Rev 944 | Go to most recent revision | Details | Last modification | View Log | RSS feed
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 943 | daniel-mar | 1 | <?php |
| 2 | |||
| 3 | /* |
||
| 4 | * OIDplus 2.0 RDAP |
||
| 5 | * Copyright 2019 - 2022 Daniel Marschall, ViaThinkSoft |
||
| 6 | * Authors Daniel Marschall, ViaThinkSoft |
||
| 7 | * Till Wehowski, Frdlweb |
||
| 8 | * |
||
| 9 | * Licensed under the Apache License, Version 2.0 (the "License"); |
||
| 10 | * you may not use this file except in compliance with the License. |
||
| 11 | * You may obtain a copy of the License at |
||
| 12 | * |
||
| 13 | * http://www.apache.org/licenses/LICENSE-2.0 |
||
| 14 | * |
||
| 15 | * Unless required by applicable law or agreed to in writing, software |
||
| 16 | * distributed under the License is distributed on an "AS IS" BASIS, |
||
| 17 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||
| 18 | * See the License for the specific language governing permissions and |
||
| 19 | * limitations under the License. |
||
| 20 | */ |
||
| 21 | |||
| 22 | if (!defined('INSIDE_OIDPLUS')) die(); |
||
| 23 | |||
| 24 | class OIDplusRDAP { |
||
| 25 | |||
| 26 | protected $rdapBaseUri; |
||
| 27 | protected $useCache; |
||
| 28 | protected $rdapCacheDir; |
||
| 29 | protected $rdapCacheExpires; |
||
| 30 | |||
| 31 | public function __construct() { |
||
| 32 | $this->rdapBaseUri = OIDplus::baseConfig()->getValue('RDAP_BASE_URI', OIDplus::webpath() ); |
||
| 33 | $this->useCache = OIDplus::baseConfig()->getValue('RDAP_CACHE_ENABLED', false ); |
||
| 34 | $this->rdapCacheDir = OIDplus::baseConfig()->getValue('CACHE_DIRECTORY_OIDplusPagePublicRdap', \sys_get_temp_dir().\DIRECTORY_SEPARATOR ); |
||
| 35 | $this->rdapCacheExpires = OIDplus::baseConfig()->getValue('CACHE_EXPIRES_OIDplusPagePublicRdap', 60 * 3 ); |
||
| 36 | } |
||
| 37 | |||
| 38 | public function rdapQuery($query) { |
||
| 39 | $query = str_replace('oid:.', 'oid:', $query); |
||
| 40 | $n = explode(':', $query); |
||
| 41 | if(2>count($n)){ |
||
| 42 | array_unshift($n, 'oid'); |
||
| 43 | $query = 'oid:'.$query; |
||
| 44 | } |
||
| 45 | $ns = $n[0]; |
||
| 46 | |||
| 47 | if(true === $this->useCache){ |
||
| 48 | $cacheFile = $this->rdapCacheDir. 'oidplus-rdap-' |
||
| 49 | .sha1(\get_current_user() |
||
| 50 | . $this->rdapBaseUri.__FILE__.$query |
||
| 51 | .OIDplus::baseConfig()->getValue('SERVER_SECRET', sha1(__FILE__.\get_current_user()) ) |
||
| 52 | ) |
||
| 53 | .'.' |
||
| 54 | .strlen( $this->rdapBaseUri.$query ) |
||
| 55 | .'.php' |
||
| 56 | ; |
||
| 57 | |||
| 58 | $this->rdap_read_cache($cacheFile, $this->rdapCacheExpires); |
||
| 59 | }else{ |
||
| 60 | $cacheFile = false; |
||
| 61 | } |
||
| 62 | |||
| 63 | if (!is_null(OIDplus::getPluginByOid("1.3.6.1.4.1.37553.8.1.8.8.53354196964.641310544"))) { // OIDplusPagePublicAltIds |
||
| 64 | $res = OIDplus::db()->query("select * from ###alt_ids where alt = ? AND ns = ?", [$n[1], $ns]); |
||
| 65 | $alt = $res ? $res->fetch_object() : null; |
||
| 66 | if(null !== $alt){ |
||
| 67 | $query = $alt->id; |
||
| 68 | $n = explode(':', $query); |
||
| 69 | if(2>count($n)){ |
||
| 70 | array_unshift($n, 'oid'); |
||
| 71 | $query = 'oid:'.$query; |
||
| 72 | } |
||
| 73 | $ns = $n[0]; |
||
| 74 | } |
||
| 75 | } |
||
| 76 | |||
| 77 | $out = []; |
||
| 78 | |||
| 79 | try { |
||
| 80 | $obj = OIDplusObject::findFitting($query); |
||
| 81 | if (!$obj) $obj = OIDplusObject::parse($query); |
||
| 82 | $query = $obj->nodeId(); |
||
| 83 | } catch (Exception $e) { |
||
