API Connection
Authentication
In order to authenticate into Retail operations, you should contact the « connectAutoWithAuthToken » method.
connectAutoWithAuthToken
Connects to the Webservice in order to get a Session token. This token should be used in the X-PHP-SESSID header.
Method
| GET | /api/auth/v1/connectAutoWithAuthToken |
|---|
Arguments
- authToken (string): Authentication token.
- authClientID (long): Client ID (provided by the 3DS Service team)
Body
(none)
Response
The Authentication service returns a JSON message with the session token and Retail operations WEBService URL:
{
"success": boolean,
"message": string,
"data": {
"token": string,
"wsUrl": string,
"wsUrlRest": string
},
"errorCode": int
}
Error code list
- 0 : NONE
- 1 : UNKNOWN
- 2 : AUTH_TOKEN_INVALID_FORMAT
- 3 : AUTH_TOKEN_INVALID_CRYPT
- 4 : AUTH_TOKEN_TOO_OLD
- 5 : LOGIN_INVALID
- 6 : NEED_CAPTCHA
- 7 : INVALID_APPLICATION
- 8 : PASSWORD_EXPIRED
- 9 : TOO_MANY_FAILED_ATTEMPT
Authentication Token construction
The Authentication token is a string combining several information (current date, login and password), all encrypted using the AES-256 algorithm:
AES_256({CURRENT_DATE}|{LOGIN}|{PASSWORD}|, {SPI_API_KEY}, {SPI_API_IV})
- {CURRENT_DATE}: Current Date in UTC format (eg: )
- {LOGIN}: Authentication login provided by Dassault Systèmes
- {PASSWORD}: Authentication password provided by Dassault Systèmes
- {SPI_API_KEY}: Access key provided by Dassault Systèmes
- {SPI_API_IV}: Initialization value for the AES-256 algorithm, provided by Dassault Systèmes
AES-256 settings:
- Algorithm: Rijndael
- Block size: 128
- Key length: 256
- Key: {SPI_API_KEY}
- IV (Initialization Vector): {SPI_API_IV}
- Padding: PKCS7
Then this token is base64 encoded, and several characters are replaced in order for the string token to be valid in an url:
- + ⇨ -
- / ⇨ \
- = ⇨ ,
PHP Sample
<?php
/**
* Creates a connection token for SPI Software available for 1 minute
* @param [in] $login user logiin
* @param [in] $password user password
* @param [in] $key encryption key
* @returns Authentication token
*/
function createSpiAuthToken($login, $password, $key) {
// Date in UTC format
$UTC = new DateTimeZone("UTC");
$currDate = new DateTime("now", $UTC);
$token = $currDate->format(DATE_ISO8601).'|'.$login.'|'.$password.'|';
if (version_compare(phpversion(), '7.2.0', '<')) {
$block = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$padding = $block - (strlen($token) % $block);
$token .= str_repeat(chr($padding), $padding);
return base64_url_encode(
mcrypt_encrypt(
MCRYPT_RIJNDAEL_128,
base64_decode($key),
$token,
MCRYPT_MODE_CBC,
base64_decode("T0iPmNI7v+XCi7tSy8npYA==")
)
);
} else {
return base64_url_encode(
openssl_encrypt(
$token,
'aes-256-cbc',
base64_decode($key),
$options=OPENSSL_RAW_DATA,
base64_decode("T0iPmNI7v+XCi7tSy8npYA==")
)
);
}
}
// base64_encode URL friendly
function base64_url_encode($input) {
return strtr(base64_encode($input), '+/=', '-_,');
}
$url = "https://preprod.storemanager.online/preprod/";
$login = "********";
$password = "*****";
$key = "*************************************";
$authClientId = "***";
$GUID = <UID of the project from an external application to be created or loaded (External code)>
$token = createSpiAuthToken($login, $password, $key);
// Creation of the url containing the token
$finalUrl = $url .'?mode=lienCrm&authClientId='. $authClientId .'&authToken='. $token.'&projectUID='.$GUID;
echo('
<html>
<body>
<iframe style="width: 100%; height: 100%" src="'. $finalUrl .'"/>
</body>
</html>
');
?>