gorontalokota/sso-client

PHP 的 SSO 集成

维护者

详细信息

github.com/rivaisali/SSO-Kota-Gorontalo

源代码

问题

安装: 9

依赖者: 0

建议者: 0

安全: 0

星星: 1

关注者: 2

分支: 0

开放问题: 0

v1.0.0 2022-08-27 02:50 UTC

Requires

MIT c0b03443abad0b1968800a71db4bb966645887f3

  • rivaisali <m.rivai.sali.woop@gmail.com>

This package is auto-updated.

Last update: 2024-09-27 07:13:16 UTC

README

该库使用并支持 PHP League 的 OAuth 2.0 客户端

安装

使用 composer 进行安装

composer require gorontalokota/sso-client

用法

使用授权代码

用于登录

require(__DIR__ . "/vendor/autoload.php");

use Gorontalokota\SSO\Client\Provider\Broker;

$provider = new Broker([
    'realm'                     => '{Realms}',
    'clientId'                  => '{clientID}',
    'clientSecret'              => '{clientSecret}',
    'redirectUri'               => '{http://example/oauth/authorized}',
]);

$authUrl = $provider->getAuthorizationUrl();
//Simpan status Auth ke Session untuk mencegah csrf
$_SESSION['oauth2state'] = $provider->getState();
//Redirect Url Auth
header('Location: '.$authUrl);

用于获取用户信息

require(__DIR__ . "/vendor/autoload.php");

use Gorontalokota\SSO\Client\Provider\Broker;

$provider = new Broker([
    'realm'                     => '{Realms}',
    'clientId'                  => '{clientID}',
    'clientSecret'              => '{clientSecret}',
    'redirectUri'               => '{http://example/oauth/authorized}',
]);

 //Periksa status yang diberikan terhadap status yang disimpan sebelumnya untuk mengurangi serangan CSRF
 if (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
    unset($_SESSION['oauth2state']);
    exit('Invalid state, make sure HTTP sessions are enabled.');

} else {
try {
        $token = $provider->getAccessToken('authorization_code', [
            'code' => $_GET['code']
        ]);

         $user = $provider->getResourceOwner($token);
         $user->getUsername();
         $user->getEmail();
         $user->getName();
         
    } catch (Exception $e) {
        exit('Failed to get access token: '.$e->getMessage());
    }
}

刷新令牌

require(__DIR__ . "/vendor/autoload.php");

use Gorontalokota\SSO\Client\Provider\Broker;

$provider = new Broker([
    'realm'                     => '{Realms}',
    'clientId'                  => '{clientID}',
    'clientSecret'              => '{clientSecret}',
    'redirectUri'               => '{http://example/oauth/authorized}',
]);

$token = $provider->getAccessToken('refresh_token', 
            ['refresh_token' => $token->getRefreshToken()]);

用于登出

require(__DIR__ . "/vendor/autoload.php");

use Gorontalokota\SSO\Client\Provider\Broker;

$provider = new Broker([
    'realm'                     => '{Realms}',
    'clientId'                  => '{clientID}',
    'clientSecret'              => '{clientSecret}',
    'redirectUri'               => '{http://example/oauth/authorized}',
]);

$authUrl = $provider->getLogoutUrl();