SsoClientLibrary.php
4.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
<?php
namespace SsoRiau;
/*
* Nama : File SSO Riau client library
* Tujuan : File ini dibuat dalam bentuk class objek sehingga dapat di integrasikan
* dengan aplikasi pihak ketiga yang ingin terhubung menggunakan aplikasi SSO
* Deskripsi Variable :
* $clientId
* - merupakan identitas unik ID yang diperoleh saat mendaftarkan
* aplikasi pihak ketiga pada aplikasi SSO
* $clientSecret
* - merupakan identitas unik Secret (rahasia) yang digunakan saat akses
* kepada aplikasi SSO sehingga diizinkan
* $redirectUri
* - merupakan alamat url yang akan mengelola hasil informasi login SSO
* $targetUri
* - adalah alamat website aplikasi SSO
*
*/
class SsoClientLibrary {
protected $clientId;
protected $clientSecret;
protected $redirectUri;
protected $targetUri;
public function __construct() {
$this->clientId = ''; // 3rd Party client Id
$this->clientSecret = ''; // 3rd Party client secret
$this->redirectUri = ''; // 3rd Party url redirect or url to handle callback
$this->targetUri = 'https://sso.riau.go.id/'; // SSO Riau portal
}
public function ssoRequest() {
$state = base64_encode(random_bytes(40));
$query = http_build_query([
'client_id' => $this->clientId,
'redirect_uri' => $this->redirectUri,
'response_type' => 'code',
'scope' => '',
'state' => $state,
]);
$_url = $this->targetUri ."oauth/authorize?" . $query;
echo '<pre>';print_r($_url);
header("Location: " . $_url);
die();
}
public function ssoCallback() {
if (isset($_GET['code']) && !empty(($_GET['code']))) {
$_access_token = '';
$_errors = '';
$_posts = [
'grant_type' => 'authorization_code',
'client_id' => $this->clientId,
'client_secret' => $this->clientSecret,
'redirect_uri' => $this->redirectUri,
'code' => $_GET['code'],
];
$arr_token = $this->__runCurl('POST', $this->targetUri."oauth/token", $_posts);
return $arr_token;
}
die('Something went wrong, please trace back your action!');
}
public function ssoUserInfo($access_token) {
if ($access_token != '') {
$header = [
'Content-Type: application/json',
'Authorization: Bearer '.$access_token,
];
$user_info = $this->__runCurl('GET', $this->targetUri."api/userInfo", [], $header);
return $user_info;
}
die('Something went wrong, please trace back your action!');
}
public function ssoAsnInfo($access_token, $nip) {
if ($access_token != '' && $nip != '') {
$header = [
'Content-Type: application/json',
'Authorization: Bearer '.$access_token,
];
$query = http_build_query([
'nip' => $nip
]);
$asn_info = $this->__runCurl('POST', $this->targetUri."api/userData?".$query, [], $header);
return $asn_info;
}
die('Something went wrong, please trace back your action!');
}
private function __runCurl($method = 'GET', $url, $data = [], $header = []) {
$error = '';
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
if ($method == 'POST') {
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
}
if (!empty($header)) {
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
}
//curl_setopt($ch, CURLOPT_TIMEOUT, 5); //timeout in seconds
//curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
//curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
$response = curl_exec($ch);
if (curl_error($ch)) {
$error = curl_error($ch);
}
curl_close($ch);
if ($error == '' && !empty($response)) {
return $response;
} else {
return $error;
}
die('Something went wrong, please trace back your action!');
}
}