Subversion Repositories oidplus

Compare Revisions

No changes between revisions

Regard whitespace Rev 1264 → Rev 1265

/trunk/plugins/viathinksoft/adminPages/911_rest_api/OIDplusPageAdminRestApi.class.php
0,0 → 1,156
<?php
 
/*
* OIDplus 2.0
* Copyright 2019 - 2023 Daniel Marschall, ViaThinkSoft
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
 
// ATTENTION: If you change something, please make sure that the changes
// are synchronous with OIDplusPageRaRestApi
 
namespace ViaThinkSoft\OIDplus;
 
// phpcs:disable PSR1.Files.SideEffects
\defined('INSIDE_OIDPLUS') or die;
// phpcs:enable PSR1.Files.SideEffects
 
class OIDplusPageAdminRestApi extends OIDplusPagePluginAdmin {
 
/**
* @param string $actionID
* @param array $params
* @return array
* @throws OIDplusException
*/
public function action(string $actionID, array $params): array {
if ($actionID == 'blacklistJWT') {
if (!OIDplus::authUtils()->isAdminLoggedIn()) {
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')));
}
 
if (!OIDplus::baseConfig()->getValue('JWT_ALLOW_REST_ADMIN', true)) {
throw new OIDplusException(_L('The administrator has disabled this feature. (Base configuration setting %1).','JWT_ALLOW_REST_ADMIN'));
}
 
$gen = OIDplusAuthContentStoreJWT::JWT_GENERATOR_REST;
$sub = 'admin';
 
OIDplusAuthContentStoreJWT::jwtBlacklist($gen, $sub);
 
return array("status" => 0);
} else {
return parent::action($actionID, $params);
}
}
 
/**
* @param string $id
* @param array $out
* @param bool $handled
* @return void
* @throws OIDplusException
*/
public function gui(string $id, array &$out, bool &$handled) {
if ($id === 'oidplus:rest_api_information_admin') {
$handled = true;
$out['title'] = _L('REST API');
$out['icon'] = file_exists(__DIR__.'/img/main_icon.png') ? OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon.png' : '';
 
if (!OIDplus::authUtils()->isAdminLoggedIn()) {
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), $out['title']);
}
 
if (!OIDplus::baseConfig()->getValue('JWT_ALLOW_REST_ADMIN', true)) {
throw new OIDplusException(_L('The administrator has disabled this feature. (Base configuration setting %1).','JWT_ALLOW_REST_ADMIN'), $out['title']);
}
 
$gen = OIDplusAuthContentStoreJWT::JWT_GENERATOR_REST;
$sub = 'admin';
 
$authSimulation = new OIDplusAuthContentStoreJWT();
$authSimulation->adminLogin();
$authSimulation->setValue('oidplus_generator', $gen);
$token = $authSimulation->getJWTToken();
 
$out['text'] .= '<p>'._L('You can make automated calls to your OIDplus account by calling an REST API.').'</p>';
$out['text'] .= '<h2>'._L('Endpoints').'</h2>';
$endpoints = '';
foreach (OIDplus::getAllPlugins() as $plugin) {
if ($plugin instanceof INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_9) {
$endpoints .= $plugin->restApiInfo('html');
}
}
if ($endpoints) {
$out['text'] .= '<p>'._L('The following endpoints are registered by the plugins in this system:').'</p>';
$out['text'] .= '<p>'.$endpoints.'</p>';
} else {
$out['text'] .= '<p>'._L('No installed plugin offers a REST functionality').'</p>';
}
$out['text'] .= '<h2>'._L('Authentication').'</h2>';
$out['text'] .= '<p>'._L('The authentication is done via the following HTTP header:').'</p>';
$out['text'] .= '<p><pre id="oidplus_auth_jwt">';
$out['text'] .= 'Authentication: Bearer '.htmlentities($token)."\n";
$out['text'] .= '</pre></p>';
$out['text'] .= '<p><input type="button" value="'._L('Copy to clipboard').'" onClick="copyToClipboard(oidplus_auth_jwt)"></p>';
$out['text'] .= '<p>'._L('Please keep this information confidential!').'</p>';
$out['text'] .= '<p>'._L('The JWT-token (secret!) will automatically perform a one-time-login to fulfill the request. The other fields are the normal fields which are called during the usual operation of OIDplus.').'</p>';
 
