Skip to content

smartPodLand/php-oauth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
layouts
layouts
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
config.php
config.php
 
 
index.php
index.php
 
 
isLoggedIn.php
isLoggedIn.php
 
 
login.php
login.php
 
 
logout.php
logout.php
 
 
register.php
register.php
 
 
return.php
return.php
 
 
user_info.php
user_info.php
 
 

Repository files navigation

PHP oauth client with POD SSO

This is a simple php app that uses pod single sign on service based on oauth 2.0 service

About SSO

In this sample app authorization code flow is implemented, first you redirect to /oauth2/authorize endpoint with parameters like table below to input their username and password:

Request Response (redirect)
https://accounts.pod.land/oauth2/authorize https://example.com/oauth/callback
?client_id=$CLIENT_ID ?code=$AUTHORIZATION_CODE
&response_type=code &state=$STATE
&redirect_uri=$CLIENT_REDIRECT_URI

For prompting sign up form just add prompt=signup parameter to the above request.
Then you must use the returned code to request token, this time you send a request to /oauth2/token endpoint like table below:

Request Response
POST https://accounts.pod.land/oauth2/token {
?grant_type=authorization_code "access_token": "$ACCESS_TOKEN",
&code=$AUTH_CODE "token_type": "Bearer",
&redirect_uri=$REDIRECT_URI "expires_in": 3600,
&client_id=$CLIENT_ID "scope": "profile email",
&client_secret=$CLIENT_SECRET "refresh_token": "$REFRESH_TOKEN",
  "id_token": "$JWT_TOKEN"
  }

You can use the retrieved token to access user information by sending GET request to the /user endpoint:

https://auth2server.com/user

the token must be sent using header like this:

Key Value
Authorization Bearer THE_TOKEN_STRING

for study more about Oauth2 concept see the link below: https://aaronparecki.com/oauth-2-simplified/

How to use this project

This project is built using simple php and access_token and refresh token are retrieved using curl and stored in php default $_SESSION magic variable for running this project you must enter your client_id and client_secret and other needed information in config.php file.

    $config = [
        //main endpont:
        "service"=>"__http://SERVICE.ENDPOINT/__",
        //oauth endpoint:
        "sso"=>"__http://SERVICE.ENDPOINT/oauth__",
        "client_id"=>"__CLIENT_ID__",
        "client_secret"=>"__CLIENT_SECRET__",
        //the url of where this app is deployed
        "home"=>"http://WHERE_THIS_CODE_DEPLOYED/"
    ];

About

a simple php app using pod oauth

services.pod.land

Topics

sso-authentication sso-client ouath

Resources

Readme
Activity
Custom properties

Stars

5 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors 2

  •  
  •  

Languages