PHP Extension
PHP Extension
Duo Auth API - Async Auth
See more Duo Auth MFA Examples
If you enable async, then your application will be able to retrieve real-time status updates from the authentication process, rather than receiving no information until the process is complete.Chilkat PHP Extension Downloads
<?php
include("chilkat.php");
$success = false;
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
$integrationKey = 'DIMS3V5QDVG9J9ABRXC4';
$secretKey = 'HWVQ46nubLBxhnRlKddTltWIi3hL0fIQF2qTvLab';
$http = new CkHttp();
$http->put_Accept('application/json');
// Use your own hostname here:
$url = 'https://api-a03782e1.duosecurity.com/auth/v2/auth';
// This example requires Chilkat v9.5.0.89 or greater because Chilkat will automatically
// generate and send the HMAC signature for the requires based on the integration key and secret key.
$http->put_Login($integrationKey);
$http->put_Password($secretKey);
$req = new CkHttpRequest();
$req->AddParam('username','matt');
$req->AddParam('factor','push');
// The device ID can be obtained from the preauth response. See Duo Preauth Example
$req->AddParam('device','DP6GYVTQ5NK82BMR851F');
// Add the async param to get an immediate response, then periodically check for updates to find out when the MFA authentication completes for fails.
$req->AddParam('async','1');
$req->put_HttpVerb('POST');
$req->put_ContentType('application/x-www-form-urlencoded');
$resp = new CkHttpResponse();
$success = $http->HttpReq($url,$req,$resp);
if ($success == false) {
print $http->lastErrorText() . "\n";
exit;
}
print 'status code = ' . $resp->get_StatusCode() . "\n";
$json = new CkJsonObject();
$success = $json->Load($resp->bodyStr());
$json->put_EmitCompact(false);
print $json->emit() . "\n";
if ($resp->get_StatusCode() != 200) {
exit;
}
// Sample successful output:
// status code = 200
// {
// "stat": "OK",
// "response": {
// "txid": "45f7c92b-f45f-4862-8545-e0f58e78075a"
// }
// }
$txid = $json->stringOf('response.txid');
// Use your own hostname here:
$sbUrl = new CkStringBuilder();
$sbUrl->Append('https://api-a03782e1.duosecurity.com/auth/v2/auth_status?txid=');
$sbUrl->Append($txid);
$url = $sbUrl->getAsString();
print 'Auth status URL: ' . $url . "\n";
$sbResult = new CkStringBuilder();
// Wait for a response...
$i = 0;
$maxWaitIterations = 100;
while ($i < $maxWaitIterations) {
// Wait 3 seconds.
$http->SleepMs(3000);
print 'Polling...' . "\n";
$success = $http->HttpNoBody('GET',$url,$resp);
if ($success == false) {
print $http->lastErrorText() . "\n";
exit;
}
if ($resp->get_StatusCode() != 200) {
print 'error status code = ' . $resp->get_StatusCode() . "\n";
print $resp->bodyStr() . "\n";
print 'Failed.' . "\n";
exit;
}
// Sample response:
// {
// "stat": "OK",
// "response": {
// "result": "waiting",
// "status": "pushed",
// "status_msg": "Pushed a login request to your phone..."
// }
// }
$json->Load($resp->bodyStr());
// The responseResult can be "allow", "deny", or "waiting"
$sbResult->Clear();
$json->StringOfSb('response.result',$sbResult);
$responseStatus = $json->stringOf('response.status');
$responseStatus_msg = $json->stringOf('response.status_msg');
print $sbResult->getAsString() . "\n";
print $responseStatus . "\n";
print $responseStatus_msg . "\n";
print '' . "\n";
if ($sbResult->ContentsEqual('waiting',true) == true) {
$i = $i + 1;
}
else {
// Force loop exit..
$i = $maxWaitIterations;
}
}
print 'Finished.' . "\n";
?>