$out['text'] .= '<h2>'._L('Blacklisted tokens').'</h2>';
$bl_time = OIDplusAuthContentStoreJWT::jwtGetBlacklistTime($gen, $sub);
if ($bl_time == 0) {
$out['text'] .= '<p>'._L('None of the previously generated JWT tokens have been blacklisted.').'</p>';
} else {
$out['text'] .= '<p>'._L('All tokens generated before %1 have been blacklisted.',date('d F Y, H:i:s',$bl_time+1)).'</p>';
}
$out['text'] .= '<button type="button" name="btn_blacklist_jwt" id="btn_blacklist_jwt" class="btn btn-danger btn-xs" onclick="OIDplusPageAdminRestApi.blacklistJWT()">'._L('Blacklist all previously generated tokens').'</button>';
}
}
 
/**
* @param array $json
* @param string|null $ra_email
* @param bool $nonjs
* @param string $req_goto
* @return bool
* @throws OIDplusException
*/
public function tree(array &$json, string $ra_email=null, bool $nonjs=false, string $req_goto=''): bool {
if (!OIDplus::authUtils()->isAdminLoggedIn()) return false;
 
if (file_exists(__DIR__.'/img/main_icon16.png')) {
$tree_icon = OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon16.png';
} else {
$tree_icon = null; // default icon (folder)
}
 
$json[] = array(
'id' => 'oidplus:rest_api_information_admin',
'icon' => $tree_icon,
'text' => _L('REST API')
);
 
// TODO: Make "Endpoints" (with all installed plugins) and "Authentication" as menu entries!
 
return true;
}
 
/**
* @param string $request
* @return array|false
*/
public function tree_search(string $request) {
return false;
}
}
/trunk/plugins/viathinksoft/adminPages/911_rest_api/OIDplusPageAdminRestApi.js
0,0 → 1,50
/*
* OIDplus 2.0
* Copyright 2019 - 2023 Daniel Marschall, ViaThinkSoft
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
 
var OIDplusPageAdminRestApi = {
 
oid: "1.3.6.1.4.1.37476.2.5.2.4.3.911",
 
blacklistJWT: function() {
if(!window.confirm(_L("Are you sure that you want to blacklist all access tokens?"))) return false;
 
$.ajax({
url:"ajax.php",
method:"POST",
beforeSend: function(jqXHR, settings) {
$.xhrPool.abortAll();
$.xhrPool.add(jqXHR);
},
complete: function(jqXHR, text) {
$.xhrPool.remove(jqXHR);
},
data: {
csrf_token:csrf_token,
plugin:OIDplusPageAdminRestApi.oid,
action:"blacklistJWT"
},
error: oidplus_ajax_error,
success: function (data) {
oidplus_ajax_success(data, function (data) {
alertSuccess(_L("OK"));
reloadContent();
});
}
});
}
 
