You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

322 lines
11 KiB

6 years ago
5 years ago
5 years ago
5 years ago
6 years ago
  1. XRay
  2. ====
  3. XRay parses structured content from a URL.
  4. ## Discovering Content
  5. The contents of the URL is checked in the following order:
  6. * A silo URL from one of the following websites:
  7. * Instagram
  8. * Twitter
  9. * GitHub
  10. * XKCD
  11. * (more coming soon)
  12. * Microformats
  13. * h-card
  14. * h-entry
  15. * h-event
  16. * h-review
  17. * h-recipe
  18. * h-product
  19. ## Library
  20. XRay can be used as a library in your PHP project. The easiest way to install it and its dependencies is via composer.
  21. ```
  22. composer require p3k/xray
  23. ```
  24. Basic usage:
  25. ```php
  26. $xray = new p3k\XRay();
  27. $parsed = $xray->parse('https://aaronparecki.com/2017/04/28/9/');
  28. ```
  29. If you already have an HTML or JSON document you want to parse, you can pass it as a string in the second parameter.
  30. ```php
  31. $xray = new p3k\XRay();
  32. $html = '<html>....</html>';
  33. $parsed = $xray->parse('https://aaronparecki.com/2017/04/28/9/', $html);
  34. ```
  35. In both cases, you can add an additional parameter to configure various options of how XRay will behave. Below is a list of the options.
  36. * `timeout` - The timeout in seconds to wait for any HTTP requests
  37. * `max_redirects` - The maximum number of redirects to follow
  38. * `include_original` - Will also return the full document fetched
  39. * `target` - Specify a target URL, and XRay will first check if that URL is on the page, and only if it is, will continue to parse the page. This is useful when you're using XRay to verify an incoming webmention.
  40. Additionally, the following parameters are supported when making requests that use the Twitter or GitHub API. See the authentication section below for details.
  41. ```php
  42. $xray = new p3k\XRay();
  43. $parsed = $xray->parse('https://aaronparecki.com/2017/04/28/9/', [
  44. 'timeout' => 30
  45. ]);
  46. $parsed = $xray->parse('https://aaronparecki.com/2017/04/28/9/', $html, [
  47. 'target' => 'http://example.com/'
  48. ]);
  49. ```
  50. ## API
  51. XRay can also be used as an API to provide its parsing capabilities over an HTTP service.
  52. To parse a page and return structured data for the contents of the page, simply pass a url to the parse route.
  53. ```
  54. GET /parse?url=https://aaronparecki.com/2016/01/16/11/
  55. ```
  56. To conditionally parse the page after first checking if it contains a link to a target URL, also include the target URL as a parameter. This is useful when using XRay to verify an incoming webmention.
  57. ```
  58. GET /parse?url=https://aaronparecki.com/2016/01/16/11/&target=http://example.com
  59. ```
  60. In both cases, the response will be a JSON object containing a key of "type". If there was an error, "type" will be set to the string "error", otherwise it will refer to the kind of content that was found at the URL, most often "entry".
  61. You can also make a POST request with the same parameter names.
  62. If you already have an HTML or JSON document you want to parse, you can include that in the parameter `body`. This POST request would look like the below:
  63. ```
  64. POST /parse
  65. Content-type: application/x-www-form-urlencoded
  66. url=https://aaronparecki.com/2016/01/16/11/
  67. &body=<html>....</html>
  68. ```
  69. or for Twitter/GitHub where you might have JSON,
  70. ```
  71. POST /parse
  72. Content-type: application/x-www-form-urlencoded
  73. url=https://github.com/aaronpk/XRay
  74. &body={"repo":......}
  75. ```
  76. ### Authentication
  77. If the URL you are fetching requires authentication, include the access token in the parameter "token", and it will be included in an "Authorization" header when fetching the URL. (It is recommended to use a POST request in this case, to avoid the access token potentially being logged as part of the query string.) This is useful for [Private Webmention](https://indieweb.org/Private-Webmention) verification.
  78. ```
  79. POST /parse
  80. url=https://aaronparecki.com/2016/01/16/11/
  81. &target=http://example.com
  82. &token=12341234123412341234
  83. ```
  84. ### Twitter Authentication
  85. XRay uses the Twitter API to fetch posts, and the Twitter API requires authentication. In order to keep XRay stateless, it is required that you pass in Twitter credentials to the parse call. You can register an application on the Twitter developer website, and generate an access token for your account without writing any code, and then use those credentials when making an API request to XRay.
  86. You should only send Twitter credentials when the URL you are trying to parse is a Twitter URL, so you'll want to check for whether the hostname is `twitter.com` before you include credentials in this call.
  87. * twitter_api_key - Your application's API key
  88. * twitter_api_secret - Your application's API secret
  89. * twitter_access_token - Your Twitter access token
  90. * twitter_access_token_secret - Your Twitter secret access token
  91. ### GitHub Authentication
  92. XRay uses the GitHub API to fetch GitHub URLs, which provides higher rate limits when used with authentication. You can pass a GitHub access token along with the request and XRay will use it when making requests to the API.
  93. * github_access_token - A GitHub access token
  94. ### Error Response
  95. ```json
  96. {
  97. "error": "not_found",
  98. "error_description": "The URL provided was not found"
  99. }
  100. ```
  101. Possible errors are listed below:
  102. * `not_found`: The URL provided was not found. (Returned 404 when fetching)
  103. * `ssl_cert_error`: There was an error validating the SSL certificate. This may happen if the SSL certificate has expired.
  104. * `ssl_unsupported_cipher`: The web server does not support any of the SSL ciphers known by the service.
  105. * `timeout`: The service timed out trying to connect to the URL.
  106. * `invalid_content`: The content at the URL was not valid. For example, providing a URL to an image will return this error.
  107. * `no_link_found`: The target link was not found on the page. When a target parameter is provided, this is the error that will be returned if the target could not be found on the page.
  108. * `no_content`: No usable content could be found at the given URL.
  109. * `unauthorized`: The URL returned HTTP 401 Unauthorized.
  110. * `forbidden`: The URL returned HTTP 403 Forbidden.
  111. ### Response Format
  112. ```json
  113. {
  114. "data":{
  115. "type":"entry",
  116. "published":"2017-03-01T19:00:33-08:00",
  117. "url":"https://aaronparecki.com/2017/03/01/14/hwc",
  118. "category":[
  119. "indieweb",
  120. "hwc"
  121. ],
  122. "photo":[
  123. "https://aaronparecki.com/2017/03/01/14/photo.jpg"
  124. ],
  125. "syndication":[
  126. "https://twitter.com/aaronpk/status/837135519427395584"
  127. ],
  128. "content":{
  129. "text":"Hello from Homebrew Website Club PDX! Thanks to @DreamHost for hosting us! 🍕🎉 #indieweb",
  130. "html":"Hello from Homebrew Website Club PDX! Thanks to <a href=\"https://twitter.com/DreamHost\">@DreamHost</a> for hosting us! <a href=\"https://aaronparecki.com/emoji/%F0%9F%8D%95\">🍕</a><a href=\"https://aaronparecki.com/emoji/%F0%9F%8E%89\">🎉</a> <a href=\"https://aaronparecki.com/tag/indieweb\">#indieweb</a>"
  131. },
  132. "author":{
  133. "type":"card",
  134. "name":"Aaron Parecki",
  135. "url":"https://aaronparecki.com/",
  136. "photo":"https://aaronparecki.com/images/profile.jpg"
  137. }
  138. },
  139. "url":"https://aaronparecki.com/2017/03/01/14/hwc",
  140. "code":200
  141. }
  142. ```
  143. #### Primary Data
  144. The primary object on the page is returned in the `data` property. This will indicate the type of object (e.g. `entry`), and will contain the vocabulary's properties that it was able to parse from the page.
  145. If a property supports multiple values, it will always be returned as an array. The following properties support multiple values:
  146. * in-reply-to
  147. * like-of
  148. * repost-of
  149. * bookmark-of
  150. * syndication
  151. * photo (of entry, not of a card)
  152. * video
  153. * audio
  154. * category
  155. The content will be an object that always contains a "text" property and may contain an "html" property if the source documented published HTML content. The "text" property must always be HTML escaped before displaying it as HTML, as it may include unescaped characters such as `<` and `>`.
  156. The author will always be set in the entry if available. The service follows the [authorship discovery](http://indiewebcamp.com/authorship) algorithm to try to find the author information elsewhere on the page if it is not inside the entry in the source document.
  157. All URLs provided in the output are absolute URLs. If the source document contains a relative URL, it will be resolved first.
  158. In a future version, replies, likes, reposts, etc. of this post will be included if they are listed on the page.
  159. ```json
  160. {
  161. "data": {
  162. "type": "entry",
  163. ...
  164. "like": [
  165. {
  166. "type": "cite",
  167. "author": {
  168. "type": "card",
  169. "name": "Thomas Dunlap",
  170. "photo": "https://s3-us-west-2.amazonaws.com/aaronparecki.com/twitter.com/9055c458a67762637c0071006b16c78f25cb610b224dbc98f48961d772faff4d.jpeg",
  171. "url": "https://twitter.com/spladow"
  172. },
  173. "url": "https://twitter.com/aaronpk/status/688518372170977280#favorited-by-16467582"
  174. }
  175. ],
  176. "comment": [
  177. {
  178. "type": "cite",
  179. "author": {
  180. "type": "card",
  181. "name": "Poetica",
  182. "photo": "https://s3-us-west-2.amazonaws.com/aaronparecki.com/twitter.com/192664bb706b2998ed42a50a860490b6aa1bb4926b458ba293b4578af599aa6f.png",
  183. "url": "http://poetica.com/"
  184. },
  185. "url": "https://twitter.com/poetica/status/689045331426803712",
  186. "published": "2016-01-18T03:23:03-08:00",
  187. "content": {
  188. "text": "@aaronpk @mozillapersona thanks very much! :)"
  189. }
  190. }
  191. ]
  192. }
  193. }
  194. ```
  195. #### Other Properties
  196. Other properties are returned in the response at the same level as the `data` property.
  197. * `url` - The effective URL that the document was retrieved from. This will be the final URL after following any redirects.
  198. * `code` - The HTTP response code returned by the URL. Typically this will be 200, but if the URL returned an alternate HTTP code that also included an h-entry (such as a 410 deleted notice with a stub h-entry), you can use this to find out that the original URL was actually deleted.
  199. ## Token API
  200. When verifying [Private Webmentions](https://indieweb.org/Private-Webmention#How_to_Receive_Private_Webmentions), you will need to exchange a code for an access token at the token endpoint specified by the source URL.
  201. XRay provides an API that will do this in one step. You can provide the source URL and code you got from the webmention, and XRay will discover the token endpoint, and then return you an access token.
  202. ```
  203. POST /token
  204. source=http://example.com/private-post
  205. &code=1234567812345678
  206. ```
  207. The response will be the response from the token endpoint, which will include an `access_token` property, and possibly an `expires_in` property.
  208. ```
  209. {
  210. "access_token": "eyJ0eXAXBlIjoI6Imh0dHB8idGFyZ2V0IjoraW0uZGV2bb-ZO6MV-DIqbUn_3LZs",
  211. "token_type": "bearer",
  212. "expires_in": 3600
  213. }
  214. ```
  215. If there was a problem fetching the access token, you will get one of the errors below in addition to the HTTP related errors returned by the parse API:
  216. * `no_token_endpoint` - Unable to find an HTTP header specifying the token endpoint.
  217. ## Installation
  218. ### From Source
  219. ```
  220. # Clone this repository
  221. git clone git@github.com:aaronpk/XRay.git
  222. cd XRay
  223. # Install dependencies
  224. composer install
  225. ```
  226. ### From Zip Archive
  227. * Download the latest release from https://github.com/aaronpk/XRay/releases
  228. * Extract to a folder on your web server
  229. ### Web Server Configuration
  230. Configure your web server to point to the `public` folder.
  231. Make sure all requests are routed to `index.php`. XRay ships with `.htaccess` files for Apache. For nginx, you'll need a rule like the following in your server config block.
  232. ```
  233. try_files $uri /index.php?$args;
  234. ```