3 * @copyright Copyright (C) 2010-2021, the Friendica project
5 * @license GNU AGPL version 3 or any later version
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU Affero General Public License as
9 * published by the Free Software Foundation, either version 3 of the
10 * License, or (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU Affero General Public License for more details.
17 * You should have received a copy of the GNU Affero General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
22 namespace Friendica\Module;
24 use Friendica\BaseModule;
25 use Friendica\Core\Logger;
26 use Friendica\Core\System;
28 use Friendica\Network\HTTPException;
30 require_once __DIR__ . '/../../include/api.php';
32 class BaseApi extends BaseModule
35 * @var string json|xml|rss|atom
37 protected static $format = 'json';
41 protected static $current_user_id;
43 public static function init(array $parameters = [])
45 $arguments = DI::args();
47 if (substr($arguments->getCommand(), -4) === '.xml') {
48 self::$format = 'xml';
50 if (substr($arguments->getCommand(), -4) === '.rss') {
51 self::$format = 'rss';
53 if (substr($arguments->getCommand(), -4) === '.atom') {
54 self::$format = 'atom';
58 public static function delete(array $parameters = [])
61 throw new HTTPException\UnauthorizedException(DI::l10n()->t('Permission denied.'));
66 if (!empty($a->user['uid']) && $a->user['uid'] != api_user()) {
67 throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
71 public static function patch(array $parameters = [])
74 throw new HTTPException\UnauthorizedException(DI::l10n()->t('Permission denied.'));
79 if (!empty($a->user['uid']) && $a->user['uid'] != api_user()) {
80 throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
84 public static function post(array $parameters = [])
87 throw new HTTPException\UnauthorizedException(DI::l10n()->t('Permission denied.'));
92 if (!empty($a->user['uid']) && $a->user['uid'] != api_user()) {
93 throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
97 public static function put(array $parameters = [])
100 throw new HTTPException\UnauthorizedException(DI::l10n()->t('Permission denied.'));
105 if (!empty($a->user['uid']) && $a->user['uid'] != api_user()) {
106 throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
110 public static function unsupported(string $method = 'all')
112 $path = DI::args()->getQueryString();
113 Logger::info('Unimplemented API call', ['method' => $method, 'path' => $path, 'agent' => $_SERVER['HTTP_USER_AGENT'] ?? '']);
114 $error = DI::l10n()->t('API endpoint %s %s is not implemented', strtoupper($method), $path);
115 $error_description = DI::l10n()->t('The API endpoint is currently not implemented but might be in the future.');;
116 $errorobj = new \Friendica\Object\Api\Mastodon\Error($error, $error_description);
117 System::jsonError(501, $errorobj->toArray());
121 * Log in user via OAuth1 or Simple HTTP Auth.
123 * Simple Auth allow username in form of <pre>user@server</pre>, ignoring server part
125 * @return bool Was a user authenticated?
126 * @throws HTTPException\ForbiddenException
127 * @throws HTTPException\UnauthorizedException
128 * @throws HTTPException\InternalServerErrorException
129 * @hook 'authenticate'
131 * 'username' => username from login form
132 * 'password' => password from login form
133 * 'authenticated' => return status,
134 * 'user_record' => return authenticated user record
136 protected static function login()
138 api_login(DI::app());
140 self::$current_user_id = api_user();
142 return (bool)self::$current_user_id;
146 * Get current user id, returns 0 if not logged in
148 * @return int User ID
150 protected static function getCurrentUserID()
152 if (is_null(self::$current_user_id)) {
153 api_login(DI::app(), false);
155 self::$current_user_id = api_user();
158 return (int)self::$current_user_id;
162 * Get user info array.
164 * @param int|string $contact_id Contact ID or URL
166 * @throws HTTPException\BadRequestException
167 * @throws HTTPException\InternalServerErrorException
168 * @throws HTTPException\UnauthorizedException
169 * @throws \ImagickException
171 protected static function getUser($contact_id = null)
173 return api_get_user(DI::app(), $contact_id);
177 * Formats the data according to the data type
179 * @param string $root_element
180 * @param array $data An array with a single element containing the returned result
181 * @return false|string
183 protected static function format(string $root_element, array $data)
185 $return = api_format_data($root_element, self::$format, $data);
187 switch (self::$format) {
189 header("Content-Type: text/xml");
192 header("Content-Type: application/json");
193 if (!empty($return)) {
194 $json = json_encode(end($return));
195 if (!empty($_GET['callback'])) {
196 $json = $_GET['callback'] . "(" . $json . ")";
202 header("Content-Type: application/rss+xml");
203 $return = '<?xml version="1.0" encoding="UTF-8"?>' . "\n" . $return;
206 header("Content-Type: application/atom+xml");
207 $return = '<?xml version="1.0" encoding="UTF-8"?>' . "\n" . $return;
215 * Creates the XML from a JSON style array
218 * @param $root_element
221 protected static function createXml($data, $root_element)
223 return api_create_xml($data, $root_element);