QR Code Authentication API
Authentication function that verify username and QR. User has to request a QR code before call this function. You have to convert the QR code value to a QR and display on the screen to let user scans it.
Below is the URL to access the API functions:
POST /v2/CentagateWS/webresources/auth/authQrCodeParameters
| No | Parameter | Occurence | Descriptions |
|---|---|---|---|
| 1 | username | required | Register Username in CENTAGATE Cloud |
| 2 | devAccId | Required | Device that registered with the user |
| 3 | tokenId | Optional | Token Id registered with the device |
| 4 | OtpType | Required | The OTP type |
| 5 | otp | Required | OTP generate after scan Qr Code using CENTAGATE Cloud App in offline mode |
| 6 | challenge | required | The OTP challenge in response object |
| 7 | details | Required | The transaction information based on requested QR code encoded using Base64. Format: - Alternatively, the information is returned as plainText during QR code request. |
| 8 | AuthToken | Required | The previous generated Auth Token during request Qr Code |
| 9 | unixTimeStamp | Required | Current Time in UnixTimestamp |
| 10 | supportFido | Required | FIDO Authentication Option, Pass True To Enable And False To Disable. Or Leave It Empty |
| 11 | ipAddress | Optional | The IP address from where the authentication request is originated |
| 12 | browserFp | Optional | Browser Fingerprint |
| 13 | userAgent | Optional | Platform Information of Authentication Request is Made of |
| 14 | hmac | Required | Hmac Generated From Combination (username + devAccId + otp + challenge + details + integrationKey + unixTimeStamp + authToken + supportFido + ipAddress + browserFp + userAgent) Using Secretkey (Can Be Obtained From The App Page) As The Key |
Sample Code
As in below there are some examples of source code of access the API functions:
Java
public static void main(String[] args) {
ClientConfig config = new DefaultClientConfig ();
Client client = Client.create ( config );
WebResource service = client.resource ("https://<domain_name>/v2/CentagateWS/webresources");
Gson gson = new Gson();
String hmac = convertHmacSha256("secretkey","username" + "devAccId" + "otp" + "challenge" + "details" + "authToken" + "integrationKey" + "unixTimestamp" + "supportFido" + "ipAddress" + "userAgent" + "browserFp");
HashMap<String, String> map = new HashMap<String, String>();
map.put("username", "username");
map.put("devAccId", "devAccId");
map.put("tokenId", "tokenId");
map.put("OtpType", "online");
map.put("otp", "otp");
map.put("challenge", "challenge");
map.put("details", "details");
map.put("authToken", "authToken");
map.put("integrationKey", "integrationKey");
map.put("unixTimestamp", "unixTimeStamp");
map.put("ipAddress", "ipAddress");
map.put("userAgent", "userAgent");
map.put("browserFp", "browserFp");
map.put("supportFido", "");
map.put("hmac", hmac);
ClientResponse response = service.path ("auth").path("authQrCode").accept(MediaType.APPLICATION_JSON).post(ClientResponse.class, gson.toJson(map));
String retJson = response.getEntity(String.class);
HashMap<String, Object> returnData = (HashMap<String, Object>) gson.fromJson(retJson, HashMap.class);
String code = returnData.get("code").toString();
String message = returnData.get("message").toString();
String object = returnData.get("object").toString();
}
public static String convertHmacSha256(String secretKey, String params) throws NoSuchAlgorithmException,
InvalidKeyException,IllegalStateException, SignatureException, NoSuchProviderException, Exception
{
try
{
final SecretKeySpec secret_key = new SecretKeySpec ( StringUtils.getBytesUtf8 ( secretKey ) , "HmacSHA256" );
final Mac mac = Mac.getInstance ( "HmacSHA256" );
mac.init ( secret_key );
final byte[] bytes = mac.doFinal ( StringUtils.getBytesUtf8 ( params ) );
return Hex.encodeHexString ( bytes );
}
catch ( NoSuchAlgorithmException e )
{
throw new NoSuchAlgorithmException ( e );
}
catch ( InvalidKeyException e )
{
throw new InvalidKeyException ( e );
}
catch ( IllegalStateException e )
{
throw new IllegalStateException ( e );
}
catch ( Exception e )
{
throw new Exception ( e );
}
}Node Js
const https = require('https')
var crypto = require('crypto');
var username = '<username>';
var devAccId = '<devAccId>';
var tokenId = '<tokenId>';
var OtpType = 'online';
var otp = '<otp>';
var challenge = '<challenge>';
var details = '<details>';
var integrationKey = '<integration key>';
var time = Math.round((new Date()).getTime() / 1000);
var unixTimestamp = time.toString();
var authToken = "<authToken>";
var supportFido = "<supportFido>";
var ipAddress = "<ipAddress>";
var userAgent = "<userAgent>";
var browserFp = "<browserFp>";
var secretKey = '<secret key>';
var hmacText = username + devAccId + otp + challenge + details + authToken + integrationKey + unixTimestamp + supportFido + ipAddress + userAgent + browserFp;
var hash, hmac;
/* generate hmac value*/
hmac = crypto.createHmac(sha256, secretKey);
hmac.write(hmacText);
hmac.end();
hash = hmac.read().toString('hex');
const data = JSON.stringify({
username: username,
devAccId: devAccId,
tokenId : tokenId,
OtpType : OtpType,
otp: otp,
challenge: challenge,
details: details,
authToken: authToken,
integrationKey: integrationKey,
unixTimestamp: unixTimestamp,
ipAddress: ipAddress,
supportFido: supportFido,
userAgent: userAgent,
browserFp: browserFp,
hmac: hash
})
const options = {
hostname: "<domain_name>",
port: 443,
path:'/v2/CentagateWS/webresources/auth/authQrCode',
method: 'POST',
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
}
}
const req = https.request(options, res =>{
console.log(`HTTP Status Code: ${res.statusCode}`)
var body = '';
res.on('data', function(d){
body += d;
var parsed = JSON.parse(body);
if (parsed.code == 0){
console.log('Authentication Succeed');
console.log('Response:');
console.log(body);
}
else {
console.log('Authentication Fail, ' +'Message:' + parsed.message);
console.log('Code:' + parsed.code);
}
})
})
req.on('ERROR', error => {
console.error(error)
})
req.write(data)
req.end()PHP
<?php
$url = 'https://<domain_name>/v2/CentagateWS/webresources/auth/authQrCode';
$ch = curl_init($url);
$secretKey = "<secretkey>";
$username ="<username>";
$devAccId = "<devAccId>";
$tokenId = "<token_Id>";
$OtpType = "online";
$otp = "<otp>";
$challenge = "<challenge>";
$details = "<details>";
$integrationKey = "<integrationkey>";
$time = time(); // get current timestamp
$unixTimestamp = strval($time); //convert timestamp to String
$authToken = "<authToken>";
$supportFido = "<supportFido>";
$ipAddress = "<ipAddress>";
$userAgent = "<userAgent>";
$browserFp = "<browserFp>";
$hmac_text = $username.$devAccId.$otp.$challenge.$details.$authToken.$integrationKey.$unixTimestamp.$supportFido.$ipAddress.$userAgent.$browserFp;
$hmac = hash_hmac('sha256', $hmac_text, $secretKey); // calculate hmac value
$jsonData = array (
'username'=> $username,
'devAccId'=> $devAccId,
'tokenId' => $tokenId,
'OtpType' => $OtpType,
'otp'=> $otp,
'challenge'=> $challenge,
'details'=> $details,
'authToken'=> $authToken,
'integrationKey'=> $integrationKey,
'unixTimestamp'=> $unixTimestamp,
'supportFido'=> $supportFido,
'ipAddress'=> $ipAddress,
'userAgent'=> $userAgent,
'browserFp'=> $browserFp,
'hmac' => $hmac
);
$jsonDataEncoded = json_encode($jsonData);
curl_setopt($ch, CURLOPT_POST,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $jsonDataEncoded);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Accept: application/json','Content-Type: application/json'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$result = curl_exec($ch);
$obj = json_decode($result);
if ($obj->{'code'} != 0){
print "Authentication fail";
print "Message: ".$obj->{'message'};
echo " <br>";
print "Code: ".$obj->{'code'};
}
else {
print "Authentication succeed";
echo " <br>";
print "Message: ".$obj->{'message'};
echo " <br>";
print "Code: ".$obj->{'code'};
echo " <br>";
print "Result:" ;
echo " <br>";
print $result;
}
curl_close($ch);
?>