问题描述

如果有个PHP网站,需要使用AAD授权登录,有没有PHP代码实例 可供参考呢?

参考代码

参考一篇博文(Single sign-on with Azure AD in PHP),学习使用SSO的大体思路。如果对PHP很了解,可以参考Github中的Sample代码。

phpSample/federation.ini

federation.trustedissuers.issuer=https://accounts.accesscontrol.windows.net/v2/wsfederation

federation.trustedissuers.thumbprint=3f5dfcdf4b3d0eab9ba49befb3cfd760da9cccf1

federation.trustedissuers.friendlyname=Awesome Computers

federation.audienceuris=spn:d184f6dd-d5d6-44c8-9cfa-e2d630dea392

federation.realm=spn:d184f6dd-d5d6-44c8-9cfa-e2d630dea392@495c4a5e-38b7-49b9-a90f-4c0050b2d7f7

federation.reply=https://localhost/phpSample/index.php

phpSample/index.php

/*-----------------------------------------------------------------------

    Copyright (c) Microsoft Corporation.  All rights reserved.

    Copyright 2012 Microsoft Corporation

    All rights reserved.

    Licensed under the Apache License, Version 2.0 (the "License");

    you may not use this file except in compliance with the License.

    You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

 THIS CODE IS PROVIDED *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,

 EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OR

 CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABLITY OR NON-INFRINGEMENT.

 See the Apache Version 2.0 License for specific language governing

 permissions and limitations under the License.

--------------------------------------------------------------------------- */

<?php

require_once (dirname(__FILE__) . '/secureResource.php');

?>

<!DOCTYPE html>

<html>

<head>

    <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">

    <title>Index Page</title>

</head>

<body>

    <h2>Index Page</h2>

    <h3>Welcome <strong><?php print_r($loginManager->getPrincipal()->getName()); ?></strong>!</h3>

    <h4>Claim list:</h4>

    <ul>

<?php

    foreach ($loginManager->getClaims() as $claim) {

        print_r('<li>' . $claim->toString() . '</li>');

    }

?>

    </ul>

</body>

</html>

phpSample/login.php

/*-----------------------------------------------------------------------

    Copyright (c) Microsoft Corporation.  All rights reserved.

    Copyright 2012 Microsoft Corporation

    All rights reserved.

    Licensed under the Apache License, Version 2.0 (the "License");

    you may not use this file except in compliance with the License.

    You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

 THIS CODE IS PROVIDED *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,

 EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OR

 CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABLITY OR NON-INFRINGEMENT.

 See the Apache Version 2.0 License for specific language governing

 permissions and limitations under the License.

--------------------------------------------------------------------------- */

<?php

// uncomment this to display internal server errors.

//error_reporting(E_ALL);

//ini_set('display_errors', 'On');

ini_set('include_path', ini_get('include_path').';../../libraries/;');

require_once ('waad-federation/TrustedIssuersRepository.php');

?>

<!DOCTYPE html>

<html>

<head>

    <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">

    <title>Login Page</title>

</head>

<body>

    <h2>Login Page</h2>

    <ul>

<?php

    $repository = new TrustedIssuersRepository();

    $trustedIssuers = $repository->getTrustedIdentityProviderUrls();

    foreach ($trustedIssuers as $trustedIssuer) {

        $returnUrl = $_GET['returnUrl'];

        print_r('<li><a href="' . $trustedIssuer->getLoginUrl($returnUrl) . '">' . $trustedIssuer->displayName . '</a></li>');

    }

?>

    </ul>

</body>

</html>

phpSample/secureResource.php

/*-----------------------------------------------------------------------

    Copyright (c) Microsoft Corporation.  All rights reserved.

    Copyright 2012 Microsoft Corporation

    All rights reserved.

    Licensed under the Apache License, Version 2.0 (the "License");

    you may not use this file except in compliance with the License.

    You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

 THIS CODE IS PROVIDED *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,

 EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OR

 CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABLITY OR NON-INFRINGEMENT.

 See the Apache Version 2.0 License for specific language governing

 permissions and limitations under the License.

--------------------------------------------------------------------------- */

<?php

// uncomment this to display internal server errors.

// error_reporting(E_ALL);

// ini_set('display_errors', 'On');

ini_set('include_path', ini_get('include_path').';../../libraries/;');

require_once ('waad-federation/ConfigurableFederatedLoginManager.php');

session_start();

$token = $_POST['wresult'];

$loginManager = new ConfigurableFederatedLoginManager();

if (!$loginManager->isAuthenticated()) {

    if (isset ($token)) {

        try {

            $loginManager->authenticate($token);

        } catch (Exception $e) {

            print_r($e->getMessage());

        }

    } else {

        $returnUrl = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];

        header('Pragma: no-cache');

        header('Cache-Control: no-cache, must-revalidate');

        header("Location: https://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME']) . "/login.php?returnUrl=" . $returnUrl, true, 302);

        exit();

    }

}

?>

phpSample/trustedIssuers.xml

<?xml version="1.0" encoding="UTF-8"?>

<issuers>

    <issuer name="awesomecomputers.onmicrosoft.com" displayName="Awesome Computers"

        realm="spn:d184f6dd-d5d6-44c8-9cfa-e2d630dea392@495c4a5e-38b7-49b9-a90f-4c0050b2d7f7" />

    <issuer name="treyresearchinc.onmicrosoft.com" displayName="Trey Research Inc."

        realm="spn:d184f6dd-d5d6-44c8-9cfa-e2d630dea392@13292593-4861-4847-8441-6da6751cfb86" />

</issuers>

参考资料

Single sign-on with Azure AD in PHPhttp://www.lewisroberts.com/2015/09/04/single-sign-on-with-azure-ad-in-php/

Azure/azure-sdk-for-php-sampleshttps://github.com/Azure/azure-sdk-for-php-samples

【Azure Developer】PHP网站使用AAD授权登录的参考示例的更多相关文章

  1. 在自己的网站上实现QQ授权登录

    最近在实现QQ授权登录,现将我的实现过程以及我的理解整理如下.以下所述如有不对之处,请指正. 官方提供的SDK有:JS,PHP,Java.我的网站使用Scala+Play搭建的,所以只能用JS SDk ...

  2. wap2app(五)-- 微信授权登录以及踩过的坑

    应用场景是:用Hbuilder打包app,在app中点击微信授权登录或者某一操作,调起微信授权登录,用户授权后拿到用户信息. 一.登录插件配置 先配置微信登录参数 appid和appsecret,在m ...

  3. VUE开发SPA之微信授权登录

    SPA单页应用中微信授权登录的一点思路 单页应用应该如何解决微信授权登录的尴尬跳转?后退无法返回?主要遇到的问题就是 先进入单页应用,一边渲染页面一边判断用户有没有登录,当判断到没有登录时异步数据请求 ...

  4. H5微信授权登录

    这里介绍H5微信授权登录,采用了微信公众号授权原理,是oauth2的登录授权方式,简单的来讲,就是用户通过手机微信确认登录之后,微信方会返回一个授权码code给回第三方(接入方),这个授权码code一 ...

  5. 【Azure Developer】Python代码通过AAD认证访问微软Azure密钥保管库(Azure Key Vault)中机密信息(Secret)

    关键字说明 什么是 Azure Active Directory?Azure Active Directory(Azure AD, AAD) 是 Microsoft 的基于云的标识和访问管理服务,可帮 ...

  6. 【Azure Developer】解决Azure Key Vault管理Storage的示例代码在中国区Azure遇见的各种认证/授权问题 - C# Example Code

    问题描述 使用Azure密钥保管库(Key Vault)来托管存储账号(Storage Account)密钥的示例中,从Github中下载的示例代码在中国区Azure运行时候会遇见各种认证和授权问题, ...

