Merge branch 'feat/epp-protocol'

src/Config/ConnectorProvider.php

@@ -3,6 +3,7 @@
 namespace App\Config;
 
 use App\Service\Connector\AutodnsProvider;
+use App\Service\Connector\EppClientProvider;
 use App\Service\Connector\GandiProvider;
 use App\Service\Connector\NamecheapProvider;
 use App\Service\Connector\NameComProvider;
@@ -15,6 +16,7 @@ enum ConnectorProvider: string
     case AUTODNS = 'autodns';
     case NAMECHEAP = 'namecheap';
     case NAMECOM = 'namecom';
+    case EPP = 'epp';
 
     public function getConnectorProvider(): string
     {
@@ -24,6 +26,7 @@ enum ConnectorProvider: string
             ConnectorProvider::AUTODNS => AutodnsProvider::class,
             ConnectorProvider::NAMECHEAP => NamecheapProvider::class,
             ConnectorProvider::NAMECOM => NameComProvider::class,
+            ConnectorProvider::EPP => EppClientProvider::class,
         };
     }
 }

src/Controller/ConnectorController.php

@@ -2,16 +2,20 @@
 
 namespace App\Controller;
 
+use App\Config\ConnectorProvider;
 use App\Entity\Connector;
 use App\Entity\User;
 use App\Service\Connector\AbstractProvider;
+use App\Service\Connector\EppClientProvider;
 use Doctrine\Common\Collections\Collection;
 use Doctrine\ORM\EntityManagerInterface;
 use Psr\Log\LoggerInterface;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\DependencyInjection\Attribute\Autowire;
 use Symfony\Component\DependencyInjection\ContainerInterface;
+use Symfony\Component\Filesystem\Filesystem;
 use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
+use Symfony\Component\HttpKernel\KernelInterface;
 use Symfony\Component\Routing\Attribute\Route;
 use Symfony\Component\Serializer\Exception\ExceptionInterface;
 
@@ -22,6 +26,7 @@ class ConnectorController extends AbstractController
         private readonly LoggerInterface $logger,
         #[Autowire(service: 'service_container')]
         private readonly ContainerInterface $locator,
+        private readonly KernelInterface $kernel,
     ) {
     }
 
@@ -43,8 +48,8 @@ class ConnectorController extends AbstractController
     }
 
     /**
-     * @throws \Exception
      * @throws ExceptionInterface
+     * @throws \Throwable
      */
     #[Route(
         path: '/api/connectors',
@@ -71,24 +76,79 @@ class ConnectorController extends AbstractController
         if (null === $provider) {
             throw new BadRequestHttpException('Provider not found');
         }
+        $authData = $connector->getAuthData();
 
-        /** @var AbstractProvider $providerClient */
-        $providerClient = $this->locator->get($provider->getConnectorProvider());
-        $connector->setAuthData($providerClient->authenticate($connector->getAuthData()));
+        if (ConnectorProvider::EPP === $provider) {
+            $filesystem = new Filesystem();
+            $directory = EppClientProvider::buildEppCertificateFolder($this->kernel->getProjectDir(), $connector->getId());
+            unset($authData['file_certificate_pem'], $authData['file_certificate_key']); // Prevent alteration from user
+
+            if (isset($authData['certificate_pem'], $authData['certificate_key'])) {
+                $pemPath = $directory.'client.pem';
+                $keyPath = $directory.'client.key';
+
+                $filesystem->mkdir($directory, 0755);
+                $filesystem->dumpFile($pemPath, $authData['certificate_pem']);
+                $filesystem->dumpFile($keyPath, $authData['certificate_key']);
+                $connector->setAuthData([...$authData, 'file_certificate_pem' => $pemPath, 'file_certificate_key' => $keyPath]);
+            }
+
+            /** @var AbstractProvider $providerClient */
+            $providerClient = $this->locator->get($provider->getConnectorProvider());
+
+            try {
+                $connector->setAuthData($providerClient->authenticate($authData));
+            } catch (\Throwable $exception) {
+                $filesystem->remove($directory);
+                throw $exception;
+            }
+        } else {
+            /** @var AbstractProvider $providerClient */
+            $providerClient = $this->locator->get($provider->getConnectorProvider());
+            $connector->setAuthData($providerClient->authenticate($authData));
+        }
 
