kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

[enh] formatting

This commit is contained in:
Benjamin Sonntag 2015-01-12 20:16:28 +01:00
parent afbed13686
commit a1a49955c2
10 changed files with 659 additions and 685 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
lib/Alternc/Api/Auth/Interface.php
View File

@ -6,25 +6,21 @@
*/
interface Alternc_Api_Auth_Interface {
/**
* contructor :
* $service is an Alternc_Api_Service object having a getDb() method
*/
function __construct($service);
/**
* contructor :
* $service is an Alternc_Api_Service object having a getDb() method
*/
function __construct($service);
/**
* auth takes options specific to the auth itself
* returns an Alternc_Api_Token object
*/
function auth($options);
/**
* auth takes options specific to the auth itself
* returns an Alternc_Api_Token object
*/
function auth($options);
/**
* instructions on how to use this Auth class
* @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth")
*/
function instructions();
/**
* instructions on how to use this Auth class
* @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth")
*/
function instructions();
}

110
lib/Alternc/Api/Auth/Login.php
View File

@ -4,72 +4,68 @@
* Authentication API used by server to authenticate a user using its alternc login and password
*/
class Alternc_Api_Auth_Login implements Alternc_Api_Auth_Interface {
private $db; // PDO object
private $db; // PDO object
const ERR_INVALID_ARGUMENT = 1111201;
const ERR_INVALID_ARGUMENT = 1111201;
/**
* Constructor of the Login Api Auth
*
* @param $service an Alternc_Api_Service object
* @return create the object
*/
function __constructor($service) {
/**
* Constructor of the Login Api Auth
*
* @param $service an Alternc_Api_Service object
* @return create the object
*/
function __construct($service) {
if (!($service instanceof Alternc_Api_Service))
throw new \Exception("Invalid argument (service)",ERR_INVALID_ARGUMENT);
if (!($service instanceof Alternc_Api_Service))
throw new \Exception("Invalid argument (service)", ERR_INVALID_ARGUMENT);
$this->db = $service->getDb();
} // __construct
/**
* Authenticate a user
*
* @param $options options, depending on the auth scheme, including uid for setuid users
* here, login is the alternc username, and password is the password for this username.
* @return an Alternc_Api_Token
*/
function auth($options) {
if (!isset($options["login"]) || !is_string($options["login"])) {
throw new \Exception("Missing required parameter login", self::ERR_INVALID_ARGUMENT);
}
if (!isset($options["password"]) || !is_string($options["password"])) {
throw new \Exception("Missing required parameter password", self::ERR_INVALID_ARGUMENT);
$this->db = $service->getDb();
}
if (!preg_match("#^[0-9a-zA-Z-]{1,32}$#",$options["login"])) { // FIXME : normalize this on AlternC !!!
throw new \Exception("Invalid login", self::ERR_INVALID_LOGIN);
/**
* Authenticate a user
*
* @param $options options, depending on the auth scheme, including uid for setuid users
* here, login is the alternc username, and password is the password for this username.
* @return an Alternc_Api_Token
*/
function auth($options) {
if (!isset($options["login"]) || !is_string($options["login"])) {
throw new \Exception("Missing required parameter login", self::ERR_INVALID_ARGUMENT);
}
if (!isset($options["password"]) || !is_string($options["password"])) {
throw new \Exception("Missing required parameter password", self::ERR_INVALID_ARGUMENT);
}
if (!preg_match("#^[0-9a-zA-Z-]{1,32}$#", $options["login"])) { // FIXME : normalize this on AlternC !!!
throw new \Exception("Invalid login", self::ERR_INVALID_LOGIN);
}
$stmt = $db->query("SELECT m.enabled,m.uid,m.login,m.su FROM membres m WHERE m.login=? AND m.password=?;", array($options["login"], $options["password"]), PDO::FETCH_CLASS);
$me = $stmt->fetch();
if (!$me)
return new Alternc_Api_Response(array("code" => ERR_INVALID_AUTH, "message" => "Invalid login or password"));
if (!$me->enabled)
return new Alternc_Api_Response(array("code" => ERR_DISABLED_ACCOUNT, "message" => "Account is disabled"));
return Alternc_Api_Token::tokenGenerate(
array("uid" => $me->uid, "isAdmin" => ($me->su != 0)), $this->db
);
}
$stmt = $db->query("SELECT m.enabled,m.uid,m.login,m.su FROM membres m WHERE m.login=? AND m.password=?;",array($options["login"],$options["password"]),PDO::FETCH_CLASS);
$me=$stmt->fetch();
if (!$me)
return new Alternc_Api_Response(array("code"=>ERR_INVALID_AUTH, "message" => "Invalid login or password"));
if (!$me->enabled)
return new Alternc_Api_Response(array("code"=>ERR_DISABLED_ACCOUNT, "message" => "Account is disabled"));
/**
* instructions on how to use this Auth class
* @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth")
*/
function instructions() {
return array("fields" => array("login" => "AlternC user account", "password" => "AlternC's user password stored in membres table."),
"description" => "Authenticate against an AlternC user and password, the same as for the control panel"
);
}
return Alternc_Api_Token::tokenGenerate(
array("uid"=>$me->uid, "isAdmin"=>($me->su!=0) ),
$this->db
);
}
}
/**
* instructions on how to use this Auth class
* @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth")
*/
function instructions() {
return array("fields" => array("login" => "AlternC user account", "password" => "AlternC's user password stored in membres table."),
"description" => "Authenticate against an AlternC user and password, the same as for the control panel"
);
}
} // class Alternc_Api_Auth_Login
// class Alternc_Api_Auth_Login

