oji / ssoriau

Compare View

switch
from
...
to
 
Commits (2)

Changes

Showing 2 changed files Inline Diff

1 ## SSO Riau 1 ## SSO Riau
2 SSO Riau 2 SSO Riau
3 3
4 Construct: 4 Construct:
5 ---- 5 ----
6 6
7 ```$php 7 ```$php
8 $this->clientId = ''; // 3rd Party client Id 8 $this->clientId = ''; // 3rd Party client Id
9 $this->clientSecret = ''; // 3rd Party client secret 9 $this->clientSecret = ''; // 3rd Party client secret
10 $this->redirectUri = ''; // 3rd Party url redirect or url to handle callback 10 $this->redirectUri = ''; // 3rd Party url redirect or url to handle callback
11 $this->targetUri = 'https://sso.riau.go.id/'; // SSO Riau portal 11 $this->targetUri = 'https://sso.riau.go.id/'; // SSO Riau portal
12 12
13 ``` 13 ```
14 Check SSO session : 14 Check SSO session :
15 ---- 15 ----
16 16
17 ```$php 17 ```$php
18 use SsoRiau\SsoClientLibrary; 18 use SsoRiau\SsoClientLibrary;
19 $objSso = new SsoClientLibrary(); 19 $objSso = new SsoClientLibrary();
20 $objSso->ssoRequest(); 20 $objSso->ssoRequest();
21 21
22 ``` 22 ```
23 Consume SSO session : 23 Consume SSO session :
24 ---- 24 ----
25 25
26 ```$php 26 ```$php
27 $objSso = new SsoClientLibrary(); 27 use SsoRiau\SsoClientLibrary;
28 $data_access_token = $objSso->ssoCallback(); 28 $objSso = new SsoClientLibrary();
29 if (!empty($data_access_token)) { 29 $data_access_token = $objSso->ssoCallback();
30 $data_access_token = json_decode($data_access_token); 30 if (!empty($data_access_token)) {
31 $access_token = $data_access_token->access_token; // store access_token within the session if needed? 31 $data_access_token = json_decode($data_access_token);
32 } 32 $access_token = $data_access_token->access_token; // store access_token within the session if needed?
33 33 }
34 if ($access_token != '') { 34
35 //fetch ssoUserInfo 35 if ($access_token != '') {
36 $ssoUserInfo = $objSso->ssoUserInfo($access_token); 36 //fetch ssoUserInfo
37 $ssoUserInfo = json_decode($ssoUserInfo); 37 $ssoUserInfo = $objSso->ssoUserInfo($access_token);
38 $email = $ssoUserInfo->email; 38 $ssoUserInfo = json_decode($ssoUserInfo);
39 } 39 $email = $ssoUserInfo->email;
40 40 }
41 ``` 41
42 ```
43
44 ```$php
45 $url_back = {return_url};
46 $objSso = new SsoClientLibrary();
47 $objSso->ssoLogout($url_back);
42 48 ```
src/SsoClientLibrary.php
Diff comments   View file @ 38a123b
1 <?php 1 <?php
2 2
3 namespace SsoRiau; 3 namespace SsoRiau;
4 4
5 /* 5 /*
6 * Nama : File SSO Riau client library 6 * Nama : File SSO Riau client library
7 * Tujuan : File ini dibuat dalam bentuk class objek sehingga dapat di integrasikan 7 * Tujuan : File ini dibuat dalam bentuk class objek sehingga dapat di integrasikan
8 * dengan aplikasi pihak ketiga yang ingin terhubung menggunakan aplikasi SSO 8 * dengan aplikasi pihak ketiga yang ingin terhubung menggunakan aplikasi SSO
9 * Deskripsi Variable : 9 * Deskripsi Variable :
10 * $clientId 10 * $clientId
11 * - merupakan identitas unik ID yang diperoleh saat mendaftarkan 11 * - merupakan identitas unik ID yang diperoleh saat mendaftarkan
12 * aplikasi pihak ketiga pada aplikasi SSO 12 * aplikasi pihak ketiga pada aplikasi SSO
13 * $clientSecret 13 * $clientSecret
14 * - merupakan identitas unik Secret (rahasia) yang digunakan saat akses 14 * - merupakan identitas unik Secret (rahasia) yang digunakan saat akses
15 * kepada aplikasi SSO sehingga diizinkan 15 * kepada aplikasi SSO sehingga diizinkan
16 * $redirectUri 16 * $redirectUri
17 * - merupakan alamat url yang akan mengelola hasil informasi login SSO 17 * - merupakan alamat url yang akan mengelola hasil informasi login SSO
18 * $targetUri 18 * $targetUri
19 * - adalah alamat website aplikasi SSO 19 * - adalah alamat website aplikasi SSO
20 * 20 *
21 */ 21 */
22 22
23 class SsoClientLibrary { 23 class SsoClientLibrary {
24 24
25 protected $clientId; 25 protected $clientId;
26 protected $clientSecret; 26 protected $clientSecret;
27 protected $redirectUri; 27 protected $redirectUri;
28 protected $targetUri; 28 protected $targetUri;
29 29
30 public function __construct() { 30 public function __construct() {
31 $this->clientId = ''; // 3rd Party client Id 31 $this->clientId = ''; // 3rd Party client Id
32 $this->clientSecret = ''; // 3rd Party client secret 32 $this->clientSecret = ''; // 3rd Party client secret
33 $this->redirectUri = ''; // 3rd Party url redirect or url to handle callback 33 $this->redirectUri = ''; // 3rd Party url redirect or url to handle callback
34 $this->targetUri = 'https://sso.riau.go.id/'; // SSO Riau portal 34 $this->targetUri = 'https://sso.riau.go.id/'; // SSO Riau portal
35 } 35 }
36 36
37 public function ssoRequest() { 37 public function ssoRequest() {
38 $state = base64_encode(random_bytes(40)); 38 $state = base64_encode(random_bytes(40));
39 $query = http_build_query([ 39 $query = http_build_query([
40 'client_id' => $this->clientId, 40 'client_id' => $this->clientId,
41 'redirect_uri' => $this->redirectUri, 41 'redirect_uri' => $this->redirectUri,
42 'response_type' => 'code', 42 'response_type' => 'code',
43 'scope' => '', 43 'scope' => '',
44 'state' => $state, 44 'state' => $state,
45 ]); 45 ]);
46 46
47 $_url = $this->targetUri ."oauth/authorize?" . $query; 47 $_url = $this->targetUri ."oauth/authorize?" . $query;
48 echo '<pre>';print_r($_url); 48 echo '<pre>';print_r($_url);
49 header("Location: " . $_url); 49 header("Location: " . $_url);
50 die(); 50 die();
51 } 51 }
52 52
53 public function ssoCallback() { 53 public function ssoCallback() {
54 if (isset($_GET['code']) && !empty(($_GET['code']))) { 54 if (isset($_GET['code']) && !empty(($_GET['code']))) {
55 $_access_token = ''; 55 $_access_token = '';
56 $_errors = ''; 56 $_errors = '';
57 57
58 $_posts = [ 58 $_posts = [
59 'grant_type' => 'authorization_code', 59 'grant_type' => 'authorization_code',
60 'client_id' => $this->clientId, 60 'client_id' => $this->clientId,
61 'client_secret' => $this->clientSecret, 61 'client_secret' => $this->clientSecret,
62 'redirect_uri' => $this->redirectUri, 62 'redirect_uri' => $this->redirectUri,
63 'code' => $_GET['code'], 63 'code' => $_GET['code'],
64 ]; 64 ];
65 $arr_token = $this->__runCurl('POST', $this->targetUri."oauth/token", $_posts); 65 $arr_token = $this->__runCurl('POST', $this->targetUri."oauth/token", $_posts);
66 return $arr_token; 66 return $arr_token;
67 } 67 }
68 die('Something went wrong, please trace back your action!'); 68 die('Something went wrong, please trace back your action!');
69 } 69 }
70 70
71 public function ssoUserInfo($access_token) { 71 public function ssoUserInfo($access_token) {
72 if ($access_token != '') { 72 if ($access_token != '') {
73 $header = [ 73 $header = [
74 'Content-Type: application/json', 74 'Content-Type: application/json',
75 'Authorization: Bearer '.$access_token, 75 'Authorization: Bearer '.$access_token,