         $this->logger->info('User {username} authentication data with the {provider} provider has been validated.', [
             'username' => $user->getUserIdentifier(),
             'provider' => $provider->value,
         ]);
 
-        $this->logger->info('The new API connector requested by {username} has been successfully registered.', [
-            'username' => $user->getUserIdentifier(),
-        ]);
-
         $connector->setCreatedAt(new \DateTimeImmutable('now'));
         $this->em->persist($connector);
         $this->em->flush();
 
         return $connector;
     }
+
+    /**
+     * @throws \Exception
+     */
+    #[Route(
+        path: '/api/connectors/{id}',
+        name: 'connector_delete',
+        defaults: [
+            '_api_resource_class' => Connector::class,
+            '_api_operation_name' => 'delete',
+        ],
+        methods: ['DELETE']
+    )]
+    public function deleteConnector(Connector $connector): void
+    {
+        foreach ($connector->getWatchLists()->getIterator() as $watchlist) {
+            $watchlist->setConnector(null);
+        }
+
+        $provider = $connector->getProvider();
+
+        if (null === $provider) {
+            throw new BadRequestHttpException('Provider not found');
+        }
+
+        if (ConnectorProvider::EPP === $provider) {
+            (new Filesystem())->remove(EppClientProvider::buildEppCertificateFolder($this->kernel->getProjectDir(), $connector->getId()));
+        }
+
+        $this->em->remove($connector);
+        $this->em->flush();
+    }
 }

src/Dto/Connector/DefaultProviderDto.php

@@ -6,12 +6,15 @@ use Symfony\Component\Validator\Constraints as Assert;
 
 class DefaultProviderDto
 {
+    #[Assert\NotBlank]
     #[Assert\IsTrue]
     public bool $ownerLegalAge;
 
+    #[Assert\NotBlank]
     #[Assert\IsTrue]
     public bool $acceptConditions;
 
+    #[Assert\NotBlank]
     #[Assert\IsTrue]
     public bool $waiveRetractationPeriod;
 }

src/Dto/Connector/EppClientProviderAuthDto.php

@@ -0,0 +1,17 @@
+<?php
+
+namespace App\Dto\Connector;
+
+use Symfony\Component\Validator\Constraints as Assert;
+
+final class EppClientProviderAuthDto
+{
+    #[Assert\NotBlank]
+    public string $username;
+
+    #[Assert\NotBlank]
+    public string $password;
+
+    #[Assert\NotBlank]
+    public EppClientProviderAuthSSLDto $ssl;
+}

src/Dto/Connector/EppClientProviderAuthSSLDto.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace App\Dto\Connector;
+
+final class EppClientProviderAuthSSLDto
+{
+    public ?string $peer_name = null;
+
+    public bool $verify_peer = true;
+
+    public bool $verify_peer_name = true;
+
+    public bool $allow_self_signed = false;
+
+    public ?int $verify_depth = null;
+
+    public ?string $passphrase = null;
+
+    public bool $disable_compression = false;
+}

src/Dto/Connector/EppClientProviderDomainDto.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Dto\Connector;
+
+use Symfony\Component\Validator\Constraints as Assert;
+
+final class EppClientProviderDomainDto
+{
+    #[Assert\NotBlank]
+    public int $period;
+
+    #[Assert\NotBlank]
+    public string $unit;
+
+    #[Assert\NotBlank]
+    public string $registrant;
+
+    #[Assert\NotBlank]
+    public string $password;
+
+    #[Assert\NotBlank]
+    #[Assert\All([
+        new Assert\NotBlank(),
+        new Assert\Type('string'),
+    ])]
+    public array $contacts;
+}

