From 8e3f4dd427d0ebe61e37184fcf20a5bc5922d265 Mon Sep 17 00:00:00 2001
From: Sarah Savage <me@sarah-savage.com>
Date: Sun, 13 Oct 2024 11:31:08 -0400
Subject: [PATCH 1/4] Adding random generation of an API token for the
 repository

---
 config/routes.php                               |  2 ++
 src/ConfigProvider.php                          |  4 ++++
 .../Api/V1/ApiTokenIssuanceHandler.php          | 17 +++++++++++++++++
 3 files changed, 23 insertions(+)
 create mode 100644 src/Repository/Api/V1/ApiTokenIssuanceHandler.php

diff --git a/config/routes.php b/config/routes.php
index 5359bcf..fe00e33 100644
--- a/config/routes.php
+++ b/config/routes.php
@@ -2,6 +2,7 @@
 
 declare(strict_types=1);
 
+use AspirePress\AspireCloud\Repository\Api\V1\ApiTokenIssuanceHandler;
 use AspirePress\AspireCloud\V1\CatchAll\Handlers\CatchAllHandler;
 use Mezzio\Application;
 use Mezzio\MiddlewareFactory;
@@ -26,5 +27,6 @@
  */
 
 return static function (Application $app, MiddlewareFactory $factory, ContainerInterface $container): void {
+    $app->post('/repository/api/v1/apitoken', ApiTokenIssuanceHandler::class, 'repository.api.v1.apitoken');
     $app->route('/{path:.*}', CatchAllHandler::class, ['GET', 'POST'], 'app.home');
 };
diff --git a/src/ConfigProvider.php b/src/ConfigProvider.php
index aa87c46..b4477f3 100644
--- a/src/ConfigProvider.php
+++ b/src/ConfigProvider.php
@@ -6,6 +6,7 @@
 
 use AspirePress\AspireCloud\Data\Factories\PluginRepositoryFactory;
 use AspirePress\AspireCloud\Data\Repositories\PluginRepository;
+use AspirePress\AspireCloud\Repository\Api\V1\ApiTokenIssuanceHandler;
 use Aura\Sql\ExtendedPdoInterface;
 use Laminas\ServiceManager\Factory\InvokableFactory;
 use Laminas\Stratigility\Middleware\ErrorHandler;
@@ -20,6 +21,9 @@ public function __invoke(): array
     {
         return [
             'dependencies' => [
+                'invokables' => [
+                    ApiTokenIssuanceHandler::class => ApiTokenIssuanceHandler::class,
+                ],
                 'delegators' => [
                     ErrorHandler::class => [LoggingListenerDelegatorFactory::class],
                 ],
diff --git a/src/Repository/Api/V1/ApiTokenIssuanceHandler.php b/src/Repository/Api/V1/ApiTokenIssuanceHandler.php
new file mode 100644
index 0000000..7e6b920
--- /dev/null
+++ b/src/Repository/Api/V1/ApiTokenIssuanceHandler.php
@@ -0,0 +1,17 @@
+<?php
+
+namespace AspirePress\AspireCloud\Repository\Api\V1;
+
+use Laminas\Diactoros\Response\JsonResponse;
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\ServerRequestInterface;
+use Psr\Http\Message\StreamInterface;
+use Psr\Http\Server\RequestHandlerInterface;
+
+class ApiTokenIssuanceHandler implements RequestHandlerInterface
+{
+    public function handle(ServerRequestInterface $request): ResponseInterface
+    {
+        return new JsonResponse(['api_key' => bin2hex(random_bytes(16))]);
+    }
+}
\ No newline at end of file

From 950045ef0fbde68310ea4327ec0881c8773e66e1 Mon Sep 17 00:00:00 2001
From: Sarah Savage <me@sarah-savage.com>
Date: Sun, 13 Oct 2024 11:40:31 -0400
Subject: [PATCH 2/4] Adding CORS configuration

