The following sample is provided “as is” with no warranty or guarantee.
<?php
/**
* Define POST URL and also payload
*/
$username = '';
$api = '';
$pass = '';
$now = actual_time("Y-m-d\TH:i:00",1,time()); // gmdate("Y-m-d\TH:i:00");
$hash = custom_hmac('sha1', $pass.'|'.$now, $api, false); // hash_hmac('sha1', $pass.'|'.$now, $api);
$payload = '<ActivationRequest><Username>'.$username.'</Username><Token>'.$hash.'</Token></ActivationRequest>';
//echo ($pass.'|'.$now . '<br />');
//exit(0);
define('XML_PAYLOAD', $payload);
define('XML_POST_URL', 'https://www.subscriptionbridge.com/Subscriptions/Service2.svc/ActivationRequest');
/**
* Initialize handle and set options
*/
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, XML_POST_URL);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 4);
curl_setopt($ch, CURLOPT_POSTFIELDS, XML_PAYLOAD);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-type: text/xml'));
//WARNING: this would prevent curl from detecting a 'man in the middle' attack
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
/**
* Execute the request and also time the transaction
*/
$start = array_sum(explode(' ', microtime()));
$result = curl_exec($ch);
$stop = array_sum(explode(' ', microtime()));
$totalTime = $stop - $start;
/**
* Check for errors
*/
if ( curl_errno($ch) ) {
$resultMsg = 'ERROR -> ' . curl_errno($ch) . ': ' . curl_error($ch);
} else {
$returnCode = (int)curl_getinfo($ch, CURLINFO_HTTP_CODE);
switch($returnCode){
case 404:
$resultMsg = 'ERROR -> 404 Not Found';
break;
case 200:
break;
default:
$resultMsg = 'HTTP ERROR -> ' . $returnCode;
break;
}
}
/**
* Close the handle
*/
curl_close($ch);
/**
* Output the results and time
*/
echo 'Total time for request: ' . $totalTime . "\n";
echo $result;
/**
* Exit the script
*/
exit(0);
function actual_time($format,$offset,$timestamp){
//Offset is in hours from gmt, including a - sign if applicable.
//So lets turn offset into seconds
$offset = $offset*60*60;
$timestamp = $timestamp + $offset;
//Remember, adding a negative is still subtraction ;)
return gmdate($format,$timestamp);
}
function custom_hmac($algo, $data, $key, $raw_output)
{
$algo = strtolower($algo);
$pack = 'H'.strlen($algo('test'));
$size = 64;
$opad = str_repeat(chr(0x5C), $size);
$ipad = str_repeat(chr(0x36), $size);
if (strlen($key) > $size) {
$key = str_pad(pack($pack, $algo($key)), $size, chr(0x00));
} else {
$key = str_pad($key, $size, chr(0x00));
}
for ($i = 0; $i < strlen($key) - 1; $i++) {
$opad[$i] = $opad[$i] ^ $key[$i];
$ipad[$i] = $ipad[$i] ^ $key[$i];
}
$output = $algo($opad.pack($pack, $algo($ipad.$data)));
return ($raw_output) ? pack($pack, $output) : $output;
}
?>