Code Coverage for /__w/eappointment/eappointment/zmscitizenapi/src/Zmscitizenapi/Application.php

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	97.22% covered (success)	97.22%	70 / 72	92.86% covered (success)	92.86%	13 / 14	CRAP	0.00% covered (danger)	0.00%	0 / 1
Application	97.22% covered (success)	97.22%	70 / 72	92.86% covered (success)	92.86%	13 / 14	47	0.00% covered (danger)	0.00%	0 / 1
initialize	100.00% covered (success)	100.00%	5 / 5	100.00% covered (success)	100.00%	1 / 1	1
initializeMaintenanceMode	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
initializeLogger	100.00% covered (success)	100.00%	9 / 9	100.00% covered (success)	100.00%	1 / 1	10
initializeCaptcha	100.00% covered (success)	100.00%	9 / 9	100.00% covered (success)	100.00%	1 / 1	7
initializeCache	100.00% covered (success)	100.00%	4 / 4	100.00% covered (success)	100.00%	1 / 1	3
initializeMiddleware	100.00% covered (success)	100.00%	11 / 11	100.00% covered (success)	100.00%	1 / 1	12
reinitializeMiddlewareConfig	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
validateCacheDirectory	50.00% covered (danger)	50.00%	2 / 4	0.00% covered (danger)	0.00%	0 / 1	6.00
setupCache	100.00% covered (success)	100.00%	2 / 2	100.00% covered (success)	100.00%	1 / 1	1
getLoggerConfig	100.00% covered (success)	100.00%	11 / 11	100.00% covered (success)	100.00%	1 / 1	1
getRateLimit	100.00% covered (success)	100.00%	8 / 8	100.00% covered (success)	100.00%	1 / 1	1
getRequestLimits	100.00% covered (success)	100.00%	5 / 5	100.00% covered (success)	100.00%	1 / 1	1
getIpBlacklist	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	2
getAccessUnpublishedOnDomain	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	2

1	<?php
2
3	declare(strict_types=1);
4
5	namespace BO\Zmscitizenapi;
6
7	use Psr\SimpleCache\CacheInterface;
8	use Symfony\Component\Cache\Adapter\FilesystemAdapter;
9	use Symfony\Component\Cache\Psr16Cache;
10
11	/**
12	* @SuppressWarnings(PHPMD.TooManyFields)
13	* @SuppressWarnings(PHPMD.NPathComplexity)
14	* @TODO: Refactor this class into smaller focused classes (LoggerInitializer, MiddlewareInitializer) to reduce complexity
15	*/
16	class Application extends \BO\Slim\Application
17	{
18	public const IDENTIFIER = 'zms';
19	public const MODULE_NAME = 'zmscitizenapi';
20	public static string $source_name = "dldb,zms";
21	public static $http = null;
22	public static array $http_curl_config = [];
23	public static ?CacheInterface $cache = null;
24	// Cache config
25	public static string $CACHE_DIR;
26	public static int $SOURCE_CACHE_TTL;
27	public static bool $MAINTENANCE_MODE_ENABLED;
28	// Logger config
29
30	public static int $LOGGER_MAX_REQUESTS;
31	public static int $LOGGER_RESPONSE_LENGTH;
32	public static int $LOGGER_STACK_LINES;
33	public static int $LOGGER_MESSAGE_SIZE;
34	public static int $LOGGER_CACHE_TTL;
35	public static int $LOGGER_MAX_RETRIES;
36	public static int $LOGGER_BACKOFF_MIN;
37	public static int $LOGGER_BACKOFF_MAX;
38	public static int $LOGGER_LOCK_TIMEOUT;
39	// Captcha config
40	public static bool $CAPTCHA_ENABLED;
41	public static string $CAPTCHA_TOKEN_SECRET;
42	public static int $CAPTCHA_TOKEN_TTL;
43	public static string $ALTCHA_CAPTCHA_SITE_KEY;
44	public static string $ALTCHA_CAPTCHA_SITE_SECRET;
45	public static string $ALTCHA_CAPTCHA_ENDPOINT_CHALLENGE;
46	public static string $ALTCHA_CAPTCHA_ENDPOINT_VERIFY;
47	// Rate limiting config
48	public static int $RATE_LIMIT_MAX_REQUESTS;
49	public static int $RATE_LIMIT_CACHE_TTL;
50	public static int $RATE_LIMIT_MAX_RETRIES;
51	public static int $RATE_LIMIT_BACKOFF_MIN;
52	public static int $RATE_LIMIT_BACKOFF_MAX;
53	public static int $RATE_LIMIT_LOCK_TIMEOUT;
54	// Request limits config
55	public static int $MAX_REQUEST_SIZE;
56	public static int $MAX_STRING_LENGTH;
57	public static int $MAX_RECURSION_DEPTH;
58	// IP Filter config
59	public static string $IP_BLACKLIST;
60
61	public static string $ACCESS_UNPUBLISHED_ON_DOMAIN;
62
63	public static function initialize(): void
64	{
65	self::initializeMaintenanceMode();
66	self::initializeLogger();
67	self::initializeCaptcha();
68	self::initializeCache();
69	self::initializeMiddleware();
70	}
71
72	private static function initializeMaintenanceMode(): void
73	{
74	self::$MAINTENANCE_MODE_ENABLED = filter_var(getenv('MAINTENANCE_ENABLED'), FILTER_VALIDATE_BOOLEAN);
75	}
76
77	/**
78	* @SuppressWarnings(PHPMD.NPathComplexity)
79	* @TODO: Extract logger initialization logic into a dedicated LoggerInitializer class
80	*/
81	private static function initializeLogger(): void
82	{
83	self::$LOGGER_MAX_REQUESTS = (int) (getenv('LOGGER_MAX_REQUESTS') ?: 1000);
84	self::$LOGGER_RESPONSE_LENGTH = (int) (getenv('LOGGER_RESPONSE_LENGTH') ?: 1048576);
85	// 1MB
86	self::$LOGGER_STACK_LINES = (int) (getenv('LOGGER_STACK_LINES') ?: 20);
87	self::$LOGGER_MESSAGE_SIZE = (int) (getenv('LOGGER_MESSAGE_SIZE') ?: 8192);
88	// 8KB
89	self::$LOGGER_CACHE_TTL = (int) (getenv('LOGGER_CACHE_TTL') ?: 60);
90	self::$LOGGER_MAX_RETRIES = (int) (getenv('LOGGER_MAX_RETRIES') ?: 3);
91	self::$LOGGER_BACKOFF_MIN = (int) (getenv('LOGGER_BACKOFF_MIN') ?: 100);
92	self::$LOGGER_BACKOFF_MAX = (int) (getenv('LOGGER_BACKOFF_MAX') ?: 1000);
93	self::$LOGGER_LOCK_TIMEOUT = (int) (getenv('LOGGER_LOCK_TIMEOUT') ?: 5);
94	}
95
96	private static function initializeCaptcha(): void
97	{
98	self::$CAPTCHA_ENABLED = filter_var(getenv('CAPTCHA_ENABLED'), FILTER_VALIDATE_BOOLEAN);
99	self::$CAPTCHA_TOKEN_SECRET = getenv('CAPTCHA_TOKEN_SECRET') ?: '';
100	self::$CAPTCHA_TOKEN_TTL = (int) getenv('CAPTCHA_TOKEN_TTL') ?: 300;
101	self::$ALTCHA_CAPTCHA_SITE_KEY = getenv('ALTCHA_CAPTCHA_SITE_KEY') ?: '';
102	self::$ALTCHA_CAPTCHA_SITE_SECRET = getenv('ALTCHA_CAPTCHA_SITE_SECRET') ?: '';
103	self::$ALTCHA_CAPTCHA_ENDPOINT_CHALLENGE = getenv('ALTCHA_CAPTCHA_ENDPOINT_CHALLENGE')
104	?: 'https://captcha.muenchen.de/api/v1/captcha/challenge';
105	self::$ALTCHA_CAPTCHA_ENDPOINT_VERIFY = getenv('ALTCHA_CAPTCHA_ENDPOINT_VERIFY')
106	?: 'https://captcha.muenchen.de/api/v1/captcha/verify';
107	}
108
109	private static function initializeCache(): void
110	{
111	self::$CACHE_DIR = getenv('CACHE_DIR') ?: __DIR__ . '/cache';
112	self::$SOURCE_CACHE_TTL = (int) (getenv('SOURCE_CACHE_TTL') ?: 3600);
113	self::validateCacheDirectory();
114	self::setupCache();
115	}
116
117	/**
118	* @SuppressWarnings(PHPMD.NPathComplexity)
119	* @TODO: Extract middleware initialization logic into a dedicated MiddlewareInitializer class
120	*/
121	private static function initializeMiddleware(): void
122	{
123	// Rate limiting
124	self::$RATE_LIMIT_MAX_REQUESTS = (int) (getenv('RATE_LIMIT_MAX_REQUESTS') ?: 60);
125	self::$RATE_LIMIT_CACHE_TTL = (int) (getenv('RATE_LIMIT_CACHE_TTL') ?: 60);
126	self::$RATE_LIMIT_MAX_RETRIES = (int) (getenv('RATE_LIMIT_MAX_RETRIES') ?: 3);
127	self::$RATE_LIMIT_BACKOFF_MIN = (int) (getenv('RATE_LIMIT_BACKOFF_MIN') ?: 10);
128	self::$RATE_LIMIT_BACKOFF_MAX = (int) (getenv('RATE_LIMIT_BACKOFF_MAX') ?: 50);
129	self::$RATE_LIMIT_LOCK_TIMEOUT = (int) (getenv('RATE_LIMIT_LOCK_TIMEOUT') ?: 1);
130	// Request limits
131	self::$MAX_REQUEST_SIZE = (int) (getenv('MAX_REQUEST_SIZE') ?: 10485760);
132	// 10MB
133	self::$MAX_STRING_LENGTH = (int) (getenv('MAX_STRING_LENGTH') ?: 32768);
134	// 32KB
135	self::$MAX_RECURSION_DEPTH = (int) (getenv('MAX_RECURSION_DEPTH') ?: 10);
136	// IP Filter
137	self::$IP_BLACKLIST = getenv('IP_BLACKLIST') ?: '';
138
139	self::$ACCESS_UNPUBLISHED_ON_DOMAIN = getenv('ACCESS_UNPUBLISHED_ON_DOMAIN') ?: '';
140	}
141
142	public static function reinitializeMiddlewareConfig(): void
143	{
144	self::initializeMiddleware();
145	}
146
147	private static function validateCacheDirectory(): void
148	{
149	if (!is_dir(self::$CACHE_DIR) && !mkdir(self::$CACHE_DIR, 0750, true)) {
150	throw new \RuntimeException(sprintf('Cache directory "%s" could not be created', self::$CACHE_DIR));
151	}
152
153	if (!is_writable(self::$CACHE_DIR)) {
154	throw new \RuntimeException(sprintf('Cache directory "%s" is not writable', self::$CACHE_DIR));
155	}
156	}
157
158	private static function setupCache(): void
159	{
160	$psr6 = new FilesystemAdapter(namespace: '', defaultLifetime: self::$SOURCE_CACHE_TTL, directory: self::$CACHE_DIR);
161	self::$cache = new Psr16Cache($psr6);
162	}
163
164	public static function getLoggerConfig(): array
165	{
166	return [
167	'maxRequests' => self::$LOGGER_MAX_REQUESTS,
168	'responseLength' => self::$LOGGER_RESPONSE_LENGTH,
169	'stackLines' => self::$LOGGER_STACK_LINES,
170	'messageSize' => self::$LOGGER_MESSAGE_SIZE,
171	'cacheTtl' => self::$LOGGER_CACHE_TTL,
172	'maxRetries' => self::$LOGGER_MAX_RETRIES,
173	'backoffMin' => self::$LOGGER_BACKOFF_MIN,
174	'backoffMax' => self::$LOGGER_BACKOFF_MAX,
175	'lockTimeout' => self::$LOGGER_LOCK_TIMEOUT
176	];
177	}
178
179	public static function getRateLimit(): array
180	{
181	return [
182	'maxRequests' => self::$RATE_LIMIT_MAX_REQUESTS,
183	'cacheExpiry' => self::$RATE_LIMIT_CACHE_TTL,
184	'maxRetries' => self::$RATE_LIMIT_MAX_RETRIES,
185	'backoffMin' => self::$RATE_LIMIT_BACKOFF_MIN,
186	'backoffMax' => self::$RATE_LIMIT_BACKOFF_MAX,
187	'lockTimeout' => self::$RATE_LIMIT_LOCK_TIMEOUT
188	];
189	}
190
191	public static function getRequestLimits(): array
192	{
193	return [
194	'maxSize' => self::$MAX_REQUEST_SIZE,
195	'maxStringLength' => self::$MAX_STRING_LENGTH,
196	'maxRecursionDepth' => self::$MAX_RECURSION_DEPTH
197	];
198	}
199
200	public static function getIpBlacklist(): string
201	{
202	return self::$IP_BLACKLIST ?: '';
203	}
204
205	public static function getAccessUnpublishedOnDomain(): ?string
206	{
207	return self::$ACCESS_UNPUBLISHED_ON_DOMAIN ?: null;
208	}
209	}
210
211	Application::initialize();