.env.dist

@@ -55,9 +55,6 @@ CVU_BRAND_ID=insert_brandid_for_unknown_vehicles
 # country code prefix
 COUNTRY_CODE=+insert_country_code_here
 
-# redis hash
-LATEST_ACTIVE_JO=latest_active_jo
-
 # dashboard
 DASHBOARD_ENABLE=set_to_true_or_false
 
@@ -70,11 +67,8 @@ INVENTORY_API_AUTH_TOKEN=insert_auth_token_here
 # API logging
 API_LOGGING=set_to_true_or_false
 
-# customer distance limit in km for mobile
-CUST_DISTANCE_LIMIT=5
-
-# customer distance limit in km for admin panel
-CUST_DISTANCE_LIMIT_ADMIN_PANEL=5
+# customer distance limit in km
+CUST_DISTANCE_LIMIT=set_to_number
 
 MAPTILER_API_KEY=map_tiler_api_key
 
@@ -83,10 +77,3 @@ API_VERSION=insert_api_version_here
 
 #SSL_ENABLE for websockets
 SSL_ENABLE=set_to_true_or_false
-
-# for hub filtering round robin
-HUB_JO_KEY=hub_jo_count
-
-# hub geofence
-HUB_GEOFENCE_ENABLE=set_to_true_or_false
-HUB_FILTER_ENABLE=set_to_true_or_false

.gitignore

@@ -11,7 +11,3 @@
 ###< symfony/framework-bundle ###
 
 *.swp
-/public/warranty_uploads/*
-.vscode
-*__pycache__
-/public/assets/images/insurance-premiums.png

catalyst/api-bundle/Access/Generator.php

@@ -0,0 +1,9 @@
+<?php
+
+namespace Catalyst\APIBundle\Access;
+
+use Catalyst\AuthBundle\Service\ACLGenerator as BaseGenerator;
+
+class Generator extends BaseGenerator
+{
+}

catalyst/api-bundle/Access/Voter.php

@@ -0,0 +1,10 @@
+<?php
+
+namespace Catalyst\APIBundle\Access;
+
+use Catalyst\AuthBundle\Service\ACLVoter as BaseVoter;
+
+class Voter extends BaseVoter
+{
+}
+

catalyst/api-bundle/CatalystAPIBundle.php

@@ -0,0 +1,9 @@
+<?php
+
+namespace Catalyst\APIBundle;
+
+use Symfony\Component\HttpKernel\Bundle\Bundle;
+
+class CatalystAPIBundle extends Bundle
+{
+}

