summaryrefslogtreecommitdiff
path: root/plugins/OStatus/actions
diff options
context:
space:
mode:
authorBrion Vibber <brion@pobox.com>2010-02-08 11:06:03 -0800
committerBrion Vibber <brion@pobox.com>2010-02-08 11:15:29 -0800
commitdc09453a77f33c4dfdff306321ce93cf5fbd2d57 (patch)
treedf3ff3713cf36a84efeb09b5650dd49399edc8f4 /plugins/OStatus/actions
parent5fdcd88176010a72b6a157170784a8aad7bf4131 (diff)
First steps on converting FeedSub into the pub/sub basis for OStatus communications:
* renamed FeedSub plugin to OStatus * now setting avatar on subscriptions * general fixes for subscription * integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly * set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though) * a few bits of code documentation * HMAC support for verified distributions (safest if sub setup is on HTTPS) And a couple core changes: * minimizing HTML output for exceptions in API requests to aid in debugging * fix for rel=self link in apitimelineuser when id given This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions. Needs some further cleanup to treat posts as status updates instead of link references.
Diffstat (limited to 'plugins/OStatus/actions')
-rw-r--r--plugins/OStatus/actions/feedsubcallback.php105
-rw-r--r--plugins/OStatus/actions/feedsubsettings.php258
-rw-r--r--plugins/OStatus/actions/hub.php176
3 files changed, 539 insertions, 0 deletions
diff --git a/plugins/OStatus/actions/feedsubcallback.php b/plugins/OStatus/actions/feedsubcallback.php
new file mode 100644
index 000000000..c57ea5b10
--- /dev/null
+++ b/plugins/OStatus/actions/feedsubcallback.php
@@ -0,0 +1,105 @@
+<?php
+/*
+ * StatusNet - the distributed open-source microblogging tool
+ * Copyright (C) 2009, StatusNet, Inc.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+/**
+ * @package FeedSubPlugin
+ * @maintainer Brion Vibber <brion@status.net>
+ */
+
+if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }
+
+
+class FeedSubCallbackAction extends Action
+{
+ function handle()
+ {
+ parent::handle();
+ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+ $this->handlePost();
+ } else {
+ $this->handleGet();
+ }
+ }
+
+ /**
+ * Handler for POST content updates from the hub
+ */
+ function handlePost()
+ {
+ $feedid = $this->arg('feed');
+ common_log(LOG_INFO, "POST for feed id $feedid");
+ if (!$feedid) {
+ throw new ServerException('Empty or invalid feed id', 400);
+ }
+
+ $feedinfo = Feedinfo::staticGet('id', $feedid);
+ if (!$feedinfo) {
+ throw new ServerException('Unknown feed id ' . $feedid, 400);
+ }
+
+ $hmac = '';
+ if (isset($_SERVER['HTTP_X_HUB_SIGNATURE'])) {
+ $hmac = $_SERVER['HTTP_X_HUB_SIGNATURE'];
+ }
+
+ $post = file_get_contents('php://input');
+ $feedinfo->postUpdates($post, $hmac);
+ }
+
+ /**
+ * Handler for GET verification requests from the hub
+ */
+ function handleGet()
+ {
+ $mode = $this->arg('hub_mode');
+ $topic = $this->arg('hub_topic');
+ $challenge = $this->arg('hub_challenge');
+ $lease_seconds = $this->arg('hub_lease_seconds');
+ $verify_token = $this->arg('hub_verify_token');
+
+ if ($mode != 'subscribe' && $mode != 'unsubscribe') {
+ common_log(LOG_WARNING, __METHOD__ . ": bogus hub callback with mode \"$mode\"");
+ throw new ServerException("Bogus hub callback: bad mode", 404);
+ }
+
+ $feedinfo = Feedinfo::staticGet('feeduri', $topic);
+ if (!$feedinfo) {
+ common_log(LOG_WARNING, __METHOD__ . ": bogus hub callback for unknown feed $topic");
+ throw new ServerException("Bogus hub callback: unknown feed", 404);
+ }
+
+ # Can't currently set the token in our sub api
+ #if ($feedinfo->verify_token !== $verify_token) {
+ # common_log(LOG_WARNING, __METHOD__ . ": bogus hub callback with bad token \"$verify_token\" for feed $topic");
+ # throw new ServerError("Bogus hub callback: bad token", 404);
+ #}
+
+ // OK!
