  * @copyright 2021 Double Bastion LLC <>
  * @author Double Bastion LLC
  * @license GNU AGPL version 3 or any later version
  * This program is free software; you can redistribute it and/or
  * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
  * License as published by the Free Software Foundation; either
  * version 3 of the License, or any later version.
  * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * You should have received a copy of the GNU Affero General Public
  * License along with this program.  If not, see <>.
 namespace OCA\SMSRelentless\Controller;
 use OCP\AppFramework\ApiController;
 use OCP\IRequest;
 use OCA\SMSRelentless\Service\SmsrelentlessService;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\AppFramework\OCSController;
 use OCP\IUserSession;
 use \DateTime;
 use OCP\AppFramework\Controller;
 use OCP\Files\IAppData;
 use OCP\AppFramework\App;
 use OCP\Files\NotPermittedException;
 use \ReflectionClass;
 use OCP\Notification;
 use OCP\Notification\INotification;
 use OCP\Notification\IManager;
 use OCP\Notification\IAction;
 use Plivo\RestClient;
 use Plivo\Util\signatureValidation;
 class AuthorApiController extends ApiController {
     private $service;
     private $userId;
     public function __construct($appName, IRequest $request, SmsrelentlessService $service, $userId) {
             'PUT, POST, GET, DELETE, PATCH',
             'Authorization, Content-Type, Accept',
         $this->service = $service;
         $this->userId = $userId;
      * @NoAdminRequired
     public function object_to_array($obj) {
        if(is_object($obj)) $obj = (array)$this->dismount($obj);
        if(is_array($obj)) {
           $new = array();
           foreach($obj as $key => $val) {
               $new[$key] = $this->object_to_array($val);
        else $new = $obj;
        return $new;
      * @NoAdminRequired
     public function dismount($object) {
        $reflectionClass = new ReflectionClass(get_class($object));
        $array = array();
        foreach ($reflectionClass->getProperties() as $property) {
           $array[$property->getName()] = $property->getValue($object);
        return $array;
      * @NoAdminRequired
     public function verifyHeader($receiveddata, $signature_header, $timestamp, $public_key = '', $tolerance = null ) {
         // Typecast timestamp to int for comparisons
         $timestamp = (int)$timestamp;
         // Check if timestamp is within tolerance
         if (($tolerance > 0) && (\abs(\time() - $timestamp) > $tolerance)) {
              return false;
         } else {
             // Convert base64 string to bytes for sodium crypto functions
             $public_key_bytes = base64_decode($public_key);
             $signature_header_bytes = base64_decode($signature_header);
             // Construct a message to test against the signature header using the timestamp and payload
             $constructed_string = $timestamp . '|' . $receiveddata;
             if (!\sodium_crypto_sign_verify_detached($signature_header_bytes, $constructed_string, $public_key_bytes)) {
                 return false;
             } else {
                 return true;
      * @NoAdminRequired
      * @NoCSRFRequired
      * @PublicPage
     public function recdeliveryreptel() {
        $request = file_get_contents("php://input");
        $recdata = json_decode($request, TRUE);
        $delsmswebhookurl = $recdata["data"]["payload"]["webhook_url"];
        $ncuserfortelnyxdel = $this->service->getuserbyteldelrwhurl($delsmswebhookurl);
        if ($ncuserfortelnyxdel != '' && $ncuserfortelnyxdel != null && $ncuserfortelnyxdel != 'undefined') {
 	       $messageid = $recdata["data"]["payload"]["id"];
 	       $network = $recdata["data"]["payload"]["to"][0]["carrier"];
 	       $messageprice = $recdata["data"]["payload"]["cost"]["amount"];
 	       $deliverystatus = $recdata["data"]["payload"]["to"][0]["status"];
 	       $goterrorinit = $recdata["data"]["payload"]["errors"];
 	       if (!empty($goterrorinit)) {
 		   $retrievedtitle = $recdata["data"]["payload"]["errors"][0]["title"];
 		   $retrievedcode = $recdata["data"]["payload"]["errors"][0]["code"];
 		   $messagestatus = "(Error " . $retrievedcode . ") " . $retrievedtitle;
 	       } else {
 		   $messagestatus = "Success ! The message has been successfully accepted for delivery.";
 	       return $this->service->updatedeliverystatustel($ncuserfortelnyxdel, $messageid, $network, $messageprice, $messagestatus, $deliverystatus); 
        } else { return "access denied"; }
      * @NoAdminRequired
      * @NoCSRFRequired
      * @PublicPage
     public function recdeliveryrepnex() {
        $receivedparamdr = $_REQUEST["plivodrparam"];
        $plivodrurl = $_SERVER['REQUEST_SCHEME'] . "://" . $_SERVER['HTTP_HOST'] . "/apps/sms_relentless/api/recdeliverynex?plivodrparam=" . $receivedparamdr;
        $ncuserforplivodel = $this->service->getuserbyplivodelrwhurl($plivodrurl);
        if ($ncuserforplivodel != '' && $ncuserforplivodel != null && $ncuserforplivodel != 'undefined') {
 	       $networkcode = "";
 	       $mStatus = ""; 
 	       if (isset($_REQUEST["MessageUUID"])) { $messageid = $_REQUEST["MessageUUID"]; }
 	       if (isset($_REQUEST["MCC"]) && isset($_REQUEST["MNC"])) { $networkcode = $_REQUEST["MCC"] . " " . $_REQUEST["MNC"]; }
 	       if (isset($_REQUEST["TotalAmount"])) { $messageprice = $_REQUEST["TotalAmount"]; }
 	       if (isset($_REQUEST["ErrorCode"]) && $_REQUEST["ErrorCode"] == "") { $mStatus = "Success ! The message has been successfully accepted for delivery."; } elseif (isset($_REQUEST["ErrorCode"]) && $_REQUEST["ErrorCode"] != "") { $mStatus = "Error " . $_REQUEST["ErrorCode"]; }
 	       if (isset($_REQUEST["Status"])) { $deliverystatus = $_REQUEST["Status"]; }
 	       return $this->service->updatedeliverystatusnex($ncuserforplivodel, $messageid, $networkcode, $messageprice, $mStatus, $deliverystatus);
        } else { return "access denied"; }
      * @NoAdminRequired
      * @NoCSRFRequired
      * @PublicPage
      public function receivesmstel() {
        $signature = $_SERVER['HTTP_TELNYX_SIGNATURE_ED25519'];
        $timestamp = $_SERVER['HTTP_TELNYX_TIMESTAMP'];
        $receivereq = file_get_contents('php://input');
        $recmesdata = json_decode($receivereq, TRUE);
        $recsmswebhookurl = $recmesdata["data"]["payload"]["webhook_url"];
        $ncuserfortelnyx = $this->service->getuserbytelrecwhurl($recsmswebhookurl);
        $credentials = $this->service->getapicredentials($ncuserfortelnyx);
        $telpubkey = $credentials[1];
        // Verify message signature
        $signatureverify = $this->verifyHeader($receivereq, $signature, $timestamp, $telpubkey, $tolerance = 30);
        if ($signatureverify) {
           if ($ncuserfortelnyx != '' && $ncuserfortelnyx != null && $ncuserfortelnyx != 'undefined') {
 	       $messagetext = $recmesdata["data"]["payload"]["text"];
 	       $messageid = $recmesdata["data"]["payload"]["id"];
 	       $messagedate = date("Y-m-d H:i:s");
 	       $messagefrom = $recmesdata["data"]["payload"]["from"]["phone_number"];
 	       $messageto = "Telnyx: " . $recmesdata["data"]["payload"]["to"][0]["phone_number"];
 	       $recmessagearr = [$messageid, $messagedate, $messagefrom, $messageto, $messagetext];
 	       $this->service->insertrecsms($ncuserfortelnyx, $recmessagearr);
 	       // Send notifications
 	       $nameofhost = exec("hostname");
 	       $telsmsapicred = $this->service->getapicredentials($ncuserfortelnyx);
 	       $telnotify = $telsmsapicred[12];
 	       $emailaddress = $telsmsapicred[13];
 	       $includemessageinemail = $telsmsapicred[14];
 	       if ($telnotify != 0 ) {
 		   $notifytel = exec("php ./occ notification:generate ".$ncuserfortelnyx." 'SMS Relentless has received a new SMS message !' -l 'You can read the new message by going to SMS Relentless and clicking on the Received SMS Messages button.'");
 	       if ($emailaddress != '') {
 		   $gmtind = "UTC " . date('P');
 		   $smsdateinit = date("Y-m-d  H:i:s");
 		   $smsdate = $smsdateinit . " " . $gmtind;
 		   $subject = "New SMS message received";
 		   if ($includemessageinemail == 0) {
 		       $message = "Hello, <br><br> You have received a new message on ".$smsdate." .<br> You can check the new message by going to 'SMS Relentless' > 'Received SMS Messages'. <br><br> Yours, <br> SMS Relentless <br> An SMS application for Nextcloud <br> Host: '".$nameofhost."' <br>";
 		   } else {
 		       $message = "Hello, <br><br> You have received a new message on ".$smsdate." :<br><br><br> Message ID: ".$messageid." <br> Message Date: ".$messagedate." <br> From: ".$messagefrom." <br> To: ".$messageto."<br> Message Text: <br><br><b>".$messagetext."</b><br><br>____________<br><br> Yours, <br> SMS Relentless <br> An SMS application for Nextcloud <br> Host: '".$nameofhost."' <br>";
 		   $headers = "MIME-Version: 1.0" . "\r\n";
 		   $headers .= "Content-type: text/html; charset=UTF-8" . "\r\n";
 		   // Set the email sender
 		   $headers .= "From: " . $emailaddress . "\r\n";
 		   $headers .= "Reply-To: " . $emailaddress . "\r\n";
 		   mail($emailaddress, $subject, $message, $headers);
 	       return http_response_code(200);
           } else { return "access denied"; }
        } else { return "access denied"; }
      * @NoAdminRequired
      * @NoCSRFRequired
      * @PublicPage
      public function receivesmsnex() {
        $plivosignature = $_SERVER['HTTP_X_PLIVO_SIGNATURE_V2'];
        $plivononce = $_SERVER["HTTP_X_PLIVO_SIGNATURE_V2_NONCE"];
        $receivedparam = $_REQUEST["plivorecparam"];
        $plivorecurl = $_SERVER['REQUEST_SCHEME'] . "://" . $_SERVER['HTTP_HOST'] . "/apps/sms_relentless/api/recsmsnex?plivorecparam=" . $receivedparam;
        $ncuserforplivo = $this->service->getuserbyplivorecwhurl($plivorecurl);
        $smsapicred = $this->service->getapicredentials($ncuserforplivo);
        $plivoauthtoken = $smsapicred[6];
        $baseplivoURI = $_SERVER['REQUEST_SCHEME'] . "://" . $_SERVER['HTTP_HOST'] . "/apps/sms_relentless/api/recsmsnex";    
        // Verify message signature
        $SigValidation = new signatureValidation();
        $signverify = $SigValidation->validateSignature($baseplivoURI, $plivononce, $plivosignature, $plivoauthtoken);
        if ($signverify) {
            if ($ncuserforplivo != '' && $ncuserforplivo != null && $ncuserforplivo != 'undefined') {
 	       $messageid = $_REQUEST["MessageUUID"];
 	       $messagedate = date("Y-m-d H:i:s");
 	       $messagefrom = "+" . $_REQUEST['From'];
 	       $messageto = "Plivo: +" . $_REQUEST['To'];
 	       $messagetext = $_REQUEST['Text'];
 	       $recmessagearr = [$messageid, $messagedate, $messagefrom, $messageto, $messagetext];
                $this->service->insertrecsms($ncuserforplivo, $recmessagearr);
 	       // Send notifications
 	       $nameofhost = exec("hostname");
 	       $nextnotify = $smsapicred[12];
 	       $emailaddress = $smsapicred[13];
 	       $includemessageinemail = $smsapicred[14];
 	       if ($nextnotify != 0 ) {
 		   $notifynext = exec("php ./occ notification:generate ".$ncuserforplivo." 'SMS Relentless has received a new SMS message !' -l 'You can read the new message by going to SMS Relentless and clicking on the Received SMS Messages button.'");
 	       if ($emailaddress != '') {
 		   $gmtind = "UTC " . date('P');
 		   $smsdateinit = date("Y-m-d  H:i:s");
 		   $smsdate = $smsdateinit . " " . $gmtind;
 		   $subject = "New SMS message received";
 		   if ($includemessageinemail == 0) {
 		       $message = "Hello, <br><br> You have received a new message on ".$smsdate." .<br> You can check the new message by going to 'SMS Relentless' > 'Received SMS Messages'. <br><br> Yours, <br> SMS Relentless <br> An SMS application for Nextcloud <br> Host: '".$nameofhost."' <br>";
 		   } else {
 		       $message = "Hello, <br><br> You have received a new message on ".$smsdate." :<br><br><br> Message ID: ".$messageid." <br> Message Date: ".$messagedate." <br> From: ".$messagefrom." <br> To: ".$messageto."<br> Message Text: <br><br><b>".$messagetext."</b><br><br>____________<br><br> Yours, <br> SMS Relentless <br> An SMS application for Nextcloud <br> Host: '".$nameofhost."' <br>";
 		   $headers = "MIME-Version: 1.0" . "\r\n";
 		   $headers .= "Content-type: text/html; charset=UTF-8" . "\r\n";
 		   // Set the email sender
 		   $headers .= "From: " . $emailaddress . "\r\n";
 		   $headers .= "Reply-To: " . $emailaddress . "\r\n";
 		   mail($emailaddress, $subject, $message, $headers);
 	       return http_response_code(200);
            } else { return "access denied"; }
        } else { return "access denied"; }