catalyst/api-bundle/Command/TestAPICommand.php

@@ -0,0 +1,155 @@
+<?php
+
+namespace Catalyst\APIBundle\Command;
+
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputOption;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
+
+use Catalyst\APIBundle\Connector\Client as APIClient;
+
+
+class TestAPICommand extends Command
+{
+    protected function configure()
+    {
+        $this->setName('api:test-connector-all')
+            ->setDescription('Test API connector with all commands.')
+            ->setHelp('Test API Connector with all commands.')
+            ->addArgument('protocol', InputArgument::REQUIRED, 'protocol')
+            ->addArgument('server', InputArgument::REQUIRED, 'server')
+            ->addArgument('api_key', InputArgument::REQUIRED, 'api_key')
+            ->addArgument('secret_key', InputArgument::REQUIRED, 'secret_key');
+    }
+
+    protected function execute(InputInterface $input, OutputInterface $output)
+    {
+        $protocol = $input->getArgument('protocol');
+        $server = $input->getArgument('server');
+        $api_key = $input->getArgument('api_key');
+        $secret_key = $input->getArgument('secret_key');
+
+        // api client
+        $api = new APIClient($server, $api_key, $secret_key);
+        $api->setProtocol($protocol);
+
+        // test
+        $api->get('/capi/test');
+
+        // TODO: shift this out of the bundle, since it's project specific
+
+        // warranty register
+        $serial = 'AJ34LJADR12134LKJL5';
+        $plate_num = 'XEN918';
+        $params = [
+            'serial' => $serial,
+            'plate_number' => $plate_num,
+            'warranty_class' => 'private',
+            'sku' => 'WMEB24CB-CPN00-LX',
+            'date_purchase' => '20181001',
+            'date_expire' => '20191001',
+            'first_name' => 'First',
+            'last_name' => 'Last',
+            'mobile_number' => '09231234567',
+        ];
+        //$api->post('/capi/warranties', $params);
+
+        // get all warranties
+        $params = [
+            'order' => 'DESC',
+            'limit' => '5',
+            'start' => '1',
+        ];
+
+        //$api->get('/capi/warranties', $params);
+
+        
+        // warranty find
+        //$api->get('/capi/warranties/' . $serial);
+
+        // warranty update
+        $id = 86811;
+        $params = [
+            'serial' => $serial,
+            'plate_number' => $plate_num,
+            'warranty_class' => 'private',
+            'sku' => 'WMEB24CB-CPN00-LX',
+            'date_purchase' => '20181001',
+            'date_expire' => '20191001',
+            'first_name' => 'First',
+            'last_name' => 'Last',
+            'mobile_number' => '123456789111',
+        ];
+        //$api->post('/capi/warranties/'. $id, $params);
+
+        // warranty set privacy policy
+        $id = 86811;
+        $policy_id = 2;
+        $params = [
+            'privacy_policy_id' => $policy_id,
+        ];
+        //$api->post('/capi/warranties/' . $id .'/privacypolicy', $params);
+
+        // warranty claim
+        $id = 86811;
+        $serial = 'AJ34LJADR12134LKJL5';
+        $params = [
+            'serial' => $serial,
+        ];
+        //$api->post('/capi/warranties/' . $id . '/claim', $params);
+
+        // warranty cancel
+        $id = 86811;
+        //$api->get('/capi/warranties/' . $id . '/cancel');
+
+        // plate warranty
+        //$api->get('/capi/plates/' . $plate_num . '/warranties');
+
+        // warranty delete
+        $id = 86811;
+        //$api->post('/capi/warranties/' . $id . '/delete');
+
+        // battery
+        //$api->get('/capi/battery_brands');
+        //$api->get('/capi/battery_sizes');
+        //$api->get('/capi/batteries');
+
+        // vehicle
+        //$api->get('/capi/vehicle_manufacturers');
+        //$api->get('/capi/vehicles');
+
+        // privacy policy
+        $privacy_policy_id = 2;
+        //$api->get('/capi/privacy_policy/' . $privacy_policy_id );
+
+        // register new customer
+        $params = [
+            'first_name' => 'Krispups',
+            'last_name' =>'Porzindog',
+            'mobile_number' => '9221111111',
+            'v_make_id' => '22241',
+            'v_model_year' => '2018',
+            'v_plate_number' => 'KPP1234',
+            'v_color' => 'White',
+            'v_condition' => 'new',
+            'v_fuel_type' => 'gas',
+        ];
+        //$api->post('/capi/quick_registration', $params);
+
+        // get warranties given list of serial numbers
+        $serial_list = [
+            'AJ34LJADR12134LKJM4',
+            'AJ34LJADR12134LKJL5', 
+            'test',
+        ];
+
+        $params = [
+            'serial_list' => $serial_list,
+        ];
+
+        $api->post('/capi/warranties_list', $params); 
+    }
+}

