p3k
/
Teacup
mirror of https://github.com/aaronpk/Teacup.git
1
0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
92 Commits
2 Branches
2.1 MiB
Tree: f59b533461
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'f59b533461'
${ noResults }
Teacup/controllers/alexa.php

256 lines
7.3 KiB
Raw Normal View History

add alexa support probably rough around the edges still
7 years ago
normalize action alexa seems to sometimes send other values
7 years ago
add alexa support probably rough around the edges still
7 years ago
disable debug
7 years ago
add alexa support probably rough around the edges still
7 years ago
 
  1. <?php
  2. use \Firebase\JWT\JWT;
  3. 

  4. $app->get('/alexa', function() use($app) {
  5.   render('alexa', array(
  6.     'title' => 'Teacup for Alexa'
  7.   ));
  8. });
  9. 

  10. $app->get('/alexa/auth', function() use($app) {
  11.   $req = $app->request();
  12.   $params = $req->params();
  13. 

  14.   $required = ['client_id', 'response_type', 'state', 'redirect_uri'];
  15.   $params_present = array_keys($params);
  16. 

  17.   // Validate Alexa OAuth parameters

  18.   if(count(array_intersect($required, $params_present)) != count($required)) {
  19.     render('auth_error', array(
  20.       'title' => 'Sign In',
  21.       'error' => 'Missing parameters',
  22.       'errorDescription' => 'One or more required parameters were missing',
  23.       'footer' => false
  24.     ));
  25.     return;
  26.   }
  27. 

  28.   // Check that redirect URI is one that is allowed

  29.   if(!in_array($params['redirect_uri'], Config::$alexaRedirectURIs)) {
  30.     render('auth_error', array(
  31.       'title' => 'Sign In',
  32.       'error' => 'Invalid redirect URI',
  33.       'errorDescription' => 'Alexa sent an invalid redirect URI',
  34.       'footer' => false
  35.     ));
  36.     return;
  37.   }
  38. 

  39.   if($params['client_id'] != Config::$alexaClientID) {
  40.     render('auth_error', array(
  41.       'title' => 'Sign In',
  42.       'error' => 'Invalid Client ID',
  43.       'errorDescription' => 'Alexa sent an invalid client ID',
  44.       'footer' => false
  45.     ));
  46.     return;
  47.   }
  48. 

  49.   // Pass through the OAuth parameters

  50.   render('alexa-auth', [
  51.     'title' => 'Teacup for Alexa',
  52.     'client_id' => $params['client_id'],
  53.     'response_type' => $params['response_type'],
  54.     'state' => $params['state'],
  55.     'redirect_uri' => $params['redirect_uri'],
  56.     'footer' => false
  57.   ]);
  58. });
  59. 

  60. $app->post('/alexa/login', function() use($app) {
  61.   $req = $app->request();
  62.   $params = $req->params();
  63. 

  64.   $required = ['code', 'client_id', 'state', 'redirect_uri'];
  65.   $params_present = array_keys($params);
  66. 

  67.   if(count(array_intersect($required, $params_present)) != count($required)) {
  68.     render('auth_error', array(
  69.       'title' => 'Sign In',
  70.       'error' => 'Missing parameters',
  71.       'errorDescription' => 'One or more required parameters were missing',
  72.       'footer' => false
  73.     ));
  74.     return;
  75.   }
  76. 

  77.   $user = ORM::for_table('users')
  78.     ->where('device_code', $params['code'])
  79.     ->where_gt('device_code_expires', date('Y-m-d H:i:s'))->find_one();
  80. 

  81.   if(!$user) {
  82.     render('auth_error', array(
  83.       'title' => 'Sign In',
  84.       'error' => 'Invalid code',
  85.       'errorDescription' => 'The code you entered is invalid or has expired',
  86.       'footer' => false
  87.     ));
  88.     return;
  89.   }
  90. 

  91.   $code = JWT::encode(array(
  92.     'user_id' => $user->id,
  93.     'iat' => time(),
  94.     'exp' => time()+300,
  95.     'client_id' => $params['client_id'],
  96.     'state' => $params['state'],
  97.     'redirect_uri' => $params['redirect_uri'],
  98.   ), Config::$jwtSecret);
  99. 

  100.   $redirect = $params['redirect_uri'] . '?code=' . $code . '&state=' . $params['state'];
  101. 

  102.   $app->redirect($redirect, 302);
  103. });
  104. 

  105. $app->post('/alexa/token', function() use($app) {
  106.   $req = $app->request();
  107.   $params = $req->params();
  108.   // Alexa requests a token given a code generated above

  109. 

  110.   // Verify the client ID and secret

  111.   if($params['client_id'] != Config::$alexaClientID 
  112.     || $params['client_secret'] != Config::$alexaClientSecret) {
  113.     $app->response->setStatus(400);
  114.     $app->response()['Content-type'] = 'application/json';
  115.     $app->response()->body(json_encode([
  116.       'error' => 'forbidden',
  117.       'error_description' => 'The client ID and secret do not match'
  118.     ]));
  119.     return;
  120.   }
  121. 

