<?php

/**Third Party Modules Go Here **/

/**Third Party Modules Go Here **/
require_once('/usr/share/php/RealTimeFetcher.php');
require_once('/usr/share/php/api_conf.php');
require_once('/usr/share/php/AstMan.php');
require_once('/usr/share/php/AstMan2.php');
require_once('/usr/share/php/WsApi.php');
require_once('/usr/share/php/AriApi.php');

require_once('/usr/share/php/ApiData.php');
require_once('/usr/share/php/ApiController.php');

require_once('/usr/share/php/CustomersData.php');
require_once('/usr/share/php/CustomersController.php');

require_once('/usr/share/php/NumbersData.php');
require_once('/usr/share/php/NumbersController.php');

require_once('/usr/share/php/CustSiteData.php');
require_once('/usr/share/php/CustSiteController.php');

require_once('/usr/share/php/PkgSubActData.php');
require_once('/usr/share/php/PkgSubActController.php');

require_once('/usr/share/php/ServicesData.php');
require_once('/usr/share/php/ServicesController.php');

require_once('/usr/share/php/DevModelData.php');
require_once('/usr/share/php/DevModelController.php');

require_once('/usr/share/php/SvcPackageController.php');
require_once('/usr/share/php/SvcPackageData.php');

require_once('/usr/share/php/CustServiceData.php');
require_once('/usr/share/php/CustServiceController.php');

require_once('/usr/share/php/ServiceMapData.php');
require_once('/usr/share/php/ServiceMapController.php');

require_once('/usr/share/php/DeviceData.php');
require_once('/usr/share/php/DeviceController.php');

require_once('/usr/share/php/ExtDeviceData.php');
require_once('/usr/share/php/ExtDeviceController.php');

require_once('/usr/share/php/CustExtensionData.php');
require_once('/usr/share/php/CustExtensionController.php');

require_once('/usr/share/php/ActivityData.php');
require_once('/usr/share/php/ActivityController.php');

require_once('/usr/share/php/OnboardData.php');
require_once('/usr/share/php/OnboardController.php');

require_once('/usr/share/php/AudioData.php');
require_once('/usr/share/php/AudioController.php');

require_once('/usr/share/php/IvrData.php');
require_once('/usr/share/php/IvrController.php');

require_once('/usr/share/php/VoiceBcastData.php');
require_once('/usr/share/php/VoiceBcastController.php');

require_once('/usr/share/php/CallDistData.php');
require_once('/usr/share/php/CallDistController.php');

require_once('/usr/share/php/VoicemailData.php');
require_once('/usr/share/php/VoicemailController.php');

require_once('/usr/share/php/ConfBridgeData.php');
require_once('/usr/share/php/ConfBridgeController.php');

require_once('/usr/share/php/ConfMapData.php');
require_once('/usr/share/php/ConfMapController.php');

require_once('/usr/share/php/QueueData.php');
require_once('/usr/share/php/QueueController.php');

require_once('/usr/share/php/LangData.php');
require_once('/usr/share/php/LangController.php');

require_once('/usr/share/php/RequestData.php');
require_once('/usr/share/php/RequestController.php');

require_once('/usr/share/php/ReportData.php');
require_once('/usr/share/php/ReportController.php');

require_once('/usr/share/php/ContactsData.php');
require_once('/usr/share/php/ContactsController.php');

require_once('/usr/share/php/ResReportData.php');
require_once('/usr/share/php/ResReportController.php');

require_once('/usr/share/php/TagReportData.php');
require_once('/usr/share/php/TagReportController.php');

require_once('/usr/share/php/NewIvrData.php');
require_once('/usr/share/php/NewIvrController.php');

require_once('/usr/share/php/ResellerData.php');
require_once('/usr/share/php/ResellerController.php');

require_once('/usr/share/php/CallData.php');
require_once('/usr/share/php/CallController.php');

require_once('/usr/share/php/TicketData.php');
require_once('/usr/share/php/TicketController.php');

require_once('/usr/share/php/RealtimeReportData.php');
require_once('/usr/share/php/RealtimeReportController.php');

require_once('/usr/share/php/QueueMemberData.php');
require_once('/usr/share/php/QueueMemberController.php');

require_once('/usr/share/php/SurveyData.php');
require_once('/usr/share/php/SurveyController.php');

require_once('/usr/share/php/MohData.php');
require_once('/usr/share/php/MohController.php');

