src/Controller/Controller.php line 94

  1. <?php
  3. declare(strict_types=1);
  5. namespace App\Controller;
  7. use App\Dto\WlSettingsDto;
  8. use App\Enum\MirrorStatusEnum;
  9. use App\Exception\RotatorNotFoundException;
  10. use App\Message\CallbackLog;
  11. use App\Service\MirrorService;
  12. use App\Service\PlayerTokenService;
  13. use App\Service\RotatorService;
  14. use App\Service\WlRotatorDomainService;
  15. use App\Service\WlSettingsService;
  16. use DateTimeImmutable;
  17. use Doctrine\DBAL\Exception as DbalException;
  18. use InfluxDB\Database\Exception as InfluxDatabaseException;
  19. use InfluxDB\Exception as InfluxException;
  20. use JsonException;
  21. use MarfaTech\Bundle\MetricBundle\Client\InfluxDb\InfluxDbClient;
  22. use MarfaTech\Component\IdGenerator\Generator\IdGenerator;
  23. use Psr\Log\LoggerAwareInterface;
  24. use Psr\Log\LoggerAwareTrait;
  25. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  26. use Symfony\Component\HttpFoundation\Cookie;
  27. use Symfony\Component\HttpFoundation\JsonResponse;
  28. use Symfony\Component\HttpFoundation\RedirectResponse;
  29. use Symfony\Component\HttpFoundation\Request;
  30. use Symfony\Component\HttpFoundation\Response;
  31. use Symfony\Component\OptionsResolver\Exception\ExceptionInterface;
  32. use Symfony\Component\Routing\Annotation\Route;
  33. use Throwable;
  34. use App\Message\ApiRequestLog;
  35. use Symfony\Component\Messenger\MessageBusInterface;
  37. use function array_merge;
  38. use function base64_decode;
  39. use function http_build_query;
  40. use function is_string;
  41. use function json_decode;
  42. use function json_encode;
  43. use function sha1;
  44. use function sprintf;
  45. use function str_contains;
  46. use function time;
  47. use function urldecode;
  49. use const JSON_THROW_ON_ERROR;
  51. class Controller extends AbstractController implements LoggerAwareInterface
  52. {
  53.     use LoggerAwareTrait;
  55.     private const COOKIE_NAME 'rotatorId';
  56.     private const ROTATOR_TTL 30;
  57.     private const OLD_COOKIE_NAME '__router';
  58.     private const COUNTRY_CODE_HEADER_NAME 'X-GeoIP-Country-Code';
  60.     private const BACK_URL 'backurl';
  61.     private const RETURN_URL 'returnUrl';
  63.     private const MONITORING_USER_AGENT_LIST = [
  64.         'Better Uptime Bot',
  65.         'Zabbix',
  66.         'sentry',
  67.         'GuzzleHttp',
  68.         'Google-PageRenderer',
  69.     ];
  71.     public function __construct(
  72.         private readonly MirrorService $mirrorService,
  73.         private readonly RotatorService $rotatorService,
  74.         private readonly PlayerTokenService $playerTokenService,
  75.         private readonly WlSettingsService $wlSettingsService,
  76.         private readonly WlRotatorDomainService $wlRotatorDomainService,
  77.         private readonly InfluxDbClient $influxDbClient,
  78.         private readonly MessageBusInterface $bus,
  79.         private readonly ControllerV2 $controllerV2,
  80.         private readonly IdGenerator $idGenerator,
  81.         private readonly ?string $whitelabel,
  82.     ) {
  83.     }
  85.     /**
  86.      * @Route("{path}", requirements={"path"=".*"}, methods={"GET"}, priority=-2)
  87.      *
  88.      * @throws DbalException
  89.      * @throws ExceptionInterface
  90.      * @throws InfluxDatabaseException
  91.      * @throws InfluxException
  92.      * @throws JsonException
  93.      */
  94.     public function index(Request $request, ?string $path null): Response
  95.     {
  96.         if ($this->whitelabel === null) {
  97.             return new Response('Unknown whitelabel. Please, set <b>HTTP_X_WHITELABEL</b> fastcgi_param');
  98.         }
  100.         $wlSlug $this->wlSettingsService->getRealWlSlug($this->whitelabel);
  102.         if ($wlSlug === 'real-betonred') { // TODO need to hardcode to use v2 for brand
  103.             return $this->controllerV2->indexV2($request$path);
  104.         }
  106.         $country $request->server->get(self::COUNTRY_CODE_HEADER_NAME);
  108.         $this->sendMetric('hit'$country);
  110.         $rotatorId $request->cookies->get(self::COOKIE_NAME);
  111.         $rotatorIdEncoded $request->query->get('_ri');
  112.         $rdParam $request->query->get('_rd');
  114.         if (is_string($rotatorIdEncoded) && !empty($rotatorIdEncoded)) {
  115.             $rotatorId base64_decode(urldecode($rotatorIdEncoded));
  116.         }
  118.         $rotatorRouter $request->getHost();
  119.         $rotatorRouterEncoded $request->query->get('_rr');
  121.         if ($rotatorRouterEncoded) {
  122.             $rotatorRouter base64_decode(urldecode($rotatorRouterEncoded));
  123.         }
  125.         if (is_string($rdParam)) {
  126.             try {
  127.                 $rdDecoded json_decode(base64_decode(urldecode($rdParam)), true512JSON_THROW_ON_ERROR);
  129.                 if (!empty($rdDecoded['_ri'])) {
  130.                     $rotatorId $rdDecoded['_ri'];
  131.                 }
  133.                 if (!empty($rdDecoded['_rr'])) {
  134.                     $rotatorRouter $rdDecoded['_rr'];
  135.                 }
  136.             } catch (Throwable $e) {
  137.                 $this->logger->error(
  138.                     'bad rdParam',
  139.                     [
  140.                         'rdParam' => $rdParam,
  141.                         'request' => $request,
  142.                         'exception' => (string) $e,
  143.                     ]
  144.                 );
  145.             }
  146.         }
  148.         $oldHost $request->cookies->get(self::OLD_COOKIE_NAME);
  149.         $oldRotatorCallback null;
  150.         $oldRotatorId null;
  151.         $rotator null;
  153.         $requestRotatorId $request->query->get(self::COOKIE_NAME);
  154.         $from $request->query->get('from');
  155.         $ts = (int) $request->query->get('ts');
  156.         $uuid $request->query->get('uuid');
  157.         $sign $request->query->get('sign');
  159.         $needTsUuidSignCheck false;
  161.         $query $request->query->all();
  163.         if ($requestRotatorId !== null) {
  164.             $rotatorId $requestRotatorId;
  166.             if ($from === null) {
  167.                 $needTsUuidSignCheck true;
  168.             }
  169.         }
  171.         $userAgent substr((string) $request->server->get('HTTP_USER_AGENT'), 0255);
  173.         foreach (self::MONITORING_USER_AGENT_LIST as $monitoringUserAgent) {
  174.             if (str_contains($userAgent$monitoringUserAgent)) {
  175.                 $rotatorId 'monitoring';
  176.                 $country 'DE';
  177.             }
  178.         }
  180.         if ($rotatorId) {
  181.             $rotator $this->rotatorService->findBySticky($rotatorId);
  183.             if ($rotator === null) {
  184.                 $rotator $this->rotatorService->findByCountry($rotatorId$country);
  185.             }
  187.             if ($rotator === null) {
  188.                 $rotator $this->rotatorService->findByOldRotatorCountry($rotatorId$country);
  189.             }
  191.             if ($rotator === null) {
  192.                 $oldRotator $this->rotatorService->find($rotatorId);
  194.                 if ($oldRotator !== null) {
  195.                     $oldRotatorCallback $oldRotator['callback'] ?? null;
  196.                     $oldRotatorId $rotatorId;
  197.                 }
  198.             }
  200.             $rotatorId $rotator['rotatorId'] ?? null;
  201.         }
  203.         //        if ($rotatorId === null) {
  204.         if (!empty($query[self::RETURN_URL])) { // logic for sticky host from returnUrl
  205.             $host false;
  207.             if (is_string($query[self::RETURN_URL])) {
  208.                 $host parse_url($query[self::RETURN_URL], PHP_URL_HOST);
  209.             }
  211.             if ($host !== false && $host !== null) {
  212.                 $mirror $this->mirrorService->findStickyHost($this->whitelabel$host);
  214.                 $this->logger->info(
  215.                     'mirror from redirect url',
  216.                     [
  217.                         'mirror' => is_array($mirror) ? implode(', '$mirror) : ($mirror ?? 'not found'),
  218.                         'rotatorId' => $rotatorId,
  219.                         'redirectUrl' => $query[self::RETURN_URL],
  220.                     ]
  221.                 );
  222.             }
  224.             if ($host === null) {
  225.                 $mirror $this->mirrorService->findStickyHost($this->whitelabel$query[self::RETURN_URL]);
  226.             }
  228.             if (empty($mirror)) { // redirect to returnUrl for non sticky
  229.                 if ($host !== false && $host !== null) {
  230.                     $mirror $this->mirrorService->findByWlCountryHost($this->whitelabel$country$host);
  231.                 }
  233.                 if ($host === null) {
  234.                     $mirror $this->mirrorService->findByWlCountryHost($this->whitelabel$country$query[self::RETURN_URL]);
  235.                 }
  237.                 if ($mirror === null && $host !== false && $host !== null) {
  238.                     $mirror $this->mirrorService->findByHost($host);
  239.                 }
  240.             }
  242.             // unset($query[self::RETURN_URL]);
  243.         }
  245.         if (empty($mirror) && $oldHost) {
  246.             $mirror $this->mirrorService->findByHost($oldHost);
  247.         }
  249.         if (empty($mirror)) {
  250.             $mirror $this->mirrorService->getRandom($this->whitelabel$country);
  251.         }
  253.         $rotatorId $rotatorId
  254.             ?? $this->rotatorService->create($mirror['id'], $country$userAgent$oldRotatorId);
  255.         //        }
  257.         if (empty($rotator)) {
  258.             $rotator $this->rotatorService->findByCountry($rotatorId$country);
  260.             if ($rotator !== null && $oldRotatorCallback !== null) {
  261.                 $this->rotatorService->updateRotatorCallback($rotator$oldRotatorCallback);
  262.                 $rotator['callback'] = $oldRotatorCallback;
  263.                 $this->sendMetric('old_rotator_callback'$country);
  264.             }
  265.         }
  267.         $mirrorStatus $rotator['mirrorStatus'] ?? MirrorStatusEnum::BLOCKED;
  269.         if (strtolower($mirrorStatus) !== MirrorStatusEnum::ACTIVE) {
  270.             $mirror $this->mirrorService->getRandom($this->whitelabel$country);
  272.             $this->rotatorService->update($rotator['id'], [
  273.                 'rotatorId' => $rotatorId,
  274.                 'country' => $country,
  275.                 'mirrorId' => $mirror['id'],
  276.             ]);
  278.             $rotator['mirrorHost'] = $mirror['host'];
  279.         }
  281.         // google auth state after redirect
  282.         $state $request->query->get('state');
  284.         if (!empty($state)) {
  285.             try {
  286.                 $state json_decode(urldecode($state), true512JSON_THROW_ON_ERROR);
  288.                 if (!empty($state['backurl'])) {
  289.                     $query[self::BACK_URL] = urldecode($state['backurl']);
  290.                 }
  291.             } catch (Throwable) {
  292.             }
  293.         }
  295.         $wlSettingsDto $this->wlSettingsService->getWlSettings($this->whitelabel);
  297.         if ($wlSettingsDto === null) {
  298.             return new JsonResponse(
  299.                 [
  300.                     'message' => 'WL settings not found',
  301.                 ],
  302.                 Response::HTTP_NOT_FOUND,
  303.             );
  304.         }
  306.         try {
  307.             $accessToken $this->getAccessToken(
  308.                 $rotator,
  309.                 $query,
  310.                 $wlSettingsDto,
  311.                 $needTsUuidSignCheck,
  312.                 $ts,
  313.                 $uuid,
  314.                 $sign,
  315.             );
  316.         } catch (Throwable) {
  317.             $accessToken null;
  318.         }
  320.         $isHostRouterEqual $request->getHost() === $wlSettingsDto->getDefaultRotatorDomain();
  322.         if ($accessToken !== null) {
  323.             $query['accessToken'] = $accessToken;
  325.             if ($isHostRouterEqual === true) {
  326.                 $this->sendMetric('access_token'$country$rotator['mirrorHost']);
  327.             }
  328.         }
  330.         if (!empty($query['rotatorToken'])) {
  331.             unset($query['rotatorToken']);
  332.         }
  334.         $redirect '/' $path;
  336.         $redirectHost $rotator['mirrorHost'];
  338.         if ($isHostRouterEqual === false) {
  339.             $redirectHost $wlSettingsDto->getDefaultRotatorDomain();
  340.             $query['rotatorId'] = $rotatorId;
  341.             $this->sendMetric('default_router_redirect'$country);
  342.         }
  344.         if (!empty($query[self::BACK_URL])) {
  345.             $redirect $query[self::BACK_URL];
  347.             unset($query[self::BACK_URL]);
  348.         } else if (!empty($query[self::RETURN_URL])) {
  349.             $pathFromReturnUrl parse_url($query[self::RETURN_URL], PHP_URL_PATH);
