Hamza/musadaq-saas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🚀 مُصادَق: تحديث برمجي جديد 2026-05-03 16:43

Browse Source
This commit is contained in:
Hamza-Ayed
2026-05-03 16:43:46 +03:00
parent 3aeb3220f1
commit 0488c17107
26 changed files with 1282 additions and 1153 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
app/Services/AuditService.php
View File

@@ -1,7 +1,5 @@
<?php
declare(strict_types=1);
namespace App\Services;
use App\Core\Database;
@@ -10,30 +8,33 @@ final class AuditService
{
public static function log(
string $action,
?string $tenantId = null,
?string $userId = null,
?string $entityType = null,
?string $entityId = null,
?array $oldData = null,
?array $newData = null,
?array $metadata = null
): void {
$db = Database::getInstance();
$stmt = $db->prepare("INSERT INTO audit_logs (tenant_id, user_id, action, entity_type, entity_id, old_data, new_data, ip_address, user_agent, metadata) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
// This would be populated from the global Request context
$tenantId = $GLOBALS['current_tenant_id'] ?? null;
$userId = $GLOBALS['current_user_id'] ?? null;
$stmt->execute([
$tenantId,
$userId,
$action,
$entityType,
$entityId,
$oldData ? json_encode($oldData) : null,
$newData ? json_encode($newData) : null,
$_SERVER['REMOTE_ADDR'] ?? null,
$_SERVER['HTTP_USER_AGENT'] ?? null,
$metadata ? json_encode($metadata) : null
]);
try {
$db = Database::getInstance();
$stmt = $db->prepare("INSERT INTO audit_logs
(tenant_id, user_id, action, entity_type, entity_id, old_data, new_data, ip_address, user_agent, metadata, created_at)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, NOW())");
$stmt->execute([
$tenantId,
$userId,
$action,
$entityType,
$entityId,
$oldData ? json_encode($oldData, JSON_UNESCAPED_UNICODE) : null,
$newData ? json_encode($newData, JSON_UNESCAPED_UNICODE) : null,
$_SERVER['REMOTE_ADDR'] ?? null,
$_SERVER['HTTP_USER_AGENT'] ?? null,
$metadata ? json_encode($metadata, JSON_UNESCAPED_UNICODE) : null,
]);
} catch (\Throwable $e) {
error_log('[Audit] Failed: ' . $e->getMessage());
}
}
}

185
app/Services/JoFotara/UBLGeneratorService.php
View File

@@ -1,112 +1,147 @@
<?php
declare(strict_types=1);
namespace App\Services\JoFotara;
/**
* UBLGeneratorService
*
* Generates UBL 2.1 compliant XML for the Jordanian Income and Sales Tax Department (ISTD).
* Based on the JoFotara Technical Specifications.
* Generates UBL 2.1 compliant XML using DOMDocument for precise namespace control.
*/
final class UBLGeneratorService
{
public function generate(array $invoice, array $lines, array $company): string
{
$xml = new \SimpleXMLElement('<?xml version="1.0" encoding="UTF-8"?><Invoice xmlns="urn:oasis:names:specification:ubl:schema:xsd:Invoice-2" xmlns:cac="urn:oasis:names:specification:ubl:schema:xsd:CommonAggregateComponents-2" xmlns:cbc="urn:oasis:names:specification:ubl:schema:xsd:CommonBasicComponents-2"></Invoice>');
$dom = new \DOMDocument('1.0', 'UTF-8');
$dom->formatOutput = true;
$root = $dom->createElementNS('urn:oasis:names:specification:ubl:schema:xsd:Invoice-2', 'Invoice');
$root->setAttributeNS('http://www.w3.org/2000/xmlns/', 'xmlns:cac', 'urn:oasis:names:specification:ubl:schema:xsd:CommonAggregateComponents-2');
$root->setAttributeNS('http://www.w3.org/2000/xmlns/', 'xmlns:cbc', 'urn:oasis:names:specification:ubl:schema:xsd:CommonBasicComponents-2');
$dom->appendChild($root);
// 1. Basic Information
$xml->addChild('cbc:UBLVersionID', '2.1');
$xml->addChild('cbc:CustomizationID', 'TRADACO-2.1');
$xml->addChild('cbc:ProfileID', 'reporting:1.0');
$xml->addChild('cbc:ID', $invoice['invoice_number']);
$xml->addChild('cbc:IssueDate', $invoice['invoice_date']);
$xml->addChild('cbc:InvoiceTypeCode', $invoice['ubl_type_code'] ?? '388')->addAttribute('name', $invoice['invoice_category'] ?? '01');
$xml->addChild('cbc:DocumentCurrencyCode', 'JOD');
$xml->addChild('cbc:TaxCurrencyCode', 'JOD');
// 2. AccountingSupplierParty (The Seller/Company)
$supplier = $xml->addChild('cac:AccountingSupplierParty');
$sParty = $supplier->addChild('cac:Party');
$sParty->addChild('cac:PartyIdentification')->addChild('cbc:ID', $company['tax_identification_number'])->addAttribute('schemeID', 'TN');
$sName = $sParty->addChild('cac:PartyName');
$sName->addChild('cbc:Name', $company['name']);
$root->appendChild($dom->createElement('cbc:UBLVersionID', '2.1'));
$root->appendChild($dom->createElement('cbc:CustomizationID', 'TRADACO-2.1'));
$root->appendChild($dom->createElement('cbc:ProfileID', 'reporting:1.0'));
$root->appendChild($dom->createElement('cbc:ID', $invoice['invoice_number']));
$root->appendChild($dom->createElement('cbc:IssueDate', $invoice['invoice_date']));
$sAddr = $sParty->addChild('cac:PostalAddress');
$sAddr->addChild('cbc:CityName', $company['city'] ?? 'Amman');
$sAddr->addChild('cac:Country')->addChild('cbc:IdentificationCode', 'JO');
$typeCode = $dom->createElement('cbc:InvoiceTypeCode', $invoice['ubl_type_code'] ?? '388');
$typeCode->setAttribute('name', $invoice['invoice_category'] ?? '01');
$root->appendChild($typeCode);
$sTaxScheme = $sParty->addChild('cac:PartyTaxScheme');
$sTaxScheme->addChild('cbc:RegistrationName', $company['name']);
$sTaxScheme->addChild('cbc:CompanyID', $company['tax_identification_number']);
$sTaxScheme->addChild('cac:TaxScheme')->addChild('cbc:ID', 'VAT');
$root->appendChild($dom->createElement('cbc:DocumentCurrencyCode', 'JOD'));
$root->appendChild($dom->createElement('cbc:TaxCurrencyCode', 'JOD'));
$sLegalEntity = $sParty->addChild('cac:PartyLegalEntity');
$sLegalEntity->addChild('cbc:RegistrationName', $company['name']);
$sLegalEntity->addChild('cbc:CompanyID', $company['tax_identification_number']);
// 3. AccountingCustomerParty (The Buyer)
$customer = $xml->addChild('cac:AccountingCustomerParty');
$cParty = $customer->addChild('cac:Party');
// 2. AccountingSupplierParty
$supplierParty = $dom->createElement('cac:AccountingSupplierParty');
$party = $dom->createElement('cac:Party');
$partyId = $dom->createElement('cac:PartyIdentification');
$idNode = $dom->createElement('cbc:ID', $company['tax_identification_number']);
$idNode->setAttribute('schemeID', 'TN');
$partyId->appendChild($idNode);
$party->appendChild($partyId);
$partyName = $dom->createElement('cac:PartyName');
$partyName->appendChild($dom->createElement('cbc:Name', $company['name']));
$party->appendChild($partyName);
$addr = $dom->createElement('cac:PostalAddress');
$addr->appendChild($dom->createElement('cbc:CityName', $company['city'] ?? 'Amman'));
$country = $dom->createElement('cac:Country');
$country->appendChild($dom->createElement('cbc:IdentificationCode', 'JO'));
$addr->appendChild($country);
$party->appendChild($addr);
$taxScheme = $dom->createElement('cac:PartyTaxScheme');
$taxScheme->appendChild($dom->createElement('cbc:RegistrationName', $company['name']));
$taxScheme->appendChild($dom->createElement('cbc:CompanyID', $company['tax_identification_number']));
$ts = $dom->createElement('cac:TaxScheme');
$ts->appendChild($dom->createElement('cbc:ID', 'VAT'));
$taxScheme->appendChild($ts);
$party->appendChild($taxScheme);
$legalEntity = $dom->createElement('cac:PartyLegalEntity');
$legalEntity->appendChild($dom->createElement('cbc:RegistrationName', $company['name']));
$party->appendChild($legalEntity);
$supplierParty->appendChild($party);
$root->appendChild($supplierParty);
// 3. AccountingCustomerParty
$customerParty = $dom->createElement('cac:AccountingCustomerParty');
$cParty = $dom->createElement('cac:Party');
$cName = $dom->createElement('cac:PartyName');
$cName->appendChild($dom->createElement('cbc:Name', $invoice['buyer_name'] ?? 'عميل عام'));
$cParty->appendChild($cName);
if (!empty($invoice['buyer_tin'])) {
$cParty->addChild('cac:PartyIdentification')->addChild('cbc:ID', $invoice['buyer_tin'])->addAttribute('schemeID', 'TN');
} elseif (!empty($invoice['buyer_national_id'])) {
$cParty->addChild('cac:PartyIdentification')->addChild('cbc:ID', $invoice['buyer_national_id'])->addAttribute('schemeID', 'NID');
$cId = $dom->createElement('cac:PartyIdentification');
$cidNode = $dom->createElement('cbc:ID', $invoice['buyer_tin']);
$cidNode->setAttribute('schemeID', 'TN');
$cId->appendChild($cidNode);
$cParty->appendChild($cId);
}
$cName = $cParty->addChild('cac:PartyName');
$cName->addChild('cbc:Name', $invoice['buyer_name'] ?? 'General Customer');
$cTaxScheme = $cParty->addChild('cac:PartyTaxScheme');
$cTaxScheme->addChild('cac:TaxScheme')->addChild('cbc:ID', 'VAT');
$customerParty->appendChild($cParty);
$root->appendChild($customerParty);
// 4. PaymentMeans
$payment = $xml->addChild('cac:PaymentMeans');
$payment->addChild('cbc:PaymentMeansCode', $invoice['payment_method_code'] ?? '10');
$paymentMeans = $dom->createElement('cac:PaymentMeans');
$paymentMeans->appendChild($dom->createElement('cbc:PaymentMeansCode', $invoice['payment_method_code'] ?? '10'));
$root->appendChild($paymentMeans);
// 5. TaxTotal
$taxTotal = $xml->addChild('cac:TaxTotal');
$taxTotal->addChild('cbc:TaxAmount', number_format((float)$invoice['tax_amount'], 3, '.', ''))->addAttribute('currencyID', 'JOD');
$taxSubtotal = $taxTotal->addChild('cac:TaxSubtotal');
$taxSubtotal->addChild('cbc:TaxableAmount', number_format((float)$invoice['subtotal'], 3, '.', ''))->addAttribute('currencyID', 'JOD');
$taxSubtotal->addChild('cbc:TaxAmount', number_format((float)$invoice['tax_amount'], 3, '.', ''))->addAttribute('currencyID', 'JOD');
$taxCategory = $taxSubtotal->addChild('cac:TaxCategory');
$taxCategory->addChild('cbc:ID', 'S');
$taxCategory->addChild('cbc:Percent', '16.00'); // Default Jordan VAT
$taxCategory->addChild('cac:TaxScheme')->addChild('cbc:ID', 'VAT');
$taxTotal = $dom->createElement('cac:TaxTotal');
$taxAmt = $dom->createElement('cbc:TaxAmount', number_format((float)$invoice['tax_amount'], 3, '.', ''));
$taxAmt->setAttribute('currencyID', 'JOD');
$taxTotal->appendChild($taxAmt);
$root->appendChild($taxTotal);
// 6. LegalMonetaryTotal
$legalMonetaryTotal = $xml->addChild('cac:LegalMonetaryTotal');
$legalMonetaryTotal->addChild('cbc:LineExtensionAmount', number_format((float)$invoice['subtotal'], 3, '.', ''))->addAttribute('currencyID', 'JOD');
$legalMonetaryTotal->addChild('cbc:TaxExclusiveAmount', number_format((float)$invoice['subtotal'], 3, '.', ''))->addAttribute('currencyID', 'JOD');
$legalMonetaryTotal->addChild('cbc:TaxInclusiveAmount', number_format((float)$invoice['grand_total'], 3, '.', ''))->addAttribute('currencyID', 'JOD');
$legalMonetaryTotal->addChild('cbc:AllowanceTotalAmount', number_format((float)($invoice['discount_total'] ?? 0), 3, '.', ''))->addAttribute('currencyID', 'JOD');
$legalMonetaryTotal->addChild('cbc:PayableAmount', number_format((float)$invoice['grand_total'], 3, '.', ''))->addAttribute('currencyID', 'JOD');
$monetaryTotal = $dom->createElement('cac:LegalMonetaryTotal');
$fields = [
'LineExtensionAmount' => $invoice['subtotal'],
'TaxExclusiveAmount' => $invoice['subtotal'],
'TaxInclusiveAmount' => $invoice['grand_total'],
'AllowanceTotalAmount' => $invoice['discount_total'] ?? 0,
'PayableAmount' => $invoice['grand_total']
];
foreach ($fields as $field => $val) {
$node = $dom->createElement('cbc:' . $field, number_format((float)$val, 3, '.', ''));
$node->setAttribute('currencyID', 'JOD');
$monetaryTotal->appendChild($node);
}
$root->appendChild($monetaryTotal);
// 7. Invoice Lines
foreach ($lines as $line) {
$invoiceLine = $xml->addChild('cac:InvoiceLine');
$invoiceLine->addChild('cbc:ID', (string)$line['line_number']);
$invoiceLine->addChild('cbc:InvoicedQuantity', number_format((float)$line['quantity'], 3, '.', ''))->addAttribute('unitCode', 'PCE');
$invoiceLine->addChild('cbc:LineExtensionAmount', number_format((float)$line['line_total'], 3, '.', ''))->addAttribute('currencyID', 'JOD');
$iLine = $dom->createElement('cac:InvoiceLine');
$iLine->appendChild($dom->createElement('cbc:ID', (string)$line['line_number']));
$item = $invoiceLine->addChild('cac:Item');
$item->addChild('cbc:Description', $line['description']);
$itemTaxCategory = $item->addChild('cac:TaxCategory');
$itemTaxCategory->addChild('cbc:ID', 'S');
$itemTaxCategory->addChild('cbc:Percent', '16.00');
$itemTaxCategory->addChild('cac:TaxScheme')->addChild('cbc:ID', 'VAT');
$qty = $dom->createElement('cbc:InvoicedQuantity', number_format((float)$line['quantity'], 3, '.', ''));
$qty->setAttribute('unitCode', 'PCE');
$iLine->appendChild($qty);
$lineExt = $dom->createElement('cbc:LineExtensionAmount', number_format((float)$line['line_total'], 3, '.', ''));
$lineExt->setAttribute('currencyID', 'JOD');
$iLine->appendChild($lineExt);
$price = $invoiceLine->addChild('cac:Price');
$price->addChild('cbc:PriceAmount', number_format((float)$line['unit_price'], 3, '.', ''))->addAttribute('currencyID', 'JOD');
$item = $dom->createElement('cac:Item');
$item->appendChild($dom->createElement('cbc:Description', $line['description']));
$iLine->appendChild($item);
$price = $dom->createElement('cac:Price');
$pAmt = $dom->createElement('cbc:PriceAmount', number_format((float)$line['unit_price'], 3, '.', ''));
$pAmt->setAttribute('currencyID', 'JOD');
$price->appendChild($pAmt);
$iLine->appendChild($price);
$root->appendChild($iLine);
}
// Return formatted XML
$dom = dom_import_simplexml($xml)->ownerDocument;
$dom->formatOutput = true;
return $dom->saveXML();
}
}

