it should authenticate and then complain. darcs-hash:20080712081247-ca946-acd3e0e2762c7d9ff0cb3cd7a53cfdfcc5b26660.gz
2008-07-12 04:12:47 -04:00
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
* along with this program. If not, see <http://www.gnu.org/licenses/>.
First volly at a Twitter-compatible API. Just working out the detials of 1) Basic Auth and 2) dispatch to the right Action class files to handle the requests. You can hit it with... http://localhost/laconica/api/public_timeline.json or to try Basic Auth you can try something like: http://nickname:password@localhost/laconica/api/statuses/friends_timeline.xml Although that actual method isn't done yet, so it should authenticate and then complain. darcs-hash:20080712081247-ca946-acd3e0e2762c7d9ff0cb3cd7a53cfdfcc5b26660.gz
2008-07-12 04:12:47 -04:00
*/
if (!defined('LACONICA')) { exit(1); }
move opening brace of class declaration to next line Another gigantor PEAR coding standards patch. Here, I've moved the opening curly bracket on a class statement to the following line. darcs-hash:20081223194923-84dde-77a93de314caadbcb5b70bf346a4648be77a864e.gz
2008-12-23 14:49:23 -05:00
class ApiAction extends Action
{
First volly at a Twitter-compatible API. Just working out the detials of 1) Basic Auth and 2) dispatch to the right Action class files to handle the requests. You can hit it with... http://localhost/laconica/api/public_timeline.json or to try Basic Auth you can try something like: http://nickname:password@localhost/laconica/api/statuses/friends_timeline.xml Although that actual method isn't done yet, so it should authenticate and then complain. darcs-hash:20080712081247-ca946-acd3e0e2762c7d9ff0cb3cd7a53cfdfcc5b26660.gz
2008-07-12 04:12:47 -04:00
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
var $user;
var $content_type;
var $api_arg;
var $api_method;
var $api_action;
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
function handle($args)
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
parent::handle($args);
$this->api_action = $this->arg('apiaction');
$method = $this->arg('method');
$argument = $this->arg('argument');
if (isset($argument)) {
$cmdext = explode('.', $argument);
$this->api_arg = $cmdext[0];
$this->api_method = $method;
$this->content_type = strtolower($cmdext[1]);
} else {
# Requested format / content-type will be an extension on the method
$cmdext = explode('.', $method);
$this->api_method = $cmdext[0];
$this->content_type = strtolower($cmdext[1]);
}
if ($this->requires_auth()) {
if (!isset($_SERVER['PHP_AUTH_USER'])) {
# This header makes basic auth go
header('WWW-Authenticate: Basic realm="Laconica API"');
# If the user hits cancel -- bam!
$this->show_basic_auth_error();
} else {
$nickname = $_SERVER['PHP_AUTH_USER'];
$password = $_SERVER['PHP_AUTH_PW'];
$user = common_check_user($nickname, $password);
if ($user) {
$this->user = $user;
$this->process_command();
} else {
# basic authentication failed
$this->show_basic_auth_error();
}
}
} else {
Revert "Twitter-compatible API - update verify_credentials to return profile" This reverts commit b801f73b1f4706f15783f91fd07508a03175592d. Twhirl assumes we return the old kind of results, so we have to do that.
2009-01-08 16:15:08 -05:00
# Caller might give us a username even if not required
if (isset($_SERVER['PHP_AUTH_USER'])) {
$user = User::staticGet('nickname', $_SERVER['PHP_AUTH_USER']);
if ($user) {
$this->user = $user;
}
# Twitter doesn't throw an error if the user isn't found
Twitter-compatible API: - Filled in favorites tags in statuses - Filled in more tags in user/show, including undocumented features - Better error handling and more consistent error messages - Code clean-up and refactoring - Removed huge obnoxious comments darcs-hash:20081017023638-462f3-27b5d2709e423c616723d4bcfbc9d7d30a4ad161.gz
2008-10-16 22:36:38 -04:00
}
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$this->process_command();
}
}
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
function process_command()
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$action = "twitapi$this->api_action";
$actionfile = INSTALLDIR."/actions/$action.php";
if (file_exists($actionfile)) {
require_once($actionfile);
$action_class = ucfirst($action)."Action";
$action_obj = new $action_class();
First volly at a Twitter-compatible API. Just working out the detials of 1) Basic Auth and 2) dispatch to the right Action class files to handle the requests. You can hit it with... http://localhost/laconica/api/public_timeline.json or to try Basic Auth you can try something like: http://nickname:password@localhost/laconica/api/statuses/friends_timeline.xml Although that actual method isn't done yet, so it should authenticate and then complain. darcs-hash:20080712081247-ca946-acd3e0e2762c7d9ff0cb3cd7a53cfdfcc5b26660.gz
2008-07-12 04:12:47 -04:00
prepare the action obj for API darcs-hash:20081203210358-5ed1f-3ff0de9c00c72de6bde703b150b24597ff8fadf4.gz
2008-12-03 16:03:58 -05:00
if (!$action_obj->prepare($this->args)) {
return;
}
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
if (method_exists($action_obj, $this->api_method)) {
$apidata = array( 'content-type' => $this->content_type,
'api_method' => $this->api_method,
'api_arg' => $this->api_arg,
'user' => $this->user);
call_user_func(array($action_obj, $this->api_method), $_REQUEST, $apidata);
} else {
Convert use of common_server_error and common_user_error to methods on Action
2009-01-15 23:03:38 +00:00
$this->clientError("API method not found!", $code=404);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
} else {
Convert use of common_server_error and common_user_error to methods on Action
2009-01-15 23:03:38 +00:00
$this->clientError("API method not found!", $code=404);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
}
# Whitelist of API methods that don't need authentication
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
function requires_auth()
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
static $noauth = array( 'statuses/public_timeline',
'statuses/show',
'users/show',
'help/test',
add laconica methods to unauthed ones darcs-hash:20081230203747-84dde-dbdb783c8883097af0f69b4c06c2425c54964773.gz
2008-12-30 15:37:47 -05:00
'help/downtime_schedule',
'laconica/version',
'laconica/config',
'laconica/wadl');
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
static $bareauth = array('statuses/user_timeline',
More api actions which need no auth when called with parameter.
2009-03-07 13:52:52 +01:00
'statuses/friends_timeline',
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
'statuses/friends',
More api actions which need no auth when called with parameter.
2009-03-07 13:52:52 +01:00
'statuses/replies',
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
'statuses/followers',
'favorites/favorites');
try again with user_timeline auth darcs-hash:20080719155526-84dde-5157cd11d2f96128321b46cb2bea8ff27ce4478f.gz
2008-07-19 11:55:26 -04:00
Open the /api/laconica/config.format API method so clients can determine whether a site is "private".
2009-02-18 15:33:52 -08:00
$fullname = "$this->api_action/$this->api_method";
isReadOnly() now takes arguments Add an array of arguments to isReadOnly() method of actions, to let them change their results depending on what actions are called. Primarily used by the 'api' action. Ideally in the future that will be multiple actions. But this might still be useful.
2009-04-13 15:49:26 -04:00
// If the site is "private", all API methods except laconica/config
Open the /api/laconica/config.format API method so clients can determine whether a site is "private".
2009-02-18 15:33:52 -08:00
// need authentication
fine-tuning the privacy flag darcs-hash:20081203183432-5ed1f-7626661b797f64594f990ee06d9e13b73b265b49.gz
2008-12-03 13:34:32 -05:00
if (common_config('site', 'private')) {
Open the /api/laconica/config.format API method so clients can determine whether a site is "private".
2009-02-18 15:33:52 -08:00
return $fullname != 'laconica/config' || false;
fine-tuning the privacy flag darcs-hash:20081203183432-5ed1f-7626661b797f64594f990ee06d9e13b73b265b49.gz
2008-12-03 13:34:32 -05:00
}
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
if (in_array($fullname, $bareauth)) {
# bareauth: only needs auth if without an argument
if ($this->api_arg) {
return false;
} else {
return true;
}
} else if (in_array($fullname, $noauth)) {
# noauth: never needs auth
return false;
} else {
# everybody else needs auth
return true;
}
}
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
function show_basic_auth_error()
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
header('HTTP/1.1 401 Unauthorized');
$msg = 'Could not authenticate you.';
if ($this->content_type == 'xml') {
header('Content-Type: application/xml; charset=utf-8');
Bring the Twitter compatible API inline with new uiredesign stuff
2009-01-23 01:19:19 -08:00
$this->startXML();
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->elementStart('hash');
$this->element('error', null, $msg);
$this->element('request', null, $_SERVER['REQUEST_URI']);
$this->elementEnd('hash');
Bring the Twitter compatible API inline with new uiredesign stuff
2009-01-23 01:19:19 -08:00
$this->endXML();
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
} else if ($this->content_type == 'json') {
header('Content-Type: application/json; charset=utf-8');
$error_array = array('error' => $msg, 'request' => $_SERVER['REQUEST_URI']);
print(json_encode($error_array));
} else {
header('Content-type: text/plain');
print "$msg\n";
}
}
typo in api.php
2009-04-13 15:52:15 -04:00
function isReadOnly($args)
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
{
isReadOnly() now takes arguments Add an array of arguments to isReadOnly() method of actions, to let them change their results depending on what actions are called. Primarily used by the 'api' action. Ideally in the future that will be multiple actions. But this might still be useful.
2009-04-13 15:49:26 -04:00
$apiaction = $args['apiaction'];
$method = $args['method'];
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
list($cmdtext, $fmt) = explode('.', $method);
static $write_methods = array(
'account' => array('update_location', 'update_delivery_device', 'end_session'),
'blocks' => array('create', 'destroy'),
'direct_messages' => array('create', 'destroy'),
'favorites' => array('create', 'destroy'),
'friendships' => array('create', 'destroy'),
'help' => array(),
'notifications' => array('follow', 'leave'),
'statuses' => array('update', 'destroy'),
'users' => array()
);
if (array_key_exists($apiaction, $write_methods)) {
if (!in_array($cmdtext, $write_methods[$apiaction])) {
return true;
}
}
return false;
}
First volly at a Twitter-compatible API. Just working out the detials of 1) Basic Auth and 2) dispatch to the right Action class files to handle the requests. You can hit it with... http://localhost/laconica/api/public_timeline.json or to try Basic Auth you can try something like: http://nickname:password@localhost/laconica/api/statuses/friends_timeline.xml Although that actual method isn't done yet, so it should authenticate and then complain. darcs-hash:20080712081247-ca946-acd3e0e2762c7d9ff0cb3cd7a53cfdfcc5b26660.gz
2008-07-12 04:12:47 -04:00
}
Copy Permalink