From cc55a45f4bad24d5921b4575389650e93efe6605 Mon Sep 17 00:00:00 2001 From: zach Date: Mon, 14 Jul 2008 04:07:41 -0400 Subject: [PATCH] Second shot at figuring out action dispatch for Twitter-compatible API darcs-hash:20080714080741-ca946-1b2f8c026f433e27a30abc104ca2dba11b9b662e.gz --- actions/api.php | 85 ++++++++++++++++++++------------- actions/api_public_timeline.php | 31 ------------ htaccess.sample | 23 ++++++++- 3 files changed, 74 insertions(+), 65 deletions(-) delete mode 100644 actions/api_public_timeline.php diff --git a/actions/api.php b/actions/api.php index 21404e331b..2e7ed3558c 100644 --- a/actions/api.php +++ b/actions/api.php @@ -19,18 +19,37 @@ if (!defined('LACONICA')) { exit(1); } -// XXX: Not sure of terminology yet... maybe call things "api_methods" insteads of "commands" - class ApiAction extends Action { + var $nickname; + var $content_type; + var $api_arg; + var $api_method; + var $api_action; + function handle($args) { parent::handle($args); - $command = $this->arg('command'); + $this->api_action = $this->arg('apiaction'); + $method = $this->arg('method'); + $argument = $this->arg('argument'); - # XXX Maybe check to see if the command actually exists first + if (isset($argument)) { + $cmdext = explode('.', $argument); + $this->api_arg = $cmdext[0]; + $this->api_method = $method; + $this->content_type = $cmdext[1]; + } else { + #content type will be an extension on the method + $cmdext = explode('.', $method); + $this->api_method = $cmdext[0]; + $this->content_type = $cmdext[1]; + } - if($this->requires_auth($command)) { + # common_debug("apiaction = $this->api_action, method = $this->api_method, argument = $this->api_arg, ctype = $this->content_type"); + + # XXX Maybe check to see if the command actually exists first? + if($this->requires_auth()) { if (!isset($_SERVER['PHP_AUTH_USER'])) { # This header makes basic auth go @@ -44,49 +63,49 @@ class ApiAction extends Action { $user = common_check_user($nickname, $password); if ($user) { - $this->process_command($command, $nickname, $password); + $this->nickname = $nickname; + $this->process_command(); } else { # basic authentication failed common_show_basic_auth_error(); } } - } else { - $this->process_command($command); - } + $this->process_command(); + } } - # this is where we can dispatch off to api Class files - function process_command($command, $nickname=NULL, $password=NULL) { - - $parts = explode('.', $command); - $api_action = "api_$parts[0]"; - $extension = $parts[1]; # requested content type - - $api_actionfile = INSTALLDIR."/actions/$api_action.php"; - - if (file_exists($api_actionfile)) { - require_once($api_actionfile); - $action_class = ucfirst($api_action)."Action"; + function process_command() { + $action = "api$this->api_action"; + $actionfile = INSTALLDIR."/actions/$action.php"; + if (file_exists($actionfile)) { + require_once($actionfile); + $action_class = ucfirst($action)."Action"; $action_obj = new $action_class(); - # need to pass off nick and password and stuff ... put in $args? constructor? - # pull from $_REQUEST later? - call_user_func(array($action_obj, 'handle'), $_REQUEST); - } else { - - # need appropriate API error functs - print "\nerror!\n"; + if (method_exists($action_obj, $this->api_method)) { + + $apidata = array( 'content-type' => $this->content_type, + 'api_method' => $this->api_method, + 'api_arg' => $this->api_arg, + 'nickanme' => $htis->nickanme); + + call_user_func(array($action_obj, $this->api_method), $_REQUEST, $apidata); + # all API methods should exit() + } } + common_user_error("API method not found!", $code=404); } + # Whitelist of API methods that don't need authentication - function requires_auth($command) { - - # The only command that doesn't in Twitter's API is public_timeline - if (ereg('^public_timeline.