Esempio n. 1
0
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    // $output contains the output string
    $output = curl_exec($ch);
    // close curl resource to free up system resources
    curl_close($ch);
    $token = json_decode($output, true);
    //var_dump($token);
    return $token['id'];
}
if (true === isset($_GET['code'])) {
    $url = "http://sso-skeleton.local/token?grant_type=authorization_code&client_id=bobbydev&client_secret=12345&code=" . $_GET['code'] . "&redirect_uri=http://bobbydev.local";
    echo '<a href="' . $url . '">3rd Party Token</a>';
}
if (true === isset($_POST['username'])) {
    $url = "http://sso-skeleton.local/token?grant_type=password&client_id=bobbydev&client_secret=12345&username="******"&password="******"&redirect_uri=http://bobbydev.local";
    $userId = requestToken($url);
    if (false === empty($userId)) {
        echo 'Welcome ' . $userId;
    } else {
        echo 'Sorry, Access denied';
    }
    exit;
}
$options = ['cost' => 11, 'salt' => mcrypt_create_iv(22, MCRYPT_DEV_URANDOM)];
// username and password is username / password
echo password_hash("password", PASSWORD_BCRYPT, $options) . "<br /><br />";
?>


    <a href="http://sso-skeleton.local/authorization?accept=yep&response_type=code&client_id=bobbydev&redirect_uri=http://bobbydev.local">3rd Party Login</a>
Esempio n. 2
0
Direct Access Bridge

Provides a jump page to access the target server directly after the authentication process.

Author: Ori Novanda (cargmax-at-gmail.com)
*/
header("Cache-Control: no-cache, must-revalidate");
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
session_start();
include 'frontauthagent.conf.php';
include 'frontauthagent.lib.php';
if (!$allowJumpDemo) {
    header($_SERVER['SERVER_PROTOCOL'] . " 403 Forbidden\n", true, 403);
    die("Demo mode is disabled");
}
$token = requestToken();
$jumpUrl = "{$backProto}://{$backHost}{$backPage}";
?>
<html>
	<head>
		<title>AuthAgent Jump Page</title>
	</head>
	<body>
		Click the button bellow to access the target server directly.
		<form method='POST' action="<?php 
echo $jumpUrl;
?>
">
			<input type="hidden" name="<?php 
echo $commandKey;
?>
Esempio n. 3
0
        if (isset($_GET['callback'])) {
            echo ')';
        }
    }
}
\Slim\Slim::registerAutoloader();
$app = new \Slim\Slim();
$app->get('/auth/register/:user/:pass', function ($user, $pass) use($app) {
    if (substr($user, 0, 2) !== 'cc') {
        $user = "******" . $user;
        error_log($user . " , " . substr($user, 0, 2));
    }
    if (empty($user) || empty($pass)) {
        $app->halt(401, json_encode(['error' => 'Please set username and password first']));
    }
    $token = requestToken($user, $pass, "Debug");
    if ($token != false) {
        $response = array();
        $response["token"] = $token;
        createResponse($response);
    } else {
        $app->halt(401, json_encode(['error' => 'Invalid username or password']));
    }
});
$app->get('/portal/students/profile/:user/:token', function ($user, $token) use($app) {
    $authStatus = checkAuth($user, $token);
    if ($authStatus === true) {
        $password = getPassword($user, $token);
        $portal = new Portal();
        if ($portal->login($user, $password)) {
            createResponse($portal->getProfile());