Skip to content

Instantly share code, notes, and snippets.

@jacobdubail
Last active February 20, 2019 22:48
Show Gist options
  • Save jacobdubail/46af327b86a7ca3f2beb46b79e6d4dc2 to your computer and use it in GitHub Desktop.
Save jacobdubail/46af327b86a7ca3f2beb46b79e6d4dc2 to your computer and use it in GitHub Desktop.
Absorb WordPress SSO
<?php
Class AbsorbLMS {
//protected private key from Absorb Admin
protected $private_key = "*******";
//admin login creds to Absorb
protected $absorb_api_url = "https://ACOUNTNAME.myabsorb.com/api/Rest/v1/";
protected $external_login_url = "https://ACOUNTNAME.myabsorb.com/account/externallogin";
public function getExternalLoginUrl() {
return $this->external_login_url;
}
public function getSSOToken() {
return $this->sso("https://ACOUNTNAME.myabsorb.com/account/externallogin");
}
public function processSSO($token,$id) {
$key = "*******";
$id_key = $id . $key;
$hashed = hash_pbkdf2("sha256", $id_key, $this->urltokenDecode($token), 1000, 24, true);
$key = $this->urlencodeTokenEncode($hashed);
return $this->sso("https://ACOUNTNAME.myabsorb.com/account/externallogincallback?id={$id}&key={$key}&relayState=https://ACOUNTNAME.myabsorb.com/#/dashboard");
}
/**
*
* HttpServerUtility.UrlTokenEncode
* @param $string
* @return string
*/
public function urlencodeTokenEncode($string) {
// First base64 encode
$data = base64_encode($string);
// Base64 strings can end in several = chars. These need to be translated into a number
$no_of_eq = substr_count($data, "=");
$data = str_replace("=", "", $data);
$data = $data.$no_of_eq;
// Then replace all non-url safe characters
$data = str_replace(array('+','/'),array('-','_'),$data);
return $data;
}
public function urltokenDecode($token)
{
$len = strlen($token);
if (!$len)
return $token;
$digit = $token[$len-1];
if (!in_array($digit, range(0,2)))
{
throw InvalidArgumentException(sprintf('Invalid end digit (%s).', $digit));
}
return base64_decode(substr($token, 0, -1));
}
/**
*
* The IdP does a POST of a signed SAML Response with a SAML Assertion.
* POST the SAML Response to https://Portal URL/Account/SAML
* @return string
*/
public function sso($url) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
//curl_setopt($ch, CURLOPT_POST, 1);
//curl_setopt($ch, CURLOPT_POSTFIELDS,http_build_query($post));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_TIMEOUT, 15);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$response = trim(curl_exec($ch));
// The following if block will print any CURL errors you might have
if ($response == false) {
error_log("CURL Error: " . curl_error($ch));
}
return $response;
}
/**
* generate access token
*/
public function generateToken() {
$absorb_settings = get_option( 'de_absorb_settings' );
$username = $absorb_settings['de_absorb_username'];
$password = $absorb_settings['de_absorb_password'];
$endpoint = "Authenticate?username={$username}&password={$password}&privateKey={$this->private_key}";
$absorb_data = array();
$result = $this->execute_curl($absorb_data,$endpoint);
return substr($result, 1, -1);
}
/**
* Enroll User to a Course
* POST api/Rest/v1/users/{userId}/enrollments/{courseId}?reEnroll={reEnroll}
* @param $user_id
* @param $course_id
* @param $access_token
* @return mixed
*/
public function enrollUserToCourse($user_id,$course_id,$access_token) {
$endpoint = "users/{$user_id}/enrollments/{$course_id}";
$absorb_data = array();
$result = $this->execute_curl($absorb_data,$endpoint,$access_token);
return json_decode($result,1);
}
/**
* Enroll User to a Course (In-person)
* POST api/Rest/v1/users/{userId}/enrollments/{courseId}/session/{sessionId}?reEnroll={reEnroll}&cancelSession={cancelSession}
* @param $user_id
* @param $course_id
* @param $session_id
* @param $access_token
* @return mixed
*/
public function enrollUserToTraining($user_id,$course_id,$session_id,$access_token) {
$endpoint = "users/{$user_id}/enrollments/{$course_id}/session/$session_id";
$absorb_data = array();
$result = $this->execute_curl($absorb_data,$endpoint,$access_token);
return json_decode($result,1);
}
/**
* create Absorb User
* {
* "Id": "1907f28c-c02e-4644-bac8-0a94361b9514",
"Username": "ca.profugo"
}
*/
public function createUser($absorb_data,$access_token) {
$endpoint = "createabsorbaccount";
$result = $this->execute_curl($absorb_data,$endpoint,$access_token);
return json_decode($result,1);
}
/**
* execute_curl - connect to absorb api using curl
*
*/
private function execute_curl($post,$endpoint,$access_token = "") {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this->absorb_api_url . $endpoint);
if($access_token !== "") {
$authorization = "Authorization: $access_token";
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded' , $authorization ));
}
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,http_build_query($post));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_TIMEOUT, 15);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$response = trim(curl_exec($ch));
// The following if block will print any CURL errors you might have
if ($response == false) {
error_log("---------- ABSORB ERROR ----------");
error_log(print_r(curl_error($ch),1));
error_log("---------- ABSORB ERROR ----------");
}
return $response;
}
}
@birdiewd
Copy link

We changed ours to use SHA1 and it worked great.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment