It’s always hard to nail the exact sequence when authorizing through a new API. Here’s what I came up with for PHP authorization with Zoom’s JWTs. This is essentially a quick start which gets you enough functions to do a first API call: to list zoom users. Line 40->68 is where the JWt meat happens.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 | <?php// config parameters you need to definedefine( 'ZOOM_TOKEN_FILE', "/var/.zoom_token" ) ; // some location on the filesystem used to cache your token while it's current (make sure permissions are restrictive)define( 'ZOOM_API_KEY', "" ) ;define( 'ZOOM_API_SECRET', "" ) ;// mainprint_r( zoom_list_users() ) ;exit( 0 ) ;// functionsfunction zoom_list_users() { $users = array() ; $page_number = 1 ; $keep_going = true ; while( $keep_going && $page_number<10000 ) { $result = zoom_make_api_call( "GET", "https://api.zoom.us/v2/users", array('page_size'=>300, 'page_number'=>$page_number, 'status'=>"active") ) ; $result = json_decode( $result, true ) ; if( array_key_exists('users', $result) && count($result['users'])>0 ) { foreach( $result['users'] as $user ) { $users[] = $user ; } $page_number++ ; if( $page_number>$result['page_count'] ) { $keep_going = false ; } } else { $keep_going = false ; } } return $users ;}// PHP's default base64 encode isn't URL safe which messes up the JWT, we need these functions insteadfunction base64_url_encode( $data ) { return rtrim( strtr(base64_encode($data), '+/', '-_'), '=' ) ;}function base64_url_decode( $data ) { return base64_decode( str_pad(strtr($data, '-_', '+/'), strlen($data) % 4, '=', STR_PAD_RIGHT) ) ;}function get_token( $refresh=false ) { if( $refresh===false && file_exists(ZOOM_TOKEN_FILE) ) { return file_get_contents( ZOOM_TOKEN_FILE ) ; } $jwt_request_date = @date( "U" ) ; // no warning, proper system timezone assumed $jwt_expiration_date = $jwt_request_date + 60*60 ; # +1 hour $jwt_header = '{"alg":"HS256","typ":"JWT"}' ; $jwt_claim_set = '{"iss":"' . ZOOM_API_KEY . '","exp":' . $jwt_expiration_date . '}' ; $jwt_signature = sign_data( base64_url_encode($jwt_header) . '.' . base64_url_encode($jwt_claim_set), ZOOM_API_SECRET ) ; $jwt = base64_url_encode( $jwt_header ) . "." . base64_url_encode( $jwt_claim_set ) . "." . base64_url_encode( $jwt_signature ) ; file_put_contents( ZOOM_TOKEN_FILE, $jwt ) ; return $jwt ;}function sign_data( $data, $key ) { return hash_hmac( "SHA256" , $data, $key, true) ;}function zoom_make_api_call( $request, $url, $get_variables=null, $post_variables=null, $force_refresh_token=false ) { $ch = curl_init() ; $token = get_token( $force_refresh_token ) ; $getfields = "" ; if( $get_variables!==null && is_array($get_variables) ) { foreach( $get_variables as $get_variable_key=>$get_variable_value ) { $getfields .= "&" . urlencode( $get_variable_key ) . "=" . urlencode( $get_variable_value ) ; } if( strlen($getfields)>0 ) { $getfields = "?" . substr( $getfields, 1 ) ; } } curl_setopt( $ch, CURLOPT_URL, "{$url}{$getfields}" ) ; curl_setopt( $ch, CURLOPT_PORT , 443 ) ; curl_setopt( $ch, CURLOPT_CUSTOMREQUEST, $request ) ; curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ) ; if( $post_variables!==null && is_array($post_variables) ) { $postfields = "" ; foreach( $post_variables as $post_variable_key=>$post_variable_value ) { $postfields .= "&" . urlencode( $post_variable_key ) . "=" . urlencode( $post_variable_value ) ; } $postfields = substr( $postfields, 1 ) ; curl_setopt( $ch, CURLOPT_POSTFIELDS, $postfields ) ; } else if( $post_variables!==null && is_string($post_variables) ) { curl_setopt( $ch, CURLOPT_POSTFIELDS, $post_variables ) ; } curl_setopt( $ch, CURLOPT_HTTPHEADER, array( "authorization: Bearer {$token}", "content-type: application/json") ) ; curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1 ) ; curl_setopt( $ch, CURLOPT_HEADER, true ) ; $response = curl_exec( $ch ) ; curl_close( $ch ) ; $response = parse_http_response( $response ) ; if( $response['code']=="200" || $response['code']=="204" || $response['code']=="404" ) { return $response['body'] ; } else if( $response['code']=="401" ) { // expired token if( $force_refresh_token===false ) { // safe to recurse return zoom_make_api_call( $request, $url, $get_variables, $post_variables, true ) ; } else { echo "ERROR: had an expired token and I tried to refresh it, yet somehow it's still expired\n" ; print_r( $response ) ; exit( 1 ) ; } } else { echo "ERROR: I have no idea what to do with this response from Zoom\n" ; print_r( $response ) ; exit( 1 ) ; }}function parse_http_response( $raw_data ) { $parsed_response = array( 'code'=>-1, 'headers'=>array(), 'body'=>"" ) ; $raw_data = explode( "\r\n", $raw_data ) ; $parsed_response['code'] = explode( " ", $raw_data[0] ) ; $parsed_response['code'] = $parsed_response['code'][1] ; $i = 1 ; if( $parsed_response['code']=="100" ) { $parsed_response['code'] = explode( " ", $raw_data[2] ) ; $parsed_response['code'] = $parsed_response['code'][1] ; $i = 3 ; } for( ; $i<count($raw_data) ; $i++ ) { $raw_datum = $raw_data[$i] ; $raw_datum = trim( $raw_datum ) ; if( $raw_datum!="" ) { if( substr_count($raw_datum, ':')>=1 ) { $raw_datum = explode( ':', $raw_datum, 2 ) ; $parsed_response['headers'][strtolower($raw_datum[0])] = trim( $raw_datum[1] ) ; } else { echo "ERROR: we're in the headers section of parsing an HTTP section and no colon was found for line: {$raw_datum}\n" ; exit( 1 ) ; } } else { // we've moved to the body section if( ($i+1)<count($raw_data) ) { for( $j=($i+1) ; $j<count($raw_data) ; $j++ ) { $parsed_response['body'] .= $raw_data[$j] . "\n" ; } } // we don't need to continue the $i loop break ; } } return $parsed_response ;}?> |