  122.   if(array_key_exists('code', $params)) {
  123.     $jwt = $params['code'];
  124.   } elseif(array_key_exists('refresh_token', $params)) {
  125.     $jwt = $params['refresh_token'];
  126.   } else {
  127.     $app->response->setStatus(400);
  128.     $app->response()['Content-type'] = 'application/json';
  129.     $app->response()->body(json_encode([
  130.       'error' => 'bad_request',
  131.       'error_description' => 'Must provide either an authorization code or refresh token'
  132.     ]));
  133.     return;
  134.   }
  135. 

  136.   // Validate the JWT

  137.   try {
  138.     $user = JWT::decode($jwt, Config::$jwtSecret, ['HS256']);
  139.   } catch(Exception $e) {
  140.     $app->response->setStatus(400);
  141.     $app->response()['Content-type'] = 'application/json';
  142.     $app->response()->body(json_encode([
  143.       'error' => 'unauthorized',
  144.       'error_description' => 'The authorization code or refresh token was invalid'
  145.     ]));
  146.     return;
  147.   }
  148. 

  149.   // Generate an access token and refresh token

  150.   $access_token = JWT::encode([
  151.     'user_id' => $user->user_id,
  152.     'client_id' => $user->client_id,
  153.     'iat' => time(),
  154.   ], Config::$jwtSecret);
  155.   $refresh_token = JWT::encode([
  156.     'user_id' => $user->user_id,
  157.     'client_id' => $user->client_id,
  158.     'iat' => time(),
  159.   ], Config::$jwtSecret);
  160. 

  161. 

  162.   $app->response()['Content-type'] = 'application/json';
  163.   $app->response()->body(json_encode([
  164.     'access_token' => $access_token,
  165.     'refresh_token' => $refresh_token
  166.   ]));
  167. });
  168. 

  169. 

  170. $app->post('/alexa/endpoint', function() use($app) {
  171. 

  172.   $input = file_get_contents('php://input');
  173.   $json = json_decode($input, 'input');
  174. 

  175.   $alexaRequest = \Alexa\Request\Request::fromData($json);
  176. 

  177.   if($alexaRequest instanceof Alexa\Request\IntentRequest) {
  178. 

  179.     # Verify the access token

  180.     try {
  181.       $data = JWT::decode($alexaRequest->user->accessToken, Config::$jwtSecret, ['HS256']);
  182.     } catch(Exception $e) {
  183.       $app->response->setStatus(401);
  184.       $app->response()['Content-type'] = 'application/json';
  185.       $app->response()->body(json_encode([
  186.         'error' => 'unauthorized',
  187.         'error_description' => 'The access token was invalid or has expired'
  188.       ]));
  189.       return;
  190.     }
  191. 

  192.     $user = ORM::for_table('users')->find_one($data->user_id);
  193. 

  194.     if(!$user) {
  195.       $app->response->setStatus(400);
  196.       return;
  197.     }
  198. 

  199.     $action = $alexaRequest->slots['Action'];
  200.     $action = ($action == 'drank' ? 'drank' : 'ate');
  201.     $food = ucfirst($alexaRequest->slots['Food']);
  202. 

  203. 

  204.     $entry = ORM::for_table('entries')->create();
  205.     $entry->user_id = $user->id;
  206.     $entry->type = ($action == 'drank' ? 'drink' : 'eat');
  207.     $entry->content = $food;
  208.     $entry->published = date('Y-m-d H:i:s');
  209.     $entry->save();
  210. 

  211.     $text_content = 'Just ' . $action . ': ' . $food;
  212. 

  213.     if($user->micropub_endpoint) {
  214.       $mp_request = array(
  215.         'h' => 'entry',
  216.         'published' => date('Y-m-d H:i:s'),
  217.         'summary' => $text_content
  218.       );
  219.       if($user->enable_array_micropub) {
  220.         $mp_request[$action] = [
  221.           'type' => 'h-food',
  222.           'properties' => [
  223.             'name' => $food
  224.           ]
  225.         ];
  226.       } else {
  227.         $mp_request['p3k-food'] = $food;
  228.         $mp_request['p3k-type'] = $entry->type;
  229.       }
  230. 

  231.       $r = micropub_post($user->micropub_endpoint, $mp_request, $user->access_token);
  232.       $request = $r['request'];
  233.       $response = $r['response'];
  234. 

  235.       $entry->micropub_response = $response;
  236.       if($response && preg_match('/Location: (.+)/', $response, $match)) {
  237.         $url = $match[1];
  238.         $entry->micropub_success = 1;
  239.         $entry->canonical_url = $url;
  240.       } else {
  241.         $entry->micropub_success = 0;
  242.         $url = Config::$base_url . $user->url . '/' . $entry->id;
  243.       }
  244.       $entry->save();
  245.     }
  246. 

  247. 

  248.     $response = new \Alexa\Response\Response;
  249.     $response->respond('Got it!')
  250.       ->withCard('You '.$action.': '.$food, $url)
  251.       ->endSession(true);
  252. 

  253.     $app->response()['Content-type'] = 'application/json';
  254.     $app->response()->body(json_encode($response->render()));
  255.   }
  256. });