76 ]; 76 ];
77 $user_info = $this->__runCurl('GET', $this->targetUri."api/userInfo", [], $header); 77 $user_info = $this->__runCurl('GET', $this->targetUri."api/userInfo", [], $header);
78 return $user_info; 78 return $user_info;
79 } 79 }
80 die('Something went wrong, please trace back your action!'); 80 die('Something went wrong, please trace back your action!');
81 } 81 }
82 82
83 public function ssoAsnInfo($access_token, $nip) { 83 public function ssoAsnInfo($access_token, $nip) {
84 if ($access_token != '' && $nip != '') { 84 if ($access_token != '' && $nip != '') {
85 $header = [ 85 $header = [
86 'Content-Type: application/json', 86 'Content-Type: application/json',
87 'Authorization: Bearer '.$access_token, 87 'Authorization: Bearer '.$access_token,
88 ]; 88 ];
89 89
90 $query = http_build_query([ 90 $query = http_build_query([
91 'nip' => $nip 91 'nip' => $nip
92 ]); 92 ]);
93 $asn_info = $this->__runCurl('POST', $this->targetUri."api/userData?".$query, [], $header); 93 $asn_info = $this->__runCurl('POST', $this->targetUri."api/userData?".$query, [], $header);
94 return $asn_info; 94 return $asn_info;
95 } 95 }
96 die('Something went wrong, please trace back your action!'); 96 die('Something went wrong, please trace back your action!');
97 } 97 }
98 98
99 private function __runCurl($method = 'GET', $url, $data = [], $header = []) { 99 private function __runCurl($method = 'GET', $url, $data = [], $header = []) {
100 $error = ''; 100 $error = '';
101 $ch = curl_init($url); 101 $ch = curl_init($url);
102 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 102 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
103 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); 103 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
104 if ($method == 'POST') { 104 if ($method == 'POST') {
105 curl_setopt($ch, CURLOPT_POSTFIELDS, $data); 105 curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
106 } 106 }
107 if (!empty($header)) { 107 if (!empty($header)) {
108 curl_setopt($ch, CURLOPT_HTTPHEADER, $header); 108 curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
109 } 109 }
110 //curl_setopt($ch, CURLOPT_TIMEOUT, 5); //timeout in seconds 110 //curl_setopt($ch, CURLOPT_TIMEOUT, 5); //timeout in seconds
111 //curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); 111 //curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
112 //curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); 112 //curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
113 113
114 $response = curl_exec($ch); 114 $response = curl_exec($ch);
115 if (curl_error($ch)) { 115 if (curl_error($ch)) {
116 $error = curl_error($ch); 116 $error = curl_error($ch);
117 } 117 }
118 curl_close($ch); 118 curl_close($ch);
119 119
120 if ($error == '' && !empty($response)) { 120 if ($error == '' && !empty($response)) {
121 return $response; 121 return $response;
122 } else { 122 } else {
123 return $error; 123 return $error;
124 } 124 }
125 die('Something went wrong, please trace back your action!'); 125 die('Something went wrong, please trace back your action!');
126 } 126 }
127 127
128 public function ssoLogout($url_back = '') {
129 $query = http_build_query([
130 'url_back' => $url_back,
131 ]);
132
133 $_url = $this->targetUri ."sso/logout?" . $query;
134 header("Location: " . $_url);
135 die();
136 }
137
128 public function ssoLogout($url_back = '') { 138 }