PageRenderTime 47ms CodeModel.GetById 20ms RepoModel.GetById 0ms app.codeStats 0ms

/library/Zend/Feed/Pubsubhubbub/Subscriber/Callback.php

https://gitlab.com/devtoannh/cafe
PHP | 330 lines | 162 code | 20 blank | 148 comment | 36 complexity | 4073a3ebb939028729680c6279d9e539 MD5 | raw file
  1. <?php
  2. /**
  3. * Zend Framework
  4. *
  5. * LICENSE
  6. *
  7. * This source file is subject to the new BSD license that is bundled
  8. * with this package in the file LICENSE.txt.
  9. * It is also available through the world-wide-web at this URL:
  10. * http://framework.zend.com/license/new-bsd
  11. * If you did not receive a copy of the license and are unable to
  12. * obtain it through the world-wide-web, please send an email
  13. * to license@zend.com so we can send you a copy immediately.
  14. *
  15. * @category Zend
  16. * @package Zend_Feed_Pubsubhubbub
  17. * @copyright Copyright (c) 2005-2011 Zend Technologies USA Inc. (http://www.zend.com)
  18. * @license http://framework.zend.com/license/new-bsd New BSD License
  19. * @version $Id: Callback.php 23775 2011-03-01 17:25:24Z ralph $
  20. */
  21. /**
  22. * @see Zend_Feed_Pubsubhubbub
  23. */
  24. require_once 'Zend/Feed/Pubsubhubbub.php';
  25. /**
  26. * @see Zend_Feed_Pubsubhubbub
  27. */
  28. require_once 'Zend/Feed/Pubsubhubbub/CallbackAbstract.php';
  29. /**
  30. * @see Zend_Feed_Reader
  31. */
  32. require_once 'Zend/Feed/Reader.php';
  33. /**
  34. * @category Zend
  35. * @package Zend_Feed_Pubsubhubbub
  36. * @copyright Copyright (c) 2005-2011 Zend Technologies USA Inc. (http://www.zend.com)
  37. * @license http://framework.zend.com/license/new-bsd New BSD License
  38. */
  39. class Zend_Feed_Pubsubhubbub_Subscriber_Callback
  40. extends Zend_Feed_Pubsubhubbub_CallbackAbstract
  41. {
  42. /**
  43. * Contains the content of any feeds sent as updates to the Callback URL
  44. *
  45. * @var string
  46. */
  47. protected $_feedUpdate = null;
  48. /**
  49. * Holds a manually set subscription key (i.e. identifies a unique
  50. * subscription) which is typical when it is not passed in the query string
  51. * but is part of the Callback URL path, requiring manual retrieval e.g.
  52. * using a route and the Zend_Controller_Action::_getParam() method.
  53. *
  54. * @var string
  55. */
  56. protected $_subscriptionKey = null;
  57. /**
  58. * After verification, this is set to the verified subscription's data.
  59. *
  60. * @var array
  61. */
  62. protected $_currentSubscriptionData = null;
  63. /**
  64. * Set a subscription key to use for the current callback request manually.
  65. * Required if usePathParameter is enabled for the Subscriber.
  66. *
  67. * @param string $key
  68. * @return Zend_Feed_Pubsubhubbub_Subscriber_Callback
  69. */
  70. public function setSubscriptionKey($key)
  71. {
  72. $this->_subscriptionKey = $key;
  73. return $this;
  74. }
  75. /**
  76. * Handle any callback from a Hub Server responding to a subscription or
  77. * unsubscription request. This should be the Hub Server confirming the
  78. * the request prior to taking action on it.
  79. *
  80. * @param array $httpGetData GET data if available and not in $_GET
  81. * @param bool $sendResponseNow Whether to send response now or when asked
  82. * @return void
  83. */
  84. public function handle(array $httpGetData = null, $sendResponseNow = false)
  85. {
  86. if ($httpGetData === null) {
  87. $httpGetData = $_GET;
  88. }
  89. /**
  90. * Handle any feed updates (sorry for the mess :P)
  91. *
  92. * This DOES NOT attempt to process a feed update. Feed updates
  93. * SHOULD be validated/processed by an asynchronous process so as
  94. * to avoid holding up responses to the Hub.