};
/trunk/plugins/viathinksoft/adminPages/911_rest_api/img/index.html
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
/viathinksoft/adminPages/911_rest_api/img/main_icon.png
Property changes:
Added: svn:mime-type
+application/octet-stream
\ No newline at end of property
/trunk/plugins/viathinksoft/adminPages/911_rest_api/img/main_icon16.png
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Added: svn:mime-type
+application/octet-stream
\ No newline at end of property
/trunk/plugins/viathinksoft/adminPages/911_rest_api/index.html
--- viathinksoft/adminPages/911_rest_api/manifest.xml (nonexistent)
+++ viathinksoft/adminPages/911_rest_api/manifest.xml (revision 1265)
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
+<manifest
+ xmlns="urn:oid:1.3.6.1.4.1.37476.2.5.2.5.2.1"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oid:1.3.6.1.4.1.37476.2.5.2.5.2.1 https://oidplus.viathinksoft.com/oidplus/plugins/manifest_plugin_page.xsd">
+
+ <type>ViaThinkSoft\OIDplus\OIDplusPagePluginAdmin</type>
+
+ <info>
+ <name>REST API</name>
+ <author>ViaThinkSoft</author>
+ <license>Apache 2.0</license>
+ <version />
+ <descriptionHTML />
+ <oid>1.3.6.1.4.1.37476.2.5.2.4.3.911</oid>
+ </info>
+
+ <php>
+ <mainclass>ViaThinkSoft\OIDplus\OIDplusPageAdminRestApi</mainclass>
+ </php>
+
+ <css>
+ </css>
+
+ <js>
+ <file>OIDplusPageAdminRestApi.js</file>
+ </js>
+
+</manifest>
/trunk/plugins/viathinksoft/language/dede/messages.xml
718,6 → 718,14
</message>
<message>
<source><![CDATA[
Authentication
]]></source>
<target><![CDATA[
Authentifizierung
]]></target>
</message>
<message>
<source><![CDATA[
Authentication error. Please log in as admin, or as the RA of "%1" to upload an attachment.
]]></source>
<target><![CDATA[
2118,6 → 2126,14
</message>
<message>
<source><![CDATA[
Endpoints
]]></source>
<target><![CDATA[
Endpunkte
]]></target>
</message>
<message>
<source><![CDATA[
Enforce SSL (always redirect)
]]></source>
<target><![CDATA[
3350,6 → 3366,14
</message>
<message>
<source><![CDATA[
Invalid REST API information format
]]></source>
<target><![CDATA[
Ungültiges REST API Dokumentations-Format
]]></target>
</message>
<message>
<source><![CDATA[
Invalid WEID
]]></source>
<target><![CDATA[
4238,6 → 4262,14
</message>
<message>
<source><![CDATA[
No installed plugin offers a REST functionality
]]></source>
<target><![CDATA[
Keine installierten Plugins bieten eine REST-Funktionalität an
]]></target>
</message>
<message>
<source><![CDATA[
No items available
]]></source>
<target><![CDATA[
5934,6 → 5966,14
</message>
<message>
<source><![CDATA[
REST API
]]></source>
<target><![CDATA[
REST API
]]></target>
</message>
<message>
<source><![CDATA[
RFC Internet Draft
]]></source>
<target><![CDATA[
7174,6 → 7214,14
</message>
<message>
<source><![CDATA[
The authentication is done via the following HTTP header:
]]></source>
<target><![CDATA[
Die Authentifizierung erfolgt über die folgende HTTP-Kopfzeile:
]]></target>
</message>
<message>
<source><![CDATA[
The database driver has problems with "%1"
]]></source>
<target><![CDATA[
7246,6 → 7294,14
</message>
<message>
<source><![CDATA[
The following endpoints are registered by the plugins in this system:
]]></source>
<target><![CDATA[
Die folgenden Endpunkte werden durch Plugins in diesem System zur Verfügung gestellt:
]]></target>
</message>
<message>
<source><![CDATA[
The following settings need to be configured once.<br>After setup is complete, you can change all these settings through the admin login area, if necessary.
]]></source>
<target><![CDATA[
7582,22 → 7638,14
</message>
<message>
<source><![CDATA[
This kind of JWT token can only be used in ajax.php
This kind of JWT token (%1) cannot be used in this request type
]]></source>
<target><![CDATA[
Dieser JWT Token kann nur in ajax.php verwendet werden
Diese Art von JWT-Token (%1) ist nicht für diesen Aufruf-Typ bestimmt
]]></target>
</message>
<message>
<source><![CDATA[
This kind of JWT token can only be used with the %1 request type
]]></source>
<target><![CDATA[
Dieser JWT Token kann nur mit dem %1 Anfragetyp verwendet werden
]]></target>
</message>
<message>
<source><![CDATA[
This kind of JWT token cannot be altered. Therefore you cannot do this action.
]]></source>
<target><![CDATA[
8390,6 → 8438,14
</message>
<message>
<source><![CDATA[
You can make automated calls to your OIDplus account by calling an REST API.
]]></source>
<target><![CDATA[
Die REST API bietet die Möglichkeit, Aufgaben automatisiert über Ihr OIDplus-Konto durchzuführen.
]]></target>
</message>
<message>
<source><![CDATA[
You can make automated calls to your OIDplus account by calling the AJAX API.
]]></source>
<target><![CDATA[
/trunk/plugins/viathinksoft/publicPages/000_objects/OIDplusPagePublicObjects.class.php
25,7 → 25,8
 
class OIDplusPagePublicObjects extends OIDplusPagePluginPublic
implements INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_1, /* oobeEntry, oobeRequested */
INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_8 /* getNotifications */
INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_8, /* getNotifications */
INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_9 /* restApiCall */
// Important: Do NOT implement INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_7, because our getAlternativesForQuery() is the one that calls others!
{
 
58,6 → 59,71
}
 
/**
* Implements INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_9
* @param string $requestMethod
* @param string $endpoint
* @return array|false
*/
public function restApiCall(string $requestMethod, string $endpoint) {
if (str_starts_with($endpoint, 'objects/')) {
$id = substr($endpoint, strlen('objects/'));
if ($requestMethod == "GET") {
// TODO: Implement GET (Select)
http_response_code(501);
return array("error" => "Not implemented");
} else if ($requestMethod == "PUT") {
// TODO: Implement PUT (Replace)
http_response_code(501);
return array("error" => "Not implemented");
} else if ($requestMethod == "POST") {
// TODO: Implement POST (Insert)
http_response_code(501);
return array("error" => "Not implemented");
} else if ($requestMethod == "PATCH") {
// TODO: Implement PATCH (Modify)
http_response_code(501);
return array("error" => "Not implemented");
} else if ($requestMethod == "DELETE") {
try {
self::action('Delete', array("id" => $id));
http_response_code(200);
return array("status" => "OK");
} catch (\Exception $e) {
http_response_code(401); // TODO: We need some kind of Exception class to know for sure that the Exception is due to missing authentication!
return array("error" => $e->getMessage());
}
} else {
http_response_code(400);
return array("error" => "Unsupported request method");
}
} else {
return false;
}
}
 
/**
* Implements INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_9
* Outputs information about valid endpoints
* @param string $kind Reserved for different kind of output format (i.e. OpenAPI "TODO"). Currently only 'html' is implemented
* @return string
*/
public function restApiInfo(string $kind='html'): string {
if ($kind === 'html') {
// TODO: Make a good documentation.....
$out = '<ul><li><b>Objects API</b><ul>';
$out .= '<li>GET objects/[id]<ul><li>Input parameters: None</li><li>Output parameters: WORK IN PROGRESS</li></ul></li>';
$out .= '<li>PUT objects/[id]<ul><li>Input parameters: WORK IN PROGRESS</li><li>Output parameters: WORK IN PROGRESS</li></ul></li>';
$out .= '<li>POST objects/[id]<ul><li>Input parameters: WORK IN PROGRESS</li><li>Output parameters: WORK IN PROGRESS</li></ul></li>';
$out .= '<li>PATCH objects/[id]<ul><li>Input parameters: WORK IN PROGRESS</li><li>Output parameters: WORK IN PROGRESS</li></ul></li>';
$out .= '<li>DELETE objects/[id]<ul><li>Input parameters: None</li><li>Output parameters: WORK IN PROGRESS</li></ul></li>';
$out .= '</ul></li></ul>';
return $out;
} else {
throw new OIDplusException(_L('Invalid REST API information format'));
}
}
 
/**
* @param string $actionID
* @param array $params
* @return array
/trunk/plugins/viathinksoft/publicPages/002_rest_api/INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_9.class.php
0,0 → 1,42
<?php
 
/*
* OIDplus 2.0
* Copyright 2019 - 2023 Daniel Marschall, ViaThinkSoft
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
 
namespace ViaThinkSoft\OIDplus;
 
// phpcs:disable PSR1.Files.SideEffects
\defined('INSIDE_OIDPLUS') or die;
// phpcs:enable PSR1.Files.SideEffects
 
interface INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_9 {
 
/**
* @param string $requestMethod
* @param string $endpoint
* @return array|false
*/
public function restApiCall(string $requestMethod, string $endpoint);
 
/**
* Outputs information about valid endpoints
* @param string $kind Reserved for different kind of output format (i.e. OpenAPI "TODO"). Currently only 'html' is implemented
* @return string
*/
public function restApiInfo(string $kind='html'): string;
 
}
/trunk/plugins/viathinksoft/publicPages/002_rest_api/OIDplusPagePublicRestApi.class.php
0,0 → 1,71
<?php
 
/*
* OIDplus 2.0
* Copyright 2019 - 2023 Daniel Marschall, ViaThinkSoft
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
 
namespace ViaThinkSoft\OIDplus;
 
// TODO: should this be a different plugin type? A page without gui is weird!
// phpcs:disable PSR1.Files.SideEffects
\defined('INSIDE_OIDPLUS') or die;
// phpcs:enable PSR1.Files.SideEffects
 
class OIDplusPagePublicRestApi extends OIDplusPagePluginPublic {
 
/**
* @param string $request
* @return bool
* @throws OIDplusException
*/
public function handle404(string $request): bool {
 
if (!isset($_SERVER['REQUEST_URI']) || !isset($_SERVER["REQUEST_METHOD"])) return false;
 
$rel_url = substr($_SERVER['REQUEST_URI'], strlen(OIDplus::webpath(null, OIDplus::PATH_RELATIVE_TO_ROOT)));
$expect = 'rest/v1/';
if (str_starts_with($rel_url, $expect)) {
$rel_url = ltrim($rel_url, $expect);
 
$requestMethod = $_SERVER["REQUEST_METHOD"];
 
try {
$json_out = false;
foreach (OIDplus::getAllPlugins() as $plugin) {
if ($plugin instanceof INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_9) {
$json_out = $plugin->restApiCall($requestMethod, $rel_url);
if ($json_out !== false) break;
}
}
if ($json_out === false) {
http_response_code(404);
$json_out = array("error" => "Endpoint not found");
}
} catch (\Exception $e) {
http_response_code(500);
$json_out = array("error" => $e->getMessage());
}
 
OIDplus::invoke_shutdown();
@header('Content-Type:application/json; charset=utf-8');
echo json_encode($json_out);
die(); // return true;
}
 
return false;
}
 
}
/trunk/plugins/viathinksoft/publicPages/002_rest_api/index.html
--- viathinksoft/publicPages/002_rest_api/manifest.xml (nonexistent)
+++ viathinksoft/publicPages/002_rest_api/manifest.xml (revision 1265)
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
+<manifest
+ xmlns="urn:oid:1.3.6.1.4.1.37476.2.5.2.5.2.1"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oid:1.3.6.1.4.1.37476.2.5.2.5.2.1 https://oidplus.viathinksoft.com/oidplus/plugins/manifest_plugin_page.xsd">
+
+ <type>ViaThinkSoft\OIDplus\OIDplusPagePluginPublic</type>
+
+ <info>
+ <name>REST API</name>
+ <author>ViaThinkSoft</author>
+ <license>Apache 2.0</license>
+ <version />
+ <descriptionHTML />
+ <oid>1.3.6.1.4.1.37476.2.5.2.4.1.2</oid>
+ </info>
+
+ <php>
+ <mainclass>ViaThinkSoft\OIDplus\OIDplusPagePublicRestApi</mainclass>
+ </php>
+
+ <css>
+ </css>
+
+ <js>
+ </js>
+
+</manifest>
/trunk/plugins/viathinksoft/raPages/910_automated_ajax_calls/OIDplusPageRaAutomatedAJAXCalls.class.php
94,7 → 94,7
$out['text'] .= '<p>'._L('The URL for the AJAX script is:').'</p>';
$out['text'] .= '<p><b>'.OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL).'ajax.php</b></p>';
$out['text'] .= '<p>'._L('You must at least provide following fields:').'</p>';
$out['text'] .= '<p><pre>';
$out['text'] .= '<p><pre id="oidplus_auth_jwt">';
$out['text'] .= htmlentities(OIDplusAuthContentStoreJWT::COOKIE_NAME).' = "'.htmlentities($token).'"'."\n";
$out['text'] .= '</pre></p>';
$out['text'] .= '<p><input type="button" value="'._L('Copy to clipboard').'" onClick="copyToClipboard(oidplus_auth_jwt)"></p>';
/trunk/plugins/viathinksoft/raPages/911_rest_api/OIDplusPageRaRestApi.class.php
0,0 → 1,163
<?php
 
/*
* OIDplus 2.0
* Copyright 2019 - 2023 Daniel Marschall, ViaThinkSoft
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
 
// ATTENTION: If you change something, please make sure that the changes
// are synchronous with OIDplusPageAdminRestApi
 
namespace ViaThinkSoft\OIDplus;
 
// phpcs:disable PSR1.Files.SideEffects
\defined('INSIDE_OIDPLUS') or die;
// phpcs:enable PSR1.Files.SideEffects
 
class OIDplusPageRaRestApi extends OIDplusPagePluginRa {
 
/**
* @param string $actionID
* @param array $params
* @return array
* @throws OIDplusException
*/
public function action(string $actionID, array $params): array {
if ($actionID == 'blacklistJWT') {
if (!OIDplus::baseConfig()->getValue('JWT_ALLOW_REST_USER', true)) {
throw new OIDplusException(_L('The administrator has disabled this feature. (Base configuration setting %1).','JWT_ALLOW_REST_USER'));
}
 
