jwelmac / bit6-token-generator-php
Token generator for Bit6 external authentication
Requires
- firebase/php-jwt: ^3.0
- phpunit/phpunit: ^5.4
- vlucas/phpdotenv: ^2.2
Requires (Dev)
This package is not auto-updated.
Last update: 2024-05-11 18:18:26 UTC
README
A PHP package demonstrating the use of delegated authentication in Bit6.
Prerequisites
- Get the API Key and Secret at Bit6 Dashboard.
Install via Composer
To incorporate into your current project simply run:
$ composer.phar require bit6/bit6-token-generator-php
Generating Tokens
- Create token generator:
// Ideally pull variables by parsing ini file or from env $apiKey = 'API_KEY'; $apiSecret = 'API_SECRET'; // Create new TokenGenerator $bit6_tg = new Bit6\TokenGenerator($apiKey, $apiSecret);
-
Get identities from your app following internal authentication.
-
Generate token using one of the following options:
Option 1: Using a string to represent an identity URI
$identities = "mailto:user@test.com"; // Generate token $token = $bit6_tg->createToken($identities);
Option 2: Using an indexed array of identity URIs
$identities = array("usr:john123", "tel:12345678901"); // Generate token $token = $bit6_tg->createToken($identities);
Option 3: Using an associative array of options
$options = array( "identities" => array("usr:john123", "mailto:user@test.com"), "issued" => 1468709885, "expires" => 1468796285 ); // Generate token $token = $bit6_tg->createToken($options);
Create Token Options
The createToken method can be called with an associative array with the following keys:
identities(required) - A string or array of strings of identity URIs as shown below. When an array is used the first value becomes the primary identity.
| Protocol | Data (RegEx) | Type | Example |
|---|---|---|---|
| usr | /^[a-z0-9.]+$/ | User | usr:john123 |
| grp | /[0-9a-zA-Z._]{22}/ | Group ID | grp:9de82b5b_236d_40f6_b5a2 |
| mailto | /^[a-z0-9._%+-]+@[a-z0-9.-]+\.[a-z]{2,8}$/ | Email Address | mailto:test@user.com |
| tel | /^\+[1-9]{1}[0-9]{8,15}$/ | Telephone Number | tel:12345678901 |
| uid | /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/ | Unique ID | uid:9de82b5b-236d-40f6-b5a2-e16f5d09651d |
issued(optional) - The unix timestamp at which token was generated (default - current system time)expires(optional) - The unix timestamp at which the token will expire (default - 10 minutes from time of creation)
Authentication
Pass the token to browser using your preferred method eg. via JSON response, url or inline-script.
Authenticate user in javascript (after loading bit6.min.js) as shown below:
// Authenticate with external token b6.session.external(token, function(err) { if (err) { // Houston we have a problem! console.log('Token login error', err); } else { // Code to run post authentication console.log('Token login successful'); } }); </script>
Using example code
Running Locally
$ git clone git@github.com:bit6/bit6-token-generator-php.git
$ cd bit6-token-generator-php
$ composer update
Specify your Bit6 API key and secret using environment variables or a local .env config file. The file should contain two lines:
BIT6_API_KEY=abc
BIT6_API_SECRET=xyz
Start the application
$ php -S localhost:5000 -t example/ # Alternatively run: # heroku local
Your app should now be running on localhost:5000.
Deploying to Heroku
Make sure you have the Heroku Toolbelt installed.
$ heroku create $ git push heroku master
or
Set Bit6 API key and secret:
$ heroku config:set BIT6_API_KEY=abc $ heroku config:set BIT6_API_SECRET=xyz
Generating a Token
You would normally generate an external token by doing a POST from your app client to your application server. To simulate this using curl:
curl -X POST \
-H "Content-Type: application/json" \
-d '{"identities": ["usr:john","tel:+12123331234"]}' \
http://localhost:5000/auth.php
The response should be a JSON object:
{
"ext_token": "..."
}
Documentation
For more information about using PHP on Heroku, see these Dev Center articles: