jonny/jonnybarnes.uk
1
0
Fork 0
Code Issues 8 Pull requests Projects Releases 5 Packages Wiki Activity Actions

Micropub Update and “Swarm” Support

Browse source 
Much better micropub client/endpoint and the ability
to support ownyourswarm.

Squashed commit of the following:

commit b5be117b852b7a598da72325a4eaf831526c700a
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Thu May 18 15:02:00 2017 +0100

    Add a token endpoint test

commit 71b7ff68d088180770ca8c2fb43e33bf4b385a96
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Thu May 18 13:49:00 2017 +0100

    Fix phpcs issue

commit 54d96d32f280127061254e7bc6dfe196e2e35a39
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Thu May 18 13:47:08 2017 +0100

    Move token code into its own controller

commit 3ed2b4d36d57a9b3bf2a532eb262ec71fc9aa046
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Thu May 18 13:01:09 2017 +0100

    Improve/fix code for issuing a token

commit 8c411a1df1d59f12dd1c1a4ac884f53dbd1b9351
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Thu May 18 12:59:33 2017 +0100

    Remove sprurious comment

commit 1b8a3b6502a2b982f737fb4b58602995451e38b9
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Mon May 15 11:57:03 2017 +0100

    Wrap helper functions in check for existence

commit 75c706b5a6c1fca7bf45038409689416a3b5ba4d
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Mon May 15 11:40:17 2017 +0100

    Fix a test error, array_key_exists must be run on an array

commit 685e96501b8dc906c6945fca39721fb79fa34a8b
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Mon May 15 11:11:51 2017 +0100

    Remove errant dd()

commit 02536ebaa6daec2a78bc79c44392ac5a82c3200e
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Sun May 14 21:37:17 2017 +0100

    Test a typical ownyourswarm request

commit 31d959e35ccec9dac5986f93732d928c08e246c8
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Sun May 14 21:36:37 2017 +0100

    Better tagging of notes

commit e3d4ff8b050ba41febed4d3ab0d30898f0056b33
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Sun May 14 21:35:35 2017 +0100

    When a note has a “checkin” try and create the place if it doesn’t already exist

commit 4fc0dd0121ca09915a13f3c21c97611db1d744a6
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Fri May 12 12:26:25 2017 +0100

    better handling of exceptions, `return` the exctacted response method

commit 2e3ca3297d2f494eb88af732519bd7ea8bcc3611
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Fri May 12 11:22:52 2017 +0100

    compser update and minor style tweak

commit b883d03cc349798230986a5cb50e23e370ce5a09
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Thu May 11 19:03:52 2017 +0100

    Improve artisan tinker; see https://blog.tighten.co/supercharge-your-laravel-tinker-workflow

commit 8de63172fc7d367870624ff25d1ada92af2d61a7
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Thu May 11 17:28:16 2017 +0100

    Tweak code, make it slightly more readable by catching custom exception, and moving a repeated response into its own function

commit 8ff0a1196d254d8788477d26b548f2ecff0a7986
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Thu May 11 17:21:39 2017 +0100

    Add a custom exception to catch

commit 3a568da65ef22b1b676ea8378cd51ce88750b6af
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Thu May 11 17:21:11 2017 +0100

    composer update && yarn upgrade

commit b70242e616827eab6a2132f3e691ec91be689fb5
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Wed May 10 20:00:03 2017 +0100

    modify some returns for style purposes

commit b65170ba1515cbb07beb66fcb3358d69d86cf3a2
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Wed May 10 19:39:46 2017 +0100

    composer update

commit cb6198db03a8e8c5c365e88d565401dd6420be13
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Wed May 10 17:07:33 2017 +0100

    composer update

commit 91cdd9e17ba192b833da76e0243829cd037170f3
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Fri Apr 28 21:41:12 2017 +0100

    verify input array contains necessary data

commit 6b230278bfcf2707b7ea1af8e15acd0d7cd27623
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Fri Apr 28 21:40:30 2017 +0100

    pass the right input content to the data array

commit 96f30d25810751328f75964e81899496add7292e
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Fri Apr 28 21:19:28 2017 +0100

    Add support for the published property

commit 8168a14969711ff5f84d29eca73036980f9b5a6b
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Fri Apr 28 18:48:23 2017 +0100

    Fix some bugs in the `normalize_url()` function and add some tests for the helpers functions

commit 34adcebefa7cafec8d26d438b0046120751780be
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Fri Apr 28 15:12:08 2017 +0100

    Fix PSR-2 issues, exluding group use declarations

commit 4b6651c318d534db1fcb83e1b66562c6dd560165
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Fri Apr 28 12:36:54 2017 +0100

    composer update

commit a0788ffb6bd4d24245986bf83fe349b8e39786cd
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Wed Apr 26 12:44:06 2017 +0100

