所以我正在使用Okta登录窗口小部件为我的内部WebApp身份验证用户。
但是,我正在努力地从我的域中存储在cookie中的创建会话或张贴回复中的sessionID,然后保存回复,然后可以稍后使用它来对该用户执行操作会话(例如注销)。我的JavaScript能力很糟糕,但我想在这里学习。请参阅下面的我的登录页面代码。如果有人可以帮助我如何作为登录的响应,可以使用sessionID,那将不胜感激。
<!DOCTYPE html>
<html>
<head>
<?php echo $MetaData['charset']."n";?>
<?php echo $MetaData['viewport']."n";?>
<?php echo $MetaData['description']."n";?>
<?php echo $MetaData['author']."n";?>
<?php echo $MetaData['title']."n";?>
<link rel="shortcut icon" href="">
<script src="https://ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/1.7.0/js/okta-sign-in.min.js" type="text/javascript"></script>
<link href="https://ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/1.7.0/css/okta-sign-in.min.css" type="text/css" rel="stylesheet">
<link href="https://ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/1.7.0/css/okta-theme.css" type="text/css" rel="stylesheet">
<link href="<?php echo base_url().'assets/css/custom.css' ?>"type="text/css" rel="stylesheet">
</head>
<body style="background-color:#f5f5f5;">
<div id="okta-login-container"></div>
<script type="text/javascript">
var orgUrl = '<?php echo $OktaInstanceConfig['OktaInstanceURL'];?>';
var redirectUrl = '<?php echo base_url().'index.php/Dashboard' ?>';
var oktaSignIn = new OktaSignIn({
baseUrl: orgUrl,
logo: '<?php echo base_url()."assets/images/".$CompanyConfig["CompanyName"]."/logo.svg"?>',
authParams: {
responseType: 'id_token',
responseMode: 'okta_post_message',
scope: [
'openid',
'email',
'profile',
'address',
'phone',
'groups'
]
}
});
oktaSignIn.renderEl(
{ el: '#okta-login-container' },
function (res) {
if (res.status === 'SUCCESS')
{
console.log('User %s successfully authenticated %o', res.user.profile.login, res.user);
res.session.setCookieAndRedirect(redirectUrl);
}
}
);
</script>
</body>
</html>
okta在调用方法setCookieAndRedirect(redirectUrl)
之后设置用户会话。
redirectUrl
(index.php
)内部的逻辑可以通过使用登录小部件检索当前会话来获得sessionId
:
<!-- index.php -->
<!DOCTYPE html>
<html>
<head> <!-- scripts and stylesheets --> </head>
<body>
<script type="text/javascript">
var oktaSignIn = new OktaSignIn({ /* config */});
oktaSignIn.session.exists(function (exists) {
if (exists) {
// Session exists
oktaSignIn.session.get(function (sessionInfo) {
// sessionInfo.id
}, function(err) { // error retrieving session })
return;
} else { console.log("No session");
}
});
</script>
</body>
</html>