Response.php 13 KB

  1. <?php
  2. /**
  3. * @package Grav.Common.GPM
  4. *
  5. * @copyright Copyright (C) 2015 - 2018 Trilby Media, LLC. All rights reserved.
  6. * @license MIT License; see LICENSE file for details.
  7. */
  8. namespace Grav\Common\GPM;
  9. use Grav\Common\Utils;
  10. use Grav\Common\Grav;
  11. class Response
  12. {
  13. /**
  14. * The callback for the progress
  15. *
  16. * @var callable Either a function or callback in array notation
  17. */
  18. public static $callback = null;
  19. /**
  20. * Which method to use for HTTP calls, can be 'curl', 'fopen' or 'auto'. Auto is default and fopen is the preferred method
  21. *
  22. * @var string
  23. */
  24. private static $method = 'auto';
  25. /**
  26. * Default parameters for `curl` and `fopen`
  27. *
  28. * @var array
  29. */
  30. private static $defaults = [
  31. 'curl' => [
  32. CURLOPT_REFERER => 'Grav GPM',
  37. CURLOPT_TIMEOUT => 15,
  38. CURLOPT_HEADER => false,
  39. //CURLOPT_SSL_VERIFYPEER => true, // this is set in the constructor since it's a setting
  40. /**
  41. * Example of callback parameters from within your own class
  42. */
  43. //CURLOPT_NOPROGRESS => false,
  44. //CURLOPT_PROGRESSFUNCTION => [$this, 'progress']
  45. ],
  46. 'fopen' => [
  47. 'method' => 'GET',
  48. 'user_agent' => 'Grav GPM',
  49. 'max_redirects' => 5,
  50. 'follow_location' => 1,
  51. 'timeout' => 15,
  52. /* // this is set in the constructor since it's a setting
  53. 'ssl' => [
  54. 'verify_peer' => true,
  55. 'verify_peer_name' => true,
  56. ],
  57. */
  58. /**
  59. * Example of callback parameters from within your own class
  60. */
  61. //'notification' => [$this, 'progress']
  62. ]
  63. ];
  64. /**
  65. * Sets the preferred method to use for making HTTP calls.
  66. *
  67. * @param string $method Default is `auto`
  68. *
  69. * @return Response
  70. */
  71. public static function setMethod($method = 'auto')
  72. {
  73. if (!in_array($method, ['auto', 'curl', 'fopen'])) {
  74. $method = 'auto';
  75. }
  76. self::$method = $method;
  77. return new self();
  78. }
  79. /**
  80. * Makes a request to the URL by using the preferred method
  81. *
  82. * @param string $uri URL to call
  83. * @param array $options An array of parameters for both `curl` and `fopen`
  84. * @param callable $callback Either a function or callback in array notation
  85. *
  86. * @return string The response of the request
  87. */
  88. public static function get($uri = '', $options = [], $callback = null)
  89. {
  90. if (!self::isCurlAvailable() && !self::isFopenAvailable()) {
  91. throw new \RuntimeException('Could not start an HTTP request. `allow_url_open` is disabled and `cURL` is not available');
  92. }
  93. // check if this function is available, if so use it to stop any timeouts
  94. try {
  95. if (!Utils::isFunctionDisabled('set_time_limit') && !ini_get('safe_mode') && function_exists('set_time_limit')) {
  96. set_time_limit(0);
  97. }
  98. } catch (\Exception $e) {
  99. }
  100. $config = Grav::instance()['config'];
  101. $overrides = [];
  102. // Override CA Bundle
  103. $caPathOrFile = \Composer\CaBundle\CaBundle::getSystemCaRootBundlePath();
  104. if (is_dir($caPathOrFile) || (is_link($caPathOrFile) && is_dir(readlink($caPathOrFile)))) {
  105. $overrides['curl'][CURLOPT_CAPATH] = $caPathOrFile;
  106. $overrides['fopen']['ssl']['capath'] = $caPathOrFile;
  107. } else {
  108. $overrides['curl'][CURLOPT_CAINFO] = $caPathOrFile;
  109. $overrides['fopen']['ssl']['cafile'] = $caPathOrFile;
  110. }
  111. // SSL Verify Peer and Proxy Setting
  112. $settings = [
  113. 'method' => $config->get('system.gpm.method', self::$method),
  114. 'verify_peer' => $config->get('system.gpm.verify_peer', true),
  115. // `system.proxy_url` is for fallback
  116. // introduced with 1.1.0-beta.1 probably safe to remove at some point
  117. 'proxy_url' => $config->get('system.gpm.proxy_url', $config->get('system.proxy_url', false)),
  118. ];
  119. if (!$settings['verify_peer']) {
  120. $overrides = array_replace_recursive([], $overrides, [
