Code Coverage
 
Lines
Functions and Methods
Classes and Traits
Total
92.31% covered (success)
92.31%
72 / 78
87.50% covered (warning)
87.50%
14 / 16
CRAP
0.00% covered (danger)
0.00%
0 / 1
Application
92.31% covered (success)
92.31%
72 / 78
87.50% covered (warning)
87.50%
14 / 16
51.14
0.00% covered (danger)
0.00%
0 / 1
 initialize
100.00% covered (success)
100.00%
5 / 5
100.00% covered (success)
100.00%
1 / 1
1
 initializeMaintenanceMode
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
1
 initializeLogger
100.00% covered (success)
100.00%
9 / 9
100.00% covered (success)
100.00%
1 / 1
10
 initializeCaptcha
100.00% covered (success)
100.00%
9 / 9
100.00% covered (success)
100.00%
1 / 1
7
 initializeCache
100.00% covered (success)
100.00%
4 / 4
100.00% covered (success)
100.00%
1 / 1
3
 initializeMiddleware
100.00% covered (success)
100.00%
12 / 12
100.00% covered (success)
100.00%
1 / 1
13
 reinitializeMiddlewareConfig
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
1
 validateCacheDirectory
50.00% covered (danger)
50.00%
2 / 4
0.00% covered (danger)
0.00%
0 / 1
6.00
 setupCache
100.00% covered (success)
100.00%
2 / 2
100.00% covered (success)
100.00%
1 / 1
1
 getLoggerConfig
100.00% covered (success)
100.00%
11 / 11
100.00% covered (success)
100.00%
1 / 1
1
 getRateLimit
100.00% covered (success)
100.00%
8 / 8
100.00% covered (success)
100.00%
1 / 1
1
 getRequestLimits
100.00% covered (success)
100.00%
5 / 5
100.00% covered (success)
100.00%
1 / 1
1
 getCsrfConfig
0.00% covered (danger)
0.00%
0 / 4
0.00% covered (danger)
0.00%
0 / 1
2
 getCorsAllowedOrigins
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
1
 getIpBlacklist
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
2
 getAccessUnpublishedOnDomain
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
2
1<?php
2
3declare(strict_types=1);
4
5namespace BO\Zmscitizenapi;
6
7use Psr\SimpleCache\CacheInterface;
8use Symfony\Component\Cache\Adapter\FilesystemAdapter;
9use Symfony\Component\Cache\Psr16Cache;
10
11/**
12 * @SuppressWarnings(PHPMD.TooManyFields)
13 * @SuppressWarnings(PHPMD.NPathComplexity)
14 * @TODO: Refactor this class into smaller focused classes (LoggerInitializer, MiddlewareInitializer) to reduce complexity
15 */
16class Application extends \BO\Slim\Application
17{
18    public const IDENTIFIER = 'zms';
19    public const MODULE_NAME = 'zmscitizenapi';
20    public static string $source_name = 'dldb';
21    public static $http = null;
22    public static array $http_curl_config = [];
23    public static ?CacheInterface $cache = null;
24    // Cache config
25    public static string $CACHE_DIR;
26    public static int $SOURCE_CACHE_TTL;
27    public static bool $MAINTENANCE_MODE_ENABLED;
28    // Logger config
29
30    public static int $LOGGER_MAX_REQUESTS;
31    public static int $LOGGER_RESPONSE_LENGTH;
32    public static int $LOGGER_STACK_LINES;
33    public static int $LOGGER_MESSAGE_SIZE;
34    public static int $LOGGER_CACHE_TTL;
35    public static int $LOGGER_MAX_RETRIES;
36    public static int $LOGGER_BACKOFF_MIN;
37    public static int $LOGGER_BACKOFF_MAX;
38    public static int $LOGGER_LOCK_TIMEOUT;
39    // Captcha config
40    public static bool $CAPTCHA_ENABLED;
41    public static string $CAPTCHA_TOKEN_SECRET;
42    public static int $CAPTCHA_TOKEN_TTL;
43    public static string $ALTCHA_CAPTCHA_SITE_KEY;
44    public static string $ALTCHA_CAPTCHA_SITE_SECRET;
45    public static string $ALTCHA_CAPTCHA_ENDPOINT_CHALLENGE;
46    public static string $ALTCHA_CAPTCHA_ENDPOINT_VERIFY;
47    // Rate limiting config
48    public static int $RATE_LIMIT_MAX_REQUESTS;
49    public static int $RATE_LIMIT_CACHE_TTL;
50    public static int $RATE_LIMIT_MAX_RETRIES;
51    public static int $RATE_LIMIT_BACKOFF_MIN;
52    public static int $RATE_LIMIT_BACKOFF_MAX;
53    public static int $RATE_LIMIT_LOCK_TIMEOUT;
54    // Request limits config
55    public static int $MAX_REQUEST_SIZE;
56    public static int $MAX_STRING_LENGTH;
57    public static int $MAX_RECURSION_DEPTH;
58    // CSRF config
59    public static int $CSRF_TOKEN_LENGTH;
60    public static string $CSRF_SESSION_KEY;
61    // CORS config
62    public static string $CORS_ALLOWED_ORIGINS;
63    // IP Filter config
64    public static string $IP_BLACKLIST;
65
66    public static string $ACCESS_UNPUBLISHED_ON_DOMAIN;
67
68    public static function initialize(): void
69    {
70        self::initializeMaintenanceMode();
71        self::initializeLogger();
72        self::initializeCaptcha();
73        self::initializeCache();
74        self::initializeMiddleware();
75    }
76
77    private static function initializeMaintenanceMode(): void
78    {
79        self::$MAINTENANCE_MODE_ENABLED = filter_var(getenv('MAINTENANCE_ENABLED'), FILTER_VALIDATE_BOOLEAN);
80    }
81
82    /**
83     * @SuppressWarnings(PHPMD.NPathComplexity)
84     * @TODO: Extract logger initialization logic into a dedicated LoggerInitializer class
85     */
86    private static function initializeLogger(): void
87    {
88        self::$LOGGER_MAX_REQUESTS = (int) (getenv('LOGGER_MAX_REQUESTS') ?: 1000);
89        self::$LOGGER_RESPONSE_LENGTH = (int) (getenv('LOGGER_RESPONSE_LENGTH') ?: 1048576);
90        // 1MB
91        self::$LOGGER_STACK_LINES = (int) (getenv('LOGGER_STACK_LINES') ?: 20);
92        self::$LOGGER_MESSAGE_SIZE = (int) (getenv('LOGGER_MESSAGE_SIZE') ?: 8192);
93        // 8KB
94        self::$LOGGER_CACHE_TTL = (int) (getenv('LOGGER_CACHE_TTL') ?: 60);
95        self::$LOGGER_MAX_RETRIES = (int) (getenv('LOGGER_MAX_RETRIES') ?: 3);
96        self::$LOGGER_BACKOFF_MIN = (int) (getenv('LOGGER_BACKOFF_MIN') ?: 100);
97        self::$LOGGER_BACKOFF_MAX = (int) (getenv('LOGGER_BACKOFF_MAX') ?: 1000);
98        self::$LOGGER_LOCK_TIMEOUT = (int) (getenv('LOGGER_LOCK_TIMEOUT') ?: 5);
99    }
100
101    private static function initializeCaptcha(): void
102    {
103        self::$CAPTCHA_ENABLED = filter_var(getenv('CAPTCHA_ENABLED'), FILTER_VALIDATE_BOOLEAN);
104        self::$CAPTCHA_TOKEN_SECRET = getenv('CAPTCHA_TOKEN_SECRET') ?: '';
105        self::$CAPTCHA_TOKEN_TTL = (int) getenv('CAPTCHA_TOKEN_TTL') ?: 300;
106        self::$ALTCHA_CAPTCHA_SITE_KEY = getenv('ALTCHA_CAPTCHA_SITE_KEY') ?: '';
107        self::$ALTCHA_CAPTCHA_SITE_SECRET = getenv('ALTCHA_CAPTCHA_SITE_SECRET') ?: '';
108        self::$ALTCHA_CAPTCHA_ENDPOINT_CHALLENGE = getenv('ALTCHA_CAPTCHA_ENDPOINT_CHALLENGE')
109            ?: 'https://captcha.muenchen.de/api/v1/captcha/challenge';
110        self::$ALTCHA_CAPTCHA_ENDPOINT_VERIFY = getenv('ALTCHA_CAPTCHA_ENDPOINT_VERIFY')
111            ?: 'https://captcha.muenchen.de/api/v1/captcha/verify';
112    }
113
114    private static function initializeCache(): void
115    {
116        self::$CACHE_DIR = getenv('CACHE_DIR') ?: __DIR__ . '/cache';
117        self::$SOURCE_CACHE_TTL = (int) (getenv('SOURCE_CACHE_TTL') ?: 3600);
118        self::validateCacheDirectory();
119        self::setupCache();
120    }
121
122    /**
123     * @SuppressWarnings(PHPMD.NPathComplexity)
124     * @TODO: Extract middleware initialization logic into a dedicated MiddlewareInitializer class
125     */
126    private static function initializeMiddleware(): void
127    {
128        // Rate limiting
129        self::$RATE_LIMIT_MAX_REQUESTS = (int) (getenv('RATE_LIMIT_MAX_REQUESTS') ?: 60);
130        self::$RATE_LIMIT_CACHE_TTL = (int) (getenv('RATE_LIMIT_CACHE_TTL') ?: 60);
131        self::$RATE_LIMIT_MAX_RETRIES = (int) (getenv('RATE_LIMIT_MAX_RETRIES') ?: 3);
132        self::$RATE_LIMIT_BACKOFF_MIN = (int) (getenv('RATE_LIMIT_BACKOFF_MIN') ?: 10);
133        self::$RATE_LIMIT_BACKOFF_MAX = (int) (getenv('RATE_LIMIT_BACKOFF_MAX') ?: 50);
134        self::$RATE_LIMIT_LOCK_TIMEOUT = (int) (getenv('RATE_LIMIT_LOCK_TIMEOUT') ?: 1);
135        // Request limits
136        self::$MAX_REQUEST_SIZE = (int) (getenv('MAX_REQUEST_SIZE') ?: 10485760);
137        // 10MB
138        self::$MAX_STRING_LENGTH = (int) (getenv('MAX_STRING_LENGTH') ?: 32768);
139        // 32KB
140        self::$MAX_RECURSION_DEPTH = (int) (getenv('MAX_RECURSION_DEPTH') ?: 10);
141        // CSRF
142        //self::$CSRF_TOKEN_LENGTH = (int) (getenv('CSRF_TOKEN_LENGTH') ?: 32);
143        //self::$CSRF_SESSION_KEY = getenv('CSRF_SESSION_KEY') ?: 'csrf_token';
144        // CORS
145        self::$CORS_ALLOWED_ORIGINS = getenv('CORS') ?: '';
146        // IP Filter
147        self::$IP_BLACKLIST = getenv('IP_BLACKLIST') ?: '';
148
149        self::$ACCESS_UNPUBLISHED_ON_DOMAIN = getenv('ACCESS_UNPUBLISHED_ON_DOMAIN') ?: '';
150    }
151
152    public static function reinitializeMiddlewareConfig(): void
153    {
154        self::initializeMiddleware();
155    }
156
157    private static function validateCacheDirectory(): void
158    {
159        if (!is_dir(self::$CACHE_DIR) && !mkdir(self::$CACHE_DIR, 0750, true)) {
160            throw new \RuntimeException(sprintf('Cache directory "%s" could not be created', self::$CACHE_DIR));
161        }
162
163        if (!is_writable(self::$CACHE_DIR)) {
164            throw new \RuntimeException(sprintf('Cache directory "%s" is not writable', self::$CACHE_DIR));
165        }
166    }
167
168    private static function setupCache(): void
169    {
170        $psr6 = new FilesystemAdapter(namespace: '', defaultLifetime: self::$SOURCE_CACHE_TTL, directory: self::$CACHE_DIR);
171        self::$cache = new Psr16Cache($psr6);
172    }
173
174    public static function getLoggerConfig(): array
175    {
176        return [
177            'maxRequests' => self::$LOGGER_MAX_REQUESTS,
178            'responseLength' => self::$LOGGER_RESPONSE_LENGTH,
179            'stackLines' => self::$LOGGER_STACK_LINES,
180            'messageSize' => self::$LOGGER_MESSAGE_SIZE,
181            'cacheTtl' => self::$LOGGER_CACHE_TTL,
182            'maxRetries' => self::$LOGGER_MAX_RETRIES,
183            'backoffMin' => self::$LOGGER_BACKOFF_MIN,
184            'backoffMax' => self::$LOGGER_BACKOFF_MAX,
185            'lockTimeout' => self::$LOGGER_LOCK_TIMEOUT
186        ];
187    }
188
189    public static function getRateLimit(): array
190    {
191        return [
192            'maxRequests' => self::$RATE_LIMIT_MAX_REQUESTS,
193            'cacheExpiry' => self::$RATE_LIMIT_CACHE_TTL,
194            'maxRetries' => self::$RATE_LIMIT_MAX_RETRIES,
195            'backoffMin' => self::$RATE_LIMIT_BACKOFF_MIN,
196            'backoffMax' => self::$RATE_LIMIT_BACKOFF_MAX,
197            'lockTimeout' => self::$RATE_LIMIT_LOCK_TIMEOUT
198        ];
199    }
200
201    public static function getRequestLimits(): array
202    {
203        return [
204            'maxSize' => self::$MAX_REQUEST_SIZE,
205            'maxStringLength' => self::$MAX_STRING_LENGTH,
206            'maxRecursionDepth' => self::$MAX_RECURSION_DEPTH
207        ];
208    }
209
210    public static function getCsrfConfig(): array
211    {
212        return [
213            'tokenLength' => self::$CSRF_TOKEN_LENGTH,
214            'sessionKey' => self::$CSRF_SESSION_KEY
215        ];
216    }
217
218    public static function getCorsAllowedOrigins(): array
219    {
220        return array_filter(explode(',', self::$CORS_ALLOWED_ORIGINS));
221    }
222
223    public static function getIpBlacklist(): string
224    {
225        return self::$IP_BLACKLIST ?: '';
226    }
227
228    public static function getAccessUnpublishedOnDomain(): ?string
229    {
230        return self::$ACCESS_UNPUBLISHED_ON_DOMAIN ?: null;
231    }
232}
233
234Application::initialize();