    Make the retreived a Note a model instance instead of collection, update the content of JSON resposes for updating a note

commit f444cfd570a8316a8bb961b901ca2beb3ba74cd2
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Wed Apr 26 12:43:23 2017 +0100

    Add tests for updating a post

commit ada7e513263b1b0519600538a8a2cb757c74d520
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Wed Apr 26 12:42:50 2017 +0100

    Add swarm_url column

commit f4e1dba1b315b3d923049f9f5c7a47a730267cb7
Merge: 7208ec5 400857a
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Tue Apr 25 15:33:28 2017 +0100

    Merge pull request #50 from jonnybarnes/analysis-XNDLxp

    Apply fixes from StyleCI

commit 400857af57f873bf63b452fdf65ed2632eef9311
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Tue Apr 25 14:33:06 2017 +0000

    Apply fixes from StyleCI

commit 7208ec53ff51f0c5d002c222c465767c46c275b2
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Tue Apr 25 15:30:02 2017 +0100

    Correct some tests, for example the error returned for the specific mistake in `getInvalidToken()` has changed

commit 60550667156d7306cf750768b89fa329742c3927
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Tue Apr 25 15:29:06 2017 +0100

    Fix some typos

commit 0324cb010e77606e0f99e8bb68376b79995abffc
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Tue Apr 25 15:20:27 2017 +0100

    Allow notes to be updated by a micropub client endpoint

commit b3b3170b359548d21ddae9a9572c182d2a7d51be
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Tue Apr 25 15:18:48 2017 +0100

    When a note with a photo is being created, adjust for if URL is on my own endpoint, or somehwere else

commit a2437879b000728a2e7d2b91fa642f7cdfd1e698
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Tue Apr 25 15:17:25 2017 +0100

    Modify method that returns URL to check if path is already a fully qualified URL

commit 64eb53e0f87cb5ee55013de5ed8e2487eee36f0c
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date:   Tue Apr 25 15:16:12 2017 +0100

    Add a method to find notes based on NewBase60 id
This commit is contained in:
Jonny Barnes 2017-05-18 15:15:53 +01:00
parent f9a133e727
commit 05d42467cf
25 changed files with 1283 additions and 698 deletions
Download patch file Download diff file Expand all files Collapse all files

13
app/Exceptions/InvalidTokenException.php Normal file
View file

@ -0,0 +1,13 @@
<?php
namespace App\Exceptions;
use Exception;
class InvalidTokenException extends Exception
{
public function __construct($message, $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}

85
app/Http/Controllers/IndieAuthController.php
View file

@ -5,7 +5,6 @@ namespace App\Http\Controllers;
use App\IndieWebUser;
use IndieAuth\Client;
use Illuminate\Http\Request;
use App\Services\TokenService;
class IndieAuthController extends Controller
{
@ -15,23 +14,14 @@ class IndieAuthController extends Controller
protected $client;
/**
* The Token handling service.
*/
protected $tokenService;
/**
* Inject the dependencies.
* Inject the dependency.
*
* @param \IndieAuth\Client $client
* @param \App\Services\TokenService $tokenService
* @return void
*/
public function __construct(
Client $client = null,
TokenService $tokenService = null
) {
public function __construct(Client $client = null)
{
$this->client = $client ?? new Client();
$this->tokenService = $tokenService ?? new TokenService();
}
/**
@ -90,37 +80,6 @@ class IndieAuthController extends Controller
return redirect(route('micropub-client'));
}
/*
$tokenEndpoint = $this->indieAuthService->getTokenEndpoint($request->input('me'));
if ($tokenEndpoint === false) {
return redirect(route('micropub-client'))->with(
'error',
'Unable to determine token endpoint'
);
}
$data = [
'endpoint' => $tokenEndpoint,
'code' => $request->input('code'),
'me' => $request->input('me'),
'redirect_url' => route('indieauth-callback'),
'client_id' => route('micropub-client'),
'state' => $request->input('state'),
];
$token = $this->indieAuthService->getAccessToken($data);
if (array_key_exists('access_token', $token)) {
$request->session()->put('me', $token['me']);
$request->session()->put('token', $token['access_token']);
return redirect(route('micropub-client'));
}
return redirect(route('micropub-client'))->with(
'error',
'Unable to get a token from the endpoint'
);
*/
/**
* Log out the user, flush the session data.
*
@ -132,42 +91,4 @@ class IndieAuthController extends Controller
return redirect(route('micropub-client'));
}
/**
* If the user has authd via IndieAuth, issue a valid token.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function tokenEndpoint(Request $request)
{
$authData = [
'code' => $request->input('code'),
'me' => $request->input('me'),
'redirect_url' => $request->input('redirect_uri'),
'client_id' => $request->input('client_id'),
'state' => $request->input('state'),
];
$auth = $this->indieAuthService->verifyIndieAuthCode($authData);
if (array_key_exists('me', $auth)) {
$scope = $auth['scope'] ?? '';
$tokenData = [
'me' => $request->input('me'),
'client_id' => $request->input('client_id'),
'scope' => $auth['scope'],
];
$token = $this->tokenService->getNewToken($tokenData);
$content = http_build_query([
'me' => $request->input('me'),
'scope' => $scope,
'access_token' => $token,
]);
return response($content)
->header('Content-Type', 'application/x-www-form-urlencoded');
}
$content = 'There was an error verifying the authorisation code.';
return response($content, 400);
}
}

374
app/Http/Controllers/MicropubController.php
View file

@ -3,8 +3,9 @@
namespace App\Http\Controllers;
use Ramsey\Uuid\Uuid;
use App\{Media, Place};
use App\{Media, Note, Place};
use Illuminate\Http\{Request, Response};
use App\Exceptions\InvalidTokenException;
use Ramsey\Uuid\Exception\UnsatisfiedDependencyException;
use App\Services\{NoteService, PlaceService, TokenService};
@ -49,7 +50,7 @@ class MicropubController extends Controller
{
try {
$tokenData = $this->tokenService->validateToken($request->bearerToken());
} catch (\Exception $e) {
} catch (InvalidTokenException $e) {
return response()->json([
'response' => 'error',
'error' => 'invalid_token',
@ -57,106 +58,203 @@ class MicropubController extends Controller
], 400);
}
if ($tokenData->hasClaim('scope')) {
$scopes = explode(' ', $tokenData->getClaim('scope'));
if (array_search('create', $scopes) !== false) {
$clientId = $tokenData->getClaim('client_id');
if (($request->input('h') == 'entry') || ($request->input('type')[0] == 'h-entry')) {
$data = [];
$data['client-id'] = $clientId;
if ($request->header('Content-Type') == 'application/json') {
$data['content'] = $request->input('properties.content')[0];
$data['in-reply-to'] = $request->input('properties.in-reply-to')[0];
$data['location'] = $request->input('properties.location');
//flatten location if array
if (is_array($data['location'])) {
$data['location'] = $data['location'][0];
}
} else {
$data['content'] = $request->input('content');
$data['in-reply-to'] = $request->input('in-reply-to');
$data['location'] = $request->input('location');
}
$data['syndicate'] = [];
$targets = array_pluck(config('syndication.targets'), 'uid', 'service.name');
if (is_string($request->input('mp-syndicate-to'))) {
$service = array_search($request->input('mp-syndicate-to'));
if ($service == 'Twitter') {
$data['syndicate'][] = 'twitter';
}
if ($service == 'Facebook') {
$data['syndicate'][] = 'facebook';
}
}
if (is_array($request->input('mp-syndicate-to'))) {
foreach ($targets as $service => $target) {
if (in_array($target, $request->input('mp-syndicate-to'))) {
if ($service == 'Twitter') {
$data['syndicate'][] = 'twitter';
}
if ($service == 'Facebook') {
$data['syndicate'][] = 'facebook';
}
}
}
}
$data['photo'] = [];
if (is_array($request->input('photo'))) {
foreach ($request->input('photo') as $photo) {
if (is_string($photo)) {
//only supporting media URLs for now
$data['photo'][] = $photo;
}
}
}
try {
$note = $this->noteService->createNote($data);
} catch (Exception $exception) {
return response()->json(['error' => true], 400);
}
return response()->json([
'response' => 'created',
'location' => $note->longurl,
], 201)->header('Location', $note->longurl);
if (($request->input('h') == 'entry') || ($request->input('type')[0] == 'h-entry')) {
if (stristr($tokenData->getClaim('scope'), 'create') === false) {
return $this->returnInsufficientScopeResponse();
}
if ($request->input('h') == 'card' || $request->input('type')[0] == 'h-card') {
$data = [];
if ($request->header('Content-Type') == 'application/json') {
$data['name'] = $request->input('properties.name');
$data['description'] = $request->input('properties.description') ?? null;
if ($request->has('properties.geo')) {
$data['geo'] = $request->input('properties.geo');
}
} else {
$data['name'] = $request->input('name');
$data['description'] = $request->input('description');
if ($request->has('geo')) {
$data['geo'] = $request->input('geo');
}
if ($request->has('latitude')) {
$data['latitude'] = $request->input('latitude');
$data['longitude'] = $request->input('longitude');
$data = [];
$data['client-id'] = $tokenData->getClaim('client_id');
if ($request->header('Content-Type') == 'application/json') {
if (is_string($request->input('properties.content')[0])) {
$data['content'] = $request->input('properties.content')[0]; //plaintext content
}
if (is_array($request->input('properties.content')[0])
&& array_key_exists('html', $request->input('properties.content')[0])
) {
$data['content'] = $request->input('properties.content')[0]['html'];
}
$data['in-reply-to'] = $request->input('properties.in-reply-to')[0];
$data['location'] = $request->input('properties.location');
//flatten location if array
if (is_array($data['location'])) {
$data['location'] = $data['location'][0];
}
$data['published'] = $request->input('properties.published')[0];
//create checkin place
if (array_key_exists('checkin', $request->input('properties'))) {
