wcApiUrl ='https://api-worldcheck.refinitiv.com'; $this->wcApiKey = 'MY-KEY'; $this->wcApiSecret = 'MY_SECRET'; } /** * Generates an associative array with required authorization headers (Date, Authorization, Content-Type, Content-Length). * * @param string $wcApiKey User's API key. * @param string $wcApiSecret User's API secret. * @param string $httpMethod HTTP method of a request (e.g. "get", "options", "head", "post", "put", "patch", or "delete"). * @param string $url URL to send the request to (e.g. "https://www.example.com/resources"). * @param string|null $contentType (optional) Content type of the request payload/body (e.g. "application/json"). * @param string|null $payload (optional) The request payload/body. * @return array (an associative array) with required headers for authorization * (Date, Authorization, Content-Type, Content-Length). * @throws InvalidArgumentException if there is only one $contentType or $payload value, or if $contentType is not supported. * Currently, only the $contentType value "application/json" is supported. */ public static function generateAuthHeaders($wcApiKey,$wcApiSecret,$httpMethod,$url,$contentType = null,$payload = null) { wordCheckOneAPI::validatePayload($contentType, $payload); $date = wordCheckOneAPI::generateDateHeader(); $authorization = wordCheckOneAPI::generateAuthorizationHeader($wcApiKey, $wcApiSecret, $httpMethod, $url, $contentType, $payload, $date); $authHeaders = [ 'Date' => $date, 'Authorization' => $authorization ]; if ($payload != null) { $authHeaders['Content-Type'] = $contentType; $authHeaders['Content-Length'] = strval(strlen($payload)); } return $authHeaders; } private static function validatePayload($contentType, $payload){ $CONTENT_TYPE_PREFIX = 'application/json'; if ($contentType != null && strpos($contentType, $CONTENT_TYPE_PREFIX) !== 0) { throw new InvalidArgumentException("Unsupported content type $contentType"); } if ($contentType != null && $payload == null) { throw new InvalidArgumentException('The request payload(body) has not been provided'); } if ($contentType == null && $payload != null) { throw new InvalidArgumentException('The content type of request payload(body) has not been provided'); } } private static function generateAuthorizationHeader($wcApiKey,$wcApiSecret,$httpMethod,$url,$contentType,$payload,$date){ $SIGNATURE_HEADERS = '(request-target) host date'; $SIGNATURE_HEADERS_WITH_CONTENT = $SIGNATURE_HEADERS . ' content-type content-length'; $headers = $payload == null ? $SIGNATURE_HEADERS : $SIGNATURE_HEADERS_WITH_CONTENT; $signature = wordCheckOneAPI::generateSignature($wcApiSecret, $httpMethod, $url, $contentType, $payload, $date); return "Signature keyId=\"$wcApiKey\",algorithm=\"hmac-sha256\",headers=\"$headers\",signature=\"$signature\""; } private static function generateSignature($wcApiSecret,$httpMethod,$url,$contentType,$payload,$date){ $path = parse_url($url, PHP_URL_PATH); $host = parse_url($url, PHP_URL_HOST); $method = strtolower($httpMethod); $dataToSign = "(request-target): $method $path\nhost: $host\ndate: $date"; if ($payload != null) { $contentLength = strlen($payload); $dataToSign .= "\ncontent-type: $contentType\ncontent-length: $contentLength\n$payload"; } return wordCheckOneAPI::signDataWithHmacSha256($wcApiSecret, $dataToSign); } private static function signDataWithHmacSha256($wcApiSecret,$dataToSign){ $hashDigest = hash_init("sha256", HASH_HMAC, $wcApiSecret); hash_update($hashDigest, $dataToSign); return base64_encode(hash_final($hashDigest, TRUE)); } /** * Generates Date header value. * * @return string Current date and time in GMT timezone in RFC 1123 date format (e.g. "Wed, 25 May 2022 12:53:15 GMT"). */ private static function generateDateHeader(){ return gmdate('D, d M Y H:i:s \G\M\T', time()); } public function getTopLevelGroups(){ $payload = null; $httpMethod = 'GET'; $globalVariables = new wordCheckOneAPI(); $url = $globalVariables->wcApiUrl.'/v2/groups'; $headers = $this->generateAuthHeaders($globalVariables->wcApiKey, $globalVariables->wcApiSecret,$httpMethod,$url); $response = $this->curlRequest($url,$headers,$payload,$httpMethod); //echo $url."
"; var_dump($response); echo "
"; return $response; } public function screenOrganization(){ //GET TOP LEVEL GROUPS $topLevelGroups = $this->getTopLevelGroups(); if($topLevelGroups->status==200){ $globalVariables = new wordCheckOneAPI(); $groups = json_decode($topLevelGroups->response); $groupId = $groups[0]->id; //GET CASE TEMPLATES $httpMethod = 'GET'; $url = $globalVariables->wcApiUrl.'/v2/groups/'.$groupId.'/caseTemplate'; $headers = $this->generateAuthHeaders($globalVariables->wcApiKey, $globalVariables->wcApiSecret,$httpMethod,$url); $templatesResp = $this->curlRequest($url,$headers,$payload,$httpMethod); $templatesResp = json_decode($templatesResp->response); //echo $url."
"; var_dump($templatesResp); echo "
"; exit; //SEQ CREATE - ORGANIZATION $httpMethod = 'POST'; $contentType = 'application/json'; $url = $globalVariables->wcApiUrl.'/v2/cases/screeningRequest'; $payload = array(); $payload['groupId'] = $groups[0]->id; $payload['entityType'] = "ORGANISATION"; //INDIVIDUAL //VESSEL //UNSPECIFIED $payload['providerTypes'] = array(); $payload['providerTypes'] = $templatesResp->mandatoryProviderTypes; $payload['caseScreeningState'] = array(); //Use default state from account settings $payload['caseScreeningState']['WATCHLIST'] = "INITIAL"; $payload['name'] = "Apple"; //$jsonData["account_name"]; $payload['secondaryFields'] = array(); foreach($templatesResp->secondaryFieldsByProvider->watchlist->secondaryFieldsByEntity->organisation as $orgFields){ $fieldValueType = array(); if($orgFields->fieldValueType=="COUNTRY"){ $fieldValueType["typeId"] = $orgFields->typeId; $fieldValueType["value"] = "Kenya"; } } $payload['customFields'] = array(); $payload = json_encode($payload); $headers = $this->generateAuthHeaders($globalVariables->wcApiKey, $globalVariables->wcApiSecret,$httpMethod,$url,$contentType,$payload); $sanctionResp = $this->curlRequest($url,$headers,$payload,"POST"); echo $url."
"; echo "
Headers:";var_dump($headers); echo "
Payload:";var_dump(json_decode($payload)); echo "
Payload:
".$payload; echo "