require_once('/usr/share/php/NewReportData.php');
require_once('/usr/share/php/NewReportController.php');

header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Credentials: true");
header("Content-Type: application/json; charset=UTF-8");
header("Access-Control-Allow-Methods: OPTIONS,GET,POST,PATCH,PUT,DELETE");
header("Access-Control-Max-Age: 3600");
header("Access-Control-Expose-Headers: *");
header("Access-Control-Allow-Headers: *");

file_put_contents("/var/www/pbx/log/xapi.log", "entry point reached \n", FILE_APPEND);
$authorized = false;
/*if (isset($_SERVER['HTTP_X_API_KEY'])) {
	if (in_array($_SERVER['HTTP_X_API_KEY'], $_valid_api_keys)) $authorized = true;
}*/


/*
$auth_res = check_auth();
//*** Faking login

if (!$auth_res['is_token_valid']) {
        header('HTTP/1.1 401 Unauthorized');
        exit();
}
$created_by = $auth_res['created_by'];
$scope_roles = $auth_res['roles'];
$auth_data = [
	'created_by' => $created_by, 
	'scope_roles' => $scope_roles
];

//**** End faking
 */
$requestUri = $_SERVER['REQUEST_URI'];
$uriParts = parse_url($requestUri);

$path = isset($uriParts['path']) ? $uriParts['path'] : '';
$path = preg_replace('~^/api/v1/~', '', $path);
$parts = explode('/', trim($path, '/'));

$notFound = false;
if (isset($parts[0])) {
	$item = strtolower($parts[0]);
	if(is_numeric($parts[0])){
		file_put_contents("/var/www/pbx/log/xapi.log", "Contacts fetch and sync inner \n", FILE_APPEND);
		$item = "contact";
	}
	$param1 = isset($parts[1])?$parts[1]:null;
	$param2 = isset($parts[2])?$parts[2]:null;
	$param3 = isset($parts[3])?$parts[3]:null;
	$param4 = isset($parts[4])?$parts[4]:null;
	//if (!in_array($item, array('cust', 'number'))) $notFound = true;
} else $notFound = true;

if ($notFound) {
	header("HTTP/1.1 404 Not Found ");
	exit();
}

$requestMethod = $_SERVER["REQUEST_METHOD"];
if ($requestMethod == 'OPTIONS') {
	header("Access-Control-Allow-Methods: GET, POST,PUT, PATCH, DELETE, OPTIONS");
	header("Access-Control-Allow-Headers: X-API-KEY, Authorization, authorization, Content-Type,Accept, Origin");
        exit(0);	
}	
$_qstr_sfx = "";
if ($requestMethod == 'GET') {
	if (isset($_GET['sortby'])) {
		$sort_field = $_GET['sortby'];
		if (preg_match('/^[a-z0-9\_]*$/',$sort_field)) {
			$order = "ASC";
			if (isset($_GET['order']) and strtoupper($_GET['order']) == 'DESC') {
				$order = "DESC";
			}
			$_qstr_sfx .= " ORDER BY $sort_field $order";
		}
	}
	if (isset($_GET['psize'])) {
		$psize = $_GET['psize'];
		if (preg_match('/^[1-9][0-9]*$/', $psize)) {
			$offset = 0;
			if (isset($_GET['pnum'])) {
				$pnum = $_GET['pnum'];
				if (preg_match('/^[1-9][0-9]*$/', $pnum)) {
					$offset = $psize * ($pnum-1);
				}
			}
			$_qstr_sfx .= " LIMIT $psize OFFSET $offset";
		}
	}
}
//*************************Check Auth Begin****************************				
$unauth_resp = [						    //*
		'is_token_valid' => false,			    //*
		'created_by' => null,				    //*
		'roles' => false,				    //*
	];							    //*
$auth_res = check_auth($_valid_api_keys, $unauth_resp);		    //*
if (!$auth_res['is_token_valid']) {				    //*
        header('HTTP/1.1 401 Unauthorized');			    //*
        exit();						  	    //*
}								    //*
$created_by = $auth_res['created_by'];				    //*
$scope_roles = $auth_res['roles'];				    //*
$auth_data = [							    //*
        'created_by' => $created_by,				    //*	
        'scope_roles' => $scope_roles				    //* 	
];								    //*
//*************************End Check Auth******************************

switch ($item) {
case 'cust':
	$customersController = new CustomersController($dbh, $dbhr, $requestMethod, 
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$customersController->processRequest();
	break;

