PBwiki Developer API

FrontPage

email.hidden@example.com (David Weekly) — Mon, 31 Mar 2008 14:00:29 +0000

David Weekly edited FrontPage

bitty = {contents: [{service: "bitty:browser",title: "Bitty Browser",width: "400",height: "400",titlebar: {display: "off"},buttonbar: {textlabels: "off"},searchbar: {display: "off"},homepage: {contents: [{website: "http://yummy.pbwiki.com/?raw=bare&embed=1"}]}}]};
Bitty Browser (iframes required)
Server-Side Inlining Public Wiki Content
If SEO matters to you, the HTML that your website generates will need to include the wiki content inline (versus fetched by a client web browser). It's easy to do this with PBwiki, particularly if your wiki is public; here's how to do that in PHP in one line:
echo(file_get_contents('http://YOURWIKI.pbwiki.com/FrontPage?raw=bare'));
Server-Side Inlining Private Wiki Content
For this, you'll need to set up an API key for the wiki you'd like to selectively republish. Once you have your API key, it's two lines of PHP. (One if you wanted to be clever.)
$result = deserialize

AuthApi

email.hidden@example.com (Nathan Schmidt ぼけ) — Fri, 07 Mar 2008 14:38:14 +0000

Nathan Schmidt ぼけ edited AuthApi

After computing the authentication token based on this full URL, "&authTok=AUTHTOK" should be added to the end of the URL and the user should be redirected to this URL.
PBwiki will then process the user's authentication credentials. If they are valid, the user will be bounced back to the front page of their wiki as logged in to the wiki with the name, email, and permissions your API specified.
Sha hash example
We use the php implementation of the sha1 hash algorithm and while that should be standardized, it's good to have an example so you can verify that you'll get the same results we do. The literal string 'hello world' should give the result as shown below:
$hash_res = sha1('hello world'); $expected = '2aae6c35c94fcfb415dbe95f408b9ce91ee846ed';if($hash_res == $expected) { print "Success"; }
Logout
If you set an optional logout URL, users will be directed there when they click "logout". While you can take any action you'd like on this page, it'

FrontPage

email.hidden@example.com (Nathan Schmidt ぼけ) — Wed, 23 Jan 2008 17:24:07 +0000

Nathan Schmidt ぼけ edited FrontPage

The PBwiki Developer API
NOTE: (September 21, 2006) The basic API is live on our servers, but you will need to email api@pbwiki.com to ask us to enable your wiki for the API. While the documentation on this page closely resembles what is available on production, it may actually be slightly ahead of our production service in some cases.
PBwiki is going to be rolling out an API for letting developers access and update their wikis programmatically. The first few revisions of this API that you're going to see are pretty chunky, but we're going to be

AuthApi

email.hidden@example.com (Anonymous) — Sun, 23 Dec 2007 15:36:24 +0000

Anonymous edited AuthApi

If you set an optional logout URL, users will be directed there when they click "logout". While you can take any action you'd like on this page, it's recommended that you verify the user wishes to log out of all SSO apps and do so if requested.
Sample Code
<?
$apiKey<?$apiKey = "XXXX.....";
$tok "XXXX.....";$tok = @$_GET['tok'];
$host @$_GET['tok'];$host = @$_GET['host'];
if(!$tok){
die("no token!");
}
if(!$_GET['done']){
die("ok @$_GET['host'];if(!$tok){ die("no token!");}if(!$_GET['done']){ die("ok to punt you? <a href=/authtest.php?tok=$tok&host=$host&done=1>Yeah.</a>");
}
// href=/authtest.php?tok=$tok

