Merge branch 'master' of https://github.com/philsturgeon/codeigniter-restserver

coffeerunhobby · coffeerunhobby · commit e45aade9a044 · 2014-07-30T14:25:42.000+03:00
diff --git a/application/config/rest.php b/application/config/rest.php
@@ -97,6 +97,8 @@
 |	If 'rest_auth' is 'session' then set 'auth_source' to the name of the session variable to check for.
 |
 */
+
+//change this to '' for wildcard unit test
 $config['auth_source'] = 'ldap';
 
 /*
@@ -130,15 +132,20 @@
 |			$config['auth_override_class_method']['deals']['view'] = 'none';
 |			$config['auth_override_class_method']['deals']['insert'] = 'digest';
 |			$config['auth_override_class_method']['accounts']['user'] = 'basic';
+|			$config['auth_override_class_method']['dashboard']['*'] = 'none|digest|basic';
 |
-| Here 'deals' and 'accounts' are controller names, 'view', 'insert' and 'user' are methods within. (NOTE: leave off the '_get' or '_post' from the end of the method name)
+| Here 'deals', 'accounts' and 'dashboard' are controller names, 'view', 'insert' and 'user' are methods within. An asterisk may also be used to specify an authentication method for an entire classes methods. Ex: $config['auth_override_class_method']['dashboard']['*'] = 'basic'; (NOTE: leave off the '_get' or '_post' from the end of the method name)
 | Acceptable values are; 'none', 'digest' and 'basic'.
 |
 */
 // $config['auth_override_class_method']['deals']['view'] = 'none';
 // $config['auth_override_class_method']['deals']['insert'] = 'digest';
 // $config['auth_override_class_method']['accounts']['user'] = 'basic';
+// $config['auth_override_class_method']['dashboard']['*'] = 'basic';
+
 
