Download the PHP package securibox/cloudagents without Composer

cloudagents-php

A PHP client library for the Securibox Cloud Agents API

Install Package

Securibox Cloud Agent PHP wrapper is installed via Composer. Simply run the following command:

Alternative: Install package from zip

If you are not using Composer, simply download and install the latest packaged release of the library as a zip.

Authentication

In order to secure the Securibox Cloud Agents API, three mechanisms have been implemented. Here is a brief overview of the three mechanisms as well as code snippets to help you integrate the correct mechanism in order to call the APIs.

Basic API Authentication w/ TLS

Basic API authentication is the easiest of the three to implement offering the lowest security options of the common protocols. This mechanism is usually advised for testing purposes in order to test the APIs and only requires Securibox to provide a username and password.

SSL Client Certificate Authentication

The SSL client certification is a mechanism allowing your application to authenticate itself with the Securibox Cloud Agents (SCA) servers. In this case, your application will send its SSL certificate after verifing the SCA server identity. Then, the client and server use both certificates to generate a unique key used to sign requests sent between them.

This kind of authentication is implemented when the customer call your servers that will then call the Securibox Cloud Agents API.

In order to use this type of authentication, Securibox will provide a PEM certificate file containing a passphrase protected private key and a public key.

JSON Web Token Authentication

JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a public/private key pair using RS256 (RSA PKCS#1 signature with SHA-256).

This kind of authentication is implemented when the customer calls directly the Securibox Cloud Agents API together with cross-origin resource sharing (CORS).

In order to use this type of authentication, Securibox will provide a passphrase protected RSA private key in PEM file (.pem).

Getting started

The following is the minimum needed code to list all agent details and fields:

The following code is the minimum code needed to configure an agents and launch a synchronization:

Webview url

In order to use the webview and avoid having to implement the APIs to list and configure accounts, a webview has been developped. In this webview, a customer can:

• Browse and search all agents
• Have quick access to predefined favorite agents
• List the configured agents
• Configure, modify or delete an agent account
• See the list of synchronizations for each account

To use the webview, activate it in the CloudAgents backoffice and use the provided PEM private key to sign the token.

The webview accepts the following url arguments:

• token: json web token signed with the PEM certificate
• callback: url where the user is sent on logging out _{^{(ex: https://www.myapp.com - if a state has been provided: https://www.myapp.com?state={state})}}
• lang ^optional: culture to display the page - By default, in fr-FR

Example:

For examples in php to generate the token, please refer to the test.

License

GNU GPL