Class Socialveo\WebApi\Controllers\IndexController

InheritanceSocialveo\WebApi\Controllers\IndexController » Socialveo\WebApi\Controllers\RestApiController » Phalcon\Mvc\Controller
Uses TraitsSocialveo\Core\Translatable

Class IndexController

Public Methods

Hide inherited methods

MethodDescriptionDefined By
_handleException() Handle exceptions Socialveo\WebApi\Controllers\RestApiController
_t() Gets translations Socialveo\Core\Translatable
afterExecuteRoute() After execute route, change return value to json Socialveo\WebApi\Controllers\RestApiController
authAction() Handles HybridAuth authorization flows with various providers. Socialveo\WebApi\Controllers\IndexController
authGoogleAction() Handles oAuth2 authorization flow with Google API, only to be used by admin user (YouTube account authorization) Socialveo\WebApi\Controllers\IndexController
authRedirectAction() Handles HybridAuth redirects (for technical purposes only) Socialveo\WebApi\Controllers\IndexController
beforeExecuteRoute() Before execute route, remove extra params Socialveo\WebApi\Controllers\RestApiController
checkClientCredentials() Checks client credentials Socialveo\WebApi\Controllers\RestApiController
configAction() Get config Socialveo\WebApi\Controllers\IndexController
decrypt() Decrypt value Socialveo\WebApi\Controllers\RestApiController
embedAction() Parses embed urls Socialveo\WebApi\Controllers\IndexController
encrypt() Encrypt value Socialveo\WebApi\Controllers\RestApiController
getArrayFromParam() Returns array from params Socialveo\WebApi\Controllers\RestApiController
getLanguage() Gets language code Socialveo\WebApi\Controllers\RestApiController
getParams() Gets request params for Socialveo::filteredFind() Socialveo\WebApi\Controllers\RestApiController
getRequestData() Returns request data Socialveo\WebApi\Controllers\RestApiController
getRequiredParam() Get required param Socialveo\WebApi\Controllers\RestApiController
getToken() Get token Socialveo\WebApi\Controllers\RestApiController
getTranslation() Gets translations Socialveo\WebApi\Controllers\RestApiController
handleError() Handle errors Socialveo\WebApi\Controllers\RestApiController
handleException() Handle exceptions Socialveo\WebApi\Controllers\RestApiController
indexAction() Default action reference to error page Socialveo\WebApi\Controllers\IndexController
initialize() Initialize controller Socialveo\WebApi\Controllers\RestApiController
invalidMethodAction() Action trigger when invalid action tried run Socialveo\WebApi\Controllers\RestApiController
newsFeedAction() News feed posts Socialveo\WebApi\Controllers\IndexController
notFoundAction() Not found action Socialveo\WebApi\Controllers\RestApiController
paypalIpnAction() PayPal - Instant Payment Notification Socialveo\WebApi\Controllers\IndexController
paypalStatusAction() PayPal Status action Socialveo\WebApi\Controllers\IndexController
posts() Gets posts Socialveo\WebApi\Controllers\RestApiController
replaceParam() Replace param Socialveo\WebApi\Controllers\RestApiController
respondWithItem() Response with item // * @deprecated Socialveo\WebApi\Controllers\RestApiController
revokeTokenAction() Invalidates access tokens (handles log-out) Socialveo\WebApi\Controllers\IndexController
sendJsonContent() Send response as json content and exit Socialveo\WebApi\Controllers\RestApiController
sendJsonContentRaw() Send json content Socialveo\WebApi\Controllers\RestApiController
sendJsonContentRawStatic() Send json content static Socialveo\WebApi\Controllers\RestApiController
setDefaultParam() Set default option Socialveo\WebApi\Controllers\RestApiController
t() Gets translations Socialveo\Core\Translatable
tokenAction() Generates access tokens (user login) Socialveo\WebApi\Controllers\IndexController
unsetParam() Unset get param Socialveo\WebApi\Controllers\RestApiController

Protected Methods

Hide inherited methods

MethodDescriptionDefined By
checkAccess() Checks during the init of controller whether user is a guest. Socialveo\WebApi\Controllers\RestApiController
log() Log full request data for debug Socialveo\WebApi\Controllers\RestApiController
objectsToArray() Convert objects to arrays Socialveo\WebApi\Controllers\RestApiController

Method Details

authAction() public method

Handles HybridAuth authorization flows with various providers.

/auth

Method: POST

Access: Public

Parameters:

provider required string social profile provider name (eg. Facebook Google, etc)
token required string social access_token of the provider
client_id optional string the client id of api application
client_secret optional string the client secret of api application

Affects: OAuth2AccessToken, OAuth2RefreshToken, User

When you use authenticated user then you not require to send client_id and client_secret, but if user not logged or access_token is outdated you need to set client_id and client_secret for create new application access_token.

Scopes:

Google https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/user.birthday.read
Facebook public_profile, email, user_friends

Valid scopes can be found in the config at the hybridauth category. The wrong scopes will create the wrong tokens!

Examples:

### Connect logged user with Google account using Google token
POST https://api.socialveo.co/auth
Content-Type: application/json
Authorization: Bearer 1681fea42272ae1c2d823ac401ba96f0382dea17
{
  "provider": "Google",
  "token": "ya29.GlvGBDOKXNWXanBnmUY3WgfYeFxmSh2reoGIMUxAbYu9m8CyORwXGadQzHoJpFsyN3sM3OyNvttZ5TIH1Vni4N1_pZPBSIYxfIsJqgeIlwP3YCVm5HwVbSr7UOAf"
}

Response:
{
  "status": "OK",
  "timestamp": 1234567890
}

### Login/register via Google account using Google token
POST https://api.socialveo.co/auth
Content-Type: application/json
{
  "provider": "Google",
  "token": "ya29.GlvGBDOKXNWXanBnmUY3WgfYeFxmSh2reoGIMUxAbYu9m8CyORwXGadQzHoJpFsyN3sM3OyNvttZ5TIH1Vni4N1_pZPBSIYxfIsJqgeIlwP3YCVm5HwVbSr7UOAf",
  "client_id": "test",
  "client_secret": "pass"
}

Response:
{
  "status": "OK",
  "access_token": "0e7f74fc2b1c12ae1787fc487e72700f66256cf8",
  "expires_in": "360000000",
  "token_type": "Bearer",
  "scope": null,
  "refresh_token": "4568832f257932030ae62df8cd6009593937f766",
  "timestamp": 1234567890
}

public mixed authAction ( )
authGoogleAction() public method

Handles oAuth2 authorization flow with Google API, only to be used by admin user (YouTube account authorization)

Notice. This action is disabled, the reasons can be: not implemented, unsafe, duplicated or deprecated (autodetect: disabled in the router)
/auth/google

Method: GET

Access: Public

Parameters:

token optional string a valid access token

In order to use this endpoint and authorize with Google, admin user has to pass his/her access token in the request query (`?token=xxxxxxxxxxxxx`), this will initiate the authorization flow

Sample response: This action produces no output.

public void authGoogleAction ( )
authRedirectAction() public method

Handles HybridAuth redirects (for technical purposes only)

Notice. This action is disabled, the reasons can be: not implemented, unsafe, duplicated or deprecated (autodetect: disabled in the router)
/auth/redirect

Method: GET

Access: Public

Parameters: This action accepts no parameters

Sample response: This action produces no output.

public void authRedirectAction ( )
configAction() public method

Get config

/config

Method: POST

Access: Public

Additional: Uses base64 encoding + encryption by `AES-256-ECB` algorithm using secret `client_crypt_key`

Parameters:

client_id required string the client id of api application
client_secret required string the client secret of api application
category optional string the category of config (optional), by default returns all public config. May contain dots . which means subcategories, e.g. media.allowedImageExtensions or hybridauth.providers.Facebook
language optional string language (example en_US, it_IT, de_DE), by default used from user settings

Returns: array

Sample response:

{
    "status": "OK",
    "data": "CGtErRYxvvsrALU0oMNVMp2ipOWRTNF6wScnna5QBNKwDNV2YcSYLzPF0gKdDCbYVVl8hSDUW18LKNpzlEwakenkEW6Bf...",
    "encrypted": true,
    "timestamp": 1234567890
}

The data of the response is base64 encoded and encrypted json data.

Cipher: AES (Rijndael) 256-bit ECB mode (no IV is required!)

