Merge pull request 'DDB-2156: [BACK]. [Подписание доверенности] — [КЭП]' (#7) from DDB-2156 into master

Reviewed-on: #7

.gitignore

@@ -1,2 +1,26 @@
 .DS_Store
-.vscode
+.vscode
+/.idea/
+/.phpunit.cache
+/node_modules
+/public/build
+/public/hot
+/public/storage
+/storage/*.key
+/vendor
+.env
+.env.backup
+.env.production
+.phpactor.json
+.phpunit.result.cache
+Homestead.json
+Homestead.yaml
+auth.json
+npm-debug.log
+yarn-error.log
+/.fleet
+/.idea
+/.vscode
+/.php-cs-fixer.php
+/.php-cs-fixer.cache
+.php_cs.cache

.idea/.gitignore

@@ -1,8 +0,0 @@
-# Default ignored files
-/shelf/
-/workspace.xml
-# Editor-based HTTP Client requests
-/httpRequests/
-# Datasource local storage ignored files
-/dataSources/
-/dataSources.local.xml

.idea/codeception.xml

@@ -1,18 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="Codeception">
-    <option name="configurations">
-      <list>
-        <Configuration>
-          <option name="path" value="$PROJECT_DIR$/tests" />
-        </Configuration>
-        <Configuration>
-          <option name="path" value="$PROJECT_DIR$/backend/tests" />
-        </Configuration>
-        <Configuration>
-          <option name="path" value="$PROJECT_DIR$/backend/tests" />
-        </Configuration>
-      </list>
-    </option>
-  </component>
-</project>

.idea/git_toolbox_blame.xml

@@ -1,6 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="GitToolBoxBlameSettings">
-    <option name="version" value="2" />
-  </component>
-</project>

.idea/modules.xml

@@ -1,8 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="ProjectModuleManager">
-    <modules>
-      <module fileurl="file://$PROJECT_DIR$/.idea/signer.iml" filepath="$PROJECT_DIR$/.idea/signer.iml" />
-    </modules>
-  </component>
-</project>

.idea/php.xml

@@ -1,113 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="MessDetectorOptionsConfiguration">
-    <option name="transferred" value="true" />
-  </component>
-  <component name="PHPCSFixerOptionsConfiguration">
-    <option name="transferred" value="true" />
-  </component>
-  <component name="PHPCodeSnifferOptionsConfiguration">
-    <option name="highlightLevel" value="WARNING" />
-    <option name="transferred" value="true" />
-  </component>
-  <component name="PhpIncludePathManager">
-    <include_path>
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/service-contracts" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/dotenv" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/security-http" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/string" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/polyfill-intl-grapheme" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/twig-bridge" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/var-dumper" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/event-dispatcher-contracts" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/stopwatch" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/console" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/finder" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/polyfill-mbstring" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/ux-chartjs" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/var-exporter" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/http-kernel" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/framework-bundle" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/event-dispatcher" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/polyfill-php81" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/security-core" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/security-bundle" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/polyfill-php80" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/polyfill-intl-normalizer" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/polyfill-uuid" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/cache" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/process" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/twig-bundle" />
-      <path value="$PROJECT_DIR$/backend/vendor/doctrine/common" />
-      <path value="$PROJECT_DIR$/backend/vendor/doctrine/doctrine-migrations-bundle" />
-      <path value="$PROJECT_DIR$/backend/vendor/doctrine/inflector" />
-      <path value="$PROJECT_DIR$/backend/vendor/doctrine/annotations" />
-      <path value="$PROJECT_DIR$/backend/vendor/doctrine/event-manager" />
-      <path value="$PROJECT_DIR$/backend/vendor/doctrine/doctrine-bundle" />
-      <path value="$PROJECT_DIR$/backend/vendor/doctrine/sql-formatter" />
-      <path value="$PROJECT_DIR$/backend/vendor/doctrine/instantiator" />
-      <path value="$PROJECT_DIR$/backend/vendor/doctrine/orm" />
-      <path value="$PROJECT_DIR$/backend/vendor/doctrine/lexer" />
-      <path value="$PROJECT_DIR$/backend/vendor/doctrine/cache" />
-      <path value="$PROJECT_DIR$/backend/vendor/easycorp/easyadmin-bundle" />
-      <path value="$PROJECT_DIR$/backend/vendor/doctrine/persistence" />
-      <path value="$PROJECT_DIR$/backend/vendor/doctrine/dbal" />
-      <path value="$PROJECT_DIR$/backend/vendor/doctrine/deprecations" />
-      <path value="$PROJECT_DIR$/backend/vendor/doctrine/collections" />
-      <path value="$PROJECT_DIR$/backend/vendor/doctrine/migrations" />
-      <path value="$PROJECT_DIR$/backend/vendor/composer" />
-      <path value="$PROJECT_DIR$/backend/vendor/psr/cache" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/validator" />
-      <path value="$PROJECT_DIR$/backend/vendor/nikic/php-parser" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/stimulus-bundle" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/doctrine-bridge" />
-      <path value="$PROJECT_DIR$/backend/vendor/psr/log" />
-      <path value="$PROJECT_DIR$/backend/vendor/psr/event-dispatcher" />
-      <path value="$PROJECT_DIR$/backend/vendor/twig/twig" />
-      <path value="$PROJECT_DIR$/backend/vendor/psr/container" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/translation-contracts" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/filesystem" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/translation" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/asset" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/polyfill-intl-icu" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/property-access" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/yaml" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/password-hasher" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/dependency-injection" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/form" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/options-resolver" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/config" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/deprecation-contracts" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/intl" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/http-foundation" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/error-handler" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/maker-bundle" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/routing" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/property-info" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/security-csrf" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/runtime" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/uid" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/flex" />
-      <path value="$PROJECT_DIR$/backend/vendor/symfony/cache-contracts" />
-      <path value="$PROJECT_DIR$/backend/vendor/psr/http-message" />
-      <path value="$PROJECT_DIR$/backend/vendor/psr/http-factory" />
-      <path value="$PROJECT_DIR$/backend/vendor/guzzlehttp/psr7" />
-      <path value="$PROJECT_DIR$/backend/vendor/guzzlehttp/guzzle" />
-      <path value="$PROJECT_DIR$/backend/vendor/guzzlehttp/promises" />
-      <path value="$PROJECT_DIR$/backend/vendor/psr/http-client" />
-      <path value="$PROJECT_DIR$/backend/vendor/ralouphie/getallheaders" />
-    </include_path>
-  </component>
-  <component name="PhpProjectSharedConfiguration" php_language_level="8.3" />
-  <component name="PhpStanOptionsConfiguration">
-    <option name="transferred" value="true" />
-  </component>
-  <component name="PhpUnit">
-    <phpunit_settings>
-      <PhpUnitSettings custom_loader_path="$PROJECT_DIR$/backend/vendor/autoload.php" />
-    </phpunit_settings>
-  </component>
-  <component name="PsalmOptionsConfiguration">
-    <option name="transferred" value="true" />
-  </component>
-</project>

.idea/phpspec.xml

@@ -1,16 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="PHPSpec">
-    <suites>
-      <PhpSpecSuiteConfiguration>
-        <option name="myPath" value="$PROJECT_DIR$" />
-      </PhpSpecSuiteConfiguration>
-      <PhpSpecSuiteConfiguration>
-        <option name="myPath" value="$PROJECT_DIR$/backend" />
-      </PhpSpecSuiteConfiguration>
-      <PhpSpecSuiteConfiguration>
-        <option name="myPath" value="$PROJECT_DIR$/backend" />
-      </PhpSpecSuiteConfiguration>
-    </suites>
-  </component>
-</project>

.idea/phpunit.xml

@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="PHPUnit">
-    <option name="directories">
-      <list>
-        <option value="$PROJECT_DIR$/backend/tests" />
-      </list>
-    </option>
-  </component>
-</project>

.idea/signer.iml

@@ -1,97 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<module type="WEB_MODULE" version="4">
-  <component name="NewModuleRootManager">
-    <content url="file://$MODULE_DIR$">
-      <sourceFolder url="file://$MODULE_DIR$/backend/src" isTestSource="false" packagePrefix="App\" />
-      <sourceFolder url="file://$MODULE_DIR$/backend/tests" isTestSource="true" packagePrefix="App\Tests\" />
-      <sourceFolder url="file://$MODULE_DIR$/spec" isTestSource="true" />
-      <sourceFolder url="file://$MODULE_DIR$/tests" isTestSource="true" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/composer" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/doctrine/annotations" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/doctrine/cache" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/doctrine/collections" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/doctrine/common" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/doctrine/dbal" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/doctrine/deprecations" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/doctrine/doctrine-bundle" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/doctrine/doctrine-migrations-bundle" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/doctrine/event-manager" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/doctrine/inflector" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/doctrine/instantiator" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/doctrine/lexer" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/doctrine/migrations" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/doctrine/orm" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/doctrine/persistence" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/doctrine/sql-formatter" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/easycorp/easyadmin-bundle" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/nikic/php-parser" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/psr/cache" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/psr/container" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/psr/event-dispatcher" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/psr/log" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/asset" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/cache" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/cache-contracts" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/config" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/console" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/dependency-injection" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/deprecation-contracts" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/doctrine-bridge" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/dotenv" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/error-handler" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/event-dispatcher" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/event-dispatcher-contracts" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/filesystem" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/finder" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/flex" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/form" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/framework-bundle" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/http-foundation" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/http-kernel" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/intl" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/maker-bundle" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/options-resolver" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/password-hasher" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/polyfill-intl-grapheme" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/polyfill-intl-icu" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/polyfill-intl-normalizer" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/polyfill-mbstring" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/polyfill-php80" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/polyfill-php81" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/polyfill-uuid" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/process" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/property-access" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/property-info" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/routing" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/runtime" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/security-bundle" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/security-core" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/security-csrf" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/security-http" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/service-contracts" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/stimulus-bundle" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/stopwatch" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/string" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/translation" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/translation-contracts" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/twig-bridge" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/twig-bundle" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/uid" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/ux-chartjs" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/validator" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/var-dumper" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/var-exporter" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/symfony/yaml" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/twig/twig" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/guzzlehttp/guzzle" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/guzzlehttp/promises" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/guzzlehttp/psr7" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/psr/http-client" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/psr/http-factory" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/psr/http-message" />
-      <excludeFolder url="file://$MODULE_DIR$/backend/vendor/ralouphie/getallheaders" />
-    </content>
-    <orderEntry type="inheritedJdk" />
-    <orderEntry type="sourceFolder" forTests="false" />
-  </component>
-</module>

.idea/vcs.xml

@@ -1,6 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="VcsDirectoryMappings">
-    <mapping directory="" vcs="Git" />
-  </component>
-</project>

Dockerfile

@@ -4,12 +4,12 @@ ARG DEBIAN_FRONTEND=noninteractive
 RUN apt update && apt install -y wget libgtk-3-0 libpcsclite-dev pcscd curl software-properties-common git zip bash
 RUN add-apt-repository ppa:ondrej/php
 RUN apt update && apt install -y \
-    php-fpm  \
-    php-curl \
-    php \
-    php-common \
-    php-cli \
-    php-xml \
+    php8.3-fpm  \
+    php8.3-curl \
+    php8.3 \
+    php8.3-common \
+    php8.3-cli \
+    php8.3-xml \
     gnupg \
     g++ \
     procps \
@@ -24,7 +24,8 @@ RUN apt update && apt install -y \
     libonig-dev \
     libxslt1-dev \
     acl \
-    && echo 'alias sf="php bin/console"' >> ~/.bashrc \
+    nginx \
+    && echo 'alias sf="php bin/console"' >> ~/.bashrc
 
 RUN wget -q -O /etc/apt/trusted.gpg.d/lab50.gpg http://packages.lab50.net/lab50.gpg
 RUN echo 'deb http://packages.lab50.net/okular jammy main non-free' > /etc/apt/sources.list.d/okulargost.list
@@ -54,7 +55,7 @@ RUN apt update && apt install -y okular-csp-utils
 
 RUN mkdir -p /root/.config
 COPY license.key /license.key
-RUN pdfcpro install-license /license.key 
+# RUN echo Y | pdfcpro install-license /license.key
 COPY Inter-Bold.ttf /usr/local/share/fonts/Inter-Bold.ttf
 
 RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
@@ -63,13 +64,19 @@ WORKDIR /usr/src/signer/
 COPY ./backend /usr/src/signer
 
 COPY ./docker/php/www.conf /etc/php/8.3/fpm/pool.d/www.conf
+COPY ./docker/nginx/default.conf /etc/nginx/sites-enabled/default
+COPY ./docker/nginx/nginx.conf /etc/nginx/nginx.conf
+RUN mkdir -p /run/php
+# RUN curl curl https://frankenphp.dev/install.sh | sh
+# RUN mv /usr/src/signer/frankenphp /usr/local/bin/
 
 ENV COMPOSER_ALLOW_SUPERUSER=1
 RUN composer install
-RUN service php8.3-fpm start
+# RUN service php8.3-fpm start
+
+COPY entrypoint.sh /entrypoint.sh
+
+ENTRYPOINT [ "/entrypoint.sh" ]
+# CMD ["php-fpm8.3", "-F", "nginx", "-g 'daemon off'"]
 
-#COPY entrypoint.sh /entrypoint.sh
-#
-#ENTRYPOINT [ "/entrypoint.sh" ]
-CMD ["php-fpm8.3", "-F"]
 EXPOSE 9000

Dockerfile_local

@@ -0,0 +1,79 @@
+FROM ubuntu:22.04
+
+ARG DEBIAN_FRONTEND=noninteractive
+RUN apt update && apt install -y wget libgtk-3-0 libpcsclite-dev pcscd curl software-properties-common git zip bash
+RUN add-apt-repository ppa:ondrej/php
+RUN apt update && apt install -y \
+    php8.3-fpm  \
+    php8.3-curl \
+    php8.3 \
+    php8.3-common \
+    php8.3-cli \
+    php8.3-xml \
+    gnupg \
+    g++ \
+    procps \
+    git \
+    unzip \
+    zlib1g-dev \
+    libzip-dev \
+    libfreetype6-dev \
+    libpng-dev \
+    libjpeg-dev \
+    libicu-dev  \
+    libonig-dev \
+    libxslt1-dev \
+    acl \
+    && echo 'alias sf="php bin/console"' >> ~/.bashrc
+
+RUN wget -q -O /etc/apt/trusted.gpg.d/lab50.gpg http://packages.lab50.net/lab50.gpg
+RUN echo 'deb http://packages.lab50.net/okular jammy main non-free' > /etc/apt/sources.list.d/okulargost.list
+COPY 3party/cprocsp/linux-amd64_deb.tgz /tmp/src/
+RUN cd /tmp/src && \
+    tar -xf linux-amd64_deb.tgz && \
+    linux-amd64_deb/install.sh && \
+    dpkg -i linux-amd64_deb/cprocsp-pki-cades-64*.deb && \
+    dpkg -i linux-amd64_deb/cprocsp-rdr-* && \
+    # делаем симлинки 
+    cd /bin && \
+    ln -s /opt/cprocsp/bin/amd64/certmgr && \
+    ln -s /opt/cprocsp/bin/amd64/cpverify && \
+    ln -s /opt/cprocsp/bin/amd64/cryptcp && \
+    ln -s /opt/cprocsp/bin/amd64/csptest && \
+    ln -s /opt/cprocsp/bin/amd64/csptestf && \
+    ln -s /opt/cprocsp/bin/amd64/der2xer && \
+    ln -s /opt/cprocsp/bin/amd64/inittst && \
+    ln -s /opt/cprocsp/bin/amd64/wipefile && \
+    ln -s /opt/cprocsp/sbin/amd64/cpconfig && \
+    #прибираемся
+    rm -rf /tmp/src
+
+COPY 3party/okular/install.sh /tmp/
+RUN bash /tmp/install.sh && rm -fv /tmp/install.sh
+RUN apt update && apt install -y okular-csp-utils
+
+RUN mkdir -p /root/.config
+COPY license.key /license.key
+RUN echo Y | pdfcpro install-license /license.key
+COPY Inter-Bold.ttf /usr/local/share/fonts/Inter-Bold.ttf
+
+RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
+
+WORKDIR /usr/src/signer/
+COPY ./backend /usr/src/signer
+
+COPY ./docker/php/www.conf /etc/php/8.3/fpm/pool.d/www.conf
+
+# RUN curl curl https://frankenphp.dev/install.sh | sh
+# RUN mv /usr/src/signer/frankenphp /usr/local/bin/
+
+ENV COMPOSER_ALLOW_SUPERUSER=1
+RUN composer install
+RUN service php8.3-fpm start
+
+COPY entrypoint.sh /entrypoint.sh
+
+ENTRYPOINT [ "/entrypoint.sh" ]
+CMD ["php-fpm8.3", "-F"]
+
+EXPOSE 9000

backend/.env

@@ -1,23 +1,5 @@
-# In all environments, the following files are loaded if they exist,
-# the latter taking precedence over the former:
-#
-#  * .env                contains default values for the environment variables needed by the app
-#  * .env.local          uncommitted file with local overrides
-#  * .env.$APP_ENV       committed environment-specific defaults
-#  * .env.$APP_ENV.local uncommitted environment-specific overrides
-#
-# Real environment variables win over .env files.
-#
-# DO NOT DEFINE PRODUCTION SECRETS IN THIS FILE NOR IN ANY OTHER COMMITTED FILES.
-# https://symfony.com/doc/current/configuration/secrets.html
-#
-# Run "composer dump-env prod" to compile .env files for production use (requires symfony/flex >=1.2).
-# https://symfony.com/doc/current/best_practices.html#use-environment-variables-for-infrastructure-configuration
-
-###> symfony/framework-bundle ###
 APP_ENV=dev
 APP_SECRET=850da55654c68f779822ea80d2b66a94
-###< symfony/framework-bundle ###
 
