Bulk of work pre-testing

Author: SecondeJK

src/Client/Credentials/Gnp.php

@@ -6,6 +6,10 @@
 
 class Gnp extends Keypair
 {
+    protected ?string $code = null;
+    protected ?string $state = null;
+    protected ?string $redirectUri = null;
+
     public function __construct(protected string $msisdn, protected string $key, $application = null)
     {
         parent::__construct($key, $application);
@@ -22,4 +26,37 @@ public function setMsisdn(string $msisdn): Gnp
 
         return $this;
     }
+
+    public function getCode(): ?string
+    {
+        return $this->code;
+    }
+
+    public function setCode(?string $code): Gnp
+    {
+        $this->code = $code;
+        return $this;
+    }
+
+    public function getState(): ?string
+    {
+        return $this->state;
+    }
+
+    public function setState(?string $state): Gnp
+    {
+        $this->state = $state;
+        return $this;
+    }
+
+    public function getRedirectUri(): ?string
+    {
+        return $this->redirectUri;
+    }
+
+    public function setRedirectUri(?string $redirectUri): Gnp
+    {
+        $this->redirectUri = $redirectUri;
+        return $this;
+    }
 }

src/Client/Credentials/Handler/NumberVerificationGnpHandler.php

@@ -0,0 +1,66 @@
+<?php
+
+namespace Vonage\Client\Credentials\Handler;
+
+use Psr\Http\Message\RequestInterface;
+use Vonage\Client;
+use Vonage\Client\APIResource;
+use Vonage\Client\Credentials\CredentialsInterface;
+use Vonage\Client\Credentials\Gnp;
+
+/**
+ * This handler is for Vonage GNP APIs that require the CAMARA standard OAuth Flow
+ */
+class NumberVerificationGnpHandler extends SimSwapGnpHandler
+{
+    use Client\ClientAwareTrait;
+    use Client\ScopeAwareTrait;
+
+    protected ?string $baseUrl = null;
+    protected ?string $tokenUrl = null;
+
+    public function getBaseUrl(): ?string
+    {
+        return $this->baseUrl;
+    }
+
+    public function setBaseUrl(?string $baseUrl): NumberVerificationGnpHandler
+    {
+        $this->baseUrl = $baseUrl;
+        return $this;
+    }
+
+    public function getTokenUrl(): ?string
+    {
+        return $this->tokenUrl;
+    }
+
+    public function setTokenUrl(?string $tokenUrl): NumberVerificationGnpHandler
+    {
+        $this->tokenUrl = $tokenUrl;
+        return $this;
+    }
+
+    public function __invoke(RequestInterface $request, CredentialsInterface $credentials): RequestInterface
+    {
+        /** @var Gnp $credentials  */
+        $credentials = $this->extract(Gnp::class, $credentials);
+
+        // submit the code to CAMARA endpoint
+        $api = new APIResource();
+        $api->setAuthHandlers(new KeypairHandler());
+        $api->setClient($this->getClient());
+        $api->setBaseUrl('https://api-eu.vonage.com/oauth2/token');
+
+        $tokenRequest = $api->submit([
+            'grant_type' => 'authorization_code',
+            'code' => $credentials->getCode(),
+            'redirect_uri' => $credentials->getRedirectUri()
+        ]);
+
+        $token = $tokenRequest['access_token'];
+
+        // Add CAMARA Access Token to request and return to make API call
+        return $request->withHeader('Authorization', 'Bearer ' . $token);
+    }
+}

…lient/Credentials/Handler/GnpHandler.php …redentials/Handler/SimSwapGnpHandler.phpsrc/Client/Credentials/Handler/GnpHandler.php renamed to src/Client/Credentials/Handler/SimSwapGnpHandler.php src/Client/Credentials/Handler/GnpHandler.php renamed to src/Client/Credentials/Handler/SimSwapGnpHandler.php

@@ -11,14 +11,35 @@
 /**
  * This handler is for Vonage GNP APIs that require the CAMARA standard OAuth Flow
  */
-class GnpHandler extends AbstractHandler
+class SimSwapGnpHandler extends AbstractHandler
 {
     use Client\ClientAwareTrait;
     use Client\ScopeAwareTrait;
 
-    protected const VONAGE_GNP_AUTH_BACKEND_URL = 'https://api-eu.vonage.com/oauth2/bc-authorize';
-    protected const VONAGE_GNP_AUTH_TOKEN_URL = 'https://api-eu.vonage.com/oauth2/token';
-    protected const VONAGE_GNP_AUTH_TOKEN_GRANT_TYPE = 'urn:openid:params:grant-type:ciba';
+    protected ?string $baseUrl = null;
+    protected ?string $tokenUrl = null;
+
+    public function getBaseUrl(): ?string
+    {
+        return $this->baseUrl;
+    }
+
+    public function setBaseUrl(?string $baseUrl): SimSwapGnpHandler
+    {
+        $this->baseUrl = $baseUrl;
+        return $this;
+    }
+
+    public function getTokenUrl(): ?string
+    {
+        return $this->tokenUrl;
+    }
+
+    public function setTokenUrl(?string $tokenUrl): SimSwapGnpHandler
+    {
+        $this->tokenUrl = $tokenUrl;
+        return $this;
+    }
 
     public function __invoke(RequestInterface $request, CredentialsInterface $credentials): RequestInterface
     {
@@ -31,7 +52,7 @@ public function __invoke(RequestInterface $request, CredentialsInterface $creden
         $api = new APIResource();
         $api->setAuthHandlers(new KeypairHandler());
         $api->setClient($this->getClient());
-        $api->setBaseUrl(self::VONAGE_GNP_AUTH_BACKEND_URL);
+        $api->setBaseUrl($this->getBaseUrl());
 
         // This handler requires an injected client configured with a Gnp credentials object and a configured scope
         $response = $api->submit([
@@ -44,9 +65,9 @@ public function __invoke(RequestInterface $request, CredentialsInterface $creden
         $authReqId = $decoded['auth_req_id'];
 
         // CAMARA Access Token
-        $api->setBaseUrl(self::VONAGE_GNP_AUTH_TOKEN_URL);
+        $api->setBaseUrl($this->getTokenUrl());
         $response = $api->submit([
-            'grant_type' => self::VONAGE_GNP_AUTH_TOKEN_GRANT_TYPE,
+            'grant_type' => 'urn:openid:params:grant-type:ciba',
             'auth_req_id' => $authReqId
         ]);
 

src/Client/Credentials/Keypair.php

@@ -16,7 +16,7 @@
  */
 class Keypair extends AbstractCredentials
 {
-    public function __construct(protected string $key, $application = null)
+    public function __construct(protected string $key, protected ?string $application = null)
     {
         $this->credentials['key'] = $key;
 
@@ -42,6 +42,17 @@ public function getKeyRaw(): string
         return $this->key;
     }
 
+    public function getApplication(): ?string
+    {
+        return $this->application;
+    }
+
+    public function setApplication(mixed $application): Keypair
+    {
+        $this->application = $application;
+        return $this;
+    }
+
     public function generateJwt(array $claims = []): Token
     {
         $generator = new TokenGenerator($this->application, $this->getKeyRaw());

src/NumberVerification/Client.php

@@ -4,8 +4,15 @@
 
 namespace Vonage\NumberVerification;
 
+use GuzzleHttp\Psr7\Request;
+use Psr\Http\Client\ClientExceptionInterface;
 use Vonage\Client\APIClient;
 use Vonage\Client\APIResource;
+use Vonage\Client\Credentials\CredentialsInterface;
+use Vonage\Client\Credentials\Gnp;
+use Vonage\Client\Exception\Credentials;
+use Vonage\Client\Exception\Exception;
+use Vonage\Webhook\Factory;
 
 class Client implements APIClient
 {
@@ -18,8 +25,81 @@ public function getAPIResource(): APIResource
         return $this->api;
     }
 
-    public function verify(): bool
+    /**
+     * You are expected to call this code when you are consuming the webhook that has been
+     * received from the frontend call being made
+     *
+     * @param string $phoneNumber
+     * @return bool
+     * @throws ClientExceptionInterface
+     * @throws Exception
+     */
+    public function verifyNumber(string $phoneNumber): bool
     {
-        return false;
+        $webhook = Factory::createFromGlobals();
+
+        if (!isset($webhook['code'])) {
+            throw new Exception('Required field code not found in webhook');
+        };
+
+        /** @var Gnp $credentials */
+        $credentials = $this->getAPIResource()->getClient()->getCredentials();
+        $credentials->setCode($webhook['code']);
+        $credentials->setState($webhook['state']);
+
+        $phoneNumberKey = 'phoneNumber';
+
+        if ($this->isHashedPhoneNumber($phoneNumber)) {
+            $phoneNumberKey = 'hashedPhoneNumber';
+        }
+
+        // This request will now contain a valid CAMARA token
+        $response = $this->getAPIResource()->create([
+            $phoneNumberKey => $phoneNumber
+        ]);
+
+        return $response['devicePhoneNumberVerified'];
+    }
+
+    public function isHashedPhoneNumber(string $phoneNumber): bool
+    {
+        return (strlen($phoneNumber) >= 13);
+    }
+
+    /**
+     * This method is the start of the process of Number Verification
+     * It builds the correct Front End Auth request for OIDC CAMARA request
+     *
+     * @param string $phoneNumber
+     * @param string $redirectUrl
+     * @param string $state
+     * @return string
+     * @throws Credentials
+     */
+    public function buildFrontEndUrl(string $phoneNumber, string $redirectUrl, string $state = ''): string
+    {
+        /** @var Gnp $credentials */
+        $credentials = $this->getAPIResource()->getClient()->getCredentials();
+        $this->enforceCredentials($credentials);
+
+        $applicationId = $credentials->getApplication();
+
+        $query = http_build_query([
+            'client_id' => $applicationId,
+            'redirect_uri' => $redirectUrl,
+            'state' => $state,
+            'scope' => 'openid dpv:FraudPreventionAndDetection#number-verification-verify-read',
+            'response_type' => 'code',
+            'login_hint' => $phoneNumber
+        ]);
+
+        return 'https://oidc.idp.vonage.com/oauth2/auth' . $query;
+    }
+
+    protected function enforceCredentials(CredentialsInterface $credentials): void
+    {
+        if (!$credentials instanceof Gnp) {
+            throw new Credentials('You can only use GNP Credentials with the Number Verification API');
+        }
     }
 }