_CheckParamExists($params, 'user');
$ra_email = $params['user'];
 
if (!OIDplus::authUtils()->isRaLoggedIn($ra_email) && !OIDplus::authUtils()->isAdminLoggedIn()) {
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as the requested RA %2 or as admin.',OIDplus::gui()->link('oidplus:login$ra$'.$ra_email),'<b>'.htmlentities($ra_email).'</b>'));
}
 
$gen = OIDplusAuthContentStoreJWT::JWT_GENERATOR_REST;
$sub = $ra_email;
 
OIDplusAuthContentStoreJWT::jwtBlacklist($gen, $sub);
 
return array("status" => 0);
} else {
return parent::action($actionID, $params);
}
}
 
/**
* @param string $id
* @param array $out
* @param bool $handled
* @return void
* @throws OIDplusException
*/
public function gui(string $id, array &$out, bool &$handled) {
if (explode('$',$id)[0] == 'oidplus:rest_api_information_ra') {
$handled = true;
 
$ra_email = explode('$',$id)[1];
 
$out['title'] = _L('REST API');
$out['icon'] = file_exists(__DIR__.'/img/main_icon.png') ? OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon.png' : '';
 
if (!OIDplus::authUtils()->isRaLoggedIn($ra_email) && !OIDplus::authUtils()->isAdminLoggedIn()) {
throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as the requested RA %2 or as admin.',OIDplus::gui()->link('oidplus:login$ra$'.$ra_email),'<b>'.htmlentities($ra_email).'</b>'), $out['title']);
}
 
if (!OIDplus::baseConfig()->getValue('JWT_ALLOW_REST_USER', true)) {
throw new OIDplusException(_L('The administrator has disabled this feature. (Base configuration setting %1).','JWT_ALLOW_REST_USER'), $out['title']);
}
 
$gen = OIDplusAuthContentStoreJWT::JWT_GENERATOR_REST;
$sub = $ra_email;
 
$authSimulation = new OIDplusAuthContentStoreJWT();
$authSimulation->raLogin($ra_email);
$authSimulation->setValue('oidplus_generator', $gen);
$token = $authSimulation->getJWTToken();
 
$out['text'] .= '<p>'._L('You can make automated calls to your OIDplus account by calling an REST API.').'</p>';
$out['text'] .= '<h2>'._L('Endpoints').'</h2>';
$endpoints = '';
foreach (OIDplus::getAllPlugins() as $plugin) {
if ($plugin instanceof INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_9) {
$endpoints .= $plugin->restApiInfo('html');
}
}
if ($endpoints) {
$out['text'] .= '<p>'._L('The following endpoints are registered by the plugins in this system:').'</p>';
$out['text'] .= '<p>'.$endpoints.'</p>';
} else {
$out['text'] .= '<p>'._L('No installed plugin offers a REST functionality').'</p>';
}
$out['text'] .= '<h2>'._L('Authentication').'</h2>';
$out['text'] .= '<p>'._L('The authentication is done via the following HTTP header:').'</p>';
$out['text'] .= '<p><pre id="oidplus_auth_jwt">';
$out['text'] .= 'Authentication: Bearer '.htmlentities($token)."\n";
$out['text'] .= '</pre></p>';
$out['text'] .= '<p><input type="button" value="'._L('Copy to clipboard').'" onClick="copyToClipboard(oidplus_auth_jwt)"></p>';
$out['text'] .= '<p>'._L('Please keep this information confidential!').'</p>';
$out['text'] .= '<p>'._L('The JWT-token (secret!) will automatically perform a one-time-login to fulfill the request. The other fields are the normal fields which are called during the usual operation of OIDplus.').'</p>';
 