 ###> doctrine/doctrine-bundle ###
 # Format described at https://www.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#connecting-using-a-url
@@ -28,3 +10,6 @@ APP_SECRET=850da55654c68f779822ea80d2b66a94
 # DATABASE_URL="mysql://app:!ChangeMe!@127.0.0.1:3306/app?serverVersion=10.11.2-MariaDB&charset=utf8mb4"
 DATABASE_URL="postgresql://app:!ChangeMe!@127.0.0.1:5432/app?serverVersion=16&charset=utf8"
 ###< doctrine/doctrine-bundle ###
+DOT_DOT_URL='http://dot-dot.local'
+
+API_TOKEN='secret'

backend/composer.json

@@ -17,6 +17,7 @@
     "symfony/flex": "^2",
     "symfony/framework-bundle": "6.2.*",
     "symfony/runtime": "6.2.*",
+    "symfony/serializer": "6.2.*",
     "symfony/ux-chartjs": "*",
     "symfony/yaml": "6.2.*"
   },

backend/config/bundles.php

@@ -10,4 +10,5 @@ return [
     Symfony\Bundle\MakerBundle\MakerBundle::class => ['dev' => true],
     Symfony\UX\StimulusBundle\StimulusBundle::class => ['all' => true],
     Symfony\UX\Chartjs\ChartjsBundle::class => ['all' => true],
+    Symfony\UX\TwigComponent\TwigComponentBundle::class => ['all' => true],
 ];

backend/config/packages/twig_component.yaml

@@ -0,0 +1,5 @@
+twig_component:
+    anonymous_template_directory: 'components/'
+    defaults:
+        # Namespace & directory for components
+        App\Twig\Components\: 'components/'

backend/config/routes.yaml

@@ -1,5 +1,5 @@
-controllers:
+controllers_sign_document:
     resource:
-        path: ../src/Controller/
-        namespace: App\Controller
-    type: attribute
+        path: ../src/SignDocument/Controller/
+        namespace: App\SignDocument\Controller
+    type: attribute

backend/config/services.yaml

@@ -14,11 +14,20 @@ services:
     # makes classes in src/ available to be used as services
     # this creates a service per class whose id is the fully-qualified class name
     App\:
-        resource: '../src/'
+        resource: '../src/*'
         exclude:
-            - '../src/DependencyInjection/'
-            - '../src/Entity/'
             - '../src/Kernel.php'
+            - '../src/*/Api/{Request,Response}'
+            - '../src/*/{Exception,Entity,Dto,Enum,Helper,Model}'
 
     # add more service definitions when explicit configuration is needed
     # please note that last definitions always *replace* previous ones
+
+    guzzle.http_client:
+        class: GuzzleHttp\Client
+
+    GuzzleHttp\Client: '@guzzle.http_client'
+
+    App\SignDocument\Api\ApiParams:
+        arguments:
+            $endPointUrl: '%env(DOT_DOT_URL)%'

backend/src/Controller/SignController.php

@@ -1,18 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-namespace App\Controller;
-
-use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
-use Symfony\Component\Routing\Annotation\Route;
-use Symfony\Component\HttpFoundation\Response;
-
-class SignController extends AbstractController
-{
-    #[Route(path: '/test', name: 'app.test')]
-    public function __invoke(): Response
-    {
-        return new Response('test123');
-    }
-}

backend/src/Infrastructure/Api/Response/AbstractResponse.php

@@ -0,0 +1,9 @@
+<?php
+
+namespace App\Infrastructure\Api\Response;
+
+// Абстрактный респонс - от него наследуются нужные респонсы для стандартизации ответа в ApiHelperTrait -> createNewJsonResponse
+
+abstract class AbstractResponse
+{
+}

backend/src/Infrastructure/External/Api/AbstractApi.php

@@ -0,0 +1,23 @@
+<?php
+
+namespace App\Infrastructure\External\Api;
+
+
+use GuzzleHttp\Client;
+
+/**
+ * Class ApiAbstract Абстрактный API класс
+ *
+ * Универсальный клас для создания API интерфейсов
+ */
+abstract class AbstractApi
+{
+    protected Client $client;
+    protected ResponseHandler $responseHandler;
+
+    public function __construct(Client $client, ResponseHandler $responseHandler)
+    {
+        $this->client = $client;
+        $this->responseHandler = $responseHandler;
+    }
+}

backend/src/Infrastructure/External/Api/ApiSleep.php

@@ -0,0 +1,13 @@
+<?php
+
+namespace App\Infrastructure\External\Api;
+
+trait ApiSleep
+{
+    protected function sleep(int $time = 5): void
+    {
+        if ($time > 0) {
+            sleep($time);
+        }
+    }
+}

backend/src/Infrastructure/External/Api/BinaryStringFileResult.php

@@ -0,0 +1,38 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Infrastructure\External\Api;
+
+use RuntimeException;
+
+/**
+ * Враппер бинарных фалов, при создании класса содает новый временный файл,
+ * при необходимости сохраняет файл под новым именем
+ */
+class BinaryStringFileResult
+{
+    public string $tempFileName;
+
+    public function __construct(
+        string $content,
+    ) {
+        $this->saveToTempFile($content);
+    }
+
+    private function saveToTempFile(string $content): void
+    {
+        $this->tempFileName = sprintf('%s/%s_%s', sys_get_temp_dir(), 'Document', time());
+        file_put_contents($this->tempFileName, $content);
+    }
+
+    public function remove(): bool
+    {
+        if (file_exists($this->tempFileName)) {
+            unlink($this->tempFileName);
+            return true;
+        }
+
+        throw new RuntimeException('Temp file not found');
+    }
+}

backend/src/Infrastructure/External/Api/ResponseHandler.php

@@ -0,0 +1,110 @@
+<?php
+
+namespace App\Infrastructure\External\Api;
+
+use Psr\Http\Message\ResponseInterface;
+use stdClass;
+
+/**
+ * Class ResponseHandler Обработчик ответа API.
+ *
+ * После того как получили ответ api, оборачиваем его обработчик из которого мы можем получить ответ в любом формате,
+ * а так же применит дополнительную фильтрацию или корректировку ответа
+ */
+class ResponseHandler
+{
+    protected ResponseInterface $response;
+    private array $contentFilters = [];
+
+    public function contentIsEmpty(): bool
+    {
+        return empty($this->response->getBody()->getSize());
+    }
+
+    /**
+     * Возвращает ответ в текстовом виде, применит фильтры при их наличие.
+     *
+     * @return string
+     */
+    public function getContent(): string
+    {
+        $content = (string)$this->response->getBody();
+
+        return $this->filterContent($content);
+    }
+
+    /**
+     * Добавляет фильтр контента иногда необходимо поправить ответ, что бы в итоге возвращался нужный тип данных.
+     * Бывает иногда сервер, возвращает массив данных и при преобразовании json_decode возвращается
+     * массив вместо stdClass.
+     */
+    public function addContentFilter(callable $filter): self
+    {
+        $this->contentFilters[] = $filter;
+
+        return $this;
+    }
+
+    /**
+     * Преобразует json в объект
+     *
+     * @return stdClass
+     */
+    public function getContentStdFromJson(): stdClass
+    {
+        return json_decode($this->getContent());
+    }
+
+    public function getContentAsBinaryStingResult(): BinaryStringFileResult
+    {
+        return new BinaryStringFileResult($this->getContent());
+    }
+
+    /**
+     * @return stdClass[]
+     */
+    public function getContentArrayStdFromJson(): array
+    {
+        return json_decode($this->getContent());
+    }
+
+    /**
+     * Преобразует json в массив.
+     */
+    public function getContentJsonToArray(): array
+    {
+        return $this->contentIsEmpty() ? [] : json_decode($this->getContent(), true);
+    }
+
+    /**
+     * Устанавливает ответ в обработчик.
+     */
+    public function setResponse(ResponseInterface $response): self
+    {
+        $this->response = $response;
+
+        return $this;
+    }
+
+    /**
+     * Фильтруем ответ
+     *
+     * @param string $content
+     *
+     * @return string
+     */
+    private function filterContent(string $content): string
+    {
+        if (!$this->contentFilters) {
+            return $content;
+        }
+
+        foreach ($this->contentFilters as $filter) {
+            $content = $filter($content);
+        }
+
+        $this->contentFilters = [];
+
+        return $content;
+    }
+}

backend/src/Infrastructure/Http/RequestDtoInterface.php

@@ -0,0 +1,7 @@
+<?php
+
+namespace App\Infrastructure\Http;
+
+interface RequestDtoInterface
+{
+}

backend/src/Infrastructure/Http/RequestDtoResolver.php

@@ -0,0 +1,63 @@
+<?php
+
+namespace App\Infrastructure\Http;
+
+use Exception;
+use ReflectionClass;
+use RuntimeException;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpKernel\Controller\ValueResolverInterface;
+use Symfony\Component\HttpKernel\ControllerMetadata\ArgumentMetadata;
+use Symfony\Component\Serializer\SerializerInterface;
+use Symfony\Component\Validator\Validator\ValidatorInterface;
+
+class RequestDtoResolver implements ValueResolverInterface
+{
+    public function __construct(
+        private readonly SerializerInterface $serializer,
+        private readonly ValidatorInterface $validator
+    ) {
+    }
+
+    public function supports(Request $request, ArgumentMetadata $argument): bool
+    {
+        $type = $argument->getType();
+
+        if (empty($type) || !class_exists($type)) {
+            return false;
+        }
+
+        try {
+            $reflection = new ReflectionClass($type);
+        } catch (Exception $e) {
+            return false;
+        }
+
+        return $reflection->implementsInterface(RequestDtoInterface::class);
+    }
+
+    public function resolve(Request $request, ArgumentMetadata $argument): iterable
+    {
+        if (($class = $argument->getType()) === null || !class_exists($class)) {
+            throw new RuntimeException('dto exception');
+        }
+
+        $object = $this->serializer->deserialize($request->getContent(), $class, 'json');
+
+        if (is_object($object)) {
+            $this->validateObject($object);
+        }
+
+        yield $object;
+    }
+
+    private function validateObject(object $object): void
+    {
+        $errors = $this->validator->validate($object);
+
+        if (count($errors) > 0) {
+            /* todo получать из вне сообщение для ошибки */
+            throw new RuntimeException($errors, 'Ошибка валидации');
+        }
+    }
+}

backend/src/Infrastructure/Traits/ApiHelperTrait.php

@@ -0,0 +1,51 @@
+<?php
+
+namespace App\Infrastructure\Traits;
+
+use App\Infrastructure\Api\Response\AbstractResponse;
+use ReflectionClass;
+use Symfony\Component\HttpFoundation\JsonResponse;
+
+trait ApiHelperTrait
+{
+    public function createJsonResponse(array $body, string $message = 'OK', int $code = 200): JsonResponse
+    {
+        return new JsonResponse([
+            'message' => $message,
+            'body' => $body,
+        ], $code);
+    }
+
+    public function createPaginateJsonResponse(array $items, int $limit, int $totalCount): JsonResponse
+    {
+        return $this->createJsonResponse(
+            [
+                'items' => $items,
+                'pages' => ceil($totalCount / $limit),
+                'totalCount' => $totalCount,
+            ]
+        );
+    }
+
+    public function createJsonResponseFromObject(AbstractResponse $body, string $message = 'OK', int $code = 200): JsonResponse
+    {
+        return new JsonResponse([
+            'message' => $message,
+            'body' => $this->toArray($body),
+        ], $code);
+    }
+
+    private function toArray(AbstractResponse $body): array
+    {
+        $reflect = new ReflectionClass($body);
+        $props = $reflect->getProperties();
+        $array = [];
+        foreach ($props as $prop) {
+            $prop->setAccessible(true);
+            $array[$prop->getName()] = $prop->getValue($body);
+            $prop->setAccessible(false);
+        }
+
+        return $array;
+    }
+}

backend/src/SignDocument/Api/Api.php

@@ -0,0 +1,57 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\SignDocument\Api;
+
+use App\Infrastructure\External\Api\AbstractApi;
+use App\Infrastructure\External\Api\BinaryStringFileResult;
+use GuzzleHttp\Exception\BadResponseException;
+use GuzzleHttp\Exception\GuzzleException;
+use GuzzleHttp\RequestOptions;
+
+class Api extends AbstractApi
+{
+    public ApiParams $apiParams;
+
+    public function send(string $token, string $path, int $order): array
+    {
+        $params = [
+            RequestOptions::HEADERS => [
+                'Authorization' => $token,
+                'Accept' => 'application/json',
+            ],
+            RequestOptions::MULTIPART => [
+                [
+                    'name' => 'file',
+                    'contents' => file_get_contents($path),
+                    'filename' => $path,
+                    'headers' => [
+                        'Content-Type' => '<Content-type header>',
+                    ],
+                ],
+                [
+                    'name' => 'type',
+                    'contents' => 'attorney-signed'
+                ],
+            ],
+        ];
+
+        $response = $this->client->post(sprintf('%s%s%s', $this->apiParams->endPointUrl, '/api/v1/documents/upload/carrier/order/', $order), $params);
+
+        return $this->responseHandler->setResponse($response)->getContentJsonToArray();
+    }
+
+    public function download(string $url, string $token): BinaryStringFileResult
+    {
+        $params = [
+            RequestOptions::HEADERS => [
+                'Authorization' => $token,
+            ],
+        ];
+
+        $response = $this->client->get($url, $params);
+
+        return $this->responseHandler->setResponse($response)->getContentAsBinaryStingResult();
+    }
+}

backend/src/SignDocument/Api/ApiParams.php

@@ -0,0 +1,13 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\SignDocument\Api;
+
+class ApiParams
+{
+    public function __construct(
+        public string $endPointUrl
+    ) {
+    }
+}

backend/src/SignDocument/Api/Request/DigitalSignatureRequest.php

@@ -0,0 +1,13 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\SignDocument\Api\Request;
+
+use App\Infrastructure\Http\RequestDtoInterface;
+
+class DigitalSignatureRequest implements RequestDtoInterface
+{
+    public string $url;
+    public string $apiToken;
+}

backend/src/SignDocument/Api/Request/SignRequest.php

@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\SignDocument\Api\Request;
+
+use App\Infrastructure\Http\RequestDtoInterface;
+
+class SignRequest implements RequestDtoInterface
+{
+    public string $url;
+    public int $order;
+    public string $apiToken;
+}

backend/src/SignDocument/Api/Response/DigitalSignatureResponse.php

@@ -0,0 +1,18 @@
+<?php
+
+declare(strict_types=1);
+
+
+namespace App\SignDocument\Api\Response;
+
+use App\Infrastructure\Api\Response\AbstractResponse;
+
+class DigitalSignatureResponse extends AbstractResponse
+{
+    public function __construct(
+        public string $hash,
+        public string $content,
+    )
+    {
+    }
+}

backend/src/SignDocument/Controller/DigitalSignatureController.php

@@ -0,0 +1,32 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\SignDocument\Controller;
+
+use App\Infrastructure\Traits\ApiHelperTrait;
+use App\SignDocument\Api\Request\DigitalSignatureRequest;
+use App\SignDocument\Services\DigitalSignatureService;
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Annotation\Route;
+
+class DigitalSignatureController extends AbstractController
+{
+    use ApiHelperTrait;
+    public function __construct(
+        private readonly DigitalSignatureService $digitalSignatureService
+    ){
+    }
+
+    #[Route(path: '/digital/sign', name: 'app.digital.sign',  methods: ['POST'])]
+    public function __invoke(Request $request, DigitalSignatureRequest $digitalSignatureRequest): Response
+    {
+        $token = $request->server->get('HTTP_AUTHORIZATION');
+
+        return $this->createJsonResponseFromObject(
+            $this->digitalSignatureService->getSignature($digitalSignatureRequest, $token)
+        );
+    }
+}

backend/src/SignDocument/Controller/SignController.php

@@ -0,0 +1,29 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\SignDocument\Controller;
+
+use App\SignDocument\Api\Request\SignRequest;
+use App\SignDocument\Services\SignService;
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\JsonResponse;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Annotation\Route;
+
+class SignController extends AbstractController
+{
+    public function __construct(
+        private readonly SignService $signService
+    ){
+    }
+
+    #[Route(path: '/sign', name: 'app.sign',  methods: ['POST'])]
+    public function __invoke(Request $request, SignRequest $signRequest): Response
+    {
+        $token = $request->server->get('HTTP_AUTHORIZATION');
+
+        return new JsonResponse($this->signService->signDocument($signRequest, $token));
+    }
+}

backend/src/SignDocument/Services/DevSignService.php

@@ -0,0 +1,13 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\SignDocument\Services;
+
+class DevSignService
+{
+    public function sign(string $documentUrl): void
+    {
+        exec(sprintf('cp %s %s_sign.pdf', $documentUrl, $documentUrl));
+    }
+}

backend/src/SignDocument/Services/DigitalSignatureService.php

@@ -0,0 +1,55 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\SignDocument\Services;
+
+use App\Infrastructure\External\Api\BinaryStringFileResult;
+use App\SignDocument\Api\Api;
+use App\SignDocument\Api\ApiParams;
+use App\SignDocument\Api\Request\DigitalSignatureRequest;
+use App\SignDocument\Api\Response\DigitalSignatureResponse;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
+use Exception;
+use RuntimeException;
+
+class DigitalSignatureService
+{
+    private BinaryStringFileResult $document;
+
+    public function __construct(
+        private readonly Api                           $api,
+        private readonly ApiParams                     $apiParams,
+    ){
+    }
+
+    public function __destruct()
+    {
+        $this->document->remove();
+    }
+
+    public function getSignature(DigitalSignatureRequest $request, string $token): DigitalSignatureResponse
+    {
+        if ($_ENV['API_TOKEN'] !== $request->apiToken) {
+            throw new AccessDeniedHttpException('Доступ запрещен');
+        }
+
+        $this->api->apiParams = $this->apiParams;
+
+        try {
+            $this->document = $this->api->download($request->url, $token);
+
+            exec(sprintf('cp %s %s.pdf', $this->document->tempFileName, $this->document->tempFileName));
+            exec(sprintf('cryptcp -sign -detached -der %s.pdf', $this->document->tempFileName));
+
+            $response = base64_encode(file_get_contents($this->document->tempFileName . '.pdf.sgn'));
+
+            return new DigitalSignatureResponse(
+                hash: $response,
+                content: base64_encode(file_get_contents(sprintf('%s.pdf', $this->document->tempFileName)))
+            );
+        } catch (Exception $e) {
+            throw new RuntimeException($e->getMessage());
+        }
+    }
+}

