Example of SSO Single Sign-on system access function implemented by php, sso Single Point

Example of SSO Single Sign-on system access function implemented by php, sso Single Point

This article describes the SSO Single Sign-on system access function implemented by php. We will share this with you for your reference. The details are as follows:

SSO stands for Single Sign On. SSO is used in multiple application systems. Users only need to log on once to access all mutually trusted application systems. It includes a mechanism for ing the main logon to other applications for the login of the same user. It is one of the most popular solutions for enterprise business integration. Let's take a look.

Briefly introduce the principle of SSO Single Sign-on system access, provided that the system has a complete user authentication function, that is, the basic user login function, which is very convenient to do.

The SSO login request interface usually adds a callback address to the interface. When you access this address, it jumps to the callback address and carries a ticket parameter. With this ticket parameter, you can request the interface to obtain user information, if a user exists, the user is automatically logged on. If the user does not exist, the user is added and logged on.

For example, this SSO model implements two methods: one is to obtain the interface url and the other is to obtain the user information by ticket:

Interface SSOLogin {/*** get Login User information * @ param $ ticket * @ return mixed */public function getInfoFromTicket ($ ticket ); /*** Single Sign-On authorization address * @ return mixed */public function getAuthUrl ();}

Let's take a look at the Controller's main method, such as the callback address is jump to the Controller http://www.example.com/sso/check? Ticket = xxxx

/*** Check whether single-point logon * @ return bool | string */public function actionCheck () {$ ticket = Yii: $ app-> getRequest () -> get ('ticket '); if (! $ Ticket) {return $ this-> renderAuthError ('authorize First ', sprintf (' <a href = "% s"> click to log on to the Single Sign-On System </a> ', SSOlogin: getInstance ()-> getAuthUrl ();} $ userInfo = SSOlogin: getInstance ()-> getInfoFromTicket ($ ticket ); if (empty ($ userInfo ['username']) {return $ this-> renderAuthError ('authorize First ', sprintf ('<a href = "% s"> click to log on to the Single Sign-On System </a>', SSOlogin: getInstance ()-> getAuthUrl ()));} $ username = $ this-> getUserName ($ userInfo ['usernam E ']); $ user = User: find ()-> canLogin ()-> username ($ username)-> one (); if (! $ User) {$ newUser = []; $ newUser ['username'] = $ userInfo ['username']; $ newUser ['email '] = $ this-> getUserName ($ userInfo ['username']); $ newUser ['role'] = User: ROLE_DEV; $ newUser ['is _ email_verified '] = 1; $ newUser ['realname'] = $ userInfo ['truename']; $ user = $ this-> addUser ($ newUser) ;}$ isLogin = Yii: $ app-> user-> login ($ user, 3600*24*30 ); if ($ isLogin) {$ this-> redirect ('/task/Index');} return true ;}

Let's take a look at the Controller logic. The SSO interface is used to obtain user information. Compare the user information with the System user table. If a user exists, log on. If no user is created and logged on.

This is an internal single-point system integrated into the background. Other SSO may not be the same, but the basic principle process is similar.