$data['checkin'] = $request->input('properties.checkin.0.properties.url.0');
try {
$this->placeService->createPlaceFromCheckin($request->input('properties.checkin.0'));
} catch (\Exception $e) {
$data['checkin'] = null;
}
}
try {
$place = $this->placeService->createPlace($data);
} catch (Exception $exception) {
return response()->json(['error' => true], 400);
} else {
$data['content'] = $request->input('content');
$data['in-reply-to'] = $request->input('in-reply-to');
$data['location'] = $request->input('location');
$data['published'] = $request->input('published');
}
$data['syndicate'] = [];
$targets = array_pluck(config('syndication.targets'), 'uid', 'service.name');
if (is_string($request->input('mp-syndicate-to'))) {
$service = array_search($request->input('mp-syndicate-to'));
if ($service == 'Twitter') {
$data['syndicate'][] = 'twitter';
}
if ($service == 'Facebook') {
$data['syndicate'][] = 'facebook';
}
}
if (is_array($request->input('mp-syndicate-to'))) {
foreach ($targets as $service => $target) {
if (in_array($target, $request->input('mp-syndicate-to'))) {
if ($service == 'Twitter') {
$data['syndicate'][] = 'twitter';
}
if ($service == 'Facebook') {
$data['syndicate'][] = 'facebook';
}
}
}
}
$data['photo'] = [];
if (is_array($request->input('photo'))) {
foreach ($request->input('photo') as $photo) {
if (is_string($photo)) {
//only supporting media URLs for now
$data['photo'][] = $photo;
}
}
}
try {
$note = $this->noteService->createNote($data);
} catch (\Exception $exception) {
return response()->json(['error' => true], 400);
}
return response()->json([
'response' => 'created',
'location' => $place->longurl,
], 201)->header('Location', $place->longurl);
return response()->json([
'response' => 'created',
'location' => $note->longurl,
], 201)->header('Location', $note->longurl);
}
if ($request->input('h') == 'card' || $request->input('type')[0] == 'h-card') {
if (stristr($tokenData->getClaim('scope'), 'create') === false) {
return $this->returnInsufficientScopeResponse();
}
$data = [];
if ($request->header('Content-Type') == 'application/json') {
$data['name'] = $request->input('properties.name');
$data['description'] = $request->input('properties.description') ?? null;
if ($request->has('properties.geo')) {
$data['geo'] = $request->input('properties.geo');
}
} else {
$data['name'] = $request->input('name');
$data['description'] = $request->input('description');
if ($request->has('geo')) {
$data['geo'] = $request->input('geo');
}
if ($request->has('latitude')) {
$data['latitude'] = $request->input('latitude');
$data['longitude'] = $request->input('longitude');
}
}
try {
$place = $this->placeService->createPlace($data);
} catch (\Exception $exception) {
return response()->json(['error' => true], 400);
}
return response()->json([
'response' => 'created',
'location' => $place->longurl,
], 201)->header('Location', $place->longurl);
}
if ($request->input('action') == 'update') {
if (stristr($tokenData->getClaim('scope'), 'update') === false) {
return $this->returnInsufficientScopeResponse();
}
$urlPath = parse_url($request->input('url'), PHP_URL_PATH);
//is it a note we are updating?
if (mb_substr($urlPath, 1, 5) === 'notes') {
try {
$note = Note::nb60(basename($urlPath))->first();
} catch (\Exception $exception) {
return response()->json([
'error' => 'invalid_request',
'error_description' => 'No known note with given ID',
]);
}
//got the note, are we dealing with a “replace” request?
if ($request->has('replace')) {
foreach ($request->input('replace') as $property => $value) {
if ($property == 'content') {
$note->note = $value[0];
}
if ($property == 'syndication') {
foreach ($value as $syndicationURL) {
if (starts_with($syndicationURL, 'https://www.facebook.com')) {
$note->facebook_url = $syndicationURL;
}
if (starts_with($syndicationURL, 'https://www.swarmapp.com')) {
$note->swarm_url = $syndicationURL;
}
if (starts_with($syndicationURL, 'https://twitter.com')) {
$note->tweet_id = basename(parse_url($syndicationURL, PHP_URL_PATH));
}
}
}
}
$note->save();
return response()->json([
'response' => 'updated',
]);
}
//how about “add”
if ($request->has('add')) {
foreach ($request->input('add') as $property => $value) {
if ($property == 'syndication') {
foreach ($value as $syndicationURL) {
if (starts_with($syndicationURL, 'https://www.facebook.com')) {
$note->facebook_url = $syndicationURL;
}
if (starts_with($syndicationURL, 'https://www.swarmapp.com')) {
$note->swarm_url = $syndicationURL;
}