54
app/Services/Security/EncryptionService.php
View File

@@ -13,50 +13,36 @@ final class EncryptionService
public function __construct()
{
// Load encryption key from secrets config
$secrets = require __DIR__ . '/../../../config/secrets.php';
$this->key = $secrets['encryption_key'] ?? '';
// Load from config/secrets.php — NEVER from .env directly
$secrets = require dirname(__DIR__, 3) . '/config/secrets.php';
$key = $secrets['encryption_key'] ?? '';
// Ensure key is hexadecimal and convert to binary (32 bytes)
if (strlen($this->key) === 64) {
$this->key = hex2bin($this->key);
}
if (strlen($this->key) !== 32) {
throw new Exception("Security Error: Invalid ENCRYPTION_KEY length. Must be 32 bytes.");
if (strlen($key) !== 32) {
throw new \RuntimeException(
'ENCRYPTION_KEY_B64 not set or invalid. ' .
'Generate: php -r "echo base64_encode(random_bytes(32));"'
);
}
$this->key = $key;
}
public function encrypt(string $plaintext): string
{
$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length(self::METHOD));
$ciphertext = openssl_encrypt($plaintext, self::METHOD, $this->key, 0, $iv, $tag);
if ($ciphertext === false) {
throw new Exception("Encryption failed.");
}
$iv = random_bytes(12); // 12 bytes for GCM
$tag = '';
$ciphertext = openssl_encrypt($plaintext, self::METHOD, $this->key, OPENSSL_RAW_DATA, $iv, $tag, '', 16);
if ($ciphertext === false) throw new \RuntimeException('Encryption failed');
return base64_encode($iv) . ':' . base64_encode($ciphertext) . ':' . base64_encode($tag);
}
public function decrypt(string $encryptedData): string
public function decrypt(string $data): string
{
$parts = explode(':', $encryptedData);
if (count($parts) !== 3) {
throw new Exception("Invalid encrypted data format.");
}
[$ivBase64, $ciphertextBase64, $tagBase64] = $parts;
$iv = base64_decode($ivBase64);
$ciphertext = base64_decode($ciphertextBase64);
$tag = base64_decode($tagBase64);
$plaintext = openssl_decrypt($ciphertext, self::METHOD, $this->key, 0, $iv, $tag);
if ($plaintext === false) {
throw new Exception("Decryption failed.");
}
[$iv64, $ct64, $tag64] = explode(':', $data);
$plaintext = openssl_decrypt(
base64_decode($ct64), self::METHOD, $this->key,
OPENSSL_RAW_DATA, base64_decode($iv64), base64_decode($tag64)
);
if ($plaintext === false) throw new \RuntimeException('Decryption failed');
return $plaintext;
}
}

