2022-01-26 19:36:56 +01:00
|
|
|
<?php declare(strict_types=1);
|
2022-01-31 20:49:44 +01:00
|
|
|
|
2022-01-18 19:14:24 +01:00
|
|
|
namespace App\Controller;
|
|
|
|
|
2022-01-26 19:36:56 +01:00
|
|
|
error_reporting(error_level: E_ALL);
|
|
|
|
|
2022-01-31 20:49:44 +01:00
|
|
|
use App\Repository\ApikeyRepository;
|
|
|
|
use App\Repository\DomainRepository;
|
|
|
|
use DI\Container;
|
|
|
|
use DI\ContainerBuilder;
|
2022-02-01 20:39:46 +01:00
|
|
|
use OpenApi\Annotations\ServerVariable;
|
|
|
|
use OpenApi\Annotations\Tag;
|
|
|
|
use OpenApi\Generator;
|
2022-01-20 11:06:58 +01:00
|
|
|
use UnhandledMatchError;
|
2022-01-31 20:49:44 +01:00
|
|
|
use function DI\autowire;
|
2022-02-01 20:39:46 +01:00
|
|
|
use OpenApi\Attributes as OAT;
|
2022-01-18 19:14:24 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
*
|
|
|
|
*/
|
2022-02-01 20:39:46 +01:00
|
|
|
#[OAT\Info(version: '0.0.1', title: 'bindAPI' )]
|
2022-01-18 19:14:24 +01:00
|
|
|
class RequestController
|
|
|
|
{
|
2022-01-31 20:49:44 +01:00
|
|
|
//private DatabaseConnection $databaseConnection;
|
|
|
|
private DomainRepository $domainRepository;
|
|
|
|
private ApikeyRepository $apikeyRepository;
|
|
|
|
private Container $container;
|
|
|
|
private string $header;
|
2022-01-20 11:06:58 +01:00
|
|
|
private array $result;
|
2022-01-31 20:49:44 +01:00
|
|
|
private string $status;
|
|
|
|
private string $message;
|
2022-01-18 19:14:24 +01:00
|
|
|
|
2022-01-20 11:06:58 +01:00
|
|
|
/**
|
2022-01-25 20:50:26 +01:00
|
|
|
* @param array $config
|
|
|
|
* @param String $requestMethod
|
|
|
|
* @param array $uri
|
2022-01-31 20:49:44 +01:00
|
|
|
*
|
|
|
|
* @throws \Exception
|
2022-01-20 11:06:58 +01:00
|
|
|
*/
|
2022-01-31 20:49:44 +01:00
|
|
|
public function __construct(private array $config, private string $requestMethod, private array $uri)
|
2022-01-18 19:14:24 +01:00
|
|
|
{
|
2022-01-26 19:36:56 +01:00
|
|
|
$this->requestMethod = strtoupper(string: $requestMethod);
|
2022-01-31 20:49:44 +01:00
|
|
|
|
|
|
|
$containerBuilder = new ContainerBuilder();
|
|
|
|
$containerBuilder->addDefinitions([
|
|
|
|
DatabaseConnection::class => autowire()->constructorParameter(parameter: 'config', value: $this->config),
|
|
|
|
]);
|
|
|
|
$this->container = $containerBuilder->build();
|
|
|
|
|
|
|
|
$this->domainRepository = $this->container->get(name: DomainRepository::class);
|
|
|
|
$this->apikeyRepository = $this->container->get(name: ApikeyRepository::class);
|
|
|
|
|
2022-01-18 19:14:24 +01:00
|
|
|
}
|
2022-02-01 20:39:46 +01:00
|
|
|
|
2022-01-20 11:06:58 +01:00
|
|
|
|
|
|
|
/**
|
2022-02-01 20:39:46 +01:00
|
|
|
* @OA\Server(
|
|
|
|
* url = "https://ns2.24unix.net/api"
|
|
|
|
* )
|
|
|
|
* @OA\Tag(name = "Server")
|
|
|
|
* @OA\Get(
|
|
|
|
* path = "/ping",
|
|
|
|
* summary = "Returning pong.",
|
|
|
|
* description = "Can be used to check API or server availability.",