| 84 | $obj = null; |
||
| 85 | } |
||
| 86 | |||
| 87 | if(null === $obj){ |
||
| 88 | $out['error'] = 'Not found'; |
||
| 89 | if(true === $this->useCache){ |
||
| 90 | $this->rdap_write_cache($out, $cacheFile); |
||
| 91 | } |
||
| 92 | $this->rdap_out($out); |
||
| 93 | } |
||
| 94 | |||
| 95 | $res = OIDplus::db()->query("select * from ###objects where id = ?", [$query]); |
||
| 96 | $data = $res ? $res->fetch_object() : null; |
||
| 97 | if(null === $data){ |
||
| 98 | $out['error'] = 'Not found'; |
||
| 99 | if(true === $this->useCache){ |
||
| 100 | $this->rdap_write_cache($out, $cacheFile); |
||
| 101 | } |
||
| 102 | $this->rdap_out($out); |
||
| 103 | } |
||
| 104 | |||
| 105 | $obj = OIDplusObject::parse($data->id); |
||
| 106 | |||
| 107 | $whois_server = ''; |
||
| 108 | if (OIDplus::config()->getValue('individual_whois_server', '') != '') { |
||
| 109 | $whois_server = OIDplus::config()->getValue('individual_whois_server', ''); |
||
| 110 | } |
||
| 111 | else if (OIDplus::config()->getValue('vts_whois', '') != '') { |
||
| 112 | $whois_server = OIDplus::config()->getValue('vts_whois', ''); |
||
| 113 | } |
||
| 114 | if (!empty($whois_server)) { |
||
| 115 | list($whois_host, $whois_port) = explode(':',"$whois_server:43"); |
||
| 116 | if ($whois_port === '43') $out['port43'] = $whois_host; |
||
| 117 | } |
||
| 118 | |||
| 119 | $parentHandle=$obj->one_up(); |
||
| 120 | |||
| 121 | $out['name'] = $obj->nodeId(true); |
||
| 122 | $out['objectClassName'] = $ns; |
||
| 123 | $out['handle'] = $ns.':'.$n[1]; |
||
| 124 | $out['parentHandle'] = (null !== $parentHandle && is_callable([$parentHandle, 'nodeId']) ) |
||
| 125 | ? $obj->one_up()->nodeId(true) |
||
| 126 | : null; |
||
| 127 | |||
| 128 | $out['rdapConformance'] = [ |
||
| 129 | "rdap_level_0", //https://datatracker.ietf.org/doc/html/rfc9083 |
||
| 130 | ]; |
||
| 131 | $out['links'] = [ |
||
| 132 | [ |
||
| 133 | "href"=> 'https://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'], |
||
| 134 | "type"=> "application/rdap+json", |
||
| 135 | "title"=> sprintf("Information about the %s %s", $ns, $n[1]), |
||
| 136 | "value"=> $this->rdapBaseUri.$ns.'/'.$n[1], |
||
| 137 | "rel"=> "self" |
||
| 138 | ], |
||
| 139 | [ |
||
| 140 | "href"=> OIDplus::webpath()."?goto=".urlencode($query), |
||
| 141 | "type"=> "text/html", |
||
| 142 | "title"=> sprintf("Information about the %s %s in the online repository", $ns, $n[1]), |
||
| 143 | "value"=> OIDplus::webpath()."?goto=".urlencode($query), |
||
| 144 | "rel"=> "alternate" |
||
| 145 | ] |
||
| 146 | ]; |
||
| 147 | $out['remarks'] = [ |
||
| 148 | [ |
||
| 149 | "title"=>"Availability", |
||
| 150 | "description"=> [ |
||
| 151 | sprintf("The %s %s is known.", strtoupper($ns), $n[1]), |
||
| 152 | ], |
||
| 153 | "links"=> [] |
||
| 154 | ], |
||
| 155 | [ |
||
| 156 | "title"=>"Description", |
||
| 157 | "description"=> [ |
||
| 158 | ($obj->isConfidential()) ? 'REDACTED FOR PRIVACY' : $data->description, |
||
| 159 | ], |
||
| 160 | "links"=> [ |
||
| 161 | [ |
||
| 162 | "href"=> OIDplus::webpath()."?goto=".urlencode($query), |
||
| 163 | "type"=> "text/html", |
||
| 164 | "title"=> sprintf("Information about the %s %s in the online repository", $ns, $n[1]), |
||
| 165 | "value"=> OIDplus::webpath()."?goto=".urlencode($query), |
||
| 166 | "rel"=> "alternate" |
||
| 167 | ] |
||
| 168 | ] |
||
| 169 | ], |
||
| 170 | |||
| 171 | ]; |
||
| 172 | |||
| 173 | if (!is_null(OIDplus::getPluginByOid("1.3.6.1.4.1.37476.2.5.2.4.1.100"))) { // OIDplusPagePublicWhois |
||
