Check username via ecloud accounts api call

require_once('ecloud_account_creator.php');

require_once('wp_account_creator.php');

$NC_ADM = getenv("NEXTCLOUD_ADMIN_USER");

$NC_ADM_PWD = getenv("NEXTCLOUD_ADMIN_PASSWORD");

$domain = getenv("DOMAIN");

$mail_domain = getMailDomain();

    }

}

if (checkIfUserExists($resultmail)) {

    $error_string = $strings["error_account_taken"];

    $error_string = str_replace("@@@username@@@", $mbox, $error_string);

    sendAPIResponse(400, createAPIResponse("general", $error_string));

}

if (strcmp($pw, $pw2)) {

    $error_string = $strings["error_pw_mismatch"];

    sendAPIResponse(400, createAPIResponse("password_match", $error_string));

function getAccountsCreators(string $domain): array

{

    global $strings;

    $NC_URL = "https://$domain/";

    $NC_USERNAME_ADM = getenv("NEXTCLOUD_ADMIN_USER");

    $NC_USERNAME_PASSWORD = getenv("NEXTCLOUD_ADMIN_PASSWORD");

    $GITLAB_URL = getenv("GITLAB_URL");

    $GITLAB_TOKEN = getenv("GITLAB_TOKEN");

    $E_SHOP_URL = getenv("E_SHOP_URL");

    $E_SHOP_USERNAME = getenv("E_SHOP_USERNAME");

    $E_SHOP_APP_PASS = getenv("E_SHOP_APP_PASS");

    if ($NC_USERNAME_ADM === false || $NC_USERNAME_PASSWORD === false) {

        $message = $strings['error_server_side'];

        $response = createAPIResponse("error", $message);

        sendAPIResponse(500, $response);

    }

    $accountsCreators = array(

        'ecloud' => new \ECloudAccountCreator($NC_URL, $NC_USERNAME_ADM, $NC_USERNAME_PASSWORD)

        'ecloud' => new \ECloudAccountCreator($NC_URL)

    );

    if (shouldCreateGitlabAccount()) {

      $accountsCreators['gitlab'] = new \GitlabAccountCreator($GITLAB_URL, $GITLAB_TOKEN);

    sendEmailWithSendGrid($email);

}

function checkIfUserExists($mail)

{

    global $domain;

    global $NC_ADM; 

    global $NC_ADM_PWD;

    global $strings;

    $ch = curl_init();

    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");

    curl_setopt($ch, CURLOPT_HTTPHEADER, array(

        'OCS-APIRequest: true'

    ));

    curl_setopt($ch, CURLOPT_URL, "https://" . $NC_ADM . ":" . $NC_ADM_PWD . "@" . $domain . "/ocs/v1.php/cloud/users/" . $mail . "?format=json");

    $output = curl_exec($ch);

    $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);

    curl_close($ch);

    $output = json_decode($output);

    if($statusCode !== 200) {

        $error_string = $strings["error_server_side"];

        sendAPIResponse(500, createAPIResponse("general", $error_string));

    } else {

        if ($output->ocs->meta->statuscode === 404) {

            return false;

        } else {

            return true;

        }

    }

}

function setRecoveryEmail($id, $recoveryEmail) {

    global $domain;

    $ch = curl_init();

    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT");

    curl_setopt($ch, CURLOPT_HTTPHEADER, array(

        'OCS-APIRequest: true'

    ));

    $token = getenv("NEXTCLOUD_EMAIL_RECOVERY_APP_SECRET");

    $data = array(

        "email" => $recoveryEmail,

        "token" => $token

    );

    curl_setopt($ch, CURLOPT_URL, "https://" . $domain . "/apps/email-recovery/api/recovery-email/" . $id);

    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));

    curl_exec($ch);

    $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);

    curl_close($ch);

    return $statusCode;

}

function curlCallNextcloud($mail, $key, $value)

{

    global $domain;

    global $NC_ADM;

    global $NC_ADM_PWD;

    $ch = curl_init();

    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT");

    curl_setopt($ch, CURLOPT_HTTPHEADER, array(

        'OCS-APIRequest: true'

    ));

    $data = array(

        "key" => $key,

        "value" => $value,

        "format" => "json"

    );

    curl_setopt($ch, CURLOPT_URL, "https://" . $NC_ADM . ":" . $NC_ADM_PWD . "@" . $domain . "/ocs/v1.php/cloud/users/" . $mail);

    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));

    $output = curl_exec($ch);

    $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);

    curl_close($ch);

    return $output;

}

class ECloudAccountCreator implements AccountCreator

{

    private string $eCloudUrl;

    private string $eCloudUrlUsers;

    private string $eCloudCredentials;

    private string $ecloudUrl;

    private string $ecloudAccountsApiUrl;

    private int $quotaInMB = 1024;

    public function __construct(string $eCloudUrl, string $USERNAME_ADM, string $PASSWORD_ADM)

    public function __construct(string $ecloudUrl)

    {

        $this->eCloudUrl = endsWith($eCloudUrl, "/") ? $eCloudUrl : $eCloudUrl . "/";

        $this->eCloudUrlUsers = $this->eCloudUrl . "ocs/v2.php/cloud/users/";

        $this->eCloudCredentials = base64_encode($USERNAME_ADM . ":" . $PASSWORD_ADM);

        $this->ecloudUrl = endsWith($ecloudUrl, "/") ? $ecloudUrl : $ecloudUrl . "/";

        $this->ecloudAccountsApiUrl = $this->ecloudUrl . '/apps/ecloud-accounts/api/';

    }

    public function validateData(object $userData): ValidatedData

    {

        $id = "e_cloud_account_data";

        try {

            if ($this->isUsernameTaken($userData->username)) {

            // We use $userData->email as uid as it is set to username@domain

            if ($this->isUsernameTaken($userData->email)) {

                return new \ValidatedData($id, "error_account_taken");

            }

        } catch (\Error $_) {

        }

        return new \ValidatedData($id, null);

    }

    private function isUsernameTaken(string $username): bool

    private function isUsernameTaken(string $uid): bool

    {

        $curl = curl_init();

        curl_setopt_array($curl, array(

            CURLOPT_URL => $this->eCloudUrlUsers . $username,

            CURLOPT_RETURNTRANSFER => true,

            CURLOPT_ENCODING => "",

            CURLOPT_MAXREDIRS => 10,

            CURLOPT_TIMEOUT => 30,

            CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,

            CURLOPT_HTTPHEADER => array(

                "cache-control: no-cache",

                "content-type: application/json",

                "OCS-APIRequest: true",

                "Accept: application/json",

                "Authorization: Basic " . $this->eCloudCredentials

            ),

        ));

        curl_exec($curl);

        $statusCode = curl_getinfo($curl, CURLINFO_RESPONSE_CODE);

        $err = curl_error($curl);

        curl_close($curl);

        if (!empty($err)) {

        $token = getenv('ECLOUD_ACCOUNTS_SECRET');

        $ch = curl_init();

        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

        curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");

        $data = array(

            "uid" => $uid,

            "token" => $token,

        );

        curl_setopt($ch, CURLOPT_URL, $this->ecloudAccountsApiUrl . 'user_exists');

        curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));

        $output = curl_exec($ch);

        $output = json_decode($output);

        $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);

        if ($statusCode !== 200) {

            $err = curl_error($ch);

            throw new Error($err);

        }

        $userFound = $statusCode !== 404;

        return $userFound;

        return $output;

    }

    private function setAccountDataAtNextcloud(string $email, string $quota, string $recoveryEmail)

    {

        $token = getenv('ECLOUD_ACCOUNTS_SECRET');

        $domain = getenv('DOMAIN');

        $ch = curl_init();

        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

            "quota" => $quota,

            "recoveryEmail" => $recoveryEmail

        );

        curl_setopt($ch, CURLOPT_URL, 'https://' . $domain . '/apps/ecloud-accounts/api/set_account_data');

        curl_setopt($ch, CURLOPT_URL, $this->ecloudAccountsApiUrl . 'set_account_data');

        curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));

        $output = curl_exec($ch);

        $output = json_decode($output);