From d8755eed1e452d2efbfc983af0e9d228d152bf6b Mon Sep 17 00:00:00 2001
From: Chocobozzz <florian.bigard@gmail.com>
Date: Mon, 16 Oct 2017 10:05:49 +0200
Subject: Add oembed endpoint

---
 server/middlewares/validators/index.ts  |  1 +
 server/middlewares/validators/oembed.ts | 63 +++++++++++++++++++++++++++++++++
 2 files changed, 64 insertions(+)
 create mode 100644 server/middlewares/validators/oembed.ts

(limited to 'server/middlewares')

diff --git a/server/middlewares/validators/index.ts b/server/middlewares/validators/index.ts
index 418fa5f1d..068c41b24 100644
--- a/server/middlewares/validators/index.ts
+++ b/server/middlewares/validators/index.ts
@@ -1,3 +1,4 @@
+export * from './oembed'
 export * from './remote'
 export * from './pagination'
 export * from './pods'
diff --git a/server/middlewares/validators/oembed.ts b/server/middlewares/validators/oembed.ts
new file mode 100644
index 000000000..4b8c03faf
--- /dev/null
+++ b/server/middlewares/validators/oembed.ts
@@ -0,0 +1,63 @@
+import { query } from 'express-validator/check'
+import * as express from 'express'
+import { join } from 'path'
+
+import { checkErrors } from './utils'
+import { CONFIG } from '../../initializers'
+import { logger } from '../../helpers'
+import { checkVideoExists, isVideoIdOrUUIDValid } from '../../helpers/custom-validators/videos'
+import { isTestInstance } from '../../helpers/core-utils'
+
+const urlShouldStartWith = CONFIG.WEBSERVER.SCHEME + '://' + join(CONFIG.WEBSERVER.HOST, 'videos', 'watch') + '/'
+const videoWatchRegex = new RegExp('([^/]+)$')
+const isURLOptions = {
+  require_host: true,
+  require_tld: true
+}
+
+// We validate 'localhost', so we don't have the top level domain
+if (isTestInstance()) {
+  isURLOptions.require_tld = false
+}
+
+const oembedValidator = [
+  query('url').isURL(isURLOptions).withMessage('Should have a valid url'),
+  query('maxwidth').optional().isInt().withMessage('Should have a valid max width'),
+  query('maxheight').optional().isInt().withMessage('Should have a valid max height'),
+  query('format').optional().isIn([ 'xml', 'json' ]).withMessage('Should have a valid format'),
+
+  (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking oembed parameters', { parameters: req.query })
+
+    checkErrors(req, res, () => {
+      if (req.query.format !== undefined && req.query.format !== 'json') {
+        return res.status(501)
+                  .json({ error: 'Requested format is not implemented on server.' })
+                  .end()
+      }
+
+      const startIsOk = req.query.url.startsWith(urlShouldStartWith)
+      const matches = videoWatchRegex.exec(req.query.url)
+      if (startIsOk === false || matches === null) {
+        return res.status(400)
+                  .json({ error: 'Invalid url.' })
+                  .end()
+      }
+
+      const videoId = matches[1]
+      if (isVideoIdOrUUIDValid(videoId) === false) {
+        return res.status(400)
+                  .json({ error: 'Invalid video id.' })
+                  .end()
+      }
+
+      checkVideoExists(videoId, res, next)
+    })
+  }
+]
+
+// ---------------------------------------------------------------------------
+
+export {
+  oembedValidator
+}
-- 
cgit v1.2.3