How to Do get Token with PHP to make app secure

kamal · May 20, 2020, 12:15pm

For those who use PHP below is a code for getting token in PHP using REST API using curl. I am not professional developer but may help someone.
This code can be used as index.php in webcomponent demo.

My first Secure APP

<script src="app.js"></script>
<script src="openvidu-webcomponent-2.14.0.js"></script>
<link rel="stylesheet" href="openvidu-webcomponent-2.14.0.css">

<?php define(OPENVIDU_SERVER_URL, "https://yourOpenViduServer"); define(OPENVIDU_SERVER_SECRET,"YOUR_SECRET"); define(SESSEION_NAME,"ROOM1"); if (createSession(SESSEION_NAME)) { $token1= createToken(SESSEION_NAME); $token2= createToken(SESSEION_NAME);} function createSession($sessionName) { $url = OPENVIDU_SERVER_URL . '/api/sessions'; $BASE64AUTH= 'Basic ' . base64_encode('OPENVIDUAPP:' . OPENVIDU_SERVER_SECRET); $headers = array('Authorization:' . $BASE64AUTH ,'Content-Type:application/json'); $data = '{ "customSessionId" : ' .'"' . $sessionName .'"'. ' , "recordingMode" : "ALWAYS" , "outputMode" : "INDIVIDUAL" }'; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, TRUE); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); $result = curl_exec($ch); if (!curl_errno($ch)) { switch ($http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE)) { case 200: # OK curl_close($ch); return true; case 400: curl_close; return false; case 409: # OK curl_close; return true; //break; default: // echo 'Unexpected HTTP code: ', $http_code, "\n"; curl_close; return false; } } } function createToken($sessionName) { $url = OPENVIDU_SERVER_URL . '/api/tokens'; //echo ($url); $BASE64AUTH= 'Basic ' . base64_encode('OPENVIDUAPP:' . OPENVIDU_SERVER_SECRET); $headers = array('Authorization:' . $BASE64AUTH ,'Content-Type:application/json'); $data = '{ "session" : ' .'"' . $sessionName .'"'. ' , "role" : "MODERATOR", "data" : "Userdata" }'; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, TRUE); //curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'PUT'); //curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data)); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); $result = curl_exec($ch); // Check HTTP status code if (!curl_errno($ch)) { switch ($http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE)) { case 200: # OK $token = json_decode($result, true); curl_close($ch); //echo ($token['token']); return ($token['token']); case 400: //echo ("Problem with Body parameter"); //echo($result); curl_close; return false; case 404: curl_close; return false; //return true; //break; default: // echo 'Unexpected HTTP code: ', $http_code, "\n"; curl_close; return false; } } } ?>

<!-- Form to connect to a video-session -->
<div id="main" style="text-align: center;">
   
    <form onsubmit="joinSession(); return false" style="padding: 80px; margin: auto">
        <p>
            <label>Session:</label>
            <input type="text" id="sessionName" value=<? echo (SESSEION_NAME); ?> required>
        </p>
        <p>
            <label>User:</label>
            <input type="text" id="user" value="User1">
        </p>
        <p>
            <input type="submit" value="JOIN">
        </p>
    </form>
</div>
<script>
function joinSession() {

var sessionName = document.getElementById('sessionName').value;
var user = document.getElementById('user').value;
var webComponent = document.querySelector('openvidu-webcomponent');
var tokens = [];

if(webComponent.getAttribute("openvidu-secret") != undefined && webComponent.getAttribute("openvidu-server-url") != undefined ){
   location.reload();
}else {
	
    var token1 =  "<? echo $token1 ?>" 
    var token2 =  "<? echo $token2 ?>" 
	
    tokens.push(token1, token2);
    webComponent.sessionConfig = { sessionName, user, tokens, ovSettings };
}

}

</script>



<!-- OpenVidu Web Component -->
<openvidu-webcomponent style="display: none"></openvidu-webcomponent>

micael.gallego · May 23, 2020, 12:11am

Hello @kamal,

Thank you for the code, but it is very bad formatted.

Can you publish it again or put in a GitHub gist so we can link to it?

Thank you

kamal · May 23, 2020, 4:37am

Sorry. Please find below from GitHub gist

gist.github.com

https://gist.github.com/quidlab/456ebecd4030034fef6c902031c6b40e

index.php


<html>

<head>
    <title>OpenVidu WebComponent PHP Demo</title>
    <link rel="shortcut icon" href="favicon.ico" type="image/x-icon">
    <script src="https://code.jquery.com/jquery-3.3.1.min.js" integrity="sha256-FgpCb/KJQlLNfOu91ta32o/NMZxltwRo8QtmkMRdAu8="
        crossorigin="anonymous"></script>

    <script src="app.js"></script>

This file has been truncated. show original

micael.gallego · May 24, 2020, 11:32pm

Thank you!! I’m sure it will help other PHP developers.

Topic		Replies	Views
Talking with server How to implement? v2	5	381	August 25, 2020
Client Authenticaion How to implement? v2	2	439	November 30, 2021
Problem in GET /api-sessions/:sessionId Issues developing apps v2	0	997	January 20, 2020
How to access REST API How to implement? v2	5	833	May 3, 2020
Missing information in token Issues developing apps v2	5	258	November 17, 2021

How to Do get Token with PHP to make app secure

Related topics