src/Service/Internal/CoreApiService.php line 169

Open in your IDE?
  1. <?php
  3. namespace App\Service\Internal;
  5. use App\Model\WsResponse;
  6. use App\Normalizer\QueryParametersNormalizer;
  7. use App\Security\KasUserAuthenticator;
  8. use Psr\Log\LoggerInterface;
  9. use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;
  10. use Symfony\Component\HttpFoundation\RequestStack;
  11. use Symfony\Component\Routing\RouterInterface;
  12. use Unirest;
  13. use App\Exception\RedirectException;
  14. use Symfony\Component\HttpFoundation\RedirectResponse;
  16. class CoreApiService
  17. {
  18. public const HTTP_CROSS_SITE = 'cross-site';
  19. public const HTTP_SAME_SITE = 'same-site';
  21. public const PUBLIC_ACCESS_TOKEN = 'public_access_token';
  22. public const USER_ACCESS_TOKEN = 'user_access_token';
  23. public const APP_ACCESS_TOKEN = 'app_access_token';
  24. public const APPLICATION_ID = 'application_id';
  26. public const CALLER_TYPE_USER = 'client';
  27. public const CALLER_TYPE_PUBLIC = 'public';
  28. public const CALLER_TYPE_APP = 'app';
  30. public const MAPPING_LOCALES = [
  31. 'en' => 'en_US',
  32. 'fr' => 'fr_FR',
  33. 'it' => 'it_IT',
  34. 'ar' => 'ar_AR',
  35. 'ja' => 'ja_JP',
  36. 'nl' => 'nl_NL',
  37. 'eu' => 'eu_ES'
  38. ];
  40. public const CALL_FUNCTION_NAME = [
  41. 'test' => 'testCall',
  42. 'local' => 'realCall',
  43. 'dev' => 'realCall',
  44. 'preprod' => 'realCall',
  45. 'prod' => 'realCall'
  46. ];
  48. public const NTW_NOT_LOADED_MSG = 'NETWORK_NOT_LOADED';
  50. /**
  51. * @var ParameterBagInterface
  52. */
  53. protected $params;
  55. /**
  56. * @var LoggerInterface
  57. */
  58. private $logger;
  60. /**
  61. * @var string
  62. */
  63. private $env;
  65. /**
  66. * @var RequestStack
  67. */
  68. private $requestStack;
  70. /**
  71. * @var RouterInterface
  72. */
  73. private $router;
  75. /**
  76. * @var QueryParametersNormalizer
  77. */
  78. private $queryParametersNormalizer;
  80. private bool $accountModule;
  82. public function __construct(
  83. ParameterBagInterface $parameterBag,
  84. LoggerInterface $logger,
  85. string $env,
  86. RequestStack $requestStack,
  87. RouterInterface $router,
  88. QueryParametersNormalizer $queryParameterNormalizer,
  89. bool $accountModule
  90. ) {
  91. $this->params = $parameterBag;
  92. $this->logger = $logger;
  93. $this->env = $env;
  94. $this->requestStack = $requestStack;
  95. $this->router = $router;
  96. $this->queryParametersNormalizer = $queryParameterNormalizer;
  97. $this->accountModule = $accountModule;
  98. }
  100. /**
  101. * @param String|null $callerType type of user who is calling this webservice. Used to get the right token
  102. * @param String $method ex: "GET", "POST", ...
  103. * @param String $webServiceRoute ex : "/InstantCore/v1/GetNetwork" : used to get the ApiProvider for unit tests
  104. * @param String $webServicePath ex : "/InstantUser/v1/communities/" ; $config->apiUrl is automatically added
  105. * @param array $headers Content-Type and Authorization are setted to "application/json" and Token::getUserAuthToken() if missing
  106. * @param array $params key is setted to $networkId if missing
  107. * @param array|string $body
  108. * @param array|null $options Available options :
  109. * - debug : boolean (false) : additionnal logs if true
  110. * - rawBody : boolean (false) : if false, $body is an array; it's json encoded; if $true, body is a String and passed as is to webservice
  111. * @return WsResponse WsResponse object with :
  112. * - status = -1 if an error occurs while try to connect, http status code otherwise
  113. * - errorMessage = null if $httpStatusCode is like "2xx"
  114. * - response = null if $httpStatusCode is not like "2xx"
  115. * TODO : add option 'throwExceptionIfError' with default value (true ?)
  116. * @throws \Exception
  117. */
  118. public function realCall(
  119. $callerType,
  120. string $method,
  121. string $webServiceRoute,
  122. string $webServicePath,
  123. array $headers,
  124. array $params,
  125. $body = null,
  126. array $options = null
  127. ): WsResponse {
  128. $debug = isset($options['debug']) ? $options['debug'] : false;
  129. $rawBody = isset($options['rawBody']) ? $options['rawBody'] : false;
  131. $request = $this->requestStack->getCurrentRequest();
  132. $session = $request->getSession();
  134. $xHeaders = $session->get('xHeaders');
  135. $sessionToken = $session->get('token');
  136. $context = $session->get('context');
  137. $applicationId = $session->get(static::APPLICATION_ID);
  140. $sessionCountModes = $session->get('count_modes');
  141. $countModes = isset($sessionCountModes) ? $sessionCountModes : "0";
  142. $journeyWs = strpos($webServicePath, 'v3/journeys');
  144. if ($journeyWs) {
  145. $data = $body;
  146. $json = json_decode($data);
  148. $isJourney = true;
  149. $session->set('count_modes', $countModes + 1);
  150. } else {
  151. $isJourney = false;
  152. }
  154. $secFetchSite = $request->headers->get('sec-fetch-site');
  155. if (
  156. !in_array($secFetchSite, [self::HTTP_CROSS_SITE, self::HTTP_SAME_SITE])
  157. && 'WIDGET' === $session->get('context')
  158. ) {
  159. $session->set('context', 'SIM');
  160. } elseif (in_array($secFetchSite, [self::HTTP_CROSS_SITE, self::HTTP_SAME_SITE])) {
  161. $session->set('context', 'WIDGET');
  162. }
  164. $request = $this->requestStack->getCurrentRequest();
  165. $headers['calling-url'] = $request->getSchemeAndHttpHost() . $request->getRequestUri();
  167. $token = isset($sessionToken) ? $sessionToken : null;
  168. if (
  169. $session->get('context') == 'WIDGET'
  170. || !$session->get('context')
  171. || ($session->get('context') == 'WIDGET' && $isJourney)
  172. || (!$session->get('context') && $isJourney)
  173. || ($token && $isJourney)
  174. ) {
  175. $headers['x-widget-id'] = isset($xHeaders['x-widget-id']) ? $xHeaders['x-widget-id'] : null;
  176. $headers['referer'] = isset($xHeaders['x-referer']) ? $xHeaders['x-referer'] : null;
  177. $headers['origin'] = isset($xHeaders['x-origin']) ? $xHeaders['x-origin'] : null;
  180. if ($isJourney && $sessionCountModes >= $json->countModes - 1) {
  181. $session->remove('token');
  182. $session->remove('count_modes');
  183. }
  184. }
  186. $headers['user-agent'] = $request->headers->get('user-agent');
  188. $locales = $this->params->get('language.supported');
  189. $locale = $this->requestStack->getCurrentRequest()->attributes->get('_locale');
  190. $defaultLocale = $this->requestStack->getCurrentRequest()->getDefaultLocale();
  192. if(!isset($headers['accept-language'])) {
  193. $headers['accept-language'] = self::MAPPING_LOCALES[$defaultLocale];
  194. if (in_array($locale, $locales) && !empty(self::MAPPING_LOCALES[$locale])) {
  195. $headers['accept-language'] = self::MAPPING_LOCALES[$locale];
  196. }
  197. }
  199. if ($applicationId) {
  200. $headers ['application-id'] = $applicationId;
  201. }
  203. if (!isset($headers['Content-Type'])) {
  204. $headers ['Content-Type'] = 'application/json';
  205. }
  206. $headers['X-Consumer-ID'] = 'sim';
  208. // This wont be necessary and even won't work if account module is not activated for this network !
  209. if (!isset($headers['Authorization']) && !is_null($callerType) && $this->accountModule) {
  210. switch ($callerType) {
  211. case self::CALLER_TYPE_USER:
  212. $token = $this->getUserAuthToken();
  213. break;
  214. case self::CALLER_TYPE_PUBLIC:
  215. $token = $this->getPublicAuthToken();
  216. break;
  217. case self::CALLER_TYPE_APP:
  218. $token = $this->getAppAuthToken();
  219. break;
  220. default:
  221. $this->logger->error('[ERROR] WebService : unknown caller type');
  222. throw new \Exception('WebService : unknown caller type');
  223. }
  225. if (isset($token->token_type) && isset($token->access_token)) {
  226. $headers['Authorization'] = $token->token_type . ' ' . $token->access_token;
  227. }
  229. if ($this->params->get('global.login_mode') == KasUserAuthenticator::LOGIN_MODE) {
  230. $userToken = $session->get(CoreApiService::USER_ACCESS_TOKEN);
  231. $cookieValue = $request->cookies->get('applicativeToken');
  232. $applicativeToken = $cookieValue !== null ? json_decode($cookieValue) : null;
  233. $applicativeToken = $applicativeToken ?? $session->get(static::PUBLIC_ACCESS_TOKEN);
  234. if ($userToken) {
  235. $token = $userToken;
  236. $accessToken = $userToken->accessToken;
  237. $tokenType = (empty($userToken->tokenType)) || $userToken->tokenType == "" ? 'Bearer' : $userToken->tokenType;
  238. $headers['Authorization'] = $tokenType . ' ' . $accessToken;
  239. } elseif ($applicativeToken) {
  240. $token = $applicativeToken;
  241. $accessToken = $applicativeToken->accessToken;
  242. $tokenType = (empty($applicativeToken->tokenType)) || $applicativeToken->tokenType == "" ? 'Bearer' : $applicativeToken->tokenType;
  243. $headers['Authorization'] = $tokenType . ' ' . $accessToken;
  244. }
  245. }
  247. if (empty($token)) {
  248. $this->logger->error('[ERROR] WebService : token not found');
  249. }
  250. }
  252. $query = $webServicePath;
  253. $body = (empty($body) ? null : ($rawBody ? $body : json_encode($body)));
  254. if ($debug) {
  255. $this->logger->info("WS $method $query with args : " . print_r($params), []);
  256. }
  258. if (!empty($params)) {
  259. $params = $this->queryParametersNormalizer->normalize($params);
  260. $query .= "?" . http_build_query($params, '', '&', PHP_QUERY_RFC3986);
  261. }
  263. $error_message = "";
  264. $httpStatusCode = "";
  265. $responseBody = "";
  267. try {
  268. $wsResponse = $this->callRest($method, $query, $headers, $body);
  270. if ($wsResponse->code == 503 &&
  271. (isset($wsResponse->body->message) && ($wsResponse->body->message == 'TICKETING_NOT_ACTIVE' ||
  272. $wsResponse->body->message == 'FINE_NOT_ACTIVE'))) {
  273. throw new RedirectException(
  274. new RedirectResponse(
  275. $this->router->generate(
  276. "message_info",
  277. array('message' => $wsResponse->body->message)
  278. )
  279. )
  280. );
  281. }
  283. $responseBody = null;
  284. $httpStatusCode = $wsResponse->code;
  285. if (substr($httpStatusCode, 0, 1) != "2") { // status != 2xx
  286. $responseBody = $wsResponse->body;
  287. $this->logger->error("WS $method $webServicePath (" . $httpStatusCode . ")");
  288. } else {
  289. $responseBody = $wsResponse->body;
  290. }
  291. if ($debug) {
  292. $this->logger->info("WS $method $query returns ($httpStatusCode) " . print_r($responseBody, true));
  293. }
  294. } catch (Unirest\Exception $exc) {
  295. $error_message = $exc;
  296. $this->logger->error("WS $method $webServicePath : error : " . $error_message);
  297. }
  299. if (!empty($responseBody) && (is_array($responseBody) || is_object($responseBody))) {
  300. $responseBody = $this->parseResponse($responseBody);
  301. }
  303. return new WsResponse($responseBody, $httpStatusCode, $error_message);
  304. }
  306. /**
  307. * @return mixed|null|String
  308. * @throws \Exception
  309. */
  310. public function getUserAuthToken()
  311. {
  312. $result = $this->requestStack->getSession()->get(static::USER_ACCESS_TOKEN);
  313. if (!$result) {
  314. $token = static::getPublicAuthToken();
  315. return $token;
  316. }
  317. return $result;
  318. }
  320. /**
  321. * @return mixed|null|String
  322. * @throws \Exception
  323. */
  324. public function getPublicAuthToken()
  325. {
  326. $session = $this->requestStack->getSession();
  327. $token = $session->get(static::PUBLIC_ACCESS_TOKEN);
  329. if ($this->params->get('global.login_mode') == KasUserAuthenticator::LOGIN_MODE) {
  330. if ($token) {
  331. $now = time();
  332. $diff = $token->expirationDate - $now;
  333. if ($diff > 30 && $diff < 90) {
  334. $token = $this->getKasAppToken();
  335. } elseif ($diff < 0) {
  336. $session->invalidate();
  337. $token = $this->getKasAppToken();
  338. }
  339. } else {
  340. $token = $this->getKasAppToken();
  341. }
  342. } elseif (!$token) {
  343. $clientId = $this->params->get('ws_client_id');
  344. $secret = $this->params->get('ws_secret');
  345. $hash_auth = base64_encode($clientId . ":" . $secret);
  346. $route = '';
  347. $url = $this->getApiUserUrl() . '/oauth/token';
  348. $headers = ['Authorization' => 'Basic ' . $hash_auth];
  349. $params = ['grant_type' => 'client_credentials'];
  351. $wsResponse = $this->call(
  352. null,
  353. 'GET',
  354. $route,
  355. $url,
  356. $headers,
  357. $params
  358. );
  360. if ($wsResponse->isError()) {
  361. $this->logger->error(
  362. '[ERROR] Get public token : ' . $wsResponse->errorMessage . ' (' . $wsResponse->status . ')'
  363. );
  364. return null;
  365. }
  366. $token = $wsResponse->body;
  367. $session->set(static::PUBLIC_ACCESS_TOKEN, $token);
  368. }
  370. return $token;
  371. }
  373. public function getKasAppToken()
  374. {
  375. $networkId = $this->params->get('network_id');
  376. $url = $this->getApiKasUrl() . '/v1/networks/' . $networkId . '/login';
  378. $body = [
  379. 'clientId' => $this->params->get('kasClientId'),
  380. 'clientSecret' => $this->params->get('kasSecret'),
  381. 'grantType' => 'client_credentials'
  382. ];
  384. $wsResponse = $this->call(
  385. null,
  386. 'POST',
  387. '',
  388. $url,
  389. [],
  390. [],
  391. $body
  392. );
  394. if ($wsResponse->isError()) {
  395. $this->logger->error(
  396. '[ERROR] Get public token : ' . $wsResponse->errorMessage . ' (' . $wsResponse->status . ')'
  397. );
  398. return null;
  399. }
  401. $token = $this->encryptResponseToken($wsResponse->body);
  402. $this->requestStack->getSession()->set(static::PUBLIC_ACCESS_TOKEN, $token);
  404. return $token;
  405. }
  407. private function encryptResponseToken($response)
  408. {
  409. $token = $response->accessToken;
  410. $tokenParts = explode(".", $token);
  411. $tokenPayload = base64_decode($tokenParts[1]);
  412. $jwtPayload = json_decode($tokenPayload);
  413. $response->expirationDate = $jwtPayload->exp;
  415. return $response;
  416. }
  418. /**
  419. * @param String|null $callerType
  420. * @param String $method
  421. * @param String $webServiceRoute
  422. * @param String $webServicePath
  423. * @param array $headers
  424. * @param array $params
  425. * @param array|string $body
  426. * @param array|null $options
  427. *
  428. * @return WsResponse
  429. *
  430. * @throws \Exception
  431. */
  432. public function call(
  433. $callerType,
  434. string $method,
  435. string $webServiceRoute,
  436. string $webServicePath,
  437. array $headers,
  438. array $params,
  439. $body = null,
  440. array $options = null
  441. ): WsResponse {
  442. return call_user_func(
  443. [$this, self::CALL_FUNCTION_NAME[$this->env]],
  444. $callerType,
  445. $method,
  446. $webServiceRoute,
  447. $webServicePath,
  448. $headers,
  449. $params,
  450. $body,
  451. $options
  452. );
  453. }
  455. public function getApiUserUrl()
  456. {
  457. return $this->params->get('api_user_url');
  458. }
  460. /**
  461. * @return mixed|null|String
  462. * @throws \Exception
  463. */
  464. public function getAppAuthToken()
  465. {
  466. $session = $this->requestStack->getSession();
  467. $token = $session->get(static::APP_ACCESS_TOKEN);
  469. if ($token == null) {
  470. $clientId = "instant-core";
  471. $secret = "Ohsaisoh5yai";