|
|
|
|
* tags={"Server"},
|
|
|
|
* @OA\Response(response = "200", description = "OK"),
|
|
|
|
* @OA\Response(response = "401", description = "API key is missing or invalid."),
|
|
|
|
* security={
|
|
|
|
* {"Authorization":{"read"}}
|
|
|
|
* }
|
|
|
|
* )
|
|
|
|
*
|
|
|
|
* @OA\SecurityScheme (name="bindAPISecurity",
|
|
|
|
* type="apiKey",
|
|
|
|
* description="description",
|
|
|
|
* name="X-API-Key",
|
|
|
|
* in="header",
|
|
|
|
* securityScheme="Authorization"
|
|
|
|
*
|
|
|
|
* )
|
|
|
|
* @SwaggerDefinition(
|
|
|
|
* securityDefinition = @SecurityDefinition(
|
|
|
|
* apiKeyAuthDefinitions = {
|
|
|
|
* @ApiKeyAuthDefinition(
|
|
|
|
* key = "X-API-Key", in = ApiKeyAuthDefinition.ApiKeyLocation.HEADER, name = "X-API-KEY"
|
|
|
|
* )
|
|
|
|
* }
|
|
|
|
* )
|
|
|
|
* )
|
|
|
|
* @OA\Tag(name = "Domains")
|
|
|
|
* @OA\Get(
|
|
|
|
* path="/domains",
|
|
|
|
* summary="Listing all domains.",
|
|
|
|
* description="desc",
|
|
|
|
* tags={"Domains"},
|
|
|
|
* @OA\Response(response="200", description="OK"),
|
|
|
|
* @OA\Response(response = "401", description = "API key is missing or invalid."),
|
|
|
|
* @OA\Response(response="404", description="Domain not found."),
|
|
|
|
* security={
|
|
|
|
* {"Authorization":{"read":"write"}}
|
|
|
|
* }
|
|
|
|
* )
|
|
|
|
* @OA\Post(
|
|
|
|
* path="/domains",
|
|
|
|
* summary="Create a domain.",
|
|
|
|
* description="Creates a new domain.",
|
|
|
|
* tags={"Domains"},
|
|
|
|
* @OA\Response(response="201", description="Created"),
|
|
|
|
* @OA\Response(response = "400", description = "Invalid request body."),
|
|
|
|
* @OA\Response(response = "401", description = "API key is missing or invalid."),
|
|
|
|
* @OA\Response(response="404", description="Domain not found."),
|
|
|
|
* security={
|
|
|
|
* {"Authorization":{"read":"write"}}
|
|
|
|
* }
|
|
|
|
* )
|
|
|
|
* @OA\Get(
|
|
|
|
* path="/domains/{name}",
|
|
|
|
* summary="Returns a single domain.",
|
|
|
|
* description="Returns information of a single domain specified by its domain name.",
|
|
|
|
* tags={"Domains"},
|
|
|
|
* @OA\Response(response="200", description="OK"),
|
|
|
|
* @OA\Response(response = "401", description = "API key is missing or invalid."),
|
|
|
|
* @OA\Response(response="404", description="Domain not found."),
|
|
|
|
* security={
|
|
|
|
* {"Authorization":{"read":"write"}}
|
|
|
|
* }
|
|
|
|
* )
|
|
|
|
* @OA\Put(
|
|
|
|
* path="/domains/{name}",
|
|
|
|
* summary="Updates a domain.",
|
|
|
|
* description="Updates a domain. Only supplied fields will be updated, existing won't be affected.",
|
|
|
|
* tags={"Domains"},
|
|
|
|
* @OA\Response(response="200", description="OK"),
|
|
|
|
* @OA\Response(response = "401", description = "API key is missing or invalid."),
|
|
|
|
* @OA\Response(response="404", description="Domain not found."),
|
|
|
|