---
 composer.json                   |  1 +
 composer.lock                   | 74 ++++++++++++++++++++++++++++++++-
 config/autoload/cors.global.php | 12 ++++++
 config/config.php               |  1 +
 config/pipeline.php             |  3 ++
 5 files changed, 89 insertions(+), 2 deletions(-)
 create mode 100644 config/autoload/cors.global.php

diff --git a/composer.json b/composer.json
index 8cae116..ee61b40 100644
--- a/composer.json
+++ b/composer.json
@@ -22,6 +22,7 @@
         "laminas/laminas-servicemanager": "^3.4",
         "laminas/laminas-stdlib": "^3.6",
         "mezzio/mezzio": "^3.7",
+        "mezzio/mezzio-cors": "^1.12",
         "mezzio/mezzio-fastroute": "^3.0.3",
         "mezzio/mezzio-helpers": "^5.7",
         "monolog/monolog": "^3.2",
diff --git a/composer.lock b/composer.lock
index 47e6e7c..d1d1f23 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "0d505500d8a41ec10e1eab442f1952db",
+    "content-hash": "6c6fd006490a902f9f5fbd85b4d4db78",
     "packages": [
         {
             "name": "aura/sql",
@@ -2613,6 +2613,76 @@
             ],
             "time": "2024-07-18T21:48:03+00:00"
         },
+        {
+            "name": "mezzio/mezzio-cors",
+            "version": "1.12.1",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/mezzio/mezzio-cors.git",
+                "reference": "68644b5657277a0c9ec34bf41788655db2b72666"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/mezzio/mezzio-cors/zipball/68644b5657277a0c9ec34bf41788655db2b72666",
+                "reference": "68644b5657277a0c9ec34bf41788655db2b72666",
+                "shasum": ""
+            },
+            "require": {
+                "fig/http-message-util": "^1.1",
+                "mezzio/mezzio-router": "^3.1",
+                "php": "~8.1.0 || ~8.2.0 || ~8.3.0",
+                "psr/container": "^1.0 || ^2.0",
+                "psr/http-factory": "^1.0",
+                "psr/http-message": "^1.0 || ^2.0",
+                "psr/http-server-handler": "^1.0",
+                "psr/http-server-middleware": "^1.0",
+                "webmozart/assert": "^1.11.0"
+            },
+            "require-dev": {
+                "laminas/laminas-coding-standard": "~2.5.0",
+                "laminas/laminas-diactoros": "^3.3.1",
+                "phpunit/phpunit": "^10.5.11",
+                "psalm/plugin-phpunit": "^0.19.0",
+                "vimeo/psalm": "^5.22.2"
+            },
+            "type": "library",
+            "extra": {
+                "laminas": {
+                    "config-provider": "Mezzio\\Cors\\ConfigProvider"
+                }
+            },
+            "autoload": {
+                "psr-4": {
+                    "Mezzio\\Cors\\": "src"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "BSD-3-Clause"
+            ],
+            "description": "CORS component for Mezzio and other PSR-15 middleware runners.",
+            "keywords": [
+                "cors",
+                "mezzio",
+                "psr-15",
+                "psr-7"
+            ],
+            "support": {
+                "chat": "https://laminas.dev/chat",
+                "docs": "https://docs.laminas.dev/mezzio-cors/",
+                "forum": "https://discourse.laminas.dev",
+                "issues": "https://github.com/mezzio/mezzio-cors/issues",
+                "rss": "https://github.com/mezzio/mezzio-cli/releases.atom",
+                "source": "https://github.com/mezzio/mezzio-cors"
+            },
+            "funding": [
+                {
+                    "url": "https://funding.communitybridge.org/projects/laminas-project",
+                    "type": "community_bridge"
+                }
+            ],
+            "time": "2024-06-10T17:00:49+00:00"
+        },
         {
             "name": "mezzio/mezzio-fastroute",
             "version": "3.11.0",
@@ -9691,6 +9761,6 @@
     "platform": {
         "php": "^8.3"
     },
-    "platform-dev": {},
+    "platform-dev": [],
     "plugin-api-version": "2.6.0"
 }
diff --git a/config/autoload/cors.global.php b/config/autoload/cors.global.php
new file mode 100644
index 0000000..bc49fa5
--- /dev/null
+++ b/config/autoload/cors.global.php
@@ -0,0 +1,12 @@
+<?php
+
+declare(strict_types=1);
+
+use Mezzio\Cors\Configuration\ConfigurationInterface;
+
+return [
+    ConfigurationInterface::CONFIGURATION_IDENTIFIER => [
+        'allowed_origins' => ['*'],
+        'allowed_methods' => ['GET', 'POST'],
+    ]
+];
\ No newline at end of file
diff --git a/config/config.php b/config/config.php
index f671d1c..0f73827 100644
--- a/config/config.php
+++ b/config/config.php
@@ -14,6 +14,7 @@
 ];
 
