backend-php/controllers/B3CprRegisterController.php

<?php

namespace Controllers;

use Libs\ResponseLib;
use Psr\Http\Message\ServerRequestInterface;
use React\Http\Message\Response;
use Services\B3CprService;
use Models\CprModel;
use Models\StatusModel;
use Models\PaymentModel;

class B3CprRegisterController
{
    private B3CprService $service;
    private CprModel $cprModel;
    private StatusModel $statusModel;
    private PaymentModel $paymentModel;

    public function __construct()
    {
        $this->service = new B3CprService();
        $this->cprModel = new CprModel();
        $this->statusModel = new StatusModel();
        $this->paymentModel = new PaymentModel();
    }

    private function applyFixedCprDefaults(array $cpr): array
    {
        $nowBr = new \DateTimeImmutable('now', new \DateTimeZone('America/Sao_Paulo'));
        $currentDate = $nowBr->format('Y-m-d');

        $cpr['cpr_type_code'] = 'P';
        $cpr['cpr_otc_register_account_code'] = '64359.40-5';
        $cpr['cpr_otc_payment_agent_account_code'] = '64359.40-5';
        $cpr['cpr_otc_custodian_account_code'] = '64359.00-3';
        $cpr['cpr_electronic_emission_indicator'] = 'S';
        $cpr['cpr_automatic_expiration_indicator'] = 'N';
        $cpr['cpr_issue_date'] = $currentDate;
        $cpr['cpr_profitability_start_date'] = $currentDate;
        $cpr['cpr_issue_quantity'] = '1';

        if (!array_key_exists('cpr_issue_value', $cpr)) {
            throw new \InvalidArgumentException('Missing field: cpr_issue_value');
        }
        $issueValue = (string)$cpr['cpr_issue_value'];
        $cpr['cpr_issue_financial_value'] = $issueValue;

        $cpr['cpr_creditor_name'] = 'TOO EASY TRADING LTDA';
        $cpr['cpr_creditor_document_number'] = '47.175.222/0001-09';
        $cpr['cpr_scr_type_code'] = 'N';
        $cpr['cpr_finality_code'] = '6099';

        return $cpr;
    }

    public function __invoke(ServerRequestInterface $request)
    {
        $body = json_decode((string)$request->getBody(), true);
        if (!is_array($body)) {
            return ResponseLib::sendFail('Invalid JSON body', [], 'E_VALIDATE')->withStatus(400);
        }

        $token = $body['b3_access_token'] ?? ($body['access_token'] ?? null);
        if (!$token) {
            $b3Auth = $request->getHeaderLine('X-B3-Authorization') ?: '';
            if (stripos($b3Auth, 'Bearer ') === 0) {
                $token = trim(substr($b3Auth, 7));
            }
        }
        if (!$token) {
            $token = $request->getHeaderLine('X-B3-Access-Token') ?: null;
        }

        $cpr = $body['cpr'] ?? null;
        if (!is_array($cpr)) {
            $hasCprKeys = false;
            foreach ($body as $k => $_) {
                if (is_string($k) && substr($k, 0, 4) === 'cpr_') {
                    $hasCprKeys = true;
                    break;
                }
            }
            if ($hasCprKeys) {
                $cpr = $body;
            }
        }

        if (!is_array($cpr)) {
            return ResponseLib::sendFail('Missing CPR payload (array) in body as cpr', [], 'E_VALIDATE')->withStatus(400);
        }

        try {
            $cpr = $this->applyFixedCprDefaults($cpr);
        } catch (\InvalidArgumentException $e) {
            return ResponseLib::sendFail($e->getMessage(), [], 'E_VALIDATE')->withStatus(400);
        }

        $userId = (int)($request->getAttribute('api_user_id') ?? 0);
        if ($userId <= 0) {
            return ResponseLib::sendFail('Authenticated user not found', [], 'E_VALIDATE')->withStatus(401);
        }

        $companyId = (int)($request->getAttribute('api_company_id') ?? 0);
        if ($companyId <= 0) {
            return ResponseLib::sendFail('Authenticated company not found', [], 'E_VALIDATE')->withStatus(401);
        }

        $statusId = $this->statusModel->getIdByStatus('pending');
        if ($statusId === null) {
            return ResponseLib::sendFail('Pending status not found', [], 'E_DATABASE')->withStatus(500);
        }

        try {
            $paymentExternalId = 'B3_DIRECT_' . time();
            $paymentId = $this->paymentModel->create($paymentExternalId, $statusId, $userId);
        } catch (\Throwable $e) {
            return ResponseLib::sendFail('Failed to create payment record: ' . $e->getMessage(), [], 'E_DATABASE')->withStatus(500);
        }

        try {
            $record = $this->cprModel->create($cpr, $statusId, $paymentId, $userId, $companyId);
        } catch (\InvalidArgumentException $e) {
            return ResponseLib::sendFail($e->getMessage(), [], 'E_VALIDATE')->withStatus(400);
        } catch (\Throwable $e) {
            return ResponseLib::sendFail('Failed to create CPR: ' . $e->getMessage(), [], 'E_DATABASE')->withStatus(500);
        }

        try {
            $payload = $this->service->mapToB3($cpr);
            if (!$token) {
                $token = $this->service->getAccessToken();
            }
            $result = $this->service->postCpr($token, $payload);
        } catch (\Throwable $e) {
            return ResponseLib::sendFail('Failed to send CPR to B3: ' . $e->getMessage(), [], 'E_EXTERNAL')->withStatus(502);
        }

        if (isset($result['error'])) {
            return ResponseLib::sendFail('cURL error during B3 CPR request', ['error' => $result['error']], 'E_EXTERNAL')->withStatus(502);
        }

        $status = (int)($result['status'] ?? 200);
        if (isset($result['json'])) {
            return Response::json($result['json'])->withStatus($status ?: 200);
        }

        return Response::json(['raw' => $result['raw'] ?? null, 'status' => $status])->withStatus($status ?: 502);
    }
}