catalyst/api-bundle/Command/TestCommand.php

@@ -0,0 +1,104 @@
+<?php
+
+namespace Catalyst\APIBundle\Command;
+
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputOption;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
+
+use Catalyst\APIBundle\Connector\Client as APIClient;
+
+
+class TestCommand extends Command
+{
+    protected function configure()
+    {
+        $this->setName('api:test-connector')
+            ->setDescription('Test API connector.')
+            ->setHelp('Test API Connector.')
+            ->addArgument('protocol', InputArgument::REQUIRED, 'protocol')
+            ->addArgument('server', InputArgument::REQUIRED, 'server')
+            ->addArgument('api_key', InputArgument::REQUIRED, 'api_key')
+            ->addArgument('secret_key', InputArgument::REQUIRED, 'secret_key');
+    }
+
+    protected function execute(InputInterface $input, OutputInterface $output)
+    {
+        $protocol = $input->getArgument('protocol');
+        $server = $input->getArgument('server');
+        $api_key = $input->getArgument('api_key');
+        $secret_key = $input->getArgument('secret_key');
+
+        // api client
+        $api = new APIClient($server, $api_key, $secret_key);
+        $api->setProtocol($protocol);
+
+        // test
+        $api->get('/capi/test');
+
+        // TODO: shift this out of the bundle, since it's project specific
+
+
+        // warranty register
+        $serial = 'AJ34LJADR12134LKJL5';
+        $plate_num = 'XEN918';
+        $params = [
+            'serial' => $serial,
+            'plate_number' => $plate_num,
+            'warranty_class' => 'private',
+            'sku' => 'WMEB24CB-CPN00-LX',
+            'date_purchase' => '20181001',
+            'date_expire' => '20191001',
+            'first_name' => 'First',
+            'last_name' => 'Last',
+            'mobile_number' => '12345678910',
+        ];
+        $api->post('/capi/warranties', $params);
+
+        // get all warranties
+        $api->get('/capi/warranties');
+
+        
+        /*
+        // warranty find
+        $api->get('/capi/warranties/' . $serial);
+        */
+
+        // warranty claim
+        $id = 86811;
+        $serial = 'AJ34LJADR12134LKJL';
+        $params = [
+            'serial' => $serial,
+        ];
+        $api->post('/capi/warranties/' . $id . '/claim', $params);
+
+        // add battery
+        $sku = 'WZMB31QT-CPP00-S';
+        $brand_id = '4';
+        $size_id = '1';
+        $params = [
+            'sku' => $sku,
+            'brand_id' => $brand_id,
+            'size_id' => $size_id,
+        ];
+        $api->post('/capi/batteries', $params);
+
+        /*
+
+        // plate warranty
+        $api->get('/capi/plates/' . $plate_num . '/warranties');
+
+        // battery
+        $api->get('/capi/battery_brands');
+        $api->get('/capi/battery_sizes');
+        $api->get('/capi/batteries');
+
+        // vehicle
+        // $api->get('/capi/vehicle_manufacturers');
+        // $api->get('/capi/vehicles');
+        */
+    }
+}

catalyst/api-bundle/Command/UserCreateCommand.php

@@ -0,0 +1,49 @@
+<?php
+
+namespace Catalyst\APIBundle\Command;
+
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputOption;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
+use Doctrine\ORM\EntityManagerInterface;
+
+use Catalyst\APIBundle\Entity\User;
+
+class UserCreateCommand extends Command
+{
+    protected $em;
+
+    public function __construct(EntityManagerInterface $em)
+    {
+        $this->em = $em;
+
+        parent::__construct();
+    }
+
+    protected function configure()
+    {
+        $this->setName('api:user-create')
+            ->setDescription('Create new API user.')
+            ->setHelp('Creates new API user and saves to database.')
+            ->addArgument('name', InputArgument::REQUIRED, 'name');
+    }
+
+    protected function execute(InputInterface $input, OutputInterface $output)
+    {
+        $name = $input->getArgument('name');
+
+        $user = new User();
+        $user->setName($name);
+
+        $this->em->persist($user);
+        $this->em->flush();
+
+        $output->write('API Key - ' . $user->getAPIKey() . "\n");
+        $output->write('Secret Key - ' . $user->getSecretKey() . "\n");
+    }
+
+
+}

