forked from michaelkirkpatrick/catalog-beer-api
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.php
341 lines (317 loc) · 10.5 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
<?php
// Initialize
include_once $_SERVER["DOCUMENT_ROOT"] . '/classes/initialize.php';
// Defaults
$apiKey = '';
$error = false;
$json = array();
$responseCode = 200;
$responseHeader = '';
// ----- Method & Data -----
// get the HTTP method and body of the request
$method = $_SERVER['REQUEST_METHOD'];
$input = file_get_contents('php://input');
if(!empty($input)){
$data = json_decode($input);
if(empty($data)){
// Set new, empty class for empty data sets
$data = new stdClass();
}
if(json_last_error() > 0){
// Error Decoding JSON
$error = true;
$responseCode = 400;
$json['error'] = true;
switch (json_last_error()) {
case JSON_ERROR_DEPTH:
$json['error_msg'] = 'JSON decoding error: Maximum stack depth exceeded';
break;
case JSON_ERROR_STATE_MISMATCH:
$json['error_msg'] = 'JSON decoding error: Underflow or the modes mismatch';
break;
case JSON_ERROR_CTRL_CHAR:
$json['error_msg'] = 'JSON decoding error: Unexpected control character found';
break;
case JSON_ERROR_SYNTAX:
$json['error_msg'] = 'JSON decoding error: Syntax error, malformed JSON';
break;
case JSON_ERROR_UTF8:
$json['error_msg'] = 'JSON decoding error: Malformed UTF-8 characters, possibly incorrectly encoded';
break;
case JSON_ERROR_RECURSION:
$json['error_msg'] = 'JSON decoding error: One or more recursive references in the value to be encoded';
break;
case JSON_ERROR_INF_OR_NAN:
$json['error_msg'] = 'JSON decoding error: One or more NAN or INF values in the value to be encoded';
break;
case JSON_ERROR_UNSUPPORTED_TYPE:
$json['error_msg'] = 'JSON decoding error: A value of a type that cannot be encoded was given';
break;
case JSON_ERROR_INVALID_PROPERTY_NAME:
$json['error_msg'] = 'JSON decoding error: A property name that cannot be encoded was given';
break;
case JSON_ERROR_UTF16:
$json['error_msg'] = 'JSON decoding error: Malformed UTF-16 characters, possibly incorrectly encoded';
break;
default:
$json['error_msg'] = 'JSON decoding error: Unknown error';
break;
}
// Log Error
$errorLog = new LogError();
$errorLog->errorNumber = 154;
$errorLog->errorMsg = 'JSON Decoding Error';
$errorLog->badData = $json['error_msg'] . ' // ' . $input;
$errorLog->filename = 'API / index.php';
$errorLog->write();
}
}else{
// Setup Default Class
$data = new stdClass();
}
// General URL Parameters
$count = 500;
$cursor = base64_encode('0'); // Page
$endpoint = '';
$function = '';
$id = '';
if(isset($_GET['count'])){
$count = $_GET['count'];
}
if(isset($_GET['cursor'])){
$cursor = $_GET['cursor'];
}
if(isset($_GET['endpoint'])){
$endpoint = $_GET['endpoint'];
}
if(isset($_GET['function'])){
$function = $_GET['function'];
}
if(isset($_GET['id'])){
$id = substr($_GET['id'], 1, 36);
}
// Location Search URL Parameters
$data->latitude = 0;
$data->longitude = 0;
$data->searchRadius = 0;
$data->metric = '';
if(isset($_GET['latitude'])){
$data->latitude = $_GET['latitude'];
}
if(isset($_GET['longitude'])){
$data->longitude = $_GET['longitude'];
}
if(isset($_GET['search_radius'])){
$data->searchRadius = $_GET['search_radius'];
}
if(isset($_GET['metric'])){
$data->metric = $_GET['metric'];
}
// --- Check Headers ----
// Get all the headers that were sent
$headers = array();
foreach (getallheaders() as $name => $value) {
$headers[$name] = $value;
}
// Content-Type
$contentTypeMethods = array('POST', 'PUT', 'PATCH');
if(in_array($method, $contentTypeMethods)){
// Check the Content-Type Header - Method may include 'Content-Type' header.
if(array_key_exists('Content-Type', $headers)){
// User is telling us they are sending a specific Content-Type
if($headers['Content-Type'] != 'application/json'){
// They are trying to send us data in a form that we can't accept
$error = true;
$responseCode = 415;
$json['error'] = true;
$json['error_msg'] = 'Our API only accepts JSON data at this time. Based on your \'Content-Type\' header, it doesn\'t appear that you are sending us \'application/json\' data.';
// Log Error
$errorLog = new LogError();
$errorLog->errorNumber = 157;
$errorLog->errorMsg = 'Invalid Content-Type Header';
$errorLog->badData = $headers['Content-Type'];
$errorLog->filename = 'API / index.php';
$errorLog->write();
}
}
}
// Accept
$contentTypeMethods = array('GET', 'POST', 'PUT', 'PATCH');
if(in_array($method, $contentTypeMethods)){
// Check the Accept Header - Method may include 'Accept' header.
if(array_key_exists('Accept', $headers)){
// User is telling us they would like us to return a specific Content-Type
$acceptableAcceptHeader = array('application/json', '*/*');
if(!in_array($headers['Accept'], $acceptableAcceptHeader)){
// They are asking us to send us data in a format different from what we send (JSON)
$error = true;
$responseCode = 406;
$json['error'] = true;
$json['error_msg'] = 'At this time our API only sends data in a JSON format. Based on your \'Accept\' header, it appears that you would like us to send you data in a format other than \'application/json\'.';
// Log Error
$errorLog = new LogError();
$errorLog->errorNumber = 158;
$errorLog->errorMsg = 'Invalid Accept header';
$errorLog->badData = $headers['Accept'];
$errorLog->filename = 'API / index.php';
$errorLog->write();
}
}
}
// ----- HTTPS & Authorization -----
if(isset($_SERVER['HTTPS'])){
if($_SERVER['HTTPS'] == 'on'){
// Check Authorization Header
if(isset($_SERVER['PHP_AUTH_USER'])){
// Get Submitted Username and Password
$apiKey = $_SERVER['PHP_AUTH_USER'];
if(!empty($apiKey)){
$apiKeys = new apiKeys();
if(!$apiKeys->validate($apiKey, true)){
// Invalid User
$error = true;
$responseCode = 401;
$json['error'] = true;
$json['error_msg'] = 'Sorry to say this, but your API key appears to be invalid. Please contact Catalog.beer support if you believe you have received this message in error; we will help you figure it out.';
}
}else{
// Missing Username
$error = true;
$responseCode = 401;
$json['error'] = true;
$json['error_msg'] = 'We are missing your API Key. This key should be submitted in the username field of your API request using HTTP Basic Auth. No password is required.';
// Log Error
$errorLog = new LogError();
$errorLog->errorNumber = 7;
$errorLog->errorMsg = 'Missing username';
$errorLog->badData = '';
$errorLog->filename = 'API / index.php';
$errorLog->write();
}
}else{
// Invalid Authentication
$error = true;
$responseCode = 401;
$json['error'] = true;
$json['error_msg'] = 'Missing API key. Please check that your request includes your API key as the Username using HTTP basic auth and then try again.';
// Log Error
$errorLog = new LogError();
$errorLog->errorNumber = 6;
$errorLog->errorMsg = 'No credentials submitted';
$errorLog->badData = '';
$errorLog->filename = 'API / index.php';
$errorLog->write();
}
}else{
// No HTTPS
$error = true;
$responseCode = 400;
$json['error'] = true;
$json['error_msg'] = 'In order to connect to the Catalog.beer API, you will need to connect using a secure connection (HTTPS). Please try your request again.';
}
}else{
// No HTTPS Variable Set
$error = true;
$responseCode = 500;
$json['error'] = true;
$json['error_msg'] = 'In order to connect to the Catalog.beer API, you will need to connect using a secure connection (HTTPS). Please try your request again.';
}
/* - - - - - Process Based on Endpoint - - - - - */
if(!$error){
switch($endpoint){
case 'address':
$usAddresses = new USAddresses();
$usAddresses->api($method, $id, $apiKey, $data);
$json = $usAddresses->json;
$responseCode = $usAddresses->responseCode;
$responseHeader = '';
break;
case 'beer':
$beer = new Beer();
$beer->api($method, $function, $id, $apiKey, $count, $cursor, $data);
$json = $beer->json;
$responseCode = $beer->responseCode;
$responseHeader = $beer->responseHeader;
break;
case 'brewer':
$brewer = new Brewer();
$brewer->api($method, $function, $id, $apiKey, $count, $cursor, $data);
$json = $brewer->json;
$responseCode = $brewer->responseCode;
$responseHeader = $brewer->responseHeader;
break;
case 'location':
if(empty($_GET['count'])){$count = 0;}
$location = new Location();
$location->api($method, $function, $id, $apiKey, $count, $cursor, $data);
$json = $location->json;
$responseCode = $location->responseCode;
$responseHeader = $location->responseHeader;
break;
case 'login':
$users = new Users();
$users->loginAPI($method, $apiKey, $data);
$json = $users->json;
$responseCode = $users->responseCode;
$responseHeader = $users->responseHeader;
break;
case 'usage':
$usage = new Usage();
$usage->api($method, $function, $id, $apiKey);
$json = $usage->json;
$responseCode = $usage->responseCode;
$responseHeader = $usage->responseHeader;
break;
case 'users':
$users = new Users();
$users->usersAPI($method, $function, $id, $apiKey, $data);
$json = $users->json;
$responseCode = $users->responseCode;
$responseHeader = $users->responseHeader;
break;
default:
// Invalid Endpoint
$responseCode = 404;
$json['error'] = true;
$json['error_msg'] = 'Invalid path. The URI you requested does not exist.';
// Log Error
$errorLog = new LogError();
$errorLog->errorNumber = 151;
$errorLog->errorMsg = 'Invalid endpoint';
$errorLog->badData = $endpoint;
$errorLog->filename = 'API / index.php';
$errorLog->write();
}
}
/* - - - - - RESPONSE - - - - - */
// HTTP Status Code
http_response_code($responseCode);
// Header Type
header('Content-Type: application/json');
if(!empty($responseHeader)){
header($responseHeader);
}
// Output JSON
if($json_encoded = json_encode($json)){
echo $json_encoded;
}else{
$json_orig = $json;
$json = array();
$json['error'] = true;
$json['error_msg'] = 'Sorry, we have encountered an encoding error and are unable to present your data at this time. We\'ve logged the issue and our support team will look into it.';
echo json_encode($json);
// Log Error
$errorLog = new LogError();
$errorLog->errorNumber = 45;
$errorLog->errorMsg = 'JSON Encoding Error';
$errorLog->badData = $json_orig;
$errorLog->filename = 'API / index.php';
$errorLog->write();
}
$masterKeys = array();
if(!in_array($apiKey, $masterKeys)){
// Log Request
$apiLogging = new apiLogging();
$apiLogging->add($apiKey, $method, $_SERVER['REQUEST_URI'], $data, $json_encoded, $responseCode);
}
?>