2019-05-09 01:36:18 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace MediaWiki\Rest;
|
|
|
|
|
|
|
|
|
|
use AppendIterator;
|
|
|
|
|
use BagOStuff;
|
2019-06-26 02:33:35 +00:00
|
|
|
use MediaWiki\Rest\BasicAccess\BasicAuthorizerInterface;
|
2019-05-09 01:36:18 +00:00
|
|
|
use MediaWiki\Rest\PathTemplateMatcher\PathMatcher;
|
2019-06-12 19:51:59 +00:00
|
|
|
use MediaWiki\Rest\Validator\Validator;
|
2020-01-10 00:00:51 +00:00
|
|
|
use Wikimedia\Message\MessageValue;
|
2019-05-09 01:36:18 +00:00
|
|
|
use Wikimedia\ObjectFactory;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* The REST router is responsible for gathering handler configuration, matching
|
|
|
|
|
* an input path and HTTP method against the defined routes, and constructing
|
|
|
|
|
* and executing the relevant handler for a request.
|
|
|
|
|
*/
|
|
|
|
|
class Router {
|
|
|
|
|
/** @var string[] */
|
|
|
|
|
private $routeFiles;
|
|
|
|
|
|
|
|
|
|
/** @var array */
|
|
|
|
|
private $extraRoutes;
|
|
|
|
|
|
|
|
|
|
/** @var array|null */
|
|
|
|
|
private $routesFromFiles;
|
|
|
|
|
|
|
|
|
|
/** @var int[]|null */
|
|
|
|
|
private $routeFileTimestamps;
|
|
|
|
|
|
|
|
|
|
/** @var string */
|
|
|
|
|
private $rootPath;
|
|
|
|
|
|
|
|
|
|
/** @var \BagOStuff */
|
|
|
|
|
private $cacheBag;
|
|
|
|
|
|
|
|
|
|
/** @var PathMatcher[]|null Path matchers by method */
|
|
|
|
|
private $matchers;
|
|
|
|
|
|
|
|
|
|
/** @var string|null */
|
|
|
|
|
private $configHash;
|
|
|
|
|
|
|
|
|
|
/** @var ResponseFactory */
|
|
|
|
|
private $responseFactory;
|
|
|
|
|
|
2019-06-26 02:33:35 +00:00
|
|
|
/** @var BasicAuthorizerInterface */
|
|
|
|
|
private $basicAuth;
|
|
|
|
|
|
2019-06-12 19:51:59 +00:00
|
|
|
/** @var ObjectFactory */
|
|
|
|
|
private $objectFactory;
|
|
|
|
|
|
|
|
|
|
/** @var Validator */
|
|
|
|
|
private $restValidator;
|
|
|
|
|
|
2019-05-09 01:36:18 +00:00
|
|
|
/**
|
|
|
|
|
* @param string[] $routeFiles List of names of JSON files containing routes
|
|
|
|
|
* @param array $extraRoutes Extension route array
|
|
|
|
|
* @param string $rootPath The base URL path
|
|
|
|
|
* @param BagOStuff $cacheBag A cache in which to store the matcher trees
|
|
|
|
|
* @param ResponseFactory $responseFactory
|
2019-06-26 02:33:35 +00:00
|
|
|
* @param BasicAuthorizerInterface $basicAuth
|
2019-06-12 19:51:59 +00:00
|
|
|
* @param ObjectFactory $objectFactory
|
|
|
|
|
* @param Validator $restValidator
|
2019-05-09 01:36:18 +00:00
|
|
|
*/
|
|
|
|
|
public function __construct( $routeFiles, $extraRoutes, $rootPath,
|
2019-06-26 02:33:35 +00:00
|
|
|
BagOStuff $cacheBag, ResponseFactory $responseFactory,
|
2019-06-12 19:51:59 +00:00
|
|
|
BasicAuthorizerInterface $basicAuth, ObjectFactory $objectFactory,
|
|
|
|
|
Validator $restValidator
|
2019-05-09 01:36:18 +00:00
|
|
|
) {
|
|
|
|
|
$this->routeFiles = $routeFiles;
|
|
|
|
|
$this->extraRoutes = $extraRoutes;
|
|
|
|
|
$this->rootPath = $rootPath;
|
|
|
|
|
$this->cacheBag = $cacheBag;
|
|
|
|
|
$this->responseFactory = $responseFactory;
|
2019-06-26 02:33:35 +00:00
|
|
|
$this->basicAuth = $basicAuth;
|
2019-06-12 19:51:59 +00:00
|
|
|
$this->objectFactory = $objectFactory;
|
|
|
|
|
$this->restValidator = $restValidator;
|
2019-05-09 01:36:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get the cache data, or false if it is missing or invalid
|
|
|
|
|
*
|
|
|
|
|
* @return bool|array
|
|
|
|
|
*/
|
|
|
|
|
private function fetchCacheData() {
|
|
|
|
|
$cacheData = $this->cacheBag->get( $this->getCacheKey() );
|
|
|
|
|
if ( $cacheData && $cacheData['CONFIG-HASH'] === $this->getConfigHash() ) {
|
|
|
|
|
unset( $cacheData['CONFIG-HASH'] );
|
|
|
|
|
return $cacheData;
|
|
|
|
|
} else {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @return string The cache key
|
|
|
|
|
*/
|
|
|
|
|
private function getCacheKey() {
|
|
|
|
|
