Automatic API test (#2207)

* Automatic API test

Easier for end-user, smarter, and the guess testing of greader
authorization token was not reliable.

* Travis + minor

p/api/greader.php

@@ -143,14 +143,11 @@ function checkCompatibility() {
 	Minz_Log::warning('checkCompatibility() ' . debugInfo(), API_LOG);
 	header('Content-Type: text/plain; charset=UTF-8');
 	if (PHP_INT_SIZE < 8 && !function_exists('gmp_init')) {
-		die('FAIL 64-bit or GMP extension!');
+		die('FAIL 64-bit or GMP extension! Wrong PHP configuration.');
 	}
-	if ((!array_key_exists('HTTP_AUTHORIZATION', $_SERVER)) &&	//Apache mod_rewrite trick should be fine
-		(!array_key_exists('REDIRECT_HTTP_AUTHORIZATION', $_SERVER)) &&	//Apache mod_rewrite with FCGI
-		(empty($_SERVER['SERVER_SOFTWARE']) || (stripos($_SERVER['SERVER_SOFTWARE'], 'nginx') === false)) &&	//nginx should be fine
-		(empty($_SERVER['SERVER_SOFTWARE']) || (stripos($_SERVER['SERVER_SOFTWARE'], 'lighttpd') === false)) &&	//lighttpd should be fine
-		((!function_exists('getallheaders')) || (stripos(php_sapi_name(), 'cgi') !== false))) {	//Main problem is Apache/CGI mode
-		die('FAIL getallheaders! (probably)');
+	$headerAuth = headerVariable('Authorization', 'GoogleLogin_auth');
+	if ($headerAuth == '') {
+		die('FAIL get HTTP Authorization header! Wrong Web server configuration.');
 	}
 	echo 'PASS';
 	exit();
@@ -913,6 +910,10 @@ FreshRSS_Context::$system_conf = Minz_Configuration::get('system');
 
 if (!FreshRSS_Context::$system_conf->api_enabled) {
 	serviceUnavailable();
+} elseif (count($pathInfos) < 3) {
+	badRequest();
+} elseif ($pathInfos[1] === 'check' && $pathInfos[2] === 'compatibility') {
+	checkCompatibility();
 }
 
 ini_set('session.use_cookies', '0');
@@ -927,9 +928,7 @@ if ($user !== '') {
 
 Minz_Session::_param('currentUser', $user);
 
-if (count($pathInfos) < 3) {
-	badRequest();
-} elseif ($pathInfos[1] === 'accounts') {
+if ($pathInfos[1] === 'accounts') {
 	if (($pathInfos[2] === 'ClientLogin') && isset($_REQUEST['Email']) && isset($_REQUEST['Passwd'])) {
 		clientLogin($_REQUEST['Email'], $_REQUEST['Passwd']);
 	}
@@ -1088,8 +1087,6 @@ if (count($pathInfos) < 3) {
 			userInfo();
 			break;
 	}
-} elseif ($pathInfos[1] === 'check' && $pathInfos[2] === 'compatibility') {
-	checkCompatibility();
 }
 
 badRequest();

p/api/index.php

@@ -5,6 +5,18 @@
 <title>FreshRSS API endpoints</title>
 <meta name="robots" content="noindex" />
 <link rel="start" href="../i/" />
+<script src="../scripts/api.js" defer="defer"></script>
+<script id="jsonVars" type="application/json">
+<?php
+require(__DIR__ . '/../../constants.php');
+require(LIB_PATH . '/lib_rss.php');	//Includes class autoloader
+Minz_Configuration::register('system', DATA_PATH . '/config.php', FRESHRSS_PATH . '/config.default.php');
+echo json_encode(array(
+		'greader' => Minz_Url::display('/api/greader.php', 'php', true),
+		'fever' => Minz_Url::display('/api/fever.php', 'php', true),
+	));
+?>
+</script>
 </head>
 
 <body>
@@ -14,17 +26,11 @@
 <dl>
 <dt>Your API address:</dt>
 <dd><?php
-require(__DIR__ . '/../../constants.php');
-require(LIB_PATH . '/lib_rss.php');	//Includes class autoloader
-Minz_Configuration::register('system', DATA_PATH . '/config.php', FRESHRSS_PATH . '/config.default.php');
 echo Minz_Url::display('/api/greader.php', 'html', true);
 ?></dd>
+<dt>Google Reader API configuration test:</dt>
+<dd id="greaderOutput">?</dd>
 </dl>
-<ul>
-<li><a href="greader.php/check%2Fcompatibility" rel="nofollow">Check full server configuration</a></li>
-<li><a href="greader.php/check/compatibility" rel="nofollow">Check partial server
-configuration (without <code>%2F</code> support)</a></li>
-</ul>
 
 <h2>Fever compatible API</h2>
 <dl>
@@ -32,10 +38,9 @@ configuration (without <code>%2F</code> support)</a></li>
 <dd><?php
 echo Minz_Url::display('/api/fever.php', 'html', true);
 ?></dd>
+<dt>Fever API configuration test:</dt>
+<dd id="feverOutput">?</dd>
 </dl>
-<ul>
-<li><a href="fever.php?api" rel="nofollow">Test</a></li>
-</ul>
 
 </body>
 </html>

p/scripts/api.js

@@ -0,0 +1,62 @@
+"use strict";
+/* jshint esversion:6, strict:global */
+
+function check(url, next) {
+	if (!url || !next) {
+		return;
+	}
+	const req = new XMLHttpRequest();
+	req.open('GET', url, true);
+	req.setRequestHeader('Authorization', 'GoogleLogin auth=test/1');
+	req.onerror = function (e) {
+			next('FAIL: HTTP ' + e);
+		};
+	req.onload = function () {
+		if (this.status == 200) {
+			next(this.response);
+		} else {
+			next('FAIL: HTTP error ' + this.status + ' ' + this.statusText);
+		}
+	};
+	req.send();
+}
+
+const jsonVars = JSON.parse(document.getElementById('jsonVars').innerHTML);
+
+check(jsonVars.greader + '/check/compatibility', function next(result1) {
+		const greaderOutput = document.getElementById('greaderOutput');
+		if (result1 === 'PASS') {
+			greaderOutput.innerHTML = '✔️ ' + result1;
+		} else {
+			check(jsonVars.greader + '/check%2Fcompatibility', function next(result2) {
+				if (result2 === 'PASS') {
+					greaderOutput.innerHTML = '⚠️ WARN: no <code>%2F</code> support, so some clients will not work!';
+				} else {
+					check('./greader.php/check/compatibility', function next(result3) {
+						if (result3 === 'PASS') {
+							greaderOutput.innerHTML = '⚠️ WARN: Probable invalid base URL in ./data/config.php';
+						} else {
+							greaderOutput.innerHTML = '❌ ' + result1;
+						}
+					});
+				}
+			});
+		}
+	});
+
+check(jsonVars.fever + '?api', function next(result1) {
+		const feverOutput = document.getElementById('feverOutput');
+		try {
+			JSON.parse(result1);
+			feverOutput.innerHTML = '✔️ PASS';
+		} catch (ex) {
+			check('./fever.php?api', function next(result2) {
+					try {
+						JSON.parse(result2);
+						feverOutput.innerHTML = '⚠️ WARN: Probable invalid base URL in ./data/config.php';
+					} catch (ex) {
+						feverOutput.innerHTML = '❌ ' + result1;
+					}
+				});
+		}
+	});