Single Sign-On Implementation \ Login and registration

In this part you will discover how to integrate Social Login in order to easily let new users sign up for an account on your website by using their existing accounts from over thirty different social networks such as Facebook, Google, Twitter, Yahoo, Instagram and LinkedIn amongst others.

10. Register new and login existing users on the fly.

Whenever a user switches from one of your websites to another, the SSO service will automatically redirect the user to your callback_uri if he is not yet logged in but has an active SSO session.

SSO will send the POST value connection_token to the callback script and this token can then be used to retrieve the user's profile data.

After having retrieved the user's profile data, the callback script can either login the user with an existing account or use the data to create a new account on the fly.

Example Callback Script

    <?php

    // Your OneAll Site Settings
    $site_subdomain = 'REPLACE WITH YOUR SITE SUBDMOAIN';
    $site_public_key = 'REPLACE WITH YOUR SITE PUBLIC KEY';
    $site_private_key = 'REPLACE WITH YOUR SITE PRIVATE KEY';

    // Check if we have received a connection_token
    if ( ! empty ($_POST['connection_token']))
    {
        // Get connection_token
        $token = $_POST['connection_token'];

        // Retrieve the user's profile data
        $resource_uri = 'https://'.$site_subdomain.'.api.oneall.com/connections/'.$token .'.json';

        // Setup connection
        $curl = curl_init();
        curl_setopt($curl, CURLOPT_URL, $resource_uri);
        curl_setopt($curl, CURLOPT_HEADER, 0);
        curl_setopt($curl, CURLOPT_USERPWD, $site_public_key . ":" . $site_private_key);
        curl_setopt($curl, CURLOPT_TIMEOUT, 15);
        curl_setopt($curl, CURLOPT_VERBOSE, 0);
        curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 1);
        curl_setopt($curl, CURLOPT_FAILONERROR, 0);

        // Send request
        $result_json = curl_exec($curl);

        // Error
        if ($result_json === false)
        {
            echo 'Curl error: ' . curl_error($curl). '<br />';
            echo 'Curl info: ' . curl_getinfo($curl). '<br />';
            curl_close($curl);
        }
        // Success
        else
        {
            // Close connection
            curl_close($curl);

            // Decode
            $json = json_decode ($result_json);

            // Extract data
            $data = $json->response->result->data;
            
            // Check for service
            switch ($data->plugin->key)
            {           
                // Single Sign-On
                case 'single_sign_on':
                            
                    // Operation successful
                    if ($data->plugin->data->status == 'success')
                    {
                        // The user_token uniquely identifies the user 
                        $user_token = $data->user->user_token;
                        
                        // The identity contains the user's profile data
                        $identity = $data->user->identity
                        
                        // At this point you must use the identity data to either login the user
                        // with an existing account or to create a new account.
                        
                        // ....
                
                    }
                break;
            }
        }
    }
    ?>

11. Make a final test.

To be able to make your first test, you need to setup Single Sign-On on at least two different websites.

Once this has been done, start by logging out from both websites. Now login on the first website. If you have correctly setup the user authentication then your system should generate a new sso_session_token and register the SSO session for for you.

Now switch to the second website where you should automatically be redirected to your callback script. The callback script should first create a new account if you do not have one yet. Finally you should seamlessly be logged in.

User Contributed Notes