GDATASoftwareAG · lennartdohmann · Dec 12, 2024 · Dec 12, 2024 · Dec 12, 2024 · Dec 12, 2024
diff --git a/.github/workflows/ci-php.yaml b/.github/workflows/ci-php.yaml
@@ -29,7 +29,7 @@ on:
 env:
   CLIENT_ID: ${{ secrets.CLIENT_ID }}
   CLIENT_SECRET: ${{secrets.CLIENT_SECRET}}
-  VAAS_URL: "wss://gateway.production.vaas.gdatasecurity.de"
+  VAAS_URL: "https://gateway.production.vaas.gdatasecurity.de"
   TOKEN_URL: "https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token"
   VAAS_CLIENT_ID: ${{ secrets.VAAS_CLIENT_ID }}
   VAAS_USER_NAME: ${{ secrets.VAAS_USER_NAME }}
@@ -57,7 +57,7 @@ jobs:
         run: |
           echo "CLIENT_ID=${{ secrets.STAGING_CLIENT_ID }}" >> $GITHUB_ENV
           echo "CLIENT_SECRET=${{ secrets.STAGING_CLIENT_SECRET }}" >> $GITHUB_ENV
-          echo "VAAS_URL=wss://gateway.staging.vaas.gdatasecurity.de" >> $GITHUB_ENV
+          echo "VAAS_URL=https://gateway.staging.vaas.gdatasecurity.de" >> $GITHUB_ENV
           echo "TOKEN_URL=https://account-staging.gdata.de/realms/vaas-staging/protocol/openid-connect/token" >> $GITHUB_ENV
           echo "VAAS_CLIENT_ID=${{ secrets.STAGING_VAAS_CLIENT_ID }}" >> $GITHUB_ENV
           echo "VAAS_USER_NAME=${{ secrets.STAGING_VAAS_USER_NAME }}" >> $GITHUB_ENV
@@ -68,7 +68,7 @@ jobs:
         run: |
           echo "CLIENT_ID=${{ secrets.DEVELOP_CLIENT_ID }}" >> $GITHUB_ENV
           echo "CLIENT_SECRET=${{ secrets.DEVELOP_CLIENT_SECRET }}" >> $GITHUB_ENV
-          echo "VAAS_URL=wss://gateway.develop.vaas.gdatasecurity.de" >> $GITHUB_ENV
+          echo "VAAS_URL=https://gateway.develop.vaas.gdatasecurity.de" >> $GITHUB_ENV
           echo "TOKEN_URL=https://account-staging.gdata.de/realms/vaas-develop/protocol/openid-connect/token" >> $GITHUB_ENV
           echo "VAAS_CLIENT_ID=${{ secrets.DEVELOP_VAAS_CLIENT_ID }}" >> $GITHUB_ENV
           echo "VAAS_USER_NAME=${{ secrets.DEVELOP_VAAS_USER_NAME }}" >> $GITHUB_ENV
@@ -82,12 +82,12 @@ jobs:
       - name: install php dependencies
         uses: php-actions/composer@v6
         with:
-          working_dir: php/tests/vaas
+          working_dir: php/tests/VaasTesting
           php_version: ${{ matrix.version }}
 
       - name: run tests
-        run: ./vendor/bin/phpunit --colors --testdox
-        working-directory: php/tests/vaas
+        run: ./vendor/bin/phpunit --colors --testdox --exclude-group exclude
+        working-directory: php/tests/VaasTesting
 
       - name: install example requirements
         run: composer install

diff --git a/php/examples/Readme.md b/php/examples/Readme.md
@@ -1,3 +1,3 @@
 # Examples
 
-You find some examples for *VaaS* interagtions in this folder. All examples or in a research or MVP state. None of them is production ready or intended to ever be.
+You find some examples for *VaaS* integrations in this folder. All examples or in a research or MVP state. None of them is production ready or intended to ever be.
diff --git a/php/examples/VaasExample/AuthenticationExamples.php b/php/examples/VaasExample/AuthenticationExamples.php
@@ -3,54 +3,33 @@
 namespace VaasExamples;
 
 use VaasSdk\Authentication\ClientCredentialsGrantAuthenticator;
-use VaasSdk\Exceptions\InvalidSha256Exception;
-use VaasSdk\Exceptions\TimeoutException;
-use VaasSdk\Exceptions\VaasAuthenticationException;
-use VaasSdk\ResourceOwnerPasswordGrantAuthenticator;
+use VaasSdk\Sha256;
 use VaasSdk\Vaas;
 
