/** * @param array $queryParameters * @return AuthResponse * @throws InvalidRequestError When auth_request values from post data and decrypted auth data do not match. */ private function handleAuthCallback(array $queryParameters) { $auth = json_decode($this->cryptService->decryptRSA($queryParameters["auth"]), true); if ($queryParameters["auth_request"] !== $auth["auth_request"]) { throw new InvalidRequestError("Invalid auth callback auth_request values did not match"); } $response = new AuthResponse(true, $auth["auth_request"], $queryParameters["user_hash"], isset($queryParameters["organization_user"]) ? $queryParameters["organization_user"] : null, isset($queryParameters["user_push_id"]) ? $queryParameters["user_push_id"] : null, $auth["device_id"], $auth["response"] == "true"); return $response; }
/** * Create a white label user with the following identifier * * @param $identifier Unique and permanent identifier for the user in the white label application. This identifier * will be used in all future communications regarding this user. As such, it cannot ever change. * * @return WhiteLabelUser * @throws CommunicationError If there was an error communicating with the endpoint * @throws InvalidCredentialsError If the credentials supplied to the endpoint were invalid * @throws InvalidRequestError If the endpoint proclaims the request invalid * @throws InvalidResponseError */ public function createWhiteLabelUser($identifier) { $requestData = array("app_key" => $this->appKey, "secret_key" => base64_encode($this->getEncryptedSecretKey()), "identifier" => $identifier); $data = $this->sendRequest('/v1/users', 'POST', $requestData, array(), 'application/json'); $cipher = $this->cryptService->decryptRSA($data['response']["cipher"]); $key = substr($cipher, 0, strlen($cipher) - 16); $iv = substr($cipher, -16); $userJsonData = $this->cryptService->decryptAES($data['response']["data"], $key, $iv); try { $userData = $this->jsonDecodeData($userJsonData); } catch (InvalidResponseError $e) { throw new InvalidResponseError("Response data is not valid JSON when decrypted", $e->getCode(), $e); } return new WhiteLabelUser($userData["qrcode"], $userData["code"]); }
/** * Create a white label user with the following identifier * * @param string $identifier Unique and permanent identifier for the user in the white label application. This identifier * will be used in all future communications regarding this user. As such, it cannot ever change. * * @return WhiteLabelUser * @throws CommunicationError If there was an error communicating with the endpoint * @throws InvalidCredentialsError If the credentials supplied to the endpoint were invalid * @throws InvalidRequestError If the endpoint proclaims the request invalid * @throws InvalidResponseError If the encrypted data is not valid JSON */ public function createWhiteLabelUser($identifier) { $body = json_encode(array("app_key" => $this->appKey, "secret_key" => base64_encode($this->getEncryptedSecretKey()), "identifier" => $identifier)); $request = $this->guzzleClient->post("/v1/users")->setBody($body, "application/json"); $request->getQuery()->add("signature", $this->cryptService->sign($body)); $data = $this->sendRequest($request); $cipher = $this->cryptService->decryptRSA($data["cipher"]); $key = substr($cipher, 0, strlen($cipher) - 16); $iv = substr($cipher, -16); $userJsonData = $this->cryptService->decryptAES($data["data"], $key, $iv); try { $userData = $this->jsonDecodeData($userJsonData); } catch (InvalidResponseError $e) { throw new InvalidResponseError("Response data is not valid JSON when decrypted", $e->getCode(), $e); } return new WhiteLabelUser($userData["qrcode"], $userData["code"]); }
public function testDecryptRSAPlainText() { $actual = $this->service->decryptRSA(base64_decode(static::BASE64_RSA_ENCRYPTED), false); $this->assertEquals(static::UNENCRYPTED, $actual); }