Rev 1277 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
1265 | daniel-mar | 1 | <?php |
2 | |||
3 | /* |
||
4 | * OIDplus 2.0 |
||
5 | * Copyright 2019 - 2023 Daniel Marschall, ViaThinkSoft |
||
6 | * |
||
7 | * Licensed under the Apache License, Version 2.0 (the "License"); |
||
8 | * you may not use this file except in compliance with the License. |
||
9 | * You may obtain a copy of the License at |
||
10 | * |
||
11 | * http://www.apache.org/licenses/LICENSE-2.0 |
||
12 | * |
||
13 | * Unless required by applicable law or agreed to in writing, software |
||
14 | * distributed under the License is distributed on an "AS IS" BASIS, |
||
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||
16 | * See the License for the specific language governing permissions and |
||
17 | * limitations under the License. |
||
18 | */ |
||
19 | |||
20 | namespace ViaThinkSoft\OIDplus; |
||
21 | |||
22 | // TODO: should this be a different plugin type? A page without gui is weird! |
||
23 | // phpcs:disable PSR1.Files.SideEffects |
||
24 | \defined('INSIDE_OIDPLUS') or die; |
||
25 | // phpcs:enable PSR1.Files.SideEffects |
||
26 | |||
27 | class OIDplusPagePublicRestApi extends OIDplusPagePluginPublic { |
||
28 | |||
29 | /** |
||
30 | * @param string $request |
||
31 | * @return bool |
||
32 | * @throws OIDplusException |
||
33 | */ |
||
34 | public function handle404(string $request): bool { |
||
35 | |||
36 | if (!isset($_SERVER['REQUEST_URI']) || !isset($_SERVER["REQUEST_METHOD"])) return false; |
||
37 | |||
38 | $rel_url = substr($_SERVER['REQUEST_URI'], strlen(OIDplus::webpath(null, OIDplus::PATH_RELATIVE_TO_ROOT))); |
||
39 | $expect = 'rest/v1/'; |
||
40 | if (str_starts_with($rel_url, $expect)) { |
||
1296 | daniel-mar | 41 | originHeaders(); // Allows queries from other domains |
42 | OIDplus::authUtils()->disableCSRF(); // allow access to ajax.php without valid CSRF token |
||
43 | |||
1265 | daniel-mar | 44 | $rel_url = ltrim($rel_url, $expect); |
45 | |||
46 | $requestMethod = $_SERVER["REQUEST_METHOD"]; |
||
47 | |||
1296 | daniel-mar | 48 | if (!OIDplus::baseconfig()->getValue('DISABLE_REST_TRANSACTIONS',false) && OIDplus::db()->transaction_supported()) { |
49 | OIDplus::db()->transaction_begin(); |
||
50 | } |
||
1265 | daniel-mar | 51 | try { |
1275 | daniel-mar | 52 | $cont = @file_get_contents('php://input'); |
53 | $json_in = empty($cont) ? [] : @json_decode($cont, true); |
||
54 | if (!is_array($json_in)) throw new OIDplusException(_L('Invalid JSON data received'), null, 400); |
||
55 | |||
1265 | daniel-mar | 56 | $json_out = false; |
57 | foreach (OIDplus::getAllPlugins() as $plugin) { |
||
58 | if ($plugin instanceof INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_9) { |
||
1275 | daniel-mar | 59 | $json_out = $plugin->restApiCall($requestMethod, $rel_url, $json_in); |
1265 | daniel-mar | 60 | if ($json_out !== false) break; |
61 | } |
||
62 | } |
||
63 | if ($json_out === false) { |
||
1275 | daniel-mar | 64 | throw new OIDplusException(_L('REST endpoint not found'), null, 404); |
1265 | daniel-mar | 65 | } |
1277 | daniel-mar | 66 | if (!isset($json_out['status'])) { |
67 | $json_out['status'] = -1; // status -1 and -2 like in ajax.php |
||
68 | if (!isset($json_out['error'])) $json_out['error'] = _L('The plugin did not return a status value'); |
||
69 | } |
||
1276 | daniel-mar | 70 | if (!isset($json_out['status_bits'])) $json_out['status_bits'] = []; |
1296 | daniel-mar | 71 | if (!OIDplus::baseconfig()->getValue('DISABLE_REST_TRANSACTIONS',false) && OIDplus::db()->transaction_supported()) { |
72 | OIDplus::db()->transaction_commit(); |
||
73 | } |
||
1265 | daniel-mar | 74 | } catch (\Exception $e) { |
1296 | daniel-mar | 75 | if (!OIDplus::baseconfig()->getValue('DISABLE_REST_TRANSACTIONS',false) && OIDplus::db()->transaction_supported()) { |
76 | if (OIDplus::db()->transaction_supported()) OIDplus::db()->transaction_rollback(); |
||
77 | } |
||
1269 | daniel-mar | 78 | http_response_code($e instanceof OIDplusException ? $e->getHttpStatus() : 500); |
1276 | daniel-mar | 79 | $json_out = array("status" => -2, "status_bits" => [], "error" => $e->getMessage()); |
1265 | daniel-mar | 80 | } |
81 | |||
82 | OIDplus::invoke_shutdown(); |
||
83 | @header('Content-Type:application/json; charset=utf-8'); |
||
84 | echo json_encode($json_out); |
||
85 | die(); // return true; |
||
86 | } |
||
87 | |||
88 | return false; |
||
89 | } |
||
90 | |||
91 | } |