p3k
/
Teacup
mirror of https://github.com/aaronpk/Teacup.git
1
0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
75 Commits
2 Branches
8.4 MiB
Tree: c6837188db
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'c6837188db'
${ noResults }
Teacup/controllers/alexa.php

257 lines
7.3 KiB
Raw Normal View History

add alexa support probably rough around the edges still
8 years ago
 
  1. <?php
  2. use \Firebase\JWT\JWT;
  3. 

  4. $app->get('/alexa', function() use($app) {
  5.   render('alexa', array(
  6.     'title' => 'Teacup for Alexa'
  7.   ));
  8. });
  9. 

  10. $app->get('/alexa/auth', function() use($app) {
  11.   $req = $app->request();
  12.   $params = $req->params();
  13. 

  14.   $required = ['client_id', 'response_type', 'state', 'redirect_uri'];
  15.   $params_present = array_keys($params);
  16. 

  17.   // Validate Alexa OAuth parameters

  18.   if(count(array_intersect($required, $params_present)) != count($required)) {
  19.     render('auth_error', array(
  20.       'title' => 'Sign In',
  21.       'error' => 'Missing parameters',
  22.       'errorDescription' => 'One or more required parameters were missing',
  23.       'footer' => false
  24.     ));
  25.     return;
  26.   }
  27. 

  28.   // Check that redirect URI is one that is allowed

  29.   if(!in_array($params['redirect_uri'], Config::$alexaRedirectURIs)) {
  30.     render('auth_error', array(
  31.       'title' => 'Sign In',
  32.       'error' => 'Invalid redirect URI',
  33.       'errorDescription' => 'Alexa sent an invalid redirect URI',
  34.       'footer' => false
  35.     ));
  36.     return;
  37.   }
  38. 

  39.   if($params['client_id'] != Config::$alexaClientID) {
  40.     render('auth_error', array(
  41.       'title' => 'Sign In',
  42.       'error' => 'Invalid Client ID',
  43.       'errorDescription' => 'Alexa sent an invalid client ID',
  44.       'footer' => false
  45.     ));
  46.     return;
  47.   }
  48. 

  49.   // Pass through the OAuth parameters

  50.   render('alexa-auth', [
  51.     'title' => 'Teacup for Alexa',
  52.     'client_id' => $params['client_id'],
  53.     'response_type' => $params['response_type'],
  54.     'state' => $params['state'],
  55.     'redirect_uri' => $params['redirect_uri'],
  56.     'footer' => false
  57.   ]);
  58. });
  59. 

  60. $app->post('/alexa/login', function() use($app) {
  61.   $req = $app->request();
  62.   $params = $req->params();
  63. 

  64.   file_put_contents('logs/login.txt', json_encode($params));
  65. 

  66.   $required = ['code', 'client_id', 'state', 'redirect_uri'];
  67.   $params_present = array_keys($params);
  68. 

  69.   if(count(array_intersect($required, $params_present)) != count($required)) {
  70.     render('auth_error', array(
  71.       'title' => 'Sign In',
  72.       'error' => 'Missing parameters',
  73.       'errorDescription' => 'One or more required parameters were missing',
  74.       'footer' => false
  75.     ));
  76.     return;
  77.   }
  78. 

  79.   $user = ORM::for_table('users')
  80.     ->where('device_code', $params['code'])
  81.     ->where_gt('device_code_expires', date('Y-m-d H:i:s'))->find_one();
  82. 

  83.   if(!$user) {
  84.     render('auth_error', array(
  85.       'title' => 'Sign In',
  86.       'error' => 'Invalid code',
  87.       'errorDescription' => 'The code you entered is invalid or has expired',
  88.       'footer' => false
  89.     ));
  90.     return;
  91.   }
  92. 

  93.   $code = JWT::encode(array(
  94.     'user_id' => $user->id,
  95.     'iat' => time(),
  96.     'exp' => time()+300,
  97.     'client_id' => $params['client_id'],
  98.     'state' => $params['state'],
  99.     'redirect_uri' => $params['redirect_uri'],
  100.   ), Config::$jwtSecret);
  101. 

  102.   $redirect = $params['redirect_uri'] . '?code=' . $code . '&state=' . $params['state'];
  103. 

  104.   $app->redirect($redirect, 302);
  105. });
  106. 

  107. $app->post('/alexa/token', function() use($app) {
  108.   $req = $app->request();
  109.   $params = $req->params();
  110.   // Alexa requests a token given a code generated above

  111. 

  112.   // Verify the client ID and secret

  113.   if($params['client_id'] != Config::$alexaClientID 
  114.     || $params['client_secret'] != Config::$alexaClientSecret) {
  115.     $app->response->setStatus(400);
  116.     $app->response()['Content-type'] = 'application/json';
  117.     $app->response()->body(json_encode([
  118.       'error' => 'forbidden',
  119.       'error_description' => 'The client ID and secret do not match'
  120.     ]));
  121.     return;
  122.   }
  123. 

  124.   if(array_key_exists('code', $params)) {
  125.     $jwt = $params['code'];
  126.   } elseif(array_key_exists('refresh_token', $params)) {
  127.     $jwt = $params['refresh_token'];
  128.   } else {
  129.     $app->response->setStatus(400);
  130.     $app->response()['Content-type'] = 'application/json';
  131.     $app->response()->body(json_encode([
  132.       'error' => 'bad_request',
  133.       'error_description' => 'Must provide either an authorization code or refresh token'
  134.     ]));
  135.     return;
  136.   }
  137. 

  138.   // Validate the JWT

  139.   try {
  140.     $user = JWT::decode($jwt, Config::$jwtSecret, ['HS256']);
  141.   } catch(Exception $e) {
  142.     $app->response->setStatus(400);
  143.     $app->response()['Content-type'] = 'application/json';
  144.     $app->response()->body(json_encode([
  145.       'error' => 'unauthorized',
  146.       'error_description' => 'The authorization code or refresh token was invalid'
  147.     ]));
  148.     return;
  149.   }
  150. 

  151.   // Generate an access token and refresh token

  152.   $access_token = JWT::encode([
  153.     'user_id' => $user->user_id,
  154.     'client_id' => $user->client_id,
  155.     'iat' => time(),
  156.   ], Config::$jwtSecret);
  157.   $refresh_token = JWT::encode([
  158.     'user_id' => $user->user_id,
  159.     'client_id' => $user->client_id,
  160.     'iat' => time(),
  161.   ], Config::$jwtSecret);
  162. 

  163. 

  164.   $app->response()['Content-type'] = 'application/json';
  165.   $app->response()->body(json_encode([
  166.     'access_token' => $access_token,
  167.     'refresh_token' => $refresh_token
  168.   ]));
  169. });
  170. 

  171. 

  172. $app->post('/alexa/endpoint', function() use($app) {
  173. 

  174.   $input = file_get_contents('php://input');
  175.   $json = json_decode($input, 'input');
  176. 

  177.   $alexaRequest = \Alexa\Request\Request::fromData($json);
  178. 

  179.   if($alexaRequest instanceof Alexa\Request\IntentRequest) {
  180.     # file_put_contents('logs/request.txt', $input);

  181. 

  182.     # Verify the access token

  183.     try {
  184.       $data = JWT::decode($alexaRequest->user->accessToken, Config::$jwtSecret, ['HS256']);
  185.     } catch(Exception $e) {
  186.       $app->response->setStatus(401);
  187.       $app->response()['Content-type'] = 'application/json';
  188.       $app->response()->body(json_encode([
  189.         'error' => 'unauthorized',
  190.         'error_description' => 'The access token was invalid or has expired'
  191.       ]));
  192.       return;
  193.     }
  194. 

  195.     $user = ORM::for_table('users')->find_one($data->user_id);
  196. 

  197.     if(!$user) {
  198.       $app->response->setStatus(400);
  199.       return;
  200.     }
  201. 

  202.     $action = $alexaRequest->slots['Action'];
  203.     $food = ucfirst($alexaRequest->slots['Food']);
  204. 

  205. 

  206.     $entry = ORM::for_table('entries')->create();
  207.     $entry->user_id = $user->id;
  208.     $entry->type = ($action == 'drank' ? 'drink' : 'eat');
  209.     $entry->content = $food;
  210.     $entry->published = date('Y-m-d H:i:s');
  211.     $entry->save();
  212. 

  213.     $text_content = 'Just ' . $action . ': ' . $food;
  214. 

  215.     if($user->micropub_endpoint) {
  216.       $mp_request = array(
  217.         'h' => 'entry',
  218.         'published' => date('Y-m-d H:i:s'),
  219.         'summary' => $text_content
  220.       );
  221.       if($user->enable_array_micropub) {
  222.         $mp_request[$action] = [
  223.           'type' => 'h-food',
  224.           'properties' => [
  225.             'name' => $food
  226.           ]
  227.         ];
  228.       } else {
  229.         $mp_request['p3k-food'] = $food;
  230.         $mp_request['p3k-type'] = $entry->type;
  231.       }
  232. 

  233.       $r = micropub_post($user->micropub_endpoint, $mp_request, $user->access_token);
  234.       $request = $r['request'];
  235.       $response = $r['response'];
  236. 

  237.       $entry->micropub_response = $response;
  238.       if($response && preg_match('/Location: (.+)/', $response, $match)) {
  239.         $url = $match[1];
  240.         $entry->micropub_success = 1;
  241.         $entry->canonical_url = $url;
  242.       } else {
  243.         $entry->micropub_success = 0;
  244.         $url = Config::$base_url . $user->url . '/' . $entry->id;
  245.       }
  246.       $entry->save();
  247.     }
  248. 

  249. 

  250.     $response = new \Alexa\Response\Response;
  251.     $response->respond('Got it!')
  252.       ->withCard('You '.$action.': '.$food);
  253. 

  254.     $app->response()['Content-type'] = 'application/json';
  255.     $app->response()->body(json_encode($response->render()));
  256.   }
  257. });