1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
|
<?php
/**
* @file ogagent.php
* @brief OpenGnsys REST routes for OGAgent communications.
* @warning All input and output messages are formatted in JSON.
* @note Some ideas are based on article "How to create REST API for Android app using PHP, Slim and MySQL" by Ravi Tamada, thanx.
* @license GNU GPLv3+
* @author Ramón M. Gómez, ETSII Univ. Sevilla
* @version 1.1.0 - First version
* @date 2016-10-03
*/
// OGAgent sessions log file.
define('LOG_FILE', '/opt/opengnsys/log/ogagent.log');
// Function to write a line into log file.
function writeLog($message = "") {
file_put_contents(LOG_FILE, date(DATE_ISO8601).": $message\n", FILE_APPEND);
}
/**
* @brief OGAgent notifies that its service is started on a client.
* @note Route: /ogagent/started, Method: POST, Format: JSON
* @param string ip IP address
* @param string mac MAC (Ethernet) address
* @param string ostype OS type (Linux, Windows, macOS)
* @param string osversion OS version
* @param string secret random secret key to access client's REST API
* @return Null string if OK, else error message.
*/
$app->post('/ogagent/started',
function() use ($app) {
global $cmd;
$osType = $osVersion = "none";
try {
// Reading POST parameters in JSON format.
$input = json_decode($app->request()->getBody());
$ip = htmlspecialchars($input->ip);
$mac = htmlspecialchars($input->mac);
if (isset($input->ostype)) $osType = htmlspecialchars($input->ostype);
if (isset($input->osversion)) $osVersion = str_replace(",", ";", htmlspecialchars($input->osversion));
// Check sender agent type and IP address consistency (same as parameter value).
if (empty(preg_match('/^python-requests\//', $_SERVER['HTTP_USER_AGENT'])) or $ip !== $_SERVER['REMOTE_ADDR']) {
throw new Exception("Bad OGAgent: ip=$ip, sender=".$_SERVER['REMOTE_ADDR'].", agent=".$_SERVER['HTTP_USER_AGENT']);
}
// Client secret key for secure communications.
if (isset($input->secret)) {
// Check if secret key is valid (32 alphanumeric characters).
if (! ctype_alnum($input->secret) or strlen($input->secret) !== 32) {
throw new Exception("Bad secret key: ip=$ip, mac=$mac, os=$osType:$osVersion.");
}
// Store secret key in DB.
if (isset($input->secret)) $secret = htmlspecialchars($input->secret);
$cmd->texto = <<<EOD
UPDATE ordenadores
SET agentkey='$secret'
WHERE ip='$ip' AND mac=UPPER(REPLACE('$mac', ':', ''))
LIMIT 1;
EOD;
if ($cmd->Ejecutar() !== true or mysqli_affected_rows($cmd->Conexion->controlador) !== 1) {
// DB access error or not updated.
throw new Exception("Cannot store new secret key: ip=$ip, mac=$mac, os=$osType:$osVersion.");
}
} else {
// Insecure agent exception.
throw new Exception("Insecure OGAgent started: ip=$ip, mac=$mac, os=$osType:$osVersion.");
}
// Default processing: log activity.
writeLog("OGAgent started: ip=$ip, mac=$mac, os=$osType:$osVersion.");
// Response.
$response = "";
jsonResponse(200, $response);
} catch (Exception $e) {
// Communication error.
$response["message"] = $e->getMessage();
writeLog($app->request()->getResourceUri().": ERROR: ".$response["message"]);
jsonResponse(400, $response);
}
}
);
/**
* @brief OGAgent notifies that its service is stopped on client.
* @note Route: /ogagent/stopped, Method: POST, Format: JSON
* @param string ip IP address
* @param string mac MAC (Ethernet) address
* @param string ostype OS type (Linux, Windows, macOS)
* @param string osversion OS version
* @return Null string if OK, else error message.
*/
$app->post('/ogagent/stopped',
function() use ($app) {
$osType = $osVersion = "none";
try {
// Reading POST parameters in JSON format.
$input = json_decode($app->request()->getBody());
$ip = htmlspecialchars($input->ip);
$mac = htmlspecialchars($input->mac);
if (isset($input->ostype)) $osType = htmlspecialchars($input->ostype);
if (isset($input->osversion)) $osVersion = str_replace(",", ";", htmlspecialchars($input->osversion));
// Check sender agent type and IP address consistency (same as parameter value).
if (empty(preg_match('/^python-requests\//', $_SERVER['HTTP_USER_AGENT'])) or $ip !== $_SERVER['REMOTE_ADDR']) {
throw new Exception("Bad OGAgent: ip=$ip, sender=".$_SERVER['REMOTE_ADDR'].", agent=".$_SERVER['HTTP_USER_AGENT']);
}
// May check if client is included in the server database?
// Default processing: log activity.
writeLog("OGAgent stopped: ip=$ip, mac=$mac, os=$osType:$osVersion.");
// Response.
$response = "";
jsonResponse(200, $response);
} catch (Exception $e) {
// Communication error.
$response["message"] = $e->getMessage();
writeLog($app->request()->getResourceUri().": ERROR: ".$response["message"]);
jsonResponse(400, $response);
}
}
);
/**
* @brief OGAgent notifies that an user logs in.
* @note Route: /ogagent/loggedin, Method: POST, Format: JSON
* @param string ip IP address
* @param string user username
* @param string language session language
* @param string ostype OS type (Linux, Windows, macOS)
* @param string osversion OS version
* @return Null string if OK, else error message.
*/
$app->post('/ogagent/loggedin',
function() use ($app) {
global $cmd;
$redirto = Array();
$result = Array();
try {
// Reading POST parameters in JSON format.
$input = json_decode($app->request()->getBody());
$ip = htmlspecialchars($input->ip);
$user = htmlspecialchars($input->user);
$language = isset($input->language) ? substr($input->language, 0, strpos($input->language, "_")) : "";
if (isset($input->ostype)) $osType = htmlspecialchars($input->ostype);
if (isset($input->osversion)) $osVersion = str_replace(",", ";", htmlspecialchars($input->osversion));
// Check sender IP address consistency (same as parameter value).
if (empty(preg_match('/^python-requests\//', $_SERVER['HTTP_USER_AGENT'])) or $ip !== $_SERVER['REMOTE_ADDR']) {
throw new Exception("Bad OGAgent: ip=$ip, sender=".$_SERVER['REMOTE_ADDR'].", agent=".$_SERVER['HTTP_USER_AGENT']);
}
// Check if client is included in the server database.
$cmd->CreaParametro("@ip", $ip, 0);
$cmd->texto = <<<EOD
SELECT ordenadores.idordenador, ordenadores.nombreordenador, remotepc.urllogin,
remotepc.reserved > NOW() AS reserved
FROM remotepc
RIGHT JOIN ordenadores ON remotepc.id=ordenadores.idordenador
WHERE ordenadores.ip=@ip
LIMIT 1;
EOD;
$rs=new Recordset;
$rs->Comando=&$cmd;
if ($rs->Abrir()) {
// Read query data.
$rs->Primero();
$id = $rs->campos['idordenador'];
$redirto[0]['url'] = $rs->campos['urllogin'];
$reserved = $rs->campos['reserved'];
$rs->Cerrar();
if (!is_null($id)) {
// Log activity, respond to client and continue processing.
writeLog("User logged in: ip=$ip, user=$user, lang=$language, os=$osType:$osVersion.");
$response = "";
jsonResponseNow(200, $response);
} else {
throw new Exception("Client is not in the database: ip=$ip, user=$user");
}
// Redirect notification to UDS server, if needed.
if ($reserved == 1 and !is_null($redirto[0]['url'])) {
$redirto[0]['get'] = $app->request()->getBody();
$result = multiRequest($redirto);
// ... (check response)
//if ($result[0]['code'] != 200) {
// ...
// Updating user's session language for messages.
$cmd->texto = <<<EOD
UPDATE remotepc
SET language = '$language'
WHERE id = '$id';
EOD;
$cmd->Ejecutar();
}
} else {
throw new Exception("Database error");
}
} catch (Exception $e) {
// Communication error.
$response["message"] = $e->getMessage();
writeLog($app->request()->getResourceUri().": ERROR: ".$response["message"]);
jsonResponse(400, $response);
}
}
);
/**
* @brief OGAgent notifies that an user logs out.
* @note Route: /ogagent/loggedout, Method: POST, Format: JSON
* @param string ip IP address
* @param string user username
* @return Null string if OK, else error message.
*/
$app->post('/ogagent/loggedout',
function() use ($app) {
global $cmd;
$redirto = Array();
$result = Array();
try {
// Reading POST parameters in JSON format.
$input = json_decode($app->request()->getBody());
$ip = htmlspecialchars($input->ip);
$user = htmlspecialchars($input->user);
// Check sender agent type and IP address consistency (same as parameter value).
if (empty(preg_match('/^python-requests\//', $_SERVER['HTTP_USER_AGENT'])) or $ip !== $_SERVER['REMOTE_ADDR']) {
throw new Exception("Bad OGAgent: ip=$ip, sender=".$_SERVER['REMOTE_ADDR'].", agent=".$_SERVER['HTTP_USER_AGENT']);
}
// Check if client is included in the server database.
$cmd->CreaParametro("@ip", $ip, 0);
$cmd->texto = <<<EOD
SELECT ordenadores.idordenador, ordenadores.nombreordenador, remotepc.urllogout,
remotepc.reserved > NOW() AS reserved
FROM remotepc
RIGHT JOIN ordenadores ON remotepc.id=ordenadores.idordenador
WHERE ordenadores.ip=@ip
LIMIT 1;
EOD;
$rs=new Recordset;
$rs->Comando=&$cmd;
if ($rs->Abrir()) {
// Read query data.
$rs->Primero();
$id = $rs->campos['idordenador'];
$redirto[0]['url'] = $rs->campos['urllogout'];
$reserved = $rs->campos['reserved'];
$rs->Cerrar();
if (!is_null($id)) {
// Log activity, respond to client and continue processing.
writeLog("User logged out: ip=$ip, user=$user.");
$response = "";
jsonResponseNow(200, $response);
} else {
throw new Exception("Client is not in the database: ip=$ip, user=$user");
}
// Redirect notification to UDS server, if needed.
if ($reserved == 1 and !is_null($redirto[0]['url'])) {
$redirto[0]['get'] = $app->request()->getBody();
$result = multiRequest($redirto);
// ... (check response)
//if ($result[0]['code'] != 200) {
// ...
}
} else {
throw new Exception("Database error");
}
} catch (Exception $e) {
// Communication error.
$response["message"] = $e->getMessage();
writeLog($app->request()->getResourceUri().": ERROR: ".$response["message"]);
jsonResponse(400, $response);
}
}
);
?>
|