44
app/Services/Security/HmacService.php
View File

@@ -11,35 +11,29 @@ final class HmacService
/**
* Verify HMAC signature for external API requests (Flutter)
*/
public function verify(
string $secret,
string $method,
string $path,
string $timestamp,
string $nonce,
string $body,
string $providedSignature
): bool {
// 1. Check timestamp (within 5 minutes)
if (abs(time() - (int)$timestamp) > 300) {
return false;
public function verify(string $secret, string $method, string $path,
string $timestamp, string $nonce, string $body, string $signature): bool
{
// 1. Timestamp window (±5 minutes)
if (abs(time() - (int)$timestamp) > 300) return false;
// 2. Nonce replay protection
try {
$redis = \App\Core\Redis::getInstance();
$nonceKey = 'hmac_nonce:' . $nonce;
if ($redis->exists($nonceKey)) return false; // Replay attack
$redis->setex($nonceKey, 600, '1'); // TTL 10 minutes
} catch (\Throwable $e) {
// Redis unavailable — log but don't fail (degrade gracefully)
error_log('[HMAC] Redis unavailable for nonce check: ' . $e->getMessage());
}
// 2. Replay protection using Nonce in Redis
// Note: Redis::getInstance() would be used here
// If nonce exists, reject
// 3. Calculate Signature
// 3. Build & compare signature
$bodyHash = hash('sha256', $body);
$stringToSign = strtoupper($method) . "\n" .
$path . "\n" .
$timestamp . "\n" .
$nonce . "\n" .
$bodyHash;
$stringToSign = strtoupper($method) . "\n" . $path . "\n" . $timestamp . "\n" . $nonce . "\n" . $bodyHash;
$calculated = hash_hmac('sha256', $stringToSign, $secret);
$calculatedSignature = hash_hmac('sha256', $stringToSign, $secret);
return hash_equals($calculatedSignature, $providedSignature);
return hash_equals($calculated, $signature);
}
public function sign(string $secret, string $method, string $path, string $timestamp, string $nonce, string $body): string

17
app/Services/TaxValidationService.php
View File

@@ -50,11 +50,18 @@ final class TaxValidationService
$errors[] = ['code' => 'RULE_006', 'message_ar' => 'يجب تزويد الرقم الضريبي أو الوطني للمشتري للفواتير التي تتجاوز 10,000 دينار'];
}
// Rule 007: Discount integrity
$expectedSubtotal = $invoice['subtotal'] - $invoice['discount_total'];
// This is a simplified check for Rule 007
if ($expectedSubtotal < 0) {
$errors[] = ['code' => 'RULE_007', 'message_ar' => 'إجمالي الخصم لا يمكن أن يتجاوز المجموع الفرعي'];
// Rule 007: Discount integrity — subtotal - discount = Σ(line totals before tax)
$lineSumBeforeTax = array_sum(array_map(
fn($l) => round(($l['quantity'] * $l['unit_price']) - ($l['discount'] ?? 0), 3),
$lines
));
$expected = round($invoice['subtotal'] - $invoice['discount_total'], 3);
if (abs($expected - $lineSumBeforeTax) > 0.01) {
$errors[] = [
'code' => 'RULE_007',
'message_ar' => "خطأ في حساب الخصومات: المتوقع {$expected} JOD، المحسوب {$lineSumBeforeTax} JOD",
'message_en' => "Discount integrity error"
];
}
return [

92
app/Services/TotpService.php
View File

@@ -1,83 +1,67 @@
<?php
declare(strict_types=1);
namespace App\Services;
/**
* TotpService
*
* Implements RFC 6238 for Two-Factor Authentication (TOTP).
*/
final class TotpService
{
private const ALPHABET = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567';
public function generateSecret(): string
{
// Generate a random 16-character base32 secret
$chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567';
$secret = '';
for ($i = 0; $i < 16; $i++) {
$secret .= self::ALPHABET[random_int(0, 31)];
$secret .= $chars[random_int(0, 31)];
}
return $secret;
}
public function verify(string $secret, string $code): bool
public function getQrCodeUrl(string $email, string $secret): string
{
$currentTime = floor(time() / 30);
// Check current, previous and next window (allow 30s clock drift)
for ($i = -1; $i <= 1; $i++) {
if ($this->calculateCode($secret, (int)($currentTime + $i)) === $code) {
return true;
}
}
return false;
$issuer = urlencode('Musadaq');
$email = urlencode($email);
$qrUrl = "otpauth://totp/Musadaq:{$email}?secret={$secret}&issuer=Musadaq";
return "https://api.qrserver.com/v1/create-qr-code/?size=200x200&data=" . urlencode($qrUrl);
}
private function calculateCode(string $secret, int $time): string
public function verify(string $secret, string $code, int $window = 1): bool
{
$key = $this->base32Decode($secret);
$timeHex = str_pad(dechex($time), 16, '0', STR_PAD_LEFT);
$timeBin = pack('H*', $timeHex);
$hash = hash_hmac('sha1', $timeBin, $key, true);
$offset = ord($hash[19]) & 0xf;
$otp = (
((ord($hash[$offset]) & 0x7f) << 24) |
((ord($hash[$offset + 1]) & 0xff) << 16) |
((ord($hash[$offset + 2]) & 0xff) << 8) |
(ord($hash[$offset + 3]) & 0xff)
) % 1000000;
return str_pad((string)$otp, 6, '0', STR_PAD_LEFT);
$time = floor(time() / 30);
for ($i = -$window; $i <= $window; $i++) {
$t = $time + $i;
$hash = hash_hmac('sha1', pack('N*', 0) . pack('N*', $t), $this->base32Decode($secret));
$offset = ord($hash[19]) & 0x0F;
$otp = ((ord($hash[$offset]) & 0x7F) << 24 | (ord($hash[$offset+1]) & 0xFF) << 16 | (ord($hash[$offset+2]) & 0xFF) << 8 | (ord($hash[$offset+3]) & 0xFF)) % 1000000;
if (str_pad((string)$otp, 6, '0', STR_PAD_LEFT) === $code) return true;
}
return false;
}
private function base32Decode(string $base32): string
{
$base32 = strtoupper($base32);
$buffer = 0;
$bufferSize = 0;
$decoded = '';
$base32chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567';
$base32charsFlipped = array_flip(str_split($base32chars));
for ($i = 0; $i < strlen($base32); $i++) {
$char = $base32[$i];
$pos = strpos(self::ALPHABET, $char);
if ($pos === false) continue;
$output = '';
$v = 0;
$vbits = 0;
$buffer = ($buffer << 5) | $pos;
$bufferSize += 5;
for ($i = 0, $j = strlen($base32); $i < $j; $i++) {
$v <<= 5;
if (isset($base32charsFlipped[$base32[$i]])) {
$v += $base32charsFlipped[$base32[$i]];
}
$vbits += 5;
if ($bufferSize >= 8) {
$bufferSize -= 8;
$decoded .= chr(($buffer >> $bufferSize) & 0xff);
while ($vbits >= 8) {
$vbits -= 8;
$output .= chr(($v >> $vbits) & 0xFF);
}
}
return $decoded;
}
public function getQrCodeUrl(string $userEmail, string $secret, string $issuer = 'Musadaq'): string
{
$label = urlencode($issuer . ':' . $userEmail);
$otpauth = "otpauth://totp/{$label}?secret={$secret}&issuer=" . urlencode($issuer);
return "https://api.qrserver.com/v1/create-qr-code/?size=200x200&data=" . urlencode($otpauth);
return $output;
}
}