How to generate an Authorization header for the SecureAuth API using ColdFusion

Follow

SecureAuth IdP Version Affected:  8.2 and higher

 

Description: 

This article describes how to generate an authorization header for  the SecureAuth Authentication API using ColdFusion Markup Language.

 

Cause

GitHub contains C# and Javascript SDKs for the API but if implementing the API in a different language or not using the SDK, it can be useful to see a simple working example in a different language such as CFML

 

 

Resolution

This script is also attached as a text file:

<!---

Copyright (c) 2018, Pillar Software Developers, LLC

All rights reserved.

Original Author: Armando Falcon

--->

 

 

<!--- GET USERID FROM XML ---->

<cfset userid = "USERID GOES HERE">

 

<!--- VARIABLES ---->

<cfset timeStamp = "#datetimeformat(now(),'EEE, dd mmm yyyy HH:nn:ss.lll', 'GMT')# GMT">

<cfset thePath = "/secureauth9/api/v1/users/#userid#/factors">

<cfset Method = "GET">




<!--- VERY IMPORTANT TO REMOVE ALL CARRIAGE RETURNS FROM THIS STRING, ONLY LF ACCEPTED, this will cause your authentication to fail if not properly formatted --->

<cfoutput>

<cfset myString = "#Method#

#timeStamp#

#session.appID#

#thePath#">

</cfoutput>

 

 

<!--- Encryption Function ---->

<cfset keybytes = BinaryDecode(session.secretkey, "Hex")>

<cfset databytes = CharsetDecode(myString, "UTF-8")>

<cfset secret = createObject("java", "javax.crypto.spec.SecretKeySpec").Init(keybytes,"HmacSHA256")>

<cfset mac = createObject("java", "javax.crypto.Mac")>

<cfset mac = mac.getInstance("HmacSHA256")>

<cfset mac.init(secret)>

<cfset digest = mac.doFinal(databytes)>

<cfset theHash = BinaryEncode(digest, "Base64")>




<!---LOGIN TO SECUREAUTH --->

<cfhttp url="https://#session.domain##thePath#" method="#Method#" result="result" charset="utf-8" authType="Basic" username="#session.appID#" password="#theHash#" timeout="60" >

<cfhttpparam type="header" name="X-SA-Ext-Date" value="#timeStamp#" />

<cfhttpparam type="header" name="Accept-Encoding" value="" />

</cfhttp>

 

 

<!--- VIEW OUTPUT RESULT --->

<cfdump var="#result#">

 

More information:

SecureAuth API:

https://docs.secureauth.com/display/91docs/Authentication+API+Guide

 

SecureAuth GitHub:

https://github.com/SecureAuthCorp

 

SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.

Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.