+ common_log(LOG_INFO, __METHOD__ . ': sub confirmed');
+ $feedinfo->sub_start = common_sql_date(time());
+ if ($lease_seconds > 0) {
+ $feedinfo->sub_end = common_sql_date(time() + $lease_seconds);
+ } else {
+ $feedinfo->sub_end = null;
+ }
+ $feedinfo->update();
+
+ print $challenge;
+ }
+}
diff --git a/plugins/OStatus/actions/feedsubsettings.php b/plugins/OStatus/actions/feedsubsettings.php
new file mode 100644
index 000000000..4d5b7b60f
--- /dev/null
+++ b/plugins/OStatus/actions/feedsubsettings.php
@@ -0,0 +1,258 @@
+<?php
+/*
+ * StatusNet - the distributed open-source microblogging tool
+ * Copyright (C) 2009, StatusNet, Inc.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+/**
+ * @package FeedSubPlugin
+ * @maintainer Brion Vibber <brion@status.net>
+ */
+
+if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }
+
+class FeedSubSettingsAction extends ConnectSettingsAction
+{
+ protected $feedurl;
+ protected $preview;
+ protected $munger;
+
+ /**
+ * Title of the page
+ *
+ * @return string Title of the page
+ */
+
+ function title()
+ {
+ return _m('Feed subscriptions');
+ }
+
+ /**
+ * Instructions for use
+ *
+ * @return instructions for use
+ */
+
+ function getInstructions()
+ {
+ return _m('You can subscribe to feeds from other sites; ' .
+ 'updates will appear in your personal timeline.');
+ }
+
+ /**
+ * Content area of the page
+ *
+ * Shows a form for associating a Twitter account with this
+ * StatusNet account. Also lets the user set preferences.
+ *
+ * @return void
+ */
+
+ function showContent()
+ {
+ $user = common_current_user();
+
+ $profile = $user->getProfile();
+
+ $fuser = null;
+
+ $flink = Foreign_link::getByUserID($user->id, FEEDSUB_SERVICE);
+
+ if (!empty($flink)) {
+ $fuser = $flink->getForeignUser();
+ }
+
+ $this->elementStart('form', array('method' => 'post',
+ 'id' => 'form_settings_feedsub',
+ 'class' => 'form_settings',
+ 'action' =>
+ common_local_url('feedsubsettings')));
+
+ $this->hidden('token', common_session_token());
+
+ $this->elementStart('fieldset', array('id' => 'settings_feeds'));
+
+ $this->elementStart('ul', 'form_data');
+ $this->elementStart('li', array('id' => 'settings_twitter_login_button'));
+ $this->input('feedurl', _('Feed URL'), $this->feedurl, _('Enter the URL of a PubSubHubbub-enabled feed'));
+ $this->elementEnd('li');
+ $this->elementEnd('ul');
+
+ if ($this->preview) {
+ $this->submit('subscribe', _m('Subscribe'));
+ } else {
+ $this->submit('validate', _m('Continue'));
+ }
+
+ $this->elementEnd('fieldset');
+
+ $this->elementEnd('form');
+
+ if ($this->preview) {
+ $this->previewFeed();
+ }
+ }
+
+ /**
+ * Handle posts to this form
+ *
+ * Based on the button that was pressed, muxes out to other functions
+ * to do the actual task requested.
+ *
+ * All sub-functions reload the form with a message -- success or failure.
+ *
+ * @return void
+ */
+
+ function handlePost()
+ {
+ // CSRF protection
+ $token = $this->trimmed('token');
+ if (!$token || $token != common_session_token()) {
+ $this->showForm(_('There was a problem with your session token. '.
+ 'Try again, please.'));
+ return;
+ }
+
+ if ($this->arg('validate')) {
+ $this->validateAndPreview();
+ } else if ($this->arg('subscribe')) {
+ $this->saveFeed();
+ } else {
+ $this->showForm(_('Unexpected form submission.'));
+ }
+ }
+
+ /**
+ * Set up and add a feed
+ *
+ * @return boolean true if feed successfully read
+ * Sends you back to input form if not.