-$USE_RESOURCE_OWNER_PASSWORD_GRANT_AUTHENTICATOR = false;
-
 // If you got a username and password from us, you can use the ResourceOwnerPasswordAuthenticator like this
-if ($USE_RESOURCE_OWNER_PASSWORD_GRANT_AUTHENTICATOR){
-    $authenticator = new ResourceOwnerPasswordGrantAuthenticator(
-        "vaas-customer",
-        getenv("VAAS_USER_NAME"),
-        getenv("VAAS_PASSWORD"),
-        getenv("TOKEN_URL")
-    );
-}
+
+// $authenticator = new ResourceOwnerPasswordGrantAuthenticator(
+//     clientId: getenv("CLIENT_ID"),
+//     username: getenv("USERNAME"),
+//     password: getenv("PASSWORD"),
+//     tokenUrl: getenv("TOKEN_URL")
+// );
+    
 // You may use self registration and create a new username and password for the
-// ResourceOwnerPasswordAuthenticator by yourself like the example above on https://vaas.gdata.de/login
-
-// If you got a client id and client secret from us, you can use the ClientCredentialsGrantAuthenticator like this
-else{
-    $authenticator = new ClientCredentialsGrantAuthenticator(
-        getenv("CLIENT_ID"),
-        getenv("CLIENT_SECRET"),
-        getenv("TOKEN_URL")
-    );
-}
-
-$vaas = new Vaas(
-    getenv("VAAS_URL")
+// `Password` authentication method by yourself like the example above on https://vaas.gdata.de/login
+
+// If you got a client id and client secret from us, you can use the `Client Credentials` authentication method like this
+
+$authenticator = new ClientCredentialsGrantAuthenticator(
+    clientId: getenv("CLIENT_ID"),
+    clientSecret: getenv("CLIENT_SECRET"),
+    tokenUrl: getenv("TOKEN_URL")
 );
 
-try {
-    $vaas->Connect($authenticator->getToken());
-} catch (VaasAuthenticationException $e) {
-    fwrite(STDERR, "Authentication failed: " . $e->getMessage() . "\n");
-    exit(1);
-}
+$vaas = Vaas::builder()
+    ->withAuthenticator($authenticator)
+    ->build();
 
 // Get verdict for an eicar hash
-try {
-    $vaasVerdict = $vaas->ForSha256("000005c43196142f01d615a67b7da8a53cb0172f8e9317a2ec9a0a39a1da6fe8");
-} catch (InvalidSha256Exception $e) {
-    fwrite(STDERR, "Invalid sha256: " . $e->getMessage() . "\n");
-    exit(1);
-} catch (TimeoutException $e) {
-    fwrite(STDERR, "Timeout: " . $e->getMessage() . "\n");
-    exit(1);
-}
-fwrite(STDOUT, "Verdict for $vaasVerdict->Sha256 is $vaasVerdict->Verdict \n");
+$vaasVerdict = $vaas->forSha256Async(Sha256::TryFromString("000005c43196142f01d615a67b7da8a53cb0172f8e9317a2ec9a0a39a1da6fe8"))->await();
+fwrite(STDOUT, "Verdict for $vaasVerdict->sha256 is $vaasVerdict->verdict->value \n");
diff --git a/php/examples/VaasExample/GetVerdictByFile.php b/php/examples/VaasExample/GetVerdictByFile.php
@@ -7,18 +7,19 @@
 
 include_once("./vendor/autoload.php");
 
+
 $authenticator = new ClientCredentialsGrantAuthenticator(
-    getenv("CLIENT_ID"),
-    getenv("CLIENT_SECRET"),
-    getenv("TOKEN_URL") ?: "https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token"
+    clientId: getenv("CLIENT_ID"),
+    clientSecret: getenv("CLIENT_SECRET"),
+    tokenUrl: getenv("TOKEN_URL")
 );
 
-$vaas = (new Vaas())
+$vaas = Vaas::builder()
     ->withAuthenticator($authenticator)
-    ->withUrl(getenv("VAAS_URL") ?? "wss://gateway.production.vaas.gdatasecurity.de")
     ->build();
 
