From c92bb12a116ccf65b85a420bdd26640b7aa9fc68 Mon Sep 17 00:00:00 2001 From: "J. King" Date: Sun, 1 Nov 2020 19:09:17 -0500 Subject: [PATCH] Prototype Miniflux dispatcher --- lib/REST.php | 2 +- lib/REST/Miniflux/V1.php | 50 ++++++++++++++++++++++++++++++--- lib/REST/NextcloudNews/V1_2.php | 20 ++++++------- 3 files changed, 57 insertions(+), 15 deletions(-) diff --git a/lib/REST.php b/lib/REST.php index 0d04be93..011d27df 100644 --- a/lib/REST.php +++ b/lib/REST.php @@ -43,7 +43,7 @@ class REST { 'miniflux' => [ // Miniflux https://miniflux.app/docs/api.html 'match' => '/v1/', 'strip' => '/v1', - 'class' => REST\Miniflux\API::class, + 'class' => REST\Miniflux\V1::class, ], // Other candidates: // Microsub https://indieweb.org/Microsub diff --git a/lib/REST/Miniflux/V1.php b/lib/REST/Miniflux/V1.php index 8fd1dc47..9edff158 100644 --- a/lib/REST/Miniflux/V1.php +++ b/lib/REST/Miniflux/V1.php @@ -23,6 +23,8 @@ use Laminas\Diactoros\Response\JsonResponse as Response; use Laminas\Diactoros\Response\EmptyResponse; class V1 extends \JKingWeb\Arsse\REST\AbstractHandler { + protected const ACCEPTED_TYPES_OPML = ["text/xml", "application/xml", "text/x-opml"]; + protected const ACCEPTED_TYPES_JSON = ["application/json", "text/json"]; protected $paths = [ '/categories' => ['GET' => "getCategories", 'POST' => "createCategory"], '/categories/1' => ['PUT' => "updateCategory", 'DELETE' => "deleteCategory"], @@ -55,14 +57,46 @@ class V1 extends \JKingWeb\Arsse\REST\AbstractHandler { if ($req->getAttribute("authenticated", false)) { Arsse::$user->id = $req->getAttribute("authenticatedUser"); } else { + // TODO: Handle X-Auth-Token authentication return new EmptyResponse(401); } // get the request path only; this is assumed to already be normalized $target = parse_url($req->getRequestTarget())['path'] ?? ""; + $method = $req->getMethod(); // handle HTTP OPTIONS requests - if ($req->getMethod() === "OPTIONS") { + if ($method === "OPTIONS") { return $this->handleHTTPOptions($target); } + $func = $this->chooseCall($target, $method); + if ($func === "opmlImport") { + if (!HTTP::matchType($req, "", ...[self::ACCEPTED_TYPES_OPML])) { + return new EmptyResponse(415, ['Accept' => implode(", ", self::ACCEPTED_TYPES_OPML)]); + } + $data = (string) $req->getBody(); + } elseif ($method === "POST" || $method === "PUT") { + if (!HTTP::matchType($req, "", ...[self::ACCEPTED_TYPES_JSON])) { + return new EmptyResponse(415, ['Accept' => implode(", ", self::ACCEPTED_TYPES_JSON)]); + } + $data = @json_decode($data, true); + if (json_last_error() !== \JSON_ERROR_NONE) { + // if the body could not be parsed as JSON, return "400 Bad Request" + return new EmptyResponse(400); + } + } else { + $data = null; + } + try { + $path = explode("/", ltrim($target, "/")); + return $this->$func($path, $req->getQueryParams(), $data); + // @codeCoverageIgnoreStart + } catch (Exception $e) { + // if there was a REST exception return 400 + return new EmptyResponse(400); + } catch (AbstractException $e) { + // if there was any other Arsse exception return 500 + return new EmptyResponse(500); + } + // @codeCoverageIgnoreEnd } protected function normalizePathIds(string $url): string { @@ -73,6 +107,10 @@ class V1 extends \JKingWeb\Arsse\REST\AbstractHandler { $path[$a] = "1"; } } + // handle special case "Get User By User Name", which can have any non-numeric string, non-empty as the last component + if (sizeof($path) === 3 && $path[0] === "" && $path[1] === "users" && !preg_match("/^(?:\d+)?