1
0

OC_API.php 4.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162
  1. <?php
  2. /**
  3. * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  4. * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
  5. * SPDX-License-Identifier: AGPL-3.0-only
  6. */
  7. use OCP\API;
  8. use OCP\AppFramework\Http;
  9. class OC_API {
  10. /**
  11. * api actions
  12. */
  13. protected static $actions = [];
  14. /**
  15. * respond to a call
  16. * @param \OC\OCS\Result $result
  17. * @param string $format the format xml|json
  18. * @psalm-taint-escape html
  19. */
  20. public static function respond($result, $format = 'xml') {
  21. $request = \OC::$server->getRequest();
  22. // Send 401 headers if unauthorised
  23. if ($result->getStatusCode() === \OCP\AppFramework\OCSController::RESPOND_UNAUTHORISED) {
  24. // If request comes from JS return dummy auth request
  25. if ($request->getHeader('X-Requested-With') === 'XMLHttpRequest') {
  26. header('WWW-Authenticate: DummyBasic realm="Authorisation Required"');
  27. } else {
  28. header('WWW-Authenticate: Basic realm="Authorisation Required"');
  29. }
  30. http_response_code(401);
  31. }
  32. foreach ($result->getHeaders() as $name => $value) {
  33. header($name . ': ' . $value);
  34. }
  35. $meta = $result->getMeta();
  36. $data = $result->getData();
  37. if (self::isV2($request)) {
  38. $statusCode = self::mapStatusCodes($result->getStatusCode());
  39. if (!is_null($statusCode)) {
  40. $meta['statuscode'] = $statusCode;
  41. http_response_code($statusCode);
  42. }
  43. }
  44. self::setContentType($format);
  45. $body = self::renderResult($format, $meta, $data);
  46. echo $body;
  47. }
  48. /**
  49. * @param XMLWriter $writer
  50. */
  51. private static function toXML($array, $writer) {
  52. foreach ($array as $k => $v) {
  53. if ($k[0] === '@') {
  54. $writer->writeAttribute(substr($k, 1), $v);
  55. continue;
  56. } elseif (is_numeric($k)) {
  57. $k = 'element';
  58. }
  59. if (is_array($v)) {
  60. $writer->startElement($k);
  61. self::toXML($v, $writer);
  62. $writer->endElement();
  63. } else {
  64. $writer->writeElement($k, $v);
  65. }
  66. }
  67. }
  68. public static function requestedFormat(): string {
  69. $formats = ['json', 'xml'];
  70. $format = (isset($_GET['format']) && is_string($_GET['format']) && in_array($_GET['format'], $formats)) ? $_GET['format'] : 'xml';
  71. return $format;
  72. }
  73. /**
  74. * Based on the requested format the response content type is set
  75. * @param string $format
  76. */
  77. public static function setContentType($format = null) {
  78. $format = is_null($format) ? self::requestedFormat() : $format;
  79. if ($format === 'xml') {
  80. header('Content-type: text/xml; charset=UTF-8');
  81. return;
  82. }
  83. if ($format === 'json') {
  84. header('Content-Type: application/json; charset=utf-8');
  85. return;
  86. }
  87. header('Content-Type: application/octet-stream; charset=utf-8');
  88. }
  89. /**
  90. * @param \OCP\IRequest $request
  91. * @return bool
  92. */
  93. protected static function isV2(\OCP\IRequest $request) {
  94. $script = $request->getScriptName();
  95. return str_ends_with($script, '/ocs/v2.php');
  96. }
  97. /**
  98. * @param integer $sc
  99. * @return int
  100. */
  101. public static function mapStatusCodes($sc) {
  102. switch ($sc) {
  103. case \OCP\AppFramework\OCSController::RESPOND_NOT_FOUND:
  104. return Http::STATUS_NOT_FOUND;
  105. case \OCP\AppFramework\OCSController::RESPOND_SERVER_ERROR:
  106. return Http::STATUS_INTERNAL_SERVER_ERROR;
  107. case \OCP\AppFramework\OCSController::RESPOND_UNKNOWN_ERROR:
  108. return Http::STATUS_INTERNAL_SERVER_ERROR;
  109. case \OCP\AppFramework\OCSController::RESPOND_UNAUTHORISED:
  110. // already handled for v1
  111. return null;
  112. case 100:
  113. return Http::STATUS_OK;
  114. }
  115. // any 2xx, 4xx and 5xx will be used as is
  116. if ($sc >= 200 && $sc < 600) {
  117. return $sc;
  118. }
  119. return Http::STATUS_BAD_REQUEST;
  120. }
  121. /**
  122. * @param string $format
  123. * @return string
  124. */
  125. public static function renderResult($format, $meta, $data) {
  126. $response = [
  127. 'ocs' => [
  128. 'meta' => $meta,
  129. 'data' => $data,
  130. ],
  131. ];
  132. if ($format == 'json') {
  133. return json_encode($response, JSON_HEX_TAG);
  134. }
  135. $writer = new XMLWriter();
  136. $writer->openMemory();
  137. $writer->setIndent(true);
  138. $writer->startDocument();
  139. self::toXML($response, $writer);
  140. $writer->endDocument();
  141. return $writer->outputMemory(true);
  142. }
  143. }