Encryption on server:

  $json = '{"test":"test"}';
  $cipher = 'aes-256-ecb';
  $key = 'my client crypt key';
  $iv = '';
  $crypted = openssl_encrypt($json, $cipher, $key, 1, $iv);
  $base64 = base64_encode($crypted);
  return $base64;

public mixed configAction ( )
throws Exception
embedAction() public method

Parses embed urls

/embed

Method: GET

Access: Public

Parameters:

link required string link
language optional string language (example en_US, it_IT, de_DE), by default used from user settings

Returns: array

Sample response:

{
    "status": "OK",
    "data": {
        "title": "Test Post",
        "description": "Test message",
        "url": "https:\/\/www.facebook.com\/test/posts\/1063916123739142",
        "type": "rich",
        "tags": [],
        ...
    }
}

public array|Phalcon\Translate\Adapter\Gettext|string embedAction ( )
throws Exception
indexAction() public method

Default action reference to error page

public mixed indexAction ( )
newsFeedAction() public method

News feed posts

/feed

Method: GET

Access: Public

Parameters:

page or offset optional integer, page start or offset
limit optional integer, page limit
sortby[property]=order optional sort by property value, order either desc or asc
filterby[property][operator]=value optional filter by given property, operator eq (=), gt (>), ge(>=), lt(<), le(<=), ne(<>), like
filter=filter_name optional string, internal filter, supported filters: 'mostCommented', 'myFriends', 'my', 'emotions' (require value, emotion name), 'networks' (may be with value network uuid)
filter[filter_name]=value optional string, internal filter value, used by filters 'emotions' (required), 'networks' (optional)
language optional string, language code

Filter by: Post

Returns: Post []

Internal filters (used by filter param):

filter value description
mostCommented no order by most commented posts (most commented at top)
myFriends no show only friends posts
my no show only logged user posts
emotions required string, emotion name (available by default: like, dislike, love, sad, boring, angry), defined in config
networks optional if used without value will show only posts of networks; value accepts network uuid and will show only this network

Sample response:

{
    "status": "OK",
    "data":[
        {"type": "post", "uuid": "a479b438-14a8-11e6-ac83-54bef75c7a3f", "network_uuid": "a66b8654-14a8-11e6-af87-54bef75c7a3f",…},
        {"type": "post", "uuid": "5a15e760-27ed-11e6-8d4a-54bef75c7a3f", "network_uuid": "5ac94e9a-27ed-11e6-9916-54bef75c7a3f",…},
        {"type": "post", "uuid": "0449c1f2-27f8-11e6-be68-54bef75c7a3f", "network_uuid": "04577e6e-27f8-11e6-b0cf-54bef75c7a3f",…},
        {"type": "post", "uuid": "4622f77e-27f8-11e6-98d1-54bef75c7a3f", "network_uuid": "4631a06c-27f8-11e6-94b3-54bef75c7a3f",…},
        ...
    ],
    "count":{"offset": 0, "limit": 10, "total": 12}
}

public mixed newsFeedAction ( )
paypalIpnAction() public method

PayPal - Instant Payment Notification

See also https://developer.paypal.com/docs/classic/ipn/gs_IPN/.

public boolean paypalIpnAction ( $token )
$token string
paypalStatusAction() public method

PayPal Status action

Notice. This action is disabled, the reasons can be: not implemented, unsafe, duplicated or deprecated (autodetect: disabled in the router)
/paypal/status/{status}/{token}

Method: GET

Access: Public

Parameters: This action accepts no parameters

Sample response: This action renders a view.

See also https://developer.paypal.com/docs/classic/ipn/gs_IPN/.

public void paypalStatusAction ( $status, $token )
$status
$token
revokeTokenAction() public method

Invalidates access tokens (handles log-out)

/token/revoke

Method: POST

Access: Public

Parameters:

token required string access token
language optional string language (example en_US, it_IT, de_DE), by default used from user settings

Affects: OAuth2AccessToken, OAuth2RefreshToken

Sample response:

{
    'status': 'success'
}

public mixed revokeTokenAction ( )
tokenAction() public method

Generates access tokens (user login)

/token

Method: POST

Access: Public

Parameters:

client_id required string the client id of api application
client_secret optional string the client secret of api application
grant_type optional string default is 'password'
username required string user username or email
password required string user password
language optional string the output language (example en_US, it_IT, de_DE), by default used from user settings

Affects: OAuth2AccessToken, OAuth2RefreshToken

Returns: array

Sample response:

{
    "status": "OK",
    "access_token": "6cefad589f3700d6257fca6fd3260c3c43f10ee8",
    "expires_in": "360000000",
    "token_type": "Bearer",
    "scope": null,
    "refresh_token": "2af17e93578e353a36c9000341235490d55933b1",
    "timestamp": 1234567890
}

public array tokenAction ( )