catalyst/api-bundle/Connector/Client.php

@@ -0,0 +1,151 @@
+<?php
+
+namespace Catalyst\APIBundle\Connector;
+
+use DateTime;
+
+class Client
+{
+    const HEADER_API_KEY        = 'X-Cata-API-Key';
+    const HEADER_SIGNATURE      = 'X-Cata-Signature';
+    const HEADER_DATE           = 'X-Cata-Date';
+
+    const DATE_FORMAT           = 'D, d M Y H:i:s T';
+
+    const USER_AGENT            = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36';
+
+    protected $protocol;
+    protected $server;
+    protected $port;
+    protected $api_key;
+    protected $secret_key;
+
+    protected $curl;
+
+    public function __construct($server, $api_key, $secret_key)
+    {
+        $this->protocol = 'https';
+        $this->port = null;
+
+        $this->server = $server;
+        $this->api_key = $api_key;
+        $this->secret_key = $secret_key;
+        $this->curl = curl_init();
+    }
+
+    public function __destruct()
+    {
+        curl_close($this->curl);
+    }
+
+    public function setProtocol($protocol)
+    {
+        if ($protocol != 'http' && $protocol != 'https')
+            return $this;
+
+        $this->protocol = $protocol;
+        return $this;
+    }
+
+    protected function getDateString()
+    {
+        $date = new DateTime();
+        return $date->format(self::DATE_FORMAT);
+    }
+
+    public function get($url, $params = [])
+    {
+        curl_reset($this->curl);
+
+        $date_string = $this->getDateString();
+        $headers = $this->generateHeaders('GET', $url, $date_string);
+
+        // build query string
+        if (count($params) > 0)
+            $query_string = '?' . http_build_query($params);
+        else
+            $query_string = '';
+
+        // build url
+        if ($this->port == null)
+            $full_url = $this->protocol . '://' . $this->server . $url . $query_string;
+        else
+            $full_url = $this->protocol . '://' . $this->server . ':' . $this->port . $url . $query_string;
+
+        error_log($full_url);
+
+        // curl
+        // curl_setopt($this->curl, CURLOPT_VERBOSE, true);
+        curl_setopt($this->curl, CURLOPT_URL, $full_url);
+        curl_setopt($this->curl, CURLOPT_HTTPHEADER, $headers);
+        curl_setopt($this->curl, CURLOPT_USERAGENT, self::USER_AGENT);
+        curl_setopt($this->curl, CURLOPT_RETURNTRANSFER, true);
+        curl_setopt($this->curl, CURLOPT_TIMEOUT, 0);
+
+        $res = curl_exec($this->curl);
+        error_log($res);
+    }
+
+    public function post($url, $params = [])
+    {
+        curl_reset($this->curl);
+
+        $date_string = $this->getDateString();
+        $headers = $this->generateHeaders('POST', $url, $date_string);
+
+        // build query string
+        $query_string = http_build_query($params);
+
+        // build url
+        if ($this->port == null)
+            $full_url = $this->protocol . '://' . $this->server . $url;
+        else
+            $full_url = $this->protocol . '://' . $this->server . ':' . $this->port . $url;
+
+        error_log($full_url);
+
+        // curl
+        // curl_setopt($this->curl, CURLOPT_VERBOSE, true);
+        curl_setopt($this->curl, CURLOPT_URL, $full_url);
+		curl_setopt($this->curl, CURLOPT_POST, true);
+		curl_setopt($this->curl, CURLOPT_POSTFIELDS, $query_string);
+        curl_setopt($this->curl, CURLOPT_HTTPHEADER, $headers);
+        curl_setopt($this->curl, CURLOPT_USERAGENT, self::USER_AGENT);
+        curl_setopt($this->curl, CURLOPT_RETURNTRANSFER, true);
+        curl_setopt($this->curl, CURLOPT_TIMEOUT, 0);
+
+        $res = curl_exec($this->curl);
+        error_log($res);
+    }
+
+    protected function generateSignature($method, $url, $date_string)
+    {
+        $creds = [
+            $method,
+            $url,
+            $date_string,
+            $this->secret_key,
+        ];
+        $sig_source = implode('|', $creds);
+
+        error_log('SIG SOURCE - ' . $sig_source);
+
+        $raw_sig = hash_hmac('sha1', $sig_source, $this->secret_key, true);
+        $enc_sig = base64_encode($raw_sig);
+
+        return $enc_sig;
+    }
+
+    protected function generateHeaders($method, $url, $date_string)
+    {
+        $sig = $this->generateSignature($method, $url, $date_string);
+
+        $headers = [
+			self::HEADER_API_KEY . ': ' . $this->api_key,
+            self::HEADER_SIGNATURE . ': ' . $sig,
+            self::HEADER_DATE . ': ' . $date_string,
+        ];
+
+        return $headers;
+    }
+}