case 'number':
	$numbersController = new NumbersController($dbh, $dbhr, $requestMethod, 
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$numbersController->processRequest();
	break;

case 'cust_site':
	$custSiteController = new CustSiteController($dbh, $dbhr, $requestMethod, 
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$custSiteController->processRequest();
	break;

case 'pkg_sub_act':
	$pkgSubActController = new PkgSubActController($dbh, $dbhr, $requestMethod, 
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$pkgSubActController->processRequest();
	break;

case 'service':
	$servicesController = new ServicesController($dbh, $dbhr, $requestMethod, 
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$servicesController->processRequest();
	break;

case 'svc_pkg':
	$svcPackageController = new SvcPackageController($dbh, $dbhr, $requestMethod,
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$svcPackageController->processRequest();
	break;

case 'dev_model':
	$devModelController = new DevModelController($dbh, $dbhr, $requestMethod,
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$devModelController->processRequest();
	break;

case 'cust_service':
	$custServiceController = new CustServiceController($dbh, $dbhr, $requestMethod, 
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$custServiceController->processRequest();
	break;

case 'service_map':
	$serviceMapController = new ServiceMapController($dbh, $dbhr, $requestMethod, 
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$serviceMapController->processRequest();
	break;

case 'cust_ext':
	$custExtensionController = new CustExtensionController($dbh, $dbhr, $requestMethod,
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$custExtensionController->processRequest();
	break;

case 'device':
	$deviceController = new DeviceController($dbh, $dbhr, $requestMethod,
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$deviceController->processRequest();
	break;

case 'ext_device':
	$extDeviceController = new ExtDeviceController($dbh, $dbhr, $requestMethod,
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$extDeviceController->processRequest();
	break;

case 'activity':
	$activityController = new ActivityController($dbh, $dbhr, $requestMethod,
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$activityController->processRequest();
	break;

case 'onboard':
	file_put_contents("/var/www/pbx/log/xapi.log", "entered to case onboard \n", FILE_APPEND);
	$onboardController = new OnboardController($dbh, $dbhr, $requestMethod,
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$onboardController->processRequest();
	break;

case 'audio':
	$audioController = new AudioController($dbh, $dbhr, $requestMethod,
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$audioController->processRequest();
	break;

case 'ivr':
	$ivrController = new IvrController($dbh, $dbhr, $requestMethod,
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$ivrController->processRequest();
	break;
case 'call_dist':
	$callDistController = new CallDistController($dbh, $dbhr, $requestMethod,
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$callDistController->processRequest();
	break;
case 'vm':
	$voicemailController = new VoicemailController($dbh, $dbhr, $requestMethod,
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$voicemailController->processRequest();
	break;
case 'vbcast':
	$voiceBcastController = new VoiceBcastController($dbh, $dbhr, $requestMethod,
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$voiceBcastController->processRequest();
	break;

case 'conf':
	$confBridgeController = new ConfBridgeController($dbh, $dbhr, $requestMethod,
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$confBridgeController->processRequest();
	break;

case 'confmap':
	$confMapController = new ConfMapController($dbh, $dbhr, $requestMethod,
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$confMapController->processRequest();
	break;
case 'cust_queue': 
	$queueController = new QueueController($dbh, $dbhr, $requestMethod,
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$queueController->processRequest();
	break;
case 'cust_lang':
	$langController = new LangController($dbh, $dbhr, $requestMethod,
		$param1, $param2, $param3, $param4, $created_by, $auth_data);
	$langController->processRequest();
	break;
case 'cust_rep':
        $repController = new ReportController($dbh, $dbhr, $requestMethod,
                $param1, $param2, $param3, $param4, $created_by, $auth_data);
        $repController->processRequest();
	break;

