Commit bc89b21d authored by Jean-Laurent DUZANT's avatar Jean-Laurent DUZANT
Browse files

FEAT #20175 TIME 2:30 add meta sign controller, to fetch config, init metesign...

FEAT #20175 TIME 2:30 add meta sign controller, to fetch config, init metesign and document signature
parent 3e5c836a
<?php
/**
* Copyright Maarch since 2022 under license.
* See LICENSE.txt file at the root folder for more details.
* This file is part of Maarch software.
*
*/
/**
* @brief MetaSign Signature Controller
* @author dev@maarch.org
*/
namespace Document\controllers;
use Docserver\controllers\DocserverController;
use Docserver\models\AdrModel;
use Docserver\models\DocserverModel;
use Document\models\DocumentModel;
use SrcCore\models\CoreConfigModel;
use SrcCore\models\CurlModel;
use User\models\UserModel;
use Workflow\models\WorkflowModel;
use SrcCore\models\ValidatorModel;
class MetaSignSignatureController
{
/**
* @description Get config for Metasign signature
* @return false|config
*/
private static function getConfig()
{
$loadedXml = CoreConfigModel::getConfig();
if ($loadedXml->metaSignSignature->enable == 'true') {
$config = [
'url' => (string)$loadedXml->metaSignSignature->url,
'port' => (string)$loadedXml->metaSignSignature->port,
'instance' => (string)$loadedXml->metaSignSignature->instance,
'certPath' => (string)$loadedXml->metaSignSignature->certPath,
'certPass' => (string)$loadedXml->metaSignSignature->certPass,
'certType' => (string)$loadedXml->metaSignSignature->certType,
'metaSign' => [
'inDelegationOf' => (string)$loadedXml->metaSignSignature->metaSign->inDelegationOf,
'secret' => [
"password" => (string)$loadedXml->metaSignSignature->metaSign->secret->password,
"type" => (string)$loadedXml->metaSignSignature->metaSign->secret->type
],
'signatureKeyId' => (string)$loadedXml->metaSignSignature->metaSign->signatureKeyId,
'signatureProfile' => [
'profile' => [
'signaturePolicyOid' => (string)$loadedXml->metaSignSignature->metaSign->signatureProfile->signatureProfile->profile->signaturePolicyOid,
'attachment' => (string)$loadedXml->metaSignSignature->metaSign->signatureProfile->signatureProfile->profile->attachment,
'format' => (string)$loadedXml->metaSignSignature->metaSign->signatureProfile->signatureProfile->profile->format,
'augmentationLevel' => (string)$loadedXml->metaSignSignature->metaSign->signatureProfile->signatureProfile->profile->augmentationLevel,
'signatureAlgoId' => (string)$loadedXml->metaSignSignature->metaSign->signatureProfile->signatureProfile->profile->signatureAlgoId,
'archive' => (string)$loadedXml->metaSignSignature->metaSign->signatureProfile->signatureProfile->profile->archive,
'requireSigningTime' => (string)$loadedXml->metaSignSignature->metaSign->signatureProfile->signatureProfile->profile->requireSigningTime,
]
]
]
];
return $config;
} else {
return false;
}
}
/**
* @description Check if the user/certificate can sign documents
* @return array|true errors|true
*/
public static function init()
{
$config = MetaSignSignatureController::getConfig();
if(empty($config)) {
return ['code' => 400, 'errors' => "MetaSgin configuration not found!"];
}
$curlResponse = CurlModel::exec([
'url' => $config['url'] . (empty($config['port']) ? '' : ":{$config['port']}") . "/servlets/{$config['instance']}/com.bull.security.signserver.rest/signserver/info",
'method' => 'GET',
'headers' => ['content-type:application/json', 'Accept: application/json'],
'options' => [
CURLOPT_SSLCERT => $config['certPath'],
CURLOPT_SSLCERTPASSWD => $config['certPass'],
CURLOPT_SSLCERTTYPE => $config['certType']
]
]);
if ($curlResponse['code'] != 200) {
return ['code' => $curlResponse['code'], 'errors' => $curlResponse['errors']];
}
if (!empty($curlResponse['response']['methods']) && in_array("sigOps/signDoc", $curlResponse['response']['methods'])) {
return true;
} else {
return ['code' => 405, 'errors' => "L'utilisateur n'a pas accès au méthode permet de générer une signature pour un document sur MetaSign"];
}
}
/**
* @description Sign document
* @param array
* @return array
*/
private static function signDocument(array $args)
{
ValidatorModel::notEmpty($args, ['decodedDocument', 'config']);
ValidatorModel::stringType($args, ['decodedDocument']);
ValidatorModel::arrayType($args, ['config']);
$curlResponse = CurlModel::exec([
'url' => $args['config']['url'] . (empty($args['config']['port']) ? '' : ":{$args['config']['port']}") . "/servlets/{$args['config']['instance']}/com.bull.security.signserver.rest/signserver/sigOps/signDoc",
'method' => 'POST',
'headers' => ['content-type:application/json', 'Accept: application/json'],
'options' => [
CURLOPT_SSLCERT => $args['config']['certPath'],
CURLOPT_SSLCERTPASSWD => $args['config']['certPass'],
CURLOPT_SSLCERTTYPE => $args['config']['certType']
],
'body' => json_encode([
"inDelegationOf" => $args['config']['metaSign']['inDelegationOf'],
"secret" => [
"password" => $args['config']['metaSign']['secret']['password'],
"type" => $args['config']['metaSign']['secret']['type']
],
"signatureKeyId" => $args['config']['metaSign']['signatureKeyId'],
"signatureProfile" => [
"profile" => [
"signaturePolicyOid" => $args['config']['metaSign']['signatureProfile']['signaturePolicyOid'],
"attachment" => $args['config']['metaSign']['signatureProfile']['attachment'],
"format" => $args['config']['metaSign']['signatureProfile']['format'],
"augmentationLevel" => $args['config']['metaSign']['signatureProfile']['augmentationLevel'],
"signatureAlgoId" => $args['config']['metaSign']['signatureProfile']['signatureAlgoId'],
"archive" => $args['config']['metaSign']['signatureProfile']['archive'],
"requireSigningTime" => $args['config']['metaSign']['signatureProfile']['requireSigningTime']
]
],
"document" => [
"docContent" => $args['decodedDocument'],
"mimeType" => "application/pdf"
]
])
]);
if ($curlResponse['code'] != 200) {
return ['code' => $curlResponse['code'], 'errors' => $curlResponse['response']['errorInfo'] ?? $curlResponse['errors']];
}
return ['encodedDocument' => $curlResponse['signatureContent']['bytes']];
}
/**
* @description test MetaSign document signature
*/
public static function createTransaction(array $args)
{
ValidatorModel::notEmpty($args, ['documentId', 'workflow', 'encodedDocument']);
ValidatorModel::intType($args, ['documentId']);
ValidatorModel::arrayType($args, ['workflow']);
ValidatorModel::stringType($args, ['encodedDocument']);
$config = MetaSignSignatureController::getConfig();
if(empty($config)) {
return ['code' => 400, 'errors' => "MetaSgin configuration not found!"];
}
$resultSignature = MetaSignSignatureController::signDocument(['config' => $config, 'decodedDocument' => base64_decode($args['encodedDocument'])]);
if (!empty($resultSignature['errors'])) {
return ['code' => $resultSignature['code'], 'errors' => $resultSignature['errors']];
}
$storeInfos = DocserverController::storeResourceOnDocServer([
'encodedFile' => $resultSignature['encodedDocument'],
'format' => 'pdf',
'docserverType' => 'ESIGN'
]);
if (!empty($storeInfos['errors'])) {
return ['code' => 400,'errors' => $storeInfos['errors']];
}
AdrModel::createDocumentAdr([
'documentId' => $args['documentId'],
'type' => 'ESIGN',
'path' => $storeInfos['path'],
'filename' => $storeInfos['filename'],
'fingerprint' => $storeInfos['fingerprint']
]);
return true;
}
}
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment