├── index.php
├── .gitignore
├── auth.php
├── api.php
├── server.class.php
├── auth_helper.php
└── README.md


/index.php:
--------------------------------------------------------------------------------
1 | SSO


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | build*
2 | phpdoc.xml
3 | config.php


--------------------------------------------------------------------------------
/auth.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | require(dirname(__FILE__).'/server.class.php');
 3 | $server=new Sso_Server();
 4 | $loggedin=0;
 5 | $hash=$_REQUEST['hash'];
 6 | if (isset($_COOKIE['cdsso'])) {
 7 | 	$cookie=$_COOKIE['cdsso'];
 8 | 	$account=$server->getAccount($hash,$cookie);
 9 | 	if ($account===false) {
10 | 		$server->createAccount($hash,$cookie);
11 | 	} else {
12 | 		$loggedin=$account['loggedin'];
13 | 	}
14 | } else {
15 | 	$cookie=md5(__FILE__.$hash.microtime()).date('YmdHis');
16 | 	$server->createAccount($hash,$cookie);
17 | 	setcookie('cdsso',$cookie, time()+3600*2);
18 | }
19 | $message=json_encode(array('cookie'=>$cookie,'loggedin'=>$loggedin));
20 | ?>
21 | <html>
22 | <head>
23 | <script src="//ajax.googleapis.com/ajax/libs/jquery/2.0.0/jquery.min.js"></script>
24 | <script type="text/javascript">
25 | 	if ( window.self !== window.top ) {
26 |             window.onload = function(){
27 |                 parent.socket.postMessage('<?php echo $message;?>');
28 |             };
29 |             };
30 |         </script>
31 | </head>
32 | <body>
33 | </body>
34 | </html>
35 | 


--------------------------------------------------------------------------------
/api.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | ini_set('error_reporting','E_ALL');
 3 | ini_set('display_errors',1);
 4 | 
 5 | require(dirname(__FILE__).'/server.class.php');
 6 | $server=new Sso_Server();
 7 | $hash=md5($_REQUEST['key']);
 8 | $cookie=$_REQUEST['cookie'];
 9 | $action=$_REQUEST['action'];
10 | $results=array();
11 | 
12 | switch ($action) {
13 | 	case 'login': //a user logs in
14 | 		$email=isset($_REQUEST['email']) ? $_REQUEST['email'] : null;
15 | 		$account=$server->updateAccount($hash,$cookie,1,$email);
16 | 		break;
17 | 	case 'logout': //a user logs out
18 | 		$email=isset($_REQUEST['email']) ? $_REQUEST['email'] : null;
19 | 		$account=$server->updateAccount($hash,$cookie,0,$email);
20 | 		break;
21 | 	case 'loggedin': //check if user is logged in
22 | 		$account=$server->getAccount($hash,$cookie);
23 | 		if ($account===false) $results['loggedin']=false;
24 | 		else {
25 | 			$results['loggedin']=$account['loggedin'];
26 | 			$results['email']=$account['email'];
27 | 		}
28 | 		break;
29 | }
30 | 
31 | $results['status']='success';
32 | $results['request']=$_REQUEST;
33 | echo json_encode($results);
34 | 


--------------------------------------------------------------------------------
/server.class.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | require(dirname(__FILE__).'/config.php');
 3 | ini_set('error_reporting',E_ALL);ini_set('display_errors',true);
 4 | 
 5 | class Sso_Server {
 6 | 	function __construct() {
 7 | 		global $conf;
 8 | 		$this->pdo = new PDO('mysql:host='.$conf['db']['hostSpec'].';dbname='.$conf['db']['dbName'],$conf['db']['dbUser'],$conf['db']['dbPass']);
 9 | 		$this->pdo->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION);
10 | 	}
11 | 	
12 | 	function getAccount($hash,$cookie) {		
13 | 		$query='select * from connections where hash=? and cookie=?';
14 | 		$sth=$this->pdo->prepare($query);
15 | 		$sth->execute(array($hash,$cookie));
16 | 		if ($account=$sth->fetch()) {
17 | 			return $account;
18 | 		} else {
19 | 			return false;
20 | 		}
21 | 	}
22 | 
23 | 	function createAccount($hash,$cookie) {		
24 | 		$query='insert into connections (hash,cookie,loggedin) values (?,?,0)';
25 | 		$sth=$this->pdo->prepare($query);
26 | 		$sth->execute(array($hash,$cookie));
27 | 	}
28 | 
29 | 	function updateAccount($hash,$cookie,$loggedin,$email) {		
30 | 		$query='update connections set email=?, loggedin=? where hash=? and cookie=?';
31 | 		$sth=$this->pdo->prepare($query);
32 | 		$sth->execute(array($email,$loggedin,$hash,$cookie));
33 | 	}
34 | 	
35 | }
36 | 


