1. Go to this page and download the library: Download myits/openid-connect-client library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
myits / openid-connect-client example snippets
use Its\Sso\OpenIDConnectClient;
use Its\Sso\OpenIDConnectClientException;
Its\Sso\OpenIDConnectClient;
use Its\Sso\OpenIDConnectClientException;
try {
$oidc = new OpenIDConnectClient(
'https://dev-my.its.ac.id', // authorization_endpoint
'XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX', // Client ID
'***********************' // Client Secret
);
$oidc->setRedirectURL('https://myweb.site/auth.php'); // must be the same as you registered
$oidc->addScope('openid code phone profile'); //must be the same as you registered
// remove this if in production mode
$oidc->setVerifyHost(false);
$oidc->setVerifyPeer(false);
$oidc->authenticate(); //call the main function of myITS SSO login
$_SESSION['id_token'] = $oidc->getIdToken(); // must be save for check session dan logout proccess
$user = $oidc->requestUserInfo(); // this will return user information from myITS SSO database
} catch (OpenIDConnectClientException $e) {
echo $e->getMessage();
}
Its\OpenIDConnectClient;
use Its\OpenIDConnectClientException;
try {
session_start();
$redirect = 'https://myweb.site/index.php'; // set https://dev-my.its.ac.id or https://my.its.ac.id if you don't register post-logout URI
if (isset($_SESSION['id_token'])) {
$accessToken = $_SESSION['id_token'];
session_destroy();
$oidc = new OpenIDConnectClient(
'https://dev-my.its.ac.id', // authorization_endpoint
'XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX', // Client ID
'***********************' // Client Secret
);
// remove this if in production mode
$oidc->setVerifyHost(false);
$oidc->setVerifyPeer(false);
$oidc->signOut($accessToken, $redirect);
}
header("Location: " . $redirect);
} catch (OpenIDConnectClientException $e) {
echo $e->getMessage();
}
$oidc = new OpenIDConnectClient(
'https://dev-my.its.ac.id', // authorization_endpoint
'XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX', // Client ID
'***********************' // Client Secret
);
// Note that only ping and push modes gin_hint, which is the user's identifier
$userId = 'user identifier as login hint';
// how long should the authentication request id be valid for in seconds
$requestedExpiry = '60';
try {
$response = (array)$this->oidcClient->authenticationRequestCiba($clientNotificationToken, $userId, $requestedExpiry);
} catch (OpenIDConnectClientException $e) {
echo $e->getMessage();
return false;
}
// authentication request id is in here
var_dump($response);
$oidc = new OpenIDConnectClient(
'https://dev-my.its.ac.id', // authorization_endpoint
'XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX', // Client ID
'***********************' // Client Secret
);
// Note that only ping and push modes gin_hint, which is the user's identifier
$userId = 'user identifier as login hint';
// how long should the authentication request id be valid for in seconds
$requestedExpiry = '60';
// this is used to sign the parameters
$privateKey = 'private key for your client app.';
$kid = 'key id for the private key';
$alg = 'RS256'; // the default for function signedAuthenticationRequestCiba is RS256. Please look at CIBA specs for the supported alg.
try {
$response = (array)$this->oidcClient->signedAuthenticationRequestCiba($clientNotificationToken, $userId, $privateKey, $kid, $alg, $requestedExpiry);
} catch (OpenIDConnectClientException $e) {
echo $e->getMessage();
return false;
}
// authentication request id is in here
var_dump($response);
$authReqId = 'authentication request id from ciba request.';
$response = (array)$this->oidcClient->cibaTokenRequest($authReqId);
// token is in here
var_dump($response);
Loading please wait ...
Before you can download the PHP files, the dependencies should be resolved. This can take some minutes. Please be patient.