examples/server/MySSOServer.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90

<?php

use Jasny\ValidationResult;
use Jasny\SSO;

/**
 * Example SSO server.
 * 
 * Normally you'd fetch the broker info and user info from a database, rather then declaring them in the code.
 */
class MySSOServer extends SSO\Server
{
    /**
     * Registered brokers
     * @var array
     */
    private static $brokers = [
        'Alice' => ['secret'=>'8iwzik1bwd'],
        'Greg' => ['secret'=>'7pypoox2pc'],
        'Julias' => ['secret'=>'ceda63kmhp']
    ];

    /**
     * System users
     * @var array
     */
    private static $users = array (
        'jackie' => [
            'fullname' => 'Jackie Black',
            'email' => 'jackie.black@example.com',
            'password' => '$2y$10$lVUeiphXLAm4pz6l7lF9i.6IelAqRxV4gCBu8GBGhCpaRb6o0qzUO' // jackie123
        ],
        'john' => [
            'fullname' => 'John Doe',
            'email' => 'john.doe@example.com',
            'password' => '$2y$10$RU85KDMhbh8pDhpvzL6C5.kD3qWpzXARZBzJ5oJ2mFoW7Ren.apC2' // john123
        ],
    );

    /**
     * Get the API secret of a broker and other info
     *
     * @param string $brokerId
     * @return array
     */
    protected function getBrokerInfo($brokerId)
    {
        return isset(self::$brokers[$brokerId]) ? self::$brokers[$brokerId] : null;
    }

    /**
     * Authenticate using user credentials
     *
     * @param string $username
     * @param string $password
     * @return ValidationResult
     */
    protected function authenticate($username, $password)
    {
        if (!isset($username)) {
            return ValidationResult::error("username isn't set");
        }
        
        if (!isset($password)) {
            return ValidationResult::error("password isn't set");
        } 
        
        if (!isset(self::$users[$username]) || !password_verify($password, self::$users[$username]['password'])) {
            return ValidationResult::error("Invalid credentials");
        }

        return ValidationResult::success();
    }


    /**
     * Get the user information
     *
     * @return array
     */
    protected function getUserInfo($username)
    {
        if (!isset(self::$users[$username])) return null;
    
        $user = compact('username') + self::$users[$username];
        unset($user['password']);
        
        return $user;
    }
}