src/Dto/Connector/EppClientProviderDto.php

@@ -0,0 +1,44 @@
+<?php
+
+namespace App\Dto\Connector;
+
+use Symfony\Component\Validator\Constraints as Assert;
+
+final class EppClientProviderDto extends DefaultProviderDto
+{
+    #[Assert\NotBlank]
+    public string $version;
+
+    #[Assert\NotBlank]
+    #[Assert\Language]
+    public string $language;
+
+    #[Assert\NotBlank]
+    #[Assert\Url(protocols: ['ssl', 'tls', 'http', 'https'], requireTld: true)]
+    public string $hostname;
+
+    #[Assert\NotBlank]
+    public int $port;
+
+    #[Assert\NotBlank]
+    public EppClientProviderAuthDto $auth;
+
+    #[Assert\NotBlank]
+    public EppClientProviderDomainDto $domain;
+
+    #[Assert\All([
+        new Assert\NotBlank(),
+        new Assert\Type('string'),
+    ])]
+    public array $extURI = [];
+
+    #[Assert\All([
+        new Assert\NotBlank(),
+        new Assert\Type('string'),
+    ])]
+    public array $objURI = [];
+
+    public ?string $file_certificate_pem = null;
+
+    public ?string $file_certificate_key = null;
+}

src/Dto/Connector/OvhProviderDto.php

@@ -18,6 +18,7 @@ final class OvhProviderDto extends DefaultProviderDto
     #[Assert\NotBlank]
     public string $consumerKey;
 
+    #[Assert\NotBlank]
     #[Assert\Choice(['create-default', 'create-premium'])]
     public string $pricingMode;
 

src/Entity/Connector.php

@@ -29,11 +29,14 @@ use Symfony\Component\Uid\Uuid;
         ),
         new Post(
             routeName: 'connector_create',
-            normalizationContext: ['groups' => ['connector:create', 'connector:list']], denormalizationContext: ['groups' => 'connector:create'],
+            normalizationContext: ['groups' => ['connector:create', 'connector:list']],
+            denormalizationContext: ['groups' => 'connector:create'],
             name: 'create'
         ),
         new Delete(
-            security: 'object.user == user'
+            routeName: 'connector_delete',
+            security: 'object.user == user',
+            name: 'delete'
         ),
     ]
 )]

src/Message/OrderDomain.php

@@ -7,7 +7,6 @@ final class OrderDomain
     public function __construct(
         public string $watchListToken,
         public string $ldhName,
-        public \DateTimeImmutable $updatedAt,
     ) {
     }
 }

src/MessageHandler/OrderDomainHandler.php

@@ -94,8 +94,6 @@ final readonly class OrderDomainHandler
              * If no errors occur, the purchase is attempted.
              */
 
-            $connectorProvider->authenticate($connector->getAuthData());
-
             $connectorProvider->orderDomain($domain, $this->kernel->isDebug());
 
             /*

src/MessageHandler/UpdateDomainsFromWatchlistHandler.php

@@ -11,20 +11,18 @@ use App\Notifier\DomainDeletedNotification;
 use App\Notifier\DomainUpdateErrorNotification;
 use App\Repository\WatchListRepository;
 use App\Service\ChatNotificationService;
+use App\Service\Connector\AbstractProvider;
+use App\Service\Connector\CheckDomainProviderInterface;
 use App\Service\RDAPService;
 use Psr\Log\LoggerInterface;
+use Symfony\Component\DependencyInjection\Attribute\Autowire;
+use Symfony\Component\DependencyInjection\ContainerInterface;
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
-use Symfony\Component\Mailer\Exception\TransportExceptionInterface;
 use Symfony\Component\Mailer\MailerInterface;
 use Symfony\Component\Messenger\Attribute\AsMessageHandler;
-use Symfony\Component\Messenger\Exception\ExceptionInterface;
 use Symfony\Component\Messenger\MessageBusInterface;
 use Symfony\Component\Mime\Address;
 use Symfony\Component\Notifier\Recipient\Recipient;
-use Symfony\Contracts\HttpClient\Exception\ClientExceptionInterface;
-use Symfony\Contracts\HttpClient\Exception\DecodingExceptionInterface;
-use Symfony\Contracts\HttpClient\Exception\RedirectionExceptionInterface;
-use Symfony\Contracts\HttpClient\Exception\ServerExceptionInterface;
 