+
 $scanPath = getenv("SCAN_PATH");
-$vaasVerdict = $vaas->ForFile($scanPath);
+$vaasVerdict = $vaas->forFileAsync($scanPath)->await();
 
-fwrite(STDOUT, "Verdict for $vaasVerdict->Sha256 is " . $vaasVerdict->Verdict->value . " \n");
+fwrite(STDOUT, "Verdict for $vaasVerdict->sha256 is " . $vaasVerdict->verdict->value . " \n");
diff --git a/php/examples/VaasExample/GetVerdictByHash.php b/php/examples/VaasExample/GetVerdictByHash.php
@@ -3,23 +3,28 @@
 namespace VaasExamples;
 
 use VaasSdk\Authentication\ClientCredentialsGrantAuthenticator;
+use VaasSdk\Sha256;
 use VaasSdk\Vaas;
 
 include_once("./vendor/autoload.php");
 
+
 $authenticator = new ClientCredentialsGrantAuthenticator(
-    getenv("CLIENT_ID"),
-    getenv("CLIENT_SECRET"),
-    getenv("TOKEN_URL") ?: "https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token"
+    clientId: getenv("CLIENT_ID"),
+    clientSecret: getenv("CLIENT_SECRET"),
+    tokenUrl: getenv("TOKEN_URL")
 );
-$vaas = (new Vaas())
+
+$vaas = Vaas::builder()
     ->withAuthenticator($authenticator)
-    ->withUrl(getenv("VAAS_URL") ?? "wss://gateway.production.vaas.gdatasecurity.de")
     ->build();
 
-// EICAR
-$vaasVerdict = $vaas->ForSha256("000005c43196142f01d615a67b7da8a53cb0172f8e9317a2ec9a0a39a1da6fe8");
-fwrite(STDOUT, "Verdict for $vaasVerdict->Sha256 is " . $vaasVerdict->Verdict->value . " \n");
-// SOMEFILE
-$vaasVerdict = $vaas->ForSha256("70caea443deb0d0a890468f9ac0a9b1187676ba3e66eb60a722b187107eb1ea8");
-fwrite(STDOUT, "Verdict for $vaasVerdict->Sha256 is " . $vaasVerdict->Verdict->value . " \n");
+
+// Malicious hash
+$vaasVerdict = $vaas->forSha256Async(Sha256::TryFromString("000005c43196142f01d615a67b7da8a53cb0172f8e9317a2ec9a0a39a1da6fe8"))->await();
+fwrite(STDOUT, "Verdict for $vaasVerdict->sha256 is " . $vaasVerdict->verdict->value . " \n");
+
+
+// Some file
+$vaasVerdict = $vaas->forSha256Async(Sha256::TryFromString("70caea443deb0d0a890468f9ac0a9b1187676ba3e66eb60a722b187107eb1ea8"))->await();
+fwrite(STDOUT, "Verdict for $vaasVerdict->sha256 is " . $vaasVerdict->verdict->value . " \n");
diff --git a/php/examples/VaasExample/GetVerdictByUrl.php b/php/examples/VaasExample/GetVerdictByUrl.php
@@ -7,19 +7,22 @@
 
 include_once("./vendor/autoload.php");
 
+
 $authenticator = new ClientCredentialsGrantAuthenticator(
-    getenv("CLIENT_ID"),
-    getenv("CLIENT_SECRET"),
-    getenv("TOKEN_URL") ?: "https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token"
+    clientId: getenv("CLIENT_ID"),
+    clientSecret: getenv("CLIENT_SECRET"),
+    tokenUrl: getenv("TOKEN_URL")
 );
-$vaas = (new Vaas())
+
+$vaas = Vaas::builder()
     ->withAuthenticator($authenticator)
-    ->withUrl(getenv("VAAS_URL") ?? "wss://gateway.production.vaas.gdatasecurity.de")
     ->build();
 