*$', $command)) { + function requires_auth() { + static $noauth = array( 'statuses/public_timeline', + 'help/test', + 'help/downtime_schedule'); + if (in_array("$this->api_action/$this->api_method", $noauth)) { return false; - } + } return true; } diff --git a/actions/api_public_timeline.php b/actions/api_public_timeline.php deleted file mode 100644 index 677ddf422d..0000000000 --- a/actions/api_public_timeline.php +++ /dev/null @@ -1,31 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -# This naming convention looks real sick -class Api_public_timelineAction extends Action { - - function handle($args) { - parent::handle($args); - - print "Public Timeline!\n"; - exit(); - } -} \ No newline at end of file diff --git a/htaccess.sample b/htaccess.sample index 15decf2656..3a5198925c 100644 --- a/htaccess.sample +++ b/htaccess.sample @@ -56,5 +56,26 @@ RewriteRule ^(\w+)/avatar/(original|96|48|24)$ index.php?action=avatarbynickname RewriteRule ^(\w+)$ index.php?action=showstream&nickname=$1 [L,QSA] -RewriteRule ^api/(\w+.\w+)$ index.php?action=api&command=$1 [L,QSA] +# Twitter-compatible API rewrites +RewriteRule ^api/statuses/public_timeline(.*)$ index.php?action=api&apiaction=statuses&method=public_timeline$1 [L,QSA] +RewriteRule ^api/statuses/show/(.*)$ index.php?action=api&apiaction=statuses&method=show&argument=$1 [L,QSA] +RewriteRule ^api/statuses/direct_messages/sent(.*)$ index.php?action=api&apiaction=direct_messages&method=send$1 [L,QSA] +RewriteRule ^api/statuses/direct_messages(.*)$ index.php?action=api&apiaction=direct_messages&method=index$1 [L,QSA] +RewriteRule ^api/direct_messages/(.*)$ index.php?action=api&apiaction=direct_messages&method=$1 [L,QSA] +RewriteRule ^api/friendships/create/(.*)$ index.php?action=api&apiaction=friendships&method=create&argument=$1 [L,QSA] +RewriteRule ^api/friendships/destroy/(.*)$ index.php?action=api&apiaction=friendships&method=destroy&argument=$1 [L,QSA] +RewriteRule ^api/friendships/exists(.*)$ index.php?action=api&apiaction=friendships&method=exists$1 [L,QSA] +RewriteRule ^api/account/verify_credentials(.*)$ index.php?action=api&apiaction=account&method=verify_credentials$1 [L,QSA] +RewriteRule ^api/account/end_session$ index.php?action=api&apiaction=account&method=end_session$1 [L,QSA] +RewriteRule ^api/account/update_location(.*)$ index.php?action=api&apiaction=account&method=update_location$1 [L,QSA] +RewriteRule ^api/account/update_delivery_device(.*)$ index.php?action=api&apiaction=account&method=update_delivery_device$1 [L,QSA] +RewriteRule ^api/account/rate_limit_status(.*)$ index.php?action=api&apiaction=account&method=rate_limit_status$1 [L,QSA] +RewriteRule ^api/favorites(.*)$ index.php?action=api&apiaction=favorites&method=index$1 [L,QSA] +RewriteRule ^api/favorites/create/(.*)$ index.php?action=api&apiaction=favorites&method=create&argument=$1 [L,QSA] +RewriteRule ^api/favorites/destroy/(.*)$ index.php?action=api&apiaction=favorites&method=destroy&argument=$1 [L,QSA] +RewriteRule ^api/notifications/follow/(.*)$ index.php?action=api&apiaction=notifications&method=follow&argument=$1 [L,QSA] +RewriteRule ^api/notifications/leave/(.*)$ index.php?action=api&apiaction=notifications&method=leave&argument=$1 [L,QSA] +RewriteRule ^api/blocks/create/(.*)$ index.php?action=api&apiaction=blocks&method=create&argument=$1 [L,QSA] +RewriteRule ^api/blocks/destroy/(.*)$ index.php?action=api&apiaction=blocks&method=destroy&argument=$1 [L,QSA] +RewriteRule ^api/help/(.*)$ index.php?action=api&apiaction=help&method=$1 [L,QSA]