Download the PHP package serato/sso-auth-request without Composer
On this page you can find all versions of the php package serato/sso-auth-request. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download serato/sso-auth-request
More information about serato/sso-auth-request
Files in serato/sso-auth-request
Package sso-auth-request
Short Description Library for handling SSO authorisation requests
License
Homepage https://github.com/serato/sso-auth-request
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package sso-auth-request
SSO Auth Requests
A PHP library for handling web application authorisation requests to the Serato SSO service.
SSO authorisation request lifecycle
The SSO authorisation request lifecycle for a web application is as follows:
- The web application creates a new authorisation request using the
\Serato\SsoRequest\AuthRequestclass:- The web application provides a return URL that the SSO service will redirect to after the sign on process.
- A storage mechanism is provided to persist the authorisation request details during redirection to the SSO website.
- The new authorisation request returns an ID.
- The browser is redirected to the SSO website providing the authorisation request ID in the
stateURI parameter. - The browser is returned to the web application from the SSO service, with the SSO service providing back the
stateparameter as well as acodeparameter. - The web application creates an
\Serato\SsoRequest\AuthRequestinstance by providing the authorisation id passed via thestateURI parameter. - The web application receives access and refresh tokens from the SSO service by using the
\Serato\SsoRequest\AuthRequestinstance and the value provided in thecodeURI parameter.
Storing authorisation requests during SSO redirection
A Serato\SsoRequest\AuthRequestStorageInterface storage interface is defined for storing authorisation requests during SSO redirection.
A AuthRequestStorageInterface implementation stores the application ID, request ID and redirect URL values used during the authorisation lifecyle, as well as timestamps and a means of indication that the authorisation process is complete.
The Serato\SsoRequest\AuthRequestDynamoDbStorage class provides an implementation of Serato\SsoRequest\AuthRequestStorageInterface using a DynamoDB table as the storage mechanism.
Using the \Serato\SsoRequest\AuthRequest class in the request lifecycle
Note: All examples use Serato\SsoRequest\AuthRequestDynamoDbStorage as the storage mechanism.
Create a new authorisation request (Step 1. above)
Create a AuthRequest instance after returning to the web applicaton after sign on (Step 5. above), and use it to fetch refresh and access tokens from the SSO service (Step 6. above)
All versions of sso-auth-request with dependencies
aws/aws-sdk-php Version ^3.0
ramsey/uuid Version ^3.0.0
serato/sws-php-sdk Version ^4.0.0