Authentication and Roles PHP Sample Code

This page contains PHP sample code for the following tasks:

For specific information regarding each task, including excerpts from the PHP code below, click on the task.

• Authenticate User
• Logout Authenticated User
• Get Active Roles
• Get Assumable Roles
• Is In Role
• Activate Role
• Release Role

Following is the PHP sample code:

<?php
//FUNCTIONS
function showAssumableRoles($Host, $secret, $URI){
	//Get the xml that contains the assumable roles
	$getHeader = 
	"GET $URI/AssumableRoles HTTP/1.1\n".
	"Host: $Host\n".
        (($secret) ? ("SessionSecret: " . $secret . "\n") : "") .
	"Connection: Close\n\n";
	$socket = fsockopen($Host, 80);
	fputs($socket, $getHeader);
	$content = "";
	while (!feof($socket)) 
	{
		$tmp = fgets($socket, 128);
		if(strpos($tmp, ">"))
		{
			$content .= $tmp;
		}
	}
	//Load the assumable roles xml
	$responseDoc = new DOMDocument();
	if ($responseDoc->loadXML( $content) == FALSE)
	{
		echo ERROR;
		return(null);
	}
	$sessionElement = $responseDoc->documentElement;
	//Parse each node
	$childNode = $sessionElement->firstChild;
	while ($childNode)
	{
		if ($childNode->nodeName != "otis:RoleList")
		{
			$childNode = $childNode->nextSibling;
		}
		else
		{
			$roleElement = $childNode->firstChild;
			while ($roleElement)
			{
				//If the node is a role, parse it
				if ($roleElement->nodeName == "otis:Role")
				{
					$strRoleID = null;
					$role = array();
					
					$propertyElement = $roleElement->firstChild;
					while ($propertyElement)
					{
						$strPropertyName = $propertyElement->nodeName;
						$propertyValue = array();
						switch ($strPropertyName)
						{
							//If the node  is "RoleID", print out whether it is active
							case "otis:RoleID":
								$propertyValue = $propertyElement->nodeValue;
								$strRoleID = $propertyValue;
								echo $strRoleID. "\n";
								//See if the role is active
								$role = $propertyElement->getAttribute( "isInRole");
								if($role == "true") echo "--Active\n";
								break;
							default:
								break;
						}
						$propertyElement = $propertyElement->nextSibling;
					}
				}
				$roleElement = $roleElement->nextSibling;
			}
			return( null);
		}
	}
}
function showActiveRoles($Host, $secret, $URI){
	//Get the xml that contains the assumable roles
	$getHeader = 
	"GET $URI/ActiveRoles HTTP/1.1\n".
	"Host: $Host\n".
        (($secret) ? ("SessionSecret: " . $secret . "\n") : "") .
	"Connection: Close\n\n";
	$socket = fsockopen($Host, 80);
	fputs($socket, $getHeader);
	$content = "";
	while (!feof($socket)) 
	{
		$tmp = fgets($socket, 128);
		if(strpos($tmp, ">"))
		{
			$content .= $tmp;
		}
	}
	//Load the assumable roles xml
	$responseDoc = new DOMDocument();
	if ($responseDoc->loadXML( $content) == FALSE)
	{
		echo ERROR;
	}
	$sessionElement = $responseDoc->documentElement;
	$childNode = $sessionElement->firstChild;
	//Parse each node
	while ($childNode)
	{
		if ($childNode->nodeName != "otis:RoleList")
		{
			$childNode = $childNode->nextSibling;
		}
		else
		{
			$roleElement = $childNode->firstChild;
			while ($roleElement)
			{
				//If the node is a role, parse it
				if ($roleElement->nodeName == "otis:Role")
				{
					$strRoleID = null;
					$role = array();
					
					$propertyElement = $roleElement->firstChild;
					while ($propertyElement)
					{
						$strPropertyName = $propertyElement->nodeName;
						$propertyValue = array();
						switch ($strPropertyName)
						{
							//If the node  is "RoleID" print out its name
							case "otis:RoleID":
								$propertyValue = $propertyElement->nodeValue;
								$strRoleID = $propertyValue;
								echo $strRoleID. "\n";
								break;
							default:
								break;
						}
						$propertyElement = $propertyElement->nextSibling;
					}
				}
				$roleElement = $roleElement->nextSibling;
			}
			return( null);
		}
	}
}

//CODE BEGINS HERE
$xml = '<otis:Authenticate xmlns:otis="http://code.bandit-project.org/schemas/2008/otis" ' .
                 'methodID="urn:bandit-project:otis:authmethod:1.0:usernamePassword">' .
          '<otis:AuthMaterial materialID="urn:bandit-project:otis:authmaterial:1.0:usernamePassword" mustGatherAllChildren="true">' .
             '<otis:AuthChildMaterials>' .
                '<otis:AuthMaterial materialID="urn:bandit-project:otis:authmaterial:1.0:username">' .
                   '<otis:AuthMaterialValue Type="string">otisTest</otis:AuthMaterialValue>' .
                '</otis:AuthMaterial>' .
                '<otis:AuthMaterial materialID="urn:bandit-project:otis:authmaterial:1.0:password">' .
                   '<otis:AuthMaterialValue Type="string">otisTest</otis:AuthMaterialValue>' .
                '</otis:AuthMaterial>' .
             '</otis:AuthChildMaterials>' .
          '</otis:AuthMaterial>' .
       '</otis:Authenticate>';

$length = strlen($xml);
$Host = "wag.bandit-project.org";

// Generate the request header using an xml 
$ReqHeader =
"POST /otis/AuthenticatedSession HTTP/1.1\n".
"Host: $Host\n".
"Content-Type: application/x-www-form-urlencoded\n".
"Content-Length: $length\n".
"Connection: Close\n\n".
"$xml\n";

// Open the connection to the host
$socket = fsockopen("wag.bandit-project.org", 80);

// Do the POST; store in "Result"
fputs($socket, $ReqHeader);
while (!feof($socket)) 
{
	$tmp = fgets($socket, 128);
	if(strpos($tmp, ">"))
	{
		$Result .= $tmp;
	}
}

// Parse the resulting xml to find the session URL
$responseDoc = new DOMDocument();
$responseDoc->preserveWhiteSpace = false;	
if ($responseDoc->loadXML( $Result) == FALSE)
{
	echo ERROR1;
}
$sessionElement = $responseDoc->documentElement;
$strSessionSecret = null;
$childNode = $sessionElement->firstChild;
while ($childNode)
{
	switch ( $childNode->nodeName)
	{
		case "otis:sessionURL":
			$strSessionURL = $childNode->nodeValue;   //set URL here
			break;
		case "otis:sessionSecret":
			$strSessionSecret = $childNode->nodeValue;   //set session secret here
			break;
		default:
			break;
	}
	$childNode = $childNode->nextSibling;
}
fclose($socket);

//Print out URLs
$strSessionURL = ereg_replace("^http://", "", $strSessionURL);
echo "Host is: " . $Host . "\n";
$URI = strstr($strSessionURL, "/");
echo "URI is: " . $URI . "\n";

//show active roles
echo "\nAssumableRoles: \n";
showAssumableRoles($Host, $strSessionSecret, $URI);
echo "\nActive roles: \n";
showActiveRoles($Host, $strSessionSecret, $URI);



//Generate the header to release a role
$strRoleToRelease = "RandomRole1";
$delHeader = 
"DELETE $URI" . "/ActiveRoles/$strRoleToRelease HTTP/1.1\n" .
"Host: $Host\n".
(($strSessionSecret) ? ("SessionSecret: " . $strSessionSecret . "\n") : "") .
"Connection: Close\n\n";

//release the role
echo "\nRelease the \"RandomRole1\" role...\n";
$socket1 = fsockopen($Host, 80);
fputs($socket1, $delHeader);
fclose($socket1);

//Generate the header to add a role
$strRoleToActivate = "savants";
$strContent =
'<?xml version="1.0" encoding="UTF-8"?>' .
'<otis:ActivateRole xmlns:otis="http://code.bandit-project.org/schemas/2008/otis">' . $strRoleToActivate . '</otis:ActivateRole>';
$length = strlen($strContent);
$putHeader = 
"PUT $URI" . "/ActiveRoles HTTP/1.1\n".
"Host: $Host\n" .
(($strSessionSecret) ? ("SessionSecret: " . $strSessionSecret . "\n") : "") .
"Content-Type: application/x-www-form-urlencoded\n".
"Content-Length: $length\n".
"Connection: Close\n\n".
"$strContent\n";

//add the role
echo "Add the \"savants\" role...\n";
$socket = fsockopen($Host, 80);
fputs($socket, $putHeader);
while(!feof($socket)) fgets($socket);
fclose($socket);



//Show active roles again
echo "\nActive Roles: \n";
showActiveRoles($Host, $strSessionSecret, $URI);


//Logout..
$logoutHeader = 
"DELETE $URI HTTP/1.1\n".
"Host: $Host\n".
(($strSessionSecret) ? ("SessionSecret: " . $strSessionSecret . "\n") : "") .
"Connection: Close\n\n";
$socket1 = fsockopen($Host, 80);
fputs($socket1, $logoutHeader);
fclose($socket1);
?>