feat: cache responses from BRP by hashed bsn

Author: Mike van den Hoek

src/PrefillGravityForms/Controllers/BaseController.php

@@ -7,13 +7,14 @@
 use DateTime;
 use Exception;
 use GF_Field;
+use function OWC\PrefillGravityForms\Foundation\Helpers\resolve_teams;
 use function OWC\PrefillGravityForms\Foundation\Helpers\view;
 use OWC\PrefillGravityForms\Foundation\TeamsLogger;
 use OWC\PrefillGravityForms\GravityForms\GravityFormsSettings;
+use OWC\PrefillGravityForms\Services\CacheService;
 use OWC\PrefillGravityForms\Traits\SessionTrait;
 use TypeError;
 use WP_Screen;
-use function Yard\DigiD\Foundation\Helpers\resolve;
 
 abstract class BaseController
 {
@@ -31,7 +32,7 @@ abstract class BaseController
     public function __construct()
     {
         $this->settings = GravityFormsSettings::make();
-        $this->teams = $this->resolveTeams();
+        $this->teams = resolve_teams();
     }
 
     abstract public function handle(array $form): array;
@@ -54,22 +55,9 @@ public function get(): array
 
     abstract protected function makeRequest(): array;
 
-    public function resolveTeams(): TeamsLogger
-    {
-        try {
-            if (! function_exists('Yard\DigiD\Foundation\Helpers\resolve')) {
-                throw new Exception();
-            }
-
-            return TeamsLogger::make(resolve('teams'));
-        } catch (Exception $e) {
-            return TeamsLogger::make(new \Psr\Log\NullLogger());
-        }
-    }
-
     protected function logError(string $message, $status): void
     {
-        $this->teams->addRecord('error', 'Prefill data', [
+        $this->teams->addRecord('error', 'BRP Prefill GravityForms', [
             'message' => $message,
             'status' => $status,
         ]);
@@ -309,13 +297,15 @@ protected function getCurlHeaders(string $doelBinding = ''): array
         return array_filter($headers);
     }
 
-    protected function handleCurl(array $args, ?string $transientKey = null): array
+    protected function handleCurl(array $args, string $transientKey): array
     {
-        if (is_string($transientKey) && 0 < strlen(trim($transientKey))) {
-            $cachedResponse = get_transient($transientKey);
-            if (is_array($cachedResponse) && [] !== $cachedResponse) {
-                return $cachedResponse;
-            }
+        /**
+         * IMPORTANT NOTE: when adjusting this piece of code, please make sure
+         * that the transient key is unique per request. Otherwise, different requests
+         * might return the same cached response.
+        */
+        if ($cachedResponse = CacheService::getArrayFromTransient($transientKey)) {
+            return $cachedResponse;
         }
 
         $curl = curl_init();
@@ -343,17 +333,15 @@ protected function handleCurl(array $args, ?string $transientKey = null): array
                 throw new Exception('Request failed', is_int($httpStatus) ? $httpStatus : 500);
             }
 
-            $decoded = json_decode($output, true);
+            $response = json_decode($output, true);
 
-            if (! is_array($decoded) || [] === $decoded || json_last_error() !== JSON_ERROR_NONE) {
+            if (! is_array($response) || [] === $response || json_last_error() !== JSON_ERROR_NONE) {
                 throw new Exception('Something went wrong with decoding of the JSON output.', 500);
             }
 
-            if (is_string($transientKey) && 0 < strlen(trim($transientKey))) {
-                set_transient($transientKey, $decoded, HOUR_IN_SECONDS);
-            }
+            $this->handleTransient($response, $transientKey);
 
-            return $decoded;
+            return $response;
         } catch (Exception $e) {
             return [
                 'message' => $e->getMessage(),
@@ -364,6 +352,31 @@ protected function handleCurl(array $args, ?string $transientKey = null): array
         }
     }
 