+
 // EICAR
-$vaasVerdict = $vaas->ForUrl("https://secure.eicar.org/eicar.com");
-fwrite(STDOUT, "Verdict for $vaasVerdict->Sha256 is " . $vaasVerdict->Verdict->value . " \n");
-// SOMEFILE
-$vaasVerdict = $vaas->ForUrl("https://www.gdatasoftware.com/oem/verdict-as-a-service");
-fwrite(STDOUT, "Verdict for $vaasVerdict->Sha256 is " . $vaasVerdict->Verdict->value . " \n");
+$vaasVerdict = $vaas->forUrlAsync("https://secure.eicar.org/eicar.com")->await();
+fwrite(STDOUT, "Verdict for $vaasVerdict->sha256 is " . $vaasVerdict->verdict->value . " \n");
+
+// Some file
+$vaasVerdict = $vaas->forUrlAsync("https://www.gdatasoftware.com/oem/verdict-as-a-service")->await();
+fwrite(STDOUT, "Verdict for $vaasVerdict->sha256 is " . $vaasVerdict->verdict->value . " \n");
diff --git a/php/examples/wordpress/src/gd-scan/Vaas/Client.php b/php/examples/wordpress/src/gd-scan/Vaas/Client.php
@@ -2,8 +2,8 @@
 
 namespace WpGdScan\Vaas;
 
-use VaasSdk\Vaas;
 use VaasSdk\Authentication\ClientCredentialsGrantAuthenticator;
+use VaasSdk\Vaas;
 
 class Client
 {

diff --git a/php/phpunit.xml b/php/phpunit.xml
diff --git a/php/src/vaas/Authentication/AuthenticatorInterface.php b/php/src/vaas/Authentication/AuthenticatorInterface.php
@@ -2,6 +2,9 @@
 
 namespace VaasSdk\Authentication;
 
-interface AuthenticatorInterface {
-    public function getToken(): string;
-}
+use Amp\Cancellation;
+
+interface AuthenticatorInterface
+{
+    public function getTokenAsync(?Cancellation $cancellation = null): string;
+}
diff --git a/php/src/vaas/Authentication/ClientCredentialsGrantAuthenticator.php b/php/src/vaas/Authentication/ClientCredentialsGrantAuthenticator.php
@@ -2,17 +2,41 @@
 
 namespace VaasSdk\Authentication;
 
-class ClientCredentialsGrantAuthenticator implements AuthenticatorInterface {
-    private OAuth2TokenReceiver $_tokenReceiver;
-    public function __construct(
-        string $clientId,
-        string $clientSecret,
-        string $tokenEndpoint = "https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token"
-    ) {
-        $this->_tokenReceiver = new OAuth2TokenReceiver($tokenEndpoint, $clientId, $clientSecret);
+use Amp\Cancellation;
+use Amp\Http\Client\HttpClient;
+use VaasSdk\Options\AuthenticationOptions;
+
+class ClientCredentialsGrantAuthenticator implements AuthenticatorInterface
+{
+    private TokenReceiver $tokenReceiver;
+
+    /**
+     * The authenticator for the client credentials grant type if you have a client id and client secret.
+     * @param string $clientId The client id
+     * @param string $clientSecret The client secret
+     * @param string|null $tokenUrl The optional token url. Defaults to 'https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token'
+     * @param HttpClient|null $httpClient Your optional custom http client.
+     */
+    public function __construct(string $clientId, string $clientSecret, ?string $tokenUrl = null, ?HttpClient $httpClient = null)
+    {
+        $options = new AuthenticationOptions(
+            grantType: GrantType::CLIENT_CREDENTIALS,
+            clientId: $clientId,
+            tokenUrl: $tokenUrl ?? 'https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token',
+            clientSecret: $clientSecret
+        );
+        $this->tokenReceiver = new TokenReceiver($options, $httpClient);
     }
 
-    public function getToken(): string {
-        return $this->_tokenReceiver->GetToken();
+    /**
+     * Gets the access token asynchronously.
+     * If the token is still valid, it will be returned immediately.
+     * If the token is expired, a new token will be requested.
+     * @param Cancellation|null $cancellation Cancellation token
+     * @return string The access token string
+     */
+    public function getTokenAsync(?Cancellation $cancellation = null): string
+    {
+        return $this->tokenReceiver->getTokenAsync($cancellation)->await();
     }
-}
+}
diff --git a/php/src/vaas/Authentication/GrantType.php b/php/src/vaas/Authentication/GrantType.php
@@ -0,0 +1,9 @@
+<?php
+
+namespace VaasSdk\Authentication;
+
+enum GrantType: string 
+{
+    case CLIENT_CREDENTIALS = 'client_credentials';
+    case PASSWORD = 'password';
+}
diff --git a/php/src/vaas/Authentication/OAuth2TokenReceiver.php b/php/src/vaas/Authentication/OAuth2TokenReceiver.php