requestMethod = strtoupper($requestMethod); $this->domainController = new DomainController($this->databaseConnection); } /** * @return void */ public function processRequest() { if (empty($this->uri[2]) || !(($this->uri[2] == 'domains') || $this->uri[2] == 'ping')) { $this->status = "404 Not Found"; $this->message = "Endpoint not found."; } else { if ($this->checkPassword()) { if ($this->uri[2] == "ping") { $this->status = 'pong'; } else { try { match ($this->requestMethod) { 'GET' => $this->handleDomainGetRequest(), 'POST' => $this->handleDomainPostRequest(), 'PUT' => $this->handleDomainPutRequest(), 'DELETE' => $this->handleDomainDeleteRequest() }; } catch(UnhandledMatchError) { $this->status = "400 Bad Request"; $this->message = "unknown request method: $this->requestMethod"; } } } } if (!empty($this->result)) { echo json_encode($this->result); } else { if ($this->status == 'pong') { echo json_encode([ 'response' => $this->status ]); } else { echo json_encode([ 'status' => $this->status ?? "Error: No status", 'message' => $this->message ?? "Error: No message." ]); } } } /** * @return bool */ public function checkPassword(): bool { $headers = array_change_key_case(getallheaders(), CASE_UPPER); $apiKey = $headers['X-API-KEY'] ?? ""; if (empty($apiKey)) { $this->status = "401 Unauthorized"; $this->message = "API key is missing."; return false; } else { [$prefix,] = explode('.', $apiKey); $apiUsers = new ApiKeys($this->databaseConnection); $apiResult = $apiUsers->findByPrefix($prefix); $storedHash = $apiResult['api_token']; if (!password_verify($apiKey, $storedHash)) { $this->status = "401 Unauthorized"; $this->message = "API key mismatch."; return false; } } return true; } /** * @return void */ public function handleDomainGetRequest(): void { if (empty($this->uri[3])) { $this->result = $this->domainController->findAll(); } else { if ($result = $this->domainController->findByID(intval($this->uri[3]))) { $this->result = $result; } else { $this->status = "404 Not Found "; $this->message = "The specified domain was not found."; } } } /** * @return void */ public function handleDomainPostRequest(): void { $name = $_POST['name'] ?? ''; $a = $_POST['a'] ?? ''; $aaaa = $_POST['aaaa'] ?? ''; if (empty($name)) { $this->status = "400 Bad Request"; $this->message = "A name is required"; } else { if (empty($a) && empty($aaaa)) { $this->status = "400 Bad Request"; $this->message = "At least one IP address is required."; } else { if ($this->domainController->findByName($name)) { $this->status = "400 Bad request"; $this->message = "Domain: $name already exists."; } else { $result = $this->domainController->insert($name, $a, $aaaa); $this->status = "201 Created"; $this->message = $result; } } } } /** * @return void */ public function handleDomainPutRequest(): void { $putData = fopen(filename: 'php://input', mode: 'r'); $data = fread($putData, 512); $params = explode('&', $data); foreach ($params as $param) { [$key, $value] = explode('=', $param); $put[$key] = $value; } $id = $put['id'] ?? 0; $name = $put['name'] ?? ""; $a = $put['a'] ?? ""; $aaaa = $put['aaaa'] ?? ""; if ($id == 0) { $this->status = "400 Bad Request"; $this->message = "An ID is required"; } else { if (!$this->domainController->findByID($id)) { $this->status = "404 Not Found"; $this->message = "Domain with ID : $id doesn't exist."; } else { // TODO not required, as we rely on the ID if (empty($name)) { $this->status = "400 Bad Request"; $this->message = "A name is required"; } else { if (empty($a) && empty($aaaa)) { $this->status = "400 Bad Request"; $this->message = "At least one IP address is required."; } else { $dcResult = $this->domainController->update($id, $name, $a, $aaaa); $this->status = "201 Updated"; $this->message = $dcResult; } } } } } /** * @return void */ public function handleDomainDeleteRequest(): void { $deleteData = fopen(filename: 'php://input', mode: 'r'); $data = fread($deleteData, length: 512); $params = explode(separator: '&', string: $data); foreach ($params as $param) { [$key, $value] = explode(separator: '=', string: $param); $delete[$key] = $value; } $id = $delete['id'] ?? 0; if ($id == 0) { $this->status = "404 Bad Request"; $this->message = "You need to supply an ID."; } else { if (!$this->domainController->findByID($id)) { $this->status = "400 Bad Request"; $this->message = "There is no domain with ID $id."; } else { $this->domainController->delete($id); $this->status = "204 No content."; $this->message = "The domain $id has been deleted."; } } } }