Initial import

marko_unpacked/marko/portal/services/base/IdServerBase.php

@@ -0,0 +1,88 @@
+<?php
+
+namespace app\services\base;
+
+class IdServerBase
+{
+    public $accessToken;
+
+
+    protected function securePostRequest($path, $data)
+    {
+        if ($this->accessToken) {
+            $root = \Yii::$app->params['id_server']."/admin/realms/nasledstvo.bg";
+            $url = $root . $path;
+            $curl = curl_init($url);
+            curl_setopt($curl, CURLOPT_URL, $url);
+            curl_setopt($curl, CURLOPT_POST, true);
+            curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
+            $headers = array(
+                "content-type: application/json",
+                "Authorization: bearer $this->accessToken",
+            );
+
+            $data = json_encode($data);
+
+            curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
+            curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
+            curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
+            curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
+            $resp = curl_exec($curl);
+            curl_close($curl);
+            return json_decode($resp);
+        }
+    }
+
+    protected function secureGetRequest($path)
+    {
+        if ($this->accessToken) {
+            $root = \Yii::$app->params['id_server']."/admin/realms/nasledstvo.bg";
+            $url = $root . $path;
+            $curl = curl_init($url);
+            curl_setopt($curl, CURLOPT_URL, $url);
+            curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
+            $headers = array(
+                "Authorization: bearer $this->accessToken",
+            );
+            curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
+            curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
+            curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
+            $resp = curl_exec($curl);
+            curl_close($curl);
+            return json_decode($resp);
+        }
+    }
+
+    protected function auth()
+    {
+        $url = \Yii::$app->params['id_server']."/realms/nasledstvo.bg/protocol/openid-connect/token";
+        $clint_id = \Yii::$app->params['id_server_client_id'];
+        $clint_secret = \Yii::$app->params['id_server_client_secret'];
+        $username = \Yii::$app->params['id_server_admin_user'];
+        $password = \Yii::$app->params['id_server_admin_password'];
+
+        $curl = curl_init($url);
+        curl_setopt($curl, CURLOPT_URL, $url);
+        curl_setopt($curl, CURLOPT_POST, true);
+        curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
+
+        $headers = array(
+            "Content-Type: application/x-www-form-urlencoded",
+        );
+        curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
+
+        $data = "client_id=$clint_id&client_secret=$clint_secret&username=$username&password=$password&grant_type=password";
+
+        curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
+        curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
+        curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
+
+        $resp = curl_exec($curl);
+        curl_close($curl);
+
+        $respData = json_decode($resp);
+        if (!empty($respData->access_token))
+            $this->accessToken = $respData->access_token;
+    }
+
+}

marko_unpacked/marko/portal/services/base/UserRequestBase.php

@@ -0,0 +1,81 @@
+<?php
+
+
+namespace app\services\base;
+
+use app\services\Auth;
+
+class UserRequestBase
+{
+    protected $data;
+
+    protected function isEmpty($key, $message)
+    {
+        if (empty($this->data->{$key})) $this->sendError($key, $message);
+    }
+
+    protected function isNotEmail($key, $message)
+    {
+        if (!filter_var($this->data->{$key}, FILTER_VALIDATE_EMAIL)) $this->sendError($key, $message);
+    }
+
+    protected function isExists($key, $classModel, $message)
+    {
+        $exists = $classModel::find()->where([$key => $this->data->{$key}])->one();
+        if ($exists) $this->sendError($key, $message);
+    }
+
+    protected function isNotSecurePassword($key, $message)
+    {
+        $value = $this->data->{$key};
+        if (mb_strlen($value) < 6)
+            $this->sendError($key, $message);
+    }
+
+    protected function wrongOldPassword($key, $message)
+    {
+        $value = $this->data->{$key};
+        $user = Auth::getUser();
+        if (!password_verify($value, $user->password_hash))
+            $this->sendError($key, $message);
+    }
+
+    protected function isNotMatch($key, $matchKey, $message)
+    {
+        if ($this->data->{$key} != $this->data->{$matchKey})
+            $this->sendError($key, $message);
+    }
+
+    protected function isNotChecked($key, $message)
+    {
+        if ($this->data->{$key} != true)
+            $this->sendError($key, $message);
+    }
+
+    public function call($method)
+    {
+        if (method_exists($this, $method)) {
+            if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+                $this->data = json_decode(\Yii::$app->request->getRawBody());
+                $result = $this->{$method}();
+                $result = $result ?? (object)[];
+                echo json_encode(['success' => 1, 'data' => $result]);
+                exit;
+            }
+        }
+    }
+
+    private function sendError($key, $message)
+    {
+        header('Content-type: application/json');
+        echo json_encode(['error' => ['key' => $key, 'message' => $message]]);
+        exit;
+    }
+
+    public function sendSuccess($message)
+    {
+        header('Content-type: application/json');
+        echo json_encode(['success' => ['message' => $message]]);
+        exit;
+    }
+}