Make PHP example configurable

Signed-off-by: Mihkel Kivisild [email protected]
Co-authored-by: Villu Roogna [email protected]

README.md

@@ -369,14 +369,30 @@ $generator = (new ChallengeNonceGeneratorBuilder())
 
 An example implementation is provided in the `example` directory. Please update the site origin in the `tokenValidator()` function before running it.
 
-Execute the following composer commands:
+Example implementation uses AltoRouter (https://dannyvankooten.github.io/AltoRouter/) and works out of the box in Apache with mod_rewrite module. Use `example/public/.htaccess` and https://dannyvankooten.github.io/AltoRouter/usage/rewrite-requests.html for reference if you want to use a different web server.
+
+Take the files from the `example` folder. You can rename this folder but in this documentation we still refer it as `example` folder.
+
+Create new folder `certificates` in `example` folder.
+
+Download ESTEID-SK 2015 and ESTEID2018 certificates in DER format from https://www.skidsolutions.eu/en/repository/certs 
+and put them in `certificates` folder.
+
+Execute the following composer commands to install dependencies:
 
 ```
 composer install
 composer dump-autoload
 ```
 
-Please note that there are no certificate files included in this example. You can find EstEID certificates from [here](https://www.skidsolutions.eu/en/repository/certs).
+Change origin url (used by token validator) to match the url you are running the example on (set to https://localhost by default) by changing the array key  `origin_url` in `example/src/app.conf.php`. You can also override settings with environmental variable that is constructed by appending uppercased setting name to prefix 'WEB_EID_SAMPLE_'. This is useful for example in containerized environments like docker. 
+
+For example to override origin_url set environmental variable:
+
+```
+WEB_EID_SAMPLE_ORIGIN_URL
+```
+Point your Apache web server Document Root to `/example/public` folder.
 
 # Dependency versioning policy
 

example/public/index.php

@@ -31,5 +31,7 @@
 
 require __DIR__ . '/../vendor/autoload.php';
 
-$router = new Router();
+$configArr = require_once __DIR__ . '/../src/app.conf.php';
+$config = Config::fromArray($configArr)->overrideFromEnv();
+$router = new Router($config);
 $router->init();

example/src/Auth.php

@@ -36,6 +36,11 @@
 
 class Auth
 {
+    private $config;
+
+    public function __construct($config) {
+        $this->config = $config;
+    }
 
     public function trustedIntermediateCACertificates(): array
     {
@@ -57,7 +62,7 @@ public function tokenValidator(): AuthTokenValidator
 
         return (new AuthTokenValidatorBuilder($logger))
             // Change the URL when you run the example in your own machine.
-            ->withSiteOrigin(new Uri("https://localhost:8443"))
+            ->withSiteOrigin(new Uri($this->config->get('origin_url')))
             ->withTrustedCertificateAuthorities(...self::trustedIntermediateCACertificates())
             ->build();
     }

example/src/Config.php

@@ -0,0 +1,53 @@
+<?php
+
+/*
+ * Copyright (c) 2022-2023 Estonian Information System Authority
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+class Config
+{
+    private $configArr;
+
+    public static function fromArray($configArr)
+    {
+        $instance = new self();
+        $instance->configArr = $configArr;
+        return $instance;
+    }
+
+    public function overrideFromEnv()
+    {
+        foreach ($this->configArr as $key => $value) {
+            $envKey = 'WEB_EID_SAMPLE_'.strtoupper($key);
+            $envValue = getenv($envKey);
+            if ($envValue !== false) {
+                $this->configArr[$key] = $envValue;
+            }
+        }
+
+        return $this;
+    }
+
+    public function get($name)
+    {
+        return isset ($this->configArr[$name]) ? $this->configArr[$name] : null;
+    }
+}

example/src/Router.php

@@ -26,9 +26,14 @@
 
 class Router
 {
+    private $config;
+
+    public function __construct($config) {
+        $this->config = $config;
+    }
+
     public function init()
     {
-
         $router = new AltoRouter();
         $router->setBasePath("");
 
@@ -56,7 +61,7 @@ public function init()
         }
 
 
-        $controller = new $match["target"]["controller"];
+        $controller = new $match["target"]["controller"]($this->config);
         $method = $match["target"]["method"];
 
         call_user_func([$controller, $method], $match["params"], []);

example/src/app.conf.php

@@ -0,0 +1,5 @@
+<?php
+
+return [
+  'origin_url' => 'https://localhost',
+];