  95. */
  96. $contentType = $this->_getHeader('Content-Type');
  97. if (strtolower($_SERVER['REQUEST_METHOD']) == 'post'
  98. && $this->_hasValidVerifyToken(null, false)
  99. && (stripos($contentType, 'application/atom+xml') === 0
  100. || stripos($contentType, 'application/rss+xml') === 0
  101. || stripos($contentType, 'application/xml') === 0
  102. || stripos($contentType, 'text/xml') === 0
  103. || stripos($contentType, 'application/rdf+xml') === 0)
  104. ) {
  105. $this->setFeedUpdate($this->_getRawBody());
  106. $this->getHttpResponse()
  107. ->setHeader('X-Hub-On-Behalf-Of', $this->getSubscriberCount());
  108. /**
  109. * Handle any (un)subscribe confirmation requests
  110. */
  111. } elseif ($this->isValidHubVerification($httpGetData)) {
  112. $data = $this->_currentSubscriptionData;
  113. $this->getHttpResponse()->setBody($httpGetData['hub_challenge']);
  114. $data['subscription_state'] = Zend_Feed_Pubsubhubbub::SUBSCRIPTION_VERIFIED;
  115. if (isset($httpGetData['hub_lease_seconds'])) {
  116. $data['lease_seconds'] = $httpGetData['hub_lease_seconds'];
  117. }
  118. $this->getStorage()->setSubscription($data);
  119. /**
  120. * Hey, C'mon! We tried everything else!
  121. */
  122. } else {
  123. $this->getHttpResponse()->setHttpResponseCode(404);
  124. }
  125. if ($sendResponseNow) {
  126. $this->sendResponse();
  127. }
  128. }
  129. /**
  130. * Checks validity of the request simply by making a quick pass and
  131. * confirming the presence of all REQUIRED parameters.
  132. *
  133. * @param array $httpGetData
  134. * @return bool
  135. */
  136. public function isValidHubVerification(array $httpGetData)
  137. {
  138. /**
  139. * As per the specification, the hub.verify_token is OPTIONAL. This
  140. * implementation of Pubsubhubbub considers it REQUIRED and will
  141. * always send a hub.verify_token parameter to be echoed back
  142. * by the Hub Server. Therefore, its absence is considered invalid.
  143. */
  144. if (strtolower($_SERVER['REQUEST_METHOD']) !== 'get') {
  145. return false;
  146. }
  147. $required = array(
  148. 'hub_mode',
  149. 'hub_topic',
  150. 'hub_challenge',
  151. 'hub_verify_token',
  152. );
  153. foreach ($required as $key) {
  154. if (!array_key_exists($key, $httpGetData)) {
  155. return false;
  156. }
  157. }
  158. if ($httpGetData['hub_mode'] !== 'subscribe'
  159. && $httpGetData['hub_mode'] !== 'unsubscribe'
  160. ) {
  161. return false;
  162. }
  163. if ($httpGetData['hub_mode'] == 'subscribe'
  164. && !array_key_exists('hub_lease_seconds', $httpGetData)
  165. ) {
  166. return false;
  167. }
  168. if (!Zend_Uri::check($httpGetData['hub_topic'])) {
  169. return false;
  170. }
  171. /**
  172. * Attempt to retrieve any Verification Token Key attached to Callback
  173. * URL's path by our Subscriber implementation
  174. */
  175. if (!$this->_hasValidVerifyToken($httpGetData)) {
  176. return false;
  177. }
  178. return true;
  179. }
  180. /**
  181. * Sets a newly received feed (Atom/RSS) sent by a Hub as an update to a
  182. * Topic we've subscribed to.
