External Authority Library - External Access Authority - Integration - SWITCHcast

External Authority Library Sample

Download source

switchcast_ext_auth_lib.php
Code

<?php

// Decode public-key-encrypted and base64-encoded token into channel_id/clip_id/plain_token
function ext_auth_decode_encrypted_token($encrypted_token_base64) {
    $encrypted_token = base64_decode($encrypted_token_base64);                    // Todo: Handle decryption failure

    $private_key = openssl_get_privatekey("file://".EXT_AUTH_PRIVATE_KEY, EXT_AUTH_PASSPHRASE);    // Todo: Handle missing/invalid private key
    ext_auth_debug("Private key = \n$private_key");

    openssl_private_decrypt($encrypted_token, $decrypted_token, $private_key);    // Todo: Handle decryption errors
    ext_auth_debug("Decrypted token = $decrypted_token");

    // Token structure: <channel_id>::<clip_id>::<plain_token>
    $parts = explode("::", $decrypted_token);                                    // Todo: Handle non-conforming tokens
    if (count($parts) == 3) {
        ext_auth_debug("Channel ID: {$parts[0]}, clip ID: {$parts[1]}, plain token: {$parts[2]}");
        return array('channel_id'    => $parts[0],
                     'clip_id'        => $parts[1],
                     'plain_token'    => $parts[2]);
    } else {
        ext_auth_debug("Token decryption was unsuccessful");
        return NULL;
    }
}

/* ------------------------------------------------------------------------- */

// Redirect back to the SWITCHcast VOD URL with plain token
function ext_auth_redirect_to_vod_url($redirect_url, $plain_token) {
    if (strpos($redirect_url, 'token=::plain::') > 0) {
        // URL format: https://cast.switch.ch/vod/clip.url?token=::plain::
        $redirect_url = str_replace('::plain::', urlencode($plain_token), $redirect_url);
    } elseif (strpos($redirect_url, '?') === FALSE) {
        // URL format: https://cast.switch.ch/vod/clip.url
        $redirect_url .= '?token=' . urlencode($plain_token);
    } else {
        // URL format: https://cast.switch.ch/vod/clip.url?param=value
        $redirect_url .= '&token=' . urlencode($plain_token);
    }

    // Perform HTTP redirect
    ext_auth_debug("Redirecting to URL $redirect_url");
    header("Location: $redirect_url");
}

/* ------------------------------------------------------------------------- */

// Render HTTP status 403 (Forbidden)
function ext_auth_show_permission_denied_page() {
    ext_auth_debug("Rendering HTTP 403 Forbidden page");
    header("HTTP/1.1 403 Forbidden");
    echo("<html><head><title>403 Forbidden</title></head><body><h1>Access denied</h1>" .
         "<h2>You have no permission to access this content.</h2></body></html>");
}

/* ------------------------------------------------------------------------- */

// Simple debug logger into EXT_AUTH_LOGFILE
function ext_auth_debug($message) {
    if (!EXT_AUTH_DEBUG) {
        return;
    }

    $fh = fopen(EXT_AUTH_LOGFILE, 'a');
    fwrite($fh, date("d/m/y H:i:s:ms ", time()) . $message . "\n");
}

?>