+//---Uncomment list line for the wildard unit test
+//$config['auth_override_class_method']['wildcard_test_cases']['*'] = 'basic';
 /*
 |--------------------------------------------------------------------------
 | REST Login usernames
diff --git a/application/controllers/unit_tests/wildcard_test_cases.php b/application/controllers/unit_tests/wildcard_test_cases.php
@@ -0,0 +1,37 @@
+<?php defined('BASEPATH') OR exit('No direct script access allowed');
+
+/**
+ * Example
+ *
+ * This is a test for the wildcard .
+ *
+ * @package		CodeIgniter
+ * @subpackage	Rest Server
+ * @category	Controller
+ * @author		Allen Taylor
+ * @link		http://philsturgeon.co.uk/code/
+*/
+
+// This can be removed if you use __autoload() in config.php OR use Modular Extensions
+
+/*
+In order for this test to work you will need to change the auth_source option in the rest.php config file to '' and uncomment this line $config['auth_override_class_method']['wildcard_test_cases']['*'] = 'basic'; in the file as well. Once these are uncommented the tests will work.
+*/
+require APPPATH.'/libraries/REST_Controller.php'; 
+class Wildcard_test_cases extends REST_Controller{
+	function __construct(){
+		parent::__construct();
+		//set config for test
+		$this->config->load('rest');
+		$this->config->set_item('rest_auth', 'none');//turn on rest auth
+		$this->config->set_item('auth_source', '');//use config array for authentication
+		$this->config->set_item('auth_override_class_method', array('wildcard_test_cases' => array('*' => 'basic')));
+		$this->load->helper('url');
+	}
+
+
+	function digest_get(){
+		$this->response("welcome", 200);
+	}
+}
+?>
diff --git a/application/controllers/unit_tests/wildcard_test_harness.php b/application/controllers/unit_tests/wildcard_test_harness.php
@@ -0,0 +1,67 @@
+<?php defined('BASEPATH') OR exit('No direct script access allowed');
+
+/**
+ * Example
+ *
+ * This is a test for the wildcard. Wildcard allows you to specify an authentication type rule for an entire controller. Example would be $config['auth_override_class_method']['wildcard_test_cases']['*'] = 'basic'; This sets the authentication method for the Wildcard_test_harness controller to basic.
+ *
+ * @package		CodeIgniter
+ * @subpackage	Rest Server
+ * @category	Controller
+ * @author		Allen Taylor
+ * @link		http://philsturgeon.co.uk/code/
+*/
+
+// This can be removed if you use __autoload() in config.php OR use Modular Extensions
+
+/*
+In order for this test to work you will need to change the auth_source option in the rest.php config file to '' and uncomment this line $config['auth_override_class_method']['wildcard_test_cases']['*'] = 'basic'; in the file as well. Once these are uncommented the tests will work.
+*/
+class Wildcard_test_harness extends CI_Controller
+{
+	function __construct(){
+		parent::__construct();
+		$this->load->library('unit_test');
+		$this->load->helper('url');
+	}
+
+	//curl interface functions
+	private function makeRequest($url, $cred = '', $curlopts = array()){
+		$ch = curl_init($url);
+		$items = array(
+		    CURLOPT_URL => $url,
+		    CURLOPT_USERPWD => $cred
+		);
+		foreach($curlopts as $opt => $value)
+			$items[$opt] = $value;
+		curl_setopt_array($ch, $items);
+		ob_start();
+		$response = curl_exec($ch);
+		$contents = ob_get_contents();
+		ob_end_clean();
+		$info = curl_getinfo($ch);
+
+		$errno = curl_errno($ch);
+		$error = curl_error($ch);
+		curl_close($ch);
+		return array('response' => $response, 'contents' => $contents, 'errno' => $errno, 'error' => $error, 'info' => $info);//return 
+	}
+
+	/*
+	These two test cases will test if the authentication is working for the wildcard method. The curl requests may not work if you do not have an .htaccess file with mod rewrite in the same directory as your index.php file. If you don't have that file you can add it or change the url below to the one that includes index.php.
+	*/
+	function index(){
+
+		//not authorized
+		//no htaccess: $test = $this->makeRequest(base_url() . 'index.php/unit_tests/wildcard_test_cases/digest', '');
+		$test = $this->makeRequest(base_url() . 'unit_tests/wildcard_test_cases/digest', '');
+		// print_r($test);
+		$this->unit->run($test['info']['http_code'], '401', 'Not Authorized test (No credentials provided)');
+		//no htaccess: $test = $this->makeRequest(base_url() . 'index.php/unit_tests/wildcard_test_cases/digest', 'admin:1234');
+		$test = $this->makeRequest(base_url() . 'unit_tests/wildcard_test_cases/digest', 'admin:1234');
+		//print_r($test);
+		$this->unit->run($test['info']['http_code'], '200', 'Authorized, credentials given');
+		echo $this->unit->report();
+	}
+}
+?>
diff --git a/application/libraries/Format.php b/application/libraries/Format.php
@@ -227,8 +227,22 @@ public function to_json()
 		$callback = isset($_GET['callback']) ? $_GET['callback'] : '';
 		if ($callback === '')
 		{
-			return json_encode($this->_data);
+            return json_encode($this->_data);
+            
+            /* Had to take out this code, it doesn't work on Objects.
+            $str = $this->_data;
+            array_walk_recursive($str, function(&$item, $key) 
+            {
+                if(!mb_detect_encoding($item, 'utf-8', true)) 
+                {
+                    $item = utf8_encode($item);
+                }
+            });
+
+			return json_encode($str);
+            */
 		}
+
 		// we only honour jsonp callback which are valid javascript identifiers
 		else if (preg_match('/^[a-z_\$][a-z0-9\$_]*(\.[a-z_\$][a-z0-9\$_]*)*$/i', $callback))
 		{
diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php
@@ -206,7 +206,6 @@ public function __construct()
         $this->load->library('format');
 
         // init objects
-        $this->request      = new stdClass();
         $this->response     = new stdClass();
         $this->rest         = new stdClass();
 
@@ -250,13 +249,13 @@ public function __construct()
         }
 
         // Merge both for one mega-args variable
-        $this->_args = array_merge($this->_get_args, 
-            $this->_options_args, 
-            $this->_patch_args, 
-            $this->_head_args , 
-            $this->_put_args, 
-            $this->_post_args, 
-            $this->_delete_args, 
+        $this->_args = array_merge($this->_get_args,
+            $this->_options_args,
+            $this->_patch_args,
+            $this->_head_args ,
+            $this->_put_args,
+            $this->_post_args,
+            $this->_delete_args,
             $this->{'_'.$this->request->method.'_args'}
         );
 
