Commit 78ccfa2000f3cb2c06d6e9e5c49269556c94759a
1 parent
373f3710cd
Exists in
master
fixes bug get code uri
Showing 1 changed file with 5 additions and 1 deletions Inline Diff
src/SsoClientLibrary.php
| 1 | <?php | 1 | <?php |
| 2 | 2 | ||
| 3 | namespace SsoRiau; | 3 | namespace SsoRiau; |
| 4 | 4 | ||
| 5 | /* | 5 | /* |
| 6 | * Nama : File SSO Riau client library | 6 | * Nama : File SSO Riau client library |
| 7 | * Tujuan : File ini dibuat dalam bentuk class objek sehingga dapat di integrasikan | 7 | * Tujuan : File ini dibuat dalam bentuk class objek sehingga dapat di integrasikan |
| 8 | * dengan aplikasi pihak ketiga yang ingin terhubung menggunakan aplikasi SSO | 8 | * dengan aplikasi pihak ketiga yang ingin terhubung menggunakan aplikasi SSO |
| 9 | * Deskripsi Variable : | 9 | * Deskripsi Variable : |
| 10 | * $clientId | 10 | * $clientId |
| 11 | * - merupakan identitas unik ID yang diperoleh saat mendaftarkan | 11 | * - merupakan identitas unik ID yang diperoleh saat mendaftarkan |
| 12 | * aplikasi pihak ketiga pada aplikasi SSO | 12 | * aplikasi pihak ketiga pada aplikasi SSO |
| 13 | * $clientSecret | 13 | * $clientSecret |
| 14 | * - merupakan identitas unik Secret (rahasia) yang digunakan saat akses | 14 | * - merupakan identitas unik Secret (rahasia) yang digunakan saat akses |
| 15 | * kepada aplikasi SSO sehingga diizinkan | 15 | * kepada aplikasi SSO sehingga diizinkan |
| 16 | * $redirectUri | 16 | * $redirectUri |
| 17 | * - merupakan alamat url yang akan mengelola hasil informasi login SSO | 17 | * - merupakan alamat url yang akan mengelola hasil informasi login SSO |
| 18 | * $targetUri | 18 | * $targetUri |
| 19 | * - adalah alamat website aplikasi SSO | 19 | * - adalah alamat website aplikasi SSO |
| 20 | * | 20 | * |
| 21 | */ | 21 | */ |
| 22 | 22 | ||
| 23 | class SsoClientLibrary { | 23 | class SsoClientLibrary { |
| 24 | 24 | ||
| 25 | protected $clientId; | 25 | protected $clientId; |
| 26 | protected $clientSecret; | 26 | protected $clientSecret; |
| 27 | protected $redirectUri; | 27 | protected $redirectUri; |
| 28 | protected $targetUri; | 28 | protected $targetUri; |
| 29 | 29 | ||
| 30 | public function __construct() { | 30 | public function __construct() { |
| 31 | $this->clientId = ''; // 3rd Party client Id | 31 | $this->clientId = ''; // 3rd Party client Id |
| 32 | $this->clientSecret = ''; // 3rd Party client secret | 32 | $this->clientSecret = ''; // 3rd Party client secret |
| 33 | $this->redirectUri = ''; // 3rd Party url redirect or url to handle callback | 33 | $this->redirectUri = ''; // 3rd Party url redirect or url to handle callback |
| 34 | $this->targetUri = 'https://sso.riau.go.id/'; // SSO Riau portal | 34 | $this->targetUri = 'https://sso.riau.go.id/'; // SSO Riau portal |
| 35 | } | 35 | } |
| 36 | 36 | ||
| 37 | public function ssoRequest() { | 37 | public function ssoRequest() { |
| 38 | $state = base64_encode(random_bytes(40)); | 38 | $state = base64_encode(random_bytes(40)); |
| 39 | $query = http_build_query([ | 39 | $query = http_build_query([ |
| 40 | 'client_id' => $this->clientId, | 40 | 'client_id' => $this->clientId, |
| 41 | 'redirect_uri' => $this->redirectUri, | 41 | 'redirect_uri' => $this->redirectUri, |
