From 8f19a7382a1c808eb696f8fd62b06196b6c56fa1 Mon Sep 17 00:00:00 2001 From: icewing Date: Wed, 26 Mar 2008 17:11:33 +0000 Subject: Marcus Povey * Basic API testrig git-svn-id: https://code.elgg.org/elgg/trunk@270 36083f99-b078-4883-b0ff-0f9b5a30f544 --- mod/apitest/index.php | 68 +++++++ mod/apitest/start.php | 242 +++++++++++++++++++++++ mod/apitest/views/default/apitest/configform.php | 7 + mod/apitest/views/default/apitest/main.php | 23 +++ 4 files changed, 340 insertions(+) create mode 100644 mod/apitest/index.php create mode 100644 mod/apitest/start.php create mode 100644 mod/apitest/views/default/apitest/configform.php create mode 100644 mod/apitest/views/default/apitest/main.php (limited to 'mod') diff --git a/mod/apitest/index.php b/mod/apitest/index.php new file mode 100644 index 000000000..16a7794df --- /dev/null +++ b/mod/apitest/index.php @@ -0,0 +1,68 @@ +configured == true) + { + $commands = apitest_call( + array ( + 'method' => 'system.api.list' + ) + ); + $commands = $commands->result; + } + + /* See if we are executing a method - This is a quick demo, obviously use functions as they are much easier!*/ + if (isset($_REQUEST['method'])) + { + + $command_details = $commands[$_REQUEST['method']]; + $auth_req = $command_details['require_auth'] == 1 ? true : false; + + $params = array(); + $params['method'] = $_REQUEST['method']; + if ($auth_req) + $params['auth_token'] = $_REQUEST['auth_token']; + + foreach ($command_details['parameters'] as $k => $v) + { + $params[$k] = $_REQUEST[$k]; + } + + $result = apitest_call($params, $_REQUEST['post_data']); + + + if ($result->status == 0) + system_message("
".print_r($result->result, true)."
"); + else + register_error($result->message); + + if (!is_object($result)) echo $LAST_CALL_RAW; + + + + } + + // Draw command form + $list = ""; + foreach ($commands as $command => $details) + $list .= apitest_draw_command_form($command, $details); + + $body = elgg_view("apitest/main", array( + "config" => apitest_draw_config_panel(), + "commandlist" => $list + )); + page_draw("API Commands",$body); +?> \ No newline at end of file diff --git a/mod/apitest/start.php b/mod/apitest/start.php new file mode 100644 index 000000000..f197b3e78 --- /dev/null +++ b/mod/apitest/start.php @@ -0,0 +1,242 @@ +wwwroot . "mod/apitest/",array( + menu_item("The API Tester plugin",$CONFIG->wwwroot."mod/apitest/"), + )); + } + + /** + * Generate our HMAC. + */ + function apitest_calculate_hmac($algo, $time, $api_key, $secret_key, $get_variables, $post_hash = "") + { + $ctx = hash_init($algo, HASH_HMAC, $secret_key); + + hash_update($ctx, trim($time)); + hash_update($ctx, trim($api_key)); + hash_update($ctx, trim($get_variables)); + if (trim($post_hash)!="") hash_update($ctx, trim($post_hash)); + + return hash_final($ctx); + } + + /** + * Generate our POST hash. + */ + function apitest_calculate_posthash($postdata, $algo) + { + $ctx = hash_init($algo); + + hash_update($ctx, $postdata); + + return hash_final($ctx); + } + + /** + * Serialise HTTP headers. + */ + function apitest_serialise_headers(array $headers) + { + $headers_str = ""; + + foreach ($headers as $k => $v) + $headers_str .= trim($k) . ": " . trim($v) . "\r\n"; + + return trim($headers_str); + } + + /** + * Make a raw call. + * @param array $method Method call parameters. + * @param string $postdata Optional POST data. + * @param string $content_type The content type. + * @return stdClass + */ + function apitest_call(array $method, $postdata = "", $content_type = 'application/octet-stream') + { + // Get the config + global $API_CLIENT, $LAST_CALL, $LAST_CALL_RAW, $LAST_ERROR; + + $headers = array(); + $encoded_params = array(); + + $time = microtime(true); // Get the current time in microseconds + $request = ($postdata!="" ? "POST" : "GET"); // Get the request method, either post or get + + // Hard code the format - we're using PHP, so lets use PHP serialisation. + $method['format'] = "php"; + + // URL encode all the parameters + foreach ($method as $k => $v){ + if (is_array($v)) + { + foreach ($v as $v2) + { + $encoded_params[] = urlencode($k).'[]='.urlencode($v2); + } + } + else + $encoded_params[] = urlencode($k).'='.urlencode($v); + } + + $params = implode('&', $encoded_params); + + // Put together the query string + $url = $API_CLIENT->api_endpoint."?". $params; + + // Construct headers + $posthash = ""; + if ($request=='POST') + { + $posthash = apitest_calculate_posthash($postdata, $API_CLIENT->postdata_hash_algo); + + $headers['X-Elgg-posthash'] = $posthash; + $headers['X-Elgg-posthash-algo'] = $API_CLIENT->postdata_hash_algo; + $headers['Content-type'] = $content_type; + $headers['Content-Length'] = strlen($postdata); + } + + $headers['X-Elgg-apikey'] = $API_CLIENT->api_key; + $headers['X-Elgg-time'] = $time; + $headers['X-Elgg-hmac-algo'] = $API_CLIENT->hmac_algo; + $headers['X-Elgg-hmac'] = apitest_calculate_hmac($API_CLIENT->hmac_algo, + $time, + $API_CLIENT->api_key, + $API_CLIENT->secret, + $params, + $posthash + ); + + // Configure stream options + $opts = array( + 'http'=>array( + 'method'=> $request, + 'header'=> apitest_serialise_headers($headers) + ) + ); + + // If this is a post request then set the content + if ($request=='POST') + $opts['http']['content'] = $postdata; + + // Set stream options + $context = stream_context_create($opts); + + // Send the query and get the result and decode. + $LAST_CALL_RAW = file_get_contents($url, false, $context); + $LAST_CALL = unserialize($LAST_CALL_RAW); + + if (($LAST_CALL) && ($LAST_CALL->status!=0)) // Check to see if this was an error + $LAST_ERROR = $LAST_CALL; + + return $LAST_CALL; // Return a stdClass containing the API result + } + + function apitest_configure($apikey, $secret, $endpoint = "") + { + global $CONFIG; + global $API_CLIENT; + + $apikey = sanitise_string($apikey); + $secret = sanitise_string($secret); + $endpoint = sanitise_string($endpoint); + + if ($endpoint=="") + $endpoint = $CONFIG->wwwroot . "endpoints/rest.php"; + + $API_CLIENT->api_key = $apikey; + $API_CLIENT->secret = $secret; + $API_CLIENT->api_endpoint = $endpoint; + $API_CLIENT->hmac_algo = 'sha1'; + $API_CLIENT->postdata_hash_algo = 'md5'; + $API_CLIENT->configured = true; + } + + function apitest_draw_command_form($command, $details) + { + global $API_CLIENT; + + $params = array(); + + // If authentication is required then ensure this is prompted for + if ($details->require_auth == true) + $params['auth_token'] = $_REQUEST['auth_token']; + + + // Compile a list of parameters + foreach ($details['parameters'] as $k => $v) + { + $params[$k] = $_REQUEST[$k]; + } + + // Construct list of variables + $variables = ""; + foreach ($params as $k => $v) + { + $variables .= $k; + $variables .= ""; + + if (isset($details['parameters'][$k]['required']) && ($details['parameters'][$k]['required']!=0)) + $variables .= " (optional)"; + + $variables .= ", "; + } + + // Do we need to provide post data? + $postdata = ""; + if ($details->call_method == 'POST') + $postdata = "add post data..."; + + $body = <<< END +
+

