承接 korotovsky/sso-sp-bundle 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

korotovsky/sso-sp-bundle

最新稳定版本:0.3.1

Composer 安装命令:

composer require korotovsky/sso-sp-bundle

包简介

Single-sign-on bundle for Symfony2. Service Provider part.

README 文档

README

Build Status Scrutinizer Code Quality Code Coverage SensioLabsInsight

Disclaimer

I am by no means a security expert. I'm not bad at it either, but I cannot vouch for the security of this bundle. You can use this in production if you want, but please do so at your own risk. That said, if you'd like to contribute to make this bundle better/safer, you can always create an issue or send a pull request.

Description

This bundle provides an easy way to integrate a single-sign-on in your website. It uses an existing ('main') firewall for the actual authentication, and redirects all configured SSO-routes to authenticate via a one-time-password.

Installation

Installation is a quick 5 steps process:

  1. Download SingleSignOnServiceProviderBundle using composer
  2. Enable the bundle
  3. Configure SingleSignOnServiceProviderBundle
  4. Enable the route to validate OTP
  5. Modify security settings

Step 1: Download SingleSignOnServiceProviderBundle using composer

Tell composer to require the package:

composer require korotovsky/sso-sp-bundle

Composer will install the bundle to your project's vendor/korotovsky directory.

Step 2: Enable the bundle

<?php
// app/AppKernel.php

public function registerBundles()
{
    $bundles = [
        // ...
        new Krtv\Bundle\SingleSignOnServiceProviderBundle\KrtvSingleSignOnServiceProviderBundle(),
    ];
}
?>

Step 3: Configure SingleSignOnServiceProviderBundle

Add the following settings to your config.yml.

# app/config/config.yml
krtv_single_sign_on_service_provider:
    host:                 idp.example.com
    host_scheme:          http

    login_path:           /sso/login/

    # Configuration for OTP managers
    otp_manager:
        name: http
        managers:
            http:
                provider: guzzle     # Active provider for HTTP OTP manager
                providers:           # Available HTTP providers
                    service:
                        # the service must implement Krtv\SingleSignOn\Manager\Http\Provider\ProviderInterface
                        id: krtv_single_sign_on_service_provider.security.authentication.otp_manager.http.provider.guzzle

                    guzzle:
                        # in case you don't have a guzzle client, you must create one
                        client:   acme_bundle.guzzle_service
                        # the route that was created in the IdP bundle
                        resource: http://idp.example.com/internal/v1/sso

    otp_parameter:        _otp
    secret_parameter:     secret

Step 4: Enable route to validate OTP

# app/config/routing.yml
otp:
    # this needs to be the same as the check_path, specified later on in security.yml
    path: /otp/validate/

Step 5: Modify security settings

# app/config/security.yml
security:
    firewalls:
        main:
            pattern: ^/
            sso:
                require_previous_session: false
                provider:                 main
                check_path:               /otp/validate/     # Same as in app/config/routing.yml

                sso_scheme:               http               # Required
                sso_host:                 idp.example.com    # Required

                sso_otp_scheme:           http               # Optional
                sso_otp_host:             consumer1.com      # Optional

                sso_failure_path:         /login             # Can also be as an absolute path to service provider
                sso_path:                 /sso/login/        # SSO endpoint on IdP.

                sso_service_extra:           null            # Default service extra parameters. Optional.
                sso_service_extra_parameter: service_extra   # Parameter name. Optional

                sso_login_required:           1              # Optional
                sso_login_required_parameter: login_required # Optional

                sso_service:                  consumer1      # Consumer name

            logout:
                invalidate_session: true
                path:               /logout
                target:             http://idp.example.com/sso/logout?service=consumer1

Public API of this bundle

This bundle registers several services into service container. This services will help you customize SSO flow in the you application:

korotovsky/sso-sp-bundle 适用场景与选型建议

korotovsky/sso-sp-bundle 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 16.04k 次下载、GitHub Stars 达 33, 最近一次更新时间为 2014 年 11 月 24 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「login」 「SSO」 「otp」 「single-sign-on」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 korotovsky/sso-sp-bundle 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 korotovsky/sso-sp-bundle 我们能提供哪些服务?
定制开发 / 二次开发

基于 korotovsky/sso-sp-bundle 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 16.04k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 33
  • 点击次数: 28
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 33
  • Watchers: 5
  • Forks: 18
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2014-11-24