actions/api.php

   1 <?php
   2 /*
   3  * Laconica - a distributed open-source microblogging tool
   4  * Copyright (C) 2008, Controlez-Vous, Inc.
   5  *
   6  * This program is free software: you can redistribute it and/or modify
   7  * it under the terms of the GNU Affero General Public License as published by
   8  * the Free Software Foundation, either version 3 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU Affero General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Affero General Public License
  17  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18  */
  19
  20 if (!defined('LACONICA')) { exit(1); }
  21
  22 // XXX: Not sure of terminology yet... maybe call things "api_methods" insteads of "commands"
  23
  24 class ApiAction extends Action {
  25
  26         function handle($args) {
  27                 parent::handle($args);
  28
  29                 $command = $this->arg('command');
  30
  31                 # XXX Maybe check to see if the command actually exists first
  32
  33                 if($this->requires_auth($command)) {
  34                         if (!isset($_SERVER['PHP_AUTH_USER'])) {
  35
  36                                 # This header makes basic auth go
  37                                 header('WWW-Authenticate: Basic realm="Laconica API');
  38
  39                                 # if the user hits cancel -- bam!
  40                                 common_show_basic_auth_error();
  41                         } else {
  42                                 $nickname = $_SERVER['PHP_AUTH_USER'];
  43                                 $password = $_SERVER['PHP_AUTH_PW'];
  44                                 $user = common_check_user($nickname, $password);
  45
  46                                 if ($user) {
  47                                         $this->process_command($command, $nickname, $password);
  48                                 } else {
  49                                         # basic authentication failed
  50                                         common_show_basic_auth_error();
  51                                 }
  52                         }
  53
  54                 } else {
  55                         $this->process_command($command);
  56                 }
  57         }
  58
  59         # this is where we can dispatch off to api Class files
  60         function process_command($command, $nickname=NULL, $password=NULL) {
  61
  62                 $parts = explode('.', $command);
  63                 $api_action = "api_$parts[0]";
  64                 $extension = $parts[1]; # requested content type
  65
  66                 $api_actionfile = INSTALLDIR."/actions/$api_action.php";
  67
  68                 if (file_exists($api_actionfile)) {
  69                         require_once($api_actionfile);
  70                         $action_class = ucfirst($api_action)."Action";
  71                         $action_obj = new $action_class();
  72
  73                         # need to pass off nick and password and stuff ... put in $args? constructor?
  74                         # pull from $_REQUEST later?
  75                         call_user_func(array($action_obj, 'handle'), $_REQUEST);
  76                 } else {
  77
  78                         # need appropriate API error functs
  79                         print "\nerror!\n";
  80                 }
  81         }
  82
  83         # Whitelist of API methods that don't need authentication
  84         function requires_auth($command) {
  85
  86                 # The only command that doesn't in Twitter's API is public_timeline
  87                 if (ereg('^public_timeline.*$', $command)) {
  88                         return false;
  89                 }
  90                 return true;
  91         }
  92
  93 }