PHP

Introduction

Rapid.php contains the class that communicates with the RapID service. It is dependent on Httpful.

The service authentication certificate available from the Customer Portal dashboard will be needed to communicate with the RapID service. It is currently provided as a DER-encoded pfx and will need to be converted into PEM format. The conversion steps using openssl are:

  • Create crt.pem
openssl pkcs12 -in <path to service authentication pfx> -out crt.pem -clcerts -nokeys -clcerts
(Enter pfx password when prompted)
  • Create key.pem
openssl pkcs12 -in rapid.testing.rp.pfx -out key.pem -nocerts
(Enter pfx password when prompted, and provide a new password to protect the new .pem file)

The RapID constructor expects a single parameter: an associative array with the following three keys:

  • cert: This is the full path to the crt.pem generated above
  • key: This is the full path to the key.pem generated above
  • passphrase: This is the password used to protect the key.pem file

Installing RapID SDK

Using Composer

The rapid.zip includes the Rapid.php file along with composer installation json and lock file. There is also a php unit test that you can run using your certificate and key pem files.

  • unzip the rapid.zip file into your desired location for 3rd party libraries.
  • In your projects composer.json file add a repository of type path pointing to the RapID source directory, and also add a requirement for intercede/rapid-web. See below
"repositories": [
    {
        "type": "path",
        "url": "../<path_to_rapid>/src"
    }
],
"require": {
    "intercede/rapid-web": "*"
}
  • run composer install within your project
  • Finally ensure your php file calls autoload.php to load the RapID SDK
<?php
    require '<location to your autoload.php>';
<?

Manual approach

  • Download httpful.phar from their website
  • Place httpful.phar and Rapid.php into a file location and point your php to these files.
<?php
    require 'rapid.php';
    require 'httpful.phar';
    ...

Methods

Request Identity

Below is some sample code of how to use the Rapid SDK to request a credential and return the RequestId.

<?php

require 'src/vendor/autoload.php';  //assuming composer install

// get the HTTP method, path and body of the request
$method = $_SERVER['REQUEST_METHOD'];

if ($method == 'GET') {
    $rapid = new \Intercede\Rapid(load_key());
    $credential = $rapid->requestIdentity("TestCertificateRequestValid1");
    echo "request ID   : " . $credential->RequestId . "\n"; 
}

function load_key() 
{
    return array(
        "cert"=>'/filepath/to/client/crt.pem', 
        "key"=>'/filepath/to/client/key.pem', 
        "passphrase"=>'passphrase-for-your-key'
    );
}

?>

Credential Collection

The sample code below posts to the PHP page with an anonId variable in the request. This is used as the anonymous identifier to set the prevention of further credential collections on that record by calling the preventCredentialCollection method in the RapID sdk. The echo output should be true.

<?php

require 'src/vendor/autoload.php';  //assuming composer install

// get the HTTP method, path and body of the request
$method = $_SERVER['REQUEST_METHOD'];

if ($method == 'POST') {
    $rapid = new \Intercede\Rapid(load_key());
    $anonymousId = $_POST["anonId"]
    $credential = $rapid->preventCredentialCollection($anonymousId);
    echo "Prevent Collection : " . $credential->PreventCollection . "\n"; 
}

function load_key() 
{
    return array(
        "cert"=>'/filepath/to/client/crt.pem', 
        "key"=>'/filepath/to/client/key.pem', 
        "passphrase"=>'passphrase-for-your-key'
    );
}

?>

The allowCredentialCollection alternative. The echo output should be false;

<?php

require 'src/vendor/autoload.php';  //assuming composer install

// get the HTTP method, path and body of the request
$method = $_SERVER['REQUEST_METHOD'];

if ($method == 'POST') {
    $rapid = new \Intercede\Rapid(load_key());
    $anonymousId = $_POST["anonId"]
    $credential = $rapid->allowCredentialCollection($anonymousId);
    echo "Prevent Collection : " . $credential->PreventCollection . "\n"; 
}

function load_key() 
{
    return array(
        "cert"=>'/filepath/to/client/crt.pem', 
        "key"=>'/filepath/to/client/key.pem', 
        "passphrase"=>'passphrase-for-your-key'
    );
}

?>

Credential Replacement

The sample code below posts to the PHP page with an anonId variable in the request. This is used as the anonymous identifier to replace an existing credential. This calls into the replaceCredential method with the anonymous identifier, the echo output should be the RequestId of the new credential to be collected.

<?php

require 'src/vendor/autoload.php';  //assuming composer install

// get the HTTP method, path and body of the request
$method = $_SERVER['REQUEST_METHOD'];

if ($method == 'POST') {
    $rapid = new \Intercede\Rapid(load_key());
    $anonymousId = $_POST["anonId"]
    $credential = $rapid->replaceCredential($anonymousId);
    echo "RequestId : " . $credential->RequestId . "\n"; 
}

function load_key() 
{
    return array(
        "cert"=>'/filepath/to/client/crt.pem', 
        "key"=>'/filepath/to/client/key.pem', 
        "passphrase"=>'passphrase-for-your-key'
    );
}

?>

Authenticated user

The authenticated_user method determines the anonymous identifier of the given certificate used in the request. Which can be used to determine if the user is known to your system.

<?php

require 'src/vendor/autoload.php';  //assuming composer install

// get the HTTP method, path and body of the request
$method = $_SERVER['REQUEST_METHOD'];

if ($method == 'GET') {
    $rapid = new \Intercede\Rapid(load_key());
    $authenticated_user_id = $rapid->authenticated_user();
    echo "anonymous identifier   : " . $authenticated_user_id . "\n"; 
}

function load_key() 
{
    return array(
        "cert"=>'/filepath/to/client/crt.pem', 
        "key"=>'/filepath/to/client/key.pem', 
        "passphrase"=>'passphrase-for-your-key'
    );
}

?>

Reseed

The sample code below expects a POST including a requestId field which can be used to reseed that particular test credential.

<?php

require 'src/vendor/autoload.php';  //assuming composer install

// get the HTTP method, path and body of the request
$method = $_SERVER['REQUEST_METHOD'];

if ($method == 'POST') {
    $rapid = new \Intercede\Rapid(load_key());
    $requestId = $_POST["requestId"]
    $credential = $rapid->reseed($requestId);
}

function load_key() 
{
    return array(
        "cert"=>'/filepath/to/client/crt.pem', 
        "key"=>'/filepath/to/client/key.pem', 
        "passphrase"=>'passphrase-for-your-key'
    );
}

?>

Deprecated PHP methods

The original request method is still supported in this version of the sdk but will be removed in a future version. Update to the supported method requestIdentity at the earliest possible opportunity.

<?php

if ($method == 'GET') {
    $rapid = new \Intercede\Rapid(load_key());
    $id_for_collection = $rapid->request("TestCertificateRequestValid1");
    echo "request ID   : " . $id_for_collection . "\n"; 
}

?>