first commit

oji
Showing 3 changed files with 191 additions and 0 deletions Side-by-side Diff
README.md
composer.json
src/SsoClientLibrary.php
@@ -0,0 +1,41 @@
+## SSO Riau
+SSO Riau
+
+Construct:
+----
+
+```$php
+$this->clientId = '';   // 3rd Party client Id
+$this->clientSecret = '';   // 3rd Party client secret
+$this->redirectUri = '';  // 3rd Party url redirect or url to handle callback
+$this->targetUri = 'https://sso.riau.go.id/';    // SSO Riau portal
+
+```
+Check SSO session :
+----
+
+```$php
+use SsoRiau\SsoClientLibrary;
+$objSso = new SsoClientLibrary();
+$objSso->ssoRequest();
+
+```
+Consume SSO session :
+----
+
+```$php
+$objSso = new SsoClientLibrary();
+$data_access_token = $objSso->ssoCallback();
+if (!empty($data_access_token)) {
+    $data_access_token = json_decode($data_access_token);
+    $access_token = $data_access_token->access_token; // store access_token within the session if needed?
+}
+
+if ($access_token != '') {
+    //fetch ssoUserInfo
+    $ssoUserInfo = $objSso->ssoUserInfo($access_token);
+    $ssoUserInfo = json_decode($ssoUserInfo);
+    $email = $ssoUserInfo->email;
+}
+
+```
 \ No newline at end of file
@@ -0,0 +1,22 @@
+{
+    "name": "ssoriau/ssoclientlibrary",
+    "description": "SsoClientLibrary",
+    "type": "library",
+    "license": "MIT",
+    "authors": [
+        {
+            "name": "ssoriau",
+            "email": "sso@riau.go.id"
+        }
+    ],
+    "minimum-stability": "dev",
+    "prefer-stable": true,
+    "require": {
+        "php": ">=7.1"
+    },
+    "autoload": {
+        "psr-4": {
+            "SsoRiau\\": "src/"
+        }
+    }
+}
@@ -0,0 +1,128 @@
+<?php
+
+namespace SsoRiau;
+
+/*
+ * Nama   : File SSO Riau client library
+ * Tujuan : File ini dibuat dalam bentuk class objek sehingga dapat di integrasikan
+ *          dengan aplikasi pihak ketiga yang ingin terhubung menggunakan aplikasi SSO
+ * Deskripsi Variable :
+ *  $clientId
+ *  - merupakan identitas unik ID yang diperoleh saat mendaftarkan
+ *    aplikasi pihak ketiga pada aplikasi SSO
+ *  $clientSecret
+ *  - merupakan identitas unik Secret (rahasia) yang digunakan saat akses 
+ *    kepada aplikasi SSO sehingga diizinkan
+ *  $redirectUri
+ *  - merupakan alamat url yang akan mengelola hasil informasi login SSO
+ *  $targetUri
+ *  - adalah alamat website aplikasi SSO
+ * 
+ */
+
+class SsoClientLibrary {
+
+    protected $clientId;
+    protected $clientSecret;
+    protected $redirectUri;
+    protected $targetUri;
+
+    public function __construct() {
+        $this->clientId = '';   // 3rd Party client Id
+        $this->clientSecret = '';   // 3rd Party client secret
+        $this->redirectUri = '';  // 3rd Party url redirect or url to handle callback
+        $this->targetUri = 'https://sso.riau.go.id/';    // SSO Riau portal
+    }
+
+    public function ssoRequest() {
+        $state = base64_encode(random_bytes(40));
+        $query = http_build_query([
+            'client_id' => $this->clientId,
+            'redirect_uri' => $this->redirectUri,
+            'response_type' => 'code',
+            'scope' => '',
+            'state' => $state,
+        ]);
+
+        $_url = $this->targetUri ."oauth/authorize?" . $query;
+        echo '<pre>';print_r($_url);
+        header("Location: " . $_url);
+        die();
+    }
+
+    public function ssoCallback() {
+        if (isset($_GET['code']) && !empty(($_GET['code']))) {
+            $_access_token = '';
+            $_errors = '';
+
+            $_posts = [
+                'grant_type' => 'authorization_code',
+                'client_id' => $this->clientId,
+                'client_secret' => $this->clientSecret,
+                'redirect_uri' => $this->redirectUri,
+                'code' => $_GET['code'],
+            ];
+            $arr_token = $this->__runCurl('POST', $this->targetUri."oauth/token", $_posts);
+            return $arr_token;
+        }
+        die('Something went wrong, please trace back your action!');