case 'cust_req':
        $requestController = new RequestController($dbh, $dbhr, $requestMethod,
                $param1, $param2, $param3, $param4, $created_by, $auth_data);
        $requestController->processRequest();
	break;
case 'res_rep':
        $resReportController = new ResReportController($dbh, $dbhr, $requestMethod,
                $param1, $param2, $param3, $param4, $created_by, $auth_data);
        $resReportController->processRequest();
	break;
case 'contact':
        $contactsController = new ContactsController($dbh, $dbhr, $requestMethod,
                $param1, $param2, $param3, $param4, $created_by, $auth_data);
        $contactsController->processRequest();
	break;
case 'call':
        $callController = new CallController($dbh, $dbhr, $requestMethod,
                $param1, $param2, $param3, $param4, $created_by, $auth_data);
        $callController->processRequest();
        break;
case 'tag-report':
        $tagReportController = new TagReportController($dbh, $dbhr, $requestMethod,
                $param1, $param2, $param3, $param4, $created_by, $auth_data);
        $tagReportController->processRequest();
	break;
case 'new-ivr':
        $newIvrController = new NewIvrController($dbh, $dbhr, $requestMethod,
                $param1, $param2, $param3, $param4, $created_by, $auth_data);
        $newIvrController->processRequest();
        break;

case 'reseller':
        $resellerController = new ResellerController($dbh, $dbhr, $requestMethod,
                $param1, $param2, $param3, $param4, $created_by, $auth_data);
        $resellerController->processRequest();
	break;
case 'ticket':
        $ticketController = new TicketController($dbh, $dbhr, $requestMethod,
                $param1, $param2, $param3, $param4, $created_by, $auth_data);
        $ticketController->processRequest();
	break;
case 'realtime':
        $rtController = new RealtimeReportController($dbh, $dbhr, $requestMethod,
                $param1, $param2, $param3, $param4, $created_by, $auth_data);
        $rtController->processRequest();
	break;
case 'member':
        $qmController = new QueueMemberController($dbh, $dbhr, $requestMethod,
                $param1, $param2, $param3, $param4, $created_by, $auth_data);
        $qmController->processRequest();
	break;
case 'survey':
        $surveyController = new SurveyController($dbh, $dbhr, $requestMethod,
                $param1, $param2, $param3, $param4, $created_by, $auth_data);
        $surveyController->processRequest();
	break;

case 'moh':
        $mohController = new MohController($dbh, $dbhr, $requestMethod,
                $param1, $param2, $param3, $param4, $created_by, $auth_data);
        $mohController->processRequest();
        break;
case 'new-report': 
	$nrController = new NewReportController($dbh, $dbhr, $requestMethod,
                $param1, $param2, $param3, $param4, $created_by, $auth_data);
        $nrController->processRequest();
	break;

default:
	header("HTTP/1.1 404 $item: Not Found ");
	exit();
	break;
}
$dbh = null;
$dbhr = null;
/**********===============================VERIFY AND DECODE JWT============================**********/
function check_auth($_valid_api_keys, $unauth_resp){
	//$headers = json_decode(json_encode(getallheaders()), true);
	$headers = json_decode(json_encode(getallheaders()), true);
	if (isset($headers['Authorization'])){ 
		$authHeader = $headers['Authorization'];
	} else if (isset($_SERVER['HTTP_X_API_KEY'])) {
		if (in_array($_SERVER['HTTP_X_API_KEY'], $_valid_api_keys)) {
			return [
				'is_token_valid' => true,
				'created_by' => 999999,
				'roles' => ['Any' => ["SUPER_ADMIN"]],       
			];
		} else {
			return $unauth_resp;
		}
	} else {
		return $unauth_resp; 
	}
	preg_match('/Bearer\s(\S+)/', $authHeader, $matches);
	$jwt = $matches[1];
	$response =  verify_and_decode_jwt($jwt, $unauth_resp);
	return $response;
}
function verify_and_decode_jwt($token, $unauth_resp){
	$delimiter = '.';
	list($header, $payload, $signature) = explode($delimiter, $token);
	$to_be_decoded = $payload;
	$jsonToken = base64_decode($to_be_decoded);
	$arrayToken = json_decode($jsonToken, true);

	$expires_at = $arrayToken['exp'];
	$is_token_expired = ($expires_at - time()) < 0;

	//building the signature from header and payload. 
	
	$pubkey = file_get_contents('oauth_signatures/oauth-public.key');
	$signature = base64_decode(strtr($signature, '-_', '+/'));
	$payload_to_verify = utf8_decode($header . $delimiter . $payload);
	
	$ok_verified = openssl_verify($payload_to_verify, $signature, $pubkey, 'RSA-SHA256');       
	if($is_token_expired || !$ok_verified){
		 return $unauth_resp;
	 } else {
		 return [
		 	'is_token_valid' => true, 
			'created_by' => $arrayToken['user_id'], 
			'roles' => $arrayToken['roles']
		 ];
	 }
}
/**********===============================EOF VERIFY AND DECODE============================**********/
?>