func (a *Handler) PostSaved(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
c, err := rellenv.FromContext(ctx)
if err != nil {
return err
}
if !rellenv.IsEmployee(ctx) {
return ctxerr.Wrap(ctx, errSaveDisabled)
}
if !a.Xsrf.Validate(r.FormValue(paramName), w, r, savedPath) {
return ctxerr.Wrap(ctx, errTokenMismatch)
}
content := strings.TrimSpace(r.FormValue("code"))
content = strings.Replace(content, "\x13", "", -1) // remove CR
id := examples.ContentID(content)
db := a.ExampleStore.DB
example, ok := db.Reverse[id]
if ok {
http.Redirect(w, r, c.ViewURL(example.URL), 302)
return nil
}
err = a.ExampleStore.Save(id, content)
if err != nil {
return err
}
http.Redirect(w, r, c.ViewURL(savedPath+id), 302)
return nil
}
// Handles /rog-redirect/ requests.
func (h *Handler) Redirect(w http.ResponseWriter, r *http.Request) error {
ctx := r.Context()
parts := strings.Split(r.URL.Path, "/")
if len(parts) != 5 {
return fmt.Errorf("Invalid URL: %s", r.URL.Path)
}
status, err := strconv.Atoi(parts[2])
if err != nil || (status != 301 && status != 302) {
return fmt.Errorf("Invalid status: %s", parts[2])
}
count, err := strconv.Atoi(parts[3])
if err != nil {
return fmt.Errorf("Invalid count: %s", parts[3])
}
context, err := rellenv.FromContext(ctx)
if err != nil {
return err
}
if count == 0 {
http.Redirect(w, r, context.AbsoluteURL("/rog/"+parts[4]).String(), status)
} else {
count--
url := context.AbsoluteURL(fmt.Sprintf(
"/rog-redirect/%d/%d/%s", status, count, parts[4]))
http.Redirect(w, r, url.String(), status)
}
return nil
}
// Parse the Env and an Example.
func (h *Handler) parse(ctx context.Context, r *http.Request) (*rellenv.Env, *examples.Example, error) {
context, err := rellenv.FromContext(ctx)
if err != nil {
return nil, nil, err
}
example, err := h.ExampleStore.Load(r.URL.Path)
if err != nil {
return nil, nil, ctxerr.Wrap(ctx, err)
}
return context, example, nil
}
func (a *Handler) List(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
env, err := rellenv.FromContext(ctx)
if err != nil {
return err
}
_, err = h.Write(ctx, w, &examplesList{
Context: ctx,
Env: env,
Static: a.Static,
DB: a.ExampleStore.DB,
})
return err
}
// Handler for /info/ to see a JSON view of some server context.
func (h *Handler) Info(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
env, err := rellenv.FromContext(ctx)
if err != nil {
return err
}
info := map[string]interface{}{
"context": env,
"pageTabURL": env.PageTabURL("/"),
"canvasURL": env.CanvasURL("/"),
"sdkURL": env.SdkURL(),
"rev": rev,
}
httpdev.Info(info, w, r)
return nil
}
// Handles /rog/* requests.
func (a *Handler) Base64(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
env, err := rellenv.FromContext(ctx)
if err != nil {
return err
}
parts := strings.Split(r.URL.Path, "/")
if len(parts) != 3 {
return errcode.New(http.StatusNotFound, "Invalid URL: %s", r.URL.Path)
}
object, err := a.ObjectParser.FromBase64(ctx, env, parts[2])
if err != nil {
return err
}
_, err = h.Write(ctx, w, renderObject(ctx, env, a.Static, object))
return err
}
func (a *Handler) Response(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
c, err := rellenv.FromContext(ctx)
if err != nil {
return err
}
if r.FormValue("state") != a.state(w, r) {
return ctxerr.Wrap(ctx, errInvalidState)
}
values := url.Values{}
values.Set("client_id", strconv.FormatUint(a.App.ID(), 10))
values.Set("client_secret", a.App.Secret())
values.Set("redirect_uri", redirectURI(c))
values.Set("code", r.FormValue("code"))
atURL := &fburl.URL{
Scheme: "https",
SubDomain: fburl.DGraph,
Env: rellenv.FbEnv(ctx),
Path: "/oauth/access_token",
Values: values,
}
req, err := http.NewRequest("GET", atURL.String(), nil)
if err != nil {
return ctxerr.Wrap(ctx, errOAuthFail)
}
res, err := a.HttpTransport.RoundTrip(req)
if err != nil {
return ctxerr.Wrap(ctx, err)
}
defer res.Body.Close()
bd, err := ioutil.ReadAll(res.Body)
if err != nil {
return ctxerr.Wrap(ctx, err)
}
h.WriteResponse(w, r, &h.Frag{
&h.Script{Inner: h.Unsafe("window.location.hash = ''")},
h.String(string(bd)),
})
return nil
}
// Handles /og/ requests.
func (a *Handler) Values(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
env, err := rellenv.FromContext(ctx)
if err != nil {
return err
}
values := r.URL.Query()
parts := strings.Split(r.URL.Path, "/")
if len(parts) > 4 {
return errcode.New(http.StatusNotFound, "Invalid URL: %s", r.URL.Path)
}
if len(parts) > 2 {
values.Set("og:type", parts[2])
}
if len(parts) > 3 {
values.Set("og:title", parts[3])
}
object, err := a.ObjectParser.FromValues(ctx, env, values)
if err != nil {
return err
}
_, err = h.Write(ctx, w, renderObject(ctx, env, a.Static, object))
return err
}
func (a *Handler) Start(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
c, err := rellenv.FromContext(ctx)
if err != nil {
return err
}
values := url.Values{}
values.Set("client_id", strconv.FormatUint(rellenv.FbApp(ctx).ID(), 10))
if scope := r.FormValue("scope"); scope != "" {
values.Set("scope", scope)
}
if c.ViewMode == rellenv.Website {
values.Set("redirect_uri", redirectURI(c))
values.Set("state", a.state(w, r))
} else {
values.Set("redirect_uri", c.ViewURL("/auth/session"))
}
dialogURL := fburl.URL{
Scheme: "https",
SubDomain: fburl.DWww,
Env: rellenv.FbEnv(ctx),
Path: "/dialog/oauth",
Values: values,
}
if c.ViewMode == rellenv.Website {
http.Redirect(w, r, dialogURL.String(), 302)
} else {
b, _ := json.Marshal(dialogURL.String())
_, err := h.Write(ctx, w, &h.Script{
Inner: h.Unsafe(fmt.Sprintf("top.location=%s", b)),
})
return err
}
return nil
}