adding token_hash to Request, fixing token vs. token_hash paradigm/transtyping
This commit is contained in:
Benjamin Sonntag
parent
0897effdc7
commit
bde156f63d
|
|
@ -9,9 +9,15 @@ class Alternc_Api_Request {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* @var Alternc_Api_Token
|
* @var Alternc_Api_Token object
|
||||||
*/
|
*/
|
||||||
public $token;
|
public $token;
|
||||||
|
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* @var string a token hash (to be authenticated)
|
||||||
|
*/
|
||||||
|
public $token_hash;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* must link to a Alternc_Api_Object_Interface
|
* must link to a Alternc_Api_Object_Interface
|
||||||
|
|
@ -44,36 +50,49 @@ class Alternc_Api_Request {
|
||||||
|
|
||||||
function __construct($options) {
|
function __construct($options) {
|
||||||
|
|
||||||
|
|
||||||
// Attempts to retrieve object
|
// Attempts to retrieve object
|
||||||
if (isset($options["object"]) && !is_null($options["object"])) {
|
if (isset($options["object"]) && is_string($options["object"])) {
|
||||||
$this->object = $options["object"];
|
$this->object = $options["object"];
|
||||||
} else {
|
} else {
|
||||||
throw new \Exception("Missing parameter object", self::ERR_MISSING_PARAMETER);
|
throw new \Exception("Missing parameter object", self::ERR_MISSING_PARAMETER);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Attempts to retrieve token
|
|
||||||
if (isset($options["token"]) && is_a( $options["token"], Alternc_Api_Token)) {
|
|
||||||
$this->token = $options["token"];
|
|
||||||
} else {
|
|
||||||
throw new \Exception("Missing parameter token", self::ERR_MISSING_PARAMETER);
|
|
||||||
}
|
|
||||||
|
|
||||||
// Attempts to retrieve action
|
// Attempts to retrieve action
|
||||||
if (isset($options["action"]) && $var ) {
|
if (isset($options["action"]) && is_string($options["action"])) {
|
||||||
$this->action = $options["action"];
|
$this->action = $options["action"];
|
||||||
} else {
|
} else {
|
||||||
throw new \Exception("Missing parameter action", self::ERR_MISSING_PARAMETER);
|
throw new \Exception("Missing parameter action", self::ERR_MISSING_PARAMETER);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Attempts to retrieve options
|
// Attempts to retrieve options
|
||||||
if (isset($options["options"]) && is_array($options)) {
|
if (isset($options["options"])) {
|
||||||
|
if (is_array($options)) {
|
||||||
$this->options = $options["options"];
|
$this->options = $options["options"];
|
||||||
} else {
|
} else {
|
||||||
throw new \Exception("Missing parameter options", self::ERR_MISSING_PARAMETER);
|
throw new \Exception("Missing parameter options", self::ERR_MISSING_PARAMETER);
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
$this->options=array();
|
||||||
|
}
|
||||||
|
|
||||||
// Attempts to retrieve metadata
|
// Attempts to retrieve token
|
||||||
|
if (isset($options["token"])) {
|
||||||
|
if (is_a( $options["token"], Alternc_Api_Token)) {
|
||||||
|
$this->token = $options["token"];
|
||||||
|
} else {
|
||||||
|
throw new \Exception("Bad parameter token", self::ERR_MISSING_PARAMETER);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
// Attempts to retrieve token_hash then
|
||||||
|
if (isset($options["token_hash"]) && is_string( $options["token_hash"])) {
|
||||||
|
$this->token_hash = $options["token_hash"];
|
||||||
|
} else {
|
||||||
|
throw new \Exception("Missing parameter token OR token_hash", self::ERR_MISSING_PARAMETER);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Attempts to retrieve metadata (eg: API version)
|
||||||
if (isset($options["metadata"])) {
|
if (isset($options["metadata"])) {
|
||||||
$this->metadata = $options["metadata"];
|
$this->metadata = $options["metadata"];
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -18,6 +18,9 @@ class Alternc_Api_Service {
|
||||||
const ERR_INVALID_ANSWER = 111803;
|
const ERR_INVALID_ANSWER = 111803;
|
||||||
const ERR_SETUID_FORBIDDEN = 111804;
|
const ERR_SETUID_FORBIDDEN = 111804;
|
||||||
const ERR_SETUID_USER_NOT_FOUND = 111805;
|
const ERR_SETUID_USER_NOT_FOUND = 111805;
|
||||||
|
const ERR_OBJECT_NOT_FOUND = 111806;
|
||||||
|
const ERR_ACTION_NOT_FOUND = 111807;
|
||||||
|
const ERR_INVALID_TOKEN = 111808;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructor of the Api Service Wrapper
|
* Constructor of the Api Service Wrapper
|
||||||
|
|
@ -119,11 +122,33 @@ class Alternc_Api_Service {
|
||||||
/**
|
/**
|
||||||
* Manage an API Call
|
* Manage an API Call
|
||||||
* @param Alternc_Api_Request $request The API call
|
* @param Alternc_Api_Request $request The API call
|
||||||
|
* the request must have "object" and "action" elements, and a "token" to authenticate
|
||||||
|
* "options" are sent as it is to the Api Call.
