Salient Soft

Although I was deploying an Angular app for this, it is a Yoti requirement that some interaction with Yoti is done via a backend.

As I wanted to deploy under cPanel with Zen for demo purposes, my only backend option was php.

I therefore planned a simple php backend web service that could be called from the Angular app to do the required Yoti backend functionality.

To develop and test this locally I installed a local WAMP server – details of this may be found on this post here.

Having installed Wamp64 and got working ok, I was able to run microapp demos locally with Angular deployments, and to run a simple ‘hello world’ php backend, by renaming index.html to .php and inserting the php code.

Next I needed to install composer and set up a composer.json to handle dependency loading as Yoti needs this.

Composer is a commonly used dependency management tool for PHP and full details and the download for it may be found here.

I had some issues getting Composer to co-operate with Wamp64, regarding the PHP version. In particular it gave errors on the PHP version when loading the Yoti SDK, which I initially assumed were due to not having a recent enough version of php for the latest Yoti SDK. However, in the end, this was not the case – it was purely a local Composer/Wamp64 integration issue.

This post here offers help on this. I ended up adding the correct PHP version to the system path, which kept Composer happy and in my case, unlike other posters in the previous post, did not upset Wamp64.

I was ultimately able to use php 5.6.40 with the latest 2.4 Yoti SDK with no problems – this was helpful as this was the version currently in use on the target Zen cPanel hosting.

I then installed the latest eclipse for PHP, as I did not want to upgrade my webstorm to PHPStorm just for a simple PHP requirement.

It was however useful having the eclipse ability to provide a decent PHP editor in its IDE.

When creating a workspace and project, I was offered Composer integration by eclipse, which initially seemed attractive.

However, this proved somewhat complex to get into, given I had no intention of building my own Composer packages. The only reason I wanted it was to allow loading of the Yoti SDK via Composer, as this would be called from my simple php backend.

I therefore dumped this and used a basic PHP project in eclipse. I manually created the composer.json file per Yoti’s instructions, and a simple manual “composer install” command from the command line in the project directory caused the SDK to be downloaded and correctly placed under the vendor subfolder, which also needed deploying along with the api code.

Having fixed all the issues along the way which are documented in my wamp server installation post above, I was able to fully integrate with Yoti both locally and from Zen cPanel hosting. My simple initial test PHP backend was taken from the Yoti samples, and successfully displayed the user’s date of birth, obtained from the live Yoti integration, after its Yoti button was clicked and the QR code scanned via the mobile Yoti app.

Comments Off on Integrating the Yoti backend via PHP under cPanel

This was done in order to test demo software targetted for Zen’s cPanel hosting environment.

In particular, I had a need for a simple PHP back end service which would be called from an Angular microapp, to integrate with Yoti’s identity platform.

The basic WAMP server was downloaded and installed from here. This proceeded straightforwardly and allowed a simple php script to be called from a browser.

Next, I needed to enable TLS 1.2 to allow integration with Yoti, as this can only be done via SSL (however a localhost SSL is acceptable).

This blog here had all the basic details and was followed and implemented.

However, when creating the certificate using the above blog you get an error stating there was an error in reading the openssl conf file
This stack overflow post had a fix for the problem. I added a system environment variable per the answers as follows:-

name: OPENSSL_CONF
value: E:\OpenSSL-Win64\bin\openssl.cfg

i.e. pointing to the cfg file under wherever you install (noting that the file type is cfg under windows)
This then works permanently every time you use openssl, and saves having to type the same value as a -config switch every time.
Note that the blog has the Directory value as a direct value, not a tag in angle brackets.
However there is also a <Directory… > tag with sub elements
Further down in the blog is a post with a further example by David Green (who is the blog author) on May 17, 2019 at 3:57 pm
In his example in this post, he has clearly edited the <Directory> tag rather than adding as a separate variable, so I did the same.

Following the above my simple php example was able to connect to Yoti and displayed the QR code.
When scanned by the mobile app, it also verified the profile correctly and attempted the redirect back with the one-time token.
However, the Yoti PHP code, when trying to connect to Yoti, threw the following error:-

[23-Oct-2019 12:53:37 UTC] PHP Fatal error: Uncaught exception ‘Yoti\Exception\RequestException’ with message ‘SSL certificate problem: unable to get local issuer certificate’ in E:\wamp64\www\microapps\age-verification-api\vendor\yoti\yoti-php-sdk\src\Yoti\Http\Curl\RequestHandler.php:73

The crux of the issue was that the php curl function, which Yoti was using to contact its web service, was not ssl enabled properly hence the failure.
This blog helped re the issue re adding the required certificate and enabling mod_ssl and php+opensl.

One more hurdle though – there are 2 php.ini files that need editing – one in the version of php I was using (5.6.40 in this case), and another symlink one pointed to from a php.ini symlink under E:\wamp64\bin\apache\apache2.4.39\bin. You can use dir/a to see where such a symlink points – in this case it was another ini file in the relevant php directory – E:/wamp64/bin/php/php5.6.40/phpForApache.ini. This fixed this problem. This post here explains the issue about the double ini files.

This then allowed Yoti to work successfully – its api was able to curl back to the Yoti site via ssl as required, and an age verification was able to successfully return a date of birth.

Comments Off on Installing a WAMP server under Windows 7

I received 500 errors from both Mantis and 2intandem, giving this kind of error:-
The server requested authentication method unknown to the client [mysql_old_password]

In the case of 2intandem it was just a straight 500 unable to connect to database error, so the error was not so clear. However once I had fixed mantis, I suspected the issue was the same and indeed it was.

This post here indicated that this was due to a change in the password salt length/old/legacy salt issue, and that simply changing the password would resolve the issue.

This fixed the issue for both – just a password change. Even changing to the same password fixed the issue. In one case I actually changed the password so therefore also had to update the password in the relevant config.php file.

One issue on doing this was that I spent some time finding out where to change DB users/passwords in CPanel, thinking it was in PHPMyAdmin screen per some posts on this.
However it is not done there but under the MySQLDatabases icon in CPanel – this allows user maintenance including password changing etc.

This resolved the issues for both Mantis and the 2intandem hosted web site.

Comments Off on 500 error when connecting to database from Mantis and 2intandem