oji / ssoriau

Download as
Browse Code ยป

Commit 21e3db617601a5cc4897014330af3927247133b5

Authored by oji
0 parents
Exists in master

first commit

Showing 3 changed files with 191 additions and 0 deletions Inline Diff

File was created 1 ## SSO Riau
2 SSO Riau
3
4 Construct:
5 ----
6
7 ```$php
8 $this->clientId = ''; // 3rd Party client Id
9 $this->clientSecret = ''; // 3rd Party client secret
10 $this->redirectUri = ''; // 3rd Party url redirect or url to handle callback
11 $this->targetUri = 'https://sso.riau.go.id/'; // SSO Riau portal
12
13 ```
14 Check SSO session :
15 ----
16
17 ```$php
18 use SsoRiau\SsoClientLibrary;
19 $objSso = new SsoClientLibrary();
20 $objSso->ssoRequest();
21
22 ```
23 Consume SSO session :
24 ----
25
26 ```$php
27 $objSso = new SsoClientLibrary();
28 $data_access_token = $objSso->ssoCallback();
29 if (!empty($data_access_token)) {
30 $data_access_token = json_decode($data_access_token);
31 $access_token = $data_access_token->access_token; // store access_token within the session if needed?
32 }
33
34 if ($access_token != '') {
35 //fetch ssoUserInfo
36 $ssoUserInfo = $objSso->ssoUserInfo($access_token);
37 $ssoUserInfo = json_decode($ssoUserInfo);
38 $email = $ssoUserInfo->email;
39 }
40
41 ```
File was created 1 {
2 "name": "ssoriau/ssoclientlibrary",
3 "description": "SsoClientLibrary",
4 "type": "library",
5 "license": "MIT",
6 "authors": [
7 {
8 "name": "ssoriau",
9 "email": "sso@riau.go.id"
10 }
11 ],
12 "minimum-stability": "dev",
13 "prefer-stable": true,
14 "require": {
15 "php": ">=7.1"
16 },
17 "autoload": {
18 "psr-4": {
19 "SsoRiau\\": "src/"
20 }
21 }
22 }
23
src/SsoClientLibrary.php
Diff comments   View file @ 21e3db6
File was created 1 <?php
2
3 namespace SsoRiau;
4
5 /*
6 * Nama : File SSO Riau client library
7 * Tujuan : File ini dibuat dalam bentuk class objek sehingga dapat di integrasikan
8 * dengan aplikasi pihak ketiga yang ingin terhubung menggunakan aplikasi SSO
9 * Deskripsi Variable :
10 * $clientId
11 * - merupakan identitas unik ID yang diperoleh saat mendaftarkan
12 * aplikasi pihak ketiga pada aplikasi SSO
13 * $clientSecret
14 * - merupakan identitas unik Secret (rahasia) yang digunakan saat akses
15 * kepada aplikasi SSO sehingga diizinkan
16 * $redirectUri
17 * - merupakan alamat url yang akan mengelola hasil informasi login SSO
18 * $targetUri
19 * - adalah alamat website aplikasi SSO
20 *
21 */
22
23 class SsoClientLibrary {
24
25 protected $clientId;
26 protected $clientSecret;
27 protected $redirectUri;
28 protected $targetUri;
29
30 public function __construct() {
31 $this->clientId = ''; // 3rd Party client Id
32 $this->clientSecret = ''; // 3rd Party client secret
33 $this->redirectUri = ''; // 3rd Party url redirect or url to handle callback
34 $this->targetUri = 'https://sso.riau.go.id/'; // SSO Riau portal
35 }
36
37 public function ssoRequest() {
38 $state = base64_encode(random_bytes(40));
39 $query = http_build_query([
40 'client_id' => $this->clientId,
41 'redirect_uri' => $this->redirectUri,
42 'response_type' => 'code',
43 'scope' => '',
44 'state' => $state,
45 ]);
46
47 $_url = $this->targetUri ."oauth/authorize?" . $query;
48 echo '<pre>';print_r($_url);
49 header("Location: " . $_url);
50 die();
51 }
52
53 public function ssoCallback() {
54 if (isset($_GET['code']) && !empty(($_GET['code']))) {
55 $_access_token = '';
56 $_errors = '';
57
58 $_posts = [
59 'grant_type' => 'authorization_code',
60 'client_id' => $this->clientId,
61 'client_secret' => $this->clientSecret,
62 'redirect_uri' => $this->redirectUri,
63 'code' => $_GET['code'],
64 ];
65 $arr_token = $this->__runCurl('POST', $this->targetUri."oauth/token", $_posts);
66 return $arr_token;
67 }
68 die('Something went wrong, please trace back your action!');
69 }
70
71 public function ssoUserInfo($access_token) {
72 if ($access_token != '') {
73 $header = [
74 'Content-Type: application/json',
75 'Authorization: Bearer '.$access_token,
76 ];
77 $user_info = $this->__runCurl('GET', $this->targetUri."api/userInfo", [], $header);
78 return $user_info;
79 }
80 die('Something went wrong, please trace back your action!');
81 }
82
83 public function ssoAsnInfo($access_token, $nip) {
84 if ($access_token != '' && $nip != '') {
85 $header = [
86 'Content-Type: application/json',
87 'Authorization: Bearer '.$access_token,
88 ];
89
90 $query = http_build_query([
91 'nip' => $nip
92 ]);
93 $asn_info = $this->__runCurl('POST', $this->targetUri."api/userData?".$query, [], $header);
94 return $asn_info;
95 }
96 die('Something went wrong, please trace back your action!');
97 }
98
99 private function __runCurl($method = 'GET', $url, $data = [], $header = []) {
100 $error = '';
101 $ch = curl_init($url);
102 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
103 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
104 if ($method == 'POST') {
105 curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
106 }
107 if (!empty($header)) {
108 curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
109 }
110 //curl_setopt($ch, CURLOPT_TIMEOUT, 5); //timeout in seconds
111 //curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
112 //curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
113
114 $response = curl_exec($ch);
115 if (curl_error($ch)) {
116 $error = curl_error($ch);
117 }
118 curl_close($ch);
119
120 if ($error == '' && !empty($response)) {
121 return $response;
122 } else {
123 return $error;
124 }
125 die('Something went wrong, please trace back your action!');
126 }
127
128 }