if (starts_with($syndicationURL, 'https://twitter.com')) {
$note->tweet_id = basename(parse_url($syndicationURL, PHP_URL_PATH));
}
}
}
if ($property == 'photo') {
foreach ($value as $photoURL) {
if (start_with($photo, 'https://')) {
$media = new Media();
$media->path = $photoURL;
$media->type = 'image';
$media->save();
$note->media()->save($media);
}
}
}
}
$note->save();
return response()->json([
'response' => 'updated',
]);
}
}
}
}
return response()->json([
'response' => 'error',
'error' => 'invalid_token',
'error_description' => 'The token provided is not valid or does not have the necessary scope',
], 400);
'error' => 'forbidden',
'error_description' => 'The token has no scopes',
], 403);
}
/**
@ -172,7 +270,7 @@ class MicropubController extends Controller
{
try {
$tokenData = $this->tokenService->validateToken($request->bearerToken());
} catch (\Exception $e) {
} catch (InvalidTokenException $e) {
return response()->json([
'response' => 'error',
'error' => 'invalid_token',
@ -232,8 +330,9 @@ class MicropubController extends Controller
*/
public function media(Request $request)
{
$tokenData = $this->tokenService->validateToken($request->bearerToken());
if ($tokenData === null) {
try {
$tokenData = $this->tokenService->validateToken($request->bearerToken());
} catch (InvalidTokenException $e) {
return response()->json([
'response' => 'error',
'error' => 'invalid_token',
@ -243,54 +342,54 @@ class MicropubController extends Controller
//check post scope
if ($tokenData->hasClaim('scope')) {
$scopes = explode(' ', $tokenData->getClaim('scope'));
if (array_search('post', $scopes) !== false) {
//check media valid
if ($request->hasFile('file') && $request->file('file')->isValid()) {
$type = $this->getFileTypeFromMimeType($request->file('file')->getMimeType());
try {
$filename = Uuid::uuid4() . '.' . $request->file('file')->extension();
} catch (UnsatisfiedDependencyException $e) {
return response()->json([
'response' => 'error',
'error' => 'internal_server_error',
'error_description' => 'A problem occured handling your request',
], 500);
}
try {
$path = $request->file('file')->storeAs('media', $filename, 's3');
} catch (Exception $e) { // which exception?
return response()->json([
'response' => 'error',
'error' => 'service_unavailable',
'error_description' => 'Unable to save media to S3',
], 503);
}
$media = new Media();
$media->token = $request->bearerToken();
$media->path = $path;
$media->type = $type;
$media->save();
if (stristr($token->getClaim('scope'), 'post') === false) {
return $this->returnInsufficientScopeResponse();
}
//check media valid
if ($request->hasFile('file') && $request->file('file')->isValid()) {
$type = $this->getFileTypeFromMimeType($request->file('file')->getMimeType());
try {
$filename = Uuid::uuid4() . '.' . $request->file('file')->extension();
} catch (UnsatisfiedDependencyException $e) {
return response()->json([
'response' => 'created',
'location' => $media->url,
], 201)->header('Location', $media->url);
'response' => 'error',
'error' => 'internal_server_error',
'error_description' => 'A problem occured handling your request',
], 500);
}
try {
$path = $request->file('file')->storeAs('media', $filename, 's3');
} catch (Exception $e) { // which exception?
return response()->json([
'response' => 'error',
'error' => 'service_unavailable',
'error_description' => 'Unable to save media to S3',
], 503);
}
$media = new Media();
$media->token = $request->bearerToken();
$media->path = $path;
$media->type = $type;
$media->save();
return response()->json([
'response' => 'error',
'error' => 'invalid_request',
'error_description' => 'The uploaded file failed validation',
], 400);
'response' => 'created',
'location' => $media->url,
], 201)->header('Location', $media->url);
}
return response()->json([
'response' => 'error',
'error' => 'invalid_request',
'error_description' => 'The uploaded file failed validation',
], 400);
}
return response()->json([
'response' => 'error',
'error' => 'insufficient_scope',
'error_description' => 'The provided token has insufficient scopes',
], 401);
'error' => 'invalid_request',
'error_description' => 'The provided token has no scopes',
], 400);
}
/**
@ -336,4 +435,13 @@ class MicropubController extends Controller
return 'download';
}
private function returnInsufficientScopeResponse()
{
return response()->json([
'response' => 'error',
'error' => 'insufficient_scope',
'error_description' => 'The tokens scope does not have the necessary requirements.',
], 401);
}
}

79
app/Http/Controllers/TokenEndpointController.php Normal file
View file

@ -0,0 +1,79 @@
<?php
namespace App\Http\Controllers;
use IndieAuth\Client;
use Illuminate\Http\Request;
use App\Services\TokenService;
class TokenEndpointController extends Controller
{
/**
* The IndieAuth Client.
*/
protected $client;
/**
* The Token handling service.
*/
protected $tokenService;
/**
* Inject the dependencies.
*
* @param \IndieAuth\Client $client
* @param \App\Services\TokenService $tokenService
* @return void
*/
public function __construct(
Client $client = null,
TokenService $tokenService = null
) {
$this->client = $client ?? new Client();
$this->tokenService = $tokenService ?? new TokenService();
}
/**
* If the user has authd via the IndieAuth protocol, issue a valid token.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function create(Request $request)
{
$authorizationEndpoint = $this->client->discoverAuthorizationEndpoint(normalize_url($request->input('me')));
if ($authorizationEndpoint) {
$auth = $this->client->verifyIndieAuthCode(
$authorizationEndpoint,
$request->input('code'),
$request->input('me'),
$request->input('redirect_uri'),
$request->input('client_id'),
$request->input('state')
);
if (array_key_exists('me', $auth)) {
$scope = $auth['scope'] ?? '';
$tokenData = [
'me' => $request->input('me'),
'client_id' => $request->input('client_id'),
'scope' => $scope,
];
$token = $this->tokenService->getNewToken($tokenData);
$content = http_build_query([
'me' => $request->input('me'),
'scope' => $scope,
'access_token' => $token,
]);
return response($content)->header(
'Content-Type',
'application/x-www-form-urlencoded'
);
}
return response('There was an error verifying the authorisation code.', 400);
}
return response('Cant determine the authorisation endpoint.', 400);
}
}

4
app/Media.php
View file

@ -28,6 +28,10 @@ class Media extends Model
*/
public function getUrlAttribute()
{
if (starts_with($this->path, 'https://')) {
return $this->path;
}
return config('filesystems.disks.s3.url') . '/' . $this->path;
}
}

14
app/Note.php
View file

@ -191,6 +191,20 @@ class Note extends Model
return $name;
}
/**
* Scope a query to select a note via a NewBase60 id.
*
* @param \Illuminate\Database\Eloquent\Builder $query
* @param string $nb60id
* @return \Illuminate\Database\Eloquent\Builder
*/
public function scopeNb60($query, $nb60id)
{
$numbers = new Numbers();
return $query->where('id', $numbers->b60tonum($nb60id));
}
/**
* Take note that this method does two things, given @username (NOT [@username](URL)!)
* we try to create a fancy hcard from our contact info. If this is not possible

2
app/Providers/AppServiceProvider.php
View file

@ -33,7 +33,7 @@ class AppServiceProvider extends ServiceProvider
//Add tags for notes
Note::created(function ($note) {
$tagsToAdd = [];
preg_match_all('/#([^\s<>]+)\b/', $note, $tags);
preg_match_all('/#([^\s<>]+)\b/', $note->note, $tags);
foreach ($tags[1] as $tag) {
$tag = Tag::normalizeTag($tag);
}

31
app/Services/NoteService.php
View file

@ -17,6 +17,16 @@ class NoteService
*/
public function createNote(array $data): Note
{
//check the input
if (array_key_exists('content', $data) === false) {
throw new \Exception('No content defined'); //we cant fudge the data
}
if (array_key_exists('in-reply-to', $data) === false) {
$data['in-reply-to'] = null;
}
if (array_key_exists('client-id', $data) === false) {
$data['client-id'] = null;
}
$note = Note::create(
[
'note' => $data['content'],
@ -25,6 +35,11 @@ class NoteService
]
);
if (array_key_exists('published', $data) && empty($data['published']) === false) {
$carbon = new \Carbon\Carbon($data['published']);
$note->created_at = $note->updated_at = $carbon->toDateTimeString();
}
if (array_key_exists('location', $data) && $data['location'] !== null && $data['location'] !== 'no-location') {
if (starts_with($data['location'], config('app.url'))) {
//uri of form http://host/places/slug, we want slug
@ -44,6 +59,13 @@ class NoteService
}
}
if (array_key_exists('checkin', $data) && $data['checkin'] !== null) {
$place = Place::where('foursquare', $data['checkin'])->first();
if ($place !== null) {
$note->place()->associate($place);
}
}
/* drop image support for now
//add images to media library
if ($request->hasFile('photo')) {
@ -55,12 +77,17 @@ class NoteService
*/
//add support for media uploaded as URLs
foreach ($data['photo'] as $photo) {
// check the media was uploaded to my endpoint
// check the media was uploaded to my endpoint, and use path
if (starts_with($photo, config('filesystems.disks.s3.url'))) {
$path = substr($photo, strlen(config('filesystems.disks.s3.url')));
$media = Media::where('path', ltrim($path, '/'))->firstOrFail();
$note->media()->save($media);
} else {
$media = Media::firstOrNew(['path' => $photo]);
// currently assuming this is a photo from Swarm
$media->type = 'image';
$media->save();
}
$note->media()->save($media);
}
$note->save();

35
app/Services/PlaceService.php
View file

@ -36,4 +36,39 @@ class PlaceService
return $place;
}
/**
* Create a place from a h-card checkin, for exameple from OwnYourSwarm.
*
* @param array
* @return bool
*/
public function createPlaceFromCheckin(array $checkin): bool
{
//check if the place exists if from swarm
if (array_key_exists('url', $checkin['properties'])) {
$search = Place::where('foursquare', $checkin['properties']['url'][0])->count();
if ($search === 1) {
return true;
}
}
if (array_key_exists('name', $checkin['properties']) === false) {
throw new \InvalidArgumentException('Missing required name');
}
if (array_key_exists('latitude', $checkin['properties']) === false) {
throw new \InvalidArgumentException('Missing required longitude/latitude');
}
$place = new Place();
$place->name = $checkin['properties']['name'][0];
if (starts_with($checkin['properties']['url'][0], 'https://foursquare.com')) {
$place->foursquare = $checkin['properties']['url'][0];
}
$place->location = new Point(
(float) $checkin['properties']['latitude'][0],
(float) $checkin['properties']['longitude'][0]
);
$place->save();
return true;
}
}

13
app/Services/TokenService.php
View file

@ -4,10 +4,9 @@ declare(strict_types=1);
namespace App\Services;
use Lcobucci\JWT\Token;
use Lcobucci\JWT\Parser;
use Lcobucci\JWT\Builder;
use Lcobucci\JWT\Signer\Hmac\Sha256;
use App\Exceptions\InvalidTokenException;
use Lcobucci\JWT\{Builder, Parser, Token};
class TokenService
{
@ -40,9 +39,13 @@ class TokenService
public function validateToken(string $bearerToken): ?Token
{
$signer = new Sha256();
$token = (new Parser())->parse((string) $bearerToken);
try {
$token = (new Parser())->parse((string) $bearerToken);
} catch (\InvalidArgumentException $e) {
throw new InvalidTokenException('Token could not be parsed');
}
if (! $token->verify($signer, config('app.key'))) {
throw new \Exception('Token not verified');
throw new InvalidTokenException('Token failed verification');
}
return $token;