catalyst/api-bundle/Controller/APIController.php

@@ -0,0 +1,42 @@
+<?php
+
+namespace Catalyst\APIBundle\Controller;
+
+use Symfony\Bundle\FrameworkBundle\Controller\Controller;
+use Symfony\Component\HttpFoundation\Request;
+
+abstract class APIController extends Controller
+{
+    protected function checkRequiredParameters(Request $req, $params = [])
+    {
+        $missing = [];
+
+        // check if parameters are there
+        foreach ($params as $param)
+        {
+            if ($req->getMethod() == 'GET')
+            {
+                $check = $req->query->get($param);
+                if (empty($check))
+                    $missing[] = $param;
+            }
+            // else if ($req->getMethod() == 'POST')
+            else
+            {
+                $check = $req->request->get($param);
+                //if (empty($check))
+                if (!isset($check))
+                    $missing[] = $param;
+            }
+        }
+
+        // check missing parameters
+        if (count($missing) > 0)
+        {
+            $miss_string = implode(', ', $missing);
+            return 'Missing required parameter(s): ' . $miss_string;
+        }
+
+        return false;
+    }
+}

catalyst/api-bundle/DataFixtures/APIRoleFixtures.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace Catalyst\APIBundle\DataFixtures;
+
+use Catalyst\APIBundle\Entity\Role;
+use Doctrine\Bundle\FixturesBundle\Fixture;
+use Doctrine\Common\Persistence\ObjectManager;
+
+class APIRoleFixtures extends Fixture
+{
+    public function load(ObjectManager $em)
+    {
+        // setup super user account
+        $role = new Role();
+        $role->setID(Role::SUPER_ADMIN)
+            ->setName('Super Administrator');
+        $em->persist($role);
+        $em->flush();
+    }
+}

catalyst/api-bundle/Entity/Role.php

@@ -0,0 +1,28 @@
+<?php
+
+namespace Catalyst\APIBundle\Entity;
+
+use Catalyst\AuthBundle\Entity\Role as BaseRole;
+
+use Doctrine\ORM\Mapping as ORM;
+use Doctrine\Common\Collections\ArrayCollection;
+use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
+
+/**
+ * @ORM\Entity
+ * @ORM\Table(name="api_role")
+ * @UniqueEntity("id")
+ * @UniqueEntity("name")
+ */
+class Role extends BaseRole
+{
+    /**
+     * @ORM\ManyToMany(targetEntity="User", mappedBy="roles", fetch="EXTRA_LAZY")
+     */
+    protected $users;
+
+    public function __construct()
+    {
+        parent::__construct();
+    }
+}