+    /**
+     * Validates whether the necessary conditions are met before setting the transient.
+     *
+     * Ensures that:
+     * - A valid BSN (burgerservicenummer) is present in the response.
+     * - The transient key derived from that BSN matches the one generated from the current session.
+     */
+    protected function handleTransient(array $response, string $transientKey): void
+    {
+        $responseBSN = (string) ($response['burgerservicenummer'] ?? '');
+
+        if ('' === $responseBSN) {
+            throw new Exception('No burgerservicenummer found in the response.', 404);
+        }
+
+        $transientKeyByResponse = CacheService::formatTransientKey($responseBSN);
+
+        // Ensure the transient keys generated from the BSN out of the response and current session match.
+        if ($transientKeyByResponse !== $transientKey) {
+            throw new Exception('Transient key mismatch.', 500);
+        }
+
+        CacheService::setTransient($transientKey, $response);
+    }
+
     protected function timeoutOptionCURL(): int
     {
         $timeout = apply_filters('owc_prefill_gravity_forms_curl_timeout', 10);

src/PrefillGravityForms/Controllers/EnableUController.php

@@ -4,6 +4,8 @@
 
 namespace OWC\PrefillGravityForms\Controllers;
 
+use OWC\PrefillGravityForms\Services\CacheService;
+
 class EnableUController extends BaseController
 {
     public function handle(array $form): array
@@ -14,7 +16,7 @@ public function handle(array $form): array
 
         $bsn = $this->getBSN();
 
-        if (empty($bsn)) {
+        if ('' === $bsn) {
             return $form;
         }
 
@@ -40,7 +42,7 @@ protected function makeRequest(): array
     {
         $bsn = $this->getBSN();
 
-        if (empty($bsn)) {
+        if ('' === $bsn) {
             return [];
         }
 
@@ -73,9 +75,6 @@ protected function request(string $bsn = '', string $doelBinding = '', string $e
             CURLOPT_HTTPHEADER => $this->getCurlHeaders($doelBinding),
         ];
 
-        $hash = md5($curlArgs[CURLOPT_URL]);
-        $transientKey = (is_string($hash) && '' !== $hash) ? $hash : null;
-
-        return $this->handleCurl($curlArgs, $transientKey);
+        return $this->handleCurl($curlArgs, CacheService::formatTransientKey($bsn));
     }
 }

src/PrefillGravityForms/Controllers/PinkRoccadeController.php

@@ -4,6 +4,8 @@
 
 namespace OWC\PrefillGravityForms\Controllers;
 
+use OWC\PrefillGravityForms\Services\CacheService;
+
 class PinkRoccadeController extends BaseController
 {
     public function handle(array $form): array
@@ -14,7 +16,7 @@ public function handle(array $form): array
 
         $bsn = $this->getBSN();
 
-        if (empty($bsn)) {
+        if ('' === $bsn) {
             return $form;
         }
 
@@ -40,7 +42,7 @@ protected function makeRequest(): array
     {
         $bsn = $this->getBSN();
 
-        if (empty($bsn)) {
+        if ('' === $bsn) {
             return [];
         }
 
@@ -75,9 +77,6 @@ protected function request(string $bsn = '', string $doelBinding = '', string $e
             CURLOPT_SSLKEY => $this->settings->getPrivateCertificate(),
         ];
 
-        $hash = md5($curlArgs[CURLOPT_URL]);
-        $transientKey = (is_string($hash) && '' !== $hash) ? $hash : null;
-
-        return $this->handleCurl($curlArgs, $transientKey);
+        return $this->handleCurl($curlArgs, CacheService::formatTransientKey($bsn));
     }
 }

src/PrefillGravityForms/Controllers/VrijBRPController.php

@@ -4,6 +4,8 @@
 
 namespace OWC\PrefillGravityForms\Controllers;
 
+use OWC\PrefillGravityForms\Services\CacheService;
+
 class VrijBRPController extends BaseController
 {
     public function handle(array $form): array
@@ -14,7 +16,7 @@ public function handle(array $form): array
 
         $bsn = $this->getBSN();
 
-        if (empty($bsn)) {
+        if ('' === $bsn) {
             return $form;
         }
 
@@ -40,7 +42,7 @@ protected function makeRequest(): array
     {
         $bsn = $this->getBSN();
 
-        if (empty($bsn)) {
+        if ('' === $bsn) {
             return [];
         }
 
@@ -75,9 +77,6 @@ protected function request(string $bsn = '', string $doelBinding = '', string $e
             CURLOPT_SSLKEY => $this->settings->getPrivateCertificate(),
         ];
 
-        $hash = md5($curlArgs[CURLOPT_URL]);
-        $transientKey = (is_string($hash) && '' !== $hash) ? $hash : null;
-
-        return $this->handleCurl($curlArgs, $transientKey);
+        return $this->handleCurl($curlArgs, CacheService::formatTransientKey($bsn));
     }
 }

src/PrefillGravityForms/Controllers/WeAreFrankController.php

@@ -4,6 +4,8 @@
 
 namespace OWC\PrefillGravityForms\Controllers;
 