 #[AsMessageHandler]
 final readonly class UpdateDomainsFromWatchlistHandler
@@ -40,18 +38,13 @@ final readonly class UpdateDomainsFromWatchlistHandler
         private MessageBusInterface $bus,
         private WatchListRepository $watchListRepository,
         private LoggerInterface $logger,
+        #[Autowire(service: 'service_container')]
+        private ContainerInterface $locator,
     ) {
         $this->sender = new Address($mailerSenderEmail, $mailerSenderName);
     }
 
     /**
-     * @throws ExceptionInterface
-     * @throws TransportExceptionInterface
-     * @throws ClientExceptionInterface
-     * @throws DecodingExceptionInterface
-     * @throws RedirectionExceptionInterface
-     * @throws ServerExceptionInterface
-     * @throws \Symfony\Contracts\HttpClient\Exception\TransportExceptionInterface
      * @throws \Throwable
      */
     public function __invoke(UpdateDomainsFromWatchlist $message): void
@@ -63,6 +56,34 @@ final readonly class UpdateDomainsFromWatchlistHandler
             'token' => $message->watchListToken,
         ]);
 
+        /** @var AbstractProvider $connectorProvider */
+        $connectorProvider = $this->getConnectorProvider($watchList);
+
+        if ($connectorProvider instanceof CheckDomainProviderInterface) {
+            $this->logger->notice('Watchlist {watchlist} linked to connector {connector}.', [
+                'watchlist' => $watchList->getToken(),
+                'connector' => $watchList->getConnector()->getId(),
+            ]);
+
+            try {
+                $checkedDomains = $connectorProvider->checkDomains(
+                    ...array_unique(array_map(fn (Domain $d) => $d->getLdhName(), $watchList->getDomains()->toArray()))
+                );
+            } catch (\Throwable $exception) {
+                $this->logger->warning('Unable to check domain names availability with connector {connector}.', [
+                    'connector' => $watchList->getConnector()->getId(),
+                ]);
+
+                throw $exception;
+            }
+
+            foreach ($checkedDomains as $domain) {
+                $this->bus->dispatch(new OrderDomain($watchList->getToken(), $domain));
+            }
+
+            return;
+        }
+
         /*
          * A domain name is updated if one or more of these conditions are met:
          * - was updated more than 7 days ago
@@ -84,17 +105,17 @@ final readonly class UpdateDomainsFromWatchlistHandler
                 $this->bus->dispatch(new SendDomainEventNotif($watchList->getToken(), $domain->getLdhName(), $updatedAt));
             } catch (NotFoundHttpException) {
                 if (!$domain->getDeleted()) {
-                    $notification = (new DomainDeletedNotification($this->sender, $domain));
+                    $notification = new DomainDeletedNotification($this->sender, $domain);
                     $this->mailer->send($notification->asEmailMessage(new Recipient($watchList->getUser()->getEmail()))->getMessage());
                     $this->chatNotificationService->sendChatNotification($watchList, $notification);
                 }
 
-                if (null !== $watchList->getConnector()) {
+                if ($watchList->getConnector()) {
                     /*
                      * If the domain name no longer appears in the WHOIS AND a connector is associated with this Watchlist,
                      * this connector is used to purchase the domain name.
                      */
-                    $this->bus->dispatch(new OrderDomain($watchList->getToken(), $domain->getLdhName(), $updatedAt));
+                    $this->bus->dispatch(new OrderDomain($watchList->getToken(), $domain->getLdhName()));
                 }
             } catch (\Throwable $e) {
                 /*
@@ -113,4 +134,16 @@ final readonly class UpdateDomainsFromWatchlistHandler
             }
         }
     }
+
+    private function getConnectorProvider(WatchList $watchList): ?object
+    {
+        $connector = $watchList->getConnector();
+        if (null === $connector || null === $connector->getProvider()) {
+            return null;
+        }
+
+        $providerClass = $connector->getProvider()->getConnectorProvider();
+
+        return $this->locator->get($providerClass);
+    }
 }

src/Service/Connector/AbstractProvider.php

@@ -30,7 +30,7 @@ abstract class AbstractProvider
 
     public function __construct(
         protected CacheItemPoolInterface $cacheItemPool,
-        private readonly DenormalizerInterface&NormalizerInterface $serializer,
+        protected readonly DenormalizerInterface&NormalizerInterface $serializer,
         private readonly ValidatorInterface $validator,
     ) {
     }

src/Service/Connector/CheckDomainProviderInterface.php

@@ -0,0 +1,8 @@
+<?php
+
+namespace App\Service\Connector;
+
+interface CheckDomainProviderInterface
+{
+    public function checkDomains(string ...$domains): array;
+}

src/Service/Connector/EppClientProvider.php

@@ -0,0 +1,202 @@
+<?php
+
+namespace App\Service\Connector;
+
+use App\Dto\Connector\DefaultProviderDto;
+use App\Dto\Connector\EppClientProviderDto;
+use App\Entity\Domain;
+use Metaregistrar\EPP\eppCheckContactRequest;
+use Metaregistrar\EPP\eppCheckContactResponse;
+use Metaregistrar\EPP\eppCheckDomainRequest;
+use Metaregistrar\EPP\eppCheckDomainResponse;
+use Metaregistrar\EPP\eppConnection;
+use Metaregistrar\EPP\eppContactHandle;
+use Metaregistrar\EPP\eppCreateDomainRequest;
+use Metaregistrar\EPP\eppDomain;
+use Metaregistrar\EPP\eppException;
+use Metaregistrar\EPP\eppHelloRequest;
+use Psr\Cache\CacheItemInterface;
+use Psr\Cache\CacheItemPoolInterface;
+use Psr\Cache\InvalidArgumentException;
+use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
+use Symfony\Component\Serializer\Exception\ExceptionInterface;
+use Symfony\Component\Serializer\Normalizer\DenormalizerInterface;
+use Symfony\Component\Serializer\Normalizer\NormalizerInterface;
+use Symfony\Component\Validator\Validator\ValidatorInterface;
+
+class EppClientProvider extends AbstractProvider implements CheckDomainProviderInterface
+{
+    protected string $dtoClass = EppClientProviderDto::class;
+
+    /** @var EppClientProviderDto */
+    protected DefaultProviderDto $authData;
+
+    private ?eppConnection $eppClient = null;
+
+    public function __construct(
+        CacheItemPoolInterface $cacheItemPool,
+        DenormalizerInterface&NormalizerInterface $serializer,
+        ValidatorInterface $validator,
+    ) {
+        parent::__construct($cacheItemPool, $serializer, $validator);
+    }
+
+    protected function assertAuthentication(): void
+    {
+        $this->connect();
+        $this->eppClient->login();
+
+        $this->eppClient->request(new eppHelloRequest());
+
+        $contacts = [new eppContactHandle($this->authData->domain->registrant, eppContactHandle::CONTACT_TYPE_REGISTRANT)];
+        foreach ($this->authData->domain->contacts as $role => $roid) {
+            $contacts[] = new eppContactHandle($roid, $role);
+        }
+
+        /** @var eppCheckContactResponse $resp */
+        $resp = $this->eppClient->request(new eppCheckContactRequest($contacts));
+        foreach ($resp->getCheckedContacts() as $contact => $available) {
+            if ($available) {
+                throw new BadRequestHttpException("At least one of the entered contacts cannot be used because it is indicated as available ($contact).");
+            }
+        }
+
+        $this->eppClient->logout();
+        $this->eppClient->disconnect();
+    }
+
+    /**
+     * @throws eppException
+     */
+    public function orderDomain(Domain $domain, bool $dryRun): void
+    {
+        $this->connect();
+
+        $d = new eppDomain($domain->getLdhName());
+        $d->setRegistrant($this->authData->domain->registrant);
+        $d->setPeriodUnit($this->authData->domain->unit);
+        $d->setPeriod($this->authData->domain->period);
+        $d->setAuthorisationCode($this->authData->domain->password);
+
+        foreach ($this->authData->domain->contacts as $type => $contact) {
+            $d->addContact(new eppContactHandle($contact, $type));
+        }
+
+        if (!$dryRun) {
+            $this->eppClient->request(new eppCreateDomainRequest($d));
+        }
+
+        $this->eppClient->logout();
+        $this->disconnect();
+    }
+
+    /**
+     * @throws InvalidArgumentException
+     */
+    protected function getCachedTldList(): CacheItemInterface
+    {
+        return $this->cacheItemPool->getItem('app.provider.epp.supported-tld');
+    }
+
+    protected function getSupportedTldList(): array
+    {
+        return [];
+    }
+
+    public function isSupported(Domain ...$domainList): bool
+    {
+        if (0 === count($domainList)) {
+            return true;
+        }
+        $tld = $domainList[0]->getTld();
+
+        foreach ($domainList as $domain) {
+            if ($domain->getTld() !== $tld) {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    /**
+     * @return string[]
+     *
+     * @throws eppException
+     */
+    public function checkDomains(string ...$domains): array
+    {
+        $this->connect();
+        $this->eppClient->login();
+
+        $check = new eppCheckDomainRequest($domains);
+
+        /** @var eppCheckDomainResponse $response */
+        $response = $this->eppClient->request($check);
+        $checkedDomains = $response->getCheckedDomains();
+
+        $return = array_map(
+            fn (array $d) => $d['domainname'],
+            array_filter($checkedDomains, fn (array $d) => true === $d['available'])
+        );
+
+        $this->eppClient->logout();
+        $this->eppClient->disconnect();
+
+        return $return;
+    }
+
+    /**
+     * @throws eppException
+     * @throws ExceptionInterface
+     */
+    private function connect(): void
+    {
+        if ($this->eppClient && $this->eppClient->isConnected()) {
+            return;
+        }
+
+        $conn = new eppConnection(false, null);
+        $conn->setHostname($this->authData->hostname);
+        $conn->setVersion($this->authData->version);
+        $conn->setLanguage($this->authData->language);
+        $conn->setPort($this->authData->port);
+
+        $conn->setUsername($this->authData->auth->username);
+        $conn->setPassword($this->authData->auth->password);
+
+        $ssl = (array) $this->serializer->normalize($this->authData->auth->ssl, 'json');
+
+        if (isset($this->authData->file_certificate_pem, $this->authData->file_certificate_key)) {
+            $conn->setSslContext(stream_context_create(['ssl' => [
+                ...$ssl,
+                'local_cert' => $this->authData->file_certificate_pem,
+                'local_pk' => $this->authData->file_certificate_key,
+            ]]));
+        } else {
+            unset($ssl['local_cert'], $ssl['local_pk']);
+            $conn->setSslContext(stream_context_create(['ssl' => $ssl]));
+        }
+
+        $conn->setExtensions($this->authData->extURI);
+        $conn->setServices($this->authData->objURI);
+
+        $conn->connect();
+        $this->eppClient = $conn;
+    }
+
+    private function disconnect(): void
+    {
+        $this->eppClient->disconnect();
+    }
+
+    public function __destruct()
+    {
+        $this->disconnect();
+    }
+
+    public static function buildEppCertificateFolder(string $projectDir, string $connectorId): string
+    {
+        return sprintf('%s/%s/%s/', $projectDir, 'var/epp-certificates', $connectorId);
+    }
+}