|
||||||
* @return Alternc_Api_Response an API response
|
* @return Alternc_Api_Response an API response
|
||||||
*/
|
*/
|
||||||
function call($request) {
|
function call($request) {
|
||||||
|
if (!$request instanceof Alternc_Api_Request)
|
||||||
|
throw new \Exception("request must be an Alternc_Api_Request object", self::ERR_INVALID_ARGUMENT);
|
||||||
|
|
||||||
|
|
||||||
|
$token = Alternc_Api_Token::tokenGet($request->token_hash,$this->db);
|
||||||
|
if ($token instanceof Alternc_Api_Response) // bad token
|
||||||
|
return $token;
|
||||||
|
|
||||||
|
$className = "Alternc_Api_Object_".ucfirst(strtolower($request->object));
|
||||||
|
if (!class_exists($className))
|
||||||
|
return new Alternc_Api_Response( array("code" => self::ERR_OBJECT_NOT_FOUND, "message" => "Object not found in this AlternC's instance") );
|
||||||
|
|
||||||
return new Alternc_Api_Response();
|
$object = new $className($this);
|
||||||
|
|
||||||
|
$action=$request->action;
|
||||||
|
if (!method_exists($object, $action))
|
||||||
|
return new Alternc_Api_Response( array("code" => self::ERR_ACTiON_NOT_FOUND, "message" => "Action not found for this object in this AlternC's instance") );
|
||||||
|
|
||||||
|
$request->token=$token; // we receive $request->token_hash as a STRING, but we transmit its object as an Alternc_Api_Token.
|
||||||
|
|
||||||
|
// TODO: log this Api Call
|
||||||
|
return $object->$action($request);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,7 @@ class Alternc_Api_Token {
|
||||||
const ERR_DATABASE_ERROR=112001;
|
const ERR_DATABASE_ERROR=112001;
|
||||||
const ERR_INVALID_ARGUMENT=112002;
|
const ERR_INVALID_ARGUMENT=112002;
|
||||||
const ERR_MISSING_ARGUMENT=112003;
|
const ERR_MISSING_ARGUMENT=112003;
|
||||||
|
const ERR_INVALID_TOKEN=112004;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* AlternC User-Id
|
* AlternC User-Id
|
||||||
|
|
@ -110,7 +111,7 @@ class Alternc_Api_Token {
|
||||||
throw new \Exception("No DB Object, can't create",self::ERR_DATABASE_ERROR);
|
throw new \Exception("No DB Object, can't create",self::ERR_DATABASE_ERROR);
|
||||||
}
|
}
|
||||||
if (!is_string($token) || !preg_match("#^[a-zA-Z0-9]{32}$#",$token)) {
|
if (!is_string($token) || !preg_match("#^[a-zA-Z0-9]{32}$#",$token)) {
|
||||||
throw new \Exception("Invalid argument (token)",self::ERR_INVALID_ARGUMENT);
|
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token") );
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach($db->query("SELECT * FROM token WHERE token=?", array($token)) as $tok) {
|
foreach($db->query("SELECT * FROM token WHERE token=?", array($token)) as $tok) {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue