Skip to content

Commit

Permalink
Now use correct secure API endpoint (fixes #8)
Browse files Browse the repository at this point in the history
  • Loading branch information
@lildude
lildude committed May 19, 2011
1 parent 2e08778 commit 2017f72
Showing 1 changed file with 19 additions and 13 deletions.
32 changes: 19 additions & 13 deletions phpSmug.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,10 +64,9 @@ class phpSmug {
var $oauth_token_secret;
var $oauth_token;
var $mode;
var $secure = false;
private $secure = false;
private $req;
private $adapter = 'curl';
private $endpoint;

/**
* When your database cache table hits this many rows, a cleanup
Expand Down Expand Up @@ -367,18 +366,17 @@ public function clearCache( $delete = FALSE )
* @return string Serialized PHP response from SmugMug, or an error.
**/
private function request( $command, $args = array() )
{
if ( ( strpos( $command, 'login.with' ) || strpos( $command, 'Token' ) ) || ( $this->oauth_signature_method == 'PLAINTEXT' ) ) {
$proto = "https";
{
if ( ( strpos( $command, 'login.with' ) || strpos( $command, 'Token' ) ) || ( $this->oauth_signature_method == 'PLAINTEXT' ) || $this->secure ) {
$endpoint = "https://secure.smugmug.com/services/api/php/{$this->APIVer}/";
} else {
$proto = "http";
$endpoint = "http://api.smugmug.com/services/api/php/{$this->APIVer}/";
if ( ( isset( $this->SessionID ) && is_null( $this->SessionID ) ) && ( !strpos( $command, 'login.anonymously' ) ) && !$this->OAuthSecret ) {
throw new PhpSmugException( 'Not authenticated. No Session ID or OAuth Token. Please login or provide an OAuth token.' );
}
}

$this->endpoint = "$proto://api.smugmug.com/services/api/php/{$this->APIVer}/";
$this->req->setURL( $this->endpoint );
$this->req->setURL( $endpoint );

if ( substr( $command,0,8 ) != 'smugmug.' ) {
$command = 'smugmug.' . $command;
Expand Down Expand Up @@ -560,7 +558,7 @@ public function login_withPassword( $args )

/**
* I break away from the standard API here as recommended by SmugMug at
* {@link http://wiki.smugmug.com/display/SmugMug/smugmug.images.upload+1.2.0}.
* {@link http://wiki.smugmug.net/display/API/Uploading}.
*
* I've chosen to go with the HTTP PUT method as it is quicker, simpler
* and more reliable than using the API or POST methods.
Expand All @@ -573,7 +571,7 @@ public function login_withPassword( $args )
* @param mixed $arguments (Optional) Additional arguments. See
* SmugMug API documentation.
* @uses request
* @link http://wiki.smugmug.com/display/SmugMug/Uploading
* @link http://wiki.smugmug.net/display/API/Uploading
* @return array|false
* @todo Add support for multiple asynchronous uploads
**/
Expand Down Expand Up @@ -690,7 +688,7 @@ public function __call( $method, $arguments )
{
$method = strtr( $method, '_', '.' );
$args = phpSmug::processArgs( $arguments );

if ( $this->OAuthSecret ) {
$sig = $this->generate_signature( $method, $args );
$oauth_params = array (
Expand Down Expand Up @@ -742,7 +740,7 @@ public function authorize()
$args = phpSmug::processArgs( func_get_args() );
$perms = ( array_key_exists( 'Permissions', $args ) ) ? $args['Permissions'] : 'Public';
$access = ( array_key_exists( 'Access', $args ) ) ? $args['Access'] : 'Read';
return "http://api.smugmug.com/services/oauth/authorize.mg?Access=$access&Permissions=$perms&oauth_token={$this->oauth_token}";
return "https://secure.smugmug.com/services/oauth/authorize.mg?Access=$access&Permissions=$perms&oauth_token={$this->oauth_token}";
}


Expand Down Expand Up @@ -788,7 +786,15 @@ private function generate_signature( $apicall, $apiargs = NULL )
} else {
$this->oauth_signature_method = 'HMAC-SHA1';
$encKey = phpSmug::urlencodeRFC3986( $this->OAuthSecret ) . '&' . phpSmug::urlencodeRFC3986( $this->oauth_token_secret );
$endpoint = ( $apicall == 'Upload' ) ? 'http://upload.smugmug.com/'.$apiargs['FileName'] : $this->endpoint;

if ( strpos( $apicall, 'Token' ) || $this->secure ) {
$endpoint = "https://secure.smugmug.com/services/api/php/{$this->APIVer}/";
} else if ( $apicall == 'Upload' ) {
$endpoint = 'http://upload.smugmug.com/'.$apiargs['FileName']; // TODO: Can we do secure uploads too?
} else {
$endpoint = "http://api.smugmug.com/services/api/php/{$this->APIVer}/";
}

$method = ( $apicall == 'Upload' ) ? 'PUT' : 'POST';
$params = array (
'oauth_version' => '1.0',
Expand Down

0 comments on commit 2017f72

Please sign in to comment.