Home > Article > Backend Development > PHP implementation method of SSO single sign-on (Laravel framework), ssolaravel_PHP tutorial
PHP implementation method of SSO single sign-on (Laravel framework), ssolaravel_PHP tutorial
- WBOYOriginal
- 2016-07-12 08:56:141386browse
SSO single sign-on PHP implementation method (Laravel framework), ssolaravel
Laravel is a simple and elegant PHP Web development framework (PHP Web Framework). It can free you from messy codes like noodles; it can help you build a perfect network APP, and every line of code can be concise and expressive.
Let me briefly explain my logic. I don’t know if I understand sso correctly.
Suppose there are three sites a.baidu.com b.baidu.com c.baidu.com
a.baidu.com Log in to the account as a verified user.
b and c act as clients (subsystems).
b and c jump to a when they need to log in, and carry the parameter source to indicate the link to jump to after logging in.
A site is a normal login method (verifying user password), and some processing will be done after the verification is successful. A ticket needs to be generated. It doesn't matter how you generate it, as long as it's safe. Then store it in Cache. If you have any questions here, I will summarize them later. After successful login, just jump to (url.
``` php private function getTicketUrl(\)source)
{
\(ticket = md5(time()+key); Cache::put(\)ticket, $user, 120);
$url = $source . '?ticket=' . $ticket;
return $url;
}
Suppose station a jumps to station b with a ticket (b.baidu.com?ticket=xxxxxxxxxxxxxxxx```)
Station b makes a global filter, accepts the ticket and then requests station a to verify whether the ticket is generated by a.
B site filter AppHttpMiddlewareCasAuthenticate code, here determines whether there is a ticket and sends the request to site a for verification. If you are logged in, get the user UID and log in.
public function handle($request, Closure $next)
{
$ticket = $request->input('ticket');
if ($ticket) {
$result = json_decode('http://a.baidu.com' . '/auth/check-ticket?ticket=' . $ticket), true);
if ($result['state'] == "SUCCESS") {
$request->session()->flush();
Auth::loginUsingId($result['result']['uid']);
return redirect(redirect()->getUrlGenerator()->current());
}
}
return $next($request);
}
The logic is complete, but there are a few questions.
1. I don’t know whether my implementation is correct or not. I wrote it based on the principles.
2. If site b now jumps to site c, because site b is more active and the session is always there, and the cache time of site a has most likely expired, then jump from site b to site c. , station c jumps to station a to determine the login, but it is found that it has failed, and you still have to log in. So this is problematic. Since our business module has poor correlation and will not jump at will, we will not consider this issue for the time being. But this is definitely a problem for me. I didn't think clearly.
Regarding the PHP implementation method of SSO single sign-on (Laravel framework), the editor will introduce you to this much, I hope it will be helpful to you!
Articles you may be interested in:
- Single sign-on (SSO) implementation solution based on .Net
- php SSO single sign-on implementation method
- A simple method to implement single sign-on (SSO) in asp.net