backend/src/SignDocument/Services/ProdSignService.php

@@ -0,0 +1,16 @@
+<?php
+
+declare(strict_types=1);
+
+
+namespace App\SignDocument\Services;
+
+
+class ProdSignService
+{
+    public function sign(string $documentUrl): void
+    {
+        exec(sprintf('cp %s %s.pdf', $documentUrl, $documentUrl));
+        exec(sprintf('pdfcpro sign %s.pdf -out %s_sign.pdf -cert cbfc28b024316bfe43066008cae177713533a6dd -text "\n\t\tПодписано ЭП\n\t\t{subject/cn}\n\t\tСертификат {sha1}\n\t\tДействителен от {since} до {until}\n\t\tДата {date}\n\t\t{subject/t}\n\t\t{subject/fullname}\n\t\t" -fontfile /usr/local/share/fonts/Inter-Bold.ttf -fontsize 8 -x 2 -y 2 -w 96 -h 9', $documentUrl, $documentUrl));
+    }
+}

backend/src/SignDocument/Services/RemoveExistingDocumentService.php

@@ -0,0 +1,18 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\SignDocument\Services;
+
+use App\Infrastructure\External\Api\BinaryStringFileResult;
+
+class RemoveExistingDocumentService
+{
+
+    public function removeExistingDocument(BinaryStringFileResult $document): void
+    {
+        if (file_exists($document->tempFileName)) {
+            unlink($document->tempFileName);
+        }
+    }
+}

backend/src/SignDocument/Services/SignService.php

@@ -0,0 +1,54 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\SignDocument\Services;
+
+use App\SignDocument\Api\Api;
+use App\SignDocument\Api\ApiParams;
+use App\SignDocument\Api\Request\SignRequest;
+use Exception;
+use RuntimeException;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
+
+class SignService
+{
+    public function __construct(
+        private readonly Api                           $api,
+        private readonly ApiParams                     $apiParams,
+        private readonly DevSignService                $devSignService,
+        private readonly ProdSignService               $prodSignService,
+        private readonly RemoveExistingDocumentService $removeExistingDocumentService,
+    ){
+    }
+    public function signDocument(SignRequest $request,string $token): array
+    {
+        if ($_ENV['API_TOKEN'] !== $request->apiToken) {
+            throw new AccessDeniedHttpException('Доступ запрещен');
+        }
+
+        $this->api->apiParams = $this->apiParams;
+
+        try {
+            $document = $this->api->download($request->url, $token);
+
+            $this->sign($document->tempFileName);
+
+            $response = $this->api->send($token, $document->tempFileName . '_sign.pdf', $request->order);
+
+            $this->removeExistingDocumentService->removeExistingDocument($document);
+
+            return $response;
+        } catch (Exception $e) {
+            throw new RuntimeException($e->getMessage());
+        }
+    }
+
+    private function sign (string $documentUrl): void
+    {
+        match ($_ENV['APP_ENV']) {
+            'dev' => $this->devSignService->sign($documentUrl),
+            'prod' => $this->prodSignService->sign($documentUrl),
+        };
+    }
+}

backend/symfony.lock

@@ -176,6 +176,18 @@
     "symfony/ux-chartjs": {
         "version": "v2.19.3"
     },
+    "symfony/ux-twig-component": {
+        "version": "2.22",
+        "recipe": {
+            "repo": "github.com/symfony/recipes",
+            "branch": "main",
+            "version": "2.13",
+            "ref": "67814b5f9794798b885cec9d3f48631424449a01"
+        },
+        "files": [
+            "config/packages/twig_component.yaml"
+        ]
+    },
     "symfony/validator": {
         "version": "6.2",
         "recipe": {

docker/nginx/default.conf

@@ -1,6 +1,23 @@
 server {
     server_name _;
     listen *:80;
+    index index.php index.html index.htm;
+    root /usr/src/signer/public;
 
-    root /application/public;
-}
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location ~ \.php$ {
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
+        fastcgi_pass signer:9000;
+        try_files $uri =404;
+        fastcgi_index index.php;
+    }
+
+    location ~* .php/ {
+        rewrite (.*.php)/ $1 last;
+    }
+}

docker/nginx/nginx.conf

@@ -1,9 +1,10 @@
 user www-data;
 worker_processes 4;
+daemon off;
 pid /run/nginx.pid;
 
 events {
-  worker_connections  2048;
+  worker_connections 2048;
   multi_accept on;
   use epoll;
 }
@@ -34,4 +35,3 @@ http {
   fastcgi_buffer_size 32k;
 }
 
-daemon off;

entrypoint.sh

@@ -1,12 +1,14 @@
-#!/bin/bash -x 
+#!/bin/bash -x
 
-if [[ $SITE == "prod"]];then
+APP_ENV="${APP_ENV:-dev}"
+
+if [[ ${APP_ENV#*=} == "prod" ]]; then
     service pcscd start
     cert=$(/opt/cprocsp/bin/amd64/csptest -keyset -enum_cont -verifyc -fq  | grep Aktiv | awk -F'00 00' '{print $2}' | tr -d '\\')
     /opt/cprocsp/bin/amd64/certmgr -inst -cont "${cert}" -store uMy
     certmgr -list -store umy
     SHA=$(certmgr -list -store umy | grep SHA | awk -F':' '{print $2}' | tr -d ' ')
-fi 
+fi
 # pdfcpro sign /mnt/t/123.pdf -out /mnt/t/123_sign.pdf -cert ${SHA} -text "\n\t\tПодписано ЭП\n\t\t{subject/cn}\n\t\tСертификат {sha1}\n\t\tДействителен от {since} до {until}\n\t\tДата {date}\n\t\t{subject/t}\n\t\t{subject/fullname}\n\t\t" -fontfile /usr/local/share/fonts/Inter-Bold.ttf -fontsize 8 -x 2 -y 2 -w 96 -h 9
 
