API实现的帮助以及如何从开始执行它？

Question

我不明白我在这里提出我的问题！我在API实现方面非常有头脑。

我有一个网站，我想为我的潜在客户创建一个表单，任何人都可以输入他们的网址和电子邮件地址。然后，我需要按照步骤来实现用例：

1）创建帐户

您将创建一个与您的主账户与杜达一个DudaWhite子账户。此子帐户稍后将授予访问权限，以编辑您创建的网站。为此，我们将调用/ accounts/create URI来创建包含输入数据的帐户。

API URL：api.dudamobile.com/api/accounts/create 参数：

account_name - your sub account users email address (mandatory) 
first_name - your sub account users first name (optional) 
last_name - your sub account users last name (optional) 

成功响应代码：[HTTP_CODE] => 204

PHP代码例如：

<?php 
//Set JSON formated message to send to Duda 
$data = ' 
    { 
     "account_name": "{account_email}", 
     "first_name": "{account_owner_first_name}", 
     "last_name": "{account_owner_last_name}" 
    } 
'; 
//Initiate cURL 
$ch = curl_init(); 
//Set cURL parameters 
curl_setopt($ch, CURLOPT_URL, 'https://api.dudamobile.com/api/accounts/create'); 
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 
curl_setopt($ch, CURLOPT_USERPWD, "{your_api_username}:{your_api_password}"); 
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); 
curl_setopt($ch, CURLOPT_POSTFIELDS, $data); 
curl_setopt($ch, CURLOPT_POST,1); 
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); 
curl_setopt($ch, CURLOPT_HTTPHEADER, array(                   
    'Content-Type: application/json',  
    'Content-Length: ' . strlen($data))                  
); 
//Perform cURL call and set $output as returned data, if any is returned 
$output = curl_exec($ch); 
curl_close($ch); 
?> 

2) Create Site 

Now that we have the sub-account created, we also want to create a site to grant access to. To do this, we will POST a message to the /sites/create URI. 

API URL: https://api.dudamobile.com/api/sites/create 
Parameters: 

    site_data: 
    original_site_url - the base URL of the website you want to convert (mandatory) 

Success response code: [http_code] => 200 


Success Response: site_name 

<?php 
//Set JSON formated message to send to Duda 
$data = ' 
    { 
    "site_data": 
     { 
      "original_site_url":"{original_site_url}" 
     } 
    } 
'; 
//Initiate cURL 
$ch = curl_init(); 
//Set cURL parameters 
curl_setopt($ch, CURLOPT_URL, 'https://api.dudamobile.com/api/sites/create'); 
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 
curl_setopt($ch, CURLOPT_USERPWD, "{your_api_username}:{your_api_password}"); 
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); 
curl_setopt($ch, CURLOPT_POSTFIELDS, $data); 
curl_setopt($ch, CURLOPT_POST,1); 
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); 
curl_setopt($ch, CURLOPT_HTTPHEADER, array(                   
    'Content-Type: application/json',  
    'Content-Length: ' . strlen($data))                  
); 
//Perform cURL call and set $output as returned data, please note the retuned site_name value 
$output = curl_exec($ch); 
curl_close($ch); 
?> 

3）授予子账户访问权限

现在我们有子账户nt和创建的网站，我们希望授予该子帐户访问该网站。

API URL：https://api.dudamobile.com/api/grantaccess/ {ACCOUNT_NAME} /位点/ {SITE_NAME} 参数：

account_name (from the account you created above) 
site_name (from the site you created above as well) 

成功响应代码：[HTTP_CODE] => 200

<?php 
$data = ''; 
$ch = curl_init(); 
curl_setopt($ch, CURLOPT_URL, 'https://api.dudamobile.com/api/accounts/grant-access/{previously_created_account_name}/sites/{previously_created_site_alias}'); 
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 
curl_setopt($ch, CURLOPT_USERPWD, "{your_api_username}:{your_api_password}"); 
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); 
curl_setopt($ch, CURLOPT_POSTFIELDS, $data); 
curl_setopt($ch, CURLOPT_POST,1); 
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); 
curl_setopt($ch, CURLOPT_HTTPHEADER, array(                   
    'Content-Type: application/json',  
    'Content-Length: ' . strlen($data))                  
); 
$output = curl_exec($ch); 
curl_close($ch); 
?> 

4）执行单次登录

为用户，网站和授予的访问权限创建子帐户后，您可以执行SSO以将其直接登录到您的品牌编辑器。请转到我们的SSO页面，了解如何实施最后一步。

注：

Sub-account users cannot create or delete sites, this must be done by the DudaWhite partner. 
The login, dashboard and editor pages cannot be customized through the API, they need to be customized by logging directly into the partner account and going to the account settings. 

单点登录（SSO） 概述

通过DudaMobile提供的身份验证解决方案提供真正的单点登录的用户体验。用户将首先登录到DudaWhite合作伙伴网站。登录成功后，用户将能够访问DudaMobile编辑器，而无需任何其他身份验证。单一登录将通过基于合作伙伴网站和DudaMobile之间共享的私钥的HMAC-SHA1加密实现。下面是过程：

The user logs into the Partner's website and clicks on a link to access the mobile editor. 
The Partner opens a new browser window/tab (or embeds an IFrame into an existing page), passing the set of predefined parameters (see below) in the URL, including the HMAC-SHA1 based signature. 
DudaMobile reads the parameters, validates the HMAC-SHA1 signature, identifies the user and allows the user to work with the tool in the scope of a browser session. 
Upon successful login, the user lands up on the page defined within the URL. 