128
lib/Alternc/Api/Auth/Sharedsecret.php
View File

@ -5,80 +5,78 @@
* SHARED SECRET (ApiKey)
*/
class Alternc_Api_Auth_Sharedsecret implements Alternc_Api_Auth_Interface {
private $db; // PDO object
private $db; // PDO object
const ERR_INVALID_ARGUMENT = 1111801;
const ERR_INVALID_SECRET = 1111802;
const ERR_INVALID_LOGIN = 1111803;
const ERR_DISABLED_ACCOUNT = 1111804;
const ERR_INVALID_AUTH = 1111805;
const ERR_INVALID_ARGUMENT = 1111801;
const ERR_INVALID_SECRET = 1111802;
const ERR_INVALID_LOGIN = 1111803;
const ERR_DISABLED_ACCOUNT = 1111804;
const ERR_INVALID_AUTH = 1111805;
/**
* Constructor of the Shared Secret Api Auth
*
* @param $service an Alternc_Api_Service object
* @return create the object
*/
function __construct($service) {
/**
* Constructor of the Shared Secret Api Auth
*
* @param $service an Alternc_Api_Service object
* @return create the object
*/
function __construct($service) {
if (!($service instanceof Alternc_Api_Service))
throw new \Exception("Invalid argument (service)",ERR_INVALID_ARGUMENT);
if (!($service instanceof Alternc_Api_Service))
throw new \Exception("Invalid argument (service)", ERR_INVALID_ARGUMENT);
$this->db = $service->getDb();
} // __construct
/**
* Authenticate a user
*
* @param $options options, depending on the auth scheme, including uid for setuid users
* here, login is the alternc username, and secret is a valid shared secret for this user.
* @return an Alternc_Api_Token
*/
function auth($options) {
if (!isset($options["login"]) || !is_string($options["login"])) {
throw new \Exception("Missing required parameter login", self::ERR_INVALID_ARGUMENT);
}
if (!isset($options["secret"]) || !is_string($options["secret"])) {
throw new \Exception("Missing required parameter secret", self::ERR_INVALID_ARGUMENT);
}
if (!preg_match("#^[0-9a-zA-Z]{32}$#",$options["secret"])) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_SECRET, "message" => "Invalid shared secret syntax") );
$this->db = $service->getDb();
}
if (!preg_match("#^[0-9a-zA-Z-]{1,32}$#",$options["login"])) { // FIXME : normalize this on AlternC !!!
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_LOGIN, "message" => "Invalid login") );
// __construct
/**
* Authenticate a user
*
* @param $options options, depending on the auth scheme, including uid for setuid users
* here, login is the alternc username, and secret is a valid shared secret for this user.
* @return an Alternc_Api_Token
*/
function auth($options) {
if (!isset($options["login"]) || !is_string($options["login"])) {
throw new \Exception("Missing required parameter login", self::ERR_INVALID_ARGUMENT);
}
if (!isset($options["secret"]) || !is_string($options["secret"])) {
throw new \Exception("Missing required parameter secret", self::ERR_INVALID_ARGUMENT);
}
if (!preg_match("#^[0-9a-zA-Z]{32}$#", $options["secret"])) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_SECRET, "message" => "Invalid shared secret syntax"));
}
if (!preg_match("#^[0-9a-zA-Z-]{1,32}$#", $options["login"])) { // FIXME : normalize this on AlternC !!!
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_LOGIN, "message" => "Invalid login"));
}
$stmt = $this->db->prepare("SELECT m.enabled,m.uid,m.login,m.su FROM membres m, sharedsecret s WHERE s.uid=m.uid AND m.login=? AND s.secret=?;");
$stmt->execute(array($options["login"], $options["secret"]));
$me = $stmt->fetch(PDO::FETCH_OBJ);
if (!$me)
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_AUTH, "message" => "Invalid shared secret"));
if (!$me->enabled)
return new Alternc_Api_Response(array("code" => self::ERR_DISABLED_ACCOUNT, "message" => "Account is disabled"));
return Alternc_Api_Token::tokenGenerate(
array("uid" => (int) $me->uid, "isAdmin" => ($me->su != 0)), $this->db
);
}
$stmt = $this->db->prepare("SELECT m.enabled,m.uid,m.login,m.su FROM membres m, sharedsecret s WHERE s.uid=m.uid AND m.login=? AND s.secret=?;");
$stmt->execute(array($options["login"],$options["secret"]) );
$me=$stmt->fetch(PDO::FETCH_OBJ);
if (!$me)
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_AUTH, "message" => "Invalid shared secret") );
if (!$me->enabled)
return new Alternc_Api_Response( array("code" => self::ERR_DISABLED_ACCOUNT, "message" => "Account is disabled") );
/**
* instructions on how to use this Auth class
* @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth")
*/
function instructions() {
return array("fields" => array("login" => "AlternC user account", "secret" => "API Key, Shared secrets, valid for this account, stored in sharedsecret table."),
"description" => "Authenticate against an Api Key, also called SharedSecret. distinct from the account's password, can be plenty and revoked independently"
);
}
return Alternc_Api_Token::tokenGenerate(
array("uid"=>(int)$me->uid, "isAdmin"=>($me->su!=0) ),
$this->db
);
}
}
/**
* instructions on how to use this Auth class
* @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth")
*/
function instructions() {
return array("fields" => array("login" => "AlternC user account", "secret" => "API Key, Shared secrets, valid for this account, stored in sharedsecret table."),
"description" => "Authenticate against an Api Key, also called SharedSecret. distinct from the account's password, can be plenty and revoked independently"
);
}
} // class Alternc_Api_Auth_Sharedsecret
// class Alternc_Api_Auth_Sharedsecret