  350.             $queryString parse_url($query[self::RETURN_URL], PHP_URL_QUERY);
  351.             $redirect $pathFromReturnUrl . ($queryString '?' $queryString '');
  353.             if (!str_starts_with($redirect'/')) {
  354.                 $redirect '/' $redirect;
  355.             }
  357.             unset($query[self::RETURN_URL]);
  358.         }
  360.         if ($redirect[0] === '/') {
  361.             $redirect 'https://' trim($redirectHost) . $redirect;
  362.         }
  364.         try {
  365.             $query['_rd'] = urlencode(base64_encode(json_encode([
  366.                 'rotatorId' => $rotatorId,
  367.                 'rotatorRouter' => $rotatorRouter,
  368.             ], JSON_THROW_ON_ERROR)));
  369.         } catch (Throwable $e) {
  370.             $this->logger->critical(
  371.                 "Problem with _rd generation",
  372.                 [
  373.                     'rotatorId' => $rotatorId,
  374.                     'rotatorRouter' => $rotatorRouter,
  375.                     'exception' => $e,
  376.                     'request' => $request,
  377.                 ]
  378.             );
  380.             throw $e;
  381.         }
  383.         $redirect .= sprintf(
  384.             '%s%s',
  385.             str_contains($redirect'?') ? '&' '?',
  386.             http_build_query($query)
  387.         );
  389.         $response = new RedirectResponse($redirect);
  390.         $response->headers
  391.             ->setCookie(
  392.                 new Cookie(
  393.                     self::COOKIE_NAME,
  394.                     $rotatorId,
  395.                     time() + (365 24 60 60)
  396.                 )
  397.             )
  398.         ;
  400.         $this->sendMetric('redirect'$country$rotator['mirrorHost']);
  402.         $redirectData = [
  403.             'ip' => $request->getClientIp(),
  404.             'rotatorId' => $rotatorId,
  405.             'mirrorHost' => $redirectHost,
  406.             'rotatorRouter' => $request->getHost(),
  407.         ];
  409.         $this->logger->info('Redirect'$redirectData);
  411.         $this->bus->dispatch(new ApiRequestLog(
  412.             rotatorId$redirectData['rotatorId'],
  413.             ip$redirectData['ip'],
  414.             mirrorHost$redirectData['mirrorHost'],
  415.             rotator$redirectData['rotatorRouter'],
  416.             country$country,
  417.             request: (string) $request,
  418.             response: (string) $response,
  419.             responseTimetime() - $request->server->get('REQUEST_TIME'),
  420.             requestDatedate('Y-m-d H:i:s'$request->server->get('REQUEST_TIME')),
  421.             responseStatusCode$response->getStatusCode(),
  422.             uniqId$this->idGenerator->generateUniqueId(),
  423.         ));
  425.         return $response;
  426.     }
  428.     /**
  429.      * @Route("/callback", methods={"POST"})
  430.      *
  431.      * @param Request $request
  432.      * @return Response
  433.      * @throws DbalException
  434.      * @throws InfluxDatabaseException
  435.      * @throws InfluxException
  436.      * @throws JsonException
  437.      */
  438.     public function callbackBulk(Request $request): Response
  439.     {
  440.         try {
  441.             $body json_decode($request->getContent(), true512JSON_THROW_ON_ERROR);
  442.         } catch (JsonException) {
  443.             $body = [];
  444.         }
  446.         foreach ($body as $item) {
  447.             try {
  448.                 $this->handleCallback($item['rotatorId'], $item['callbackData']);
  449.             } catch (RotatorNotFoundException) {
  450.                 $this->logger->error("Rotator not found :" $item['rotatorId']);
  452.                 continue;
  453.             }
  454.         }
  456.         return new Response();
  457.     }
  459.     /**
  460.      * @Route("/callback/{rotatorId}", methods={"POST"})
  461.      *
  462.      * @throws DbalException
  463.      * @throws InfluxDatabaseException
  464.      * @throws InfluxException
  465.      * @throws JsonException
  466.      */
  467.     public function callback(Request $requeststring $rotatorId): Response
  468.     {
  469.         try {
  470.             $body json_decode($request->getContent(), true512JSON_THROW_ON_ERROR);
  471.         } catch (JsonException) {
