CodeIgniter Web应用程序SSO,使用OAuth2? SAML?两者都不? [英] CodeIgniter web application SSO, use OAuth2? SAML? Both/Neither?
问题描述
我有一个CodeIgniter 2.1内部Web应用程序,它使用简单的共享密码(无用户名)进行身份验证。现在是抽出时间并理想地使用我们公司的Google Apps帐户的单点登录功能对特定内部用户进行身份验证的时候了,并且将来允许外部用户使用他们的Google / Twitter / Facebook帐户进行身份验证。
所以问题是,我应该从哪里开始实现我在上面寻找的?
我认为,我仍然需要维护一个user_id和email的数据库,以允许谁可以使用该web应用程序,即使Google或其他人会验证他们的身份?
我的看起来像是一个相当基本的用例,但是我已经在这个缩写的海洋中迷失了
是的,我会去图书馆 http ://getsparks.org/packages/oauth2/versions/HEAD/show
Google是该图书馆似乎支持的OAuth2提供商。您将从Google OAuth令牌中获取用户的电子邮件,如代码所示
$ user = $ provider-> get_user_info($令牌);
您需要注册或者邀请当前用户使用这个新系统它已经准备好了。
I have a CodeIgniter 2.1 internal web app which uses a simple shared password (no usernames) for authentication. It's time to pull that out and ideally use Single Sign On with our company Google Apps accounts to authenticate specific internal users, and in the future allow external users to authenticate with their Google/Twitter/Facebook accounts.
So the question is, where should I start to achieve what I'm looking for above?
- Google SAML SSO for Google Apps?
- CodeIgniter OAuth 2.0 library?
- Something else?
I take it I need to still maintain a database of user_ids and emails for who is allowed to use the web app, even though Google or someone else will be verifying their identity?
Mine seems like a fairly basic use case but I've been lost in a sea of acronyms on this one
Yes, I would go with this library http://getsparks.org/packages/oauth2/versions/HEAD/show
Google is an OAuth2 provider that the library seems to support. You will get the email of the user from the Google OAuth token like shown in the code
$user = $provider->get_user_info($token);
You will need a registration or some kind of invitations for the current users to hook with this new system once it is ready.
这篇关于CodeIgniter Web应用程序SSO,使用OAuth2? SAML?两者都不?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
