Code Coverage for /__w/eappointment/eappointment/zmscitizenapi/src/Zmscitizenapi/Application.php

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	97.22% covered (success)	97.22%	70 / 72	92.86% covered (success)	92.86%	13 / 14	CRAP	0.00% covered (danger)	0.00%	0 / 1
Application	97.22% covered (success)	97.22%	70 / 72	92.86% covered (success)	92.86%	13 / 14	47	0.00% covered (danger)	0.00%	0 / 1
initialize	100.00% covered (success)	100.00%	5 / 5	100.00% covered (success)	100.00%	1 / 1	1
initializeMaintenanceMode	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
initializeLogger	100.00% covered (success)	100.00%	9 / 9	100.00% covered (success)	100.00%	1 / 1	10
initializeCaptcha	100.00% covered (success)	100.00%	9 / 9	100.00% covered (success)	100.00%	1 / 1	7
initializeCache	100.00% covered (success)	100.00%	4 / 4	100.00% covered (success)	100.00%	1 / 1	3
initializeMiddleware	100.00% covered (success)	100.00%	11 / 11	100.00% covered (success)	100.00%	1 / 1	12
reinitializeMiddlewareConfig	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
validateCacheDirectory	50.00% covered (danger)	50.00%	2 / 4	0.00% covered (danger)	0.00%	0 / 1	6.00
setupCache	100.00% covered (success)	100.00%	2 / 2	100.00% covered (success)	100.00%	1 / 1	1
getLoggerConfig	100.00% covered (success)	100.00%	11 / 11	100.00% covered (success)	100.00%	1 / 1	1
getRateLimit	100.00% covered (success)	100.00%	8 / 8	100.00% covered (success)	100.00%	1 / 1	1
getRequestLimits	100.00% covered (success)	100.00%	5 / 5	100.00% covered (success)	100.00%	1 / 1	1
getIpBlacklist	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	2
getAccessUnpublishedOnDomain	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	2

1	<?php
2
3	declare(strict_types=1);
4
5	namespace BO\Zmscitizenapi;
6
7	use Psr\SimpleCache\CacheInterface;
8	use Symfony\Component\Cache\Adapter\FilesystemAdapter;
9	use Symfony\Component\Cache\Psr16Cache;
10
11	/**
12	* @SuppressWarnings(PHPMD.TooManyFields)
13	* @SuppressWarnings(PHPMD.NPathComplexity)
14	* @TODO: Refactor this class into smaller focused classes (LoggerInitializer, MiddlewareInitializer) to reduce complexity
15	*/
16	class Application extends \BO\Slim\Application
17	{
18	public const IDENTIFIER = 'zms';
19	public const MODULE_NAME = 'zmscitizenapi';
20	public static string $source_name = "dldb,zms";
21	public static $http = null;
22	public static array $http_curl_config = [];
23	public static ?CacheInterface $cache = null;
24	// Cache config
25	public static string $CACHE_DIR;
26	public static int $SOURCE_CACHE_TTL;
27	public static bool $MAINTENANCE_MODE_ENABLED;
28	// Logger config
29
30	public static int $LOGGER_MAX_REQUESTS;
31	public static int $LOGGER_RESPONSE_LENGTH;
32	public static int $LOGGER_STACK_LINES;
33	public static int $LOGGER_MESSAGE_SIZE;
34	public static int $LOGGER_CACHE_TTL;
35	public static int $LOGGER_MAX_RETRIES;
36	public static int $LOGGER_BACKOFF_MIN;
37	public static int $LOGGER_BACKOFF_MAX;
38	public static int $LOGGER_LOCK_TIMEOUT;
39	// Captcha config
40	public static bool $CAPTCHA_ENABLED;
41	public static string $CAPTCHA_TOKEN_SECRET;
42	public static int $CAPTCHA_TOKEN_TTL;
43	public static string $ALTCHA_CAPTCHA_SITE_KEY;
44	public static string $ALTCHA_CAPTCHA_SITE_SECRET;
45	public static string $ALTCHA_CAPTCHA_ENDPOINT_CHALLENGE;
46	public static string $ALTCHA_CAPTCHA_ENDPOINT_VERIFY;
47	// Rate limiting config
48	public static int $RATE_LIMIT_MAX_REQUESTS;
49	public static int $RATE_LIMIT_CACHE_TTL;
50	public static int $RATE_LIMIT_MAX_RETRIES;
51	public static int $RATE_LIMIT_BACKOFF_MIN;
52	public static int $RATE_LIMIT_BACKOFF_MAX;
53	public static int $RATE_LIMIT_LOCK_TIMEOUT;
54	// Request limits config
55	public static int $MAX_REQUEST_SIZE;
56	public static int $MAX_STRING_LENGTH;
57	public static int $MAX_RECURSION_DEPTH;
58	// IP Filter config
59	public static string $IP_BLACKLIST;
60
61	public static string $ACCESS_UNPUBLISHED_ON_DOMAIN;
62
63	public static function initialize(): void
64	{
65	self::initializeMaintenanceMode();
66	self::initializeLogger();
67	self::initializeCaptcha();
68	self::initializeCache();
69	self::initializeMiddleware();
70	}
71
72	private static function initializeMaintenanceMode(): void
73	{
74	self::$MAINTENANCE_MODE_ENABLED = filter_var(getenv('MAINTENANCE_ENABLED'), FILTER_VALIDATE_BOOLEAN);
75	}
76	/**
77	* @SuppressWarnings(PHPMD.NPathComplexity)
78	* @TODO: Extract logger initialization logic into a dedicated LoggerInitializer class
79	*/
80	private static function initializeLogger(): void
81	{
82	self::$LOGGER_MAX_REQUESTS = (int) (getenv('LOGGER_MAX_REQUESTS') ?: 1000);
83	self::$LOGGER_RESPONSE_LENGTH = (int) (getenv('LOGGER_RESPONSE_LENGTH') ?: 1048576);
84	// 1MB
85	self::$LOGGER_STACK_LINES = (int) (getenv('LOGGER_STACK_LINES') ?: 20);
86	self::$LOGGER_MESSAGE_SIZE = (int) (getenv('LOGGER_MESSAGE_SIZE') ?: 8192);
87	// 8KB
88	self::$LOGGER_CACHE_TTL = (int) (getenv('LOGGER_CACHE_TTL') ?: 60);
89	self::$LOGGER_MAX_RETRIES = (int) (getenv('LOGGER_MAX_RETRIES') ?: 3);
90	self::$LOGGER_BACKOFF_MIN = (int) (getenv('LOGGER_BACKOFF_MIN') ?: 100);
91	self::$LOGGER_BACKOFF_MAX = (int) (getenv('LOGGER_BACKOFF_MAX') ?: 1000);
92	self::$LOGGER_LOCK_TIMEOUT = (int) (getenv('LOGGER_LOCK_TIMEOUT') ?: 5);
93	}
94
95	private static function initializeCaptcha(): void
96	{
97	self::$CAPTCHA_ENABLED = filter_var(getenv('CAPTCHA_ENABLED'), FILTER_VALIDATE_BOOLEAN);
98	self::$CAPTCHA_TOKEN_SECRET = getenv('CAPTCHA_TOKEN_SECRET') ?: '';
99	self::$CAPTCHA_TOKEN_TTL = (int) getenv('CAPTCHA_TOKEN_TTL') ?: 300;
100	self::$ALTCHA_CAPTCHA_SITE_KEY = getenv('ALTCHA_CAPTCHA_SITE_KEY') ?: '';
101	self::$ALTCHA_CAPTCHA_SITE_SECRET = getenv('ALTCHA_CAPTCHA_SITE_SECRET') ?: '';
102	self::$ALTCHA_CAPTCHA_ENDPOINT_CHALLENGE = getenv('ALTCHA_CAPTCHA_ENDPOINT_CHALLENGE')
103	?: 'https://captcha.muenchen.de/api/v1/captcha/challenge';
104	self::$ALTCHA_CAPTCHA_ENDPOINT_VERIFY = getenv('ALTCHA_CAPTCHA_ENDPOINT_VERIFY')
105	?: 'https://captcha.muenchen.de/api/v1/captcha/verify';
106	}
107
108	private static function initializeCache(): void
109	{
110	self::$CACHE_DIR = getenv('CACHE_DIR') ?: __DIR__ . '/cache';
111	self::$SOURCE_CACHE_TTL = (int) (getenv('SOURCE_CACHE_TTL') ?: 3600);
112	self::validateCacheDirectory();
113	self::setupCache();
114	}
115
116	/**
117	* @SuppressWarnings(PHPMD.NPathComplexity)
118	* @TODO: Extract middleware initialization logic into a dedicated MiddlewareInitializer class
119	*/
120	private static function initializeMiddleware(): void
121	{
122	// Rate limiting
123	self::$RATE_LIMIT_MAX_REQUESTS = (int) (getenv('RATE_LIMIT_MAX_REQUESTS') ?: 60);
124	self::$RATE_LIMIT_CACHE_TTL = (int) (getenv('RATE_LIMIT_CACHE_TTL') ?: 60);
125	self::$RATE_LIMIT_MAX_RETRIES = (int) (getenv('RATE_LIMIT_MAX_RETRIES') ?: 3);
126	self::$RATE_LIMIT_BACKOFF_MIN = (int) (getenv('RATE_LIMIT_BACKOFF_MIN') ?: 10);
127	self::$RATE_LIMIT_BACKOFF_MAX = (int) (getenv('RATE_LIMIT_BACKOFF_MAX') ?: 50);
128	self::$RATE_LIMIT_LOCK_TIMEOUT = (int) (getenv('RATE_LIMIT_LOCK_TIMEOUT') ?: 1);
129	// Request limits
130	self::$MAX_REQUEST_SIZE = (int) (getenv('MAX_REQUEST_SIZE') ?: 10485760);
131	// 10MB
132	self::$MAX_STRING_LENGTH = (int) (getenv('MAX_STRING_LENGTH') ?: 32768);
133	// 32KB
134	self::$MAX_RECURSION_DEPTH = (int) (getenv('MAX_RECURSION_DEPTH') ?: 10);
135	// IP Filter
136	self::$IP_BLACKLIST = getenv('IP_BLACKLIST') ?: '';
137
138	self::$ACCESS_UNPUBLISHED_ON_DOMAIN = getenv('ACCESS_UNPUBLISHED_ON_DOMAIN') ?: '';
139	}
140
141	public static function reinitializeMiddlewareConfig(): void
142	{
143	self::initializeMiddleware();
144	}
145
146	private static function validateCacheDirectory(): void
147	{
148	if (!is_dir(self::$CACHE_DIR) && !mkdir(self::$CACHE_DIR, 0750, true)) {
149	throw new \RuntimeException(sprintf('Cache directory "%s" could not be created', self::$CACHE_DIR));
150	}
151
152	if (!is_writable(self::$CACHE_DIR)) {
153	throw new \RuntimeException(sprintf('Cache directory "%s" is not writable', self::$CACHE_DIR));
154	}
155	}
156
157	private static function setupCache(): void
158	{
159	$psr6 = new FilesystemAdapter(namespace: '', defaultLifetime: self::$SOURCE_CACHE_TTL, directory: self::$CACHE_DIR);
160	self::$cache = new Psr16Cache($psr6);
161	}
162
163	public static function getLoggerConfig(): array
164	{
165	return [
166	'maxRequests' => self::$LOGGER_MAX_REQUESTS,
167	'responseLength' => self::$LOGGER_RESPONSE_LENGTH,
168	'stackLines' => self::$LOGGER_STACK_LINES,
169	'messageSize' => self::$LOGGER_MESSAGE_SIZE,
170	'cacheTtl' => self::$LOGGER_CACHE_TTL,
171	'maxRetries' => self::$LOGGER_MAX_RETRIES,
172	'backoffMin' => self::$LOGGER_BACKOFF_MIN,
173	'backoffMax' => self::$LOGGER_BACKOFF_MAX,
174	'lockTimeout' => self::$LOGGER_LOCK_TIMEOUT
175	];
176	}
177
178	public static function getRateLimit(): array
179	{
180	return [
181	'maxRequests' => self::$RATE_LIMIT_MAX_REQUESTS,
182	'cacheExpiry' => self::$RATE_LIMIT_CACHE_TTL,
183	'maxRetries' => self::$RATE_LIMIT_MAX_RETRIES,
184	'backoffMin' => self::$RATE_LIMIT_BACKOFF_MIN,
185	'backoffMax' => self::$RATE_LIMIT_BACKOFF_MAX,
186	'lockTimeout' => self::$RATE_LIMIT_LOCK_TIMEOUT
187	];
188	}
189
190	public static function getRequestLimits(): array
191	{
192	return [
193	'maxSize' => self::$MAX_REQUEST_SIZE,
194	'maxStringLength' => self::$MAX_STRING_LENGTH,
195	'maxRecursionDepth' => self::$MAX_RECURSION_DEPTH
196	];
197	}
198
199	public static function getIpBlacklist(): string
200	{
201	return self::$IP_BLACKLIST ?: '';
202	}
203
204	public static function getAccessUnpublishedOnDomain(): ?string
205	{
206	return self::$ACCESS_UNPUBLISHED_ON_DOMAIN ?: null;
207	}
208	}
209
210	Application::initialize();