+ */
+ function validateFeed()
+ {
+ $feedurl = trim($this->arg('feedurl'));
+
+ if ($feedurl == '') {
+ $this->showForm(_m('Empty feed URL!'));
+ return;
+ }
+ $this->feedurl = $feedurl;
+
+ // Get the canonical feed URI and check it
+ try {
+ $discover = new FeedDiscovery();
+ $uri = $discover->discoverFromURL($feedurl);
+ } catch (FeedSubBadURLException $e) {
+ $this->showForm(_m('Invalid URL or could not reach server.'));
+ return false;
+ } catch (FeedSubBadResponseException $e) {
+ $this->showForm(_m('Cannot read feed; server returned error.'));
+ return false;
+ } catch (FeedSubEmptyException $e) {
+ $this->showForm(_m('Cannot read feed; server returned an empty page.'));
+ return false;
+ } catch (FeedSubBadHTMLException $e) {
+ $this->showForm(_m('Bad HTML, could not find feed link.'));
+ return false;
+ } catch (FeedSubNoFeedException $e) {
+ $this->showForm(_m('Could not find a feed linked from this URL.'));
+ return false;
+ } catch (FeedSubUnrecognizedTypeException $e) {
+ $this->showForm(_m('Not a recognized feed type.'));
+ return false;
+ } catch (FeedSubException $e) {
+ // Any new ones we forgot about
+ $this->showForm(_m('Bad feed URL.'));
+ return false;
+ }
+
+ $this->munger = $discover->feedMunger();
+ $this->feedinfo = $this->munger->feedInfo();
+
+ if ($this->feedinfo->huburi == '' && !common_config('feedsub', 'nohub')) {
+ $this->showForm(_m('Feed is not PuSH-enabled; cannot subscribe.'));
+ return false;
+ }
+
+ return true;
+ }
+
+ function saveFeed()
+ {
+ if ($this->validateFeed()) {
+ $this->preview = true;
+ $this->feedinfo = Feedinfo::ensureProfile($this->munger);
+
+ // If not already in use, subscribe to updates via the hub
+ if ($this->feedinfo->sub_start) {
+ common_log(LOG_INFO, __METHOD__ . ": double the fun! new sub for {$this->feedinfo->feeduri} last subbed {$this->feedinfo->sub_start}");
+ } else {
+ $ok = $this->feedinfo->subscribe();
+ common_log(LOG_INFO, __METHOD__ . ": sub was $ok");
+ if (!$ok) {
+ $this->showForm(_m('Feed subscription failed! Bad response from hub.'));
+ return;
+ }
+ }
+
+ // And subscribe the current user to the local profile
+ $user = common_current_user();
+ $profile = $this->feedinfo->getProfile();
+ if (!$profile) {
+ throw new ServerException("Feed profile was not saved properly.");
+ }
+
+ if ($user->isSubscribed($profile)) {
+ $this->showForm(_m('Already subscribed!'));
+ } elseif ($user->subscribeTo($profile)) {
+ $this->showForm(_m('Feed subscribed!'));
+ } else {
+ $this->showForm(_m('Feed subscription failed!'));
+ }
+ }
+ }
+
+ function validateAndPreview()
+ {
+ if ($this->validateFeed()) {
+ $this->preview = true;
+ $this->showForm(_m('Previewing feed:'));
+ }
+ }
+
+ function previewFeed()
+ {
+ $feedinfo = $this->munger->feedinfo();
+ $notice = $this->munger->notice(0, true); // preview
+
+ if ($notice) {
+ $this->element('b', null, 'Preview of latest post from this feed:');
+
+ $item = new NoticeList($notice, $this);
+ $item->show();
+ } else {
+ $this->element('b', null, 'No posts in this feed yet.');
+ }
+ }
+
+ function showScripts()
+ {
+ parent::showScripts();
+ $this->autofocus('feedurl');
+ }
+}
diff --git a/plugins/OStatus/actions/hub.php b/plugins/OStatus/actions/hub.php
new file mode 100644
index 000000000..5caf4b48e
--- /dev/null
+++ b/plugins/OStatus/actions/hub.php
@@ -0,0 +1,176 @@
+<?php
+/*
+ * StatusNet - the distributed open-source microblogging tool
+ * Copyright (C) 2010, StatusNet, Inc.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+/**
+ * Integrated PuSH hub; lets us only ping them what need it.
+ * @package Hub
+ * @maintainer Brion Vibber <brion@status.net>
+ */
+
+/**
+
+
+Things to consider...
+* should we purge incomplete subscriptions that never get a verification pingback?
+* when can we send subscription renewal checks?
+ - at next send time probably ok
+* when can we handle trimming of subscriptions?
+ - at next send time probably ok
+* should we keep a fail count?
+
+*/
+
+
+class HubAction extends Action
+{
+ function arg($arg, $def=null)
+ {
+ // PHP converts '.'s in incoming var names to '_'s.