  121. 'curl' => [
  122. CURLOPT_SSL_VERIFYPEER => $settings['verify_peer']
  123. ],
  124. 'fopen' => [
  125. 'ssl' => [
  126. 'verify_peer' => $settings['verify_peer'],
  127. 'verify_peer_name' => $settings['verify_peer'],
  128. ]
  129. ]
  130. ]);
  131. }
  132. // Proxy Setting
  133. if ($settings['proxy_url']) {
  134. $proxy = parse_url($settings['proxy_url']);
  135. $fopen_proxy = ($proxy['scheme'] ?: 'http') . '://' . $proxy['host'] . (isset($proxy['port']) ? ':' . $proxy['port'] : '');
  136. $overrides = array_replace_recursive([], $overrides, [
  137. 'curl' => [
  138. CURLOPT_PROXY => $proxy['host'],
  140. ],
  141. 'fopen' => [
  142. 'proxy' => $fopen_proxy,
  143. 'request_fulluri' => true
  144. ]
  145. ]);
  146. if (isset($proxy['port'])) {
  147. $overrides['curl'][CURLOPT_PROXYPORT] = $proxy['port'];
  148. }
  149. if (isset($proxy['user']) && isset($proxy['pass'])) {
  150. $fopen_auth = $auth = base64_encode($proxy['user'] . ':' . $proxy['pass']);
  151. $overrides['curl'][CURLOPT_PROXYUSERPWD] = $proxy['user'] . ':' . $proxy['pass'];
  152. $overrides['fopen']['header'] = "Proxy-Authorization: Basic $fopen_auth";
  153. }
  154. }
  155. $options = array_replace_recursive(self::$defaults, $options, $overrides);
  156. $method = 'get' . ucfirst(strtolower($settings['method']));
  157. self::$callback = $callback;
  158. return static::$method($uri, $options, $callback);
  159. }
  160. /**
  161. * Checks if cURL is available
  162. *
  163. * @return boolean
  164. */
  165. public static function isCurlAvailable()
  166. {
  167. return function_exists('curl_version');
  168. }
  169. /**
  170. * Checks if the remote fopen request is enabled in PHP
  171. *
  172. * @return boolean
  173. */
  174. public static function isFopenAvailable()
  175. {
  176. return preg_match('/1|yes|on|true/i', ini_get('allow_url_fopen'));
  177. }
  178. /**
  179. * Is this a remote file or not
  180. *
  181. * @param $file
  182. * @return bool
  183. */
  184. public static function isRemote($file)
  185. {
  186. return (bool) filter_var($file, FILTER_VALIDATE_URL);
  187. }
  188. /**
  189. * Progress normalized for cURL and Fopen
  190. * Accepts a variable length of arguments passed in by stream method
  191. */
  192. public static function progress()
  193. {
  194. static $filesize = null;
  195. $args = func_get_args();
  196. $isCurlResource = is_resource($args[0]) && get_resource_type($args[0]) == 'curl';
  197. $notification_code = !$isCurlResource ? $args[0] : false;
  198. $bytes_transferred = $isCurlResource ? $args[2] : $args[4];
  199. if ($isCurlResource) {
  200. $filesize = $args[1];
  201. } elseif ($notification_code == STREAM_NOTIFY_FILE_SIZE_IS) {
  202. $filesize = $args[5];
  203. }
  204. if ($bytes_transferred > 0) {
  205. if ($notification_code == STREAM_NOTIFY_PROGRESS | STREAM_NOTIFY_COMPLETED || $isCurlResource) {
  206. $progress = [
  207. 'code' => $notification_code,
  208. 'filesize' => $filesize,
  209. 'transferred' => $bytes_transferred,
  210. 'percent' => $filesize <= 0 ? '-' : round(($bytes_transferred * 100) / $filesize, 1)
  211. ];
  212. if (self::$callback !== null) {
  213. call_user_func_array(self::$callback, [$progress]);
  214. }
  215. }
  216. }
  217. }
  218. /**
  219. * Automatically picks the preferred method
  220. *
  221. * @return string The response of the request
  222. */
  223. private static function getAuto()
  224. {
  225. if (!ini_get('open_basedir') && self::isFopenAvailable()) {
  226. return self::getFopen(func_get_args());
  227. }
  228. if (self::isCurlAvailable()) {
  229. return self::getCurl(func_get_args());
  230. }
  231. return null;
  232. }
  233. /**
  234. * Starts a HTTP request via fopen
  235. *
  236. * @return string The response of the request
  237. */
  238. private static function getFopen()
  239. {
  240. if (count($args = func_get_args()) == 1) {
  241. $args = $args[0];
  242. }
  243. $uri = $args[0];
  244. $options = $args[1];
  245. $callback = $args[2];
  246. if ($callback) {
  247. $options['fopen']['notification'] = ['self', 'progress'];
  248. }
  249. if (isset($options['fopen']['ssl'])) {
  250. $ssl = $options['fopen']['ssl'];
  251. unset($options['fopen']['ssl']);
  252. $stream = stream_context_create([
  253. 'http' => $options['fopen'],
  254. 'ssl' => $ssl
  255. ], $options['fopen']);
  256. } else {
  257. $stream = stream_context_create(['http' => $options['fopen']], $options['fopen']);
  258. }
  259. $content = @file_get_contents($uri, false, $stream);
  260. if ($content === false) {
  261. $code = null;
  262. if (isset($http_response_header)) {
  263. $code = explode(' ', $http_response_header[0])[1];
  264. }
  265. switch ($code) {
  266. case '404':
  267. throw new \RuntimeException("Page not found");
  268. case '401':
  269. throw new \RuntimeException("Invalid LICENSE");
  270. default:
  271. throw new \RuntimeException("Error while trying to download (code: $code): $uri \n");
  272. }
  273. }
  274. return $content;
  275. }
  276. /**
  277. * Starts a HTTP request via cURL
  278. *
  279. * @return string The response of the request
  280. */
  281. private static function getCurl()
  282. {
  283. $args = func_get_args();
  284. $args = count($args) > 1 ? $args : array_shift($args);
  285. $uri = $args[0];
  286. $options = $args[1];
  287. $callback = $args[2];
  288. $ch = curl_init($uri);
  289. $response = static::curlExecFollow($ch, $options, $callback);
  290. $errno = curl_errno($ch);
  291. if ($errno) {
  292. $code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
  293. $error_message = curl_strerror($errno) . "\n" . curl_error($ch);
  294. switch ($code) {
  295. case '404':
  296. throw new \RuntimeException("Page not found");
  297. case '401':
  298. throw new \RuntimeException("Invalid LICENSE");
  299. default:
  300. throw new \RuntimeException("Error while trying to download (code: $code): $uri \nMessage: $error_message");
  301. }
  302. }
  303. curl_close($ch);
  304. return $response;
  305. }
  306. /**
  307. * @param $ch
  308. * @param $options
  309. * @param $callback
  310. *
  311. * @return bool|mixed
  312. */
  313. private static function curlExecFollow($ch, $options, $callback)
  314. {
  315. if ($callback) {
  316. curl_setopt_array(
  317. $ch,
  318. [
  319. CURLOPT_NOPROGRESS => false,
  320. CURLOPT_PROGRESSFUNCTION => ['self', 'progress']
  321. ]
  322. );
  323. }
  324. // no open_basedir set, we can proceed normally
  325. if (!ini_get('open_basedir')) {
  326. curl_setopt_array($ch, $options['curl']);
  327. return curl_exec($ch);
  328. }
  329. $max_redirects = isset($options['curl'][CURLOPT_MAXREDIRS]) ? $options['curl'][CURLOPT_MAXREDIRS] : 5;
  330. $options['curl'][CURLOPT_FOLLOWLOCATION] = false;
  331. // open_basedir set but no redirects to follow, we can disable followlocation and proceed normally
  332. curl_setopt_array($ch, $options['curl']);
  333. if ($max_redirects <= 0) {
  334. return curl_exec($ch);
  335. }
  336. $uri = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
  337. $rch = curl_copy_handle($ch);
  338. curl_setopt($rch, CURLOPT_HEADER, true);
  339. curl_setopt($rch, CURLOPT_NOBODY, true);
  340. curl_setopt($rch, CURLOPT_FORBID_REUSE, false);
  341. curl_setopt($rch, CURLOPT_RETURNTRANSFER, true);
  342. do {
  343. curl_setopt($rch, CURLOPT_URL, $uri);
  344. $header = curl_exec($rch);
  345. if (curl_errno($rch)) {
  346. $code = 0;
  347. } else {
  348. $code = curl_getinfo($rch, CURLINFO_HTTP_CODE);
  349. if ($code == 301 || $code == 302 || $code == 303) {
  350. preg_match('/Location:(.*?)\n/', $header, $matches);
  351. $uri = trim(array_pop($matches));
  352. } else {
  353. $code = 0;
  354. }
  355. }
  356. } while ($code && --$max_redirects);
  357. curl_close($rch);
  358. if (!$max_redirects) {
  359. if ($max_redirects === null) {
  360. trigger_error('Too many redirects. When following redirects, libcurl hit the maximum amount.', E_USER_WARNING);
  361. }
  362. return false;
  363. }
  364. curl_setopt($ch, CURLOPT_URL, $uri);
  365. return curl_exec($ch);
  366. }
  367. }