{"id":18765308,"url":"https://github.com/setasign/setapdf-signer-addon-csc","last_synced_at":"2026-02-04T12:12:56.092Z","repository":{"id":39602255,"uuid":"360804394","full_name":"Setasign/SetaPDF-Signer-Addon-CSC","owner":"Setasign","description":"A SetaPDF-Signer component signature add-on for a CSC API.","archived":false,"fork":false,"pushed_at":"2024-08-20T06:47:03.000Z","size":139,"stargazers_count":0,"open_issues_count":1,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-11T21:08:54.152Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Setasign.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-04-23T07:45:43.000Z","updated_at":"2024-08-20T06:47:06.000Z","dependencies_parsed_at":"2024-11-07T18:39:21.447Z","dependency_job_id":"9a0756f6-d53e-44b1-98bd-dc0a5cb91139","html_url":"https://github.com/Setasign/SetaPDF-Signer-Addon-CSC","commit_stats":{"total_commits":34,"total_committers":3,"mean_commits":"11.333333333333334","dds":0.5294117647058824,"last_synced_commit":"6af1635701836978db24aca2ffa30fb71843d7d0"},"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Setasign%2FSetaPDF-Signer-Addon-CSC","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Setasign%2FSetaPDF-Signer-Addon-CSC/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Setasign%2FSetaPDF-Signer-Addon-CSC/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Setasign%2FSetaPDF-Signer-Addon-CSC/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Setasign","download_url":"https://codeload.github.com/Setasign/SetaPDF-Signer-Addon-CSC/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248670522,"owners_count":21142896,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-07T18:33:32.121Z","updated_at":"2026-02-04T12:12:56.087Z","avatar_url":"https://github.com/Setasign.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SetaPDF-Signer-Addon-CSC\n\nThis package offers a module for the SetaPDF-Signer component that allows you to use the\n[Cloud Signature Consortium](https://cloudsignatureconsortium.org) API for Remote Electronic Signatures and Remote \nElectronic Seals to digital sign PDF documents in pure PHP.\n\nThe API documentation can be found on the Cloud Signature Consortium website:\nhttps://cloudsignatureconsortium.org/resources/download-api-specifications/\n\nAt the time of writing the module is tested with the eSigner CSC API from SSL.com (v0) and the Remote Signing Service \nCSC API from Entrust (v0).\nIt currently does not support all features or variances that may appear in other API implementations.\n\nFor usage with SSL.com you can follow this integration guide to get a better understanding of how to setup a test \nenvironment and how the signature workflow works: \nhttps://www.ssl.com/guide/integration-guide-testing-remote-signing-with-esigner-csc-api/\n(instead of using postman you can use this module directly and sign your PDF documents locally).\n\n## Known not implemented features\n\nAt the moment the module does not support RSA_PSS or ECDSA as signing algorithm because of missing testing options.\nBoth are implemented but will throw an exception to get a chance for a test case. Please contact us at\nsupport@setasign.com so that we can work on a final implementation together.\n\nAuthentification is only supported over [OAuth2](https://oauth.net/2/). Authentification over HTTP Basic or Digest\nauthentification is not implemented yet. An implementation of the `auth/login` (11.2) endpoint shouldn't require much \nefford. If you need this, feel free to contact us at support@setasign.com so that we can work on this together.\n\nOnline One-Time Password (OTP) generation mechanism is not implemented yet. You'll have to trigger\nthe OTP generation by yourself - see API `credentials/sendOTP` (11.8).\n\n## Requirements\n\nTo use this package you need access to a CSC API (v0).\n\nThis package is developed and tested on PHP \u003e= 7.3 up to PHP 8.5. Requirements of the \n[SetaPDF-Signer](https://www.setasign.com/signer)\ncomponent can be found [here](https://manuals.setasign.com/setapdf-signer-manual/getting-started/#index-1).\n\nWe're using [PSR-17 (HTTP Factories)](https://www.php-fig.org/psr/psr-17/) and \n[PSR-18 (HTTP Client)](https://www.php-fig.org/psr/psr-18/) for the requests. So you'll need an implementation of \nthese. We recommend using Guzzle:\n\n```\n    \"require\" : {\n        \"guzzlehttp/guzzle\": \"^7.0\",\n        \"http-interop/http-factory-guzzle\": \"^1.0\"\n    }\n```\n\n## Installation\nAdd following to your composer.json:\n\n```json\n{\n    \"require\": {\n        \"setasign/setapdf-signer-addon-csc\": \"^1.2\"\n    },\n    \"repositories\": [\n        {\n            \"type\": \"composer\",\n            \"url\": \"https://www.setasign.com/downloads/\"\n        }\n    ]\n}\n```\n\nand execute `composer update`. You need to define the `repository` to resolve the dependency to the\n[SetaPDF-Signer](https://www.setasign.com/signer) component\n(see [here](https://getcomposer.org/doc/faqs/why-can%27t-composer-load-repositories-recursively.md) for more details).\n\n\n## Usage\n\nAll classes in this package are located in the namespace `setasign\\SetaPDF\\Signer\\Module\\CSC`.\n\n### The `Client` class\n\nThis class is a kind of proxy class to the CSC API. Its constructor requires the following arguments:\n\n- `$apiUri` The base url of your csc api e.g. `https://cs-try.ssl.com/csc/v0`\n- `$httpClient` PSR-18 HTTP Client implementation.\n- `$requestFactory` PSR-17 HTTP Factory implementation.\n- `$streamFactory` PSR-17 HTTP Factory implementation.\n\nIf you need to call an endpoint which is not covered by a proxy method, you can use the `call(string $path, ?string $accessToken = null, array $inputData = [])` method.\n\n### How do I get an access token?\n\nAn access token is returned by an authorization to the API service.\n\nThis was tested only by an OAuth2 authorization yet. You can to use an OAuth2 implementation such as\n[league/oauth2-client](https://github.com/thephpleague/oauth2-client).\nSample code for this can be found in \"[examples/generate-token.php](examples/generate-token.php)\".\n\n### Authorization modes\n\nAccessing a credential for remote signing requires an authorization from the user who owns it to control the signing\nkey associated to it. \n\nThe CSC API supports multiple authorization modes. The authorization mode also defines whether the signing process must\nbe asynchronous or not. To get this information you can call `Client::credentialsInfo()` and in the key \"authMode\" you'll\nfind one of the following authorization modes:\n\n- implicit: the authorization process is managed by the remote service autonomously. Authentication factors are managed by the remote signing service provider by interacting directly with the user, and not by the signature application.\n- explicit: the authorization process is managed by the signature application, which collects authentication factors like PIN or One-Time Passwords (OTP).\n- oauth2code: the authorization process is managed by the remote service using an OAuth 2.0 mechanism based on authorization code.\n\nFor both \"implicit\" and \"explicit\" you can use the synchronous process (see [examples/demo.php](examples/demo.php) and [examples/ltv-demo.php](examples/ltv-demo.php)).\n\nFor \"oauth2code\" you must use the asynchronous process (see [examples/demo-async.php](examples/async-demo.php)). This \nwill require an oauth2 implementation such as\n[league/oauth2-client](https://github.com/thephpleague/oauth2-client).\n\nMore about the authorization modes can be found in \"8.2 Credential authorization\" of the CSC API.\n\n## License\n\nThis package is open-sourced software licensed under the [MIT license](https://opensource.org/licenses/MIT).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsetasign%2Fsetapdf-signer-addon-csc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsetasign%2Fsetapdf-signer-addon-csc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsetasign%2Fsetapdf-signer-addon-csc/lists"}