--------------------------------------------------------------------------------
/auth_helper.php:
--------------------------------------------------------------------------------
 1 | <html><head>
 2 | <title>easyXDM</title>
 3 | <script src="//ajax.googleapis.com/ajax/libs/jquery/2.0.0/jquery.min.js"></script>
 4 | <script src="http://23dbd2b813a5bbdcf94f-ad7ae67fe93983be12b9863528b62e99.r9.cf1.rackcdn.com/easyXDM.min.js" type="text/javascript">
 5 | 
 6 | </script>
 7 | <script type="text/javascript">
 8 | var iframe;
 9 | var socket = new easyXDM.Socket({
10 | 	swf: "http://23dbd2b813a5bbdcf94f-ad7ae67fe93983be12b9863528b62e99.r9.cf1.rackcdn.com/easyxdm.swf",
11 | 	onReady: function(){
12 |                                 iframe = document.createElement("iframe");
13 |                                 iframe.frameBorder = 0;
14 |                                 document.body.appendChild(iframe);
15 |                                 iframe.src = easyXDM.query.url;
16 | 	},
17 | 	onMessage: function(url, origin){
18 |                                 iframe.src = url;
19 |                                 console.log('authhelper:'+url);
20 | 	}
21 | });
22 | </script>
23 | <style type="text/css">
24 | html, body {
25 | overflow: hidden;
26 | margin: 0px;
27 | padding: 0px;
28 | width: 100%;
29 | height: 100%;
30 | }
31 | 
32 | iframe {
33 | width: 100%;
34 | height: 100%;
35 | border: 0px;
36 | }
37 | </style>
38 | </head>
39 | <body>
40 | 
41 | 
42 | </body></html>


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Single Sign On server
 2 | 
 3 | Single Sign On allows a user to only sign in once and be signed in automatically across different systems.
 4 | 
 5 | Currently supported systems include:
 6 | * [Wordpress](http://wordpress.org/plugins/single-sign-on/)
 7 | * [WHMCS](https://github.com/choppedcode/sso-whmcs)
 8 | 
 9 | The plugin works over multiple instances of the same system, for example multiple Wordpress installations as well as between systems, for example between WHMCS and Wordpress.
10 | 
11 | Additional systems can be added.
12 | 
13 | The way it works is that the participating systems interact with a SSO server and using cross domain messaging techniques, the user can login to one system and automatically get logged in to the other participating sytems.
14 | 
15 | ## Installation
16 | 
17 | Install the code in a web server so it's accessible via the net.
18 | 
19 | Create a database and create the table connections using the following SQL statement:
20 | 
21 | ```php
22 | CREATE TABLE IF NOT EXISTS `connections` (
23 |   `hash` varchar(64) NOT NULL,
24 |   `cookie` varchar(64) NOT NULL,
25 |   `loggedin` varchar(1) NOT NULL,
26 |   `email` varchar(128) DEFAULT NULL
27 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
28 | ```
29 | 
30 | Create a file config.php in the root folder and add the following:
31 | 
32 | ```php
33 | $conf['db']['hostSpec']='localhost'; //host name
34 | $conf['db']['dbName']=''; // database name
35 | $conf['db']['dbUser']=''; // database user
36 | $conf['db']['dbPass']=''; // database password
37 | ```
38 | 
39 | ## Changelog
40 | 
41 | ### 1.0.2
42 | * Updated documentation to include database creation instructions
43 | 
44 | ### 1.0.1
45 | * Beta release
46 | 
47 | ### 1.0.0
48 | * Alpha release


--------------------------------------------------------------------------------