| 174 | $oidIPUrl = OIDplus::webpath().'plugins/viathinksoft/publicPages/100_whois/whois/webwhois.php?query='.urlencode($query); |
||
| 175 | |||
| 176 | $oidip_generator = new OIDplusOIDIP(); |
||
| 177 | |||
| 178 | list($oidIP, $dummy_content_type) = $oidip_generator->oidipQuery($query); |
||
| 179 | |||
| 180 | $out['remarks'][] = [ |
||
| 181 | "title" => "OID-IP Result", |
||
| 182 | "description" => $oidIP, |
||
| 183 | "links" => [ |
||
| 184 | [ |
||
| 185 | "href"=> $oidIPUrl, |
||
| 186 | "type"=> "text/plain", |
||
| 187 | "title"=> sprintf("OIDIP Result for the %s %s (Plaintext)", $ns, $n[1]), |
||
| 188 | "value"=> $oidIPUrl, |
||
| 189 | "rel"=> "alternate" |
||
| 190 | ], |
||
| 191 | [ |
||
| 192 | "href"=> "$oidIPUrl\$format=json", |
||
| 193 | "type"=> "application/json", |
||
| 194 | "title"=> sprintf("OIDIP Result for the %s %s (JSON)", $ns, $n[1]), |
||
| 195 | "value"=> "$oidIPUrl\$format=json", |
||
| 196 | "rel"=> "alternate" |
||
| 197 | ], |
||
| 198 | [ |
||
| 199 | "href"=> "$oidIPUrl\$format=xml", |
||
| 200 | "type"=> "application/xml", |
||
| 201 | "title"=> sprintf("OIDIP Result for the %s %s (XML)", $ns, $n[1]), |
||
| 202 | "value"=> "$oidIPUrl\$format=xml", |
||
| 203 | "rel"=> "alternate" |
||
| 204 | ] |
||
| 205 | ] |
||
| 206 | ]; |
||
| 207 | |||
| 208 | list($oidIPJSON, $dummy_content_type) = $oidip_generator->oidipQuery("$query\$format=json"); |
||
| 209 | $out['oidplus_oidip'] = json_decode($oidIPJSON); |
||
| 210 | } |
||
| 211 | |||
| 212 | $out['notices']=[ |
||
| 213 | [ |
||
| 214 | "title" => "Authentication Policy", |
||
| 215 | "description" => |
||
| 216 | [ |
||
| 217 | "Access to sensitive data for users with proper credentials." |
||
| 218 | ], |
||
| 219 | "links" => |
||
| 220 | [ |
||
| 221 | [ |
||
| 222 | "value" => $this->rdapBaseUri."help", |
||
| 223 | "rel" => "alternate", |
||
| 224 | "type" => "text/html", |
||
| 225 | "href" => OIDplus::webpath()."?goto=oidplus%3Aresources%24OIDplus%2Fprivacy_documentation.html" |
||
| 226 | ] |
||
| 227 | ] |
||
| 228 | ] |
||
| 229 | ]; |
||
| 230 | |||
| 231 | if($obj->isConfidential()){ |
||
| 232 | $out['remarks'][1]['type'] = "result set truncated due to authorization"; |
||
| 233 | } |
||
| 234 | |||
| 235 | $out['statuses']=[ |
||
| 236 | 'active', |
||
| 237 | ]; |
||
| 238 | |||
| 239 | |||
| 240 | if(true === $this->useCache){ |
||
| 241 | $this->rdap_write_cache($out, $cacheFile); |
||
| 242 | } |
||
| 243 | $this->rdap_out($out); |
||
| 244 | } |
||
| 245 | |||
| 246 | protected function rdap_write_cache($out, $cacheFile){ |
||
| 247 | if(!is_string($cacheFile)){ |
||
| 248 | return; |
||
| 249 | } |
||
| 250 | $exp = var_export($out, true); |
||
| 251 | $code = <<<PHPCODE |
||
| 252 | <?php |
||
| 253 | return $exp; |
||
| 254 | PHPCODE; |
||
| 255 | |||
| 256 | file_put_contents($cacheFile, $code); |
||
| 257 | touch($cacheFile); |
||
| 258 | } |
||
| 259 | |||
| 260 | protected function rdap_read_cache($cacheFile, $rdapCacheExpires){ |
||
| 261 | if(is_string($cacheFile) && file_exists($cacheFile) && filemtime($cacheFile) >= time() - $rdapCacheExpires ){ |
||
| 262 | $out = include $cacheFile; |
||
| 263 | if(is_array($out) || is_object($out)){ |
||
| 264 | $this->rdap_out($out); |
||
| 265 | } |
||
| 266 | } |
||
| 267 | } |
||
| 268 | |||
| 269 | protected function rdap_out($out){ |
||
| 270 | originHeaders(); |
||
| 271 | header('Content-Type: application/rdap+json'); |
||
| 272 | echo json_encode($out); |
||
| 273 | exit; |
||
| 274 | } |
||
| 275 | |||
| 276 | } |