1

我不明白我如何在这里提出我的问题!我是 API 实现的初学者。

我有一个网站,我想为我的潜在客户创建一个表格,任何人都可以在其中输入他们的网址和电子邮件地址。然后我需要按照步骤来实现用例:

1) 创建账户

您将创建一个与您在 Duda 的主账户相关的 DudaWhite 子账户。此子帐户稍后将授予编辑您创建的网站的权限。为此,我们将调用 /accounts/create URI 以使用输入数据创建帐户。

API URL:api.dudamobile.com/api/accounts/create 参数:

account_name - your sub account users email address (mandatory)
first_name - your sub account users first name (optional)
last_name - your sub account users last name (optional)

成功响应代码:[http_code] => 204

PHP代码示例:

<?php
//Set JSON formated message to send to Duda
$data = '
    {   
      "account_name": "{account_email}", 
      "first_name": "{account_owner_first_name}", 
      "last_name": "{account_owner_last_name}"
    }
';
//Initiate cURL 
$ch = curl_init();
//Set cURL parameters
curl_setopt($ch, CURLOPT_URL, 'https://api.dudamobile.com/api/accounts/create');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERPWD, "{your_api_username}:{your_api_password}");
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_POST,1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(                                                                          
    'Content-Type: application/json',       
    'Content-Length: ' . strlen($data))                                                                       
);   
//Perform cURL call and set $output as returned data, if any is returned
$output = curl_exec($ch);
curl_close($ch);
?>

2) Create Site

Now that we have the sub-account created, we also want to create a site to grant access to. To do this, we will POST a message to the /sites/create URI.

API URL: https://api.dudamobile.com/api/sites/create
Parameters:

    site_data:
    original_site_url - the base URL of the website you want to convert (mandatory)

Success response code: [http_code] => 200


Success Response: site_name

<?php
//Set JSON formated message to send to Duda
$data = '
    {   
    "site_data":
        {
            "original_site_url":"{original_site_url}"
        }
    }
';
//Initiate cURL 
$ch = curl_init();
//Set cURL parameters
curl_setopt($ch, CURLOPT_URL, 'https://api.dudamobile.com/api/sites/create');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERPWD, "{your_api_username}:{your_api_password}");
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_POST,1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(                                                                          
    'Content-Type: application/json',       
    'Content-Length: ' . strlen($data))                                                                       
);   
//Perform cURL call and set $output as returned data, please note the retuned site_name value
$output = curl_exec($ch);
curl_close($ch);
?>

3) 授予子账户访问权限

现在我们已经创建了子账户和站点,我们要授予子账户对站点的访问权限。

API URL:https : //api.dudamobile.com/api/grantaccess/ {account_name}/sites/{site_name} 参数:

account_name (from the account you created above)
site_name (from the site you created above as well)

成功响应代码:[http_code] => 200

<?php
$data = '';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://api.dudamobile.com/api/accounts/grant-access/{previously_created_account_name}/sites/{previously_created_site_alias}');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERPWD, "{your_api_username}:{your_api_password}");
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_POST,1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(                                                                          
    'Content-Type: application/json',       
    'Content-Length: ' . strlen($data))                                                                       
);   
$output = curl_exec($ch);
curl_close($ch);
?>

4) 执行单点登录

为您的用户、站点创建子帐户并授予访问权限后,您可以执行 SSO 以将它们直接登录到您的品牌编辑器中。前往我们的 SSO 页面,了解如何实施这最后一步。

笔记:

Sub-account users cannot create or delete sites, this must be done by the DudaWhite partner.
The login, dashboard and editor pages cannot be customized through the API, they need to be customized by logging directly into the partner account and going to the account settings.

单点登录 (SSO) 概述

DudaMobile 提供的身份验证解决方案提供了真正的单点登录用户体验。用户将首先登录 DudaWhite 合作伙伴网站。登录成功后,用户无需任何额外身份验证即可访问 DudaMobile 编辑器。单点登录将使用基于合作伙伴站点和 DudaMobile 之间共享的私钥的 HMAC-SHA1 加密来实现。这是过程:

The user logs into the Partner's website and clicks on a link to access the mobile editor.
The Partner opens a new browser window/tab (or embeds an IFrame into an existing page), passing the set of predefined parameters (see below) in the URL, including the HMAC-SHA1 based signature.
DudaMobile reads the parameters, validates the HMAC-SHA1 signature, identifies the user and allows the user to work with the tool in the scope of a browser session.
Upon successful login, the user lands up on the page defined within the URL.

HMAC-SHA1 身份验证详细信息

身份验证解决方案的安全性将基于合作伙伴和 DudaMobile 共享的以下元素:

A secret key shared and maintained only between the Partner and DudaMobile.
Set of URL request parameters passed as part of the request redirecting the user to DudaMobile.
HMAC-SHA1 signature encryption logic.

