<?php
/**
 * @copyright 2021 Double Bastion LLC <www.doublebastion.com>
 *
 * @author Double Bastion LLC
 *
 * @license GNU AGPL version 3 or any later version
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
 * License as published by the Free Software Foundation; either
 * version 3 of the License, or any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
 *
 * You should have received a copy of the GNU Affero General Public
 * License along with this program.  If not, see <http://www.gnu.org/licenses/>.
 *
 */

declare(strict_types=1);

namespace OCA\SMSRelentless\Controller;

use OCP\AppFramework\ApiController;
use OCP\IRequest;
use OCA\SMSRelentless\Service\SmsrelentlessService;
use OCP\AppFramework\Http\DataResponse;
use OCP\AppFramework\OCSController;
use OCP\IUserSession;
use \DateTime;
use OCP\AppFramework\Controller;
use OCP\Files\IAppData;
use OCP\AppFramework\App;
use OCP\Files\NotPermittedException;
use \ReflectionClass;
use OCP\Notification;
use OCP\Notification\INotification;
use OCP\Notification\IManager;
use OCP\Notification\IAction;
use Plivo\RestClient;
use Plivo\Util\signatureValidation;


class AuthorApiController extends ApiController {

    private $service;
    private $userId;

    public function __construct($appName, IRequest $request, SmsrelentlessService $service, $userId) {
        parent::__construct(
            $appName,
            $request,
            'PUT, POST, GET, DELETE, PATCH',
            'Authorization, Content-Type, Accept',
            1728000);

        $this->service = $service;
        $this->userId = $userId;
    }


    /**
     * @NoAdminRequired
     */
    public function object_to_array($obj) {
       if(is_object($obj)) $obj = (array)$this->dismount($obj);
       if(is_array($obj)) {
          $new = array();
          foreach($obj as $key => $val) {
              $new[$key] = $this->object_to_array($val);
          }
       }
       else $new = $obj;
       return $new;
    }


    /**
     * @NoAdminRequired
     */
    public function dismount($object) {
       $reflectionClass = new ReflectionClass(get_class($object));
       $array = array();
       foreach ($reflectionClass->getProperties() as $property) {
          $property->setAccessible(true);
          $array[$property->getName()] = $property->getValue($object);
          $property->setAccessible(false);
       }
       return $array;
    }


    /**
     * @NoAdminRequired
     */
    public function verifyHeader($receiveddata, $signature_header, $timestamp, $public_key = '', $tolerance = null ) {
        // Typecast timestamp to int for comparisons
        $timestamp = (int)$timestamp;

        // Check if timestamp is within tolerance
        if (($tolerance > 0) && (\abs(\time() - $timestamp) > $tolerance)) {
             return false;
        } else {

            // Convert base64 string to bytes for sodium crypto functions
            $public_key_bytes = base64_decode($public_key);
            $signature_header_bytes = base64_decode($signature_header);

            // Construct a message to test against the signature header using the timestamp and payload
            $constructed_string = $timestamp . '|' . $receiveddata;

            if (!\sodium_crypto_sign_verify_detached($signature_header_bytes, $constructed_string, $public_key_bytes)) {
                return false;
            } else {
                return true;
            }
        }
    }


    /**
     * @NoAdminRequired
     * @NoCSRFRequired
     * @PublicPage
     */
    public function recdeliveryreptel() {

       $request = file_get_contents("php://input");
       $recdata = json_decode($request, TRUE);

       $delsmswebhookurl = $recdata["data"]["payload"]["webhook_url"];
       $ncuserfortelnyxdel = $this->service->getuserbyteldelrwhurl($delsmswebhookurl);

       if ($ncuserfortelnyxdel != '' && $ncuserfortelnyxdel != null && $ncuserfortelnyxdel != 'undefined') {

	       $messageid = $recdata["data"]["payload"]["id"];

	       $network = $recdata["data"]["payload"]["to"][0]["carrier"];
	       $messageprice = $recdata["data"]["payload"]["cost"]["amount"];
	       $deliverystatus = $recdata["data"]["payload"]["to"][0]["status"];

	       $goterrorinit = $recdata["data"]["payload"]["errors"];

	       if (!empty($goterrorinit)) {
		   $retrievedtitle = $recdata["data"]["payload"]["errors"][0]["title"];
		   $retrievedcode = $recdata["data"]["payload"]["errors"][0]["code"];
		   $messagestatus = "(Error " . $retrievedcode . ") " . $retrievedtitle;
	       } else {
		   $messagestatus = "Success ! The message has been successfully accepted for delivery.";
	       }

	       return $this->service->updatedeliverystatustel($ncuserfortelnyxdel, $messageid, $network, $messageprice, $messagestatus, $deliverystatus); 

