我的 SSO 出现问题,提示缺少 external_id。
PHP:
<?php
$user = $_SESSION['username'];
try {
$handler = new PDO('mysql:host=localhost;dbname=removed', 'removed', 'removed');
$handler->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch(PDOException $e) {
echo $e->getMessage();
die();
}
$conn = mysql_connect("localhost", "removed", "removed");
mysql_select_db("removed");
if ($user) {
$myusr = $handler->query("SELECT * FROM users WHERE username='".$user."'");
$myu = $myusr->fetch(PDO::FETCH_OBJ);
if ($myu->banned == "1") {
header('Location: https://bloxplays.com/suspended');
}
$userExist = ($myusr->rowCount());
if ($userExist == "0") {
session_destroy();
header("Location: ../");
} else {
$ID = $myu->id;
}
}
echo "<title>".$ID."</title>";
namespace Cviebrock\DiscoursePHP;
use Cviebrock\DiscoursePHP\Exception\PayloadException;
class SSOHelper
{
/**
* @var
*/
private $secret;
/**
* @param $secret
* @return $this
*/
public function setSecret($secret)
{
$this->secret = $secret;
return $this;
}
/**
* @param $payload
* @param $signature
* @return mixed
*/
public function validatePayload($payload, $signature)
{
$payload = urldecode($payload);
return $this->signPayload($payload) === $signature;
}
/**
* @param $payload
* @return mixed
* @throws PayloadException
*/
public function getNonce($payload)
{
$payload = urldecode($payload);
$query = array();
parse_str(base64_decode($payload), $query);
if (!array_key_exists('nonce', $query)) {
throw new PayloadException('Nonce not found in payload');
}
return $query['nonce'];
}
/**
* @param $payload
* @return mixed
* @throws PayloadException
*/
public function getReturnSSOURL($payload)
{
$payload = urldecode($payload);
$query = array();
parse_str(base64_decode($payload), $query);
if (!array_key_exists('return_sso_url', $query)) {
throw new PayloadException('Return SSO URL not found in payload');
}
return $query['return_sso_url'];
}
/**
* @param $nonce
* @param $id
* @param $email
* @param array $extraParameters
* @return string
*/
public function getSignInString($nonce, $id, $email, $extraParameters = [])
{
$parameters = array(
'nonce' => $nonce,
'external_id' => $id,
'email' => $email,
) + $extraParameters;
$payload = base64_encode(http_build_query($parameters));
$data = array(
'sso' => $payload,
'sig' => $this->signPayload($payload),
);
return http_build_query($data);
}
/**
* @param $payload
* @return string
*/
protected function signPayload($payload)
{
return hash_hmac('sha256', $payload, $this->secret);
}
}
?>
<?php
$sso = new SSOHelper();
// 此处应与你代码中的设置以及 Discourse 配置保持一致:
$secret = 'removed';
$sso->setSecret( $secret );
// 加载 Discourse 传递的 payload
$payload = $_GET['sso'];
$signature = $_GET['sig'];
// 验证 payload
if (!($sso->validatePayload($payload,$signature))) {
// 无效,拒绝访问
header("HTTP/1.1 403 Forbidden");
echo("Bad SSO request");
die();
}
$nonce = $sso->getNonce($payload);
// 在此处插入你的用户认证代码 ...
// 必需字段,且在你的应用中必须唯一
$userId = $myu->id;
// 必需字段,且与你的应用保持一致
$userEmail = $myu->email;
// 可选字段 - 如果不设置这些,Discourse 会根据电子邮件地址生成建议
$extraParameters = array(
'username' => $myu->username,
'name' => $myu->username
);
// 构建查询字符串并重定向回 Discourse 站点
$query = $sso->getSignInString($nonce, $userId, $userEmail, $extraParameters);
header('Location: http://forum.bloxplays.com/session/sso_login?' . $query);
exit(0);
?>