forked from jasonhoekstra/slc-api-php
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathslcapiwrapper.php
executable file
·213 lines (180 loc) · 6.82 KB
/
slcapiwrapper.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
<?
/*
* This is a wrapper for the Shared Learning Collaborative Data Store API.
* For more information, please see http://dev.slcedu.org.
*
* Requirements: PHP 5 and user sessions must be enabled in PHP.ini.
*
*/
require_once 'settings.php';
class slcAPIWrapper {
// these 3 variables are pulled from the settings.php file
public $clientID;
public $secret;
public $redirectURL;
public $endpointDomain = 'api.sandbox.slcedu.org';
public $endpointAccessPath = '/api/rest/v1/';
public $oAuthEndPntPath = '/api/oauth/';
public function __construct() {
$this->clientID = Settings::$clientID;
$this->secret = Settings::$secret;
$this->redirectURL = Settings::$redirectURL;
if (!$this->clientID)
die('Client ID not specified for SLC API.');
elseif (!$this->secret)
die('Secret not specified for SLC API.');
elseif (!$this->redirectURL)
die('Redirect URL not specified for SLC API.');
if (!isset($_SESSION))
session_start();
if (isset($_SESSION['accessToken'])) {
if (isset($_SESSION['lastAPICall']))
$this->getSLCRes($_SESSION['lastAPICall']);
return;
}
elseif (isset($_GET['code']))
$this->getMyToken();
else
$this->authUser($func);
}
public function wrapper($link){
// split the link on URL stub (https://api.sandbox.slcedu.org/api/rest/v1/)
$queryString = explode('https://api.sandbox.slcedu.org/api/rest/v1/',$link);
return $this->getEndPntRes($this->endpointAccessPath, $queryString[1], $postData = NULL);
}
public function getToken(){
return $this->getMyToken();
}
public function getStudent($studentID) {
if (!$studentID)
die('getStudent() method called without student ID.');
return $this->getSLCRes("students/$studentID");
}
public function getAllStudents() {
return $this->getSLCRes('students');
}
public function getAllStudentAssessments() {
return $this->getSLCRes("studentAssessments");
}
public function getAllSections() {
return $this->getSLCRes('sections');
}
public function getAttendances($studentID) {
if (!$studentID)
die('getAttendances() method called without student ID.');
return $this->getSLCRes("attendances?studentId=$studentID");
}
public function getCourse($courseID) {
if (!$courseID)
die('getCourse() method called without course ID.');
return $this->getSLCRes("courses/$courseID");
}
public function getAllCourses() {
return $this->getSLCRes('courses');
}
public function getAllReportCards() {
return $this->getSLCRes('reportCards');
return $jsonData;
}
public function getTeacher($teacherID) {
if (!$teacherID)
die('getTeacher() method called without teacher ID.');
list($jsonData, $str) = $this->getSLCRes("teachers/$teacherID");
return $jsonData;
}
public function getParents() {
list($jsonData, $str) = $this->getSLCRes('parents');
return $jsonData;
}
public function createStudentAssessment($assmntData) {
if (!isset($assmntData))
die('createStudentAssessment() method called without assessment data.');
list($jsonData, $str) = $this->getSLCRes("studentAssessments", $assmntData);
return $str;
}
private function getSLCRes($func, $postData = NULL) {
if (isset($_SESSION['lastAPICall']))
unset($_SESSION['lastAPICall']);
if (isset($_SESSION['accessToken'])) {
$apiRes = $this->getEndPntRes($this->endpointAccessPath, $func, $postData);
$jsonData = json_decode($apiRes);
if (isset($jsonData->type)) {
if ($jsonData->type == 'Unauthorized')
$this->authUser($func);
elseif ($jsonData->type == 'Bad Request' || $jsonData->type == 'Forbidden')
die("Call to '$func' failed. $jsonData->message");
}
return array($jsonData, $apiRes);
}
}
private function getMyToken() {
if ($_SESSION['state'] == $_GET['state']) {
$qryStr = "token?redirect_uri=$this->redirectURL&grant_type=authorization_code&client_id=$this->clientID&client_secret=$this->secret&code=$_GET[code]";
$jsonData = json_decode($this->getEndPntRes($this->oAuthEndPntPath, $qryStr));
$_SESSION['accessToken'] = $jsonData->access_token;
}
else
die('Could not verify your authentication. Please try again or contact customer support.');
}
private function getEndPntRes($endPntPath, $qryStr, $postData = NULL) {
$host = "ssl://$this->endpointDomain";
// open a socket connection on port 443 for HTTPS - timeout: 30 sec
$fp = fsockopen($host, 443, $errno, $errstr, 30);
if ($fp) {
$resData = $hdrs = '';
$resLines = array();
$method = isset($postData) ? 'POST' : 'GET';
$hdrs .= "$method $endPntPath$qryStr HTTP/1.1\r\n";
$hdrs .= "Host: $host\r\n";
$hdrs .= "Accept: application/json\r\n";
$hdrs .= "Content-Type: application/json\r\n";
if (isset($postData))
$hdrs .= "Content-Length: " . strlen($postData) . "\r\n";
if (isset($_SESSION['accessToken']))
$hdrs .= "Authorization: bearer $_SESSION[accessToken]\r\n";
$hdrs .= "Connection: close\r\n\r\n";
fwrite($fp, $hdrs);
if (isset($postData))
fputs($fp, $postData);
while (!feof($fp) && $line = trim(fgets($fp, 1024)))
$resHdrs[] = $line;
//print_r($resHdrs);
while (!feof($fp))
$resData .= fgets($fp, 1024);
//while(!feof($fp)) echo fgets($fp);
$chunked = false;
for ($i=0; $i < count($resHdrs); $i++) {
if ($resHdrs[$i] == 'transfer-encoding: chunked') $chunked = true;
}
if ($chunked) {
$resData = $this->unchunkHttp($resData);
}
// echo "<pre>Headers sent: \r\n$hdrs \r\nHeaders Rec'd: \r\n" . implode("\r\n", $resHdrs) . "\r\nResponse Data:$resData</pre>";
return $resData;
}
else
die("Error: $errstr ($errno)");
}
private function unchunkHttp($data) {
$fp = 0;
$outData = "";
while ($fp < strlen($data)) {
$rawnum = substr($data, $fp, strpos(substr($data, $fp), "\r\n") + 2);
$num = hexdec(trim($rawnum));
$fp += strlen($rawnum);
$chunk = substr($data, $fp, $num);
$outData .= $chunk;
$fp += strlen($chunk);
}
return $outData;
}
private function authUser($lastFunc = NULL) {
unset($_SESSION['accessToken']);
$_SESSION['state'] = sha1(uniqid(rand(), TRUE)); // CSRF protection for OAuth
$path = "https://$this->endpointDomain$this->oAuthEndPntPath" . "authorize?response_type=code&client_id=$this->clientID&redirect_uri=$this->redirectURL&state=$_SESSION[state]";
$_SESSION['lastAPICall'] = $lastFunc;
header("Location: $path");
exit;
}
}
?>