 

license.key

@@ -1,22 +1,22 @@
 -----BEGIN PGP MESSAGE-----
 
-owGbwMvMwMX4m2NrnreKjyDj6QN7khjSNt7+XK1UllpUnJmfp2SloGSopKOglJOZ
-nJpXnArmJxmkmBmaJukamRpY6pqYp5noJqYkJeomWViamCdZmqYYGIG1FBTlp5Qm
-l4C05GeX5iQW6RanFgHNRZKLR7IGJJyXmAu2IqbUwMTICEQap4JIE3MwOxFMGuji
-l1YAUYZJCGljYzBpAVZqCCaNECIwbSD7U3MTM3NADsjLL07Ny853yCzRS8kv0QVi
-vaJSkIriksSikmKQEiMDIxNdAwtdA7MQAwMrMIoCm1FRkFmUiqTEEqTEyNjK1BKI
-wErySnOTUovi89PiocEKUm1Y28lkzMLAyMUgK6bIskDMKPAlS1X1ul379sDih5UJ
-FDcMXJwCMJFVJvz/naTc7D4zPFV0Z8rd1HWtvfZuBsenCs1DXVpJ919fN5DamxEc
-tPnJWy3X4JuP9+nsCIqXz1d4ofrd/NS7KB5RbX9Bxg9bV075eMOBsbLysJPOnnn9
-FbFf9nJ1bdro06nlmm0sHHx/UcHXDgbz1qcKcttnmZnxP81h19XzrZ5r4K27p3fm
-4WbOdc+v56twRPJef5r+3znp3eLSWqsOtYZgy6vdRzcEJa18Yai76U/ODt2Nfw/x
-7HTX2vvxa9Wcqo1pO/2P+kx3f3GTbXeyQUfVnb9FCyfm28kb/K7/76+hnuH3dvvU
-feXvjJ7Oys9Sm3ybdd6HoBk3I3utbr/5YLM63zIoML3pYJX2izNLQ07tPfRg4u9t
-J/iT//BGPF3zm3nb/hXimerFpxbsbg5cGZkfJR8n0rXE55yr/JV9mmohf4QPS2uX
-nLLzerB4/1cz9s1Ca6Z/2OtnInHMhpXvxTNJpc5lcRe7e5q7+WUvGHSHPUjNeSQe
-qSc7q5sxd/qBc82v5M0f9Eeqma5qP7nzgqZ55QP7KWKt51h6y/2PXemtO88sbF1r
-GMqf/69hto1qaFsdi7vJnpN32+3+/nuycvKDOYlPuT4mnde9xv5n4luLDfeu/Ki2
-6GDxLivKP2fqZlVXYp295veBA8U337gnX3RMa9nm2dnS/otHUKQnsmraLZl3Ducl
-V57lnFC7XEyhi1lFsMcv7Ai/sbP5PAA=
-=FMIf
+owGbwMvMwMX4m2NrnreKjyDj6QOLkhgyVczfViuVpRYVZ+bnKVkpKBkq6Sgo5WQm
+p+YVp4L4iWmJyalmaea6pkapFromqYapupYWKUa6BklmiYYGhonGKcamIC0FRfkp
+pcklIC352aU5iUW6KanF2SX5BUiS8Uj2GIEtykvMBdsSU2pgYpiKTCoAKYPEJBDH
+yAhEGoMlTMzB7EQwaaCLXxpkRFISyJ7U3MTMHJBFKdkOmSV6KfklukCsV1QKkiwu
+SSwqKQY7ysDIVNfQUNfIJMTAwAqMosDaKwoyi1JhSizASoxDjIytTC2BCKwkrzQ3
+KbUoPj8tHhp4INWGtZ1MxiwMjFwMsmKKLAvEjAJfslRVr9u1bw8sFliZQDHAwMUp
+ABM50Mz/h+e3d491m8Ttn3L/Zsx8eW3all/WKmXuXcIz8n3mSW34rSd01tBNYkFl
+4zz7xEMlu0wWPFWc6ytbrPebd7Ucg/+LSUG20/ZfSNf/way0R/RetPeRepZo942K
+dw4JcPE8+BQ0N+NX+afe5XeXX17z0/7gwsh+TwHdxeuupM/OP9MtsaiidorljRMG
+RpZPHihbzHq8I3lXsrGdrE2y6rHlQY8FKhun14Rd2KX0Iv3YuQa5Gzf5bH/krllz
+8MFX5rOytgkKFq1KRzIEHrMY2nFnd+7nbTeW99pXf+3C46UX38w4Oi9+j/POD0un
+svwoncFgEn5Q8EPGpwnLPm4Md1O7PHvPvkn/zeefNOqVZHhl91pG8eMkkfV/wxJe
+rtOUtOWbO2dHdUAzc3WZyq6wj1ZS3Ls7V6o5/Hm7//zyzz6ngy70KC2u4Pg/z/jM
+t9eMqyf9/hDX5XOjtnk691RXzeZYRrXXk/ZO9TFWmO6w0ZFV9+8h/vMiB5O7eZ1N
+Tj5bnJKlE5LfeFpsQ/WLj+V3xAJeX+XwSHab/vOh5LGtr+y+3t8cz6991viVxIFF
+99OM3pbMLXpwIY3Pa4NiV63r+rzuinubWKfsmWN3uef5mqLvN8982bvy8eW7PXyV
+Z5nlXzK2NK24ulalb7ry9Ys5d/MX3A8tvH7ckGdSt19Hu8LpyPsPqnyn9u7wX/Y5
+MI/v0jVZQ5fiXx/msZ3yzOhbvjoHAA==
+=l3X2
 -----END PGP MESSAGE-----