* security={
|
|
|
|
* {"Authorization":{"read":"write"}}
|
|
|
|
* }
|
|
|
|
* )
|
|
|
|
* @OA\Delete (
|
|
|
|
* path="/domains/{name}",
|
|
|
|
* summary="Deletes a domain.",
|
|
|
|
* description="Deletes a domain.",
|
|
|
|
* tags={"Domains"},
|
|
|
|
* @OA\Response(response="200", description="OK"),
|
|
|
|
* @OA\Response(response = "401", description = "API key is missing or invalid."),
|
|
|
|
* @OA\Response(response="404", description="Domain not found."),
|
|
|
|
* security={
|
|
|
|
* {"Authorization":{"read":"write"}}
|
|
|
|
* }
|
|
|
|
* )
|
|
|
|
*
|
2022-01-20 11:06:58 +01:00
|
|
|
* @return void
|
|
|
|
*/
|
2022-01-18 19:14:24 +01:00
|
|
|
public function processRequest()
|
|
|
|
{
|
2022-02-01 20:39:46 +01:00
|
|
|
$command = $this->uri[2];
|
|
|
|
|
|
|
|
if (empty($command) || !(($command == 'domains') || ($command == 'ping') || ($command == 'apidoc'))) {
|
2022-01-25 20:50:26 +01:00
|
|
|
$this->header = '404 Not Found';
|
2022-01-18 19:14:24 +01:00
|
|
|
$this->status = "404 Not Found";
|
|
|
|
$this->message = "Endpoint not found.";
|
|
|
|
} else {
|
2022-02-01 20:39:46 +01:00
|
|
|
if ($command == 'apidoc') {
|
|
|
|
$openapi = Generator::scan(sources: [__DIR__ . 'RequestController.php']);
|
|
|
|
$this->status = 'openapi';
|
|
|
|
$this->result[] = $openapi->toJson();
|
|
|
|
} else {
|
|
|
|
if ($this->checkPassword()) {
|
|
|
|
|
|
|
|
if ($this->uri[2] == "ping") {
|
|
|
|
$this->header = '200 OK';
|
|
|
|
$this->status = 'pong';
|
|
|
|
} else {
|
|
|
|
try {
|
|
|
|
match ($this->requestMethod) {
|
|
|
|
'GET' => $this->handleDomainGetRequest(),
|
|
|
|
'POST' => $this->handleDomainPostRequest(),
|
|
|
|
'PUT' => $this->handleDomainPutRequest(),
|
|
|
|
'DELETE' => $this->handleDomainDeleteRequest()
|
|
|
|
};
|
|
|
|
} catch (UnhandledMatchError) {
|
|
|
|
$this->header = '400 Bad Request';
|
|
|
|
$this->status = '400 Bad Request';
|
|
|
|
$this->message = "unknown request method: $this->requestMethod";
|
|
|
|
}
|
2022-01-24 18:57:47 +01:00
|
|
|
}
|
2022-01-18 19:14:24 +01:00
|
|
|
}
|
|
|
|
}
|
2022-02-01 20:39:46 +01:00
|
|
|
|
|
|
|
if (!empty($this->header)) {
|
|
|
|
header(header: $_SERVER['SERVER_PROTOCOL'] . ' ' . $this->header);
|
|
|
|
}
|
|
|
|
if (!empty($this->result)) {
|
|
|
|
if (!empty($this->status) && $this->status == 'openapi') {
|
|
|
|
header(header: 'Content-Type: application/json');
|
|
|
|
echo $this->result[0];
|
|
|
|
} else {
|
|
|
|
echo json_encode(value: $this->result);
|
|
|
|
}
|
2022-01-24 18:57:47 +01:00
|
|
|
} else {
|
2022-02-01 20:39:46 +01:00
|
|
|
if (!empty($this->status) && $this->status == 'pong') {
|
|
|
|
echo json_encode(value: [
|
|
|
|
'response' => $this->status
|
|
|
|
]);
|
|
|
|
} else {
|
|
|
|
echo json_encode(value: [
|
|
|
|
'status' => $this->status ?? "Error: No status",
|
|
|
|
'message' => $this->message ?? "Error: No message."
