Created
December 14, 2017 19:09
-
-
Save DeskWOW/ec962af768df36ba3874693cb010390f to your computer and use it in GitHub Desktop.
Desk.com Multipass SSO using OpenSSL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
$subdomain = 'YOUR DESK.COM SUBDOMAIN'; | |
$api_key = 'YOUR MULTIPASS API KEY'; | |
// Create the encryption key using a 16 byte SHA1 digest of your api key and subdomain | |
$salted = $api_key . $subdomain; | |
$digest = hash('sha1', $salted, true); | |
$key = substr($digest, 0, 16); | |
// Generate a random 16 byte IV | |
$iv = random_bytes(16); | |
// Build json data | |
$user_data = array( | |
'uid' => '123abc', | |
'customer_email' => '[email protected]', | |
'customer_name' => 'Test User', | |
'expires' => date("c", strtotime("+5 minutes")) | |
); | |
$data = json_encode($user_data); | |
// Encrypt data using AES128-cbc | |
$multipass = openssl_encrypt($data, 'AES-128-CBC', $key, OPENSSL_RAW_DATA, $iv); | |
// Prepend the IV to the encrypted data | |
// This will be extracted and used for decryption | |
$multipass = $iv . $multipass; | |
// Base64 encode the encrypted data | |
$multipass = base64_encode($multipass); | |
// Build an HMAC-SHA1 signature using the encoded string and your api key | |
$signature = hash_hmac("sha1", $multipass, $api_key, true); | |
// Base64 encode the signature | |
$signature = base64_encode($signature); | |
// Finally, URL encode the multipass and signature | |
$multipass = urlencode($multipass); | |
$signature = urlencode($signature); | |
print "multipass: " . $multipass . "\n"; | |
print "signature: " . $signature . "\n"; | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment