PHP ActiveX
PHP ActiveX
Duo Auth API - Async Auth
See more Duo Auth MFA Examples
If you enable async, then your application will be able to retrieve real-time status updates from the authentication process, rather than receiving no information until the process is complete.Chilkat PHP ActiveX Downloads
<?php
$success = 0;
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
$integrationKey = 'DIMS3V5QDVG9J9ABRXC4';
$secretKey = 'HWVQ46nubLBxhnRlKddTltWIi3hL0fIQF2qTvLab';
$http = new COM("Chilkat.Http");
$http->Accept = 'application/json';
// Use your own hostname here:
$url = 'https://api-a03782e1.duosecurity.com/auth/v2/auth';
// This example requires Chilkat v9.5.0.89 or greater because Chilkat will automatically
// generate and send the HMAC signature for the requires based on the integration key and secret key.
$http->Login = $integrationKey;
$http->Password = $secretKey;
$req = new COM("Chilkat.HttpRequest");
$req->AddParam('username','matt');
$req->AddParam('factor','push');
// The device ID can be obtained from the preauth response. See Duo Preauth Example
$req->AddParam('device','DP6GYVTQ5NK82BMR851F');
// Add the async param to get an immediate response, then periodically check for updates to find out when the MFA authentication completes for fails.
$req->AddParam('async','1');
$req->HttpVerb = 'POST';
$req->ContentType = 'application/x-www-form-urlencoded';
$resp = new COM("Chilkat.HttpResponse");
$success = $http->HttpReq($url,$req,$resp);
if ($success == 0) {
print $http->LastErrorText . "\n";
exit;
}
print 'status code = ' . $resp->StatusCode . "\n";
$json = new COM("Chilkat.JsonObject");
$success = $json->Load($resp->BodyStr);
$json->EmitCompact = 0;
print $json->emit() . "\n";
if ($resp->StatusCode != 200) {
exit;
}
// Sample successful output:
// status code = 200
// {
// "stat": "OK",
// "response": {
// "txid": "45f7c92b-f45f-4862-8545-e0f58e78075a"
// }
// }
$txid = $json->stringOf('response.txid');
// Use your own hostname here:
$sbUrl = new COM("Chilkat.StringBuilder");
$sbUrl->Append('https://api-a03782e1.duosecurity.com/auth/v2/auth_status?txid=');
$sbUrl->Append($txid);
$url = $sbUrl->getAsString();
print 'Auth status URL: ' . $url . "\n";
$sbResult = new COM("Chilkat.StringBuilder");
// Wait for a response...
$i = 0;
$maxWaitIterations = 100;
while ($i < $maxWaitIterations) {
// Wait 3 seconds.
$http->SleepMs(3000);
print 'Polling...' . "\n";
$success = $http->HttpNoBody('GET',$url,$resp);
if ($success == 0) {
print $http->LastErrorText . "\n";
exit;
}
if ($resp->StatusCode != 200) {
print 'error status code = ' . $resp->StatusCode . "\n";
print $resp->BodyStr . "\n";
print 'Failed.' . "\n";
exit;
}
// Sample response:
// {
// "stat": "OK",
// "response": {
// "result": "waiting",
// "status": "pushed",
// "status_msg": "Pushed a login request to your phone..."
// }
// }
$json->Load($resp->BodyStr);
// The responseResult can be "allow", "deny", or "waiting"
$sbResult->Clear();
$json->StringOfSb('response.result',$sbResult);
$responseStatus = $json->stringOf('response.status');
$responseStatus_msg = $json->stringOf('response.status_msg');
print $sbResult->getAsString() . "\n";
print $responseStatus . "\n";
print $responseStatus_msg . "\n";
print '' . "\n";
if ($sbResult->ContentsEqual('waiting',1) == 1) {
$i = $i + 1;
}
else {
// Force loop exit..
$i = $maxWaitIterations;
}
}
print 'Finished.' . "\n";
?>