+    }
+
+    public function ssoUserInfo($access_token) {
+        if ($access_token != '') {
+            $header = [
+                'Content-Type: application/json',
+                'Authorization: Bearer '.$access_token,
+            ];
+            $user_info = $this->__runCurl('GET', $this->targetUri."api/userInfo", [], $header);
+            return $user_info;
+        }
+        die('Something went wrong, please trace back your action!');
+    }
+
+    public function ssoAsnInfo($access_token, $nip) {
+        if ($access_token != '' && $nip != '') {
+            $header = [
+                'Content-Type: application/json',
+                'Authorization: Bearer '.$access_token,
+            ];
+
+            $query = http_build_query([
+                'nip' => $nip
+            ]);
+            $asn_info = $this->__runCurl('POST', $this->targetUri."api/userData?".$query, [], $header);
+            return $asn_info;
+        }
+        die('Something went wrong, please trace back your action!');
+    }
+
+    private function __runCurl($method = 'GET', $url, $data = [], $header = []) {
+        $error = '';
+        $ch = curl_init($url);
+        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+        if ($method == 'POST') {
+            curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
+        }
+        if (!empty($header)) {
+            curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
+        }
+        //curl_setopt($ch, CURLOPT_TIMEOUT, 5); //timeout in seconds
+        //curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
+        //curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
+
+        $response = curl_exec($ch);
+        if (curl_error($ch)) {
+            $error = curl_error($ch);
+        }
+        curl_close($ch);
+
+        if ($error == '' && !empty($response)) {
+            return $response;
+        } else {
+            return $error;
+        }
+        die('Something went wrong, please trace back your action!');
+    }
+
+}
 \ No newline at end of file
...	...	@@ -0,0 +1,41 @@
	1	+## SSO Riau
	2	+SSO Riau
	3	+
	4	+Construct:
	5	+----
	6	+
	7	+```$php
	8	+$this->clientId = ''; // 3rd Party client Id
	9	+$this->clientSecret = ''; // 3rd Party client secret
	10	+$this->redirectUri = ''; // 3rd Party url redirect or url to handle callback
	11	+$this->targetUri = 'https://sso.riau.go.id/'; // SSO Riau portal
	12	+
	13	+```
	14	+Check SSO session :
	15	+----
	16	+
	17	+```$php
	18	+use SsoRiau\SsoClientLibrary;
	19	+$objSso = new SsoClientLibrary();
	20	+$objSso->ssoRequest();
	21	+
	22	+```
	23	+Consume SSO session :
	24	+----
	25	+
	26	+```$php
	27	+$objSso = new SsoClientLibrary();
	28	+$data_access_token = $objSso->ssoCallback();
	29	+if (!empty($data_access_token)) {
	30	+ $data_access_token = json_decode($data_access_token);
	31	+ $access_token = $data_access_token->access_token; // store access_token within the session if needed?
	32	+}
	33	+
	34	+if ($access_token != '') {
	35	+ //fetch ssoUserInfo
	36	+ $ssoUserInfo = $objSso->ssoUserInfo($access_token);
	37	+ $ssoUserInfo = json_decode($ssoUserInfo);
	38	+ $email = $ssoUserInfo->email;
	39	+}
	40	+
	41	+```
0	42	\ No newline at end of file
...	...	@@ -0,0 +1,22 @@
	1	+{
	2	+ "name": "ssoriau/ssoclientlibrary",
	3	+ "description": "SsoClientLibrary",
	4	+ "type": "library",
	5	+ "license": "MIT",
	6	+ "authors": [
	7	+ {
	8	+ "name": "ssoriau",
	9	+ "email": "sso@riau.go.id"
	10	+ }
	11	+ ],
	12	+ "minimum-stability": "dev",
	13	+ "prefer-stable": true,
	14	+ "require": {
	15	+ "php": ">=7.1"
	16	+ },
	17	+ "autoload": {
	18	+ "psr-4": {
	19	+ "SsoRiau\\": "src/"
	20	+ }
	21	+ }
	22	+}
...	...	@@ -0,0 +1,128 @@
	1	+<?php
	2	+
	3	+namespace SsoRiau;
	4	+
	5	+/*
	6	+ * Nama : File SSO Riau client library
	7	+ * Tujuan : File ini dibuat dalam bentuk class objek sehingga dapat di integrasikan
	8	+ * dengan aplikasi pihak ketiga yang ingin terhubung menggunakan aplikasi SSO