  472.             $body = [];
  473.         }
  475.         try {
  476.             $this->handleCallback($rotatorId$body);
  477.         } catch (RotatorNotFoundException) {
  478.             $this->logger->error("Rotator not found :" $rotatorId);
  479.         }
  481.         return new Response();
  482.     }
  484.     /**
  485.      * @Route("/api/generateLinkToken", methods={"POST"})
  486.      */
  487.     public function generateLinkToken(Request $request): Response
  488.     {
  489.         try {
  490.             $body json_decode($request->getContent(), true512JSON_THROW_ON_ERROR);
  491.             $playerId $body['playerId'] ?? null;
  492.             $source $body['source'] ?? null;
  493.             $tokenCreatedAt = new DateTimeImmutable();
  495.             if ($playerId === null) {
  496.                 return new JsonResponse(
  497.                     [
  498.                         'message' => 'Player id is required',
  499.                     ],
  500.                     Response::HTTP_UNPROCESSABLE_ENTITY,
  501.                 );
  502.             }
  504.             if (!is_string($playerId)) {
  505.                 return new JsonResponse(
  506.                     [
  507.                         'message' => 'Player id must be string',
  508.                     ],
  509.                     Response::HTTP_UNPROCESSABLE_ENTITY,
  510.                 );
  511.             }
  513.             $wlSettingsDto $this->wlSettingsService->getWlSettings($this->whitelabel);
  515.             if ($wlSettingsDto === null) {
  516.                 return new JsonResponse(
  517.                     [
  518.                         'message' => 'WL settings not found',
  519.                     ],
  520.                     Response::HTTP_NOT_FOUND,
  521.                 );
  522.             }
  524.             $token sha1(
  525.                 sprintf(
  526.                     '%s%s%s',
  527.                     $playerId,
  528.                     $tokenCreatedAt->getTimestamp(),
  529.                     $wlSettingsDto->getSalt()
  530.                 )
  531.             );
  532.             $expiredAt = (new DateTimeImmutable())
  533.                 ->modify('+' $wlSettingsDto->getTokenLifetime() . ' seconds')
  534.             ;
  536.             $this->playerTokenService->createNewPlayerToken($playerId$this->whitelabel$token$expiredAt);
  538.             $wlRotatorDomainDto null;
  540.             if ($source !== null) {
  541.                 $wlRotatorDomainDto $this->wlRotatorDomainService->getWlRotatorDomainDtoBySource(
  542.                     $this->whitelabel,
  543.                     $source,
  544.                 );
  545.             }
  547.             if ($wlRotatorDomainDto === null) {
  548.                 $wlRotatorDomainDto $this->wlRotatorDomainService->getRandomWlRotatorDomainDto($this->whitelabel);
  550.                 if ($wlRotatorDomainDto === null) {
  551.                     return new JsonResponse(
  552.                         [
  553.                             'message' => 'WL rotator domain not found',
  554.                         ],
  555.                         Response::HTTP_NOT_FOUND,
  556.                     );
  557.                 }
  558.             }
  560.             $data = [
  561.                 'link' => sprintf('%s/?rotatorToken=%s'$wlRotatorDomainDto->getDomain(), $token),
  562.                 'endTime' => $expiredAt->getTimestamp(),
  563.                 'token' => $token,
  564.             ];
  566.             return new JsonResponse($dataResponse::HTTP_OK);
  567.         } catch (Throwable $e) {
  568.             return new JsonResponse($e->getMessage(), Response::HTTP_INTERNAL_SERVER_ERROR);
  569.         }
  570.     }
  572.     /**
  573.      * @throws InfluxException
  574.      * @throws InfluxDatabaseException
  575.      */
  576.     private function sendMetric(string $keystring $country, ?string $mirror null): void
  577.     {
  578.         $fields = [
  579.             'country' => $country,
  580.             'rotator' => $this->whitelabel,
  581.         ];
  583.         if ($mirror) {
  584.             $fields['mirror'] = $mirror;
  585.         }
  587.         $this->influxDbClient->sendBulk($key$fields$fields);
  588.     }
  590.     /**
  591.      * @throws InfluxException
  592.      * @throws JsonException
  593.      * @throws DbalException
  594.      * @throws InfluxDatabaseException
  595.      * @throws RotatorNotFoundException
  596.      */
  597.     private function handleCallback(string $rotatorId, array $callbackData): void
  598.     {
  599.         $rotator $this->rotatorService->find($rotatorId);
  601.         if ($rotator === null) {
  602.             throw new RotatorNotFoundException();
  603.         }
  605.         $isPlayerIdMismatch = !empty($callbackData['playerId'])
  606.             && !empty($rotator['playerId'])
  607.             && $callbackData['playerId'] !== $rotator['playerId']
  608.         ;
  610.         if ($isPlayerIdMismatch) {
  611.             return;
  612.         }
  614.         $isPlayerUuidMismatch = !empty($callbackData['playerUuid'])
  615.             && !empty($rotator['playerUuid'])
  616.             && $callbackData['playerUuid'] !== $rotator['playerUuid']
  617.         ;
  619.         if ($isPlayerUuidMismatch) {
  620.             return;
  621.         }
  623.         $country $rotator['country'] ?? '';
  625.         $this->sendMetric('callback'$country$rotator['mirrorHost']);
  627.         $data = [
  628.             'rotatorId' => $rotator['rotatorId'],
  629.             'country' => $country,
  630.             'callback' => json_encode($callbackDataJSON_THROW_ON_ERROR),
  631.             'callbackAt' => (new DateTimeImmutable())->format('Y-m-d H:i:s'),
  632.         ];
  634.         if (empty($rotator['playerId']) && !empty($callbackData['playerId'])) {
  635.             $data['playerId'] = $callbackData['playerId'];
  636.         }
  638.         if (empty($rotator['playerUuid']) && !empty($callbackData['playerUuid'])) {
  639.             $data['playerUuid'] = $callbackData['playerUuid'];
  640.         }
  642.         if (!empty($callbackData['host'])) {
  643.             $mirror $this->mirrorService->findByHost($callbackData['host']);
  645.             if ($mirror !== null && $rotator['mirrorId'] !== $mirror['id']) {
  646.                 $data['mirrorId'] = $mirror['id'];
  647.             }
  648.         }
  649. /*
  650.         try {
  651.             $this->bus->dispatch(new CallbackLog(
  652.                 rotatorId: $rotator['rotatorId'],
  653.                 callbackRaw: json_encode($callbackData, JSON_THROW_ON_ERROR),
  654.                 updatedData: json_encode($data, JSON_THROW_ON_ERROR),
  655.                 callbackAt: date('Y-m-d H:i:s'),
  656.                 uniqId: $this->idGenerator->generateUniqueId(),
  657.             ));
  658.         } catch (Throwable $e) {
  659.             $this->logger->critical($e->getMessage());
  660.         }
  661. */
  662.         $this->rotatorService->update($rotator['id'], $data);
  663.     }
  665.     private function getAccessToken(
  666.         array $rotator,
  667.         $query,
  668.         WlSettingsDto $wlSettingsDto,
  669.         bool $needTsUuidSignCheck,
  670.         ?int $ts,
  671.         ?string $uuid,
  672.         ?string $sign,
  673.     ): ?string {
  674.         if (
  675.             $needTsUuidSignCheck &&
  676.             $this->checkTsUuidSign(
  677.                 $rotator,
  678.                 $wlSettingsDto->getSecret(),
  679.                 $ts,
  680.                 $uuid,
  681.                 $sign,
  682.             ) === false
  683.         ) {
  684.             return null;
  685.         }
  687.         try {
  688.             return $this->rotatorService->getAccessToken($rotator$query$wlSettingsDto);
  689.         } catch (Throwable) {
  690.         }
  692.         return null;
  693.     }
  695.     private function checkTsUuidSign(
  696.         array $rotator,
  697.         ?string $secret,
  698.         ?int $ts,
  699.         ?string $uuid,
  700.         ?string $sign,
  701.     ): bool {
  702.         if (empty($ts) || empty($uuid) || empty($sign)) {
  703.             return false;
  704.         }
  706.         if (time() - floor($ts 1000) > self::ROTATOR_TTL) {
  707.             return false;
  708.         }
  710.         if (empty($secret)) {
  711.             return true;
  712.         }
  714.         if ($sign !== sha1($rotator['rotatorId'] . $ts $uuid $secret)) {
  715.            return false;
  716.         }
  718.         if (!empty($rotator['playerUuid']) && $uuid !== $rotator['playerUuid']) {
  719.             return false;
  720.         }
  722.         return true;
  723.     }
  724. }