Library ini menggunakan dan support PHP League's OAuth 2.0 Client.
Instalasi menggunakan composer :
composer require gorontalokota/sso-client
require(__DIR__ . "/vendor/autoload.php");
use Gorontalokota\SSO\Client\Provider\Broker;
$provider = new Broker([
'realm' => '{Realms}',
'clientId' => '{clientID}',
'clientSecret' => '{clientSecret}',
'redirectUri' => '{http://example/oauth/authorized}',
]);
$authUrl = $provider->getAuthorizationUrl();
//Simpan status Auth ke Session untuk mencegah csrf
$_SESSION['oauth2state'] = $provider->getState();
//Redirect Url Auth
header('Location: '.$authUrl);
require(__DIR__ . "/vendor/autoload.php");
use Gorontalokota\SSO\Client\Provider\Broker;
$provider = new Broker([
'realm' => '{Realms}',
'clientId' => '{clientID}',
'clientSecret' => '{clientSecret}',
'redirectUri' => '{http://example/oauth/authorized}',
]);
//Periksa status yang diberikan terhadap status yang disimpan sebelumnya untuk mengurangi serangan CSRF
if (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
unset($_SESSION['oauth2state']);
exit('Invalid state, make sure HTTP sessions are enabled.');
} else {
try {
$token = $provider->getAccessToken('authorization_code', [
'code' => $_GET['code']
]);
$user = $provider->getResourceOwner($token);
$user->getUsername();
$user->getEmail();
$user->getName();
} catch (Exception $e) {
exit('Failed to get access token: '.$e->getMessage());
}
}
require(__DIR__ . "/vendor/autoload.php");
use Gorontalokota\SSO\Client\Provider\Broker;
$provider = new Broker([
'realm' => '{Realms}',
'clientId' => '{clientID}',
'clientSecret' => '{clientSecret}',
'redirectUri' => '{http://example/oauth/authorized}',
]);
$token = $provider->getAccessToken('refresh_token',
['refresh_token' => $token->getRefreshToken()]);
require(__DIR__ . "/vendor/autoload.php");
use Gorontalokota\SSO\Client\Provider\Broker;
$provider = new Broker([
'realm' => '{Realms}',
'clientId' => '{clientID}',
'clientSecret' => '{clientSecret}',
'redirectUri' => '{http://example/oauth/authorized}',
]);
$authUrl = $provider->getLogoutUrl();