geoff-nixon/single sign on

## single sign on
https://accounts.google.com/signin/v2/sl/pwd?

service=mail

&hl=en

&uilel=1

&continue=https://www.gmail.com

&passive=true

&ltmpl=default

&flowName=GlifWebSignIn

&flowEntry=ServiceLogin


_________________________________________________


https://accounts.google.com/signin/v2/sl/pwd?

service=youtube

&hl=en

&uilel=3

&continue=https://www.youtube.com

&passive=true

&flowName=GlifWebSignIn

&flowEntry=ServiceLogin


________________________________________________


Youtube first sign in set 4 cookies:

1. remote-session-name {"data":"youtube-desktop","creation":1541948055176}

2. remote-session-app  {"data":"Desktop","creation":1541948055176}

3. remote-device-id    {"data":"f6b539df-f025-445d-b15e-cffe11be188b","expiration":1571461396512,"creation":1539925396512}

4. remote-uilel	       {"data":"3","creation":1541947781364}


** After youtube sign out cookies remove

** If youtube sign out gmail also signout if refresh


Activity table:


1. service
2. continue
3. flowName
4. flowEntry
5. passive
6. hl
7. remote-session-name (password)
8. remote-session-app
9. remote-device-id
10.remote-uilel
11.uid
12.browser_header (cookie hijacking)

Login process:

** After login from gmail insert all data in activity table & set cookies in https://accounts.google.com

** If try to login in youtube from new tab https://accounts.google.com check cookies value isset or not.

** if isset check browser_header (cookie hijacking)
   remote-session-name | remote-device-id |
   remote-uilel exits in database or not.

** if isset auto login from backend & redirect.

** Get uid from remote-session-name & insert new data in activity table & set cookies.


Logout process:

** If logout from gmail remove all row from activity table related uid & Unset session

** Remove cookies from  https://accounts.google.com remote-session-name | remote-session-app | remote-device-id | remote-uilel

** Set set interval check 30 for youtube uid exits table or not | Or set it in next refresh


________________________________________________

** Store logic :

public function storeLoginActivity($password) {
  $logged_time = time();
  $expire = time() + (86400 * 30);
  setcookie('logged_time', $logged_time, time() + (86400 * 30), "/");
  $uid = md5($_SERVER['HTTP_USER_AGENT'] .  $_SERVER['REMOTE_ADDR'] . $logged_time);
  $cipher = "#&sdfdfs789fs7d";
  $encoded_password = base64_encode(openssl_encrypt($password, "AES-128-ECB", $cipher));
  DB::table('activity')->insert(
      ['user_id' => Auth::id(), 'password' => $encoded_password, 'uid' => $uid]
  );
  header ("Set-Cookie: logged_time=$logged_time; expires=$expire; path=/; domain=.kallyani.com.bd");
  return true;
}
	https://accounts.google.com/signin/v2/sl/pwd?

	service=mail

	&hl=en

	&uilel=1

	&continue=https://www.gmail.com

	&passive=true

	&ltmpl=default

	&flowName=GlifWebSignIn

	&flowEntry=ServiceLogin


	_________________________________________________



	https://accounts.google.com/signin/v2/sl/pwd?

	service=youtube

	&hl=en

	&uilel=3

	&continue=https://www.youtube.com

	&passive=true

	&flowName=GlifWebSignIn

	&flowEntry=ServiceLogin



	________________________________________________


	Youtube first sign in set 4 cookies:

	1. remote-session-name {"data":"youtube-desktop","creation":1541948055176}

	2. remote-session-app {"data":"Desktop","creation":1541948055176}

	3. remote-device-id {"data":"f6b539df-f025-445d-b15e-cffe11be188b","expiration":1571461396512,"creation":1539925396512}

	4. remote-uilel {"data":"3","creation":1541947781364}


	** After youtube sign out cookies remove

	** If youtube sign out gmail also signout if refresh


	Activity table:


	1. service
	2. continue
	3. flowName
	4. flowEntry
	5. passive
	6. hl
	7. remote-session-name (password)
	8. remote-session-app
	9. remote-device-id
	10.remote-uilel
	11.uid
	12.browser_header (cookie hijacking)

	Login process:

	** After login from gmail insert all data in activity table & set cookies in https://accounts.google.com

	** If try to login in youtube from new tab https://accounts.google.com check cookies value isset or not.

	** if isset check browser_header (cookie hijacking)
	remote-session-name \| remote-device-id \|
	remote-uilel exits in database or not.

	** if isset auto login from backend & redirect.

	** Get uid from remote-session-name & insert new data in activity table & set cookies.



	Logout process:

	** If logout from gmail remove all row from activity table related uid & Unset session

	** Remove cookies from https://accounts.google.com remote-session-name \| remote-session-app \| remote-device-id \| remote-uilel

	** Set set interval check 30 for youtube uid exits table or not \| Or set it in next refresh



	________________________________________________

	** Store logic :

	public function storeLoginActivity($password) {
	$logged_time = time();
	$expire = time() + (86400 * 30);
	setcookie('logged_time', $logged_time, time() + (86400 * 30), "/");
	$uid = md5($_SERVER['HTTP_USER_AGENT'] . $_SERVER['REMOTE_ADDR'] . $logged_time);
	$cipher = "#&sdfdfs789fs7d";
	$encoded_password = base64_encode(openssl_encrypt($password, "AES-128-ECB", $cipher));
	DB::table('activity')->insert(
	['user_id' => Auth::id(), 'password' => $encoded_password, 'uid' => $uid]
	);
	header ("Set-Cookie: logged_time=$logged_time; expires=$expire; path=/; domain=.kallyani.com.bd");
	return true;
	}