Pterodactyl-Panel/app/Services/Api/KeyCreationService.php

<?php
/**
 * Pterodactyl - Panel
 * Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
 *
 * This software is licensed under the terms of the MIT license.
 * https://opensource.org/licenses/MIT
 */

namespace Pterodactyl\Services\Api;

use Illuminate\Database\ConnectionInterface;
use Illuminate\Contracts\Encryption\Encrypter;
use Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface;

class KeyCreationService
{
    const PUB_CRYPTO_LENGTH = 16;
    const PRIV_CRYPTO_LENGTH = 64;

    /**
     * @var \Illuminate\Database\ConnectionInterface
     */
    protected $connection;

    /**
     * @var \Illuminate\Contracts\Encryption\Encrypter
     */
    protected $encrypter;

    /**
     * @var \Pterodactyl\Services\Api\PermissionService
     */
    protected $permissionService;

    /**
     * @var \Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface
     */
    protected $repository;

    /**
     * ApiKeyService constructor.
     *
     * @param \Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface $repository
     * @param \Illuminate\Database\ConnectionInterface                    $connection
     * @param \Illuminate\Contracts\Encryption\Encrypter                  $encrypter
     * @param \Pterodactyl\Services\Api\PermissionService                 $permissionService
     */
    public function __construct(
        ApiKeyRepositoryInterface $repository,
        ConnectionInterface $connection,
        Encrypter $encrypter,
        PermissionService $permissionService
    ) {
        $this->repository = $repository;
        $this->connection = $connection;
        $this->encrypter = $encrypter;
        $this->permissionService = $permissionService;
    }

    /**
     * Create a new API Key on the system with the given permissions.
     *
     * @param array $data
     * @param array $permissions
     * @param array $administrative
     * @return string
     *
     * @throws \Exception
     * @throws \Pterodactyl\Exceptions\Model\DataValidationException
     */
    public function handle(array $data, array $permissions, array $administrative = [])
    {
        $publicKey = str_random(self::PUB_CRYPTO_LENGTH);
        $secretKey = str_random(self::PRIV_CRYPTO_LENGTH);

        // Start a Transaction
        $this->connection->beginTransaction();

        $data = array_merge($data, [
            'public' => $publicKey,
            'secret' => $this->encrypter->encrypt($secretKey),
        ]);

        $instance = $this->repository->create($data, true, true);
        $nodes = $this->permissionService->getPermissions();

        foreach ($permissions as $permission) {
            @list($block, $search) = explode('-', $permission, 2);

            if (
                (empty($block) || empty($search)) ||
                ! array_key_exists($block, $nodes['_user']) ||
                ! in_array($search, $nodes['_user'][$block])
            ) {
                continue;
            }

            $this->permissionService->create($instance->id, sprintf('user.%s', $permission));
        }

        foreach ($administrative as $permission) {
            @list($block, $search) = explode('-', $permission, 2);

            if (
                (empty($block) || empty($search)) ||
                ! array_key_exists($block, $nodes) ||
                ! in_array($search, $nodes[$block])
            ) {
                continue;
            }

            $this->permissionService->create($instance->id, $permission);
        }

        $this->connection->commit();

        return $secretKey;
    }
}
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00			`<?php`
Update license headers on files. 2017-09-26 04:43:01 +02:00			`/**`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00			`* Pterodactyl - Panel`
			`* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.`
			`*`
Update license headers on files. 2017-09-26 04:43:01 +02:00			`* This software is licensed under the terms of the MIT license.`
			`* https://opensource.org/licenses/MIT`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00			`*/`

Refactor (again) 2017-07-09 19:29:18 +02:00			`namespace Pterodactyl\Services\Api;`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00
Update last of existing services to use repositories, includes unit tests Also update PHPDocs on all the repository interfaces and classes to be correct. 2017-07-08 21:07:51 +02:00			`use Illuminate\Database\ConnectionInterface;`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00			`use Illuminate\Contracts\Encryption\Encrypter;`
Update last of existing services to use repositories, includes unit tests Also update PHPDocs on all the repository interfaces and classes to be correct. 2017-07-08 21:07:51 +02:00			`use Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface;`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00
Should wrap up the base landing page stuff for accounts, next step is server rendering 2017-08-31 04:11:14 +02:00			`class KeyCreationService`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00			`{`
Update random ID method to use str_random and not random_bytes The use of random_bytes in combination with bin2hex was producing a lot of duplicate keys when tested in batches of 10k (anywhere from 2 to 6). The use of str_random yielded no duplicates even at scales of 100k keys that were 8 characters. 2017-09-14 06:07:02 +02:00			`const PUB_CRYPTO_LENGTH = 16;`
			`const PRIV_CRYPTO_LENGTH = 64;`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00
			`/**`
Update last of existing services to use repositories, includes unit tests Also update PHPDocs on all the repository interfaces and classes to be correct. 2017-07-08 21:07:51 +02:00			`* @var \Illuminate\Database\ConnectionInterface`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00			`*/`
Should wrap up the base landing page stuff for accounts, next step is server rendering 2017-08-31 04:11:14 +02:00			`protected $connection;`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00
			`/**`
Update last of existing services to use repositories, includes unit tests Also update PHPDocs on all the repository interfaces and classes to be correct. 2017-07-08 21:07:51 +02:00			`* @var \Illuminate\Contracts\Encryption\Encrypter`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00			`*/`
Update last of existing services to use repositories, includes unit tests Also update PHPDocs on all the repository interfaces and classes to be correct. 2017-07-08 21:07:51 +02:00			`protected $encrypter;`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00
			`/**`
Refactor (again) 2017-07-09 19:29:18 +02:00			`* @var \Pterodactyl\Services\Api\PermissionService`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00			`*/`
			`protected $permissionService;`