|
|
|
|
]);
|
|
|
|
}
|
2022-01-24 18:57:47 +01:00
|
|
|
}
|
2022-01-18 19:14:24 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
public function checkPassword(): bool
|
|
|
|
{
|
2022-01-26 19:36:56 +01:00
|
|
|
$headers = array_change_key_case(array: getallheaders(), case: CASE_UPPER);
|
|
|
|
$apiKey = $headers['X-API-KEY'] ?? '';
|
2022-01-18 19:14:24 +01:00
|
|
|
|
|
|
|
if (empty($apiKey)) {
|
2022-01-25 20:50:26 +01:00
|
|
|
$this->header = "401 Unauthorized";
|
2022-01-18 19:14:24 +01:00
|
|
|
$this->status = "401 Unauthorized";
|
|
|
|
$this->message = "API key is missing.";
|
|
|
|
return false;
|
|
|
|
} else {
|
2022-01-26 19:36:56 +01:00
|
|
|
[$prefix,] = explode(separator: '.', string: $apiKey);
|
2022-01-31 20:49:44 +01:00
|
|
|
if ($apiResult = $this->apikeyRepository->findByPrefix(prefix: $prefix)) {
|
|
|
|
$storedHash = $apiResult->getApiToken();
|
2022-01-27 15:16:20 +01:00
|
|
|
if (!password_verify(password: $apiKey, hash: $storedHash)) {
|
|
|
|
$this->header = "401 Unauthorized";
|
|
|
|
$this->status = "401 Unauthorized";
|
|
|
|
$this->message = "API key mismatch.";
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
} else {
|
2022-01-25 20:50:26 +01:00
|
|
|
$this->header = "401 Unauthorized";
|
2022-01-18 19:14:24 +01:00
|
|
|
$this->status = "401 Unauthorized";
|
2022-01-31 20:49:44 +01:00
|
|
|
$this->message = "Invalid API key.";
|
2022-01-18 19:14:24 +01:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2022-01-20 11:06:58 +01:00
|
|
|
/**
|
2022-01-22 17:36:15 +01:00
|
|
|
* @return void
|
2022-01-20 11:06:58 +01:00
|
|
|
*/
|
2022-01-22 17:32:36 +01:00
|
|
|
public function handleDomainGetRequest(): void
|
2022-01-20 11:06:58 +01:00
|
|
|
{
|
|
|
|
if (empty($this->uri[3])) {
|
2022-01-31 20:49:44 +01:00
|
|
|
$domains = $this->domainRepository->findAll();
|
|
|
|
$resultDomain = [];
|
|
|
|
foreach ($domains as $singleDomain) {
|
|
|
|
$domain = [
|
|
|
|
'id' => $singleDomain->getId(),
|
|
|
|
'name' => $singleDomain->getName(),
|
|
|
|
'panel_id' => $singleDomain->getPanelId(),
|
|
|
|
'a' => $singleDomain->getA(),
|
|
|
|
'aaaa' => $singleDomain->getAaaa()
|
|
|
|
];
|
|
|
|
$resultDomain[] = $domain;
|
|
|
|
}
|
|
|
|
$this->result = $resultDomain;
|
2022-01-20 11:06:58 +01:00
|
|
|
} else {
|
2022-01-31 20:49:44 +01:00
|
|
|
if ($result = $this->domainRepository->findByName(name: $this->uri[3])) {
|
|
|
|
$domain = [
|
|
|
|
'id' => $result->getId(),
|
|
|
|
'name' => $result->getName(),
|
|
|
|
'panel_id' => $result->getPanelId(),
|
|
|
|
'a' => $result->getA(),
|
|
|
|
'aaaa' => $result->getAaaa()
|
|
|
|
];
|
|
|
|
$this->result = $domain;
|
2022-01-22 17:32:36 +01:00
|
|
|
} else {
|
2022-01-25 20:50:26 +01:00
|
