From d032b4f6ddc59fd8be3f333f42c10c3cad676b91 Mon Sep 17 00:00:00 2001 From: saravahdatipour Date: Thu, 14 Nov 2024 14:37:23 +0100 Subject: [PATCH 1/3] fix: changes to make the sessions work with https --- get_session_request.php | 2 +- start_session.php | 21 +++++++++++---------- 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/get_session_request.php b/get_session_request.php index 616b4ea..4ba097b 100644 --- a/get_session_request.php +++ b/get_session_request.php @@ -8,7 +8,7 @@ function get_session_request($contents) { if (JWT_ENABLED) { - $jwt_pk = file_get_contents(IRMA_SERVER_PUBLICKEY); + $jwt_pk = file_get_contents(IRMA_SERVER_URL . './publickey'); try { $decoded = JWT::decode($contents, new Key($jwt_pk, 'RS256')); } catch (Exception $e) { diff --git a/start_session.php b/start_session.php index e0d71b2..d5f071f 100644 --- a/start_session.php +++ b/start_session.php @@ -2,7 +2,6 @@ require_once 'config.php'; date_default_timezone_set('UTC'); -$protocol = explode(':', IRMA_SERVER_URL, 2)[0]; $sigrequests = [ 'email-signature' => [ @@ -177,7 +176,7 @@ ]; function start_session($type, $lang) { - global $sprequests, $sigrequests, $protocol; + global $sprequests, $sigrequests; if (array_key_exists($type, $sprequests)) $sessionrequest = $sprequests[$type]; @@ -189,14 +188,16 @@ function start_session($type, $lang) { $jsonsr = json_encode($sessionrequest); $api_call = array( - $protocol => array( - 'method' => 'POST', - 'header' => "Content-type: application/json\r\n" - . "Content-Length: " . strlen($jsonsr) . "\r\n" - . "Authorization: " . API_TOKEN . "\r\n", - 'content' => $jsonsr - ) - ); + 'http' => array( + 'method' => 'POST', + 'header' => "Content-type: application/json\r\n" + . "Content-Length: " . strlen($jsonsr) . "\r\n" + . "Authorization: " . API_TOKEN . "\r\n", + 'content' => $jsonsr, + 'ignore_errors' => true // Include this option + ) +); + $resp = file_get_contents(IRMA_SERVER_URL . '/session', false, stream_context_create($api_call)); if (! $resp) { From 1a01961e5846d61ce076c1be94ca99dbc3176353 Mon Sep 17 00:00:00 2001 From: saravahdatipour Date: Thu, 14 Nov 2024 14:46:14 +0100 Subject: [PATCH 2/3] changing the jwt auth to token method instead of publickey --- config.php | 4 ---- data/.gitignore | 1 - data/README.md | 6 ------ 3 files changed, 11 deletions(-) delete mode 100644 data/.gitignore delete mode 100644 data/README.md diff --git a/config.php b/config.php index 737b5c3..e7554ce 100644 --- a/config.php +++ b/config.php @@ -16,7 +16,3 @@ define('IRMATUBE_NEXT_SESSION_URL', BASE_URL . '/demo/get_session_request.php'); define('IRMATUBE_CREDENTIAL', 'pbdf.pbdf.irmatube'); } - -if (JWT_ENABLED) { - define('IRMA_SERVER_PUBLICKEY', __DIR__ . '/../data/pk.pem'); -} \ No newline at end of file diff --git a/data/.gitignore b/data/.gitignore deleted file mode 100644 index 612424a..0000000 --- a/data/.gitignore +++ /dev/null @@ -1 +0,0 @@ -*.pem \ No newline at end of file diff --git a/data/README.md b/data/README.md deleted file mode 100644 index f671486..0000000 --- a/data/README.md +++ /dev/null @@ -1,6 +0,0 @@ -Data directory --------------- - -Add the following to this directory: - - * `pk.pem` - The public key of the IRMA server you are using \ No newline at end of file From 8cbc05426f03951b6853c2e84edcd350a70da6db Mon Sep 17 00:00:00 2001 From: saravahdatipour Date: Thu, 14 Nov 2024 14:55:17 +0100 Subject: [PATCH 3/3] fixing remaining public key mentions --- build_artifacts.sh | 4 ---- start_session.php | 1 - 2 files changed, 5 deletions(-) diff --git a/build_artifacts.sh b/build_artifacts.sh index 27fab06..a641c6a 100755 --- a/build_artifacts.sh +++ b/build_artifacts.sh @@ -44,10 +44,6 @@ for lang in 'nl' 'en'; do cp "$DIR/start_session.js" "$DIR/build/$lang/start_session.js" done -cp -r "$DIR/data" "$DIR/build/data" -rm "$DIR/build/data/README.md" -rm "$DIR/build/data/.gitignore" - # Delete potential empty directories find "$DIR/build" -type d -empty -delete # Delete shell files diff --git a/start_session.php b/start_session.php index d5f071f..ac6e190 100644 --- a/start_session.php +++ b/start_session.php @@ -194,7 +194,6 @@ function start_session($type, $lang) { . "Content-Length: " . strlen($jsonsr) . "\r\n" . "Authorization: " . API_TOKEN . "\r\n", 'content' => $jsonsr, - 'ignore_errors' => true // Include this option ) );