Merge pull request #150 from bunq/move-to-new-sandbox-bunq/sdk_php#149

Move to new sandbox #149
bunq · May 29, 2018 · 79a169a · 79a169a
2 parents 9d9ea46 + e9f50fd
commit 79a169a
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 29 deletions.
diff --git a/src/Context/ApiContext.php b/src/Context/ApiContext.php
@@ -22,7 +22,7 @@ class ApiContext
      * Api environment urls.
      */
     const BASE_URL_PRODUCTION = 'https://api.bunq.com/v1/';
-    const BASE_URL_SANDBOX = 'https://sandbox.public.api.bunq.com/v1/';
+    const BASE_URL_SANDBOX = 'https://public-api.sandbox.bunq.com/v1/';
 
     /**
      * Error constants.

diff --git a/src/Http/ApiClient.php b/src/Http/ApiClient.php
@@ -21,6 +21,16 @@
  */
 class ApiClient
 {
+    /**
+     * Error constants.
+     */
+    const ERROR_ENVIRONMENT_TYPE_UNKNOWN = 'Unknown environmentType "%s"';
+    const ERROR_MAC_OS_CURL_VERSION = 'Your PHP seems to be linked to the MacOS provided curl binary. ' .
+    'This is incompatible with our SDK, please reinstall by running: "brew reinstall %s --with-homebrew-curl".%s';
+    const ERROR_CURL_DOES_NOT_SUPPORT_ROOT_CERTIFICATE_PINNING =
+        //@codingStandardsIgnoreLine
+        'Curl does not support root certificate pinning. See https://curl.haxx.se/docs/todo.html#Support_intermediate_root_pinn';
+
     /**
      * Endpoints not requiring active session for the request to succeed.
      */
@@ -35,16 +45,9 @@ class ApiClient
     const INSTALLATION_URL = 'installation';
     const SESSION_SERVER_URL = 'session-server';
 
-    /**
-     * Error constants.
-     */
-    const ERROR_ENVIRONMENT_TYPE_UNKNOWN = 'Unknown environmentType "%s"';
-    const ERROR_MAC_OS_CURL_VERSION = 'Your PHP seems to be linked to the MacOS provided curl binary.';
-
     /**
      * Public key locations.
      */
-    const FILE_PUBLIC_KEY_ENVIRONMENT_SANDBOX = '/Certificate/sandbox.public.api.bunq.com.pubkey.pem';
     const FILE_PUBLIC_KEY_ENVIRONMENT_PRODUCTION = '/Certificate/api.bunq.com.pubkey.pem';
 
     /**
@@ -253,18 +256,18 @@ private function initializeHttpClient()
             $middleware = $this->determineMiddleware();
 
             $this->httpClient = new Client(
-                [
-                    self::OPTION_DEFAULTS => [
-                        self::OPTION_ALLOW_REDIRECTS => false,
-                        self::OPTION_EXCEPTIONS => false,
-                    ],
-                    self::OPTION_HANDLER => $middleware,
-                    self::OPTION_VERIFY => true,
-                    self::OPTION_CURL => [
-                        CURLOPT_PINNEDPUBLICKEY => $this->determinePinnedServerPublicKey(),
+                array_merge(
+                    [
+                        self::OPTION_DEFAULTS => [
+                            self::OPTION_ALLOW_REDIRECTS => false,
+                            self::OPTION_EXCEPTIONS => false,
+                        ],
+                        self::OPTION_HANDLER => $middleware,
+                        self::OPTION_VERIFY => true,
+                        self::OPTION_PROXY => $this->apiContext->getProxy(),
                     ],
-                    self::OPTION_PROXY => $this->apiContext->getProxy(),
-                ]
+                    $this->determinePinnedKeySetting()
+                )
             );
         }
     }
@@ -299,6 +302,22 @@ private function determineMiddleware(): HandlerStack
         return $handlerStack;
     }
 
+    /**
+     * @return string[]
+     */
+    private function determinePinnedKeySetting(): array
+    {
+        if ($this->apiContext->getEnvironmentType()->equals(BunqEnumApiEnvironmentType::SANDBOX())) {
+            return [];
+        } else {
+            return [
+                self::OPTION_CURL => [
+                    CURLOPT_PINNEDPUBLICKEY => $this->determinePinnedServerPublicKey(),
+                ],
+            ];
+        }
+    }
+
     /**
      * @return string
      * @throws BunqException when the environment type is unknown.
@@ -308,7 +327,7 @@ private function determinePinnedServerPublicKey(): string
         $environmentType = $this->apiContext->getEnvironmentType();
 
         if ($environmentType->equals(BunqEnumApiEnvironmentType::SANDBOX())) {
-            return __DIR__ . self::FILE_PUBLIC_KEY_ENVIRONMENT_SANDBOX;
+            throw new BunqException(self::ERROR_CURL_DOES_NOT_SUPPORT_ROOT_CERTIFICATE_PINNING);
         } elseif ($environmentType->equals(BunqEnumApiEnvironmentType::PRODUCTION())) {
             return __DIR__ . self::FILE_PUBLIC_KEY_ENVIRONMENT_PRODUCTION;
         } else {

diff --git a/src/Http/Certificate/sandbox.public.api.bunq.com.pubkey.pem b/src/Http/Certificate/sandbox.public.api.bunq.com.pubkey.pem