This repository was archived by the owner on Dec 20, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 5
SSO Example PHP
Jessica Castrogiovanni edited this page Dec 21, 2016
·
2 revisions
The example below uses the PHP-JWT library to create and encrypt the token. It is returned as $token. It also builds the login URI to which the user needs to be redirected as $loginUri.
This example was written for ease of understanding, not security. It is not recommended to use the example code without reviewing it against your development security practices.
use \Firebase\JWT\JWT;
function createToken($emailAddress, $userRole, $issuer, $audience, $expireAt, $privateKey) {
$token = array(
"email" => $emailAddress,
"role" => $userRole,
"iss" => $issuer,
"aud" => $audience,
"exp" => $expireAt,
);
$jwt = JWT::encode($token, $privateKey, 'RS256');
return $jwt;
}
//$userType = 'customer' or 'clinician'
function buildLoginUri($websiteDomain, $userType, $accessToken) {
return 'https://' . $websiteDomain . '/' . $userType . '.access?jwt=' . $accessToken;
}
//generate patientLoginUri
$email = 'jdoe@example.com';
$role = 'patient';
$expires = time() + 60; //Expire 60 seconds after issuing
$domain = 'example.connectedcare.md'; //The domain of the hospital
$privateKey = openssl_pkey_get_private('file://' . __DIR__ . '/private.key');
$token = createToken($email, $role, 'examplehealth', 'snapmd', $expires, $privateKey);
$patientLoginUri = buildLoginUri($domain, 'customer', $token);
//generate clinicianLoginUri
$email = 'jdoe@example.com';
$role = 'clinician';
$expires = time() + 60; //Expire 60 seconds after issuing
$domain = 'example.connectedcare.md'; //The domain of the hospital
$privateKey = openssl_pkey_get_private('file://' . __DIR__ . '/private.key');
$token = createToken($email, $role, 'examplehealth', 'snapmd', $expires, $privateKey);
$clinicianLoginUri = buildLoginUri($domain, 'clinician', $token);