<?php
class Auth_placeholder_v2 extends CI_Controller {
   var $CHALENGE_KEY = "--njw-chalenge-321";
   var $TOKEN_KEY = "--njw-token-321";
   public function index()
   {
      echo "AUTH API V2";
   }
   public function __construct()
   {
      parent::__construct();
      $this->load->library("Jwt");
   }
   function chalenge() {
    $this->corss();
    $param_chalenge = date("YmdHis");
    $ckey = JWT::encode($param_chalenge,$this->CHALENGE_KEY);
    echo json_encode(["status" => "OK", "chalenge" => $ckey]);
   }
   function get_param() {
    $sparam = file_get_contents("php://input");
    $jparam = json_decode($sparam,true);
    return $jparam; 
   }
   function auth() {
    $param = $this->get_param();
    $username = $param["username"];
    $chalenge = $param["chalenge"];
    $password = $param["password"];
    $date = JWT::decode($chalenge,$this->CHALENGE_KEY);
    $xdate = date("YmdHis",strtotime("now - 1 minute"));
    $is_expired = $date < $xdate;
    echo "chalenge date : $date | last 1 minute $xdate => " . ( $is_expired ? " Valid " : "Expired");
    echo "\n\n";
    $x_pw = hash_hmac("sha512","admin123",$chalenge);
    echo "pw : $password | $x_pw => " . ( $password == $x_pw ? " OK " : " Not OK");
   }
   function corss() {
      global $_SERVER;
      if (isset($_SERVER["HTTP_ORIGIN"])) {
         header('Access-Control-Allow-Origin: ' . $_SERVER["HTTP_ORIGIN"]);
      } else {
         header('Access-Control-Allow-Origin: */*' );
      }
      header('Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS');
      header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization');
      if ( isset($_SERVER["REQUEST_METHOD"]) && $_SERVER["REQUEST_METHOD"] == "OPTIONS") {
         http_response_code(200);
         echo json_encode("OK");
         exit;
      }
   }
   function check_token() {
      $req_headers = $headers = array_change_key_case(getallheaders(), CASE_LOWER);
      $isLogin = false;
      $user = [];
      if (isset($req_headers["authorization"])) {
         //have bearer
         list($bearer, $token) = explode(" ", trim($req_headers["authorization"]));
         $user =JWT::decode($token,$this->SECRET_KEY); 
         $isLogin = true;
      }
      return [$isLogin,$user];
   }
}

/*
 var enc = new TextEncoder("utf-8");

window.crypto.subtle.importKey(
    "raw", // raw format of the key - should be Uint8Array
    enc.encode("eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.IjIwMjIwNDExMDUxOTE1Ig.gn7rkM_UAluoChLQWxJ5ZSqp0mxpekK_5Ex18kEM1fI"),
    { // algorithm details
        name: "HMAC",
        hash: {name: "SHA-512"}
    },
    false, // export = false
    ["sign", "verify"] // what this key can do
).then( key => {
    window.crypto.subtle.sign(
        "HMAC",
        key,
        enc.encode("admin123")
    ).then(signature => {
        var b = new Uint8Array(signature);
        var str = Array.prototype.map.call(b, x => ('00'+x.toString(16)).slice(-2)).join("")
        console.log(str);
    });
});

*/
?>