Update to support Pro level (#4)

Author: ildyria

config/verify.php

@@ -1,17 +1,21 @@
 <?php
 
+use LycheeVerify\Http\Middleware\VerifyProStatus;
 use LycheeVerify\Http\Middleware\VerifySupporterStatus;
-use LycheeVerify\Validators\ValidateHash;
+use LycheeVerify\Validators\ValidatePro;
 use LycheeVerify\Validators\ValidateSignature;
+use LycheeVerify\Validators\ValidateSupporter;
 use LycheeVerify\Verify;
 use LycheeVerify\VerifyServiceProvider;
 
 return [
 	'validation' => [
-		ValidateHash::class => 'e2511ed0f1adc865c7c8b40bec19d656323d81f6',
-		ValidateSignature::class => '1bae28471b402e73ddad2ea871b15835954822c3',
-		Verify::class => '6dd9c193b7505dff9d4ba0f19f0e2b3a3171d83a',
+		ValidateSupporter::class => 'ef1a42701af6dc36e052556a0ee1c762394f9428',
+		ValidatePro::class => '482b48f1a026684b6c1754e45ca180ffc52483ff',
+		ValidateSignature::class => '5a8a855d4b59c44c298daa66801c79f2aba20492',
+		Verify::class => 'ffd01909f5189bc7bae21266e356f83c898ccd37',
 		VerifySupporterStatus::class => '6358c45ed0414c1e2697e0881238659fa6221bed',
-		VerifyServiceProvider::class => '927a8f3c811fc82cb8a0ac2667c06e7d292c3633',
+		VerifyProStatus::class => '212e6ada794587ee8e2b81cf76e243d134a7e823',
+		VerifyServiceProvider::class => '923b63b15d25e69b95ed1d5ec1c82ba57f1a7d74',
 	],
 ];

docs/README.md

@@ -34,7 +34,7 @@ The license status is represented by the `Status` enum, which defines three leve
 
 - `FREE_EDITION` - Basic features, no license required
 - `SUPPORTER_EDITION` - Standard supporter features
-- `PLUS_EDITION` - Premium features with extended capabilities
+- `PRO_EDITION` - Premium features with extended capabilities
 
 #### 2. Validation Mechanism
 
@@ -55,7 +55,7 @@ Two concrete validators are provided:
    - Simple validation mechanism for standard supporters
 
 2. **ValidateSignature** - Uses cryptographic signatures for validation
-   - Returns `PLUS_EDITION` status when valid
+   - Returns `PRO_EDITION` status when valid
    - More secure mechanism for premium users
    - Uses asymmetric cryptography (ECDSA) for verification
 
@@ -102,7 +102,7 @@ if ($verify->is_plus()) {
 $verify->authorize();
 
 // Will throw exception if not a plus user
-$verify->authorize(Status::PLUS_EDITION);
+$verify->authorize(Status::PRO_EDITION);
 ```
 
 ### Conditional Execution

generate-key.php

@@ -0,0 +1,35 @@
+<?php
+
+/**
+ * Generate a cryptographically secure key in the format:
+ * XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
+ *
+ * Each segment contains 5 uppercase alphanumeric characters (A-Z, 0-9)
+ */
+function generateSecureKey(): string
+{
+    $characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
+    $segments = [];
+
+    // Generate 5 segments
+    for ($i = 0; $i < 5; $i++) {
+        $segment = '';
+
+        // Generate 5 characters per segment
+        for ($j = 0; $j < 5; $j++) {
+            $randomIndex = random_int(0, strlen($characters) - 1);
+            $segment .= $characters[$randomIndex];
+        }
+
+        $segments[] = $segment;
+    }
+
+    return implode('-', $segments);
+}
+
+// Generate and display the key
+$key = generateSecureKey();
+$hash = password_hash($key, PASSWORD_BCRYPT);
+
+echo "Generated key: " . $key . PHP_EOL;
+echo "Bcrypt hash:   " . $hash . PHP_EOL;

phpstan.neon

@@ -3,6 +3,7 @@ includes:
 	- vendor/lychee-org/phpstan-lychee/phpstan.neon
 
 parameters:
+	level: 9
 	treatPhpDocTypesAsCertain: false
 	paths:
 		- src

src/Console/Commands/CheckKeyCommand.php

@@ -0,0 +1,74 @@
+<?php
+
+namespace LycheeVerify\Console\Commands;
+
+use Illuminate\Console\Command;
+use LycheeVerify\Contract\Status;
+use LycheeVerify\Validators\ValidatePro;
+use LycheeVerify\Validators\ValidateSupporter;
+use function Safe\json_encode;
+
+class CheckKeyCommand extends Command
+{
+	/**
+	 * The name and signature of the console command.
+	 *
+	 * @var string
+	 */
+	protected $signature = 'verify:check-key {key : The license key to check}';
+
+	/**
+	 * The console command description.
+	 *
+	 * @var string
+	 */
+	protected $description = 'Check the sponsorship level for a given license key';
+
+	/**
+	 * Execute the console command.
+	 */
+	public function handle(): int
+	{
+		if (!$this->hasArgument('key')) {
+			$this->error('No key provided. Please provide a license key to check.');
+
+			return Command::FAILURE;
+		}
+
+		if (!is_string($this->argument('key'))) {
+			$this->error('Invalid key format. The key must be a string.');
+
+			return Command::FAILURE;
+		}
+
+		$key = $this->argument('key');
+
+		$validateSupporter = new ValidateSupporter();
+		$validatePro = new ValidatePro();
+
+		// We use a dummy verifiable string for checking
+		$verifiable = json_encode(['url' => '', 'email' => '']);
+
+		// Check Pro edition first (highest tier)
+		if ($validatePro->validate($verifiable, $key)) {
+			$this->info('Key: ' . $key);
+			$this->info('Sponsorship Level: ' . Status::PRO_EDITION->value . ' (Pro Edition)');
+
+			return Command::SUCCESS;
+		}
+
+		// Check Supporter edition
+		if ($validateSupporter->validate($verifiable, $key)) {
+			$this->info('Key: ' . $key);
+			$this->info('Sponsorship Level: ' . Status::SUPPORTER_EDITION->value . ' (Supporter Edition)');
+
+			return Command::SUCCESS;
+		}
+
+		// Key doesn't match any known tier
+		$this->warn('Key: ' . $key);
+		$this->warn('Sponsorship Level: ' . Status::FREE_EDITION->value . ' (No valid sponsorship found)');
+
+		return Command::FAILURE;
+	}
+}

src/Contract/Status.php

@@ -9,5 +9,6 @@ enum Status: string
 {
 	case FREE_EDITION = 'free';
 	case SUPPORTER_EDITION = 'se';
-	case PLUS_EDITION = 'plus';
-}
+	case PRO_EDITION = 'pro';
+	case SIGNATURE_EDITION = 'signature';
+}

src/Contract/VerifyInterface.php

@@ -23,18 +23,25 @@ public function get_status(): Status;
 	public function check(Status $required_status = Status::SUPPORTER_EDITION): bool;
 
 	/**
-	 * Returns true if the user is a supporter (or plus registered user).
+	 * Returns true if the user is a supporter (or pro/signature user).
 	 *
 	 * @return bool
 	 */
 	public function is_supporter(): bool;
 
 	/**
-	 * Return true of the user is a plus registered user.
+	 * Return true of the user is a pro user (or signature user).
 	 *
 	 * @return bool
 	 */
-	public function is_plus(): bool;
+	public function is_pro(): bool;
+
+	/**
+	 * Return true if the user is a signature user.
+	 *
+	 * @return bool
+	 */
+	public function is_signature(): bool;
 
 	/**
 	 * Authorize the operation if the installation is verified.

src/Exceptions/BaseVerifyException.php

@@ -60,4 +60,4 @@ protected function __construct(int $httpStatusCode, string $message, ?\Throwable
 		}
 		parent::__construct($httpStatusCode, $message, $previous, [], $code ?? 0);
 	}
-}
+}

src/Exceptions/SupporterOnlyOperationException.php

@@ -12,9 +12,10 @@ final class SupporterOnlyOperationException extends BaseVerifyException
 	public function __construct(Status $status = Status::SUPPORTER_EDITION)
 	{
 		$users = match ($status) {
-			Status::PLUS_EDITION => 'plus users',
+			Status::SIGNATURE_EDITION => 'signature users',
+			Status::PRO_EDITION => 'pro users',
 			default => 'supporters',
 		};
 		parent::__construct(402, sprintf('This operation is reserved to the %s of LycheeOrg.', $users), null);
 	}
-}
+}

src/Http/Middleware/VerifyProStatus.php

@@ -0,0 +1,45 @@
+<?php
+
+namespace LycheeVerify\Http\Middleware;
+
+use Illuminate\Http\Request;
+use LycheeVerify\Contract\Status;
+use LycheeVerify\Contract\VerifyException;
+use LycheeVerify\Exceptions\SupporterOnlyOperationException;
+use LycheeVerify\Verify;
+
+/**
+ * This class checks whether the use on a supporter installation.
+ * If it is not, then the request is aborted.
+ */
+class VerifyProStatus
+{
+	private Verify $verify;
+
+	public function __construct(?Verify $verify)
+	{
+		$this->verify = $verify ?? new Verify();
+	}
+
+	/**
+	 * Handle an incoming request.
+	 *
+	 * @param Request  $request the incoming request to serve
+	 * @param \Closure $next    the next operation to be applied to the
+	 *                          request
+	 *
+	 * @return mixed
+	 *
+	 * @throws VerifyException
+	 */
+	public function handle(Request $request, \Closure $next, string $required_status): mixed
+	{
+		$required_status = Status::tryFrom($required_status) ?? Status::PRO_EDITION;
+
+		if ($this->verify->check($required_status)) {
+			return $next($request);
+		}
+
+		throw new SupporterOnlyOperationException(Status::PRO_EDITION);
+	}
+}