pieter/eveAI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7702a6dfcc39ea316528e8d60f128924dd48c170
eveAI/integrations/Wordpress/eveai-chat-widget/includes/class-eveai-api.php
Josako 7702a6dfcc - Modernized authentication with the introduction of TenantProject 
- Created a base mail template
- Adapt and improve document API to usage of catalogs and processors
- Adapt eveai_sync to new authentication mechanism and usage of catalogs and processors
2024-11-21 17:24:33 +01:00

164 lines
5.3 KiB
PHP
Raw Blame History

<?php
class EveAI_Chat_API {
private $security;
private $eveai_api_url;
public function __construct() {
$this->security = new EveAI_Chat_Security();
$this->eveai_api_url = 'https://api.eveai.com'; // Should come from settings
}
public function register_routes() {
register_rest_route('eveai/v1', '/session-token', array(
'methods' => 'POST',
'callback' => array($this, 'get_session_token'),
'permission_callback' => array($this, 'verify_request'),
'args' => array(
'tenant_id' => array(
'required' => true,
'validate_callback' => function($param) {
return is_numeric($param);
}
),
'domain' => array(
'required' => true,
'validate_callback' => function($param) {
return is_string($param) && !empty($param);
}
)
)
));
}
public function verify_request($request) {
// Origin verification
$origin = $request->get_header('origin');
if (!$this->security->verify_origin($origin)) {
return new WP_Error(
'invalid_origin',
'Invalid request origin',
array('status' => 403)
);
}
// Nonce verification
$nonce = $request->get_header('X-WP-Nonce');
if (!wp_verify_nonce($nonce, 'wp_rest')) {
return new WP_Error(
'invalid_nonce',
'Invalid nonce',
array('status' => 403)
);
}
return true;
}
public function get_session_token($request) {
try {
// Get the API key from WordPress options and decrypt it
$settings = get_option('eveai_chat_settings');
$encrypted_api_key = $settings['api_key'] ?? '';
if (empty($encrypted_api_key)) {
return new WP_Error(
'no_api_key',
'API key not configured',
array('status' => 500)
);
}
$api_key = $this->security->decrypt_sensitive_data($encrypted_api_key);
// Get parameters from request
$tenant_id = $request->get_param('tenant_id');
$domain = $request->get_param('domain');
// Request a session token from EveAI server
$response = wp_remote_post(
$this->eveai_api_url . '/session',
array(
'headers' => array(
'Authorization' => 'Bearer ' . $api_key,
'Content-Type' => 'application/json'
),
'body' => json_encode(array(
'tenant_id' => $tenant_id,
'domain' => $domain,
'origin' => get_site_url()
)),
'timeout' => 15,
'data_format' => 'body'
)
);
if (is_wp_error($response)) {
throw new Exception($response->get_error_message());
}
$response_code = wp_remote_retrieve_response_code($response);
if ($response_code !== 200) {
throw new Exception('Invalid response from EveAI server: ' . $response_code);
}
$body = json_decode(wp_remote_retrieve_body($response), true);
if (empty($body['token'])) {
throw new Exception('No token received from EveAI server');
}
// Log the token generation (optional, for debugging)
error_log(sprintf(
'Generated session token for tenant %d from domain %s',
$tenant_id,
$domain
));
return array(
'success' => true,
'session_token' => $body['token']
);
} catch (Exception $e) {
error_log('EveAI session token generation failed: ' . $e->getMessage());
return new WP_Error(
'token_generation_failed',
'Failed to generate session token: ' . $e->getMessage(),
array('status' => 500)
);
}
}
/**
* Validates the session token with EveAI server
* Can be used for additional security checks
*/
public function validate_session_token($token) {
try {
$response = wp_remote_post(
$this->eveai_api_url . '/validate-token',
array(
'headers' => array(
'Content-Type' => 'application/json'
),
'body' => json_encode(array(
'token' => $token
)),
'timeout' => 15
)
);
if (is_wp_error($response)) {
return false;
}
$body = json_decode(wp_remote_retrieve_body($response), true);
return isset($body['valid']) && $body['valid'] === true;
} catch (Exception $e) {
error_log('Token validation failed: ' . $e->getMessage());
return false;
}
}
}
Reference in New Issue View Git Blame Copy Permalink