Code Coverage
 
Lines
Functions and Methods
Classes and Traits
Total
91.46% covered (success)
91.46%
75 / 82
81.25% covered (warning)
81.25%
13 / 16
 CRAP
0.00% covered (danger)
0.00%
0 / 1
Application
91.46% covered (success)
91.46%
75 / 82
81.25% covered (warning)
81.25%
13 / 16
 53.68
0.00% covered (danger)
0.00%
0 / 1
 initialize
100.00% covered (success)
100.00%
5 / 5
100.00% covered (success)
100.00%
1 / 1
 1
 initializeMaintenanceMode
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
 1
 initializeLogger
100.00% covered (success)
100.00%
9 / 9
100.00% covered (success)
100.00%
1 / 1
 10
 initializeCaptcha
100.00% covered (success)
100.00%
13 / 13
100.00% covered (success)
100.00%
1 / 1
 9
 initializeCache
100.00% covered (success)
100.00%
4 / 4
100.00% covered (success)
100.00%
1 / 1
 3
 initializeMiddleware
100.00% covered (success)
100.00%
12 / 12
100.00% covered (success)
100.00%
1 / 1
 13
 reinitializeMiddlewareConfig
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
 1
 validateCacheDirectory
50.00% covered (danger)
50.00%
2 / 4
0.00% covered (danger)
0.00%
0 / 1
 6.00
 setupCache
100.00% covered (success)
100.00%
2 / 2
100.00% covered (success)
100.00%
1 / 1
 1
 getLoggerConfig
100.00% covered (success)
100.00%
11 / 11
100.00% covered (success)
100.00%
1 / 1
 1
 getRateLimit
100.00% covered (success)
100.00%
8 / 8
100.00% covered (success)
100.00%
1 / 1
 1
 getRequestLimits
100.00% covered (success)
100.00%
5 / 5
100.00% covered (success)
100.00%
1 / 1
 1
 getCsrfConfig
0.00% covered (danger)
0.00%
0 / 4
0.00% covered (danger)
0.00%
0 / 1
 2
 getCorsAllowedOrigins
0.00% covered (danger)
0.00%
0 / 1
0.00% covered (danger)
0.00%
0 / 1
 2
 getIpBlacklist
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
 2
 getAccessUnpublishedOnDomain
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
 2
1<?php
2
3declare(strict_types=1);
4
5namespace BO\Zmscitizenapi;
6
7use Psr\SimpleCache\CacheInterface;
8use Symfony\Component\Cache\Adapter\FilesystemAdapter;
9use Symfony\Component\Cache\Psr16Cache;
10
11/**
12 * @SuppressWarnings(PHPMD.TooManyFields)
13 * @SuppressWarnings(PHPMD.NPathComplexity)
14 * @TODO: Refactor this class into smaller focused classes (LoggerInitializer, MiddlewareInitializer) to reduce complexity
15 */
16class Application extends \BO\Slim\Application
17{
18    public const IDENTIFIER = 'Zmscitizenapi';
19    public static string $source_name = 'dldb';
20    public static $http = null;
21    public static array $http_curl_config = [];
22    public static ?CacheInterface $cache = null;
23    // Cache config
24    public static string $CACHE_DIR;
25    public static int $SOURCE_CACHE_TTL;
26    public static bool $MAINTENANCE_MODE_ENABLED;
27    // Logger config
28
29    public static int $LOGGER_MAX_REQUESTS;
30    public static int $LOGGER_RESPONSE_LENGTH;
31    public static int $LOGGER_STACK_LINES;
32    public static int $LOGGER_MESSAGE_SIZE;
33    public static int $LOGGER_CACHE_TTL;