密钥

The secret key will be generated and shared securely between the Partner and DudaMobile. The key can be found inside of your DudaMobile account under the API section.
The security key will be of 128-bit length represented by 32 chars HEX string, i.e. 1a6db9c4f4cc5c870ff813290f961507 or 249ef41fcf9dbc935399296929594b43
DudaMobile reads the parameters, validates the HMAC-SHA1 signature, identifies the user and allows the user to work with the tool in the scope of a browser session.
Upon successful login, the user lands up on the page defined within the URL.

请求参数

当用户被重定向到 DM 工具时,URL 请求必须包含以下参数:

Parameter Name  Parameter Type  Description
dm_sig_site     (String)    Site name – the unique site identifier used during site creation
dm_sig_user     (String)    Account name (usually E-Mail) of the sub-user account you are trying to SSO into. This was used during account creation.
dm_sig_partner_key  (6 chars HEX String) i.e. 6d00f     Partner identifier key. This is a unique and secret key to the partner and can be found inside of the dashboard API section.
dm_sig_timestamp    (Number) i.e. 1291050919 equivalent to (2010-11-29 17:15:19Z)   Time at which the signature was generated. The time will be in UNIX time format, i.e. number of seconds elapsed since Universal Time (UTC) of January 1, 1970 (epoch). Used to validate that the signature has not been expired. Make sure you are generating this at time of SSO attempt.
dm_sig  (String)    The HEX string representing the signature value of HMAC-SHA1 encryption. See below of how to generate this value.
Signature validation/generation

为了验证请求是否来自可信方,签名生成(你方)和验证(我们方)应该共享相同的算法逻辑。要生成/验证签名:

Make a list of all parameters that start with “dm_sig_” sorted in reverse alphabetical order.
Create name/value pair strings for each entry in the list, removing the “dm_sig_”. For example, “dm_sig_site” becomes “site=examplesite_name”
Concatenate all name/value pairs together, to form a string like “…timestamp=1378904651site=examplesite_name…”
Prepend secret key to the beginning of the string.
HMACSHA1 the entire string using the secret key. The result should be sent as the dm_sig parameter.

例子:

给定以下参数,我们将构建 SSO 尝试:

Time Stamp = 1378904651 (should normally be generated at time of SSO request)
Account Name = example@email.com
Site Name = examplesite_name
Secret Key = 5eebe8de321dce05cb6b39fb2d5d9a9d
Partner Key = fA4dSQ

生成的签名应匹配:

4d5a67c25bad09b5da11ef858eb58096d1bcee55

使用所有这些信息,我们可以构建允许 SSO 的 URL:

http://{editorurl.partnersite.com}/home/site/examplesite_name?dm_sig_partner_key=fA4dSQ&dm_sig_timestamp=1378904651&dm_sig_user=example@email.com&dm_sig_site=examplesite_name&dm_sig=4d5a67c25bad09b5da11ef858eb58096db S 中的实现

<?php
//Set editor custom domain
$editor_url = '{Your Custom Editor Domain}';
//Set SSO Parameters
$dm_sig_site = '{Site Name you want to Login to}';
$dm_sig_user = '{Account Name you are logging in}';
$dm_sig_partner_key = '{Secret Partner Key}';
$dm_sig_timestamp = date_timestamp_get(date_create());
$secret_key = '{Secret SSO Key}';
//Concatenate sso strings so it can be encrypted
$dm_sig_string = $secret_key.'user='.$dm_sig_user.'timestamp='.$dm_sig_timestamp.'site='.$dm_sig_site.'partner_key='.$dm_sig_partner_key;
//Encrypt values
$dm_sig = hash_hmac('sha1', $dm_sig_string, $secret_key);
//Create SSO link
$sso_link = 'http://'.$editor_url.'/home/site/'.$dm_sig_site.'?dm_sig_partner_key='.$dm_sig_partner_key.'&dm_sig_timestamp='.$dm_sig_timestamp.'&dm_sig_user='.$dm_sig_user.'&dm_sig_site='.$dm_sig_site.'&dm_sig='.$dm_sig;
//Print SSO link
echo $sso_link;
?>

我的问题是:

  1. 我在此页面上创建了一个表单:http: //designmobisite.com/tour/。现在我需要做什么?
  2. 我是否需要创建任何 php 文件,然后将此表单链接到该文件,或者我需要修改现有的 php 文件。请注意我的网站是一个 wordpress 网站。

请为这个大问题道歉,你能帮我(一步一步)实现这个 api。

4

1 回答 1

1

使用下面的链接来实现 Duda White API 插件

https://support.dudamobile.com/01DudaMobile/How-To/DudaAPI_and_DudaWhite_with_WordPress

于 2014-03-31T09:55:46.507 回答