An example analysis of the Access function of SSO single sign-on system implemented by PHP

This article mainly introduces PHP implementation of SSO Single sign-on system access function, simple analysis of SSO single Sign-on system access principle and PHP related implementation skills, the need for friends can refer to the next

SSO English full name Single sign on, one-point login. SSO is a multi-application system in which users can access all trusted applications with only one login. It includes a mechanism that can map this major login to other apps for the same user's login. It is one of the most popular solutions for enterprise business integration, so let's take a look at it.

Simple talk about SSO Single sign-on system access principle, if the system itself has a perfect user authentication function, that is, the basic user login function, that is very convenient to do.

SSO Login Request interface is often the interface plus a callback address, access to this address will jump to the callback address and take a ticket parameter, take this ticket parameter and then request the interface can get the user information, if there is a user is automatically logged in, there is no new user and login.

For example, this SSO model implements two methods, one is to get the interface URL, and the other is to obtain the user information by ticket:

Interface ssologin{  /**   * Get login user Information   * @param $ticket   * @return Mixed  */Public function Getinfofromticket ($ticket);  /**   * Single Sign-on authorization address   * @return Mixed *   /public  function Getauthurl ();

Take a look at the main method of the controller, such as the callback address is jump to the controller http://www.example.com/sso/check?ticket=xxxx

/** * Detect if Single sign-on * @return bool|string */public function ACTIONCheck () {$ticket = Yii:: $app->getrequest ()->get (' Ticke  T '); if (! $ticket) {return $this->renderautherror (' Please authorize first ', sprintf (' <a href= '%s ' > click Login Single Sign-on system </a> ', Ssologin:  : getinstance ()->getauthurl ());  } $userInfo = Ssologin::getinstance ()->getinfofromticket ($ticket); if (Empty ($userInfo [' username '])) {return $this->renderautherror (' Authorize first ', sprintf (' <a href= '%s ' > click Login Single Sign-on system &  Lt;/a> ', Ssologin::getinstance ()->getauthurl ()));  } $username = $this->getusername ($userInfo [' username ']);  $user = User::find ()->canlogin ()->username ($username)->one ();    if (! $user) {$newUser = [];    $newUser [' username '] = $userInfo [' username '];    $newUser [' email '] = $this->getusername ($userInfo [' username ']);    $newUser [' role '] = User::role_dev;    $newUser [' is_email_verified '] = 1;    $newUser [' realname '] = $userInfo [' Truename '];  $user = $this->adduser ($newUser); } $isLogin = Yii:: $app->user->login ($user, 3600 * 24 * 30);  if ($isLogin) {$this->redirect ('/task/index '); } return true;

Probably look at the logic of the controller to understand. The role of the SSO interface is to obtain user information, with this user information compared to the System user table, there is a user to log in, there is no user to create and login.

This is an internal, single point system that is integrated into the background, possibly other SSO is not the same as this, but the basic principle process is similar.

Summary: The above is the entire content of this article, I hope to be able to help you learn.