PHP SSO Sample

gistfile1.txt

//Step 1 Create a template to begin the handshake process "OpenWaterBegin"

$userIsLoggedIn = false; //set using buddy press

$_SESSION["_openwater_auth"] = $_GET["returnUrl"]; //get the return url from the query string and save it to the session

  if($userIsLoggedIn) {
                header("Location: /openwater/process"); //forward to process page
                die();
            } else {
                header("Location: /LoginOrCreateAccount"); //forward to page to create an account
		die();
            }



//step 2 Create a template to end the handshake process "OpenWaterProcess"
include_once "Authentication/JWT.php"; //https://github.com/firebase/php-jwt 

$key       = "openwater-handshake-1241"; //shared secret you set in the portal
$now       = gmdate("Y-m-d H:i:s");

$returnUrl = $_SESSION["_openwater_auth"]; // as saved in step 1

if($returlUrl == '' || $returnUrl == NULL)
	$returnUrl = 'https://OPENWATERDOMAINNAME/a/account/validatethirdpartycorporateauthresult?redirectUrl=http%3A%2F%2FOPENWATERDOMAINNAME%2Fa';//default return url, replace after we go live


//Get variables from contact database
$firstName = "FirstName"; //take from buddy press
$lastName = "LastName"; //take from buddy press
$email = "valid@email.com"; //Must be a valid email format

$validatedAsMember = false; //For example if you have member / nonmember pricing you may want to set this flag
$additionalData = ""; //Optional you can use this if you need to set pricing based on some other criteria like a member role

$token = array(
  "TimeStampUtc"   => $now,
  "Email"  => $email,
  "FirstName" => $firstName,
  "LastName" => $lastName,
  "UserNameExists" => true,
  "UserIsMember" => $validatedAsMember,
  "UserData" => additionalData
);

$jwt = JWT::encode($token, $key);

$location = $returnUrl."&token=".$jwt;

// Redirect
header("Location: " . $location);