client.php 4.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163
  1. <?php
  2. /**
  3. * A library for building an API client
  4. *
  5. * Load the library 'elgg:ws:client' to use the functions in this library
  6. */
  7. /**
  8. * Send a raw API call to an elgg api endpoint.
  9. *
  10. * @param array $keys The api keys.
  11. * @param string $url URL of the endpoint.
  12. * @param array $call Associated array of "variable" => "value"
  13. * @param string $method GET or POST
  14. * @param string $post_data The post data
  15. * @param string $content_type The content type
  16. *
  17. * @return string
  18. */
  19. function send_api_call(array $keys, $url, array $call, $method = 'GET', $post_data = '',
  20. $content_type = 'application/octet-stream') {
  21. global $CONFIG;
  22. $headers = array();
  23. $encoded_params = array();
  24. $method = strtoupper($method);
  25. switch (strtoupper($method)) {
  26. case 'GET' :
  27. case 'POST' :
  28. break;
  29. default:
  30. $msg = elgg_echo('NotImplementedException:CallMethodNotImplemented', array($method));
  31. throw new NotImplementedException($msg);
  32. }
  33. // Time
  34. $time = time();
  35. // Nonce
  36. $nonce = uniqid('');
  37. // URL encode all the parameters
  38. foreach ($call as $k => $v) {
  39. $encoded_params[] = urlencode($k) . '=' . urlencode($v);
  40. }
  41. $params = implode('&', $encoded_params);
  42. // Put together the query string
  43. $url = $url . "?" . $params;
  44. // Construct headers
  45. $posthash = "";
  46. if ($method == 'POST') {
  47. $posthash = calculate_posthash($post_data, 'md5');
  48. }
  49. if ((isset($keys['public'])) && (isset($keys['private']))) {
  50. $headers['X-Elgg-apikey'] = $keys['public'];
  51. $headers['X-Elgg-time'] = $time;
  52. $headers['X-Elgg-nonce'] = $nonce;
  53. $headers['X-Elgg-hmac-algo'] = 'sha1';
  54. $headers['X-Elgg-hmac'] = calculate_hmac('sha1',
  55. $time,
  56. $nonce,
  57. $keys['public'],
  58. $keys['private'],
  59. $params,
  60. $posthash
  61. );
  62. }
  63. if ($method == 'POST') {
  64. $headers['X-Elgg-posthash'] = $posthash;
  65. $headers['X-Elgg-posthash-algo'] = 'md5';
  66. $headers['Content-type'] = $content_type;
  67. $headers['Content-Length'] = strlen($post_data);
  68. }
  69. // Opt array
  70. $http_opts = array(
  71. 'method' => $method,
  72. 'header' => serialise_api_headers($headers)
  73. );
  74. if ($method == 'POST') {
  75. $http_opts['content'] = $post_data;
  76. }
  77. $opts = array('http' => $http_opts);
  78. // Send context
  79. $context = stream_context_create($opts);
  80. // Send the query and get the result and decode.
  81. elgg_log("APICALL: $url");
  82. $results = file_get_contents($url, false, $context);
  83. return $results;
  84. }
  85. /**
  86. * Send a GET call
  87. *
  88. * @param string $url URL of the endpoint.
  89. * @param array $call Associated array of "variable" => "value"
  90. * @param array $keys The keys dependant on chosen authentication method
  91. *
  92. * @return string
  93. */
  94. function send_api_get_call($url, array $call, array $keys) {
  95. return send_api_call($keys, $url, $call);
  96. }
  97. /**
  98. * Send a GET call
  99. *
  100. * @param string $url URL of the endpoint.
  101. * @param array $call Associated array of "variable" => "value"
  102. * @param array $keys The keys dependant on chosen authentication method
  103. * @param string $post_data The post data
  104. * @param string $content_type The content type
  105. *
  106. * @return string
  107. */
  108. function send_api_post_call($url, array $call, array $keys, $post_data,
  109. $content_type = 'application/octet-stream') {
  110. return send_api_call($keys, $url, $call, 'POST', $post_data, $content_type);
  111. }
  112. /**
  113. * Return a key array suitable for the API client using the standard
  114. * authentication method based on api-keys and secret keys.
  115. *
  116. * @param string $secret_key Your secret key
  117. * @param string $api_key Your api key
  118. *
  119. * @return array
  120. */
  121. function get_standard_api_key_array($secret_key, $api_key) {
  122. return array('public' => $api_key, 'private' => $secret_key);
  123. }
  124. /**
  125. * Utility function to serialise a header array into its text representation.
  126. *
  127. * @param array $headers The array of headers "key" => "value"
  128. *
  129. * @return string
  130. * @access private
  131. */
  132. function serialise_api_headers(array $headers) {
  133. $headers_str = "";
  134. foreach ($headers as $k => $v) {
  135. $headers_str .= trim($k) . ": " . trim($v) . "\r\n";
  136. }
  137. return trim($headers_str);
  138. }