catalyst/api-bundle/Entity/User.php

@@ -0,0 +1,148 @@
+<?php
+
+namespace Catalyst\APIBundle\Entity;
+
+use Catalyst\AuthBundle\Entity\User as BaseUser;
+
+use Symfony\Component\Security\Core\User\UserInterface;
+use Doctrine\ORM\Mapping as ORM;
+use Doctrine\ORM\Mapping\JoinColumn;
+use Doctrine\Common\Collections\ArrayCollection;
+use DateTime;
+
+/**
+ * @ORM\Entity
+ * @ORM\Table(name="api_user")
+ */
+class User extends BaseUser
+{
+     /**
+     * @ORM\Id
+     * @ORM\Column(type="integer")
+     * @ORM\GeneratedValue(strategy="AUTO")
+     */
+    protected $id;
+
+    // api key 
+    /**
+     * @ORM\Column(type="string", length=32)
+     */
+    protected $api_key;
+
+    // secret key
+    /**
+     * @ORM\Column(type="string", length=32)
+     */
+    protected $secret_key;
+
+    /**
+     * @ORM\Column(type="string", length=80)
+     */
+    protected $name;
+
+    // date created
+    /**
+     * @ORM\Column(type="datetime")
+     */
+    protected $date_create;
+
+    // roles
+    /**
+     * @ORM\ManyToMany(targetEntity="Role", inversedBy="users")
+     * @ORM\JoinTable(name="api_user_role")
+     */
+    protected $roles;
+
+    public function __construct()
+    {
+        parent::__construct();
+
+        // generate keys
+        $this->setAPIKey($this->generateAPIKey())
+            ->setSecretKey($this->generateSecretKey());
+
+        // set date created
+        $this->date_create = new DateTime();
+    }
+
+    public function getID()
+    {
+        return $this->id;
+    }
+
+    public function setAPIKey($api_key)
+    {
+        $this->api_key = $api_key;
+        return $this;
+    }
+
+    public function getAPIKey()
+    {
+        return $this->api_key;
+    }
+
+    public function setSecretKey($key)
+    {
+        $this->secret_key = $key;
+        return $this;
+    }
+
+    public function getSecretKey()
+    {
+        return $this->secret_key;
+    }
+
+    public function setName($name)
+    {
+        $this->name = $name;
+        return $this;
+    }
+
+    public function getName()
+    {
+        return $this->name;
+    }
+
+    public function getDateCreate()
+    {
+        return $this->date_create;
+    }
+
+    public function getPassword()
+    {
+        // we don't need this for API
+        return 'notneeded';
+    }
+
+    public function getSalt()
+    {
+        return null;
+    }
+
+    public function getUsername()
+    {
+        // since it's an api, the api key IS the username
+        return $this->api_key;
+    }
+
+    public function eraseCredentials()
+    {
+        return;
+    }
+
+    public function generateAPIKey()
+    {
+        return $this->generateKey('api');
+    }
+
+    public function generateSecretKey()
+    {
+        return $this->generateKey('secret');
+    }
+
+    protected function generateKey($prefix = '')
+    {
+        return md5(uniqid($prefix, true));
+    }
+}
+

catalyst/api-bundle/Response/APIResponse.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace Catalyst\APIBundle\Response;
+
+use Symfony\Component\HttpFoundation\JsonResponse;
+
+class APIResponse extends JsonResponse
+{
+    public function __construct($success = true, $message = '', $data = null, $status = 200, $headers = [])
+    {
+        $data = [
+            'success' => (bool) $success,
+            'message' =>  (string) $message,
+            'data' => $data,
+        ];
+        parent::__construct($data, $status, $headers);
+    }
+}
+
+

catalyst/api-bundle/Security/APIKeyAuthenticator.php

@@ -0,0 +1,160 @@
+<?php
+
+namespace Catalyst\APIBundle\Security;
+
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\JsonResponse;
+use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
+use Symfony\Component\Security\Core\Exception\BadCredentialsException;
+use Symfony\Component\Security\Core\User\UserProviderInterface;
+use Symfony\Component\Security\Http\Authentication\SimplePreAuthenticatorInterface;
+use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
+
+use Doctrine\ORM\EntityManagerInterface;
+
+use DateTime;
+
+class APIKeyAuthenticator implements SimplePreAuthenticatorInterface, AuthenticationFailureHandlerInterface
+{
+    const HEADER_API_KEY        = 'X-Cata-API-Key';
+    const HEADER_SIGNATURE      = 'X-Cata-Signature';
+    const HEADER_DATE           = 'X-Cata-Date';
+
+    const DATE_FORMAT           = 'D, d M Y H:i:s T';
+
+    // 30 minute time limit
+    const TIME_LIMIT            = 1800;
+
+    protected $em;
+
+    public function __construct(EntityManagerInterface $em)
+    {
+        $this->em = $em;
+    }
+
+    protected function validateSignature($creds, $secret_key)
+    {
+        $elements = [
+            $creds['method'],
+            $creds['uri'],
+            $creds['date'],
+            $secret_key,
+        ];
+        $sig_source = implode('|', $elements);
+
+        error_log($sig_source);
+
+        // generate signature
+        $raw_sig = hash_hmac('sha1', $sig_source, $secret_key, true);
+        $enc_sig = base64_encode($raw_sig);
+
+        error_log($enc_sig);
+
+        if ($enc_sig != trim($creds['signature']))
+            throw new CustomUserMessageAuthenticationException('Invalid signature.');
+
+    }
+
+    public function createToken(Request $req, $provider_key)
+    {
+        // api key header
+        $api_key = $req->headers->get(self::HEADER_API_KEY);
+        if ($api_key == null)
+            throw new BadCredentialsException('No API key sent.');
+
+        // check date from headers
+        $hdate_string = $req->headers->get(self::HEADER_DATE);
+        if ($hdate_string == null)
+            throw new BadCredentialsException('No date specified.');
+
+        $hdate = DateTime::createFromFormat(self::DATE_FORMAT, $hdate_string);
+        if ($hdate == null)
+            throw new BadCredentialsException('Invalid date specified.');
+
+        // get number of seconds difference
+        $date_now = new DateTime();
+        $date_diff = abs($date_now->getTimestamp() - $hdate->getTimestamp());
+
+        // time difference is too much
+        if ($date_diff > self::TIME_LIMIT)
+            throw new BadCredentialsException('Clock synchronization error.');
+
+        // signature header
+        $sig = $req->headers->get(self::HEADER_SIGNATURE);
+        if ($sig == null)
+            throw new BadCredentialsException('No signature sent.');
+
+        // credentials
+        $creds = [
+            'api_key' => $api_key,
+            'date' => $hdate_string,
+            'signature' => $sig,
+            'method' => $req->getRealMethod(),
+            'uri' => $req->getPathInfo(),
+        ];
+
+        return new PreAuthenticatedToken(
+            'anonymous',
+            $creds,
+            $provider_key
+        );
+    }
+
+    public function supportsToken(TokenInterface $token, $provider_key)
+    {
+        return $token instanceof PreAuthenticatedToken && $token->getProviderKey() === $provider_key;
+    }
+
+    public function authenticateToken(TokenInterface $token, UserProviderInterface $user_provider, $provider_key)
+    {
+        if (!$user_provider instanceof APIKeyUserProvider)
+        {
+            throw new \InvalidArgumentException(
+                sprintf(
+                    'The user provider must be an instance of APIKeyUserProvider (%s was given).',
+                    get_class($user_provider)
+                )
+            );
+        }
+
+        $creds = $token->getCredentials();
+        $api_key = $creds['api_key'];
+        $user = $user_provider->getUserByAPIKey($api_key);
+
+        // check if api key is valid
+        if (!$user)
+            throw new CustomUserMessageAuthenticationException('Invalid API Key');
+
+        // check if signature is valid
+        $this->validateSignature($creds, $user->getSecretKey());
+
+        // check if user is enabled
+        if (!$user->isEnabled())
+        {
+            throw new CustomUserMessageAuthenticationException('User account is disabled');
+        }
+
+        // $user = $user_provider->loadUserByUsername($username);
+
+        return new PreAuthenticatedToken(
+            $user,
+            $api_key,
+            $provider_key,
+            $user->getRoles()
+        );
+    }
+
+    public function onAuthenticationFailure(Request $req, AuthenticationException $exception)
+    {
+        $data = [
+            'success' => false,
+            'error' => [
+                'message' => $exception->getMessage(),
+            ],
+        ];
+