|
|
@@ -4,280 +4,50 @@ namespace Controllers;
|
|
|
|
|
|
use Libs\ResponseLib;
|
|
|
use Models\TshieldWebhookModel;
|
|
|
-use Psr\Http\Message\ResponseInterface;
|
|
|
use Psr\Http\Message\ServerRequestInterface;
|
|
|
|
|
|
class TshieldWebhookController
|
|
|
{
|
|
|
private TshieldWebhookModel $model;
|
|
|
- private string $logFilePath;
|
|
|
|
|
|
public function __construct()
|
|
|
{
|
|
|
$this->model = new TshieldWebhookModel();
|
|
|
- $this->logFilePath = $this->resolveLogFilePath($_ENV['TSHIELD_WEBHOOK_LOG_FILE'] ?? null);
|
|
|
}
|
|
|
|
|
|
public function __invoke(ServerRequestInterface $request)
|
|
|
{
|
|
|
- $requestId = $this->generateRequestId();
|
|
|
+ $body = json_decode((string)$request->getBody(), true);
|
|
|
|
|
|
- $rawBody = (string)$request->getBody();
|
|
|
- if ($rawBody === '') {
|
|
|
- $rawBody = (string)file_get_contents('php://input');
|
|
|
+ if (!is_array($body)) {
|
|
|
+ return ResponseLib::sendFail('Invalid JSON payload.', [], 'E_VALIDATE')->withStatus(400);
|
|
|
}
|
|
|
|
|
|
- $this->logReceipt($request, $requestId, $rawBody);
|
|
|
-
|
|
|
- $body = json_decode($rawBody, true);
|
|
|
-
|
|
|
- try {
|
|
|
- if (!is_array($body)) {
|
|
|
- $response = ResponseLib::sendFail('Invalid JSON payload.', [], 'E_VALIDATE')->withStatus(400);
|
|
|
- $this->logWebhook($request, $requestId, $rawBody, null, $response, ['result' => 'invalid_json']);
|
|
|
- return $response;
|
|
|
- }
|
|
|
-
|
|
|
- $statusDescription = $body['status']['status'] ?? null;
|
|
|
- if ($statusDescription !== 'Aprovado') {
|
|
|
- $response = ResponseLib::sendOk([
|
|
|
- 'processed' => false,
|
|
|
- 'reason' => 'Status not approved. No action taken.',
|
|
|
- ], 'S_IGNORED');
|
|
|
- $this->logWebhook($request, $requestId, $rawBody, $body, $response, [
|
|
|
- 'result' => 'ignored',
|
|
|
- 'status_description' => $statusDescription,
|
|
|
- ]);
|
|
|
- return $response;
|
|
|
- }
|
|
|
-
|
|
|
- $externalNumber = $body['number'] ?? $body['token'] ?? null;
|
|
|
- if (!is_string($externalNumber) || trim($externalNumber) === '') {
|
|
|
- $response = ResponseLib::sendFail('Missing analysis number/token in payload.', [], 'E_VALIDATE')->withStatus(400);
|
|
|
- $this->logWebhook($request, $requestId, $rawBody, $body, $response, ['result' => 'missing_number']);
|
|
|
- return $response;
|
|
|
- }
|
|
|
-
|
|
|
- $updated = $this->model->approveByExternalId($externalNumber);
|
|
|
- if (!$updated) {
|
|
|
- $response = ResponseLib::sendFail(
|
|
|
- 'No user found for provided analysis number.',
|
|
|
- ['number' => $externalNumber],
|
|
|
- 'E_NOT_FOUND'
|
|
|
- )->withStatus(404);
|
|
|
- $this->logWebhook($request, $requestId, $rawBody, $body, $response, [
|
|
|
- 'result' => 'not_found',
|
|
|
- 'number' => $externalNumber,
|
|
|
- ]);
|
|
|
- return $response;
|
|
|
- }
|
|
|
-
|
|
|
- $response = ResponseLib::sendOk([
|
|
|
- 'processed' => true,
|
|
|
- 'number' => $externalNumber,
|
|
|
- ]);
|
|
|
- $this->logWebhook($request, $requestId, $rawBody, $body, $response, [
|
|
|
- 'result' => 'updated',
|
|
|
- 'number' => $externalNumber,
|
|
|
- ]);
|
|
|
- return $response;
|
|
|
- } catch (\Throwable $e) {
|
|
|
- $response = ResponseLib::sendFail('Webhook processing error.', [
|
|
|
- 'request_id' => $requestId,
|
|
|
- 'error' => $e->getMessage(),
|
|
|
- ], 'E_WEBHOOK')->withStatus(500);
|
|
|
- $this->logWebhook($request, $requestId, $rawBody, is_array($body) ? $body : null, $response, [
|
|
|
- 'result' => 'exception',
|
|
|
- 'exception' => [
|
|
|
- 'message' => $e->getMessage(),
|
|
|
- 'type' => get_class($e),
|
|
|
- ],
|
|
|
- ]);
|
|
|
- return $response;
|
|
|
- }
|
|
|
- }
|
|
|
-
|
|
|
- private function generateRequestId(): string
|
|
|
- {
|
|
|
- try {
|
|
|
- return bin2hex(random_bytes(16));
|
|
|
- } catch (\Throwable $e) {
|
|
|
- return uniqid('tshield_', true);
|
|
|
- }
|
|
|
- }
|
|
|
-
|
|
|
- private function logWebhook(
|
|
|
- ServerRequestInterface $request,
|
|
|
- string $requestId,
|
|
|
- string $rawBody,
|
|
|
- ?array $decodedBody,
|
|
|
- ResponseInterface $response,
|
|
|
- array $extra = []
|
|
|
- ): void {
|
|
|
- $ts = (new \DateTimeImmutable())->format('c');
|
|
|
- $serverParams = $request->getServerParams();
|
|
|
- $ip = $serverParams['REMOTE_ADDR'] ?? null;
|
|
|
- $method = $request->getMethod();
|
|
|
- $uri = (string)$request->getUri();
|
|
|
-
|
|
|
- $responseBody = $this->getResponseBodyForLog($response);
|
|
|
-
|
|
|
- $entry = [
|
|
|
- 'ts' => $ts,
|
|
|
- 'service' => 'tshield_webhook',
|
|
|
- 'request_id' => $requestId,
|
|
|
- 'method' => $method,
|
|
|
- 'uri' => $uri,
|
|
|
- 'ip' => $ip,
|
|
|
- 'log_file' => $this->logFilePath,
|
|
|
- 'request_raw' => $rawBody,
|
|
|
- 'request_json' => $decodedBody,
|
|
|
- 'response_status' => $response->getStatusCode(),
|
|
|
- 'response_body' => $responseBody,
|
|
|
- ];
|
|
|
-
|
|
|
- if (!empty($extra)) {
|
|
|
- $entry['context'] = $extra;
|
|
|
- }
|
|
|
-
|
|
|
- $encoded = json_encode($entry, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
|
|
|
- if ($encoded === false) {
|
|
|
- $encoded = '{"ts":"' . $ts . '","service":"tshield_webhook","request_id":"' . $requestId . '","error":"unable_to_encode_log"}';
|
|
|
+ $statusDescription = $body['status']['status'] ?? null;
|
|
|
+ if ($statusDescription !== 'Aprovado') {
|
|
|
+ return ResponseLib::sendOk([
|
|
|
+ 'processed' => false,
|
|
|
+ 'reason' => 'Status not approved. No action taken.',
|
|
|
+ ], 'S_IGNORED');
|
|
|
}
|
|
|
|
|
|
- $this->appendLogLine($encoded);
|
|
|
-
|
|
|
- error_log('[TShieldWebhook] ' . $encoded);
|
|
|
- }
|
|
|
-
|
|
|
- private function logReceipt(ServerRequestInterface $request, string $requestId, string $rawBody): void
|
|
|
- {
|
|
|
- $ts = (new \DateTimeImmutable())->format('c');
|
|
|
- $serverParams = $request->getServerParams();
|
|
|
- $ip = $serverParams['REMOTE_ADDR'] ?? null;
|
|
|
- $method = $request->getMethod();
|
|
|
- $uri = (string)$request->getUri();
|
|
|
-
|
|
|
- $entry = [
|
|
|
- 'ts' => $ts,
|
|
|
- 'service' => 'tshield_webhook',
|
|
|
- 'event' => 'received',
|
|
|
- 'request_id' => $requestId,
|
|
|
- 'method' => $method,
|
|
|
- 'uri' => $uri,
|
|
|
- 'ip' => $ip,
|
|
|
- 'log_file' => $this->logFilePath,
|
|
|
- 'request_raw' => $rawBody,
|
|
|
- ];
|
|
|
-
|
|
|
- $encoded = json_encode($entry, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
|
|
|
- if ($encoded === false) {
|
|
|
- $encoded = '{"ts":"' . $ts . '","service":"tshield_webhook","event":"received","request_id":"' . $requestId . '","error":"unable_to_encode_log"}';
|
|
|
+ $externalNumber = $body['number'] ?? $body['token'] ?? null;
|
|
|
+ if (!is_string($externalNumber) || trim($externalNumber) === '') {
|
|
|
+ return ResponseLib::sendFail('Missing analysis number/token in payload.', [], 'E_VALIDATE')->withStatus(400);
|
|
|
}
|
|
|
|
|
|
- $this->appendLogLine($encoded);
|
|
|
-
|
|
|
- error_log('[TShieldWebhook] ' . $encoded);
|
|
|
- }
|
|
|
-
|
|
|
- private function appendLogLine(string $encoded): bool
|
|
|
- {
|
|
|
- $phpError = null;
|
|
|
-
|
|
|
- $handler = function (int $severity, string $message) use (&$phpError): bool {
|
|
|
- $phpError = $message;
|
|
|
- return true;
|
|
|
- };
|
|
|
-
|
|
|
- set_error_handler($handler);
|
|
|
-
|
|
|
- try {
|
|
|
- $result = file_put_contents($this->logFilePath, $encoded . "\n", FILE_APPEND | LOCK_EX);
|
|
|
- } catch (\Throwable $e) {
|
|
|
- $result = false;
|
|
|
- $phpError = $phpError ?? ($e->getMessage());
|
|
|
- } finally {
|
|
|
- restore_error_handler();
|
|
|
- }
|
|
|
-
|
|
|
- if ($result === false) {
|
|
|
- error_log('[TShieldWebhook] failed_to_write_log file=' . $this->logFilePath . ' php_error=' . json_encode($phpError));
|
|
|
- return false;
|
|
|
- }
|
|
|
-
|
|
|
- return true;
|
|
|
- }
|
|
|
-
|
|
|
- private function getResponseBodyForLog(ResponseInterface $response): ?string
|
|
|
- {
|
|
|
- try {
|
|
|
- $stream = $response->getBody();
|
|
|
- if ($stream === null) {
|
|
|
- return null;
|
|
|
- }
|
|
|
-
|
|
|
- if (method_exists($stream, 'isSeekable') && $stream->isSeekable()) {
|
|
|
- $pos = $stream->tell();
|
|
|
- $stream->rewind();
|
|
|
- $contents = $stream->getContents();
|
|
|
- $stream->seek($pos);
|
|
|
- return $contents;
|
|
|
- }
|
|
|
-
|
|
|
- return (string)$stream;
|
|
|
- } catch (\Throwable $e) {
|
|
|
- return null;
|
|
|
- }
|
|
|
- }
|
|
|
-
|
|
|
- private function resolveLogFilePath(?string $path): string
|
|
|
- {
|
|
|
- $path = trim((string)$path);
|
|
|
-
|
|
|
- if ($path === '') {
|
|
|
- $path = 'tshield_webhook.txt';
|
|
|
- }
|
|
|
-
|
|
|
- if (!preg_match('/^(?:[A-Za-z]:\\\\|\\/)/', $path)) {
|
|
|
- $path = rtrim(dirname(__DIR__), '/\\') . DIRECTORY_SEPARATOR . $path;
|
|
|
- }
|
|
|
-
|
|
|
- $dir = dirname($path);
|
|
|
- if (!is_dir($dir)) {
|
|
|
- if (!@mkdir($dir, 0775, true) && !is_dir($dir)) {
|
|
|
- $lastError = error_get_last();
|
|
|
- error_log('[TShieldWebhook] failed_to_create_log_dir dir=' . $dir . ' error=' . json_encode($lastError));
|
|
|
- }
|
|
|
- }
|
|
|
-
|
|
|
- if (is_dir($dir) && !is_writable($dir)) {
|
|
|
- error_log('[TShieldWebhook] log_dir_not_writable dir=' . $dir);
|
|
|
- }
|
|
|
-
|
|
|
- if (!file_exists($path)) {
|
|
|
- $phpError = null;
|
|
|
- $handler = function (int $severity, string $message) use (&$phpError): bool {
|
|
|
- $phpError = $message;
|
|
|
- return true;
|
|
|
- };
|
|
|
-
|
|
|
- set_error_handler($handler);
|
|
|
- try {
|
|
|
- $created = (file_put_contents($path, '') !== false);
|
|
|
- } catch (\Throwable $e) {
|
|
|
- $created = false;
|
|
|
- $phpError = $phpError ?? ($e->getMessage());
|
|
|
- } finally {
|
|
|
- restore_error_handler();
|
|
|
- }
|
|
|
-
|
|
|
- if (!$created) {
|
|
|
- error_log('[TShieldWebhook] failed_to_create_log_file file=' . $path . ' php_error=' . json_encode($phpError));
|
|
|
- }
|
|
|
- } elseif (!is_writable($path)) {
|
|
|
- error_log('[TShieldWebhook] log_file_not_writable file=' . $path);
|
|
|
+ $updated = $this->model->approveByExternalId($externalNumber);
|
|
|
+ if (!$updated) {
|
|
|
+ return ResponseLib::sendFail(
|
|
|
+ 'No user found for provided analysis number.',
|
|
|
+ ['number' => $externalNumber],
|
|
|
+ 'E_NOT_FOUND'
|
|
|
+ )->withStatus(404);
|
|
|
}
|
|
|
|
|
|
- return $path;
|
|
|
+ return ResponseLib::sendOk([
|
|
|
+ 'processed' => true,
|
|
|
+ 'number' => $externalNumber,
|
|
|
+ ]);
|
|
|
}
|
|
|
}
|
gdias