       } else { return "access denied"; }

    }


    /**
     * @NoAdminRequired
     * @NoCSRFRequired
     * @PublicPage
     */
    public function recdeliveryrepnex() {

       $plivodrurl = $_SERVER['REQUEST_SCHEME'] . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];

       $ncuserforplivodel = $this->service->getuserbyplivodelrwhurl($plivodrurl);

       if ($ncuserforplivodel != '' && $ncuserforplivodel != null && $ncuserforplivodel != 'undefined') {
	       $networkcode = "";
	       $mStatus = ""; 
	       if (isset($_REQUEST["MessageUUID"])) { $messageid = $_REQUEST["MessageUUID"]; }
	       if (isset($_REQUEST["MCC"]) && isset($_REQUEST["MNC"])) { $networkcode = $_REQUEST["MCC"] . " " . $_REQUEST["MNC"]; }
	       if (isset($_REQUEST["TotalAmount"])) { $messageprice = $_REQUEST["TotalAmount"]; }
	       if (isset($_REQUEST["ErrorCode"]) && $_REQUEST["ErrorCode"] == "") {
                   $mStatus = "Success ! The message has been successfully accepted for delivery.";
               } elseif (isset($_REQUEST["ErrorCode"]) && $_REQUEST["ErrorCode"] != "") { $mStatus = "Error " . $_REQUEST["ErrorCode"]; }
	       if (isset($_REQUEST["Status"])) { $deliverystatus = $_REQUEST["Status"]; }

	       return $this->service->updatedeliverystatusnex($ncuserforplivodel, $messageid, $networkcode, $messageprice, $mStatus, $deliverystatus);
       } else { return "access denied"; }

    }


    /**
     * @NoAdminRequired
     * @NoCSRFRequired
     * @PublicPage
     */
     public function receivesmstel() {

       $signature = $_SERVER['HTTP_TELNYX_SIGNATURE_ED25519'];
       $timestamp = $_SERVER['HTTP_TELNYX_TIMESTAMP'];

       $receivereq = file_get_contents('php://input');

       $recmesdata = json_decode($receivereq, TRUE);

       $recsmswebhookurl = $recmesdata["data"]["payload"]["webhook_url"];

       $ncuserfortelnyx = $this->service->getuserbytelrecwhurl($recsmswebhookurl);

       $credentials = $this->service->getapicredentials($ncuserfortelnyx);

       $telpubkey = $credentials[1];

       // Verify message signature
       $signatureverify = $this->verifyHeader($receivereq, $signature, $timestamp, $telpubkey, $tolerance = 30);

       if ($signatureverify) {

          if ($ncuserfortelnyx != '' && $ncuserfortelnyx != null && $ncuserfortelnyx != 'undefined') {

	       $messagetext = $recmesdata["data"]["payload"]["text"];

	       $messageid = $recmesdata["data"]["payload"]["id"];

	       $messagedate = date("Y-m-d H:i:s");

	       $messagefrom = $recmesdata["data"]["payload"]["from"]["phone_number"];

	       $messageto = "Telnyx: " . $recmesdata["data"]["payload"]["to"][0]["phone_number"];

	       $recmessagearr = [$messageid, $messagedate, $messagefrom, $messageto, $messagetext];

	       $this->service->insertrecsms($ncuserfortelnyx, $recmessagearr);

	       // Send notifications
	       $nameofhost = exec("hostname");

	       $telsmsapicred = $this->service->getapicredentials($ncuserfortelnyx);
	       $telnotify = $telsmsapicred[12];
	       $emailaddress = $telsmsapicred[13];
	       $includemessageinemail = $telsmsapicred[14];

	       if ($telnotify != 0 ) {
		   $notifytel = exec("php ./occ notification:generate ".$ncuserfortelnyx." 'SMS Relentless has received a new SMS message !' -l 'You can read the new message by going to SMS Relentless and clicking on the Received SMS Messages button.'");

	       }

	       if ($emailaddress != '') {

		   $gmtind = "UTC " . date('P');
		   $smsdateinit = date("Y-m-d  H:i:s");
		   $smsdate = $smsdateinit . " " . $gmtind;