34    public static int $LOGGER_MAX_RETRIES;
35    public static int $LOGGER_BACKOFF_MIN;
36    public static int $LOGGER_BACKOFF_MAX;
37    public static int $LOGGER_LOCK_TIMEOUT;
38    // Captcha config
39    public static bool $CAPTCHA_ENABLED;
40    public static string $FRIENDLY_CAPTCHA_SECRET_KEY;
41    public static string $FRIENDLY_CAPTCHA_SITE_KEY;
42    public static string $FRIENDLY_CAPTCHA_ENDPOINT;
43    public static string $FRIENDLY_CAPTCHA_ENDPOINT_PUZZLE;
44    public static string $ALTCHA_CAPTCHA_SECRET_KEY;
45    public static string $ALTCHA_CAPTCHA_SITE_KEY;
46    public static string $ALTCHA_CAPTCHA_ENDPOINT;
47    public static string $ALTCHA_CAPTCHA_ENDPOINT_PUZZLE;
48    // Rate limiting config
49    public static int $RATE_LIMIT_MAX_REQUESTS;
50    public static int $RATE_LIMIT_CACHE_TTL;
51    public static int $RATE_LIMIT_MAX_RETRIES;
52    public static int $RATE_LIMIT_BACKOFF_MIN;
53    public static int $RATE_LIMIT_BACKOFF_MAX;
54    public static int $RATE_LIMIT_LOCK_TIMEOUT;
55    // Request limits config
56    public static int $MAX_REQUEST_SIZE;
57    public static int $MAX_STRING_LENGTH;
58    public static int $MAX_RECURSION_DEPTH;
59    // CSRF config
60    public static int $CSRF_TOKEN_LENGTH;
61    public static string $CSRF_SESSION_KEY;
62    // CORS config
63    public static string $CORS_ALLOWED_ORIGINS;
64    // IP Filter config
65    public static string $IP_BLACKLIST;
66
67    public static string $ACCESS_UNPUBLISHED_ON_DOMAIN;
68
69    public static function initialize(): void
70    {
71        self::initializeMaintenanceMode();
72        self::initializeLogger();
73        self::initializeCaptcha();
74        self::initializeCache();
75        self::initializeMiddleware();
76    }
77
78    private static function initializeMaintenanceMode(): void
79    {
80        self::$MAINTENANCE_MODE_ENABLED = filter_var(getenv('MAINTENANCE_ENABLED'), FILTER_VALIDATE_BOOLEAN);
81    }
82
83    /**
84     * @SuppressWarnings(PHPMD.NPathComplexity)
85     * @TODO: Extract logger initialization logic into a dedicated LoggerInitializer class
86     */
87    private static function initializeLogger(): void
88    {
89        self::$LOGGER_MAX_REQUESTS = (int) (getenv('LOGGER_MAX_REQUESTS') ?: 1000);
90        self::$LOGGER_RESPONSE_LENGTH = (int) (getenv('LOGGER_RESPONSE_LENGTH') ?: 1048576);
91        // 1MB
92        self::$LOGGER_STACK_LINES = (int) (getenv('LOGGER_STACK_LINES') ?: 20);
93        self::$LOGGER_MESSAGE_SIZE = (int) (getenv('LOGGER_MESSAGE_SIZE') ?: 8192);
94        // 8KB
95        self::$LOGGER_CACHE_TTL = (int) (getenv('LOGGER_CACHE_TTL') ?: 60);
96        self::$LOGGER_MAX_RETRIES = (int) (getenv('LOGGER_MAX_RETRIES') ?: 3);
97        self::$LOGGER_BACKOFF_MIN = (int) (getenv('LOGGER_BACKOFF_MIN') ?: 100);
98        self::$LOGGER_BACKOFF_MAX = (int) (getenv('LOGGER_BACKOFF_MAX') ?: 1000);
99        self::$LOGGER_LOCK_TIMEOUT = (int) (getenv('LOGGER_LOCK_TIMEOUT') ?: 5);
100    }
101
102    private static function initializeCaptcha(): void
103    {
104        self::$CAPTCHA_ENABLED = filter_var(getenv('CAPTCHA_ENABLED'), FILTER_VALIDATE_BOOLEAN);
105        self::$FRIENDLY_CAPTCHA_SECRET_KEY = getenv('FRIENDLY_CAPTCHA_SECRET_KEY') ?: '';
106        self::$FRIENDLY_CAPTCHA_SITE_KEY = getenv('FRIENDLY_CAPTCHA_SITE_KEY') ?: '';
107        self::$FRIENDLY_CAPTCHA_ENDPOINT = getenv('FRIENDLY_CAPTCHA_ENDPOINT')
108            ?: 'https://eu-api.friendlycaptcha.eu/api/v1/siteverify';
109        self::$FRIENDLY_CAPTCHA_ENDPOINT_PUZZLE = getenv('FRIENDLY_CAPTCHA_ENDPOINT_PUZZLE')
110            ?: 'https://eu-api.friendlycaptcha.eu/api/v1/puzzle';
111        self::$ALTCHA_CAPTCHA_SECRET_KEY = getenv('ALTCHA_CAPTCHA_SECRET_KEY') ?: '';
112        self::$ALTCHA_CAPTCHA_SITE_KEY = getenv('ALTCHA_CAPTCHA_SITE_KEY') ?: '';
113        self::$ALTCHA_CAPTCHA_ENDPOINT = getenv('ALTCHA_CAPTCHA_ENDPOINT')
114            ?: 'https://eu.altcha.org/form/';
115        self::$ALTCHA_CAPTCHA_ENDPOINT_PUZZLE = getenv('ALTCHA_CAPTCHA_ENDPOINT_PUZZLE')
116            ?: 'https://eu.altcha.org/';
117    }
118
119    private static function initializeCache(): void
120    {
121        self::$CACHE_DIR = getenv('CACHE_DIR') ?: __DIR__ . '/cache';
122        self::$SOURCE_CACHE_TTL = (int) (getenv('SOURCE_CACHE_TTL') ?: 3600);
123        self::validateCacheDirectory();
124        self::setupCache();
125    }
126
127    /**
128     * @SuppressWarnings(PHPMD.NPathComplexity)
129     * @TODO: Extract middleware initialization logic into a dedicated MiddlewareInitializer class
130     */
131    private static function initializeMiddleware(): void
132    {
133        // Rate limiting
134        self::$RATE_LIMIT_MAX_REQUESTS = (int) (getenv('RATE_LIMIT_MAX_REQUESTS') ?: 60);
135        self::$RATE_LIMIT_CACHE_TTL = (int) (getenv('RATE_LIMIT_CACHE_TTL') ?: 60);
136        self::$RATE_LIMIT_MAX_RETRIES = (int) (getenv('RATE_LIMIT_MAX_RETRIES') ?: 3);
137        self::$RATE_LIMIT_BACKOFF_MIN = (int) (getenv('RATE_LIMIT_BACKOFF_MIN') ?: 10);
138        self::$RATE_LIMIT_BACKOFF_MAX = (int) (getenv('RATE_LIMIT_BACKOFF_MAX') ?: 50);
139        self::$RATE_LIMIT_LOCK_TIMEOUT = (int) (getenv('RATE_LIMIT_LOCK_TIMEOUT') ?: 1);
140        // Request limits
141        self::$MAX_REQUEST_SIZE = (int) (getenv('MAX_REQUEST_SIZE') ?: 10485760);
142        // 10MB
143        self::$MAX_STRING_LENGTH = (int) (getenv('MAX_STRING_LENGTH') ?: 32768);
144        // 32KB
145        self::$MAX_RECURSION_DEPTH = (int) (getenv('MAX_RECURSION_DEPTH') ?: 10);
146        // CSRF
147        //self::$CSRF_TOKEN_LENGTH = (int) (getenv('CSRF_TOKEN_LENGTH') ?: 32);
148        //self::$CSRF_SESSION_KEY = getenv('CSRF_SESSION_KEY') ?: 'csrf_token';
149        // CORS
150        self::$CORS_ALLOWED_ORIGINS = getenv('CORS') ?: '';
151        // IP Filter
152        self::$IP_BLACKLIST = getenv('IP_BLACKLIST') ?: '';
153
154        self::$ACCESS_UNPUBLISHED_ON_DOMAIN = getenv('ACCESS_UNPUBLISHED_ON_DOMAIN') ?: '';
155    }
156
157    public static function reinitializeMiddlewareConfig(): void
158    {
159        self::initializeMiddleware();
160    }
161
162    private static function validateCacheDirectory(): void
163    {
164        if (!is_dir(self::$CACHE_DIR) && !mkdir(self::$CACHE_DIR, 0750, true)) {
165            throw new \RuntimeException(sprintf('Cache directory "%s" could not be created', self::$CACHE_DIR));
166        }
167
168        if (!is_writable(self::$CACHE_DIR)) {
169            throw new \RuntimeException(sprintf('Cache directory "%s" is not writable', self::$CACHE_DIR));
170        }
171    }
172
173    private static function setupCache(): void
174    {
175        $psr6 = new FilesystemAdapter(namespace: '', defaultLifetime: self::$SOURCE_CACHE_TTL, directory: self::$CACHE_DIR);
176        self::$cache = new Psr16Cache($psr6);
177    }
178
179    public static function getLoggerConfig(): array
180    {
181        return [
182            'maxRequests' => self::$LOGGER_MAX_REQUESTS,
183            'responseLength' => self::$LOGGER_RESPONSE_LENGTH,
184            'stackLines' => self::$LOGGER_STACK_LINES,
185            'messageSize' => self::$LOGGER_MESSAGE_SIZE,
186            'cacheTtl' => self::$LOGGER_CACHE_TTL,
187            'maxRetries' => self::$LOGGER_MAX_RETRIES,
188            'backoffMin' => self::$LOGGER_BACKOFF_MIN,
189            'backoffMax' => self::$LOGGER_BACKOFF_MAX,
190            'lockTimeout' => self::$LOGGER_LOCK_TIMEOUT
191        ];
192    }
193
194    public static function getRateLimit(): array
195    {
196        return [
197            'maxRequests' => self::$RATE_LIMIT_MAX_REQUESTS,
198            'cacheExpiry' => self::$RATE_LIMIT_CACHE_TTL,
199            'maxRetries' => self::$RATE_LIMIT_MAX_RETRIES,
200            'backoffMin' => self::$RATE_LIMIT_BACKOFF_MIN,
201            'backoffMax' => self::$RATE_LIMIT_BACKOFF_MAX,
202            'lockTimeout' => self::$RATE_LIMIT_LOCK_TIMEOUT
203        ];
204    }
205
206    public static function getRequestLimits(): array
207    {
208        return [
209            'maxSize' => self::$MAX_REQUEST_SIZE,
210            'maxStringLength' => self::$MAX_STRING_LENGTH,
211            'maxRecursionDepth' => self::$MAX_RECURSION_DEPTH
212        ];
213    }
214
215    public static function getCsrfConfig(): array
216    {
217        return [
218            'tokenLength' => self::$CSRF_TOKEN_LENGTH,
219            'sessionKey' => self::$CSRF_SESSION_KEY
220        ];
221    }
222
223    public static function getCorsAllowedOrigins(): array
224    {
225        return array_filter(explode(',', self::$CORS_ALLOWED_ORIGINS));
226    }
227
228    public static function getIpBlacklist(): string
229    {
230        return self::$IP_BLACKLIST ?: '';
231    }
232
233    public static function getAccessUnpublishedOnDomain(): ?string
234    {
235        return self::$ACCESS_UNPUBLISHED_ON_DOMAIN ?: null;
236    }
237}
238
239Application::initialize();