Update last of existing services to use repositories, includes unit tests Also update PHPDocs on all the repository interfaces and classes to be correct. 2017-07-08 21:07:51 +02:00			`/**`
			`* @var \Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface`
			`*/`
			`protected $repository;`

Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00			`/**`
			`* ApiKeyService constructor.`
			`*`
Update last of existing services to use repositories, includes unit tests Also update PHPDocs on all the repository interfaces and classes to be correct. 2017-07-08 21:07:51 +02:00			`* @param \Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface $repository`
Should wrap up the base landing page stuff for accounts, next step is server rendering 2017-08-31 04:11:14 +02:00			`* @param \Illuminate\Database\ConnectionInterface $connection`
Update last of existing services to use repositories, includes unit tests Also update PHPDocs on all the repository interfaces and classes to be correct. 2017-07-08 21:07:51 +02:00			`* @param \Illuminate\Contracts\Encryption\Encrypter $encrypter`
Refactor (again) 2017-07-09 19:29:18 +02:00			`* @param \Pterodactyl\Services\Api\PermissionService $permissionService`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00			`*/`
			`public function __construct(`
Update last of existing services to use repositories, includes unit tests Also update PHPDocs on all the repository interfaces and classes to be correct. 2017-07-08 21:07:51 +02:00			`ApiKeyRepositoryInterface $repository,`
Should wrap up the base landing page stuff for accounts, next step is server rendering 2017-08-31 04:11:14 +02:00			`ConnectionInterface $connection,`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00			`Encrypter $encrypter,`
Refactor (again) 2017-07-09 19:29:18 +02:00			`PermissionService $permissionService`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00			`) {`
Update last of existing services to use repositories, includes unit tests Also update PHPDocs on all the repository interfaces and classes to be correct. 2017-07-08 21:07:51 +02:00			`$this->repository = $repository;`
Should wrap up the base landing page stuff for accounts, next step is server rendering 2017-08-31 04:11:14 +02:00			`$this->connection = $connection;`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00			`$this->encrypter = $encrypter;`
			`$this->permissionService = $permissionService;`
			`}`

			`/**`
			`* Create a new API Key on the system with the given permissions.`
			`*`
Massive PHPCS linting 2017-08-22 05:10:48 +02:00			`* @param array $data`
			`* @param array $permissions`
			`* @param array $administrative`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00			`* @return string`
			`*`
			`* @throws \Exception`
			`* @throws \Pterodactyl\Exceptions\Model\DataValidationException`
			`*/`
Should wrap up the base landing page stuff for accounts, next step is server rendering 2017-08-31 04:11:14 +02:00			`public function handle(array $data, array $permissions, array $administrative = [])`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00			`{`
Update random ID method to use str_random and not random_bytes The use of random_bytes in combination with bin2hex was producing a lot of duplicate keys when tested in batches of 10k (anywhere from 2 to 6). The use of str_random yielded no duplicates even at scales of 100k keys that were 8 characters. 2017-09-14 06:07:02 +02:00			`$publicKey = str_random(self::PUB_CRYPTO_LENGTH);`
			`$secretKey = str_random(self::PRIV_CRYPTO_LENGTH);`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00
			`// Start a Transaction`
Should wrap up the base landing page stuff for accounts, next step is server rendering 2017-08-31 04:11:14 +02:00			`$this->connection->beginTransaction();`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00
Update last of existing services to use repositories, includes unit tests Also update PHPDocs on all the repository interfaces and classes to be correct. 2017-07-08 21:07:51 +02:00			`$data = array_merge($data, [`
			`'public' => $publicKey,`
			`'secret' => $this->encrypter->encrypt($secretKey),`
			`]);`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00
Update last of existing services to use repositories, includes unit tests Also update PHPDocs on all the repository interfaces and classes to be correct. 2017-07-08 21:07:51 +02:00			`$instance = $this->repository->create($data, true, true);`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00			`$nodes = $this->permissionService->getPermissions();`

			`foreach ($permissions as $permission) {`
Fix bug with permissions including more than one dash, closes #727 2017-11-05 20:42:57 +01:00			`@list($block, $search) = explode('-', $permission, 2);`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00
			`if (`
			`(empty($block) \|\| empty($search)) \|\|`
			`! array_key_exists($block, $nodes['_user']) \|\|`
			`! in_array($search, $nodes['_user'][$block])`
			`) {`
			`continue;`
			`}`

Update last of existing services to use repositories, includes unit tests Also update PHPDocs on all the repository interfaces and classes to be correct. 2017-07-08 21:07:51 +02:00			`$this->permissionService->create($instance->id, sprintf('user.%s', $permission));`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00			`}`

			`foreach ($administrative as $permission) {`
Fix bug with permissions including more than one dash, closes #727 2017-11-05 20:42:57 +01:00			`@list($block, $search) = explode('-', $permission, 2);`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00
			`if (`
			`(empty($block) \|\| empty($search)) \|\|`
			`! array_key_exists($block, $nodes) \|\|`
			`! in_array($search, $nodes[$block])`
			`) {`
			`continue;`
			`}`

Update last of existing services to use repositories, includes unit tests Also update PHPDocs on all the repository interfaces and classes to be correct. 2017-07-08 21:07:51 +02:00			`$this->permissionService->create($instance->id, $permission);`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00			`}`

Should wrap up the base landing page stuff for accounts, next step is server rendering 2017-08-31 04:11:14 +02:00			`$this->connection->commit();`
Add ApiKey service, cleanup old API key methods https://zube.io/pterodactyl/panel/c/525 2017-06-25 22:31:50 +02:00
			`return $secretKey;`
			`}`
			`}`