  7. 【Azure 应用服务】NodeJS Express + MSAL 应用实现AAD集成登录并部署在App Service Linux环境中的实现步骤

    问题描述 实现部署NodeJS Express应用在App Service Linux环境中,并且使用Microsoft Authentication  Library(MSAL)来实现登录Azure ...

  8. 微信授权登录-微信公众号和PC端网站

    https://blog.csdn.net/qq_34664239/article/details/79107529 一.微信公众号授权登录——微信公众平台 微信授权登录,并调用后台接口,获取用户信息 ...

  9. 小D课堂-SpringBoot 2.x微信支付在线教育网站项目实战_5-7.授权登录获取微信用户个人信息实战

    笔记 7.授权登录获取微信用户个人信息实战         简介:讲解使用授权码code获取用户个人信息接口 关键点:看微信文档,字段尽量用拷贝 1.通过code获取access_token      ...

  10. 【Azure Developer】使用Microsoft Graph API 批量创建用户,先后遇见的三个错误及解决办法

    问题描述 在先前的一篇博文中,介绍了如何使用Microsoft Graph API来创建Azure AD用户(博文参考:[Azure Developer]使用Microsoft Graph API 如 ...

随机推荐

  1. 什么是根号?什么是 log ?

    生日悖论是 \(O(\sqrt{n})\) 随机序列 LIS 是 \(O(\sqrt{n})\) 随机 \(\pm1\) 序列前缀和最大绝对值是 \(O(\sqrt{n})\) 证明 随机 Prufe ...

  2. flex 布局子元素被挤压的问题

    Flex 意为 "弹性布局",是一种在开发静态页面过程中常用的布局模式. 开发购物车使用flex布局的时候遇到的一种场景:子元素被挤压 具体如图所示, 当商品名称超出两行文字时显示 ...

  3. 【K哥爬虫普法】辛苦钱被中间商抽走八成,还因此锒铛入狱

    我国目前并未出台专门针对网络爬虫技术的法律规范,但在司法实践中,相关判决已屡见不鲜,K 哥特设了"K哥爬虫普法"专栏,本栏目通过对真实案例的分析,旨在提高广大爬虫工程师的法律意识, ...

  4. jenkins上发布项目后将文件推送到另一台服务器build镜像

    1.配置jenkins 1)主页面点击manage jenkins 2) 选择SystemConfiguration 3) 配置服务器信息,注意密码一定要输入对,还有端口有,一般是默认的22端口,但有 ...

  5. tortoisegit 还原远程分支到某个版本

    v2还原到v1 1.强制还原(git reset) 如果使用这种方式还原到v1,将丢失还原到v1到v2之间的所有提交及日志. 1.1显示日志 有save1.save2两条提交记录. 1.2 重置版本( ...

  6. 从零开始配置 vim(8)——文件类型检测

    在上一章介绍自动命令的时候,我们提到可以使用 FileType来根据文件类型来触发事件,但是关于文件类型并没有深入的介绍,本篇我们来补充关于文件类型相关的内容,让大家更好的理解,看不懂也没关系,你只需 ...

  7. TienChin 活动管理-活动列表展示

    后端 ActivityVO /** * @author BNTang * @version 1.0 * @description 活动管理VO * @since 2023-23-05 **/ publ ...

  8. Midjourney|文心一格prompt教程[技巧篇]:生成多样性、增加艺术风格、图片二次修改、渐进优化、权重、灯光设置等17个技巧等你来学

    Midjourney|文心一格prompt教程[技巧篇]:生成多样性.增加艺术风格.图片二次修改.渐进优化.权重.灯光设置等17个技巧等你来学 1.技巧一:临摹 我认为学习图片类的 prompt,跟学 ...

  9. MySQL安装 starting the server解决办法

    https://blog.csdn.net/qq_52183856/article/details/123792012 主要原因:

  10. (C语言)课后题之计算器

    #include <stdio.h> void main() { //定义两个算术变量,四个运算结果变量 int a,b,sum,sub,mul,mod; double div; prin ...