Response:";var_dump($sanctionResp); exit;
        }
         
        echo "

 - END OF REQUEST"; exit;
	}
	
	public function curlRequest($url, $headers, $payload = null, $requestType = null){
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
        curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); 
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
        curl_setopt($ch, CURLOPT_ENCODING,"");
        curl_setopt($ch, CURLOPT_MAXREDIRS,10);
        curl_setopt($ch, CURLOPT_TIMEOUT,10);
        curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
        if($requestType == "POST") curl_setopt($ch, CURLOPT_POST, $requestType);
        else if($requestType == "PUT") curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT");
        
        if($payload)  curl_setopt($ch, CURLOPT_POSTFIELDS, $payloadJson);

        $headerArray = array();
        foreach($headers as $h=>$header){
            $headerArray[] = $h.": ".$header;
        } curl_setopt($ch, CURLOPT_HTTPHEADER, $headerArray);

        $response = curl_exec($ch);
        $http_status = curl_getinfo($ch, CURLINFO_HTTP_CODE);

        if ($error_no = curl_errno($ch)) {
            if($response===false){
               $response = ""; 
            }
            
            $response = curl_error($ch);
        }
        curl_close($ch);
        
        $statusMsg = '';
        if($http_status==400){
            $statusMsg = 'Bad Request';
        }elseif($http_status==401){
            $statusMsg = 'The request has failed an authorisation check. This can happen for a variety of reasons, such as an invalid or expired API key, an invalid HMAC signature or a request timing issue/problem with the Date header value. The API client should ensure a correctly synchronised clock is used to generate request timestamps.';
        }else if($http_status==404){
            $statusMsg = 'Cannot return response';
        }else if($http_status==415){
            $statusMsg = 'For requests with payloads, an unsupported Content-Type was specified. The World-Check One API only supports a content type of application/json.';
        }else if($http_status==429){
            $statusMsg = 'The API client is making too many concurrent requests, and some are being throttled. Throttled requests can be retried (with an updated request Date and HTTP signature) after a short delay.';
        }else if($http_status==500){
            $statusMsg = 'Unexpected error';
        }
            
        $responseObj = new stdClass();
        $responseObj->status = $http_status;
        if($statusMsg) $responseObj->statusMsg = $statusMsg;
        $responseObj->response = $response;

        return $responseObj;
    }
}


$instance = new wordCheckOneAPI();
$instance->screenOrganization();