From 09f6b0c425929032ac565c8773301afa167f3d4f Mon Sep 17 00:00:00 2001
From: SCHAUAUS GmbH <social@schauaus.at>
Date: Wed, 8 Apr 2026 22:28:24 +0200
Subject: [PATCH] Create key requests for backend to query.

---
 public/RequestManager.php      | 36 ++++++++++++++++++++++++++++++----
 public/index.php               | 10 +++++++++-
 public/requests/ownerName.json | 10 +++++++---
 3 files changed, 48 insertions(+), 8 deletions(-)

diff --git a/public/RequestManager.php b/public/RequestManager.php
index 83d2418..887ae6c 100755
--- a/public/RequestManager.php
+++ b/public/RequestManager.php
@@ -6,9 +6,37 @@
 
 class RequestManager {
 
-    public function __construct(
-        
-    ) {
+    private $requestDir;
 
+    public function __construct(
+        $dirName = '/requests'
+    ) {
+        $this->requestDir = __DIR__ . $dirName;
     }
-}
\ No newline at end of file
+
+    public function generateRequest($owner, $key) {
+        if(!isset($owner) || !isset($key))
+            return ['error'=>'Request could not be processed', 'status'=> 400];
+        $requester = $_SERVER['PHP_AUTH_USER'];
+        if($owner == $requester)
+            return ['error'=>'You do not need to request access to your own keys', 'status'=> 400];
+        $requestFileName = $this->requestDir . '/' . $owner . '.json';
+        $openRequests = new stdClass();
+        if(file_exists($requestFileName))
+            $openRequests = json_decode(file_get_contents($requestFileName));
+        foreach($openRequests->{$requester} as $request) {
+            if($request->requested_key == $key)
+                return ['error'=>'You already requested that key', 'status'=>400];
+        }
+        $newData = new StdClass();
+        $newData->requested_key = $key;
+        $newData->created = new DateTime()->format('c');
+        if(!isset($openRequests->{$requester}));
+            $openRequests->{$requester} = array();
+        $dataIndex = count($openRequests->{$requester});
+        $openRequests->{$requester}[$dataIndex] = $newData;
+        if(!file_put_contents($requestFileName, json_encode($openRequests, JSON_PRETTY_PRINT)))
+             return['error'=>'request cannot be stored on the server', 'status'=>400];
+        return ['success'=>'Your request was registered successfully', 'status'=>200];
+    }
+}
diff --git a/public/index.php b/public/index.php
index 64f76bd..dc91640 100755
--- a/public/index.php
+++ b/public/index.php
@@ -15,6 +15,7 @@ $path = rtrim($path, '/');
 $path = ltrim($path, '/');
 
 $tokenManager = new TokenManager();
+$requestManager = new RequestManager();
 
 switch ($path) {
     case 'request': // request access to another user's emergency / legacy key file
@@ -40,8 +41,15 @@ function ReturnJsonResponse($data, $status = 200) {
 }
 
 function requestAccess() {
+    global $requestManager;
     $data = ['request access' => 'request not allowed'];
-    ReturnJsonResponse($data, 403);
+    $owner = $_REQUEST['owner'];
+    $key = $_REQUEST['key'];
+    $result = $requestManager->generateRequest($owner, $key);
+    if(isset($result['error']))
+        ReturnJsonResponse(['error'=>$result['error']], $result['status']);
+    if(isset($result['success']))
+        ReturnJsonResponse(['success'=>$result['success']], $result['status']);
 }
 
 function denyAccess() {
diff --git a/public/requests/ownerName.json b/public/requests/ownerName.json
index 53c2277..e3e340f 100644
--- a/public/requests/ownerName.json
+++ b/public/requests/ownerName.json
@@ -1,4 +1,8 @@
 {
-    "requested_key": "myKey.pem",
-    "created": "2026-04-04T12:00:00+00:00"
-}
+    "allowedName": [
+        {
+            "requested_key": "myKey.pem",
+            "created": "2026-04-08T20:24:34+00:00"
+        }
+    ]
+}
\ No newline at end of file