The Secure Channel signature consists of two steps:
- Getting signing request
- Authenticate signature
Below are code samples that need to be included in the webpages where the OneSpan Authentication Server Secure Channel signature functionality is to be integrated.
To use Secure Channel signature, add a client component (Signature Secure Channel Sample Client) with the IDENTIKEY Signature Validation with Secure Channel policy and configure the SDK as described here to use this component for Secure Channel signature.
To use Secure Channel signature, the following code element must be set in the controller.properties file:
component.type.signature.secure_channel = Signature Secure Channel Sample Client
Code sample: Getting signing request
<%@ page import="com.vasco.identikey.model.Signature" %>
<%@ page import="com.vasco.identikey.controller.IdentikeyError" %>
<%@ page import="com.vasco.identikey.controller.signature.SignatureCommandResponse" %>
<jsp:useBean id="signatureBean" class="com.vasco.identikey.controller.signature.SignatureBean" scope="session" />
<!-- Signature details have been provided, now perform the request -->
<%
String userID = request.getParameter("SIGNFLD_USERID");
String domain = request.getParameter("SIGNFLD_DOMAIN");
String serialNo = request.getParameter("SIGNFLD_SERIAL_NO");
String requestBody = request.getParameter("SIGNFLD_REQUEST_BODY");
String transactionTitle = request.getParameter("SIGNFLD_TRANSACTION_TITLE");
java.util.LinkedHashMap<String, String> dataFields = new java.util.LinkedHashMap();
dataFields.put(request.getParameter("SIGNFLD_DATA_FIELD_KEY1"), request.getParameter("SIGNFLD_DATA_FIELD_VAL1"));
if (request.getParameter("SIGNFLD_DATA_FIELD_KEY2") != null && request.getParameter("SIGNFLD_DATA_FIELD_VAL2") != null) {
dataFields.put(request.getParameter("SIGNFLD_DATA_FIELD_KEY2"), request.getParameter("SIGNFLD_DATA_FIELD_VAL2"));
}
if (request.getParameter("SIGNFLD_DATA_FIELD_KEY3") != null && request.getParameter("SIGNFLD_DATA_FIELD_VAL3") != null) {
dataFields.put(request.getParameter("SIGNFLD_DATA_FIELD_KEY3"), request.getParameter("SIGNFLD_DATA_FIELD_VAL3"));
}
if (request.getParameter("SIGNFLD_DATA_FIELD_KEY4") != null && request.getParameter("SIGNFLD_DATA_FIELD_VAL4") != null) {
dataFields.put(request.getParameter("SIGNFLD_DATA_FIELD_KEY4"), request.getParameter("SIGNFLD_DATA_FIELD_VAL4"));
}
// Execute the genRequest command
SignatureCommandResponse results = signatureBean.genRequest(userID, domain, serialNo, requestBody, transactionTitle, dataFields);
if (results.getReturnCode() == 0) {
Signature sig = results.getResults();
userID = sig.getUserID();
domain = sig.getDomain();
String requestKey = sig.getRequestKey();
}
%>
<!-- generate cronto image from RequestMessage -->
<img id="crontoImage" class="image-centered" alt="Request Message" title="Request Message" src="data:image/png;base64,<%=sig.getRequestMessageImage(6)%>"/>Code sample: Authenticating signature
<%@ page import="com.vasco.identikey.model.Signature" %>
<%@ page import="com.vasco.identikey.controller.IdentikeyError" %>
<%@ page import="com.vasco.identikey.controller.signature.SignatureCommandResponse" %>
<jsp:useBean id="signatureBean" class="com.vasco.identikey.controller.signature.SignatureBean" scope="session" />
String userID = request.getParameter("SIGNFLD_USERID");
String domain = request.getParameter("SIGNFLD_DOMAIN");
String requestKey = request.getParameter("SIGNFLD_REQUEST_KEY");
String signature = request.getParameter("SIGNFLD_SIGNATURE");
// Execute the command
SignatureCommandResponse results = signatureBean.authSignature(domain, userID, signature, requestKey);
if (results.getReturnCode() == 0) {
// Secure channel signature verification succeeded.
Signature sig = results.getResults();
}