<?php

// Version 1.0.0
//
//  Dependencies:
//  - PHP curl extension
//  - Guzzle (composer require guzzlehttp/guzzle)
//

require 'vendor/autoload.php';

use Psr\Http\Message\RequestInterface;
use GuzzleHttp\HandlerStack;
use GuzzleHttp\Handler\CurlHandler;
use GuzzleHttp\Client;
use GuzzleHttp\Middleware;


// TODO: Update these for your tenancy
$tenancy_id = 'ocid1.tenancy.oc1..aaaaaaaaba3pv6wkcr4jqae5f15p2b2m2yt2j6rx32uzr4h25vqstifsfdsq';
$user_id = 'ocid1.user.oc1..aaaaaaaat5nvwcna5j6aqzjcaty5eqbb6qt2jvpkanghtgdaqedqw3rynjq';
$thumbprint = '20:3b:97:13:55:1c:5b:0d:d3:37:d8:50:4e:c5:3a:34';
$region = 'us-phoenix-1';
$key_location = 'file://private.pem';
$key_passphrase = 'password';

$namespace = 'MyNamespace';
$bucket_name = 'MyBucket';
$file_to_upload = 'myfile.txt';

$key_id = "$tenancy_id/$user_id/$thumbprint";

function sign_string($data, $key_path, $passphrase){
    $pkeyid = openssl_pkey_get_private($key_path, $passphrase);
    if (!$pkeyid) {
        exit('Error reading private key');
    }

    openssl_sign($data, $signature, $pkeyid, OPENSSL_ALGO_SHA256);

    // free the key from memory
    openssl_free_key($pkeyid);

    return base64_encode($signature);
}

function oci_signer_middleware(RequestInterface $request) {
    global $key_id;
    global $key_location;
    global $key_passphrase;

    // headers required for all HTTP verbs
    $headers = "date (request-target) host";

    // example: Thu, 05 Jan 2014 21:31:40 GMT
    $date=gmdate("D, d M Y H:i:s T", time());
    $method = strtolower($request->getMethod());
    $request_target = $request->getRequestTarget();
    $host = $request->getHeader('Host')[0];

    $request = $request->withHeader('Date', $date);

    $signing_string = "date: $date\n(request-target): $method $request_target\nhost: $host";

    // additional required headers for POST and PUT requests
    if ($method == 'post' || $method == 'put') {
        $content_length = $request->getHeader('Content-Length')[0];

        // if content length is 0 we still need to explicitly send the Content-Length header
        if (!$content_length){
            $content_length = 0;
            $request = $request->withHeader('Content-Length', 0);
        }

        $content_type = $request->getHeader('Content-Type')[0];
        $content_sha256 = base64_encode(hex2bin(hash("sha256", $request->getBody())));

        $request = $request->withHeader('x-content-sha256', $content_sha256);

        $headers = $headers . " content-length content-type x-content-sha256";
        $signing_string = $signing_string . "\ncontent-length: $content_length\ncontent-type: $content_type\nx-content-sha256: $content_sha256";
    }

    echo "Signing string:\n$signing_string".PHP_EOL;

    $signature = sign_string($signing_string, $key_location, $key_passphrase);

    $authorization_header = "Signature version=\"1\",keyId=\"$key_id\",algorithm=\"rsa-sha256\",headers=\"$headers\",signature=\"$signature\"";
    $request = $request->withHeader('Authorization', $authorization_header);
    
    echo "\nRequest headers:".PHP_EOL;
    foreach ($request->getHeaders() as $name => $values) {
        echo $name . ': ' . implode(', ', $values) . "\n";
    }

    return $request;
}

// EXAMPLE REQUESTS
$handler = new CurlHandler();
$stack = HandlerStack::create($handler);

// place signing middleware after prepare-body so it can access Content-Length header
$stack->after('prepare_body', Middleware::mapRequest('oci_signer_middleware'));

$client = new Client([
    'handler' => $stack
]);

// GET current user
echo "************************************".PHP_EOL;
echo "Getting user: $user_id...".PHP_EOL;
echo "************************************".PHP_EOL;
$response = $client->get("https://identity.$region.oraclecloud.com/20160918/users/$user_id");
echo "\nResponse:\n";
echo $response->getStatusCode().PHP_EOL;
echo $response->getBody().PHP_EOL.PHP_EOL;

// Create a VCN
echo "************************************".PHP_EOL;
echo "Creating VCN...".PHP_EOL;
echo "************************************".PHP_EOL;
$body = "{\"cidrBlock\" : \"10.0.0.0/16\",\"compartmentId\" : \"$tenancy_id\",\"displayName\" : \"MyPhpVcn\"}";
$response = $client->post("https://iaas.$region.oraclecloud.com/20160918/vcns", [ "body" => $body, 'headers' => ['Content-Type' => 'application/json']]);
echo "\nResponse:".PHP_EOL;
echo $response->getStatusCode().PHP_EOL;
echo $response->getBody().PHP_EOL.PHP_EOL;

// PUT object with no content
echo "************************************".PHP_EOL;
echo "Putting object 'NewObject'...".PHP_EOL;
echo "************************************".PHP_EOL;
$body = '';
$response = $client->put("https://objectstorage.$region.oraclecloud.com/n/$namespace/b/$bucket_name/o/NewObject", [ "body" => $body, 'headers' => ['Content-Type' => 'application/json']]);
echo "\nResponse:\n";
echo $response->getStatusCode().PHP_EOL;
echo $response->getBody().PHP_EOL;

// PUT object with content
echo "************************************".PHP_EOL;
echo "Putting object 'NewObject2'...".PHP_EOL;
echo "************************************".PHP_EOL;

$file_handle = fopen($file_to_upload, "rb");
$body = "";
while (!feof($file_handle)) {
   $body = $body . fgets($file_handle);
}
fclose($file_handle);

$response = $client->put("https://objectstorage.$region.oraclecloud.com/n/$namespace/b/$bucket_name/o/NewObject2", [ "body" => $body, 'headers' => ['Content-Type' => 'application/octet-stream']]);
echo "\nResponse:\n";
echo $response->getStatusCode().PHP_EOL;
echo $response->getBody().PHP_EOL;

?>