68
lib/Alternc/Api/Legacyobject.php
View File

@ -7,38 +7,38 @@
* @author benjamin
*/
class Alternc_Api_Legacyobject {
protected $admin; // m_admin instance
protected $cuid; // current user id
protected $isAdmin; // is it an Admin account?
protected $db; // PDO DB access to AlternC's database.
const ERR_INVALID_ARGUMENT = 111201;
const ERR_ALTERNC_FUNCTION = 111202;
function __construct($service) {
global $admin,$cuid;
if (!($service instanceof Alternc_Api_Service)) {
throw new \Exception("Bad argument: service is not an Alternc_Api_Service", self::ERR_INVALID_ARGUMENT);
}
// We store the global $cuid to AlternC legacy classes
$this->db=$service->db;
$this->cuid=$cuid=$service->token->uid;
$this->isAdmin=$service->token->isAdmin;
// We use the global $admin from AlternC legacy classes
$this->admin=$admin;
// Set the legacy rights:
$this->admin->enabled=$this->isAdmin;
}
/** return a proper Alternc_Api_Response from an error class and error string
* from AlternC legacy class
*/
protected function alterncLegacyErrorManager() {
global $err;
return new Alternc_Api_Response( array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "[".$err->clsid."] ".$err->error) );
}
} /* Aternc_Api_Legacyobject */
protected $admin; // m_admin instance
protected $cuid; // current user id
protected $isAdmin; // is it an Admin account?
protected $db; // PDO DB access to AlternC's database.
const ERR_INVALID_ARGUMENT = 111201;
const ERR_ALTERNC_FUNCTION = 111202;
function __construct($service) {
global $admin, $cuid;
if (!($service instanceof Alternc_Api_Service)) {
throw new \Exception("Bad argument: service is not an Alternc_Api_Service", self::ERR_INVALID_ARGUMENT);
}
// We store the global $cuid to AlternC legacy classes
$this->db = $service->db;
$this->cuid = $cuid = $service->token->uid;
$this->isAdmin = $service->token->isAdmin;
// We use the global $admin from AlternC legacy classes
$this->admin = $admin;
// Set the legacy rights:
$this->admin->enabled = $this->isAdmin;
}
/** return a proper Alternc_Api_Response from an error class and error string
* from AlternC legacy class
*/
protected function alterncLegacyErrorManager() {
global $err;
return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "[" . $err->clsid . "] " . $err->error));
}
}
/* Aternc_Api_Legacyobject */

281
lib/Alternc/Api/Object/Domain.php
View File

@ -4,151 +4,148 @@
* Domain Api of AlternC, used by alternc-api package
*/
class Alternc_Api_Object_Domain extends Alternc_Api_Legacyobject {
protected $dom; // m_dom instance
function __construct($service) {
global $dom;
parent::__construct($service);
$this->dom=$dom;
protected $dom; // m_dom instance
function __construct($service) {
global $dom;
parent::__construct($service);
$this->dom = $dom;
}
/** API Method from legacy class method dom->get_domain_list()
* @param $options a hash with parameters transmitted to legacy call
* may be "uid" to only return domains for a specific user-id
* (if you are not admin, this WILL only list YOUR domains anyway)
* may be "offset" and/or "count" to do paging.
* @return Alternc_Api_Response whose content is the list of hosted domains on this server
* (no more details as of now)
*/
function find($options) {
global $cuid;
$sql="";
if ($this->isAdmin) {
if (isset($options["uid"])) {
$uid=intval($options["uid"]);
/** API Method from legacy class method dom->get_domain_list()
* @param $options a hash with parameters transmitted to legacy call
* may be "uid" to only return domains for a specific user-id
* (if you are not admin, this WILL only list YOUR domains anyway)
* may be "offset" and/or "count" to do paging.
* @return Alternc_Api_Response whose content is the list of hosted domains on this server
* (no more details as of now)
*/
function find($options) {
global $cuid;
$sql = "";
if ($this->isAdmin) {
if (isset($options["uid"])) {
$uid = intval($options["uid"]);
} else {
$uid = -1;
}
} else {
$uid=-1;
$uid = $cuid;
}
} else {
$uid=$cuid;
}
if ($uid!=-1) {
$sql=" WHERE compte=$uid ";
} else {
$sql="";
}
$stmt = $this->db->prepare("SELECT * FROM domaines $sql ORDER BY domaine");
$stmt->execute();
$result = array();
while ($me = $stmt->fetch(PDO::FETCH_OBJ)) {
$result[$me->domaine] = $me;
}
$offset=-1; $count=-1;
if (isset($options["count"])) $count=intval($options["count"]);
if (isset($options["offset"])) $offset=intval($options["offset"]);
if ($offset!=-1 || $count!=-1) {
if ($offset<0 || $offset>count($result)) $offset=0;
if ($count<0 || $count>1000) $count=1000;
$result= array_slice($result, $offset, $count);
}
return new Alternc_Api_Response( array("content" =>$result) );
}
/** API Method from legacy class method dom->add_domain()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: domain(str), dns(bool)
* non-mandatory: noerase(bool, only admins), force(bool, only admins), isslave(bool), slavedom(str)
* @return Alternc_Api_Response whose content is the newly created DOMAIN id
*/
function add($options) {
$mandatory=array("domain","dns");
$defaults=array("noerase"=>false, "force"=>false, "isslave"=>false, "slavedom"=>"");
$missing="";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key." ";
}
}
if ($missing) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ".$missing) );
}
foreach ($defaults as $key => $value) {
if (!isset($options[$key])) {
$options[$key]=$value;
}
}
if (!$this->isAdmin) { // only admin can change the options below:
$options["noerase"]=false;
$options["force"]=false;
}
$did=$this->dom->add_domain($options["domain"], $options["dns"], $options["noerase"],
$options["force"], $options["isslave"], $options["slavedom"]);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response( array("content" => $did ) );
}
}
/** API Method from legacy class method dom->edit_domain()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: domain(str), dns(bool)
* non-mandatory: noerase(bool, only admins), force(bool, only admins), isslave(bool), slavedom(str)
* @return Alternc_Api_Response whose content is the newly created DOMAIN id
*/
function update($options) {
$mandatory=array("domain","dns","gesmx");
$defaults=array("force"=>false, "ttl"=>86400);
$missing="";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key." ";
}
}
if ($missing) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ".$missing) );
}
foreach ($defaults as $key => $value) {
if (!isset($options[$key])) {
$options[$key]=$value;
}
}
if (!$this->isAdmin) { // only admin can change the options below:
$options["force"]=false;
}
$did=$this->dom->edit_domain($options["domain"], $options["dns"], $options["gesmx"],
$options["force"], $options["ttl"]);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response( array("content" => $did ) );
}
}
if ($uid != -1) {
$sql = " WHERE compte=$uid ";
} else {
$sql = "";
}
$stmt = $this->db->prepare("SELECT * FROM domaines $sql ORDER BY domaine");
$stmt->execute();
$result = array();
while ($me = $stmt->fetch(PDO::FETCH_OBJ)) {
$result[$me->domaine] = $me;
}
$offset = -1;
$count = -1;
if (isset($options["count"]))
$count = intval($options["count"]);
if (isset($options["offset"]))
$offset = intval($options["offset"]);
if ($offset != -1 || $count != -1) {
if ($offset < 0 || $offset > count($result))
$offset = 0;
if ($count < 0 || $count > 1000)
$count = 1000;
$result = array_slice($result, $offset, $count);
}
return new Alternc_Api_Response(array("content" => $result));
}
/** API Method from legacy class method dom->del_domain()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: domain
* @return Alternc_Api_Response TRUE if the domain has been marked for deletion.
*/
function del($options) {
if (!isset($options["domain"])) {
return new Alternc_Api_Response( array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: DOMAIN") );
}
$result=$this->dom->del_domain($options["domain"]);
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response( array("content" => true ) );
}
}
/** API Method from legacy class method dom->add_domain()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: domain(str), dns(bool)
* non-mandatory: noerase(bool, only admins), force(bool, only admins), isslave(bool), slavedom(str)
* @return Alternc_Api_Response whose content is the newly created DOMAIN id
*/
function add($options) {
$mandatory = array("domain", "dns");
$defaults = array("noerase" => false, "force" => false, "isslave" => false, "slavedom" => "");
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
foreach ($defaults as $key => $value) {
if (!isset($options[$key])) {
$options[$key] = $value;
}
}
if (!$this->isAdmin) { // only admin can change the options below:
$options["noerase"] = false;
$options["force"] = false;
}
$did = $this->dom->add_domain($options["domain"], $options["dns"], $options["noerase"], $options["force"], $options["isslave"], $options["slavedom"]);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $did));
}
}
} // class Alternc_Api_Object_Domain
/** API Method from legacy class method dom->edit_domain()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: domain(str), dns(bool)
* non-mandatory: noerase(bool, only admins), force(bool, only admins), isslave(bool), slavedom(str)
* @return Alternc_Api_Response whose content is the newly created DOMAIN id
*/
function update($options) {
$mandatory = array("domain", "dns", "gesmx");
$defaults = array("force" => false, "ttl" => 86400);
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
foreach ($defaults as $key => $value) {
if (!isset($options[$key])) {
$options[$key] = $value;
}
}
if (!$this->isAdmin) { // only admin can change the options below:
$options["force"] = false;
}
$did = $this->dom->edit_domain($options["domain"], $options["dns"], $options["gesmx"], $options["force"], $options["ttl"]);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $did));
}
}
/** API Method from legacy class method dom->del_domain()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: domain
* @return Alternc_Api_Response TRUE if the domain has been marked for deletion.
*/
function del($options) {
if (!isset($options["domain"])) {
return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: DOMAIN"));
}
$result = $this->dom->del_domain($options["domain"]);
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => true));
}
}
}
// class Alternc_Api_Object_Domain

