curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// $output contains the output string
$output = curl_exec($ch);
// close curl resource to free up system resources
curl_close($ch);
$token = json_decode($output, true);
//var_dump($token);
return $token['id'];
}
if (true === isset($_GET['code'])) {
$url = "http://sso-skeleton.local/token?grant_type=authorization_code&client_id=bobbydev&client_secret=12345&code=" . $_GET['code'] . "&redirect_uri=http://bobbydev.local";
echo '<a href="' . $url . '">3rd Party Token</a>';
}
if (true === isset($_POST['username'])) {
$url = "http://sso-skeleton.local/token?grant_type=password&client_id=bobbydev&client_secret=12345&username="******"&password="******"&redirect_uri=http://bobbydev.local";
$userId = requestToken($url);
if (false === empty($userId)) {
echo 'Welcome ' . $userId;
} else {
echo 'Sorry, Access denied';
}
exit;
}
$options = ['cost' => 11, 'salt' => mcrypt_create_iv(22, MCRYPT_DEV_URANDOM)];
// username and password is username / password
echo password_hash("password", PASSWORD_BCRYPT, $options) . "<br /><br />";
?>
<a href="http://sso-skeleton.local/authorization?accept=yep&response_type=code&client_id=bobbydev&redirect_uri=http://bobbydev.local">3rd Party Login</a>
Direct Access Bridge
Provides a jump page to access the target server directly after the authentication process.
Author: Ori Novanda (cargmax-at-gmail.com)
*/
header("Cache-Control: no-cache, must-revalidate");
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
session_start();
include 'frontauthagent.conf.php';
include 'frontauthagent.lib.php';
if (!$allowJumpDemo) {
header($_SERVER['SERVER_PROTOCOL'] . " 403 Forbidden\n", true, 403);
die("Demo mode is disabled");
}
$token = requestToken();
$jumpUrl = "{$backProto}://{$backHost}{$backPage}";
?>
<html>
<head>
<title>AuthAgent Jump Page</title>
</head>
<body>
Click the button bellow to access the target server directly.
<form method='POST' action="<?php
echo $jumpUrl;
?>
">
<input type="hidden" name="<?php
echo $commandKey;
?>
if (isset($_GET['callback'])) {
echo ')';
}
}
}
\Slim\Slim::registerAutoloader();
$app = new \Slim\Slim();
$app->get('/auth/register/:user/:pass', function ($user, $pass) use($app) {
if (substr($user, 0, 2) !== 'cc') {
$user = "******" . $user;
error_log($user . " , " . substr($user, 0, 2));
}
if (empty($user) || empty($pass)) {
$app->halt(401, json_encode(['error' => 'Please set username and password first']));
}
$token = requestToken($user, $pass, "Debug");
if ($token != false) {
$response = array();
$response["token"] = $token;
createResponse($response);
} else {
$app->halt(401, json_encode(['error' => 'Invalid username or password']));
}
});
$app->get('/portal/students/profile/:user/:token', function ($user, $token) use($app) {
$authStatus = checkAuth($user, $token);
if ($authStatus === true) {
$password = getPassword($user, $token);
$portal = new Portal();
if ($portal->login($user, $password)) {
createResponse($portal->getProfile());