A php library for using the Authy API.
This library requires PHP 5.5+
Quick Steps for Installation
- Git clone locally.
- CD into the authy-php directory.
- Within the authy-php directory, execute composer install. Composer will suck down the required libs.
- Open tests/Authy/TestHelper.php with your favorite editor, e.g. vi.
- Update the following fields of $ot_test_data with your authy account information: api_keyy, email, mobile_number, country_code, and authy_id.
- Composer will have installed phpunit. If you're on a Mac and you've used homebrew, then use vendor/bin/phpunit.
- All of the test cases should succeed.
authy/php
package is available on Packagist.
Include it in your composer.json
as follows:
{
"require": {
"authy/php": "5.5"
}
}
To use this client you just need to use Authy_Api and initialize it with your API KEY
$authy_api = new Authy\AuthyApi('#your_api_key');
Now that you have an Authy API object you can start sending requests.
NOTE: if you want to make requests to sandbox you have to pass the sandbox url as the second argument:
$authy_api = new Authy\AuthyApi('#your_api_key', 'http://sandbox-api.authy.com');
NOTE: User is matched based on cellphone and country code not e-mail. A cellphone is uniquely associated with an authy_id.
Creating users is very easy, you need to pass an email, a cellphone and optionally a country code:
$user = $authy_api->registerUser('[email protected]', '405-342-5699', 1); //email, cellphone, country_code
in this case 1
is the country code (USA). If no country code is specified, it defaults to USA.
You can easily see if the user was created by calling ok()
.
If request went right, you need to store the authy id in your database. Use user->id()
to get this id
in your database.
if($user->ok())
// store user->id() in your user database
if something goes wrong ok()
returns false
and you can see the errors using the following code
else
foreach($user->errors() as $field => $message) {
printf("$field = $message");
}
it returns a dictionary explaining what went wrong with the request. Errors will be in plain English and can be passed back to the user.
NOTE: Token verification is only enforced if the user has completed registration. To change this behaviour see Forcing Verification section below.
Registration is completed once the user installs and registers the Authy mobile app or logins once successfully using SMS.
To verify tokens you need the user id and the token. The token you get from the user through your login form.
$verification = $authy_api->verifyToken('authy-id', 'token-entered-by-the-user');
Once again you can use ok()
to verify whether the token was valid or not.
if($verification->ok())
// the user is valid
If you wish to verify tokens even if the user has not yet complete registration, pass force=true when verifying the token.
$verification = $authy_api->verifyToken('authy-id', 'token-entered-by-the-user', array("force" => "true"));
To be able to use this method you need to have activated the SMS plugin for your Authy App.
To request a SMS token you only need the user id.
$sms = $authy_api->requestSms('authy-id');
As always, you can use ok()
to verify if the token was sent.
This call will be ignored if the user is using the Authy Mobile App. If you still want to send
the SMS pass force=>true
as an option
$sms = $authy_api->requestSms('authy-id', array("force" => "true"));
To check a user status, just pass the user id.
$status = $authy_api->userStatus('authy_id');
Authy has an API to verify users via phone calls or sms. Also, user phone information can be gethered for support and verification purposes.
In order to start a phone verification, we ask the API to send a token to the user via sms or call:
$authy_api->phoneVerificationStart('111-111-1111', '1', 'sms');
Optionally you can specify the language that you prefer the phone verification message to be sent. Supported
languages include: English (en
), Spanish (es
), Portuguese (pt
), German (de
), French (fr
) and
Italian (it
). If not specified, English will be used.
$authy_api->phoneVerificationStart('111-111-1111', '1', 'sms', 'es');
// This will send a message in spanish
Once you get the verification from user, you can check if it's valid with:
$authy_api->phoneVerificationCheck('111-111-1111', '1', '0000');
If you want to gather additional information about user phone, use phones info.
$authy_api->phoneInfo('111-111-1111', '1');
Authy OneTouch uses a very simple API consisting of two endpoints. One for creating approval requests and another to check the status of the approval request. To simplify the process of handling a request, you can set a callback URL in the Authy dashboard.
To generate a OneTouch approval request which user can accept or reject on Authy App
$details = array(
'Platform' => 'Mobile - iPhone 6',
'Location' => '795 E DRAGRAM TUCSON AZ 85705'
);
$hidden_details = array(
'IP' => '192.168.1.1'
);
$logos = array(
array( 'url' => 'http://www.yourwebsite.com/logo.png', 'res' => 'default'),
array( 'url' => 'http://www.yourwebsite.com/logo_low.png', 'res' => 'low')
);
$message = "Login to awesome App";
$authy_id = 123456; // authy_id of the user stored in your database
$response = $authy_api->oneTouchVerificationRequest($authy_id,$message,null,$details,$hidden_details,$logos);
// Get OneTouch approval request UUID to check if user accepted or rejected later
$oneTouchRequestUUID = $response->body()->approval_request->uuid;
If you wan to check status (accepted/rejected) of OneTouch approval request UUID
$respone = $authy_api->oneTouchVerificationCheck($authy_id,$oneTouchRequestUUID);
echo $respone->body()->approval_request->status
Use the following example to set callback handler
$params = $authy_api->oneTouchGetCallbackParams();
$url = 'https://example.com/app/callback';
$headers = apache_request_headers();
$nonce = $headers['X-Authy-Signature-Nonce'];
$signature = $headers['X-Authy-Signature'];
$method = $_SERVER['REQUEST_METHOD'];
$ok = $authy_api->validateOneTouchSignature($signature, $nonce, $method, $url, $params);
if( !$ok ){
// Not a valid request by Authy, probably you want to ignore it
}
echo $params['status'];
You will need to install composer https://getcomposer.org/download/
and install dependencies with composer install --no-dev
. Also
You will need to install phpunit https://phpunit.de/manual/current/en/installation.html
For OneTouch Tests to succeed, you will need to modify $ot_test_data with production values in tests/Authy/TestHelper.php with production api_key, api_host, email, country_code, mobile_number and authy_id
Then you can run test by executing this command make
You can find the full API documentation in the official documentation page.
Copyright (c) 2011-2020 Authy Inc.