2008-11-21 21:41:42 +00:00
|
|
|
<?php
|
|
|
|
require_once '../yubiphpbase/appinclude.php';
|
|
|
|
require_once '../yubiphpbase/yubi_lib.php';
|
|
|
|
require_once 'common.php';
|
2008-10-08 06:29:19 +00:00
|
|
|
|
|
|
|
$trace = true;
|
|
|
|
|
|
|
|
$act = getHttpVal('act', '');
|
2008-12-08 23:08:17 +00:00
|
|
|
$apiKey64 = getHttpVal('apikey', 'kNapft02c1a81N4MEMDcC/mgcGc=');
|
2008-10-08 06:29:19 +00:00
|
|
|
|
2008-11-21 21:41:42 +00:00
|
|
|
if ($act == 'sign_req') {
|
2008-12-08 23:08:17 +00:00
|
|
|
if ($apiKey64 == '') {
|
|
|
|
echo 'API key cannot be empty!';
|
|
|
|
exit;
|
|
|
|
} else {
|
|
|
|
echo '<h2>Sign the request</h2>';
|
|
|
|
}
|
|
|
|
|
|
|
|
$id = getHttpVal('id', 0);
|
|
|
|
if ($id < 1) {
|
|
|
|
echo 'Client id is missing!';
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
2008-11-21 21:41:42 +00:00
|
|
|
$otp = getHttpVal('otp', '');
|
|
|
|
$t = getHttpVal('t', '');
|
2008-12-08 23:08:17 +00:00
|
|
|
$apiKey = base64_decode($apiKey64);
|
2008-11-21 21:41:42 +00:00
|
|
|
|
|
|
|
$a['id'] = $id;
|
|
|
|
$a['otp'] = $otp;
|
|
|
|
|
|
|
|
if ($t != '') {
|
|
|
|
$a['t'] = $t;
|
|
|
|
}
|
2008-10-08 06:29:19 +00:00
|
|
|
|
2008-11-21 21:41:42 +00:00
|
|
|
$hmac = sign($a, $apiKey, true);
|
2008-10-08 06:29:19 +00:00
|
|
|
|
2008-11-21 21:41:42 +00:00
|
|
|
// echo '<a href=verify_debug.php?'.$qs.'&h='.urlencode($hmac).
|
|
|
|
// '>Test submit the request >> </a>';
|
2008-10-08 06:29:19 +00:00
|
|
|
|
2008-11-21 21:41:42 +00:00
|
|
|
} else if ($act == 'sign_resp') {
|
2008-12-08 23:08:17 +00:00
|
|
|
if ($apiKey64 == '') {
|
|
|
|
echo 'API key cannot be empty!';
|
|
|
|
exit;
|
|
|
|
} else {
|
|
|
|
echo '<h2>Sign the response</h2>';
|
|
|
|
}
|
2008-11-21 21:41:42 +00:00
|
|
|
$status = getHttpVal('status', '');
|
|
|
|
$t = getHttpVal('t', '');
|
|
|
|
$info = getHttpVal('info', '');
|
2008-12-08 23:08:17 +00:00
|
|
|
$apiKey = base64_decode($apiKey64);
|
2008-11-21 21:41:42 +00:00
|
|
|
|
|
|
|
$a['status'] = $status;
|
|
|
|
$a['t'] = $t;
|
|
|
|
|
|
|
|
if ($info != '') {
|
|
|
|
$a['info'] = $info;
|
|
|
|
}
|
|
|
|
|
|
|
|
$hmac = sign($a, $apiKey, true);
|
2008-10-08 06:29:19 +00:00
|
|
|
}
|
|
|
|
|
2008-11-21 21:41:42 +00:00
|
|
|
echo '<hr><table><tr><td valign=top><h3>Generate a request signature</h3>'.
|
|
|
|
'<form action=sign_demo.php method=post>' .
|
|
|
|
'<input name=act value=sign_req type=hidden>' .
|
|
|
|
'api key: (use your api key issued to you by Yubico in b64 format): ' .
|
2008-12-08 23:08:17 +00:00
|
|
|
'<input name=apikey size=45 maxlength=100 value="'.$apiKey64.'"><p>' .
|
2008-11-21 21:41:42 +00:00
|
|
|
'id (your client id): <input name=id size=5 maxlength=10><p>' .
|
|
|
|
'otp: <input name=otp size=45 maxlength=100><p>' .
|
|
|
|
'<input type=submit value="Test sign the request">' .
|
|
|
|
'</form>'.
|
|
|
|
'</td>';
|
|
|
|
|
|
|
|
echo '<td valign=top><h3>Generate a response signature</h3>'.
|
|
|
|
'<form action=sign_demo.php method=post>' .
|
|
|
|
'<input name=act value=sign_resp type=hidden>' .
|
|
|
|
'api key: (put your api key here in b64 format): ' .
|
2008-12-08 23:08:17 +00:00
|
|
|
'<input name=apikey size=45 maxlength=100 value="'.$apiKey64.'"><p>' .
|
2008-12-08 23:14:09 +00:00
|
|
|
'Status: <select name=status>'.
|
|
|
|
'<option value='.S_OK.'>OK'.
|
|
|
|
'<option value='.S_BAD_OTP.'>BAD_OTP'.
|
|
|
|
'<option value='.S_BAD_CLIENT.'>BAD_CLIENT'.
|
|
|
|
'<option value='.S_REPLAYED_OTP.'>REPLAYED_OTP'.
|
|
|
|
'<option value='.S_BAD_SIGNATURE.'>BAD_SIGNATURE'.
|
|
|
|
'<option value='.S_MISSING_PARAMETER.'>MISSING_PARAMETER'.
|
|
|
|
'<option value='.S_OPERATION_NOT_ALLOWED.'>OPERATION_NOT_ALLOWED'.
|
|
|
|
'<option value='.S_BACKEND_ERROR.'>BACKEND_ERROR'.
|
|
|
|
'</select><p>'.
|
2008-11-21 21:41:42 +00:00
|
|
|
'Time stamp: <input name=t size=45 maxlength=100 value='.getUTCTimeStamp().'><p>' .
|
|
|
|
'info: <input name=info size=45 maxlength=100><p>' .
|
|
|
|
'<input type=submit value="Test sign the response">' .
|
|
|
|
'</form>'.
|
|
|
|
'</td></tr></table>';
|
2008-10-08 06:29:19 +00:00
|
|
|
|
|
|
|
?>
|