此bounty已结束。回答此问题可获得+200声望奖励。赏金宽限期19小时后结束。MAYUR SANCHETI想提请更多注意这个问题:需要适当的程序,还是这个解决不了,我试过没有。代码,deepvue.tech,surepass,signzy是如何工作的,我和UIDAI客户服务谈过,但他们忽略了这样的API,他们告诉这不是公共API。请帮帮忙。
概念-我做的门户网站,我想添加aadhaar身份验证,并获得用户的详细信息(名称,出生日期和地址),如果用户允许,并验证OTP然后才。
语言使用- php,curl
**简单示例-**EPFO门户用户输入他的aadhaar号码并检查,用户从UIDAI接收OTP。如果有效则获取姓名、生日、地址,像这样简单的功能要在PHP中构建。
错误为-
错误编号-6无法解析主机:auth.uidai.gov.in;此处不知道名称或服务
我参考下面的链接--
- https://uidai.gov.in/images/resource/Aadhaar_Authentication_API-2.5_Revision-1_of_January_2022.pdf
- https://www.uidai.gov.in/en/916-developer-section/data-and-downloads-section/11350-testing-data-and-license-keys.html
- uidai.gov.in/images/resource/aadhaar_otp_request_api_2_5.pdf
1.类似的功能已经存在于https://unifiedportal-mem.epfindia.gov.in/memberinterface/-验证aadhaar,并获得他的详细信息,一旦用户允许,我需要类似的功能,当用户允许,然后只得到姓名,出生日期,地址。
我试了下面的代码,但没有工作,
<?php
/** * https://uidai.gov.in/images/resource/Aadhaar_Authentication_API-2.5_Revision-1_of_January_2022.pdf */
$adhar_card_no = "123456789012";
function checkurl($adhar_card_no)
{
$host = "https://auth.uidai.gov.in";
$version = "2.5";
$aua = "public";
$asalk = "MAvSQG0jKTW4XxQc2cI-oXZYxYH-zi7IWmsQY1q3JNLlC8VOWOHYGj8";
$uid = str_split($adhar_card_no);
$url = $host."/".$version."/".$aua."/".$uid[0]."/".$uid[1]."/".$asalk;
return $url;
}
$request_url = checkurl($adhar_card_no);
function requestDataBuilder($uid)
{
$encrypted_encoded_session_key = "";
$encrypted_pid_block = "";
$sha256_pid_bloc_encrypted_encoded= "";
$digital_aua_signatrure= "";
$auth_data = [
"uid" => $uid, //Adhaar Card No.
"tid" => "", //Terminal Id for registered device else public
"ac" => "", //10 char unique code, public for testing
"sa" => "", //max length 10, same as ac possible
"ver" => 1.6, //Current version
"txn" => "", //AUA transaction identifier. max length 50, not U*
"lk" => "", //Valid License Key, max length 64
];
$uses_data = [ "pi" => "n", "pa" => "n", "pfa" => "n", "bio" => "n", "bt" => "n", "pin" => "n", "otp" => "n" ];
$tkn_data = [
"type" => "001", //only this option available for now which is mobile no.
"value" => "9595792282" //Mobile no. 10 digit only no prefix
];
$meta_data = [
"udc" => "123456477699", //[vendorcode][date of deployment][serial number] max length 20
"fdc" => "NA", //Fingerprint device code. use NA or NC or given code
"idc" => "NA", //Iris device code, us na or NC
"pip" => "NA", //Public IP address of the device, or NA
"lot" => "P", //G -lat long format. p for pincode format
"lov" => "110025" // value as per G and P- my pin change it
];
$skey_data = [
"ci" => "", //Public key certificate Identifier --mandatory
"ki" => "" //This is for advanced use only, --optional
];
$format = '<Auth uid="'.$auth_data['uid'].'" tid ="'.$auth_data['tid'].'" ac="'.$auth_data['ac'].'" sa="'.$auth_data['sa'].'" ver="'.$auth_data['ver'].'" txn="'.$auth_data['txn'].'" lk="'.$auth_data['lk'].'">';
$format.= '<Uses pi="'.$uses_data['pi'].'" pa="'.$uses_data['pa'].'" pfa="'.$uses_data['pfa'].'" bio="'.$uses_data['bio'].'" bt="'.$uses_data['bt'].'" pin="'.$uses_data['pin'].'" otp="'.$uses_data['otp'].'"/>';
$format.= '<Tkn type="'.$tkn_data['type'].'" value="'.$tkn_data['value'].'"/>';
$format.= '<Meta udc="'.$meta_data['udc'].'" fdc="'.$meta_data['fdc'].'" idc="'.$meta_data['idc'].'" pip="'.$meta_data['pip'].'" lot="'.$meta_data['lot'].'" lov="'.$meta_data['lov'].'"/>';
$format.= '<Skey ci="'.$skey_data['ci'].'" ki="'.$skey_data['ci'].'">'.$encrypted_encoded_session_key.'</Skey>';
$format.= '<Data type="X">'.$encrypted_pid_block.'</Data>';
$format.= '<Hmac>'.$sha256_pid_bloc_encrypted_encoded.'</Hmac>';
$format.= '<Signature>'.$digital_aua_signatrure.'</Signature></Auth>';
return $format;
}
$request_url = checkurl($adhar_card_no);
$data_to_send = requestDataBuilder($adhar_card_no);
//setting the curl parameters.
$ch = curl_init();
$curl_options = [ CURLOPT_URL => $request_url, CURLOPT_VERBOSE => 1, CURLOPT_SSL_VERIFYHOST => 0, CURLOPT_SSL_VERIFYPEER => 0, CURLOPT_POST => 1, CURLOPT_RETURNTRANSFER => 1, CURLOPT_HTTPHEADER => array('Content-Type: application/xml'), CURLOPT_POSTFIELDS => $data_to_send ];
curl_setopt_array($ch, $curl_options);
curl_setopt( $ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
$response = curl_exec($ch);
if (curl_errno($ch)) {
// moving to display page to display curl errors
echo 'Error Number - '.curl_errno($ch).'<br/>';
echo curl_error($ch);
echo '<br/> here';
} else {
echo $response;
print_r($response);
}
curl_close($ch);
?>
此代码没有从aadhaar获得任何OTP,名称,DOB。
请帮助别人,任何建议。
2条答案
按热度按时间elcex8rz1#
请参考此示例代码。它具有加密XML主体的逻辑。只需从official documentation.下载暂存/测试证书
liwlm1x92#
鼓励私营公司,如Surepass和Signzy,提供API网关。
鉴于Aadhar数据的敏感性,政府不允许将其用于这种情况下的测试目的。
虽然我们尝试使用API-Setu,但我们经常遇到服务中断。