	9	+ * Deskripsi Variable :
	10	+ * $clientId
	11	+ * - merupakan identitas unik ID yang diperoleh saat mendaftarkan
	12	+ * aplikasi pihak ketiga pada aplikasi SSO
	13	+ * $clientSecret
	14	+ * - merupakan identitas unik Secret (rahasia) yang digunakan saat akses
	15	+ * kepada aplikasi SSO sehingga diizinkan
	16	+ * $redirectUri
	17	+ * - merupakan alamat url yang akan mengelola hasil informasi login SSO
	18	+ * $targetUri
	19	+ * - adalah alamat website aplikasi SSO
	20	+ *
	21	+ */
	22	+
	23	+class SsoClientLibrary {
	24	+
	25	+ protected $clientId;
	26	+ protected $clientSecret;
	27	+ protected $redirectUri;
	28	+ protected $targetUri;
	29	+
	30	+ public function __construct() {
	31	+ $this->clientId = ''; // 3rd Party client Id
	32	+ $this->clientSecret = ''; // 3rd Party client secret
	33	+ $this->redirectUri = ''; // 3rd Party url redirect or url to handle callback
	34	+ $this->targetUri = 'https://sso.riau.go.id/'; // SSO Riau portal
	35	+ }
	36	+
	37	+ public function ssoRequest() {
	38	+ $state = base64_encode(random_bytes(40));
	39	+ $query = http_build_query([
	40	+ 'client_id' => $this->clientId,
	41	+ 'redirect_uri' => $this->redirectUri,
	42	+ 'response_type' => 'code',
	43	+ 'scope' => '',
	44	+ 'state' => $state,
	45	+ ]);
	46	+
	47	+ $_url = $this->targetUri ."oauth/authorize?" . $query;
	48	+ echo '<pre>';print_r($_url);
	49	+ header("Location: " . $_url);
	50	+ die();
	51	+ }
	52	+
	53	+ public function ssoCallback() {
	54	+ if (isset($_GET['code']) && !empty(($_GET['code']))) {
	55	+ $_access_token = '';
	56	+ $_errors = '';
	57	+
	58	+ $_posts = [
	59	+ 'grant_type' => 'authorization_code',
	60	+ 'client_id' => $this->clientId,
	61	+ 'client_secret' => $this->clientSecret,
	62	+ 'redirect_uri' => $this->redirectUri,
	63	+ 'code' => $_GET['code'],
	64	+ ];
	65	+ $arr_token = $this->__runCurl('POST', $this->targetUri."oauth/token", $_posts);
	66	+ return $arr_token;
	67	+ }
	68	+ die('Something went wrong, please trace back your action!');
	69	+ }
	70	+
	71	+ public function ssoUserInfo($access_token) {
	72	+ if ($access_token != '') {
	73	+ $header = [
	74	+ 'Content-Type: application/json',
	75	+ 'Authorization: Bearer '.$access_token,
	76	+ ];
	77	+ $user_info = $this->__runCurl('GET', $this->targetUri."api/userInfo", [], $header);
	78	+ return $user_info;
	79	+ }
	80	+ die('Something went wrong, please trace back your action!');
	81	+ }
	82	+
	83	+ public function ssoAsnInfo($access_token, $nip) {
	84	+ if ($access_token != '' && $nip != '') {
	85	+ $header = [
	86	+ 'Content-Type: application/json',
	87	+ 'Authorization: Bearer '.$access_token,
	88	+ ];
	89	+
	90	+ $query = http_build_query([
	91	+ 'nip' => $nip
	92	+ ]);
	93	+ $asn_info = $this->__runCurl('POST', $this->targetUri."api/userData?".$query, [], $header);
	94	+ return $asn_info;
	95	+ }
	96	+ die('Something went wrong, please trace back your action!');
	97	+ }
	98	+
	99	+ private function __runCurl($method = 'GET', $url, $data = [], $header = []) {
	100	+ $error = '';
	101	+ $ch = curl_init($url);
	102	+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
	103	+ curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
	104	+ if ($method == 'POST') {
	105	+ curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
	106	+ }
	107	+ if (!empty($header)) {
	108	+ curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
	109	+ }
	110	+ //curl_setopt($ch, CURLOPT_TIMEOUT, 5); //timeout in seconds
	111	+ //curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
	112	+ //curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
	113	+
	114	+ $response = curl_exec($ch);
	115	+ if (curl_error($ch)) {
	116	+ $error = curl_error($ch);
	117	+ }
	118	+ curl_close($ch);
	119	+
	120	+ if ($error == '' && !empty($response)) {
	121	+ return $response;
	122	+ } else {
	123	+ return $error;
	124	+ }
	125	+ die('Something went wrong, please trace back your action!');
	126	+ }
	127	+
	128	+}
0	129	\ No newline at end of file