209
lib/Alternc/Api/Object/Ftp.php
View File

@ -4,112 +4,115 @@
* Ftp Api of AlternC, used by alternc-api package
*/
class Alternc_Api_Object_Ftp extends Alternc_Api_Legacyobject {
protected $ftp; // m_ftp instance
function __construct($service) {
global $ftp;
parent::__construct($service);
$this->ftp=$ftp;
}
/** API Method from legacy class method ftp->add_ftp()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: prefix, login, pass, dir
* @return Alternc_Api_Response whose content is the newly created UID
*/
function add($options) {
$mandatory=array("prefix","login","pass","dir");
$missing="";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key." ";
}
}
if ($missing) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ".$missing) );
}
$ftpid=$this->ftp->add_ftp($options["prefix"],$options["login"], $options["pass"], $options["dir"]);
if (!$ftpid) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response( array("content" => $ftpid ) );
}
}
protected $ftp; // m_ftp instance
function __construct($service) {
global $ftp;
parent::__construct($service);
$this->ftp = $ftp;
}
/** API Method from legacy class method ftp->put_ftp_details()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: id
* non-mandatory: prefix, login, pass, dir
* @return Alternc_Api_Response whose content is the updated UID
*/
function update($options) {
$defaults=array("prefix","login","dir");
if (!isset($options["id"])) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ID") );
}
$id=intval($options["id"]);
$old=$this->ftp->get_ftp_details($id);
if (!$old) {
return new Alternc_Api_Response( array("code" => self::ERR_NOT_FOUND, "message" => "FTP Account not found") );
}
foreach ($defaults as $key) {
if (!isset($options[$key])) {
$options[$key]=$old[$key];
}
}
if (!isset($options["pass"])) $options["pass"]="";
$result=$this->ftp->put_ftp_details($id, $options["prefix"], $options["login"], $options["pass"], $options["dir"]);
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response( array("content" => $result ) );
}
}
/** API Method from legacy class method ftp->add_ftp()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: prefix, login, pass, dir
* @return Alternc_Api_Response whose content is the newly created UID
*/
function add($options) {
$mandatory = array("prefix", "login", "pass", "dir");
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
$ftpid = $this->ftp->add_ftp($options["prefix"], $options["login"], $options["pass"], $options["dir"]);
if (!$ftpid) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $ftpid));
}
}
/** API Method from legacy class method ftp->del_ftp()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: id
* @return Alternc_Api_Response TRUE if the FTP account has been deleted.
*/
function del($options) {
if (!isset($options["id"])) {
return new Alternc_Api_Response( array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: ID") );
}
$result=$this->ftp->delete_ftp(intval($options["id"]));
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response( array("content" => true ) );
}
}
/** API Method from legacy class method ftp->put_ftp_details()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: id
* non-mandatory: prefix, login, pass, dir
* @return Alternc_Api_Response whose content is the updated UID
*/
function update($options) {
$defaults = array("prefix", "login", "dir");
if (!isset($options["id"])) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ID"));
}
$id = intval($options["id"]);
$old = $this->ftp->get_ftp_details($id);
if (!$old) {
return new Alternc_Api_Response(array("code" => self::ERR_NOT_FOUND, "message" => "FTP Account not found"));
}
foreach ($defaults as $key) {
if (!isset($options[$key])) {
$options[$key] = $old[$key];
}
}
if (!isset($options["pass"]))
$options["pass"] = "";
$result = $this->ftp->put_ftp_details($id, $options["prefix"], $options["login"], $options["pass"], $options["dir"]);
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $result));
}
}
/** API Method from legacy class method ftp->get_list()
* @param $options a hash with parameters transmitted to legacy call
* non-mandatory parameters:
* Any of: offset(int=0), count(int=+inf)
* @return Alternc_Api_Response An array with all matching FTP account informations as hashes
*/
function find($options) {
$result=$this->ftp->get_list();
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
$offset=-1; $count=-1;
if (isset($options["count"])) $count=intval($options["count"]);
if (isset($options["offset"])) $offset=intval($options["offset"]);
if ($offset!=-1 || $count!=-1) {
if ($offset<0 || $offset>count($result)) $offset=0;
if ($count<0 || $count>1000) $count=1000;
$result= array_slice($result, $offset, $count);
}
return new Alternc_Api_Response( array("content" =>$result) );
}
}
/** API Method from legacy class method ftp->del_ftp()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: id
* @return Alternc_Api_Response TRUE if the FTP account has been deleted.
*/
function del($options) {
if (!isset($options["id"])) {
return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: ID"));
}
$result = $this->ftp->delete_ftp(intval($options["id"]));
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => true));
}
}
} // class Alternc_Api_Object_Ftp
/** API Method from legacy class method ftp->get_list()
* @param $options a hash with parameters transmitted to legacy call
* non-mandatory parameters:
* Any of: offset(int=0), count(int=+inf)
* @return Alternc_Api_Response An array with all matching FTP account informations as hashes
*/
function find($options) {
$result = $this->ftp->get_list();
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
$offset = -1;
$count = -1;
if (isset($options["count"]))
$count = intval($options["count"]);
if (isset($options["offset"]))
$offset = intval($options["offset"]);
if ($offset != -1 || $count != -1) {
if ($offset < 0 || $offset > count($result))
$offset = 0;
if ($count < 0 || $count > 1000)
$count = 1000;
$result = array_slice($result, $offset, $count);
}
return new Alternc_Api_Response(array("content" => $result));
}
}
}
// class Alternc_Api_Object_Ftp

70
lib/Alternc/Api/Request.php
View File

@ -18,25 +18,28 @@ class Alternc_Api_Request {
* @var string a token hash (to be authenticated)
*/
public $token_hash;
/**
* must link to a Alternc_Api_Object_Interface
*
* @var string
*/
public $object;
/**
* must link to a Alternc_Api_Object_Interface method
*
* @var string
*/
public $action;
/**
* bag of data
*
* @var array
*/
public $options;
/**
*
* Bag of data
@ -45,59 +48,56 @@ class Alternc_Api_Request {
*/
public $metadata;
const ERR_MISSING_PARAMETER = 111801;
const ERR_MISSING_PARAMETER = 111801;
function __construct($options) {
// Attempts to retrieve object
if (isset($options["object"]) && is_string($options["object"])) {
$this->object = $options["object"];
} else {
throw new \Exception("Missing parameter object", self::ERR_MISSING_PARAMETER);
}
// Attempts to retrieve action
if (isset($options["action"]) && is_string($options["action"])) {
$this->action = $options["action"];
} else {
throw new \Exception("Missing parameter action", self::ERR_MISSING_PARAMETER);
}
// Attempts to retrieve options
if (isset($options["options"])) {
if (is_array($options)) {
$this->options = $options["options"];
} else {
throw new \Exception("Missing parameter options", self::ERR_MISSING_PARAMETER);
}
} else {
$this->options=array();
}
if (is_array($options)) {
$this->options = $options["options"];
} else {
throw new \Exception("Missing parameter options", self::ERR_MISSING_PARAMETER);
}
} else {
$this->options = array();
}
// Attempts to retrieve token
if (isset($options["token"])) {
if (is_a( $options["token"], Alternc_Api_Token)) {
$this->token = $options["token"];
} else {
throw new \Exception("Bad parameter token", self::ERR_MISSING_PARAMETER);
}
} else {
// Attempts to retrieve token_hash then
if (isset($options["token_hash"]) && is_string( $options["token_hash"])) {
$this->token_hash = $options["token_hash"];
} else {
throw new \Exception("Missing parameter token OR token_hash", self::ERR_MISSING_PARAMETER);
}
}
if (is_a($options["token"], Alternc_Api_Token)) {
$this->token = $options["token"];
} else {
throw new \Exception("Bad parameter token", self::ERR_MISSING_PARAMETER);
}
} else {
// Attempts to retrieve token_hash then
if (isset($options["token_hash"]) && is_string($options["token_hash"])) {
$this->token_hash = $options["token_hash"];
} else {
throw new \Exception("Missing parameter token OR token_hash", self::ERR_MISSING_PARAMETER);
}
}
// Attempts to retrieve metadata (eg: API version)
if (isset($options["metadata"])) {
$this->metadata = $options["metadata"];
}
}
}
}
}

41
lib/Alternc/Api/Response.php
View File

@ -6,65 +6,62 @@
*/
class Alternc_Api_Response {
/**
* Error codes
*/
const ERR_DISABLED_ACCOUNT = 221801;
const ERR_INVALID_AUTH = 221802;
/**
* Error codes
*/
const ERR_DISABLED_ACCOUNT = 221801;
const ERR_INVALID_AUTH = 221802;
/**
* Result code. 0 means success
*
* @var int
*/
public $code;
public $code;
/**
* Result message. May be empty
*
* @var string
*/
public $message;
/**
* Result data
*
* @var array
*/
public $content;
/**
* Result metadata
*
* @var array
*/
public $metadata;
public $metadata;
/**
* initialize a response object
* @param options any of the public above
*/
public function __construct($options=array()) {
$os=array("code","message","content","metadata");
foreach ($os as $o) {
if (isset($options[$o])) $this->$o=$options[$o];
}
public function __construct($options = array()) {
$os = array("code", "message", "content", "metadata");
foreach ($os as $o) {
if (isset($options[$o]))
$this->$o = $options[$o];
}
}
/**
* Formats response to json
*
* @return string
*/
public function toJson (){
public function toJson() {
return json_encode(get_object_vars($this));
}
}
} // class Alternc_Api_Response
// class Alternc_Api_Response

281
lib/Alternc/Api/Service.php
View File

@ -7,164 +7,159 @@
* Service API used by server to export API methods
*/
class Alternc_Api_Service {
public $db; // PDO object
private $loggerList; // List of loggers
private $allowedAuth; // list of allowed authenticators
public $token; // Token (useful for called classes)
public $db; // PDO object
private $loggerList; // List of loggers
private $allowedAuth; // list of allowed authenticators
public $token; // Token (useful for called classes)
const ERR_INVALID_ARGUMENT = 111801;
const ERR_METHOD_DENIED = 111802;
const ERR_INVALID_ANSWER = 111803;
const ERR_SETUID_FORBIDDEN = 111804;
const ERR_SETUID_USER_NOT_FOUND = 111805;
const ERR_OBJECT_NOT_FOUND = 111806;
const ERR_ACTION_NOT_FOUND = 111807;
const ERR_INVALID_TOKEN = 111808;
const ERR_INVALID_ARGUMENT = 111801;
const ERR_METHOD_DENIED = 111802;
const ERR_INVALID_ANSWER = 111803;
const ERR_SETUID_FORBIDDEN = 111804;
const ERR_SETUID_USER_NOT_FOUND = 111805;
const ERR_OBJECT_NOT_FOUND = 111806;
const ERR_ACTION_NOT_FOUND = 111807;
const ERR_INVALID_TOKEN = 111808;
/**
* Constructor of the Api Service Wrapper
*
* @param $options an hash with
* databaseAdapter: an already initialized PDO object
* see http://php.net/PDO
* loginAdapterList: (not mandatory) list of allowed authentication adapters (their codename)
* see Alternc/Api/Auth/*
* loggerAdapter: (not mandatory), a PSR3-Interface-compliant class or a list of it.
* see https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-3-logger-interface.md for more information
*
* @return create the object
*/
/**
* Constructor of the Api Service Wrapper
*
* @param $options an hash with
* databaseAdapter: an already initialized PDO object
* see http://php.net/PDO
* loginAdapterList: (not mandatory) list of allowed authentication adapters (their codename)
* see Alternc/Api/Auth/*
* loggerAdapter: (not mandatory), a PSR3-Interface-compliant class or a list of it.
* see https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-3-logger-interface.md for more information
*
* @return create the object
*/
function __construct($options) {
function __construct($options) {
// What DB shall we connect to?
// Note: it MUST be in this mode : $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
if (isset($options["databaseAdapter"]) && $options["databaseAdapter"] instanceof PDO) {
$this->db = $options["databaseAdapter"];
} else {
throw new \Exception("Missing required parameter databaseAdapter", self::ERR_INVALID_ARGUMENT);
}
// What DB shall we connect to?
// Note: it MUST be in this mode : $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
if (isset($options["databaseAdapter"]) && $options["databaseAdapter"] instanceof PDO) {
$this->db=$options["databaseAdapter"];
} else {
throw new \Exception("Missing required parameter databaseAdapter", self::ERR_INVALID_ARGUMENT);
// Which login is allowed?
$this->allowedAuth = array();
if (isset($options["loginAdapterList"]) && is_array($options["loginAdapterList"])) {
foreach ($options["loginAdapterList"] as $lal) {
$this->allowedAuth[] = (string) $lal;
}
}
// To which logger(s) shall we log to?
if (isset($options["loggerAdapter"])) {
if (!is_array($options["loggerAdapter"]))
$options["loggerAdapter"] = array($options["loggerAdapter"]);
foreach ($options["loggerAdapter"] as $la) {
if ($la instanceof Psr\Log\LoggerInterface)
$this->loggerList[] = $la;
}
}
}
// Which login is allowed?
$this->allowedAuth=array();
if (isset($options["loginAdapterList"]) && is_array($options["loginAdapterList"]) ) {
foreach($options["loginAdapterList"] as $lal) {
$this->allowedAuth[] = (string)$lal;
}
}
// __construct
// To which logger(s) shall we log to?
if (isset($options["loggerAdapter"])) {
if (!is_array($options["loggerAdapter"])) $options["loggerAdapter"]=array($options["loggerAdapter"]);
foreach($options["loggerAdapter"] as $la) {
if ($la instanceof Psr\Log\LoggerInterface)
$this->loggerList[]=$la;
}
/**
* Authenticate into an AlternC server
* @param $auth hash with
* method: string describing the authentication name (in Alternc_Api_Auth_xxx)
* options: array list of parameters for the corresponding auth.
* if 'uid' is set in the option hash, the account MUST be an administrator one
* and as a result, the returned Api_Token will be set to this UID and not the admin one.
* @return Alternc_Api_Token an API Token
*/
function auth($auth) {
if (!isset($auth["method"]) || !is_string($auth["method"])) {
throw new \Exception("Missing required parameter method", self::ERR_INVALID_ARGUMENT);
}
if (!isset($auth["options"]) || !is_array($auth["options"])) {
throw new \Exception("Missing required parameter options", self::ERR_INVALID_ARGUMENT);
}
if (count($this->allowedAuth) && !in_array($auth["method"], $this->allowedAuth)) {
throw new \Exception("Method not allowed", self::ERR_METHOD_DENIED);
}
if (isset($auth["options"]["uid"]) && !intval($auth["options"]["uid"])) {
throw new \Exception("Invalid UID", self::ERR_INVALID_ARGUMENT);
}
$adapterName = "Alternc_Api_Auth_" . ucfirst(strtolower($auth["method"]));
$authAdapter = new $adapterName($this);
$token = $authAdapter->auth($auth["options"]);
// something went wrong user-side
if ($token instanceof Alternc_Api_Response)
return $token;
// something went *really* wrong (bad type):
if (!$token instanceof Alternc_Api_Token)
throw new \Exception("Invalid answer from Api_Auth_Interface", self::ERR_INVALID_ANSWER);
if (isset($auth["options"]["uid"])) {
if (!$token->isAdmin) {
// Non-admin are not allowed to setuid
return new Alternc_Api_Response(array("code" => self::ERR_SETUID_FORBIDDEN, "message" => "This user is not allowed to set his uid"));
}
// Search for the requested user. We allow using *disabled* account here since we are admin