|
|
$this->header = "404 Not Found ";
|
2022-01-20 11:06:58 +01:00
|
|
|
$this->status = "404 Not Found ";
|
|
|
|
$this->message = "The specified domain was not found.";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-01-22 17:36:15 +01:00
|
|
|
|
2022-01-20 11:06:58 +01:00
|
|
|
/**
|
|
|
|
* @return void
|
|
|
|
*/
|
2022-02-01 20:39:46 +01:00
|
|
|
public
|
|
|
|
function handleDomainPostRequest(): void
|
2022-01-20 11:06:58 +01:00
|
|
|
{
|
2022-01-22 17:32:36 +01:00
|
|
|
$name = $_POST['name'] ?? '';
|
2022-01-27 15:16:20 +01:00
|
|
|
$panelID = intval(value: $_POST['panel_id'] ?? 0);
|
2022-01-22 17:32:36 +01:00
|
|
|
$a = $_POST['a'] ?? '';
|
|
|
|
$aaaa = $_POST['aaaa'] ?? '';
|
2022-01-20 11:06:58 +01:00
|
|
|
if (empty($name)) {
|
2022-01-27 15:16:20 +01:00
|
|
|
$this->header = "400 Bad Request";
|
2022-01-20 11:06:58 +01:00
|
|
|
$this->status = "400 Bad Request";
|
|
|
|
$this->message = "A name is required";
|
|
|
|
} else {
|
2022-01-27 15:16:20 +01:00
|
|
|
if (empty($a) && empty($aaaa) && empty($panelID)) {
|
|
|
|
$this->header = "400 Bad Request";
|
2022-01-20 11:06:58 +01:00
|
|
|
$this->status = "400 Bad Request";
|
2022-01-27 15:16:20 +01:00
|
|
|
$this->message = "At least one IP address or panel ID is required.";
|
2022-01-20 11:06:58 +01:00
|
|
|
} else {
|
2022-01-31 20:49:44 +01:00
|
|
|
if ($this->domainRepository->findByName(name: $name)) {
|
2022-01-27 15:16:20 +01:00
|
|
|
$this->header = "400 Bad request";
|
2022-01-20 11:06:58 +01:00
|
|
|
$this->status = "400 Bad request";
|
|
|
|
$this->message = "Domain: $name already exists.";
|
|
|
|
} else {
|
2022-01-31 20:49:44 +01:00
|
|
|
$result = $this->domainRepository->insert(name: $name, panelID: $panelID, a: $a, aaaa: $aaaa);
|
2022-01-20 11:06:58 +01:00
|
|
|
$this->status = "201 Created";
|
|
|
|
$this->message = $result;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @return void
|
|
|
|
*/
|
2022-02-01 20:39:46 +01:00
|
|
|
public
|
|
|
|
function handleDomainPutRequest(): void
|
2022-01-20 11:06:58 +01:00
|
|
|
{
|
|
|
|
$putData = fopen(filename: 'php://input', mode: 'r');
|
2022-01-26 19:36:56 +01:00
|
|
|
$data = fread(stream: $putData, length: 512);
|
|
|
|
$params = explode(separator: '&', string: $data);
|
2022-01-20 11:06:58 +01:00
|
|
|
|
|
|
|
foreach ($params as $param) {
|
2022-01-26 19:36:56 +01:00
|
|
|
[$key, $value] = explode(separator: '=', string: $param);
|
2022-01-20 11:06:58 +01:00
|
|
|
$put[$key] = $value;
|
|
|
|
}
|
|
|
|
$id = $put['id'] ?? 0;
|
|
|
|
$name = $put['name'] ?? "";
|
2022-01-25 20:50:26 +01:00
|
|
|
$panelID = $put['panel_id'] ?? "";
|
2022-01-20 11:06:58 +01:00
|
|
|
$a = $put['a'] ?? "";
|
|
|
|
$aaaa = $put['aaaa'] ?? "";
|
|
|
|