@@ -285,9 +284,10 @@ public function __construct()
         // Check if there is a specific auth type for the current class/method
         // _auth_override_check could exit so we need $this->rest->db initialized before
         $this->auth_override    = $this->_auth_override_check();
-        
+
         // Checking for keys? GET TO WorK!
-        if (config_item('rest_enable_keys')) {
+		// Skip keys test for $config['auth_override_class_method']['class'['method'] = 'none'
+        if (config_item('rest_enable_keys') and $this->auth_override !== true) {
             $this->_allow = $this->_detect_api_key();
         }
 
@@ -298,7 +298,7 @@ public function __construct()
         }
 
         // When there is no specific override for the current class/method, use the default auth value set in the config
-        if ($this->auth_override !== true && $this->_allow === false) {
+        if ($this->auth_override !== true && !(config_item('rest_enable_keys') && $this->_allow === true)) {
             $rest_auth = strtolower($this->config->item('rest_auth'));
             switch ($rest_auth) {
                 case 'basic':
@@ -509,7 +509,7 @@ public function response($data = null, $http_code = null, $continue = false)
             echo($output);
             ob_end_flush();
             ob_flush();
-            flush();  
+            flush();
         }else{
             exit($output);
         }
@@ -852,6 +852,36 @@ protected function _auth_override_check()
             return false;
         }
 
+        // check for wildcard flag for rules for classes
+        if(!empty($this->overrides_array[$this->router->class]['*'])){//check for class overides
+            // None auth override found, prepare nothing but send back a true override flag
+            if ($this->overrides_array[$this->router->class]['*'] == 'none')
+            {
+                return true;
+            }
+
+            // Basic auth override found, prepare basic
+            if ($this->overrides_array[$this->router->class]['*'] == 'basic')
+            {
+                $this->_prepare_basic_auth();
+                return true;
+            }
+
+            // Digest auth override found, prepare digest
+            if ($this->overrides_array[$this->router->class]['*'] == 'digest')
+            {
+                $this->_prepare_digest_auth();
+                return true;
+            }
+
+            // Whitelist auth override found, check client's ip against config whitelist
+            if ($this->overrides_array[$this->router->class]['*'] == 'whitelist')
+            {
+                $this->_check_whitelist_auth();
+                return true;
+            }
+        }
+
         // Check to see if there's an override value set for the current class/method being called
         if (empty($this->overrides_array[$this->router->class][$this->router->method])) {
             return false;
@@ -1164,7 +1194,7 @@ protected function _perform_ldap_auth($username = '', $password = null)
 
             log_message('debug', 'Setting timeout to ' . $ldaptimeout . ' seconds');
 
-            ldap_set_option($ldapconn, LDAP_OPT_NETWorK_TIMEOUT, $ldaptimeout);
+            ldap_set_option($ldapconn, LDAP_OPT_NETWORK_TIMEOUT, $ldaptimeout);
 
             log_message('debug', 'LDAP Auth: Binding to ' . $ldaphost . ' with dn ' . $ldaprdn);
 
@@ -1252,7 +1282,11 @@ protected function _perform_library_auth($username = '', $password = null)
             return false;
         }
 
-        $this->load->library($auth_library_class);
+        if (!is_callable(array($this->$auth_library_class, $auth_library_function))) {
+
+            $this->load->library($auth_library_class);
+
+        }
 
         return $this->$auth_library_class->$auth_library_function($username, $password);
     }
@@ -1264,12 +1298,16 @@ protected function _perform_library_auth($username = '', $password = null)
      * @param  string  $password The user's password
      * @return boolean
      */
-    protected function _check_login($username = '', $password = null)
+    protected function _check_login($username = '', $password = false)
     {
         if (empty($username)) {
             return false;
         }
 
+        if ($password === false) {
+            return false;
+        }
+
         $auth_source = strtolower($this->config->item('auth_source'));
 
         if ($auth_source == 'ldap') {
@@ -1286,12 +1324,11 @@ protected function _check_login($username = '', $password = null)
 
         $valid_logins = $this->config->item('rest_valid_logins');
 
-        if ( ! array_key_exists($username, $valid_logins)) {
+        if (!array_key_exists($username, $valid_logins)) {
             return false;
         }
 
-        // If actually null (not empty string) then do not check it
-        if ($password === null and $valid_logins[$username] != $password) {
+        if ($valid_logins[$username] != $password) {
             return false;
         }
 