HMAC-SHA1认证细节

的身份认证解决方案的安全性将基于合作伙伴和DudaMobile共享以下元素：

A secret key shared and maintained only between the Partner and DudaMobile. 
Set of URL request parameters passed as part of the request redirecting the user to DudaMobile. 
HMAC-SHA1 signature encryption logic. 

秘密钥匙

The secret key will be generated and shared securely between the Partner and DudaMobile. The key can be found inside of your DudaMobile account under the API section. 
The security key will be of 128-bit length represented by 32 chars HEX string, i.e. 1a6db9c4f4cc5c870ff813290f961507 or 249ef41fcf9dbc935399296929594b43 
DudaMobile reads the parameters, validates the HMAC-SHA1 signature, identifies the user and allows the user to work with the tool in the scope of a browser session. 
Upon successful login, the user lands up on the page defined within the URL. 

要求参数

当用户被重定向到DM工具，URL请求必须包含以下参数：

Parameter Name Parameter Type Description 
dm_sig_site  (String) Site name – the unique site identifier used during site creation 
dm_sig_user  (String) Account name (usually E-Mail) of the sub-user account you are trying to SSO into. This was used during account creation. 
dm_sig_partner_key (6 chars HEX String) i.e. 6d00f  Partner identifier key. This is a unique and secret key to the partner and can be found inside of the dashboard API section. 
dm_sig_timestamp (Number) i.e. 1291050919 equivalent to (2010-11-29 17:15:19Z) Time at which the signature was generated. The time will be in UNIX time format, i.e. number of seconds elapsed since Universal Time (UTC) of January 1, 1970 (epoch). Used to validate that the signature has not been expired. Make sure you are generating this at time of SSO attempt. 
dm_sig (String) The HEX string representing the signature value of HMAC-SHA1 encryption. See below of how to generate this value. 
Signature validation/generation 

为了验证请求来自可信方来了，签名生成（你身边）和验证（我们这边）应该共享相同的算法逻辑。要生成/验证签名：

Make a list of all parameters that start with “dm_sig_” sorted in reverse alphabetical order. 
Create name/value pair strings for each entry in the list, removing the “dm_sig_”. For example, “dm_sig_site” becomes “site=examplesite_name” 
Concatenate all name/value pairs together, to form a string like “…timestamp=1378904651site=examplesite_name…” 
Prepend secret key to the beginning of the string. 
HMACSHA1 the entire string using the secret key. The result should be sent as the dm_sig parameter. 

例子：

考虑下面的参数，我们将构建我们的SSO尝试：

Time Stamp = 1378904651 (should normally be generated at time of SSO request) 
Account Name = example@email.com 
Site Name = examplesite_name 
Secret Key = 5eebe8de321dce05cb6b39fb2d5d9a9d 
Partner Key = fA4dSQ 

生成的签名应该匹配：

4d5a67c25bad09b5da11ef858eb58096d1bcee55

使用全部这些信息，我们可以构建我们的网址将允许SSO：

的http：// {} editorurl.partnersite.com的/ home /网站/ examplesite_name dm_sig_partner_key = fA4dSQ & dm_sig_timestamp = 1378904651 & dm_sig_user =例如@电子邮件。 COM & dm_sig_site = examplesite_name & dm_sig = 4d5a67c25bad09b5da11ef858eb58096d1bcee55 SSO执行，在PHP

<?php 
//Set editor custom domain 
$editor_url = '{Your Custom Editor Domain}'; 
//Set SSO Parameters 
$dm_sig_site = '{Site Name you want to Login to}'; 
$dm_sig_user = '{Account Name you are logging in}'; 
$dm_sig_partner_key = '{Secret Partner Key}'; 
$dm_sig_timestamp = date_timestamp_get(date_create()); 
$secret_key = '{Secret SSO Key}'; 
//Concatenate sso strings so it can be encrypted 
$dm_sig_string = $secret_key.'user='.$dm_sig_user.'timestamp='.$dm_sig_timestamp.'site='.$dm_sig_site.'partner_key='.$dm_sig_partner_key; 
//Encrypt values 
$dm_sig = hash_hmac('sha1', $dm_sig_string, $secret_key); 
//Create SSO link 
$sso_link = 'http://'.$editor_url.'/home/site/'.$dm_sig_site.'?dm_sig_partner_key='.$dm_sig_partner_key.'&dm_sig_timestamp='.$dm_sig_timestamp.'&dm_sig_user='.$dm_sig_user.'&dm_sig_site='.$dm_sig_site.'&dm_sig='.$dm_sig; 
//Print SSO link 
echo $sso_link; 
?> 

我的问题是：

1. 我在此页面上创建了一个窗体：http://designmobisite.com/tour/。现在我需要做什么？
2. 我需要创建任何PHP文件，然后将此表单链接到该表单或我需要修改我现有的PHP文件。请注意我的网站是一个WordPress的网站。

请把这个大问题道歉，你可以帮我（一步一步地）实施这个api。

Answer 1

使用下面的链接来实现杜达白色API插件

https://support.dudamobile.com/01DudaMobile/How-To/DudaAPI_and_DudaWhite_with_WordPress