PHP

This example provides a very simple partner application template based on PHP. It helps you to understand the basic steps regarding application integration and how our authentication process works. It uses firebase/php-jwt for verifying/signing JWTs. Please note this example uses composer as its dependency manager:

composer require firebase/php-jwt

Setup

Your composer.json might look like this:

{
    "require": {
        "firebase/php-jwt": "^5.0"
    }
}

JWT signature verification

In order to verify our JWT's signature based on our stages you will need to download these public key files and put them beside your composer.json:

365FarmNet_Connect-API_public_key_development.pem

365FarmNet_Connect-API_public_key_production.pem

Code

Create a file index.php and put this code into it:

<?php
require __DIR__ . '/vendor/autoload.php';

use \Firebase\JWT\JWT;

$PROD_STAGES = array('https://connect.365farmnet.com', 'https://pp-connect.365farmnet.com');

// developer credentials
$partner_id = '5726c2cf-143b-4834-aa54-24a1c1516a48';
$partner_secret = 'trsL26xTtFXgPHBJE8n4ZrN6R7fWfLrK';

header('Content-Type: text/plain');

// Connect-Token JWT passed as query parameter 'jwt' into the iframe
$connect_token_jwt = $_REQUEST['jwt'];

if (!isset($connect_token_jwt)) {
  echo ('No JWT found within query parameters of the URL!');
  return;
}

list($header, $payload, $signature) = explode(".", $connect_token_jwt);

// get stage information from Connect-Token
$payload_preview = json_decode(base64_decode($payload), true);
$api_base = $payload_preview['fn-ext']['apiBase'];
$stage = in_array($api_base, $PROD_STAGES) ? 'production' : 'development';

if (!isset($api_base)) {
  echo ('JWT query parameter found, but it seems not to be a valid Connect-Token ("apiBase" not found)!');
  return;
}

// load public key based on stage
$public_key = file_get_contents('365FarmNet_Connect-API_public_key_' . $stage . '.pem');

// verify signature of Connect-Token
try {
  $decoded_jwt = JWT::decode($connect_token_jwt, $public_key, array('RS256'));
} catch (Exception $e) {
  echo ("Connect-Token validation failed:\n" . $e);
  return;
}

// print some content of Connect-Token
echo ('issuer: ' . $decoded_jwt->iss . ' authorized party: ' . $decoded_jwt->azp . "\n");

// create and sign Partner-Token JWT
$payload = array(
  'con' => $connect_token_jwt,
  'iss' => $partner_id
);
$header = array(
  'ver' => '0.1',
  'type' => 'partner'
);

$partner_token = JWT::encode($payload, $partner_secret, 'HS256', null, $header);

// call Connect-API (e.g. Company-API)
$url = $api_base . '/connect/v1/company';
$opts = [
  'http' => [
    'method' => 'GET',
    'header' => "Authorization: Bearer {$partner_token}\r\n"
  ]
];

try {

  $context = stream_context_create($opts);
  $contents = file_get_contents($url, false, $context);

  echo ('GET ' . $url . " ->\n" . $contents);
} catch (Exception $e) {
  echo ('GET ' . $url . " failed:\n" . $e);
}

Run

Open your terminal, install the dependencies and start the application using e.g. php -S 0.0.0.0:3000. This will spawn a server listening for calls on port 3000. You can open your browser, navigate to localhost:3000 and should see No JWT found within query parameters of the URL!.

Then navigate to our developer environment, register and set the URL to http://localhost:3000/ in our developer area. Since the example uses our developer credentials it should work out of the box and show your account information.