$/", $path[2])) { + $path[2] = "*"; + } return implode("/", $path); } @@ -88,7 +126,7 @@ class V1 extends \JKingWeb\Arsse\REST\AbstractHandler { } return new EmptyResponse(204, [ 'Allow' => implode(",", $allowed), - 'Accept' => self::ACCEPTED_TYPE, + 'Accept' => implode(", ", $url === "/import" ? self::ACCEPTED_TYPES_OPML : self::ACCEPTED_TYPES_JSON), ]); } else { // if the path is not supported, return 404 @@ -106,8 +144,12 @@ class V1 extends \JKingWeb\Arsse\REST\AbstractHandler { if (isset($this->paths[$url])) { // if the path is supported, make sure the method is allowed if (isset($this->paths[$url][$method])) { - // if it is allowed, return the object method to run - return $this->paths[$url][$method]; + // if it is allowed, return the object method to run, assuming the method exists + if (method_exists($this, $this->paths[$url][$method])) { + return $this->paths[$url][$method]; + } else { + throw new Exception501(); // @codeCoverageIgnore + } } else { // otherwise return 405 throw new Exception405(implode(", ", array_keys($this->paths[$url]))); diff --git a/lib/REST/NextcloudNews/V1_2.php b/lib/REST/NextcloudNews/V1_2.php index c7389df8..4741e839 100644 --- a/lib/REST/NextcloudNews/V1_2.php +++ b/lib/REST/NextcloudNews/V1_2.php @@ -17,6 +17,7 @@ use JKingWeb\Arsse\Misc\HTTP; use JKingWeb\Arsse\REST\Exception; use JKingWeb\Arsse\REST\Exception404; use JKingWeb\Arsse\REST\Exception405; +use JKingWeb\Arsse\REST\Exception501; use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Message\ResponseInterface; use Laminas\Diactoros\Response\JsonResponse as Response; @@ -109,20 +110,15 @@ class V1_2 extends \JKingWeb\Arsse\REST\AbstractHandler { // merge GET and POST data, and normalize it. POST parameters are preferred over GET parameters $data = $this->normalizeInput(array_merge($req->getQueryParams(), $data), $this->validInput, "unix"); // check to make sure the requested function is implemented + // dispatch try { $func = $this->chooseCall($target, $req->getMethod()); + $path = explode("/", ltrim($target, "/")); + return $this->$func($path, $data); } catch (Exception404 $e) { return new EmptyResponse(404); } catch (Exception405 $e) { return new EmptyResponse(405, ['Allow' => $e->getMessage()]); - } - if (!method_exists($this, $func)) { - return new EmptyResponse(501); // @codeCoverageIgnore - } - // dispatch - try { - $path = explode("/", ltrim($target, "/")); - return $this->$func($path, $data); // @codeCoverageIgnoreStart } catch (Exception $e) { // if there was a REST exception return 400 @@ -155,8 +151,12 @@ class V1_2 extends \JKingWeb\Arsse\REST\AbstractHandler { if (isset($this->paths[$url])) { // if the path is supported, make sure the method is allowed if (isset($this->paths[$url][$method])) { - // if it is allowed, return the object method to run - return $this->paths[$url][$method]; + // if it is allowed, return the object method to run, assuming the method exists + if (method_exists($this, $this->paths[$url][$method])) { + return $this->paths[$url][$method]; + } else { + throw new Exception501(); // @codeCoverageIgnore + } } else { // otherwise return 405 throw new Exception405(implode(", ", array_keys($this->paths[$url])));