Sign In
Maciej ("Ski") Skierkowski's Blog
Translate This Page
Translate this page
Powered by
Microsoft® Translator
Options
Blog Home
Email Blog Author
Share this
RSS for posts
Atom
RSS for comments
Search
Advanced search options...
Search In:
Everything
Blogs
Forums
People
Groups
Places
Pages
Date range:
All Time
Last Year
Last 6 Months
Last 3 Months
Last Month
Last Week
Last Two Days
Tags
No tags have been created or used yet.
Archive
Archives
December 2010
(1)
September 2010
(2)
February 2010
(2)
November 2009
(4)
April 2007
(1)
June 2006
(2)
Requesting a Token from Access Control Service in PHP
MSDN Blogs
>
Maciej ("Ski") Skierkowski's Blog
>
Requesting a Token from Access Control Service in PHP
Requesting a Token from Access Control Service in PHP
skierkow
5 Nov 2009 9:05 PM
Comments
0
[UPDATE 2/11: Updated to use new STS V0.9 instead of V0.8]
Following demonstrates requesting a token from the .NET Services Access Control Services using a Shared Secret and another using a Simple Web Token.
<?php
$stsUrl="https://[service namespace].accesscontrol.windows.net/WRAPv0.9/";
$rpUrl="[scope applies_to]";
$issuerKey="[issuer key]";
$issuerName="[issuer name]";
$claims = array("sample_in_claim_type"=>"sample_in_claim_value");
echo("<b>Shared Secret</b>: " . GetTokenBySharedSecret($stsUrl,$claims,$issuerName,$issuerKey,$rpUrl) . "<br/>");
echo("<b>Simple Web Token</b>: " . GetTokenBySimpleWebToken($stsUrl,$claims,$issuerName,$issuerKey,$rpUrl) . "<br/>");
function GetTokenBySharedSecret($stsUrl, $claimSet, $issuerName, $issuerKey, $rpUrl)
{
$claimSet["wrap_name"]=$issuerName;
$claimSet["wrap_password"]=$issuerKey;
$claimSet["wrap_scope"]=$rpUrl;
$stringResponse = MakeSTSRequest($claimSet,$stsUrl);
return ExtractTokenFromResponse($stringResponse);
}
function GetTokenBySimpleWebToken($stsUrl, $claimSet, $issuerName, $issuerKey, $rpUrl)
{
$claimSet["Issuer"]=$issuerName;
$claimSet["Audience"]=$stsUrl;
$claimSet["HMACSHA256"]=CreateSignature($claimSet,$issuerKey);
$requestSet=array();
$requestSet["wrap_assertion"]=http_build_query($claimSet);
$requestSet["wrap_assertion_format"]="SWT";
$requestSet["wrap_scope"]=$rpUrl;
$stringResponse = MakeSTSRequest($requestSet,$stsUrl);
return ExtractTokenFromResponse($stringResponse);
}
function MakeSTSRequest($claimSet, $stsUrl)
{
// encode the claimset
$tokenRequestBody=http_build_query($claimSet);
// make the request to the STS
$options = array(
"http"=>array(
"method"=>"POST",
"header"=>"Content-Type: application/x-www-form-urlencoded",
"content"=>$tokenRequestBody));
$context=stream_context_create($options);
$fp = fopen($stsUrl,'r',false,$context);
// capture the response into a string
return stream_get_contents($fp);
}
function ExtractTokenFromResponse($stringResponse)
{
parse_str($stringResponse,$Values);
return $Values["wrap_token"];
}
function CreateSignature($claimSet, $key)
{
$hmacFreeClaimSet=http_build_query($claimSet);
$key64Encoded=base64_decode($key);
return base64_encode(hash_hmac("sha256",$hmacFreeClaimSet,$key64Encoded,true));
}
?>
0 Comments
Blog - Comment List MSDN TechNet
Comments
Loading...
Leave a Comment
Name
Comment
Please add 1 and 1 and type the answer here:
Post