This repository has been archived by the owner on Mar 22, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 4
/
Registration.php
65 lines (51 loc) · 2.21 KB
/
Registration.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
<?php declare(strict_types=1);
namespace App\SwagAppsystem\Controller;
use App\Repository\ShopRepository;
use App\SwagAppsystem\Authenticator;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
class Registration extends AbstractController
{
/**
* @Route("/registration", name="register", methods={"GET"})
*/
public function register(Request $request, ShopRepository $shopRepository)
{
if (!Authenticator::authenticateRegisterRequest($request)) {
return new Response(null, 401);
}
$shopUrl = $this->getShopUrl($request);
$shopId = $this->getShopId($request);
$name = $_SERVER['APP_NAME'];
$secret = bin2hex(random_bytes(64));
$shopRepository->createShop($this->getShopId($request), $this->getShopUrl($request), $secret);
$proof = \hash_hmac('sha256', $shopId . $shopUrl . $name, $_SERVER['APP_SECRET']);
$body = ['proof' => $proof, 'secret' => $secret, 'confirmation_url' => $this->generateUrl('confirm', [], UrlGeneratorInterface::ABSOLUTE_URL)];
return new JsonResponse($body);
}
/**
* @Route("/registration/confirm", name="confirm", methods={"POST"})
*/
public function confirm(Request $request, ShopRepository $shopRepository): Response
{
$requestContent = json_decode($request->getContent(), true);
$shopSecret = $shopRepository->getSecretByShopId($requestContent['shopId']);
if (!Authenticator::authenticatePostRequest($request, $shopSecret)) {
return new Response(null, 401);
}
$shopRepository->updateAccessKeysForShop($requestContent['shopId'], $requestContent['apiKey'], $requestContent['secretKey']);
return new Response();
}
private function getShopUrl(Request $request): string
{
return $request->query->get('shop-url');
}
private function getShopId(Request $request): string
{
return $request->query->get('shop-id');
}
}