try fix webhook

controllers/TshieldWebhookController.php

@@ -31,23 +31,63 @@ class TshieldWebhookController
             ], 'S_IGNORED');
         }
 
-        $externalNumber = $body['number'] ?? $body['token'] ?? null;
-        if (!is_string($externalNumber) || trim($externalNumber) === '') {
-            return ResponseLib::sendFail('Missing analysis number/token in payload.', [], 'E_VALIDATE')->withStatus(400);
+        $number = $body['number'] ?? null;
+        $token = $body['token'] ?? null;
+        $cpf = $body['cpf'] ?? null;
+        $cnpj = $body['cnpj'] ?? null;
+
+        $externalCandidates = [];
+        if (is_string($number) && trim($number) !== '') {
+            $externalCandidates[] = $number;
+        }
+
+        if (empty($externalCandidates) && (!is_string($cpf) || trim($cpf) === '') && (!is_string($cnpj) || trim($cnpj) === '')) {
+            return ResponseLib::sendFail('Missing analysis identifiers (number/cpf/cnpj) in payload.', [], 'E_VALIDATE')->withStatus(400);
+        }
+
+        $updatedRows = 0;
+        $matchedBy = null;
+
+        if (!empty($externalCandidates)) {
+            $updatedRows = $this->model->approveByExternalIds($externalCandidates);
+            if ($updatedRows > 0) {
+                $matchedBy = 'external_id';
+            }
+        }
+
+        if ($updatedRows === 0 && is_string($cpf) && trim($cpf) !== '') {
+            $updatedRows = $this->model->approveByCpf($cpf);
+            if ($updatedRows > 0) {
+                $matchedBy = 'cpf';
+            }
+        }
+
+        if ($updatedRows === 0 && is_string($cnpj) && trim($cnpj) !== '') {
+            $updatedRows = $this->model->approveCompanyOwnerByCnpj($cnpj);
+            if ($updatedRows > 0) {
+                $matchedBy = 'cnpj_company_owner';
+            }
         }
 
-        $updated = $this->model->approveByExternalId($externalNumber);
-        if (!$updated) {
+        if ($updatedRows === 0) {
             return ResponseLib::sendFail(
-                'No user found for provided analysis number.',
-                ['number' => $externalNumber],
+                'No user found to update KYC for this webhook payload.',
+                [
+                    'number' => $number,
+                    'token' => $token,
+                    'cpf' => $cpf,
+                    'cnpj' => $cnpj,
+                ],
                 'E_NOT_FOUND'
             )->withStatus(404);
         }
 
         return ResponseLib::sendOk([
             'processed' => true,
-            'number' => $externalNumber,
+            'updated_rows' => $updatedRows,
+            'matched_by' => $matchedBy,
+            'number' => $number,
+            'token' => $token,
         ]);
     }
 }

models/TshieldWebhookModel.php

@@ -23,4 +23,77 @@ class TshieldWebhookModel
         $stmt->execute(['external_id' => $externalId]);
         return $stmt->rowCount() > 0;
     }
+
+    public function approveByExternalIds(array $externalIds): int
+    {
+        $ids = [];
+        foreach ($externalIds as $id) {
+            if (!is_string($id)) {
+                continue;
+            }
+            $trimmed = trim($id);
+            if ($trimmed === '') {
+                continue;
+            }
+            $ids[$trimmed] = true;
+        }
+        $ids = array_keys($ids);
+        if (empty($ids)) {
+            return 0;
+        }
+
+        $placeholders = [];
+        $params = [];
+        foreach ($ids as $idx => $value) {
+            $key = ':id' . $idx;
+            $placeholders[] = $key;
+            $params[$key] = $value;
+        }
+
+        $sql = 'UPDATE "user" SET user_kyc = 1 '
+            . 'WHERE user_flag = \'a\' AND kyc_external_id IN (' . implode(',', $placeholders) . ')';
+
+        $stmt = $this->pdo->prepare($sql);
+        $stmt->execute($params);
+        return $stmt->rowCount();
+    }
+
+    public function approveByCpf(string $cpf): int
+    {
+        $cpf = preg_replace('/\D+/', '', $cpf);
+        $cpf = trim((string)$cpf);
+        if ($cpf === '') {
+            return 0;
+        }
+
+        $stmt = $this->pdo->prepare(
+            'UPDATE "user" '
+            . 'SET user_kyc = 1 '
+            . 'WHERE user_flag = \'a\' '
+            . '  AND regexp_replace(user_cpf, \'\\D\', \'\', \'g\') = :cpf'
+        );
+        $stmt->execute(['cpf' => $cpf]);
+        return $stmt->rowCount();
+    }
+
+    public function approveCompanyOwnerByCnpj(string $cnpj): int
+    {
+        $cnpj = preg_replace('/\D+/', '', $cnpj);
+        $cnpj = trim((string)$cnpj);
+        if ($cnpj === '') {
+            return 0;
+        }
+
+        $stmt = $this->pdo->prepare(
+            'UPDATE "user" u '
+            . 'SET user_kyc = 1 '
+            . 'FROM "company" c '
+            . 'WHERE u.company_id = c.company_id '
+            . '  AND regexp_replace(c.company_cnpj, \'\\D\', \'\', \'g\') = :cnpj '
+            . '  AND u.role_id = 1 '
+            . '  AND u.user_flag = \'a\''
+        );
+        $stmt->execute(['cnpj' => $cnpj]);
+        return $stmt->rowCount();
+    }
 }

services/TshieldService.php

@@ -70,7 +70,7 @@ class TshieldService
         $linkPayload = $this->buildIndividualLinkPayload($analysisPayload, $linkPayload);
         $linkResponse = $this->createLink($this->validationIdPf, $linkPayload);
         $analysisNumber = $linkResponse['number']
-            ?? ($linkResponse['data']['number'] ?? ($linkResponse['data']['token'] ?? null));
+            ?? ($linkResponse['data']['number'] ?? null);
 
         if (!$analysisNumber) {
             throw new \RuntimeException(sprintf(