191
app/helpers.php
View file

@ -1,191 +0,0 @@
<?php
declare(strict_types=1);
/*
helpers.php
*/
// sourced from https://github.com/flattr/normalize-url/blob/master/normalize_url.php
function normalize_url(?string $url): ?string
{
if ($url === null) {
return null;
}
$newUrl = '';
$url = parse_url($url);
$defaultSchemes = ['http' => 80, 'https' => 443];
if (isset($url['scheme'])) {
$url['scheme'] = strtolower($url['scheme']);
// Strip scheme default ports
if (
isset($defaultSchemes[$url['scheme']]) &&
isset($url['port']) &&
$defaultSchemes[$url['scheme']] == $url['port']
) {
unset($url['port']);
}
$newUrl .= "{$url['scheme']}://";
}
if (isset($url['host'])) {
$url['host'] = mb_strtolower($url['host']);
$newUrl .= $url['host'];
}
if (isset($url['port'])) {
$newUrl .= ":{$url['port']}";
}
// here we only want to drop a slash for the root domain
// e.g. http://example.com/ -> http://example.com
// but http://example.com/path/ -/-> http://example.com/path
if (isset($url['path']) && $url['path'] == '/') {
unset($url['path']);
}
if (isset($url['path'])) {
// Case normalization
$url['path'] = normalizer_normalize($url['path'], Normalizer::FORM_C);
// Strip duplicate slashes
while (preg_match("/\/\//", $url['path'])) {
$url['path'] = preg_replace('/\/\//', '/', $url['path']);
}
/*
* Decode unreserved characters, http://www.apps.ietf.org/rfc/rfc3986.html#sec-2.3
* Heavily rewritten version of urlDecodeUnreservedChars() in Glen Scott's url-normalizer.
*/
$u = [];
for ($o = 65; $o <= 90; $o++) {
$u[] = dechex($o);
}
for ($o = 97; $o <= 122; $o++) {
$u[] = dechex($o);
}
for ($o = 48; $o <= 57; $o++) {
$u[] = dechex($o);
}
$chrs = ['-', '.', '_', '~'];
foreach ($chrs as $chr) {
$u[] = dechex(ord($chr));
}
$url['path'] = preg_replace_callback(
array_map(
create_function('$str', 'return "/%" . strtoupper($str) . "/x";'),
$u
),
create_function('$matches', 'return chr(hexdec($matches[0]));'),
$url['path']
);
// Remove directory index
$defaultIndexes = ["/default\.aspx/" => 'default.aspx', "/default\.asp/" => 'default.asp',
"/index\.html/" => 'index.html', "/index\.htm/" => 'index.htm',
"/default\.html/" => 'default.html', "/default\.htm/" => 'default.htm',
"/index\.php/" => 'index.php', "/index\.jsp/" => 'index.jsp', ];
foreach ($defaultIndexes as $index => $strip) {
if (preg_match($index, $url['path'])) {
$url['path'] = str_replace($strip, '', $url['path']);
}
}
/**
* Path segment normalization, http://www.apps.ietf.org/rfc/rfc3986.html#sec-5.2.4
* Heavily rewritten version of removeDotSegments() in Glen Scott's url-normalizer.
*/
$new_path = '';
while (! empty($url['path'])) {
if (preg_match('!^(\.\./|\./)!x', $url['path'])) {
$url['path'] = preg_replace('!^(\.\./|\./)!x', '', $url['path']);
} elseif (preg_match('!^(/\./)!x', $url['path'], $matches) || preg_match('!^(/\.)$!x', $url['path'], $matches)) {
$url['path'] = preg_replace('!^' . $matches[1] . '!', '/', $url['path']);
} elseif (preg_match('!^(/\.\./|/\.\.)!x', $url['path'], $matches)) {
$url['path'] = preg_replace('!^' . preg_quote($matches[1], '!') . '!x', '/', $url['path']);
$new_path = preg_replace('!/([^/]+)$!x', '', $new_path);
} elseif (preg_match('!^(\.|\.\.)$!x', $url['path'])) {
$url['path'] = preg_replace('!^(\.|\.\.)$!x', '', $url['path']);
} else {
if (preg_match('!(/*[^/]*)!x', $url['path'], $matches)) {
$first_path_segment = $matches[1];
$url['path'] = preg_replace('/^' . preg_quote($first_path_segment, '/') . '/', '', $url['path'], 1);
$new_path .= $first_path_segment;
}
}
}
$newUrl .= $new_path;
}
if (isset($url['fragment'])) {
unset($url['fragment']);
}
// Sort GET params alphabetically, not because the RFC requires it but because it's cool!
if (isset($url['query'])) {
if (preg_match('/&/', $url['query'])) {
$s = explode('&', $url['query']);
$url['query'] = '';
sort($s);
foreach ($s as $z) {
$url['query'] .= "{$z}&";
}
$url['query'] = preg_replace('/&\Z/', '', $url['query']);
}
$newUrl .= "?{$url['query']}";
}
return $newUrl;
}
// sourced from https://stackoverflow.com/a/9776726
function prettyPrintJson(string $json): string
{
$result = '';
$level = 0;
$in_quotes = false;
$in_escape = false;
$ends_line_level = null;
$json_length = strlen($json);
for ($i = 0; $i < $json_length; $i++) {
$char = $json[$i];
$new_line_level = null;
$post = '';
if ($ends_line_level !== null) {
$new_line_level = $ends_line_level;
$ends_line_level = null;
}
if ($in_escape) {
$in_escape = false;
} elseif ($char === '"') {
$in_quotes = ! $in_quotes;
} elseif (! $in_quotes) {
switch ($char) {
case '}': case ']':
$level--;
$ends_line_level = null;
$new_line_level = $level;
break;
case '{': case '[':
$level++;
case ',':
$ends_line_level = $level;
break;
case ':':
$post = ' ';
break;
case ' ': case "\t": case "\n": case "\r":
$char = '';
$ends_line_level = $new_line_level;
$new_line_level = null;
break;
}
} elseif ($char === '\\') {
$in_escape = true;
}
if ($new_line_level !== null) {
$result .= "\n".str_repeat("\t", $new_line_level);
}
$result .= $char.$post;
}
return str_replace("\t", ' ', $result);
}