|
|
|
|
if ($id == 0) {
|
|
|
|
$this->status = "400 Bad Request";
|
|
|
|
$this->message = "An ID is required";
|
|
|
|
} else {
|
2022-01-31 20:49:44 +01:00
|
|
|
if (!$this->domainRepository->findByID(id: $id)) {
|
2022-01-20 11:06:58 +01:00
|
|
|
$this->status = "404 Not Found";
|
|
|
|
$this->message = "Domain with ID : $id doesn't exist.";
|
|
|
|
} else {
|
|
|
|
// TODO not required, as we rely on the ID
|
|
|
|
if (empty($name)) {
|
|
|
|
$this->status = "400 Bad Request";
|
|
|
|
$this->message = "A name is required";
|
|
|
|
} else {
|
|
|
|
if (empty($a) && empty($aaaa)) {
|
|
|
|
$this->status = "400 Bad Request";
|
|
|
|
$this->message = "At least one IP address is required.";
|
|
|
|
} else {
|
2022-01-31 20:49:44 +01:00
|
|
|
$this->domainRepository->update(id: $id, name: $panelID, panelID: $name, a: $a, aaaa: $aaaa);
|
2022-01-26 19:36:56 +01:00
|
|
|
$this->header = "201 Updated";
|
2022-01-20 11:06:58 +01:00
|
|
|
$this->status = "201 Updated";
|
2022-01-26 19:36:56 +01:00
|
|
|
$this->message = "201 Updated";
|
2022-01-20 11:06:58 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-02-01 20:39:46 +01:00
|
|
|
|
2022-01-20 11:06:58 +01:00
|
|
|
/**
|
|
|
|
* @return void
|
|
|
|
*/
|
2022-02-01 20:39:46 +01:00
|
|
|
public
|
|
|
|
function handleDomainDeleteRequest(): void
|
2022-01-20 11:06:58 +01:00
|
|
|
{
|
|
|
|
$deleteData = fopen(filename: 'php://input', mode: 'r');
|
2022-01-26 19:36:56 +01:00
|
|
|
$data = fread(stream: $deleteData, length: 512);
|
2022-01-20 11:06:58 +01:00
|
|
|
$params = explode(separator: '&', string: $data);
|
|
|
|
|
|
|
|
foreach ($params as $param) {
|
|
|
|
[$key, $value] = explode(separator: '=', string: $param);
|
|
|
|
$delete[$key] = $value;
|
|
|
|
}
|
|
|
|
|
|
|
|
$id = $delete['id'] ?? 0;
|
|
|
|
|
|
|
|
if ($id == 0) {
|
2022-01-26 19:36:56 +01:00
|
|
|
$this->header = "400 Bad Request";
|
|
|
|
$this->status = "400 Bad Request";
|
2022-01-22 17:32:36 +01:00
|
|
|
$this->message = "You need to supply an ID.";
|
2022-01-20 11:06:58 +01:00
|
|
|
} else {
|
2022-01-31 20:49:44 +01:00
|
|
|
if (!$this->domainRepository->findByID(id: $id)) {
|
2022-01-26 19:36:56 +01:00
|
|
|
$this->header = "400 Bad Request";
|
2022-01-20 11:06:58 +01:00
|
|
|
$this->status = "400 Bad Request";
|
|
|
|
$this->message = "There is no domain with ID $id.";
|
|
|
|
} else {
|
2022-01-31 20:49:44 +01:00
|
|
|
$this->domainRepository->delete(id: $id);
|
2022-01-26 19:36:56 +01:00
|
|
|
$this->header = "204 No content.";
|
2022-01-20 11:06:58 +01:00
|
|
|
$this->status = "204 No content.";
|
|
|
|
$this->message = "The domain $id has been deleted.";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-01-18 19:14:24 +01:00
|
|
|
}
|