Kodexempel

Engångskoder - PHP - Managed

/**
 * Project:     Fedlogin: a PHP library inteface to the Fedlogin authentication service
 * File:        fedlogin.php
 * 
 * 
 * --- ABOUT THIS FILE ------------------------
 *
 * This library is used for accessing authentication services
 * such as one-time-passwords, challenge-response mechanisms
 * and signature services.
 * 
 * Note: this library is used for Fedlogin MANAGED authentication services.
 * As such, users and tokens are managed by Fedlogin. Customers do not need
 * to manage tokens.
 * 
 * There is also a library available for Fedlogin UNMANAGED services,
 * where each customer manages token data. In this scenario,
 * Fedlogin does not manage users - it only provides the authentication mechanism.
 *
 *
 * --- USAGE SCENARIOS ------------------------
 *
 * - Use ONE-TIME-PASSWORDS when authenticating a logon.
 *
 * - Use CHALLENGE-RESPONSE when authenticating a logon in a scenario
 *   where stronger authentication is needed.
 * 
 * - Use SIGNATURE when a need for a legally binding electronic signature
 *   is needed, such as in a payment scenario.
 *   Example: signing the order# or the total amount paid.
 * 
 * 
 * --- AVAILABLE METHODS ------------------------
 *
 * - validateOTP: Validates a One-Time-Password
 *   Token(s) supported: GO3, DP260, Digipass for Java Phone
 *   Note: A OTP is ALWAYS six digits long.
 *
 * - requestChallenge: Requests a Challenge for a challenge-response sequence
 *   Token(s) supported: DP260, Digipass for Java Phone
 *   Note: A challenge is ALWAYS eight digits long.
 *
 * - validateChallengeResponse: Validates a challenge-response sequence
 *   Token(s) supported: DP260, Digipass for Java Phone
 *   Note: A response to a Challenge is ALWAYS six digits long.
 *
 * - validateSignature: Validates a signature sequence
 *   Token(s) supported: DP260, Digipass for Java Phone
 *   Note: Two signature fields must ALWAYS be used.
 *   Note: Each signature field is ALWAYS eleven digits long.
 *   Note: A token signature is ALWAYS six digits long.
 *
 *
 * --- GETTING STARTED ------------------------
 *
 * 1. Edit the $_ACCESS_USERNAME and $_ACCESS_PASSWORD parameters accordingly.
 * 2. Take a look at some of the sample authentication calls below.
 *
 * Note: For a list of status messages, see https://ws.fedlogin.net/status.txt.
 *
 *
 * @link http://www.fedlogin.com
 * @copyright 2008 Fedlogin Security AB
 * @author Ulf Sahlin 
 * @package Fedlogin
 * @version 1.0
 */

class Fedlogin {
  var $_ACCESS_USERNAME = 'myusername';
  var $_ACCESS_PASSWORD = 'mypassword';
	var $_WSDL = "https://ws.fedlogin.net/Authenticator.asmx?WSDL";

	function getWSDL() { return $this->_WSDL; }
	function getAccessUsername() { return $this->_ACCESS_USERNAME; }
	function getAccessPassword() { return $this->_ACCESS_PASSWORD; }
  
	function getSoapClient() {
		return new SoapClient($this->getWSDL(), array('trace' => true, 'soap_version' => SOAP_1_2));
	}
	
	/**
	 * 
	 */
  function validateOTP($username, $otp) {
		$params = array("adminName" => $this->getAccessUsername(),
		                "adminPasswd" => $this->getAccessPassword(),
		                "username" => $username, "otp" => $otp);
		$client = $this->getSoapClient();
		$result = $client->validateOTPRaw($params);
		$assertion = $result->validateOTPRawResult;

		return $assertion;
  }

  function requestChallenge($username) {
		$params = array("adminName" => $this->getAccessUsername(),
		                "adminPasswd" => $this->getAccessPassword(),
		                "username" => $username);
		$client = $this->getSoapClient();
		$result = $client->requestChallengeRaw($params);
		$challenge = $result->requestChallengeRawResult;

		return $challenge;
  }

  function validateChallengeResponse($username, $challenge, $response) {
		$params = array("adminName" => $this->getAccessUsername(),
		                "adminPasswd" => $this->getAccessPassword(),
		                "username" => $username,
		                "challenge" => $challenge,
		                "response" => $response);
		$client = $this->getSoapClient();
		$result = $client->validateChallengeResponseRaw($params);
		$assertion = $result->validateChallengeResponseRawResult;

		return $assertion;
  }
  
  function validateSignature($username, $signedFields, $signature) {
		$params = array("adminName" => $this->getAccessUsername(),
		                "adminPasswd" => $this->getAccessPassword(),
		                "username" => $username,
		                "signedFields" => $signedFields,
		                "signature" => $signature);
		$client = $this->getSoapClient();
		$result = $client->validateSignatureRaw($params);
		$assertion = $result->validateSignatureRawResult;

		return $assertion;
  }

}


/*
// ---------------------------------------------------------------------------------------------------
// AUTHENTICATION SAMPLES

// Init Fedlogin authentication
$fedlogin = new Fedlogin;

// ---------------------------------------------------------------------------------------------------

// SAMPLE 1
// Authenticate a One-Time-Password for a specific user (having a specific token)
// Note: A token OTP is ALWAYS six digits long.

$resultOTP = $fedlogin->validateOTP("myuser", "123456");
if ($resultOTP->validated) {
	print_r( "OTP validation success!" );
} else {
	print_r( "Authentication FAILED. Status: " . $resultOTP->status . ". Message: " . $resultOTP->message );
}

// ---------------------------------------------------------------------------------------------------

// SAMPLE 2a
// Request a Challenge for a Challenge-Response sequence for a specific user (having a specific token)
// Note: A challenge is ALWAYS eight digits long.

$resultChallenge = $fedlogin->requestChallenge("myuser");
if ($resultChallenge->status == 0) {
	print_r( "Challenge created: " . $resultChallenge->challenge );
} else {
	print_r( "Challenge creation FAILED. Status: " . $resultChallenge->status . ". Message: " + $resultChallenge->message );
}


// SAMPLE 2b
// Validate a Response for a requested Challenge for a specific user (having a specific token)
// Note: A challenge is ALWAYS eight digits long.
// Note: A token response to a Challenge is ALWAYS six digits long.

$resultChallengeResponse = $fedlogin->validateChallengeResponse("myuser", "12345678", "123456");
if ($resultChallengeResponse->validated) {
	print_r( "Challenge-Response validation SUCCESS!" );
} else {
	print_r( "Challenge FAILED. Status: " . $resultChallengeResponse->status . ". Message: " + $resultChallengeResponse->message );
}

// ---------------------------------------------------------------------------------------------------

// SAMPLE 3
// Validate a Signature sequence for a specific user (having a specific token)
// Note: Two signature fields must ALWAYS be used.
// Note: Each signature field is ALWAYS eleven digits long.
// Note: A token signature is ALWAYS six digits long.

$resultSignature = $fedlogin->validateSignature("myser", array( "12345678901", "12345678901"), "123456");
if ($resultSignature->validated) {
	print_r( "Signature validation SUCCESS!" );
} else {
	print_r( "Signature FAILED. Status: " . $resultSignature->status . ". Message: " + $resultSignature->message );
}

*/

Fedlogin features products from Vasco Data Security
Fedlogin features products from Deepnet Security Ltd.
Fedlogin is protected by Thawte, Inc.
Fedlogin features products from Cisco Systems, Inc.
Fedlogin features products from Hewlett-Packard