diff --git a/README.md b/README.md new file mode 100644 index 0000000..17adb4b --- /dev/null +++ b/README.md @@ -0,0 +1,41 @@ +## SSO Riau +SSO Riau + +Construct: +---- + +```$php +$this->clientId = ''; // 3rd Party client Id +$this->clientSecret = ''; // 3rd Party client secret +$this->redirectUri = ''; // 3rd Party url redirect or url to handle callback +$this->targetUri = 'https://sso.riau.go.id/'; // SSO Riau portal + +``` +Check SSO session : +---- + +```$php +use SsoRiau\SsoClientLibrary; +$objSso = new SsoClientLibrary(); +$objSso->ssoRequest(); + +``` +Consume SSO session : +---- + +```$php +$objSso = new SsoClientLibrary(); +$data_access_token = $objSso->ssoCallback(); +if (!empty($data_access_token)) { + $data_access_token = json_decode($data_access_token); + $access_token = $data_access_token->access_token; // store access_token within the session if needed? +} + +if ($access_token != '') { + //fetch ssoUserInfo + $ssoUserInfo = $objSso->ssoUserInfo($access_token); + $ssoUserInfo = json_decode($ssoUserInfo); + $email = $ssoUserInfo->email; +} + +``` \ No newline at end of file diff --git a/composer.json b/composer.json new file mode 100644 index 0000000..90ad06a --- /dev/null +++ b/composer.json @@ -0,0 +1,22 @@ +{ + "name": "ssoriau/ssoclientlibrary", + "description": "SsoClientLibrary", + "type": "library", + "license": "MIT", + "authors": [ + { + "name": "ssoriau", + "email": "sso@riau.go.id" + } + ], + "minimum-stability": "dev", + "prefer-stable": true, + "require": { + "php": ">=7.1" + }, + "autoload": { + "psr-4": { + "SsoRiau\\": "src/" + } + } +} diff --git a/src/SsoClientLibrary.php b/src/SsoClientLibrary.php new file mode 100644 index 0000000..315e9d1 --- /dev/null +++ b/src/SsoClientLibrary.php @@ -0,0 +1,128 @@ +clientId = ''; // 3rd Party client Id + $this->clientSecret = ''; // 3rd Party client secret + $this->redirectUri = ''; // 3rd Party url redirect or url to handle callback + $this->targetUri = 'https://sso.riau.go.id/'; // SSO Riau portal + } + + public function ssoRequest() { + $state = base64_encode(random_bytes(40)); + $query = http_build_query([ + 'client_id' => $this->clientId, + 'redirect_uri' => $this->redirectUri, + 'response_type' => 'code', + 'scope' => '', + 'state' => $state, + ]); + + $_url = $this->targetUri ."oauth/authorize?" . $query; + echo '
';print_r($_url);
+        header("Location: " . $_url);
+        die();
+    }
+
+    public function ssoCallback() {
+        if (isset($_GET['code']) && !empty(($_GET['code']))) {
+            $_access_token = '';
+            $_errors = '';
+
+            $_posts = [
+                'grant_type' => 'authorization_code',
+                'client_id' => $this->clientId,
+                'client_secret' => $this->clientSecret,
+                'redirect_uri' => $this->redirectUri,
+                'code' => $_GET['code'],
+            ];
+            $arr_token = $this->__runCurl('POST', $this->targetUri."oauth/token", $_posts);
+            return $arr_token;
+        }
+        die('Something went wrong, please trace back your action!');
+    }
+
+    public function ssoUserInfo($access_token) {
+        if ($access_token != '') {
+            $header = [
+                'Content-Type: application/json',
+                'Authorization: Bearer '.$access_token,
+            ];
+            $user_info = $this->__runCurl('GET', $this->targetUri."api/userInfo", [], $header);
+            return $user_info;
+        }
+        die('Something went wrong, please trace back your action!');
+    }
+
+    public function ssoAsnInfo($access_token, $nip) {
+        if ($access_token != '' && $nip != '') {
+            $header = [
+                'Content-Type: application/json',
+                'Authorization: Bearer '.$access_token,
+            ];
+
+            $query = http_build_query([
+                'nip' => $nip
+            ]);
+            $asn_info = $this->__runCurl('POST', $this->targetUri."api/userData?".$query, [], $header);
+            return $asn_info;
+        }
+        die('Something went wrong, please trace back your action!');
+    }
+
+    private function __runCurl($method = 'GET', $url, $data = [], $header = []) {
+        $error = '';
+        $ch = curl_init($url);
+        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+        if ($method == 'POST') {
+            curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
+        }
+        if (!empty($header)) {
+            curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
+        }
+        //curl_setopt($ch, CURLOPT_TIMEOUT, 5); //timeout in seconds
+        //curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
+        //curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
+
+        $response = curl_exec($ch);
+        if (curl_error($ch)) {
+            $error = curl_error($ch);
+        }
+        curl_close($ch);
+
+        if ($error == '' && !empty($response)) {
+            return $response;
+        } else {
+            return $error;
+        }
+        die('Something went wrong, please trace back your action!');
+    }
+
+}
\ No newline at end of file