PbAuthDotNet.zip

email.hidden@example.com (Anonymous) — Sun, 23 Dec 2007 15:29:18 +0000

Anonymous uploaded PbAuthDotNet.zip

AuthApi

email.hidden@example.com (David Weekly) — Wed, 15 Aug 2007 20:54:13 +0000

David Weekly edited AuthApi

After you've determined the user's identity & access level, your script should compute the authentication token and redirect the user's browser to our authentication return script.
The authentication token is computed by taking the hex representation of a SHA-1 hash of: the URL to which you'll be redirecting the user concatenated with the authentication token we passed to your script concatenated with your API key. Let's suppose you authenticated a user as "John Doe" with email "john@example.edu" and access "write" from IP "1.2.3.4", with a login session that expires October 24, 2006 at midnight GMT. Expiration times are given as integer Unixtimestamp values, in this case 1161666000.
All parameters MUST be URI-escaped - if you forget this and use '@' instead of '%40', the authentication will fail.
The URL for the return consists of https://YOURWIKI.pbwiki.com/authReturn.php?name=NAME&email=EMAIL&access=ACCESS&ip=IP&expires=EXPIRES

AuthApi

email.hidden@example.com (David Weekly) — Wed, 15 Aug 2007 20:48:59 +0000

David Weekly edited AuthApi

If you set an optional logout URL, users will be directed there when they click "logout". While you can take any action you'd like on this page, it's recommended that you verify the user wishes to log out of all SSO apps and do so if requested.
Sample Code
<?
$apiKey = "XXXX.....";
$tok = @$_GET['tok'];
$host = @$_GET['host'];
if(!$tok){
die("no token!");
}
if(!$_GET['done']){
die("ok to punt you? <a href=/authtest.php?tok=$tok&host=$host&done=1>Yeah.</a>");
}
// okay, let's authenticate you as a reader.
$name = "Joe Dobbson";
$email = "joe@example.org";
$access = "mod";
$ip = $_SERVER['REMOTE_ADDR'];
$sessionExpires = time()+30; // 30 second session!
$retURL = "https://$host/authReturn.php?".
"name=".urlencode($name)."&".
"email=".urlencode($email)."&".
"access=".

AuthApi

email.hidden@example.com (David Weekly) — Wed, 15 Aug 2007 20:48:01 +0000

David Weekly edited AuthApi

AuthApi

email.hidden@example.com (David Weekly) — Tue, 31 Jul 2007 14:18:10 +0000

David Weekly edited AuthApi

After computing the authentication token based on this full URL, "&authTok=AUTHTOK" should be added to the end of the URL and the user should be redirected to this URL.
PBwiki will then process the user's authentication credentials. If they are valid, the user will be bounced back to the front page of their wiki as logged in to the wiki with the name, email, and permissions your API specified.
Logout
If you set an optional logout URL, users will be directed there when they click "logout". While you can take any action you'd like on this page, it's recommended that you verify the user wishes to log out of all SSO apps and do so if requested.
Sample Code
Forthcoming...

PortingFaq

email.hidden@example.com (Anonymous) — Tue, 06 Mar 2007 15:47:18 +0000

Anonymous edited PortingFaq

current (a symlink to the most recent revision)
...
discussion/ (comments on the page)
PAGENAME/
117112322 (unix timestamp-encoded revision, see below)
....
files/ (contains all attached files to the wiki)
somefile.pdf (some attached file, stored raw, no metadata)
Here's an example tags file:
a:2:{s:7:"version";i:1;s:4:"DATA";a:2:{s:3:"yay";i:1;s:4:"side";i:1;}}
DISCUSSION
Discussion (comments on particular pages) are stored much like pages themselves
Contents of the file "discussion/FrontPage/1163281754"
time:1163281754 page:FrontPage name:Bob Robert email:bob@example.com op:comment uid:0 role:admin ip:4.2.2.1 -- Data Follows --- This is the text of my comment
USERS
Most PBwiki users simply use a wiki-wide access password to log into their wikis. This makes PBwiki unique, since on most wikis there is no concept of a user-specific login per se. We do have PBwiki Identities

PortingFaq

email.hidden@example.com (David Weekly) — Tue, 30 Jan 2007 14:50:19 +0000

David Weekly edited PortingFaq

pbj:2f7d1e2ff1531ca0c0d04247fbb7001167959070

locked:0

hidden:0

+ --- Data Follows ---

! This is a wiki page

Yep, just some data.

Here we see the same key/value pair format as used in meta.pbj, delimited by a

line that contains ONLY and EXACTLY the string "--- Data Follows ---", after

which the page data begins immediately. If the page data is not in PBwiki text

(which is the default) add to the key/value headers "content-type:text/html".

!! FILES

File attachments are stored raw with no metadata in the files/ subdirectory.

!! TAGS

Tags may be added to a page to assist navigation. They are not stored inl

ChangePage

email.hidden@example.com (David Weekly) — Mon, 29 Jan 2007 17:01:28 +0000

David Weekly added ChangePage

! ChangePage

This function replaces an existing page with the new page content that you supply. The function will fail if the page does not yet exist (in which case you should call NewPage), if the page is locked for editing by a human , or if the page is locked by administrators.

Future versions of this function will permit the caller to override these (with administrative privileges) specify if the page should be admin-locked or hidden, etc.

!! Request Parameters

**page** \'\'Required\'\'
Specifies what page you\'d like to change. If this page does not already exist, the function will fail. Since it is a GET parameter, it must be URI encoded.

**email**
Specifies the email address that this page edit should be attributed to. If using the Javascript API, this parameter is ignored and the user\'s logged-in email address is used instead.

**name**
Specifies the name that this page edit should be attributed to. If using the Javascript API, this parameter is ignored and the user\'s logged-in n

PortingFaq

email.hidden@example.com (David Weekly) — Wed, 10 Jan 2007 15:22:07 +0000

David Weekly edited PortingFaq

PBwiki Importing HOWTO

----------------------

! PBwiki Importing HOWTO

So you'd like to move your wiki into PBwiki, eh wot? This guide, written

for programmers looking to export data in a PBwiki-friendly way, should

help you import your wiki easily to PBwiki.

So you'd like to move your wiki into PBwiki, eh wot? This guide, written for programmers looking to export data in a PBwiki-friendly way, should help you import your wiki easily to PBwiki.

There are several main components to a wiki's information:

- Users: Who has access to the wiki? Are they an admin or a contributor?

Who is receiving notifications on wiki changes?

- Wiki Meta: What's the wiki called? Are there any spec

PortingFaq

email.hidden@example.com (David Weekly) — Wed, 10 Jan 2007 15:15:53 +0000

David Weekly added PortingFaq



PBwiki Importing HOWTO


----------------------





So you\'d like to move your wiki into PBwiki, eh wot? This guide, written


for programmers looking to export data in a PBwiki-friendly way, should


help you import your wiki easily to PBwiki.





There are several main components to a wiki\'s information:


- Users: Who has access to the wiki? Are they an admin or a contributor?


         Who is receiving notifications on wiki changes?


- Wiki Meta: What\'s the wiki called? Are there any special keywords/tags?


             How would you describe the wiki? Is it French? Turkish?


             What is the default timezone for the wiki? Is the wiki accessible


             by way of a different domain name?


- Wiki Pages: What\'s the content of the wiki page? Is it in HTML or PBwiki


              format? Who last edited it? (name+email) When was it edited?


- Attachments: What files are attached to this wiki?


- Tags: What pages are tagged how?








Special page names in PBwiki world:


- FrontPage  - this

AuthApi

email.hidden@example.com (David Weekly) — Wed, 01 Nov 2006 21:02:34 +0000

David Weekly edited AuthApi

From there on out, whenever a user needs to be authenticated (such as trying to make an edit), they will be passed to your URL along with a special token that uniquely designated the login attempt and the site the user was trying to access.