+use OWC\PrefillGravityForms\Services\CacheService;
+
 class WeAreFrankController extends BaseController
 {
     public function handle(array $form): array
@@ -14,14 +16,14 @@ public function handle(array $form): array
 
         $bsn = $this->getBSN();
 
-        if (empty($bsn)) {
+        if ('' === $bsn) {
             return $form;
         }
 
         $expand = rgar($form, 'owc-iconnect-expand', '');
         $preparedData = $this->prepareData($bsn, $expand);
 
-        $firstPerson = $this->fetchPersonData($preparedData);
+        $firstPerson = $this->fetchPersonData($preparedData, $bsn);
 
         if (empty($firstPerson)) {
             return $form;
@@ -36,13 +38,13 @@ protected function makeRequest(): array
     {
         $bsn = $this->getBSN();
 
-        if (empty($bsn)) {
+        if ('' === $bsn) {
             return [];
         }
 
         $preparedData = $this->prepareData($bsn);
 
-        return $this->fetchPersonData($preparedData) ?? [];
+        return $this->fetchPersonData($preparedData, $bsn);
     }
 
     /**
@@ -99,9 +101,9 @@ protected function getExpandFields(string $expand): array
         return array_filter(explode(',', $expand));
     }
 
-    protected function fetchPersonData(array $preparedData): array
+    protected function fetchPersonData(array $preparedData, string $bsn): array
     {
-        $apiResponse = $this->request($preparedData);
+        $apiResponse = $this->request($preparedData, $bsn);
         $personData = $apiResponse['personen'] ?? [];
         $firstPerson = reset($personData); // Response is in a multidimensional array which differs from other suppliers.
 
@@ -120,7 +122,7 @@ protected function fetchPersonData(array $preparedData): array
         return $firstPerson;
     }
 
-    protected function request(array $data = []): array
+    protected function request(array $data = [], string $bsn = ''): array
     {
         $curlArgs = [
             CURLOPT_URL => $this->settings->getBaseURL(),
@@ -132,10 +134,7 @@ protected function request(array $data = []): array
             ],
         ];
 
-        $hash = md5(json_encode($data));
-        $transientKey = (is_string($hash) && '' !== $hash) ? $hash : null;
-
-        return $this->handleCurl($curlArgs, $transientKey);
+        return $this->handleCurl($curlArgs, CacheService::formatTransientKey($bsn));
     }
 
     protected function getDefaultCurlArgs(): array

src/PrefillGravityForms/Foundation/Helpers.php

@@ -2,7 +2,9 @@
 
 namespace OWC\PrefillGravityForms\Foundation\Helpers;
 
+use Exception;
 use OWC\PrefillGravityForms\Foundation\Plugin;
+use OWC\PrefillGravityForms\Foundation\TeamsLogger;
 
 function app(): Plugin
 {
@@ -31,7 +33,7 @@ function encrypt($string): string
 {
     try {
         $encrypted = resolve(\OWC\PrefillGravityForms\Foundation\Cryptor::class)->encrypt($string);
-    } catch (\Exception $e) {
+    } catch (Exception $e) {
         $encrypted = '';
     }
 
@@ -45,7 +47,7 @@ function decrypt($string): string
 {
     try {
         $decrypted = resolve(\OWC\PrefillGravityForms\Foundation\Cryptor::class)->decrypt($string);
-    } catch (\Exception $e) {
+    } catch (Exception $e) {
         $decrypted = '';
     }
 
@@ -91,3 +93,25 @@ function get_supplier(array $form, bool $getKey = false): string
 
     return $allowed[$supplier] ?? '';
 }
+
+/**
+ * Use teams definition from Yard | GravityForms DigiD plugin.
+ */
+function resolve_teams(): TeamsLogger
+{
+    try {
+        if (! function_exists('Yard\DigiD\Foundation\Helpers\resolve')) {
+            throw new Exception();
+        }
+
+        $logger = \Yard\DigiD\Foundation\Helpers\resolve('teams');
+
+        if (! $logger instanceof \Psr\Log\LoggerInterface) {
+            throw new Exception();
+        }
+
+        return TeamsLogger::make($logger);
+    } catch (Exception $e) {
+        return TeamsLogger::make(new \Psr\Log\NullLogger());
+    }
+}