return $this->cacheBag->makeKey( __CLASS__, '1' );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get a config version hash for cache invalidation
|
|
|
|
|
*
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
private function getConfigHash() {
|
|
|
|
|
if ( $this->configHash === null ) {
|
|
|
|
|
$this->configHash = md5( json_encode( [
|
|
|
|
|
$this->extraRoutes,
|
|
|
|
|
$this->getRouteFileTimestamps()
|
|
|
|
|
] ) );
|
|
|
|
|
}
|
|
|
|
|
return $this->configHash;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Load the defined JSON files and return the merged routes
|
|
|
|
|
*
|
|
|
|
|
* @return array
|
|
|
|
|
*/
|
|
|
|
|
private function getRoutesFromFiles() {
|
|
|
|
|
if ( $this->routesFromFiles === null ) {
|
|
|
|
|
$this->routeFileTimestamps = [];
|
|
|
|
|
foreach ( $this->routeFiles as $fileName ) {
|
|
|
|
|
$this->routeFileTimestamps[$fileName] = filemtime( $fileName );
|
|
|
|
|
$routes = json_decode( file_get_contents( $fileName ), true );
|
|
|
|
|
if ( $this->routesFromFiles === null ) {
|
|
|
|
|
$this->routesFromFiles = $routes;
|
|
|
|
|
} else {
|
|
|
|
|
$this->routesFromFiles = array_merge( $this->routesFromFiles, $routes );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return $this->routesFromFiles;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get an array of last modification times of the defined route files.
|
|
|
|
|
*
|
|
|
|
|
* @return int[] Last modification times
|
|
|
|
|
*/
|
|
|
|
|
private function getRouteFileTimestamps() {
|
|
|
|
|
if ( $this->routeFileTimestamps === null ) {
|
|
|
|
|
$this->routeFileTimestamps = [];
|
|
|
|
|
foreach ( $this->routeFiles as $fileName ) {
|
|
|
|
|
$this->routeFileTimestamps[$fileName] = filemtime( $fileName );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return $this->routeFileTimestamps;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get an iterator for all defined routes, including loading the routes from
|
|
|
|
|
* the JSON files.
|
|
|
|
|
*
|
|
|
|
|
* @return AppendIterator
|
|
|
|
|
*/
|
|
|
|
|
private function getAllRoutes() {
|
|
|
|
|
$iterator = new AppendIterator;
|
|
|
|
|
$iterator->append( new \ArrayIterator( $this->getRoutesFromFiles() ) );
|
|
|
|
|
$iterator->append( new \ArrayIterator( $this->extraRoutes ) );
|
|
|
|
|
return $iterator;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get an array of PathMatcher objects indexed by HTTP method
|
|
|
|
|
*
|
|
|
|
|
* @return PathMatcher[]
|
|
|
|
|
*/
|
|
|
|
|
private function getMatchers() {
|
|
|
|
|
if ( $this->matchers === null ) {
|
|
|
|
|
$cacheData = $this->fetchCacheData();
|
|
|
|
|
$matchers = [];
|
|
|
|
|
if ( $cacheData ) {
|
|
|
|
|
foreach ( $cacheData as $method => $data ) {
|
|
|
|
|
$matchers[$method] = PathMatcher::newFromCache( $data );
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
foreach ( $this->getAllRoutes() as $spec ) {
|
|
|
|
|
$methods = $spec['method'] ?? [ 'GET' ];
|
|
|
|
|
if ( !is_array( $methods ) ) {
|
|
|
|
|
$methods = [ $methods ];
|
|
|
|
|
}
|
|
|
|
|
foreach ( $methods as $method ) {
|
|
|
|
|
if ( !isset( $matchers[$method] ) ) {
|
|
|
|
|
$matchers[$method] = new PathMatcher;
|
|
|
|
|
}
|
|
|
|
|
$matchers[$method]->add( $spec['path'], $spec );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$cacheData = [ 'CONFIG-HASH' => $this->getConfigHash() ];
|
|
|
|
|
foreach ( $matchers as $method => $matcher ) {
|
|
|
|
|
$cacheData[$method] = $matcher->getCacheData();
|
|
|
|
|
}
|
|
|
|
|
$this->cacheBag->set( $this->getCacheKey(), $cacheData );
|
|
|
|
|
}
|
|
|
|
|
$this->matchers = $matchers;
|
|
|
|
|
}
|
|
|
|
|
return $this->matchers;
|
|
|
|
|
}
|
|
|
|
|
|
2019-05-31 03:41:40 +00:00
|
|
|
/**
|
|
|
|
|
* Remove the path prefix $this->rootPath. Return the part of the path with the
|
|
|
|
|
* prefix removed, or false if the prefix did not match.
|
|
|
|
|
*
|
|
|
|
|
* @param string $path
|
|
|
|
|
* @return false|string
|
|
|
|
|
*/
|
|
|
|
|
private function getRelativePath( $path ) {
|
2019-06-26 02:33:35 +00:00
|
|
|
if ( strlen( $this->rootPath ) > strlen( $path ) ||
|
|
|
|
|
substr_compare( $path, $this->rootPath, 0, strlen( $this->rootPath ) ) !== 0
|
|
|
|
|
) {
|
2019-05-31 03:41:40 +00:00
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
return substr( $path, strlen( $this->rootPath ) );
|
|
|
|
|
}
|
|
|
|
|
|
2019-05-09 01:36:18 +00:00
|
|
|
/**
|
|
|
|
|
* Find the handler for a request and execute it
|
|
|
|
|
*
|
|
|
|
|
* @param RequestInterface $request
|
|
|
|
|
* @return ResponseInterface
|
|
|
|
|
*/
|
|
|
|
|
public function execute( RequestInterface $request ) {
|
|
|
|
|
$path = $request->getUri()->getPath();
|
2019-05-31 03:41:40 +00:00
|
|
|
$relPath = $this->getRelativePath( $path );
|
|
|
|
|
if ( $relPath === false ) {
|
2019-07-16 22:43:43 +00:00
|
|
|
return $this->responseFactory->createLocalizedHttpError( 404,
|
|
|
|
|
( new MessageValue( 'rest-prefix-mismatch' ) )
|
|
|
|
|
->plaintextParams( $path, $this->rootPath )
|
|
|
|
|
);
|
2019-05-09 01:36:18 +00:00
|
|
|
}
|
2019-05-31 03:41:40 +00:00
|
|
|
|
2019-09-10 06:26:53 +00:00
|
|
|
$requestMethod = $request->getMethod();
|
2019-05-31 03:41:40 +00:00
|
|
|
$matchers = $this->getMatchers();
|
2019-09-10 06:26:53 +00:00
|
|
|
$matcher = $matchers[$requestMethod] ?? null;
|
2019-05-31 03:41:40 +00:00
|
|
|
$match = $matcher ? $matcher->match( $relPath ) : null;
|
|
|
|
|
|
2019-09-10 06:26:53 +00:00
|
|
|
// For a HEAD request, execute the GET handler instead if one exists.
|
|
|
|
|
// The webserver will discard the body.
|
|
|
|
|
if ( !$match && $requestMethod === 'HEAD' && isset( $matchers['GET'] ) ) {
|
|
|
|
|
$match = $matchers['GET']->match( $relPath );
|
|
|
|
|
}
|
|
|
|
|
|
2019-05-09 01:36:18 +00:00
|
|
|
if ( !$match ) {
|
2019-05-31 03:41:40 +00:00
|
|
|
// Check for 405 wrong method
|
|
|
|
|
$allowed = [];
|
|
|
|
|
foreach ( $matchers as $allowedMethod => $allowedMatcher ) {
|
2019-09-10 06:26:53 +00:00
|
|
|
if ( $allowedMethod === $requestMethod ) {
|
2019-05-31 03:41:40 +00:00
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
if ( $allowedMatcher->match( $relPath ) ) {
|
|
|
|
|
$allowed[] = $allowedMethod;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if ( $allowed ) {
|
2019-07-16 22:43:43 +00:00
|
|
|
$response = $this->responseFactory->createLocalizedHttpError( 405,
|
|
|
|
|
( new MessageValue( 'rest-wrong-method' ) )
|
2019-09-10 06:26:53 +00:00
|
|
|
->textParams( $requestMethod )
|
2019-07-16 22:43:43 +00:00
|
|
|
->commaListParams( $allowed )
|
|
|
|
|
->numParams( count( $allowed ) )
|
|
|
|
|
);
|
2019-05-31 03:41:40 +00:00
|
|
|
$response->setHeader( 'Allow', $allowed );
|
|
|
|
|
return $response;
|
|
|
|
|
} else {
|
|
|
|
|
// Did not match with any other method, must be 404
|
2019-07-16 22:43:43 +00:00
|
|
|
return $this->responseFactory->createLocalizedHttpError( 404,
|
|
|
|
|
( new MessageValue( 'rest-no-match' ) )
|
|
|
|
|
->plaintextParams( $relPath )
|
|
|
|
|
);
|
2019-05-31 03:41:40 +00:00
|
|
|
}
|
2019-05-09 01:36:18 +00:00
|
|
|
}
|
2019-05-31 03:41:40 +00:00
|
|
|
|
2019-06-24 11:14:46 +00:00
|
|
|
$request->setPathParams( array_map( 'rawurldecode', $match['params'] ) );
|
2020-01-22 19:08:38 +00:00
|
|
|
$handler = $this->createHandler( $request, $match['userData'] );
|
2019-05-09 01:36:18 +00:00
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
return $this->executeHandler( $handler );
|
|
|
|
|
} catch ( HttpException $e ) {
|
|
|
|
|
return $this->responseFactory->createFromException( $e );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-01-22 19:08:38 +00:00
|
|
|
/**
|
|
|
|
|
* Create a handler from its spec
|
|
|
|
|
* @param RequestInterface $request
|
|
|
|
|
* @param array $spec
|
|
|
|
|
* @return Handler
|
|
|
|
|
*/
|
|
|
|
|
private function createHandler( RequestInterface $request, array $spec ): Handler {
|
|
|
|
|
$objectFactorySpec = array_intersect_key( $spec,
|
|
|
|
|
[ 'factory' => true, 'class' => true, 'args' => true, 'services' => true ] );
|
|
|
|
|
/** @var $handler Handler (annotation for PHPStorm) */
|
|
|
|
|
$handler = $this->objectFactory->createObject( $objectFactorySpec );
|
|
|
|
|
$handler->init( $this, $request, $spec, $this->responseFactory );
|
|
|
|
|
|
|
|
|
|
return $handler;
|
|
|
|
|
}
|
|
|
|
|
|
2019-05-09 01:36:18 +00:00
|
|
|
/**
|
|
|
|
|
* Execute a fully-constructed handler
|
2019-07-16 22:43:43 +00:00
|
|
|
*
|
2019-05-09 01:36:18 +00:00
|
|
|
* @param Handler $handler
|
|
|
|
|
* @return ResponseInterface
|
|
|
|
|
*/
|
|
|
|
|
private function executeHandler( $handler ): ResponseInterface {
|
2019-09-30 06:15:30 +00:00
|
|
|
// Check for basic authorization, to avoid leaking data from private wikis
|
2019-06-26 02:33:35 +00:00
|
|
|
$authResult = $this->basicAuth->authorize( $handler->getRequest(), $handler );
|
|
|
|
|
if ( $authResult ) {
|
|
|
|
|
return $this->responseFactory->createHttpError( 403, [ 'error' => $authResult ] );
|
|
|
|
|
}
|
2019-06-12 19:51:59 +00:00
|
|
|
|
2019-09-30 06:15:30 +00:00
|
|
|
// Validate the parameters
|
2019-06-12 19:51:59 +00:00
|
|
|
$handler->validate( $this->restValidator );
|
|
|
|
|
|
2019-09-30 06:15:30 +00:00
|
|
|
// Check conditional request headers
|
|
|
|
|
$earlyResponse = $handler->checkPreconditions();
|
|
|
|
|
if ( $earlyResponse ) {
|
|
|
|
|
return $earlyResponse;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Run the main part of the handler
|
2019-05-09 01:36:18 +00:00
|
|
|
$response = $handler->execute();
|
|
|
|
|
if ( !( $response instanceof ResponseInterface ) ) {
|
|
|
|
|
$response = $this->responseFactory->createFromReturnValue( $response );
|
|
|
|
|
}
|
2019-09-30 06:15:30 +00:00
|
|
|
|
|
|
|
|
// Set Last-Modified and ETag headers in the response if available
|
|
|
|
|
$handler->applyConditionalResponseHeaders( $response );
|
|
|
|
|
|
2019-05-09 01:36:18 +00:00
|
|
|
return $response;
|
|
|
|
|
}
|
|
|
|
|
}
|