foreach ($this->db->query("SELECT uid FROM membres WHERE uid=" . intval($auth["options"]["uid"])) as $setuid) {
$token->uid = intval($setuid['uid']);
$stmt = $this->db->prepare("UPDATE token SET data=? WHERE token=?");
$stmt->execute(array($token->toJson(), $token->token));
return $token;
}
return new Alternc_Api_Response(array("code" => self::ERR_SETUID_USER_NOT_FOUND, "message" => "Can't find the user you want to setuid to"));
}
return $token;
}
} // __construct
/**
* Manage an API Call
* @param Alternc_Api_Request $request The API call
* the request must have "object" and "action" elements, and a "token" to authenticate
* "options" are sent as it is to the Api Call.
* @return Alternc_Api_Response an API response
*/
function call($request) {
if (!$request instanceof Alternc_Api_Request)
throw new \Exception("request must be an Alternc_Api_Request object", self::ERR_INVALID_ARGUMENT);
// we set the token in the Service object, so that other classes can use it :)
$this->token = Alternc_Api_Token::tokenGet($request->token_hash, $this->db);
if ($this->token instanceof Alternc_Api_Response) // bad token
return $this->token;
/**
* Authenticate into an AlternC server
* @param $auth hash with
* method: string describing the authentication name (in Alternc_Api_Auth_xxx)
* options: array list of parameters for the corresponding auth.
* if 'uid' is set in the option hash, the account MUST be an administrator one
* and as a result, the returned Api_Token will be set to this UID and not the admin one.
* @return Alternc_Api_Token an API Token
*/
function auth($auth) {
if (!isset($auth["method"]) || !is_string($auth["method"])) {
throw new \Exception("Missing required parameter method", self::ERR_INVALID_ARGUMENT);
}
if (!isset($auth["options"]) || !is_array($auth["options"])) {
throw new \Exception("Missing required parameter options", self::ERR_INVALID_ARGUMENT);
$className = "Alternc_Api_Object_" . ucfirst(strtolower($request->object));
if (!class_exists($className))
return new Alternc_Api_Response(array("code" => self::ERR_OBJECT_NOT_FOUND, "message" => "Object not found in this AlternC's instance"));
$object = new $className($this);
$action = $request->action;
if (!method_exists($object, $action))
return new Alternc_Api_Response(array("code" => self::ERR_ACTION_NOT_FOUND, "message" => "Action not found for this object in this AlternC's instance"));
$request->token = $this->token; // we receive $request->token_hash as a STRING, but we transmit its object as an Alternc_Api_Token.
// TODO: log this Api Call
return $object->$action($request->options);
}
if (count($this->allowedAuth) && !in_array($auth["method"],$this->allowedAuth)) {
throw new \Exception("Method not allowed", self::ERR_METHOD_DENIED);
}
if (isset($auth["options"]["uid"]) && !intval($auth["options"]["uid"])) {
throw new \Exception("Invalid UID", self::ERR_INVALID_ARGUMENT);
/**
* Getter for the databaseAdapter
* (used by authAdapter)
*/
function getDb() {
return $this->db;
}
$adapterName = "Alternc_Api_Auth_".ucfirst(strtolower($auth["method"]));
}
$authAdapter = new $adapterName($this);
$token = $authAdapter->auth($auth["options"]);
// something went wrong user-side
if ($token instanceof Alternc_Api_Response)
return $token;
// something went *really* wrong (bad type):
if (!$token instanceof Alternc_Api_Token)
throw new \Exception("Invalid answer from Api_Auth_Interface", self::ERR_INVALID_ANSWER);
if (isset($auth["options"]["uid"])) {
if (!$token->isAdmin) {
// Non-admin are not allowed to setuid
return new Alternc_Api_Response( array("code" => self::ERR_SETUID_FORBIDDEN, "message" => "This user is not allowed to set his uid") );
}
// Search for the requested user. We allow using *disabled* account here since we are admin
foreach($this->db->query("SELECT uid FROM membres WHERE uid=".intval($auth["options"]["uid"])) as $setuid) {
$token->uid=intval($setuid['uid']);
$stmt=$this->db->prepare("UPDATE token SET data=? WHERE token=?");
$stmt->execute(array( $token->toJson(), $token->token));
return $token;
}
return new Alternc_Api_Response( array("code" => self::ERR_SETUID_USER_NOT_FOUND, "message" => "Can't find the user you want to setuid to") );
}
return $token;
}
/**
* Manage an API Call
* @param Alternc_Api_Request $request The API call
* the request must have "object" and "action" elements, and a "token" to authenticate
* "options" are sent as it is to the Api Call.
* @return Alternc_Api_Response an API response
*/
function call($request) {
if (!$request instanceof Alternc_Api_Request)
throw new \Exception("request must be an Alternc_Api_Request object", self::ERR_INVALID_ARGUMENT);
// we set the token in the Service object, so that other classes can use it :)
$this->token = Alternc_Api_Token::tokenGet($request->token_hash,$this->db);
if ($this->token instanceof Alternc_Api_Response) // bad token
return $this->token;
$className = "Alternc_Api_Object_".ucfirst(strtolower($request->object));
if (!class_exists($className))
return new Alternc_Api_Response( array("code" => self::ERR_OBJECT_NOT_FOUND, "message" => "Object not found in this AlternC's instance") );
$object = new $className($this);
$action=$request->action;
if (!method_exists($object, $action))
return new Alternc_Api_Response( array("code" => self::ERR_ACTION_NOT_FOUND, "message" => "Action not found for this object in this AlternC's instance") );
$request->token=$this->token; // we receive $request->token_hash as a STRING, but we transmit its object as an Alternc_Api_Token.
// TODO: log this Api Call
return $object->$action($request->options);
}
/**
* Getter for the databaseAdapter
* (used by authAdapter)
*/
function getDb() {
return $this->db;
}
} // class Alternc_Api_Service
// class Alternc_Api_Service

