Rev 1277 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 1265 | daniel-mar | 1 | <?php |
| 2 | |||
| 3 | /* |
||
| 4 | * OIDplus 2.0 |
||
| 5 | * Copyright 2019 - 2023 Daniel Marschall, ViaThinkSoft |
||
| 6 | * |
||
| 7 | * Licensed under the Apache License, Version 2.0 (the "License"); |
||
| 8 | * you may not use this file except in compliance with the License. |
||
| 9 | * You may obtain a copy of the License at |
||
| 10 | * |
||
| 11 | * http://www.apache.org/licenses/LICENSE-2.0 |
||
| 12 | * |
||
| 13 | * Unless required by applicable law or agreed to in writing, software |
||
| 14 | * distributed under the License is distributed on an "AS IS" BASIS, |
||
| 15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||
| 16 | * See the License for the specific language governing permissions and |
||
| 17 | * limitations under the License. |
||
| 18 | */ |
||
| 19 | |||
| 20 | namespace ViaThinkSoft\OIDplus; |
||
| 21 | |||
| 22 | // TODO: should this be a different plugin type? A page without gui is weird! |
||
| 23 | // phpcs:disable PSR1.Files.SideEffects |
||
| 24 | \defined('INSIDE_OIDPLUS') or die; |
||
| 25 | // phpcs:enable PSR1.Files.SideEffects |
||
| 26 | |||
| 27 | class OIDplusPagePublicRestApi extends OIDplusPagePluginPublic { |
||
| 28 | |||
| 29 | /** |
||
| 30 | * @param string $request |
||
| 31 | * @return bool |
||
| 32 | * @throws OIDplusException |
||
| 33 | */ |
||
| 34 | public function handle404(string $request): bool { |
||
| 35 | |||
| 36 | if (!isset($_SERVER['REQUEST_URI']) || !isset($_SERVER["REQUEST_METHOD"])) return false; |
||
| 37 | |||
| 38 | $rel_url = substr($_SERVER['REQUEST_URI'], strlen(OIDplus::webpath(null, OIDplus::PATH_RELATIVE_TO_ROOT))); |
||
| 39 | $expect = 'rest/v1/'; |
||
| 40 | if (str_starts_with($rel_url, $expect)) { |
||
| 1296 | daniel-mar | 41 | originHeaders(); // Allows queries from other domains |
| 42 | OIDplus::authUtils()->disableCSRF(); // allow access to ajax.php without valid CSRF token |
||
| 43 | |||
| 1265 | daniel-mar | 44 | $rel_url = ltrim($rel_url, $expect); |
| 45 | |||
| 46 | $requestMethod = $_SERVER["REQUEST_METHOD"]; |
||
| 47 | |||
| 1296 | daniel-mar | 48 | if (!OIDplus::baseconfig()->getValue('DISABLE_REST_TRANSACTIONS',false) && OIDplus::db()->transaction_supported()) { |
| 49 | OIDplus::db()->transaction_begin(); |
||
| 50 | } |
||
| 1265 | daniel-mar | 51 | try { |
| 1275 | daniel-mar | 52 | $cont = @file_get_contents('php://input'); |
| 53 | $json_in = empty($cont) ? [] : @json_decode($cont, true); |
||
| 54 | if (!is_array($json_in)) throw new OIDplusException(_L('Invalid JSON data received'), null, 400); |
||
| 55 | |||
| 1265 | daniel-mar | 56 | $json_out = false; |
| 57 | foreach (OIDplus::getAllPlugins() as $plugin) { |
||
| 58 | if ($plugin instanceof INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_9) { |
||
| 1275 | daniel-mar | 59 | $json_out = $plugin->restApiCall($requestMethod, $rel_url, $json_in); |
| 1265 | daniel-mar | 60 | if ($json_out !== false) break; |
| 61 | } |
||
| 62 | } |
||
| 63 | if ($json_out === false) { |
||
| 1275 | daniel-mar | 64 | throw new OIDplusException(_L('REST endpoint not found'), null, 404); |
| 1265 | daniel-mar | 65 | } |
| 1277 | daniel-mar | 66 | if (!isset($json_out['status'])) { |
| 67 | $json_out['status'] = -1; // status -1 and -2 like in ajax.php |
||
| 68 | if (!isset($json_out['error'])) $json_out['error'] = _L('The plugin did not return a status value'); |
||
| 69 | } |
||
| 1276 | daniel-mar | 70 | if (!isset($json_out['status_bits'])) $json_out['status_bits'] = []; |
| 1296 | daniel-mar | 71 | if (!OIDplus::baseconfig()->getValue('DISABLE_REST_TRANSACTIONS',false) && OIDplus::db()->transaction_supported()) { |
| 72 | OIDplus::db()->transaction_commit(); |
||
| 73 | } |
||
| 1265 | daniel-mar | 74 | } catch (\Exception $e) { |
| 1296 | daniel-mar | 75 | if (!OIDplus::baseconfig()->getValue('DISABLE_REST_TRANSACTIONS',false) && OIDplus::db()->transaction_supported()) { |
| 76 | if (OIDplus::db()->transaction_supported()) OIDplus::db()->transaction_rollback(); |
||
| 77 | } |
||
| 1269 | daniel-mar | 78 | http_response_code($e instanceof OIDplusException ? $e->getHttpStatus() : 500); |
| 1276 | daniel-mar | 79 | $json_out = array("status" => -2, "status_bits" => [], "error" => $e->getMessage()); |
| 1265 | daniel-mar | 80 | } |
| 81 | |||
| 82 | OIDplus::invoke_shutdown(); |
||
| 83 | @header('Content-Type:application/json; charset=utf-8'); |
||
| 84 | echo json_encode($json_out); |
||
| 85 | die(); // return true; |
||
| 86 | } |
||
| 87 | |||
| 88 | return false; |
||
| 89 | } |
||
| 90 | |||
| 91 | } |