-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathweb_example.php
More file actions
273 lines (231 loc) · 11.2 KB
/
web_example.php
File metadata and controls
273 lines (231 loc) · 11.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
<?php
//
//
// a simple demo how to use the SecSignIDApi interface.
//
// (c) 2012 - 2016 SecSign Technologies Inc.
//
//
include ('SecSignIDApi.php');
echo "<html><head><title>SecSign ID Api example</title></head>" . PHP_EOL . PHP_EOL;
echo "<body>". PHP_EOL. PHP_EOL;
echo "<h1>SecSign ID Api example</h1>" . PHP_EOL;
echo "<br /><br /><br />" . PHP_EOL;
//---------------------------------------------------------------------------------
//
//
// step 3: The user hit the 'OK' or 'Cancel' button
//
// In posted request a parameter request id and an authsession id is set. in this case the authentication session state shall be checked or canceled
// to check the authentication state a new api instance needs to be created. get all information about The authentication session which was stored in html fields or in the php session object
// and create an authentication session object. Afterwards the state can be retrieved from server. Depending of the state
// the user could be logged in at the cms or system using the SecSign ID Api.
//
//
//
if(isset($_POST['requestid']) && isset($_POST['authsessionid']))
{
// if the request id is set The authentication session status has to be checked or The authentication session has to be canceled. this depends on the request name
try
{
// create a new session instance which is needed to check its status
$authsession = new AuthSession();
$authsession->createAuthSessionFromArray(array(
'requestid' => $_POST['requestid'],
'secsignid' => $_POST['secsignid'],
'authsessionid' => $_POST['authsessionid'],
'servicename' => $_POST['servicename'],
'serviceaddress' => $_POST['serviceaddress'],
'authsessionicondata' => $_POST['authsessionicondata']
));
// create new secsign id api instance
$secSignIDApi = new SecSignIDApi();
// the parameter which should be checked depends on the name you have given the 'OK' button. see step 2
if(isset($_POST['check']))
{
// get the authentication session state
$authSessionState = $secSignIDApi->getAuthSessionState($authsession);
//---------------------------------------------------------------------------------
//
//
// The authentication session has been accepted. this is the only case where the web-application or cms can login the user in the underlying system.
// session might be set and everything which is needed.
//
//
//
if($authSessionState == AuthSession::AUTHENTICATED)
{
// user accepted the authentication session...
echo "Welcome " . $_POST['secsignid'] . PHP_EOL;
echo "<br /><br />";
echo "You have been logged in to your account... <br />" . PHP_EOL;
}
//---------------------------------------------------------------------------------
//
//
// the user has denied The authentication session. guessing he didnt want to login
//
//
//
else if($authSessionState == AuthSession::DENIED)
{
echo "You have denied The authentication session..." . PHP_EOL;
echo "<br /><br />";
printLoginForm();
}
//---------------------------------------------------------------------------------
//
//
// The authentication session is still pending. the user didnt accept or denied The authentication session.
// The authentication session is in the state fetched if the user got all access pass icons on his smart phone: the session was fetched by the user on his smartphone.
//
//
//
else if ($authSessionState == AuthSession::PENDING || $authSessionState == AuthSession::FETCHED)
{
echo "The authentication session is still pending... It has neither be accepted nor denied." . PHP_EOL;
echo "<br /><br />";
// print access pass, hidden fields and the form to submit check of authentication state
printAccessPassForm($authsession);
}
//---------------------------------------------------------------------------------
//
//
// The authentication session might be expired or something else happend...