  183. *
  184. * @param string $feed
  185. * @return Zend_Feed_Pubsubhubbub_Subscriber_Callback
  186. */
  187. public function setFeedUpdate($feed)
  188. {
  189. $this->_feedUpdate = $feed;
  190. return $this;
  191. }
  192. /**
  193. * Check if any newly received feed (Atom/RSS) update was received
  194. *
  195. * @return bool
  196. */
  197. public function hasFeedUpdate()
  198. {
  199. if ($this->_feedUpdate === null) {
  200. return false;
  201. }
  202. return true;
  203. }
  204. /**
  205. * Gets a newly received feed (Atom/RSS) sent by a Hub as an update to a
  206. * Topic we've subscribed to.
  207. *
  208. * @return string
  209. */
  210. public function getFeedUpdate()
  211. {
  212. return $this->_feedUpdate;
  213. }
  214. /**
  215. * Check for a valid verify_token. By default attempts to compare values
  216. * with that sent from Hub, otherwise merely ascertains its existence.
  217. *
  218. * @param array $httpGetData
  219. * @param bool $checkValue
  220. * @return bool
  221. */
  222. protected function _hasValidVerifyToken(array $httpGetData = null, $checkValue = true)
  223. {
  224. $verifyTokenKey = $this->_detectVerifyTokenKey($httpGetData);
  225. if (empty($verifyTokenKey)) {
  226. return false;
  227. }
  228. $verifyTokenExists = $this->getStorage()->hasSubscription($verifyTokenKey);
  229. if (!$verifyTokenExists) {
  230. return false;
  231. }
  232. if ($checkValue) {
  233. $data = $this->getStorage()->getSubscription($verifyTokenKey);
  234. $verifyToken = $data['verify_token'];
  235. if ($verifyToken !== hash('sha256', $httpGetData['hub_verify_token'])) {
  236. return false;
  237. }
  238. $this->_currentSubscriptionData = $data;
  239. return true;
  240. }
  241. return true;
  242. }
  243. /**
  244. * Attempt to detect the verification token key. This would be passed in
  245. * the Callback URL (which we are handling with this class!) as a URI
  246. * path part (the last part by convention).
  247. *
  248. * @param null|array $httpGetData
  249. * @return false|string
  250. */
  251. protected function _detectVerifyTokenKey(array $httpGetData = null)
  252. {
  253. /**
  254. * Available when sub keys encoding in Callback URL path
  255. */
  256. if (isset($this->_subscriptionKey)) {
  257. return $this->_subscriptionKey;
  258. }
  259. /**
  260. * Available only if allowed by PuSH 0.2 Hubs
  261. */
  262. if (is_array($httpGetData)
  263. && isset($httpGetData['xhub_subscription'])
  264. ) {
  265. return $httpGetData['xhub_subscription'];
  266. }
  267. /**
  268. * Available (possibly) if corrupted in transit and not part of $_GET
  269. */
  270. $params = $this->_parseQueryString();
  271. if (isset($params['xhub.subscription'])) {
  272. return rawurldecode($params['xhub.subscription']);
  273. }
  274. return false;
  275. }
  276. /**
  277. * Build an array of Query String parameters.
  278. * This bypasses $_GET which munges parameter names and cannot accept
  279. * multiple parameters with the same key.
  280. *
  281. * @return array|void
  282. */
  283. protected function _parseQueryString()
  284. {
  285. $params = array();
  286. $queryString = '';
  287. if (isset($_SERVER['QUERY_STRING'])) {
  288. $queryString = $_SERVER['QUERY_STRING'];
  289. }
  290. if (empty($queryString)) {
  291. return array();
  292. }
  293. $parts = explode('&', $queryString);
  294. foreach ($parts as $kvpair) {
  295. $pair = explode('=', $kvpair);
  296. $key = rawurldecode($pair[0]);
  297. $value = rawurldecode($pair[1]);
  298. if (isset($params[$key])) {
  299. if (is_array($params[$key])) {
  300. $params[$key][] = $value;
  301. } else {
  302. $params[$key] = array($params[$key], $value);
  303. }
  304. } else {
  305. $params[$key] = $value;
  306. }
  307. }
  308. return $params;
  309. }
  310. }