Created
November 18, 2014 19:43
-
-
Save tstachl/40de9a607253466f4722 to your computer and use it in GitHub Desktop.
A desk.com multipass example written in perl.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/perl -w | |
| use Digest::SHA qw( sha1 hmac_sha1 ); | |
| use Crypt::Random qw( makerandom_octet ); | |
| use DateTime; | |
| use JSON; | |
| use Crypt::CBC; | |
| use Digest::HMAC; | |
| use URL::Encode qw( url_encode_utf8 ); | |
| use MIME::Base64::Perl; | |
| my $site_key = 'mysite'; | |
| my $api_key = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'; | |
| print "== Generating ==\n"; | |
| print " Create the encryption key using a 16 byte SHA1 digest of your api key and subdomain\n"; | |
| my $salted = $api_key . $site_key; | |
| my $key = substr( sha1( $salted ), 0, 16 ); | |
| print " Generate a random 16 byte IV\n"; | |
| my $iv = substr( sha1( makerandom_octet( Length => 16, Strength => 1 ) ), 0, 16 ); | |
| print " Build json data\n"; | |
| my $expires = DateTime->now()->add( minutes => 5 ); | |
| my %user_data = ( | |
| 'uid' => '19238333', | |
| 'expires' => "$expires", | |
| 'customer_email' => 'john@example.com', | |
| 'customer_name' => 'John' | |
| ); | |
| my $data = encode_json( \%user_data ); | |
| print " Data: $data\n"; | |
| print " Encrypt data using AES128-cbc\n"; | |
| my $cipher = Crypt::CBC->new( | |
| -key => $key, | |
| -iv => $iv, | |
| -cipher => 'Crypt::Rijndael', | |
| -header => 'none', | |
| -literal_key => 1, | |
| -keysize => 16 | |
| ); | |
| my $encrypted = $cipher->encrypt( $data ); | |
| print " Prepend the IV to the encrypted data\n"; | |
| $encrypted = $iv . $encrypted; | |
| print " Base64 encode the encrypted data\n"; | |
| my $multipass = encode_base64( $encrypted ); | |
| print " Build an HMAC-SHA1 signature using the encoded string and your api key\n"; | |
| my $digest = hmac_sha1( $multipass, $api_key ); | |
| my $signature = encode_base64( $digest ); | |
| print " Finally, URL encode the multipass and signature\n"; | |
| my $multipass_string = url_encode_utf8( $multipass ); | |
| my $signature_string = url_encode_utf8( $signature ); | |
| print "== Finished ==\n"; | |
| print "URL: https://$site_key.desk.com/customer/authentication/multipass/callback?multipass=$multipass_string&signature=$signature_string\n" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment