Skip to content

change header and body request aproval#326

Open
adlylee wants to merge 1 commit intobasoro:masterfrom
adlylee:latest-kirana
Open

change header and body request aproval#326
adlylee wants to merge 1 commit intobasoro:masterfrom
adlylee:latest-kirana

Conversation

@adlylee
Copy link
Copy Markdown
Contributor

@adlylee adlylee commented Apr 8, 2026
edited by sourcery-ai bot
Loading

Summary by Sourcery

Adjust approval SEP request handling for VClaim BPJS integration.

Bug Fixes:

  • Treat BPJS approval SEP responses with code 201 as successful alongside 200.

Enhancements:

  • Change approval SEP request Content-Type header to application/x-www-form-urlencoded.
  • Include jnsPengajuan in the approval SEP request payload.
  • Stop printing raw BPJS response output and rely on parsed metadata handling.

Documentation:

  • Document the VClaim approval SEP request header/body change in the changelog.

@sourcery-ai
Copy link
Copy Markdown
Contributor

sourcery-ai bot commented Apr 8, 2026
edited
Loading

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

Adjusts the VClaim SEP approval request to use form-URL-encoded content type, derives response metadata before decrypting, accepts both 200 and 201 as success codes, adds a new request field, and documents the change in the changelog.

Sequence diagram for updated SEP approval request flow

sequenceDiagram
    participant Admin
    participant BpjsService
    participant BpjsServer

    Admin->>BpjsService: post(url, request_initial_JSON, consid, secretkey, userkey, tStamp)
    Note over Admin,BpjsService: HTTP header Content-Type: application/x-www-form-urlencoded
    BpjsService->>BpjsServer: POST approval request (body is JSON string)
    BpjsServer-->>BpjsService: HTTP response (JSON)
    BpjsService-->>Admin: raw JSON string output

    Admin->>Admin: json_decode(output) to data
    Admin->>Admin: code = data.metaData.code
    Admin->>Admin: message = data.metaData.message
    Admin->>Admin: stringDecrypt(key, data.response)
    Admin->>Admin: decompress decrypted response (if not empty)

    alt code is 200 or 201
        Admin->>Admin: Build follow-up request with noKartu, tglSep, jnsPelayanan, jnsPengajuan, keterangan, user
        Admin->>BpjsService: post(url, followup_request_JSON, consid, secretkey, userkey, tStamp)
        Note over Admin,BpjsService: HTTP header Content-Type: application/x-www-form-urlencoded
        BpjsService->>BpjsServer: POST follow-up approval request
        BpjsServer-->>BpjsService: HTTP response
        BpjsService-->>Admin: raw JSON string output
    else code is not 200 or 201 or response invalid
        Admin->>Admin: Build error response with default message
    end
Loading

Flow diagram for SEP approval success handling (codes 200 and 201)

flowchart TD
    A[Receive BPJS response output] --> B[Decode JSON to data]
    B --> C{Has metaData and response?}
    C -- No --> D[Set error response ADA KESALAHAN ATAU SAMBUNGAN KE SERVER BPJS TERPUTUS]
    C -- Yes --> E[Read code and message from data.metaData]
    E --> F[Decrypt response with stringDecrypt]
    F --> G[Decompress decrypted response if not empty]
    G --> H{code is 200 or 201}
    H -- No --> D
    H -- Yes --> I[Build follow-up request t_sep with noKartu, tglSep, jnsPelayanan, jnsPengajuan, keterangan, user]
    I --> J[Set header Content-Type: application/x-www-form-urlencoded]
    J --> K[JSON-encode follow-up request]
    K --> L[Send POST to BPJS Sep/aprovalSEP via BpjsService]
    L --> M[Process follow-up response as needed]
Loading

File-Level Changes

Change Details Files
Update SEP approval request headers and success handling for BPJS API.
  • Change Content-Type header from text/html to application/x-www-form-urlencoded for both initial approval request and follow-up request.
  • Stop echoing/printing the raw BPJS response, leaving only structured handling.
  • Move extraction of metaData.code and metaData.message to occur immediately after decoding the response so they are always available.
  • Treat both 200 and 201 response codes as success when determining whether to build and send the follow-up SEP request.
  • Include the jnsPengajuan field from POST data in the follow-up SEP request body.
 plugins/vclaim/Admin.php
Document the SEP approval request changes.
  • Add a new dated entry describing the VClaim header and body request changes for SEP approval.
 CHANGELOG.md
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

sourcery-ai[bot]
sourcery-ai bot reviewed Apr 8, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey - I've found 2 issues, and left some high level feedback:

  • The Content-Type header is now set to application/x-www-form-urlencoded while the payload is still JSON-encoded via json_encode($request); consider either URL-encoding the body or reverting the header to application/json to keep them consistent with BPJS expectations.
  • By moving $code = $data['metaData']['code']; and $message = $data['metaData']['message']; before the if ($data && isset($data['metaData'])) guard, $code/message may be accessed when $data or metaData is missing, risking notices; consider keeping these assignments inside the guarded block or adding additional checks.
  • The new $_POST['jnsPengajuan'] access is not validated, so if the field is missing it will trigger an undefined index notice; consider checking for its presence or providing a sensible default before using it.
Prompt for AI Agents 
Please address the comments from this code review:

## Overall Comments
- The `Content-Type` header is now set to `application/x-www-form-urlencoded` while the payload is still JSON-encoded via `json_encode($request)`; consider either URL-encoding the body or reverting the header to `application/json` to keep them consistent with BPJS expectations.
- By moving `$code = $data['metaData']['code'];` and `$message = $data['metaData']['message'];` before the `if ($data && isset($data['metaData']))` guard, `$code`/`message` may be accessed when `$data` or `metaData` is missing, risking notices; consider keeping these assignments inside the guarded block or adding additional checks.
- The new `$_POST['jnsPengajuan']` access is not validated, so if the field is missing it will trigger an undefined index notice; consider checking for its presence or providing a sensible default before using it.

## Individual Comments

### Comment 1
<location path="plugins/vclaim/Admin.php" line_range="2809-2810" />
<code_context>
-    // echo $data;
-    print_r(htmlspecialchars($output, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8'));
+    // print_r(htmlspecialchars($output, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8'));
+    $code = $data['metaData']['code'];
+    $message = $data['metaData']['message'];

     if ($data && isset($data['metaData'])) {
</code_context>
<issue_to_address>
**issue (bug_risk):** Accessing `$data['metaData']` before checking it exists can trigger notices and leave `$code`/`$message` undefined.

`$code` and `$message` are read before `if ($data && isset($data['metaData']))`. If `json_decode` fails or `metaData` is absent, this will emit notices and leave `$code` undefined when evaluated in `if ($code == 200 or $code == 201)`. Please assign `$code`/`$message` inside the `if ($data && isset($data['metaData']))` block and provide a sensible default for `$code` in the error path.
</issue_to_address>

### Comment 2
<location path="CHANGELOG.md" line_range="25" />
<code_context>
+## [2026-04-08]
+
+### Changed
+- VClaim: Perubahan header dan body request pada aproval SEP 
\ No newline at end of file
</code_context>
<issue_to_address>
**issue (typo):** Consider correcting the typo "aproval" to "approval".

This occurs in the VClaim changelog line: `Perubahan header dan body request pada aproval SEP`.
</issue_to_address>
Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

plugins/vclaim/Admin.php
Comment on lines +2809 to +2810
$code = $data['metaData']['code'];
$message = $data['metaData']['message'];
Copy link
Copy Markdown
Contributor

@sourcery-ai sourcery-ai bot Apr 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

issue (bug_risk): Accessing $data['metaData'] before checking it exists can trigger notices and leave $code/$message undefined.

$code and $message are read before if ($data && isset($data['metaData'])). If json_decode fails or metaData is absent, this will emit notices and leave $code undefined when evaluated in if ($code == 200 or $code == 201). Please assign $code/$message inside the if ($data && isset($data['metaData'])) block and provide a sensible default for $code in the error path.

CHANGELOG.md
## [2026-04-08]

### Changed
- VClaim: Perubahan header dan body request pada aproval SEP No newline at end of file
Copy link
Copy Markdown
Contributor

@sourcery-ai sourcery-ai bot Apr 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

issue (typo): Consider correcting the typo "aproval" to "approval".

This occurs in the VClaim changelog line: Perubahan header dan body request pada aproval SEP.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@adlylee