Inkdit Class

inkdit.php

<?php
/*

// Ussage:

// documentation of this process and these example values are taken from
// https://inkdit.desk.com/customer/portal/articles/685178

require 'inkdit.php';

$inkdit = new inkdit();

// == URL generation
$offer_url    = "https://inkdit.com/ofr/x0123456789abcdef";
$private_key  = "cab005e";
$query_string = "redirect=http://example.net/contract-signed&inputs[contract-input-1]=St.%20Louis&[email protected]";

$code = $inkdit->validation_code($private_key, $query_string);

assert("'$code' == '68b56b6044f0ea95aff6b06112c32ae9caabed80'");

$url = $inkdit->_offer_url($offer_url, $private_key, $query_string);

assert("'$url' == '$offer_url/$code?$query_string'");

// == Response verification
$query_string = 'contract_id=x1234&signed_at=2012-08-14T00:00:00Z&confirmation=a508066c2b02d95e9e67521c7baf6587a975d154';

$result = $inkdit->verify_signing($query_string, $private_key);

assert($result);

assert($result['contract_id']  == 'x1234');
assert($result['contract_url'] == 'https://inkdit.com/c/x1234');
assert($result['signed_at']    == '2012-08-14T00:00:00Z');

print "If no warnings were printed then we succeeded :)\n";
*/

class inkdit {
	
	/*
	    offer_url: constructs a URL that a user can visit to sign an offer
	    with some prefilled information.

	    $user_opts is an array that can contain the keys:
	      redirect
	      email
	      first_name
	      last_name

	    $inputs is an array that can contains a key for each input field in the
	    contract.

	    See https://inkdit.desk.com/customer/portal/articles/685178 for a
	    description of these options.

	  offer_url($offer_url,
	    $private_key,
	    array('email' => '[email protected]', 'redirect' => 'http://example.org/'),
	    array('contract-input-1' => 'St. Louis'));
	 */
	public function offer_url($offer_url, $private_key, $user_opts, $inputs) {
	  $opts = $user_opts;
	  $opts['inputs'] = $inputs;
	  $query_string = http_build_query($opts, '', '&');
  
	  return _offer_url($offer_url, $private_key, $query_string);
	}


	/*
	    verify_signing: verifies that the result parameters returned in the
	    redirect are genuine.

	  $query_string = $_SERVER['QUERY_STRING'];
	  $result = verify_signing($query_string, $private_key);

	  // ensure that the signing was created recently (PHP 5.3+)
	  $t = DateTime::createFromFormat(DateTime::ISO8601, $result['signed_at']);
	  if((time() - $t->getTimeStamp()) > 300)
	    throw new Exception('This signing was created more than 5 minutes ago!');

	 */
	public function verify_signing($query_string, $private_key) {
	  $pieces = explode('&confirmation=', $query_string, 2);

	  $data            = $pieces[0];
	  $validation_code = $pieces[1];

	  if($this->validation_code($private_key, $data) != $validation_code)
	    return;

	  parse_str($query_string, $params);

	  $contract_url = 'https://inkdit.com/c/' . $params['contract_id'];

	  return array(
	                'contract_id'  => $params['contract_id'],
	                'contract_url' => $contract_url,
	                'signed_at'    => $params['signed_at']
	              );
	}


	public function validation_code($private_key, $query_string) {
	  return hash_hmac('sha1', $query_string, $private_key);
	}


	public function _offer_url($offer_url, $private_key, $query_string) {
	  $validation_code = $this->validation_code($private_key, $query_string);
	  return $offer_url . "/" . $validation_code . "?" . $query_string;
	}


	public function build_query($user_opts, $inputs) {
	  $opts = $user_opts;
	  $opts['inputs'] = $inputs;
	  return http_build_query($opts, '', '&');
	}
}
?>