| 42 | 'response_type' => 'code', | 42 | 'response_type' => 'code', |
| 43 | 'scope' => '', | 43 | 'scope' => '', |
| 44 | 'state' => $state, | 44 | 'state' => $state, |
| 45 | ]); | 45 | ]); |
| 46 | 46 | ||
| 47 | $_url = $this->targetUri ."oauth/authorize?" . $query; | 47 | $_url = $this->targetUri ."oauth/authorize?" . $query; |
| 48 | echo '<pre>';print_r($_url); | 48 | echo '<pre>';print_r($_url); |
| 49 | header("Location: " . $_url); | 49 | header("Location: " . $_url); |
| 50 | die(); | 50 | die(); |
| 51 | } | 51 | } |
| 52 | 52 | ||
| 53 | public function ssoCallback() { | 53 | public function ssoCallback() { |
| 54 | if (isset($_GET['code']) && !empty(($_GET['code']))) { | 54 | $url = parse_url($this->redirectUri); |
| 55 | $code = str_replace($url['path'] . '?code=','',$_SERVER['REQUEST_URI']); | ||
| 56 | $code = explode('&',$code); | ||
| 57 | $code = $code[0] ?? ''; | ||
| 58 | if ($code != '') { | ||
| 55 | $_access_token = ''; | 59 | $_access_token = ''; |
| 56 | $_errors = ''; | 60 | $_errors = ''; |
| 57 | 61 | ||
| 58 | $_posts = [ | 62 | $_posts = [ |
| 59 | 'grant_type' => 'authorization_code', | 63 | 'grant_type' => 'authorization_code', |
| 60 | 'client_id' => $this->clientId, | 64 | 'client_id' => $this->clientId, |
| 61 | 'client_secret' => $this->clientSecret, | 65 | 'client_secret' => $this->clientSecret, |
| 62 | 'redirect_uri' => $this->redirectUri, | 66 | 'redirect_uri' => $this->redirectUri, |
| 63 | 'code' => $_GET['code'], | 67 | 'code' => $_GET['code'], |
| 64 | ]; | 68 | ]; |
| 65 | $arr_token = $this->__runCurl('POST', $this->targetUri."oauth/token", $_posts); | 69 | $arr_token = $this->__runCurl('POST', $this->targetUri."oauth/token", $_posts); |
| 66 | return $arr_token; | 70 | return $arr_token; |
| 67 | } | 71 | } |
| 68 | die('Something went wrong, please trace back your action!'); | 72 | die('Something went wrong, please trace back your action!'); |
| 69 | } | 73 | } |
| 70 | 74 | ||
| 71 | public function ssoUserInfo($access_token) { | 75 | public function ssoUserInfo($access_token) { |
| 72 | if ($access_token != '') { | 76 | if ($access_token != '') { |
| 73 | $header = [ | 77 | $header = [ |
| 74 | 'Content-Type: application/json', | 78 | 'Content-Type: application/json', |
| 75 | 'Authorization: Bearer '.$access_token, | 79 | 'Authorization: Bearer '.$access_token, |
| 76 | ]; | 80 | ]; |
| 77 | $user_info = $this->__runCurl('GET', $this->targetUri."api/userInfo", [], $header); | 81 | $user_info = $this->__runCurl('GET', $this->targetUri."api/userInfo", [], $header); |
| 78 | return $user_info; | 82 | return $user_info; |
| 79 | } | 83 | } |
| 80 | die('Something went wrong, please trace back your action!'); | 84 | die('Something went wrong, please trace back your action!'); |
| 81 | } | 85 | } |
| 82 | 86 | ||
| 83 | public function ssoAsnInfo($access_token, $nip) { | 87 | public function ssoAsnInfo($access_token, $nip) { |
| 84 | if ($access_token != '' && $nip != '') { | 88 | if ($access_token != '' && $nip != '') { |
| 85 | $header = [ | 89 | $header = [ |
| 86 | 'Content-Type: application/json', | 90 | 'Content-Type: application/json', |
| 87 | 'Authorization: Bearer '.$access_token, | 91 | 'Authorization: Bearer '.$access_token, |
| 88 | ]; | 92 | ]; |
| 89 | 93 | ||
| 90 | $query = http_build_query([ | 94 | $query = http_build_query([ |
| 91 | 'nip' => $nip | 95 | 'nip' => $nip |
| 92 | ]); | 96 | ]); |
| 93 | $asn_info = $this->__runCurl('POST', $this->targetUri."api/userData?".$query, [], $header); | 97 | $asn_info = $this->__runCurl('POST', $this->targetUri."api/userData?".$query, [], $header); |
| 94 | return $asn_info; | 98 | return $asn_info; |
| 95 | } | 99 | } |
| 96 | die('Something went wrong, please trace back your action!'); | 100 | die('Something went wrong, please trace back your action!'); |
| 97 | } | 101 | } |
| 98 | 102 | ||
| 99 | private function __runCurl($method = 'GET', $url, $data = [], $header = []) { | 103 | private function __runCurl($method = 'GET', $url, $data = [], $header = []) { |
| 100 | $error = ''; | 104 | $error = ''; |
| 101 | $ch = curl_init($url); | 105 | $ch = curl_init($url); |
| 102 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | 106 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); |
| 103 | curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); | 107 | curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); |
| 104 | if ($method == 'POST') { | 108 | if ($method == 'POST') { |
| 105 | curl_setopt($ch, CURLOPT_POSTFIELDS, $data); | 109 | curl_setopt($ch, CURLOPT_POSTFIELDS, $data); |
| 106 | } | 110 | } |
| 107 | if (!empty($header)) { | 111 | if (!empty($header)) { |
| 108 | curl_setopt($ch, CURLOPT_HTTPHEADER, $header); | 112 | curl_setopt($ch, CURLOPT_HTTPHEADER, $header); |
| 109 | } | 113 | } |
| 110 | //curl_setopt($ch, CURLOPT_TIMEOUT, 5); //timeout in seconds | 114 | //curl_setopt($ch, CURLOPT_TIMEOUT, 5); //timeout in seconds |
| 111 | //curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); | 115 | //curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); |
| 112 | //curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); | 116 | //curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); |
| 113 | 117 | ||
| 114 | $response = curl_exec($ch); | 118 | $response = curl_exec($ch); |
| 115 | if (curl_error($ch)) { | 119 | if (curl_error($ch)) { |
| 116 | $error = curl_error($ch); | 120 | $error = curl_error($ch); |
| 117 | } | 121 | } |
| 118 | curl_close($ch); | 122 | curl_close($ch); |
| 119 | 123 | ||
| 120 | if ($error == '' && !empty($response)) { | 124 | if ($error == '' && !empty($response)) { |
| 121 | return $response; | 125 | return $response; |
| 122 | } else { | 126 | } else { |
| 123 | return $error; | 127 | return $error; |
| 124 | } | 128 | } |
| 125 | die('Something went wrong, please trace back your action!'); | 129 | die('Something went wrong, please trace back your action!'); |
| 126 | } | 130 | } |
| 127 | 131 | ||
| 128 | public function ssoLogout($url_back = '') { | 132 | public function ssoLogout($url_back = '') { |
| 129 | $query = http_build_query([ | 133 | $query = http_build_query([ |
| 130 | 'url_back' => $url_back, | 134 | 'url_back' => $url_back, |
| 131 | ]); | 135 | ]); |
| 132 | 136 | ||
| 133 | $_url = $this->targetUri ."sso/logout?" . $query; | 137 | $_url = $this->targetUri ."sso/logout?" . $query; |
| 134 | header("Location: " . $_url); | 138 | header("Location: " . $_url); |
| 135 | die(); | 139 | die(); |
| 136 | } | 140 | } |
| 137 | 141 | ||
| 138 | } | 142 | } |