//
//
//
else
{
echo "The authentication session has an unknown status " . $authSessionState . ". therefore you cannot be logged in..." . PHP_EOL;
echo "<br /><br />";
printLoginForm();
}
}
else
{
// user hit cancel. in fact in this example there is no cancel button
$secSignIDApi->cancelAuthSession($authsession);
echo "You have canceled the login process..." . PHP_EOL;
echo "<br /><br />";
printLoginForm();
}
}
catch(Exception $e)
{
echo "An error occured when getting authentication session status : " . $e->getMessage() . PHP_EOL;
echo "<br /><br />";
printLoginForm();
}
}
//---------------------------------------------------------------------------------
//
//
// step 2: the user entered his secsign id and hit the 'Login' button
//
// An authentication session was received (otherwise an exception will be thrown)
// All data which is needed to check its state must be saved. This can be done by saving values in hidden input fields or at the php session or data could be written to db or files
// The data which is used:
//
// $authsession->getRequestID()
// $authsession->getSecSignID()
// $authsession->getAuthSessionID()
// $authsession->getRequestingServiceName()
// $authsession->getRequestingServiceAddress()
// $authsession->getIconData()
//
//
else if(isset($_POST['secsignid']) && isset($_POST['login']))
{
// contact secsign id server and request authentication session
try
{
$secSignIDApi = new SecSignIDApi();
$authsession = $secSignIDApi->requestAuthSession($_POST['secsignid'], 'web example how to use SecSignIDApi', $_SERVER['SERVER_NAME']);
if(isset($authsession))
{
// print access pass, hidden fields and the form to submit check of authentication state
printAccessPassForm($authsession);
}
}
catch(Exception $e)
{
echo "An error occured when requesting the authentication session : " . $e->getMessage() . PHP_EOL;
echo "<br /><br />";
printLoginForm();
}
}
//---------------------------------------------------------------------------------
//
//
// step 1: print textfield for secsign id and a 'Login' submit button
//
//
//
else
{
printLoginForm();
}
// print ending of html page...
echo "</body>". PHP_EOL. PHP_EOL;
echo "</html>". PHP_EOL. PHP_EOL;
//---------------------------------------------------------------------------------
//
//
// methods to print html forms and the access pass with given icon data
//
//
//
function printLoginForm()
{
echo "<form action='web_example.php' method='post'>" . PHP_EOL;
echo "SecSign ID: <input id='secsignid' name='secsignid' type='text' size='30' maxlength='30' />" . PHP_EOL;
echo "<button type ='submit' name='login' value='1'>Login</button> <br />" . PHP_EOL;
echo "</form>";
}
function printAccessPassForm($authsession)
{
// show image data, print all information which is need to verify authentication session
echo "<form action='web_example.php' method='post'>" . PHP_EOL;
// all information which is need to get session status if user hit 'OK' button
printHiddenFormFields($authsession);
// print a nice html-table with a access pass
printCheckAccessPass($authsession->getIconData());
// end of form
echo "</form>". PHP_EOL;
}
function printHiddenFormFields($authsession)
{
echo "<input type='hidden' name='requestid' value='" . $authsession->getRequestID() . "' />" . PHP_EOL;
echo "<input type='hidden' name='secsignid' value='" . $authsession->getSecSignID() . "' />" . PHP_EOL;
echo "<input type='hidden' name='authsessionid' value='" . $authsession->getAuthSessionID() . "' />" . PHP_EOL;
echo "<input type='hidden' name='servicename' value='" . $authsession->getRequestingServiceName() . "' />" . PHP_EOL;
echo "<input type='hidden' name='serviceaddress' value='" . $authsession->getRequestingServiceAddress() . "' />" . PHP_EOL;
echo "<input type='hidden' name='authsessionicondata' value='" . $authsession->getIconData() . "' />" . PHP_EOL;
}
function printCheckAccessPass($iconData)
{
echo "<table>" . PHP_EOL;
echo "<tr>" . PHP_EOL;
echo "<td colspan='2'>" . PHP_EOL;
echo "Please verify the access pass using your smartphone.<br>Choose the correct one by tapping on it. After that please click OK: <br /><br/>" . PHP_EOL;
echo "</td>" . PHP_EOL;
echo "</tr>" . PHP_EOL;
echo "<tr>" . PHP_EOL;
echo "<td colspan='2'>" . PHP_EOL;
echo "<div style='background-color:#98bde2;color:#FFF;padding:10px;margin:10px;font-size:1.6em;text-align:center;'>" . PHP_EOL;
echo "<img src=\"data:image/png;base64," . $iconData . "\">" . PHP_EOL;
echo "</div><br /><br />" . PHP_EOL;
echo "</td>" . PHP_EOL;
echo "</tr>" . PHP_EOL;
echo "<tr>" . PHP_EOL;
echo "<td align='left'>" . PHP_EOL;
echo "<button type ='submit' name='cancel' value='1' style='width:100px'>Cancel</button>" . PHP_EOL;
echo "</td>" . PHP_EOL;
echo "<td align='right'>" . PHP_EOL;
echo "<button type ='submit' name='check' value='1' style='width:100px'>OK</button>" . PHP_EOL;
echo "</td>" . PHP_EOL;
echo "</tr>" . PHP_EOL;
echo "</table>" . PHP_EOL;
}
?>