 $aggregator = new ConfigAggregator([
+    \Mezzio\Cors\ConfigProvider::class,
     \Mezzio\ConfigProvider::class,
     \Mezzio\Tooling\ConfigProvider::class,
     \Mezzio\Helper\ConfigProvider::class,
diff --git a/config/pipeline.php b/config/pipeline.php
index 68ff39c..8d1a54b 100644
--- a/config/pipeline.php
+++ b/config/pipeline.php
@@ -4,6 +4,7 @@
 
 use Laminas\Stratigility\Middleware\ErrorHandler;
 use Mezzio\Application;
+use Mezzio\Cors\Middleware\CorsMiddleware;
 use Mezzio\Handler\NotFoundHandler;
 use Mezzio\Helper\BodyParams\BodyParamsMiddleware;
 use Mezzio\Helper\ServerUrlMiddleware;
@@ -44,6 +45,8 @@
     // - $app->pipe('/docs', $apiDocMiddleware);
     // - $app->pipe('/files', $filesMiddleware);
 
+    $app->pipe(CorsMiddleware::class);
+
     // Register the routing middleware in the middleware pipeline.
     // This middleware registers the Mezzio\Router\RouteResult request attribute.
     $app->pipe(RouteMiddleware::class);

From 28cc82c932e56e040bad2ce0f8c7223df91bb709 Mon Sep 17 00:00:00 2001
From: Sarah Savage <me@sarah-savage.com>
Date: Sun, 13 Oct 2024 11:46:23 -0400
Subject: [PATCH 3/4] Setting configuration for CORS

---
 config/autoload/cors.global.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/config/autoload/cors.global.php b/config/autoload/cors.global.php
index bc49fa5..36e66f6 100644
--- a/config/autoload/cors.global.php
+++ b/config/autoload/cors.global.php
@@ -7,6 +7,5 @@
 return [
     ConfigurationInterface::CONFIGURATION_IDENTIFIER => [
         'allowed_origins' => ['*'],
-        'allowed_methods' => ['GET', 'POST'],
-    ]
+    ],
 ];
\ No newline at end of file

From 9c282e2e3f290aa710ab55daeb7d2469a8dea4ea Mon Sep 17 00:00:00 2001
From: Sarah Savage <me@sarah-savage.com>
Date: Sun, 13 Oct 2024 11:55:08 -0400
Subject: [PATCH 4/4] Style fixes

---
 config/autoload/cors.global.php                   | 2 +-
 src/Repository/Api/V1/ApiTokenIssuanceHandler.php | 5 +++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/config/autoload/cors.global.php b/config/autoload/cors.global.php
index 36e66f6..3e8d510 100644
--- a/config/autoload/cors.global.php
+++ b/config/autoload/cors.global.php
@@ -8,4 +8,4 @@
     ConfigurationInterface::CONFIGURATION_IDENTIFIER => [
         'allowed_origins' => ['*'],
     ],
-];
\ No newline at end of file
+];
diff --git a/src/Repository/Api/V1/ApiTokenIssuanceHandler.php b/src/Repository/Api/V1/ApiTokenIssuanceHandler.php
index 7e6b920..9d42de1 100644
--- a/src/Repository/Api/V1/ApiTokenIssuanceHandler.php
+++ b/src/Repository/Api/V1/ApiTokenIssuanceHandler.php
@@ -1,11 +1,12 @@
 <?php
 
+declare(strict_types=1);
+
 namespace AspirePress\AspireCloud\Repository\Api\V1;
 
 use Laminas\Diactoros\Response\JsonResponse;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
-use Psr\Http\Message\StreamInterface;
 use Psr\Http\Server\RequestHandlerInterface;
 
 class ApiTokenIssuanceHandler implements RequestHandlerInterface
@@ -14,4 +15,4 @@ public function handle(ServerRequestInterface $request): ResponseInterface
     {
         return new JsonResponse(['api_key' => bin2hex(random_bytes(16))]);
     }
-}
\ No newline at end of file
+}