PHP Extension
PHP Extension
PRODA Get OAuth2 Access Token using JWT
See more PRODA Examples
Demonstrates how to get an OAuth2 access token for the PRODA Australian Government Online Services using a JWT.Chilkat PHP Extension Downloads
<?php
include("chilkat.php");
$success = false;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// First create a JWT to be sent in the POST to https://vnd.proda.humanservices.gov.au/mga/sps/oauth/oauth20/token
$privKey = new CkPrivateKey();
// Load an RSA private key from a PEM file.
// Chilkat provides alternative methods to load from other formats, or to load from a string or binary data.
$success = $privKey->LoadEncryptedPemFile('qa_data/pem/rsa_passwd.pem','passwd');
if ($success == false) {
print $privKey->lastErrorText() . "\n";
exit;
}
$jwt = new CkJwt();
// Build the JOSE header
$jose = new CkJsonObject();
// Use RS256. Pass the string "RS384" or "RS512" to use RSA with SHA-384 or SHA-512.
$success = $jose->AppendString('alg','RS256');
$success = $jose->AppendString('typ','JWT');
$success = $jose->AppendString('kid','test-device');
// Now build the JWT claims (also known as the payload)
$claims = new CkJsonObject();
$success = $claims->AppendString('iss','9646844092');
$success = $claims->AppendString('sub','test-device');
$success = $claims->AppendString('aud','https://proda.humanservices.gov.au');
// Set the timestamp of when the JWT was created to now.
$curDateTime = $jwt->GenNumericDate(0);
$success = $claims->AddIntAt(-1,'iat',$curDateTime);
// Set the timestamp defining an expiration time (end time) for the token
// to be now + 1 hour (3600 seconds)
$success = $claims->AddIntAt(-1,'exp',$curDateTime + 3600);
// Produce the smallest possible JWT:
$jwt->put_AutoCompact(true);
// Create the JWT token. This is where the RSA signature is created.
$jwtToken = $jwt->createJwtPk($jose->emit(),$claims->emit(),$privKey);
// ---------------------------------------------------------------------
// Build and send the POST, which should look something like this:
// POST https://vnd.proda.humanservices.gov.au/mga/sps/oauth/oauth20/token HTTP/1.1
// Content-Type: application/x-www-form-urlencoded
// Content-Length: 666
// Host: vnd.proda.humanservices.gov.au
//
// grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=<jwt>&client_id=VendorClient03
$http = new CkHttp();
$req = new CkHttpRequest();
$req->put_HttpVerb('POST');
$req->put_ContentType('application/x-www-form-urlencoded');
// Add the request params.
$req->AddParam('grant_type','urn:ietf:params:oauth:grant-type:jwt-bearer');
$req->AddParam('assertion',$jwtToken);
$req->AddParam('client_id','VendorClient03');
$resp = new CkHttpResponse();
$success = $http->HttpReq('https://vnd.proda.humanservices.gov.au/mga/sps/oauth/oauth20/token',$req,$resp);
if ($success == false) {
print $http->lastErrorText() . "\n";
exit;
}
print 'Response status code = ' . $resp->get_StatusCode() . "\n";
print 'Response body:' . "\n";
print $resp->bodyStr() . "\n";
?>