How to protect a document calling the Prot-On Rest API with PHP

You can call the document protection service using Basic (username and password) or Bearer (OAuth access token). Anyway you should send your client credentials too.

If you want to call the service using bearer authentication, first of all, you have to implement an OAuth authentication system, in order to get an OAuth access token. Please visit OAuth Authentication Example to know more.

Protect Service Demo

<?php

namespace ProtOn\Demos;

use ProtOn\Utils\BearerPest;

class ApiProtectPHPDemo {
	
	const PROTON_REST_API = 'https://dnd.prot-on.com/rest-api/api';
	const SERVICE_URL = '/documents/encrypt';
	
	/**
	 * Protects a document
	 * @param  string $token
	 * @param  file $file
	 * @param  string $algorithm
	 * @param  boolean $return_url
	 * @return  Ambigous 
	 */
	public function protectDocument($token, $file, $algorithm, $return_url){
		
		$response = NULL;
		
		$httpHeaders = array('Content-Type' => 'multipart/form-data; charset=utf-8');
		$data = array('file' => $this->getCurlFile($file->getRealPath()), 'algorithm'=>$algorithm, 'return_url'=>$return_url);
		
		$pest = new BearerPest(self::PROTON_REST_API);
		$pest->setupAuth($token, '', 'bearer');
		try {
			$body = $pest->post(self::SERVICE_URL, $data, $httpHeaders);
			$response = $body;
		} catch (Pest_Exception $e) {
			$response = $e->getMessage();
		}
		
		return $response;
		
	}
	
	/**
	 * Builds the appropiate $curlFile data type depending
	 * on the installed PHP version
	 * @param  string $filePath
	 * @return  Ambigous 
	 */
	function getCurlFile($filePath){
		
		if(version_compare(PHP_VERSION, '5.5.0') >= 0){
			$curlFile = new \CURLFile($filePath, '', '');
		} else {
			$curlFile = "@".$filePath;
		}
		
		return $curlFile;
		
	}
	
}
?>
			

BearerPest Wrapper Code

BearerPest is a wrapper class that adds the Bearer authentication to Pest class, which is an external library in this example that allows to create an OAuth client.

You can get Pest class from its Github project, here, or use your own.

<?php
namespace ProtOn\Utils;

use ProtOn\Utils\Pest;

class BearerPest extends Pest {

	protected $bearerHeader;
	
	public function setupAuth($user, $pass, $auth = 'basic'){
		if ($auth == 'bearer') {
			$this->bearerHeader = 'Authorization: Bearer ' . $user;
		} else {
			parent::setupAuth($user, $pass, $auth);
		}
	}
	
	public function prepData($data) {
		if (is_array ( $data )) {
			$multipart = false;
			
			foreach ( $data as $item ) {
				if (is_string ( $item ) && strncmp ( $item, "@", 1 ) == 0 && is_file ( substr ( $item, 1 ) )) {
					$multipart = true;
					break;
				} elseif ($item instanceof \CURLFile) {
					$multipart = true;
					break;
				}
			}
			
			return ($multipart) ? $data : http_build_query ( $data );
		} else {
			return $data;
		}
	}
	
	protected function prepHeaders($headers) {
		$headers = parent::prepHeaders($headers);
		if (!empty($this->bearerHeader)) {
			$headers[] = $this->bearerHeader;
		}
		return $headers;
	}

}

?>
			

Protect Demo Controller

Now, you can create a Controller that calls the Protect Service and provide it with the necessary access token, file to protect and data.


<?php

namespace ProtOn\Demos\Controllers;

use ProtOn\Demos\OAuthPHP;
use ProtOn\Demos\ApiProtectPHPDemo;
use ProtOn\Utils\Constants;

class ProtectDemoController extends Controller {
	
	/**
	 * Receives inputs from a form
	 */
	public function postApiProtectDemo(){
		
		$demo = new ApiProtectPHPDemo();
		
		$client_id =     $_POST['client_id'];
		$client_secret = $_POST['client_secret'];
		$postFile =      $_POST['document'];
		
		/*
		 * This is an example. You have to get your stored token from session,
		 * database or by calling your own oauth authentication service.
		 * Please check http://developers.prot-on.com/php-examples/oauth
		 * if you want to know how to implement an OAuth authentication system
		 */
		$access_token = $_SESSION['access_token'];
		
		$algorithm = 'AES256';
		
		try{
			if($access_token!=NULL){
				$response = $demo->protectDocument($access_token, $file, $algorithm, true);
			} else {
				throw new \Exception('Invalid authentication');
			}
		} catch (\Exception $e){
			$response['error'] = 400;
			$response['error_description'] = $e->getMessage();
		}
		
		return self::getApiProtectResult($response);
	
	}
	
	public function getApiProtectResult($response){
		
		return "Your result view";
	
	}
	
}
>?