Your service should then determine - through either automated means or by asking the user for their password - the user's identity and access level. Your service should then pass the user back to your PBwiki with a signed authentication token to let us be sure that your service did authorize this user. PBwiki then accords the user the appropriate permissions. Be careful about assigning users "admin" permission, as they can then make serious changes to your wiki, including deleting it and changing the Authentication API URL.

!! The Details

Let's say you have a wiki called "mywiki.pbwiki.com" and you have your authentication script at "http://www.example.edu/pbwikiAuth.a

AuthApi

email.hidden@example.com (David Weekly) — Wed, 01 Nov 2006 19:54:47 +0000

David Weekly edited AuthApi

After you've determined the user's identity & access level, your script should compute the authentication token and redirect the user's browser to our authentication return script.

The authentication token is computed by taking the hex representation of a SHA-1 hash of: the URL to which you'll be redirecting the user concatenated with the authentication token we passed to your script concatenated with your API key. Let's suppose you authenticated a user as "John Doe" with email "john@example.edu" and access "write" from IP "1.2.3.4", with a login session that expires October 24, 2006 at midnight GMT. Expiration times are given as integer [http://en.wikipedia.org/wiki/Unix_time Unix timestamp] values, in this case 1161666000.

The URL for the return consists of https://**YOURWIKI**.pbwiki.com/authReturn.php?name=**NAME**&email=**EMAIL**&access=**ACCESS**&ip=**IP**&expires=**EXPIRES**

so in our case this wo

AuthApi

email.hidden@example.com (David Weekly) — Mon, 23 Oct 2006 18:33:11 +0000

David Weekly edited AuthApi

! The Authentication API

The Authentication API enables your own scripts to determine who has what access to your wiki and to validate who they are. It's a very powerful and flexible facility that could be used to use your behind-the-firewall LDAP server to administer roles and permissions on your company's PBwiki, or use your campus's single sign-on facility to validate the identities of your wiki's users.

!! The Process

SideBar

email.hidden@example.com (David Weekly) — Mon, 23 Oct 2006 18:32:32 +0000

David Weekly edited SideBar

RenameFile

---

RegisterCallback

---

AuthApi

email.hidden@example.com (David Weekly) — Mon, 23 Oct 2006 18:32:14 +0000

David Weekly edited AuthApi

The authentication token is computed by taking the hex representation of a SHA-1 hash of: the URL to which you'll be redirecting the user concatenated with the authentication token we passed to your script. Let's suppose you authenticated a user as "John Doe" with email "john@example.edu" and access "write" from IP "1.2.3.4", with a login session that expires October 24, 2006 at midnight GMT. Expiration times are given as integer [http://en.wikipedia.org/wiki/Unix_time Unix timestamp] values, in this case 1161666000.

The URL for the return consists of https://**YOURWIKI**.pbwiki.com/authReturn.php?name=**NAME**&email=**EMAIL**&access=**ACCESS**&ip=**IP**&expires=**EXPIRES**

so in our case this would be:

https://mywiki.pbwiki.com/authReturn.php?name=John%20Doe&email=john@example.edu&access=write&ip=1.2.3.4&expires=1161666000

After computing the authentication token based on this

AuthApi

email.hidden@example.com (David Weekly) — Mon, 23 Oct 2006 18:28:13 +0000

David Weekly edited AuthApi

After you've determined the user's identity & access level, your script should compute the authentication token and redirect the user's browser to our authentication return script.

The authentication token is computed by taking the hex representation of a SHA-1 hash of: the URL to which you'll be redirecting the user concatenated with the authentication token we passed to your script.
The authentication token is computed by taking the hex representation of a SHA-1 hash of: the URL to which you'll be redirecting the user concatenated with the authentication token we passed to your script. Let's suppose you authenticated a user as "John Doe" with email "john@example.edu" and access "write" from IP "1.2.3.4", with a login session that expires October 24, 2006 at midnight GMT. Expiration times are given as integer [http://en.wikipedia.org/wiki/Unix_time Unix timestamp] values, in this case 1161666000.

The UR