+ // It also merges multiple values, which'll break hub.verify and hub.topic for publishing
+ // @fixme handle multiple args
+ $arg = str_replace('.', '_', $arg);
+ return parent::arg($arg, $def);
+ }
+
+ function prepare($args)
+ {
+ StatusNet::setApi(true); // reduce exception reports to aid in debugging
+ return parent::prepare($args);
+ }
+
+ function handle()
+ {
+ $mode = $this->trimmed('hub.mode');
+ switch ($mode) {
+ case "subscribe":
+ $this->subscribe();
+ break;
+ case "unsubscribe":
+ $this->unsubscribe();
+ break;
+ case "publish":
+ throw new ServerException("Publishing outside feeds not supported.", 400);
+ default:
+ throw new ServerException("Unrecognized mode '$mode'.", 400);
+ }
+ }
+
+ /**
+ * Process a PuSH feed subscription request.
+ *
+ * HTTP return codes:
+ * 202 Accepted - request saved and awaiting verification
+ * 204 No Content - already subscribed
+ * 403 Forbidden - rejecting this (not specifically spec'd)
+ */
+ function subscribe()
+ {
+ $feed = $this->argUrl('hub.topic');
+ $callback = $this->argUrl('hub.callback');
+
+ common_log(LOG_DEBUG, __METHOD__ . ": checking sub'd to $feed $callback");
+ if ($this->getSub($feed, $callback)) {
+ // Already subscribed; return 204 per spec.
+ header('HTTP/1.1 204 No Content');
+ common_log(LOG_DEBUG, __METHOD__ . ': already subscribed');
+ return;
+ }
+
+ common_log(LOG_DEBUG, __METHOD__ . ': setting up');
+ $sub = new HubSub();
+ $sub->topic = $feed;
+ $sub->callback = $callback;
+ $sub->secret = $this->arg('hub.secret', null);
+ $sub->setLease(intval($this->arg('hub.lease_seconds')));
+
+ // @fixme check for feeds we don't manage
+ // @fixme check the verification mode, might want a return immediately?
+
+ common_log(LOG_DEBUG, __METHOD__ . ': inserting');
+ $ok = $sub->insert();
+
+ if (!$ok) {
+ throw new ServerException("Failed to save subscription record", 500);
+ }
+
+ // @fixme check errors ;)
+
+ $data = array('sub' => $sub, 'mode' => 'subscribe');
+ $qm = QueueManager::get();
+ $qm->enqueue($data, 'hubverify');
+
+ header('HTTP/1.1 202 Accepted');
+ common_log(LOG_DEBUG, __METHOD__ . ': done');
+ }
+
+ /**
+ * Process a PuSH feed unsubscription request.
+ *
+ * HTTP return codes:
+ * 202 Accepted - request saved and awaiting verification
+ * 204 No Content - already subscribed
+ * 400 Bad Request - invalid params or rejected feed
+ */
+ function unsubscribe()
+ {
+ $feed = $this->argUrl('hub.topic');
+ $callback = $this->argUrl('hub.callback');
+ $sub = $this->getSub($feed, $callback);
+
+ if ($sub) {
+ if ($sub->verify('unsubscribe')) {
+ $sub->delete();
+ common_log(LOG_INFO, "PuSH unsubscribed $feed for $callback");
+ } else {
+ throw new ServerException("Failed PuSH unsubscription: verification failed! $feed for $callback");
+ }
+ } else {
+ throw new ServerException("Failed PuSH unsubscription: not subscribed! $feed for $callback");
+ }
+ }
+
+ /**
+ * Grab and validate a URL from POST parameters.
+ * @throws ServerException for malformed or non-http/https URLs
+ */
+ protected function argUrl($arg)
+ {
+ $url = $this->arg($arg);
+ $params = array('domain_check' => false, // otherwise breaks my local tests :P
+ 'allowed_schemes' => array('http', 'https'));
+ if (Validate::uri($url, $params)) {
+ return $url;
+ } else {
+ throw new ServerException("Invalid URL passed for $arg: '$url'", 400);
+ }
+ }
+
+ /**
+ * Get HubSub subscription record for a given feed & subscriber.
+ *
+ * @param string $feed
+ * @param string $callback
+ * @return mixed HubSub or false
+ */
+ protected function getSub($feed, $callback)
+ {
+ return HubSub::staticGet($feed, $callback);
+ }
+}
+