Single sign On Service

Posted: November 22, 2011 in Uncategorized
Tags:

I’ve been asked a few times to give sample code on SSO (single sign on) services.

But because the code, is sectioned to the services running within the IP / Host then this is the example;

Within your script or software you can redirect pre-approved users to – User Web Application — by signing the request with your API key. The remote authorization url looks like this:

https://yourcompany.com/api/auth?email=user@email.com&timestamp=20110310120000&hash=a94a8fe5cc

Let’s break this url to parts:

https://yourcompany.com/ – this is your url
api/auth – this is the remote authorization path

?email= – the e-mail parameter specifies the pre-approved users that will be logged in
&timestamp= – the timestamp parameter is the current date and time in the following format

“yyMMddhhmmss”; for example November 22nd, 2011 08:10:00pm would be “110310201000”

&hash= – the e-mail, timestamp and your api key concatenated in this order and then hashed with SHA1

Here’s a sample code for ASP.NET in C#:
string apiKey = “myAPIkey-goes-here”;
string email = “someuser@somedomain.com”;
string timestamp = DateTime.Now.ToString(“yyMMddhhmmss”);
SHA1Managed sha1 = new SHA1Managed();
byte[] paramBytes = Encoding.UTF8.GetBytes(email + timestamp + apiKey);
byte[] hashBytes = sha1.ComputeHash(paramBytes);
string hash = BitConverter.ToString(hashBytes).Replace(“-“, “”).ToLower();

Response.Redirect(
string.Format(“https://yourcompany.com/api/auth?email={0}&timestamp={1}&hash={2}”,
email, timestamp, hash));

Advertisements
Comments
  1. I?m impressed, I have to say. Actually rarely do I encounter a weblog that?s each educative and entertaining, and let me let you know, you’ve got hit the nail on the head. Your thought is outstanding; the problem is something that not sufficient persons are talking intelligently about. I am very happy that I stumbled throughout this in my seek for something relating to this.

  2. Claude Szigethy says:

    What a very helpful blog! I am so glad I checked your site. Keep up the great work. Have a good day!

  3. Hello! I just want to give a huge thumbs up for the nice info you have got here on this post. I might be coming back to your weblog for more soon.

  4. Once I originally commented I clicked the -Notify me when new feedback are added- checkbox and now every time a remark is added I get four emails with the identical comment. Is there any method you’ll be able to remove me from that service? Thanks!

    • Hey Houston Keebler

      Thank you for your kind comment, unfortunately, I’m not aware to the solution to this, because of my this blog being hosted on wordpress and not my own server. But I will check further…

      If you are using a hosted wordpress blog then you, can do this from your end tho.

      Please let me know you progress, I will email any updates to this.

      Thanks
      Technology Chick

  5. Sprinkle apk says:

    An riveting discussion is worth account. I consider that you should compose many on this content, it strength not be a sacred person but generally fill are not sufficiency to talk on such topics. To the succeeding. Cheers like your Single sign On Service Technology Chick Blog.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s