src/NumberVerification/ClientFactory.php

@@ -4,20 +4,24 @@
 
 use Psr\Container\ContainerInterface;
 use Vonage\Client\APIResource;
-use Vonage\Client\Credentials\Handler\GnpHandler;
+use Vonage\Client\Credentials\Handler\SimSwapGnpHandler;
 
 class ClientFactory
 {
     public function __invoke(ContainerInterface $container): Client
     {
-        $handler = new GnpHandler();
+        $handler = new SimSwapGnpHandler();
+        $handler->setBaseUrl('https://oidc.idp.vonage.com/oauth2/auth');
+        $handler->setTokenUrl('https://api-eu.vonage.com/oauth2/token');
+        $handler->setScope('openid+dpv:FraudPreventionAndDetection#number-verification-verify-read');
+
         $client = $container->get(\Vonage\Client::class);
         $handler->setClient($client);
 
         /** @var APIResource $api */
         $api = $container->make(APIResource::class);
         $api
-            ->setBaseUrl('https://api-eu.vonage.com/camara/sim-swap/v040')
+            ->setBaseUrl('https://api-eu.vonage.com/camara/number-verification/v031')
             ->setIsHAL(false)
             ->setErrorsOn200(false)
             ->setAuthHandlers($handler);

src/SimSwap/Client.php

@@ -6,7 +6,7 @@
 
 use Vonage\Client\APIClient;
 use Vonage\Client\APIResource;
-use Vonage\Client\Credentials\Handler\GnpHandler;
+use Vonage\Client\Credentials\Handler\SimSwapGnpHandler;
 
 class Client implements APIClient
 {
@@ -22,10 +22,10 @@ public function getAPIResource(): APIResource
 
     public function checkSimSwap(string $number, ?int $maxAge = null)
     {
-        /** @var GnpHandler $handler */
+        /** @var SimSwapGnpHandler $handler */
         $handler = $this->getAPIResource()->getAuthHandlers()[0];
 
-        if (!$handler instanceof GnpHandler) {
+        if (!$handler instanceof SimSwapGnpHandler) {
             throw new \RuntimeException('SimSwap Client has been misconfigured. Only a GNP Handler can be used');
         }
 
@@ -46,10 +46,10 @@ public function checkSimSwap(string $number, ?int $maxAge = null)
 
     public function checkSimSwapDate(string $number): string
     {
-        /** @var GnpHandler $handler */
+        /** @var SimSwapGnpHandler $handler */
         $handler = $this->getAPIResource()->getAuthHandlers()[0];
 
-        if (!$handler instanceof GnpHandler) {
+        if (!$handler instanceof SimSwapGnpHandler) {
             throw new \RuntimeException('SimSwap Client has been misconfigured. Only a GNP Handler can be used');
         }
 

src/SimSwap/ClientFactory.php

@@ -4,13 +4,17 @@
 
 use Psr\Container\ContainerInterface;
 use Vonage\Client\APIResource;
-use Vonage\Client\Credentials\Handler\GnpHandler;
+use Vonage\Client\Credentials\Handler\SimSwapGnpHandler;
 
 class ClientFactory
 {
     public function __invoke(ContainerInterface $container): Client
     {
-        $handler = new GnpHandler();
+        $handler = new SimSwapGnpHandler();
+        $handler->setBaseUrl('https://api-eu.vonage.com/oauth2/bc-authorize');
+        $handler->setTokenUrl('https://api-eu.vonage.com/oauth2/token');
+        $handler->setScope('openid dpv:FraudPreventionAndDetection#check-sim-swap');
+
         $client = $container->get(\Vonage\Client::class);
         $handler->setClient($client);