		   $subject = "New SMS message received";

		   if ($includemessageinemail == 0) {
		       $message = "Hello, <br><br> You have received a new message on ".$smsdate." .<br> You can check the new message by going to 'SMS Relentless' > 'Received SMS Messages'. <br><br> Yours, <br> SMS Relentless <br> An SMS application for Nextcloud <br> Host: '".$nameofhost."' <br>";
		   } else {
		       $message = "Hello, <br><br> You have received a new message on ".$smsdate." :<br><br><br> Message ID: ".$messageid." <br> Message Date: ".$messagedate." <br> From: ".$messagefrom." <br> To: ".$messageto."<br> Message Text: <br><br><b>".$messagetext."</b><br><br>____________<br><br> Yours, <br> SMS Relentless <br> An SMS application for Nextcloud <br> Host: '".$nameofhost."' <br>";
		   }

		   $headers = "MIME-Version: 1.0" . "\r\n";
		   $headers .= "Content-type: text/html; charset=UTF-8" . "\r\n";

		   // Set the email sender
		   $headers .= "From: " . $emailaddress . "\r\n";
		   $headers .= "Reply-To: " . $emailaddress . "\r\n";

		   mail($emailaddress, $subject, $message, $headers);
	       }

	       return http_response_code(200);

          } else { return "access denied"; }

       } else { return "access denied"; }
     }


    /**
     * @NoAdminRequired
     * @NoCSRFRequired
     * @PublicPage
     */
     public function receivesmsnex() {

       $plivosignature = $_SERVER['HTTP_X_PLIVO_SIGNATURE_V2'];
       $plivononce = $_SERVER["HTTP_X_PLIVO_SIGNATURE_V2_NONCE"];

       $plivorecurl = $_SERVER['REQUEST_SCHEME'] . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];

       $ncuserforplivo = $this->service->getuserbyplivorecwhurl($plivorecurl);

       $smsapicred = $this->service->getapicredentials($ncuserforplivo);

       $plivoauthtoken = $smsapicred[6];

       $baseplivourlinit = explode("?", $plivorecurl);   
       $baseplivoURI = $baseplivourlinit[0];

       // Verify message signature
       $SigValidation = new signatureValidation();
       $signverify = $SigValidation->validateSignature($baseplivoURI, $plivononce, $plivosignature, $plivoauthtoken);

       if ($signverify) {

           if ($ncuserforplivo != '' && $ncuserforplivo != null && $ncuserforplivo != 'undefined') {

	       $messageid = $_REQUEST["MessageUUID"];

	       $messagedate = date("Y-m-d H:i:s");

	       $messagefrom = "+" . $_REQUEST['From'];
	       $messageto = "Plivo: +" . $_REQUEST['To'];

	       $messagetext = $_REQUEST['Text'];

	       $recmessagearr = [$messageid, $messagedate, $messagefrom, $messageto, $messagetext];

               $this->service->insertrecsms($ncuserforplivo, $recmessagearr);

	       // Send notifications
	       $nameofhost = exec("hostname");

	       $nextnotify = $smsapicred[12];
	       $emailaddress = $smsapicred[13];
	       $includemessageinemail = $smsapicred[14];

	       if ($nextnotify != 0 ) {
		   $notifynext = exec("php ./occ notification:generate ".$ncuserforplivo." 'SMS Relentless has received a new SMS message !' -l 'You can read the new message by going to SMS Relentless and clicking on the Received SMS Messages button.'");
	       }

	       if ($emailaddress != '') {

		   $gmtind = "UTC " . date('P');
		   $smsdateinit = date("Y-m-d  H:i:s");
		   $smsdate = $smsdateinit . " " . $gmtind;

		   $subject = "New SMS message received";

		   if ($includemessageinemail == 0) {
		       $message = "Hello, <br><br> You have received a new message on ".$smsdate." .<br> You can check the new message by going to 'SMS Relentless' > 'Received SMS Messages'. <br><br> Yours, <br> SMS Relentless <br> An SMS application for Nextcloud <br> Host: '".$nameofhost."' <br>";
		   } else {
		       $message = "Hello, <br><br> You have received a new message on ".$smsdate." :<br><br><br> Message ID: ".$messageid." <br> Message Date: ".$messagedate." <br> From: ".$messagefrom." <br> To: ".$messageto."<br> Message Text: <br><br><b>".$messagetext."</b><br><br>____________<br><br> Yours, <br> SMS Relentless <br> An SMS application for Nextcloud <br> Host: '".$nameofhost."' <br>";
		   }

		   $headers = "MIME-Version: 1.0" . "\r\n";
		   $headers .= "Content-type: text/html; charset=UTF-8" . "\r\n";

		   // Set the email sender
		   $headers .= "From: " . $emailaddress . "\r\n";
		   $headers .= "Reply-To: " . $emailaddress . "\r\n";

		   mail($emailaddress, $subject, $message, $headers);
	       }

	       return http_response_code(200);

           } else { return "access denied"; }

       } else { return "access denied"; }
     }
}