122
lib/Alternc/Api/Token.php
View File

@ -6,34 +6,32 @@
*/
class Alternc_Api_Token {
const ERR_DATABASE_ERROR = 112001;
const ERR_INVALID_ARGUMENT = 112002;
const ERR_MISSING_ARGUMENT = 112003;
const ERR_INVALID_TOKEN = 112004;
const ERR_DATABASE_ERROR=112001;
const ERR_INVALID_ARGUMENT=112002;
const ERR_MISSING_ARGUMENT=112003;
const ERR_INVALID_TOKEN=112004;
/**
* AlternC User-Id
*
* @var int
*/
public $uid;
public $uid;
/**
* Is this an admin account ?
*
* @var boolean
*/
public $isAdmin;
/**
* The Token itself
*
* @var string
*/
public $token;
/**
* how long (seconds) is a token valid
*
@ -41,65 +39,59 @@ class Alternc_Api_Token {
*/
public $tokenDuration = 2678400; // default is a month
/**
* initialize a token object
* @param options any of the public above
* may contain a dbAdapter, in that case create() will be available
*/
public function __construct($options=array()) {
if (isset($options["uid"]) && is_int($options["uid"]))
$this->uid=$options["uid"];
public function __construct($options = array()) {
if (isset($options["isAdmin"]) && is_bool($options["isAdmin"]))
$this->isAdmin=$options["isAdmin"];
if (isset($options["uid"]) && is_int($options["uid"]))
$this->uid = $options["uid"];
if (isset($options["isAdmin"]) && is_bool($options["isAdmin"]))
$this->isAdmin = $options["isAdmin"];
}
/**
* Formats response to json
*
* @return string
*/
public function toJson (){
return json_encode(
array("uid"=>$this->uid,
"isAdmin" => $this->isAdmin,
"token" => $this->token)
);
public function toJson() {
return json_encode(
array("uid" => $this->uid,
"isAdmin" => $this->isAdmin,
"token" => $this->token)
);
}
/**
* Create a new token in the DB for the associated user/admin
*
* @return string the token (32 chars)
*/
public static function tokenGenerate($options,$db) {
if (!($db instanceof PDO)) {
throw new \Exception("No DB Object, can't create",self::ERR_DATABASE_ERROR);
}
if (!isset($options["uid"]) || !isset($options["isAdmin"])) {
throw new \Exception("Missing Arguments (uid,isAdmin)",self::ERR_MISSING_ARGUMENT);
}
$token=new Alternc_Api_Token($options);
public static function tokenGenerate($options, $db) {
if (!($db instanceof PDO)) {
throw new \Exception("No DB Object, can't create", self::ERR_DATABASE_ERROR);
}
if (!isset($options["uid"]) || !isset($options["isAdmin"])) {
throw new \Exception("Missing Arguments (uid,isAdmin)", self::ERR_MISSING_ARGUMENT);
}
do {
$token->token = $token->tokenRandom();
$stmt=$db->prepare("INSERT IGNORE INTO token SET token=?, expire=DATE_ADD(NOW(), INTERVAL ? SECOND), data=?");
$stmt->execute(array($token->token,$token->tokenDuration, $token->toJson()));
$rows = $stmt->rowCount();
} while ($rows==0); // prevent collisions
$token = new Alternc_Api_Token($options);
return $token;
do {
$token->token = $token->tokenRandom();
$stmt = $db->prepare("INSERT IGNORE INTO token SET token=?, expire=DATE_ADD(NOW(), INTERVAL ? SECOND), data=?");
$stmt->execute(array($token->token, $token->tokenDuration, $token->toJson()));
$rows = $stmt->rowCount();
} while ($rows == 0); // prevent collisions
return $token;
}
/**
* Check and return a token
* @param $token string a 32-chars token
@ -107,34 +99,34 @@ class Alternc_Api_Token {
*
* @return Alternc_Api_Token object or NULL
*/
public static function tokenGet($token,$db) {
if (!($db instanceof PDO)) {
throw new \Exception("No DB Object, can't create",self::ERR_DATABASE_ERROR);
}
if (!is_string($token) || !preg_match("#^[a-zA-Z0-9]{32}$#",$token)) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token") );
}
$stmt=$db->prepare("SELECT * FROM token WHERE token=?");
$stmt->execute(array($token));
if ( $tok=$stmt->fetch(PDO::FETCH_OBJ) ) {
return new Alternc_Api_Token( json_decode($tok->data,true) );
}
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token") );
public static function tokenGet($token, $db) {
if (!($db instanceof PDO)) {
throw new \Exception("No DB Object, can't create", self::ERR_DATABASE_ERROR);
}
if (!is_string($token) || !preg_match("#^[a-zA-Z0-9]{32}$#", $token)) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token"));
}
$stmt = $db->prepare("SELECT * FROM token WHERE token=?");
$stmt->execute(array($token));
if ($tok = $stmt->fetch(PDO::FETCH_OBJ)) {
return new Alternc_Api_Token(json_decode($tok->data, true));
}
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token"));
}
/**
* Generate a new random token
* @return string
*/
public function tokenRandom(){
$chars="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
$s="";
for($i=0;$i<32;$i++)
$s.=substr($chars,rand(0,61),1);
return $s;
public function tokenRandom() {
$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
$s = "";
for ($i = 0; $i < 32; $i++)
$s.=substr($chars, rand(0, 61), 1);
return $s;
}
} // class Alternc_Api_Response
}
// class Alternc_Api_Response