/**
* @param array $queryParameters
* @return AuthResponse
* @throws InvalidRequestError When auth_request values from post data and decrypted auth data do not match.
*/
private function handleAuthCallback(array $queryParameters)
{
$auth = json_decode($this->cryptService->decryptRSA($queryParameters["auth"]), true);
if ($queryParameters["auth_request"] !== $auth["auth_request"]) {
throw new InvalidRequestError("Invalid auth callback auth_request values did not match");
}
$response = new AuthResponse(true, $auth["auth_request"], $queryParameters["user_hash"], isset($queryParameters["organization_user"]) ? $queryParameters["organization_user"] : null, isset($queryParameters["user_push_id"]) ? $queryParameters["user_push_id"] : null, $auth["device_id"], $auth["response"] == "true");
return $response;
}
/**
* Create a white label user with the following identifier
*
* @param $identifier Unique and permanent identifier for the user in the white label application. This identifier
* will be used in all future communications regarding this user. As such, it cannot ever change.
*
* @return WhiteLabelUser
* @throws CommunicationError If there was an error communicating with the endpoint
* @throws InvalidCredentialsError If the credentials supplied to the endpoint were invalid
* @throws InvalidRequestError If the endpoint proclaims the request invalid
* @throws InvalidResponseError
*/
public function createWhiteLabelUser($identifier)
{
$requestData = array("app_key" => $this->appKey, "secret_key" => base64_encode($this->getEncryptedSecretKey()), "identifier" => $identifier);
$data = $this->sendRequest('/v1/users', 'POST', $requestData, array(), 'application/json');
$cipher = $this->cryptService->decryptRSA($data['response']["cipher"]);
$key = substr($cipher, 0, strlen($cipher) - 16);
$iv = substr($cipher, -16);
$userJsonData = $this->cryptService->decryptAES($data['response']["data"], $key, $iv);
try {
$userData = $this->jsonDecodeData($userJsonData);
} catch (InvalidResponseError $e) {
throw new InvalidResponseError("Response data is not valid JSON when decrypted", $e->getCode(), $e);
}
return new WhiteLabelUser($userData["qrcode"], $userData["code"]);
}
/**
* Create a white label user with the following identifier
*
* @param string $identifier Unique and permanent identifier for the user in the white label application. This identifier
* will be used in all future communications regarding this user. As such, it cannot ever change.
*
* @return WhiteLabelUser
* @throws CommunicationError If there was an error communicating with the endpoint
* @throws InvalidCredentialsError If the credentials supplied to the endpoint were invalid
* @throws InvalidRequestError If the endpoint proclaims the request invalid
* @throws InvalidResponseError If the encrypted data is not valid JSON
*/
public function createWhiteLabelUser($identifier)
{
$body = json_encode(array("app_key" => $this->appKey, "secret_key" => base64_encode($this->getEncryptedSecretKey()), "identifier" => $identifier));
$request = $this->guzzleClient->post("/v1/users")->setBody($body, "application/json");
$request->getQuery()->add("signature", $this->cryptService->sign($body));
$data = $this->sendRequest($request);
$cipher = $this->cryptService->decryptRSA($data["cipher"]);
$key = substr($cipher, 0, strlen($cipher) - 16);
$iv = substr($cipher, -16);
$userJsonData = $this->cryptService->decryptAES($data["data"], $key, $iv);
try {
$userData = $this->jsonDecodeData($userJsonData);
} catch (InvalidResponseError $e) {
throw new InvalidResponseError("Response data is not valid JSON when decrypted", $e->getCode(), $e);
}
return new WhiteLabelUser($userData["qrcode"], $userData["code"]);
}
public function testDecryptRSAPlainText()
{
$actual = $this->service->decryptRSA(base64_decode(static::BASE64_RSA_ENCRYPTED), false);
$this->assertEquals(static::UNENCRYPTED, $actual);
}
