You have your document in your back-office application, it's possible to start the signature from that point.
The end-user selects the certificate to be used to sign the document.
Steps
Upload the PDF document to be signed from backend.
You also can upload any other document used during the process, like the signature image. The returned value will be used as a reference during the remaining process.
curl --location --request POST 'https://homo-signer.certisur.com:445//signer/v1/upload-file' \
--form 'file=@/home/nico/Desktop/practica2.pdf'
Select the signer certificate.
If you are using a local computer certificate or a Alison-Server certificate, then you can use AlisonJS to fetch all the certificates and select the signer certificate. Refer to AlisonJS SDK documentation or AlisonGUI SDK documentation.
From the list of certificates obtained from this library, you must select the certificate to be used to generate the signature.
You can test this functionality by yourself in https://homo.certisur.net/alison-sdk/test-panel/
Example code to List Certificates
// Build AlisonSdk object
// Optional argument ==> URL where AlisonDesktop is listening
// (default: https://127.0.0.1:8004)
let alisonSdk = new AlisonLib.AlisonDesktopV2() //
// Call initialize method with AuthToken and License provided by Certisur as arguments
alisonSdk.initialize({
accessToken:'eyJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE1NlsiKiJdfQ.l...4JzzR7W_w7HesAOMUmS3W8',
}).then(function(){
// listCertificates
alisonSdk.listCertificates().then(
function(certList){
//filter or select the certificate that you want to use.
console.log('CertList: ' + JSON.stringify(certList))
}, function(e) {
console.log('FAILURE: ' + JSON.stringify(e))
})
}, function(e) {
console.log('FAILURE: ' + JSON.stringify(e))
console.log('It is very likely that AlisonDesktop is not running in your PC')
})
Example code to Select Certificate
// Build AlisonSdk object
// Optional argument ==> URL where AlisonDesktop is listening
// (default: https://127.0.0.1:8004)
let alisonSdk = new AlisonGui.AlisonDesktopV2() //
// Call initialize method with AuthToken and License provided by Certisur as arguments
// Filter certificates to only use valid certificates.
alisonSdk.mount(
{
"gui": {
"theme": "theme1",
"logo": "./acme/logo.jpg",
"header": "",
"language": {
"key": "en",
"resources": null
},
"viewSignature": false
},
"mode": "select",
"providers": {
"desktop": {
"accessToken": "ewogICJ2MiI6IHsKICAgICJ2ZXJzaW9uIjo..gfQp9"
}
},
"selector": {
"thumbPrint": "",
"profileName": "",
"keyStoreId": ""
},
"filters": [
{
"keystore": null,
"windowValidity": "0,*",
"subject": "",
"issuer": ""
}
]
}
).then(function(cert){
console.log('Cert: ' + JSON.stringify(cert))
}, function(e) {
console.log('FAILURE: ' + JSON.stringify(e))
console.log('It is very likely that AlisonDesktop is not running in your PC')
})
| If you decide to use AlisonGUI library, then the user will be able to select the certificate browsing the list of certificates. | | |
|---|
Generate the HASH of the document to being signed (phase-one)
From the certificate selected, generate a HASH of the document to be signed.
ImageId is the value obtained in step 1.
CertificateChain is the certificate to be used to sign.
var settings = {
"url": "https://homo-signer.certisur.com:445/signer/v1/405d23c9-176f-4cb8-9d7b-c8019efab1f4-1612388902560/pre-sign",
"method": "POST",
"timeout": 0,
"headers": {
"Content-Type": "application/json"
},
"data": JSON.stringify({"hashAlgo":"SHA256","reason":"I approve this document","location":"MIA - FL - US","position":{"page":"new","positionOnPage":"header"},"imageId":"405d23c9-176f-4cb8-9d7b-c8019efab1f4-1612388902560","certificateChain":"CERT_CHAIN_BASE64"}),
};
$.ajax(settings).done(function (response) {
// the response contains the pre_sign-id, used to download the signed document.
console.log('Presign: ' + JSON.stringify(response));
});
This process must be done using the private-key related to the certificated informed. In this example, since the certificate is located in the user's computer, we are using AlisonJS to request the signature.
// Initialize was performed using the accessToken defined in previous step
alisonSdk.sign().then(
function(signature){
// The signature must be informed to download the signed document
// Call the backend to inform the signature and pre_sign_id
console.log('Signature: ' + JSON.stringify(signature))
},
function(e) {
console.log('FAILURE: ' + JSON.stringify(e))
})
Download the signed document (phase-three)
Using the pre_sign_id and the signature, you must call the service to download the signed document.
curl --location --request POST '{{pdfsign_builder_url}/signer/v1/{{pdfsign_presign_id}}/post-sign' \
--header 'Content-Type: application/json' \
--data-raw '{
"signedHash": "{{pdfsign_signature}}"
}'