+ +

+

+

+ + + $command (desc): + + $variables + + $postdata + + + + + +

+
+END; + + return $body; + } + + + function apitest_draw_config_panel() + { + global $API_CLIENT; + + return elgg_view("apitest/configform", array( + "apikey" => $API_CLIENT->api_key, + "secret" => $API_CLIENT->secret, + "endpoint" => $API_CLIENT->api_endpoint + )); + } + + // Make sure test_init is called on initialisation + register_event_handler('init','system','apitest_init'); +?> \ No newline at end of file diff --git a/mod/apitest/views/default/apitest/configform.php b/mod/apitest/views/default/apitest/configform.php new file mode 100644 index 000000000..c637ae7b6 --- /dev/null +++ b/mod/apitest/views/default/apitest/configform.php @@ -0,0 +1,7 @@ +
+ +

API Key:

+

Secret Key:

+

Endpoint:

+ +
\ No newline at end of file diff --git a/mod/apitest/views/default/apitest/main.php b/mod/apitest/views/default/apitest/main.php new file mode 100644 index 000000000..dfdbd482b --- /dev/null +++ b/mod/apitest/views/default/apitest/main.php @@ -0,0 +1,23 @@ + + +
+ +
+ +
+ +
+ +
\ No newline at end of file -- cgit v1.2.3