  472. $hash_auth = base64_encode($clientId . ":" . $secret);
  473. $route = '';
  474. $url = $this->getApiUserUrl() . '/oauth/token';
  475. $headers = ['Authorization' => 'Basic ' . $hash_auth];
  476. $params = ['grant_type' => 'client_credentials'];
  478. $wsResponse = $this->call(
  479. null,
  480. 'GET',
  481. $route,
  482. $url,
  483. $headers,
  484. $params
  485. );
  487. if ($wsResponse->isError()) {
  488. $this->logger->error(
  489. '[ERROR] Get public token : ' . $wsResponse->errorMessage . ' (' . $wsResponse->status . ')'
  490. );
  491. return null;
  492. }
  493. $token = $wsResponse->body;
  494. $session->set(static::APP_ACCESS_TOKEN, $token);
  495. }
  496. return $token;
  497. }
  499. /**
  500. * @param string $mode
  501. * @param string $url
  502. * @param array $headers
  503. * @param array|string $body
  504. * @return Unirest\Response
  505. */
  506. static function callRest($mode, $url, $headers, $body)
  507. {
  508. // Disables SSL cert validation temporary
  509. Unirest\Request::verifyPeer(false);
  510. switch (\strtoupper($mode)) {
  511. case "GET":
  512. $response = Unirest\Request::get($url, $headers, $body);
  513. break;
  514. case "POST":
  515. $response = Unirest\Request::post($url, $headers, $body);
  516. break;
  517. case "PUT":
  518. $response = Unirest\Request::put($url, $headers, $body);
  519. break;
  520. case "DELETE":
  521. $response = Unirest\Request::delete($url, $headers, $body);
  522. break;
  523. default:
  524. $response = [];
  525. break;
  526. }
  528. return $response;
  529. }
  531. private function parseResponse($responseBody)
  532. {
  533. return $this->updateDateTimeField($responseBody);
  534. }
  536. private function updateDateTimeField(&$responseBody)
  537. {
  538. $fieldsFound = [];
  540. // Search DateTimeIso8601 field on the body response
  541. foreach ($responseBody as $k => &$v) {
  542. if (is_array($v)) {
  543. $v = $this->updateDateTimeField($v);
  544. } else {
  545. if (preg_match('/(.*DateTimeIso8601.*)/i', $k, $matches)) {
  546. $fieldsFound[] = $matches[1];
  547. }
  548. }
  549. }
  551. // Replace values of xxxDateTime by xxxDateTimeIso8601
  552. if (!empty($fieldsFound)) {
  553. foreach ($fieldsFound as $index) {
  554. $responseBody = $this->replaceDateTimeInsensitive($responseBody, $index);
  555. }
  556. }
  558. return $responseBody;
  559. }
  561. private function replaceDateTimeInsensitive($responseBody, $subject)
  562. {
  563. $replaces = [
  564. str_replace('Iso8601', '', $subject), // Original field is xxxDateTime
  565. str_replace('TimeIso8601', '', $subject), // Sometimes original fields have xxxDate instead of xxxDateTime
  566. str_replace('DateTimeIso8601', '', $subject), // Sometimes original field have xxx instead of xxxDateTime
  567. ];
  569. foreach ($replaces as $replaceIndex) {
  570. // Break when found occurence, no need to go further
  571. if (isset($responseBody->{$replaceIndex})) {
  572. // Match case
  573. $responseBody->{$replaceIndex} = $responseBody->{$subject};
  574. break;
  575. } elseif (isset($responseBody->{strtolower($replaceIndex)})) {
  576. // Case insensitive
  577. $responseBody->{strtolower($replaceIndex)} = $responseBody->{$subject};
  578. break;
  579. }
  580. }
  582. return $responseBody;
  583. }
  585. public function getApiCoreUrl()
  586. {
  587. return $this->params->get('api_core_url');
  588. }
  590. public function getApiDataUrl()
  591. {
  592. return $this->params->get('api_data_url');
  593. }
  595. public function getApiNotificationUrl()
  596. {
  597. return $this->params->get('api_notification_url');
  598. }
  600. public function getApiMaasUrl()
  601. {
  602. return $this->params->get('api_maas_url');
  603. }
  605. public function getUserWebUrl()
  606. {
  607. return $this->params->get('userweb_url');
  608. }
  610. public function getApiKasUrl()
  611. {
  612. return $this->params->get('api_kas_url');
  613. }
  615. public function getApiAddressUrl()
  616. {
  617. return $this->params->get('api_address_url');
  618. }
  619. }