$out['text'] .= '<h2>'._L('Blacklisted tokens').'</h2>';
$bl_time = OIDplusAuthContentStoreJWT::jwtGetBlacklistTime($gen, $sub);
if ($bl_time == 0) {
$out['text'] .= '<p>'._L('None of the previously generated JWT tokens have been blacklisted.').'</p>';
} else {
$out['text'] .= '<p>'._L('All tokens generated before %1 have been blacklisted.',date('d F Y, H:i:s',$bl_time+1)).'</p>';
}
$out['text'] .= '<button type="button" name="btn_blacklist_jwt" id="btn_blacklist_jwt" class="btn btn-danger btn-xs" onclick="OIDplusPageRaRestApi.blacklistJWT('.js_escape($ra_email).')">'._L('Blacklist all previously generated tokens').'</button>';
}
}
 
/**
* @param array $json
* @param string|null $ra_email
* @param bool $nonjs
* @param string $req_goto
* @return bool
* @throws OIDplusException
*/
public function tree(array &$json, string $ra_email=null, bool $nonjs=false, string $req_goto=''): bool {
if (!$ra_email) return false;
if (!OIDplus::authUtils()->isRaLoggedIn($ra_email) && !OIDplus::authUtils()->isAdminLoggedIn()) return false;
 
if (file_exists(__DIR__.'/img/main_icon16.png')) {
$tree_icon = OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon16.png';
} else {
$tree_icon = null; // default icon (folder)
}
 
$json[] = array(
'id' => 'oidplus:rest_api_information_ra$'.$ra_email,
'icon' => $tree_icon,
'text' => _L('REST API')
);
 
// TODO: Make "Endpoints" (with all installed plugins) and "Authentication" as menu entries!
 
return true;
}
 
/**
* @param string $request
* @return array|false
*/
public function tree_search(string $request) {
return false;
}
}
/trunk/plugins/viathinksoft/raPages/911_rest_api/OIDplusPageRaRestApi.js
0,0 → 1,51
/*
* OIDplus 2.0
* Copyright 2019 - 2023 Daniel Marschall, ViaThinkSoft
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
 
var OIDplusPageRaRestApi = {
 
oid: "1.3.6.1.4.1.37476.2.5.2.4.2.911",
 
blacklistJWT: function(user) {
if(!window.confirm(_L("Are you sure that you want to blacklist all access tokens?"))) return false;
 
$.ajax({
url:"ajax.php",
method:"POST",
beforeSend: function(jqXHR, settings) {
$.xhrPool.abortAll();
$.xhrPool.add(jqXHR);
},
complete: function(jqXHR, text) {
$.xhrPool.remove(jqXHR);
},
data: {
csrf_token:csrf_token,
plugin:OIDplusPageRaRestApi.oid,
action:"blacklistJWT",
user:user
},
error: oidplus_ajax_error,
success: function (data) {
oidplus_ajax_success(data, function (data) {
alertSuccess(_L("OK"));
reloadContent();
});
}
});
}
 
};
/trunk/plugins/viathinksoft/raPages/911_rest_api/img/index.html
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
/viathinksoft/raPages/911_rest_api/img/main_icon.png
Property changes:
Added: svn:mime-type
+application/octet-stream
\ No newline at end of property
/trunk/plugins/viathinksoft/raPages/911_rest_api/img/main_icon16.png
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Added: svn:mime-type
+application/octet-stream
\ No newline at end of property
/trunk/plugins/viathinksoft/raPages/911_rest_api/index.html
--- viathinksoft/raPages/911_rest_api/manifest.xml (nonexistent)
+++ viathinksoft/raPages/911_rest_api/manifest.xml (revision 1265)
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
+<manifest
+ xmlns="urn:oid:1.3.6.1.4.1.37476.2.5.2.5.2.1"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oid:1.3.6.1.4.1.37476.2.5.2.5.2.1 https://oidplus.viathinksoft.com/oidplus/plugins/manifest_plugin_page.xsd">
+
+ <type>ViaThinkSoft\OIDplus\OIDplusPagePluginRa</type>
+
+ <info>
+ <name>REST API</name>
+ <author>ViaThinkSoft</author>
+ <license>Apache 2.0</license>
+ <version />
+ <descriptionHTML />
+ <oid>1.3.6.1.4.1.37476.2.5.2.4.2.911</oid>
+ </info>
+
+ <php>
+ <mainclass>ViaThinkSoft\OIDplus\OIDplusPageRaRestApi</mainclass>
+ </php>
+
+ <css>
+ </css>
+
+ <js>
+ <file>OIDplusPageRaRestApi.js</file>
+ </js>
+
+</manifest>