From 5079efbd59324e28aeb29b7ebbe5c4e069885bb4 Mon Sep 17 00:00:00 2001
From: Luciano Lima <lucianomlima@ymail.com>
Date: Tue, 29 Jan 2013 23:32:39 -0300
Subject: Check if the  is a valid viewtype

Signed-off-by: Luciano Lima <lucianomlima@ymail.com>
---
 engine/lib/web_services.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'engine/lib/web_services.php')

diff --git a/engine/lib/web_services.php b/engine/lib/web_services.php
index c8e4a13cc..1a15ecc15 100644
--- a/engine/lib/web_services.php
+++ b/engine/lib/web_services.php
@@ -1268,10 +1268,10 @@ function service_handler($handler, $request) {
 
 	// after the handler, the first identifier is response format
 	// ex) http://example.org/services/api/rest/xml/?method=test
-	$reponse_format = array_shift($request);
+	$response_format = array_shift($request);
 	// Which view - xml, json, ...
-	if ($reponse_format) {
-		elgg_set_viewtype($reponse_format);
+	if ($response_format && elgg_is_valid_view_type($response_format)) {
+		elgg_set_viewtype($response_format);
 	} else {
 		// default to xml
 		elgg_set_viewtype("xml");
-- 
cgit v1.2.3


From 6a73322353db0e17bdf86a9db8d7d3f2582740de Mon Sep 17 00:00:00 2001
From: Luciano Lima <lucianomlima@ymail.com>
Date: Wed, 30 Jan 2013 00:05:38 -0300
Subject: Set the error code when user authentication fail

Signed-off-by: Luciano Lima <lucianomlima@ymail.com>
---
 engine/lib/web_services.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'engine/lib/web_services.php')

diff --git a/engine/lib/web_services.php b/engine/lib/web_services.php
index 1a15ecc15..b6289184a 100644
--- a/engine/lib/web_services.php
+++ b/engine/lib/web_services.php
@@ -178,7 +178,7 @@ function authenticate_method($method) {
 	// check if user authentication is required
 	if ($API_METHODS[$method]["require_user_auth"] == true) {
 		if ($user_auth_result == false) {
-			throw new APIException($user_pam->getFailureMessage());
+			throw new APIException($user_pam->getFailureMessage(), ErrorResult::$RESULT_FAIL_AUTHTOKEN);
 		}
 	}
 
-- 
cgit v1.2.3


From 6494ba26f0f77bbb9bdfb8e4c0d2fd0af862225a Mon Sep 17 00:00:00 2001
From: Cash Costello <cash.costello@gmail.com>
Date: Sun, 10 Mar 2013 12:19:05 -0400
Subject: fallback to json in web services

---
 CHANGES.txt                 | 5 +++--
 engine/lib/web_services.php | 6 +++---
 2 files changed, 6 insertions(+), 5 deletions(-)

(limited to 'engine/lib/web_services.php')

diff --git a/CHANGES.txt b/CHANGES.txt
index fd9d0eef6..130d0652d 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,6 +1,7 @@
 Version 1.8.14
-(X xx, 2013 from https://github.com/Elgg/Elgg/tree/1.8)
+(March xx, 2013 from https://github.com/Elgg/Elgg/tree/1.8)
   Contributing Developers:
+   * Cash Costello
    * Luciano Lima
    * Paweł Sroka
 
@@ -8,7 +9,7 @@ Version 1.8.14
    *
 
   Enhancements:
-   * Web services fall back to xml if the viewtype is invalid
+   * Web services fall back to json if the viewtype is invalid
 
 
 Version 1.8.13
diff --git a/engine/lib/web_services.php b/engine/lib/web_services.php
index b6289184a..b440e3afb 100644
--- a/engine/lib/web_services.php
+++ b/engine/lib/web_services.php
@@ -1267,14 +1267,14 @@ function service_handler($handler, $request) {
 	$request = explode('/', $request);
 
 	// after the handler, the first identifier is response format
-	// ex) http://example.org/services/api/rest/xml/?method=test
+	// ex) http://example.org/services/api/rest/json/?method=test
 	$response_format = array_shift($request);
 	// Which view - xml, json, ...
 	if ($response_format && elgg_is_valid_view_type($response_format)) {
 		elgg_set_viewtype($response_format);
 	} else {
-		// default to xml
-		elgg_set_viewtype("xml");
+		// default to json
+		elgg_set_viewtype("json");
 	}
 
 	if (!isset($CONFIG->servicehandler) || empty($handler)) {
-- 
cgit v1.2.3


From ceb9829595b62330ec0d6903287c498e6d6ee37c Mon Sep 17 00:00:00 2001
From: Jerome Bakker <jeabakker@coldtrick.com>
Date: Mon, 30 Sep 2013 10:34:22 +0200
Subject: fixes #6100 auth_gettoken now works with email address

---
 engine/lib/web_services.php | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

(limited to 'engine/lib/web_services.php')

diff --git a/engine/lib/web_services.php b/engine/lib/web_services.php
index b440e3afb..51cad6f39 100644
--- a/engine/lib/web_services.php
+++ b/engine/lib/web_services.php
@@ -1166,6 +1166,17 @@ function list_all_apis() {
  * @access private
  */
 function auth_gettoken($username, $password) {
+	// check if username is an email address
+	if (is_email_address($username)) {
+		$users = get_user_by_email($username);
+			
+		// check if we have a unique user
+		if (is_array($users) && (count($users) == 1)) {
+			$username = $users[0]->username;
+		}
+	}
+	
+	// validate username and password
 	if (true === elgg_authenticate($username, $password)) {
 		$token = create_user_token($username);
 		if ($token) {
@@ -1195,7 +1206,7 @@ $ERRORS = array();
  *
  * @return void
  * @access private
- * 
+ *
  * @throws Exception
  */
 function _php_api_error_handler($errno, $errmsg, $filename, $linenum, $vars) {
-- 
cgit v1.2.3