Skip to content

Instantly share code, notes, and snippets.

@armanhakimsagar

armanhakimsagar/single sign on

Last active June 20, 2023 11:48
Show Gist options
  • Save armanhakimsagar/84b21ace4e48ac4b525ca0368ee18d08 to your computer and use it in GitHub Desktop.
Save armanhakimsagar/84b21ace4e48ac4b525ca0368ee18d08 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
single sign on
https://accounts.google.com/signin/v2/sl/pwd?
service=mail
&hl=en
&uilel=1
&continue=https://www.gmail.com
&passive=true
&ltmpl=default
&flowName=GlifWebSignIn
&flowEntry=ServiceLogin
_________________________________________________
https://accounts.google.com/signin/v2/sl/pwd?
service=youtube
&hl=en
&uilel=3
&continue=https://www.youtube.com
&passive=true
&flowName=GlifWebSignIn
&flowEntry=ServiceLogin
________________________________________________
Youtube first sign in set 4 cookies:
1. remote-session-name {"data":"youtube-desktop","creation":1541948055176}
2. remote-session-app {"data":"Desktop","creation":1541948055176}
3. remote-device-id {"data":"f6b539df-f025-445d-b15e-cffe11be188b","expiration":1571461396512,"creation":1539925396512}
4. remote-uilel {"data":"3","creation":1541947781364}
** After youtube sign out cookies remove
** If youtube sign out gmail also signout if refresh
Activity table:
1. service
2. continue
3. flowName
4. flowEntry
5. passive
6. hl
7. remote-session-name (password)
8. remote-session-app
9. remote-device-id
10.remote-uilel
11.uid
12.browser_header (cookie hijacking)
Login process:
** After login from gmail insert all data in activity table & set cookies in https://accounts.google.com
** If try to login in youtube from new tab https://accounts.google.com check cookies value isset or not.
** if isset check browser_header (cookie hijacking)
remote-session-name | remote-device-id |
remote-uilel exits in database or not.
** if isset auto login from backend & redirect.
** Get uid from remote-session-name & insert new data in activity table & set cookies.
Logout process:
** If logout from gmail remove all row from activity table related uid & Unset session
** Remove cookies from https://accounts.google.com remote-session-name | remote-session-app | remote-device-id | remote-uilel
** Set set interval check 30 for youtube uid exits table or not | Or set it in next refresh
________________________________________________
** Store logic :
public function storeLoginActivity($password) {
$logged_time = time();
$expire = time() + (86400 * 30);
setcookie('logged_time', $logged_time, time() + (86400 * 30), "/");
$uid = md5($_SERVER['HTTP_USER_AGENT'] . $_SERVER['REMOTE_ADDR'] . $logged_time);
$cipher = "#&sdfdfs789fs7d";
$encoded_password = base64_encode(openssl_encrypt($password, "AES-128-ECB", $cipher));
DB::table('activity')->insert(
['user_id' => Auth::id(), 'password' => $encoded_password, 'uid' => $uid]
);
header ("Set-Cookie: logged_time=$logged_time; expires=$expire; path=/; domain=.kallyani.com.bd");
return true;
}
@Jessieb02207
Copy link

Skip to content
armanhakimsagar/single sign on
Last active 16 months ago • Report abuse
Code
Revisions 2
Stars 1
Forks 1
Revisions
armanhakimsagar revised this gist on Nov 19, 2018.
1 changed file with 15 additions and 3 deletions.
18 single sign on
@@ -102,9 +102,21 @@ Logout process:

** Store logic :

public function storeLoginActivity($password) {
$logged_time = time();
$expire = time() + (86400 * 30);
setcookie('logged_time', $logged_time, time() + (86400 * 30), "/");
$uid = md5($_SERVER['HTTP_USER_AGENT'] . $_SERVER['REMOTE_ADDR'] . $logged_time);
$cipher = "#&sdfdfs789fs7d";
$encoded_password = base64_encode(openssl_encrypt($password, "AES-128-ECB", $cipher));
DB::table('activity')->insert(
['user_id' => Auth::id(), 'password' => $encoded_password, 'uid' => $uid]
);
header ("Set-Cookie: logged_time=$logged_time; expires=$expire; path=/; domain=.kallyani.com.bd");
return true;
}

armanhakimsagar created this gist on Nov 19, 2018.
112 single sign on
@@ -0,0 +1,112 @@
https://accounts.google.com/signin/v2/sl/pwd?

service=mail

&hl=en

&uilel=1

&continue=https://www.gmail.com

&passive=true

&ltmpl=default

&flowName=GlifWebSignIn

&flowEntry=ServiceLogin

https://accounts.google.com/signin/v2/sl/pwd?

service=youtube

&hl=en

&uilel=3

&continue=https://www.youtube.com

&passive=true

&flowName=GlifWebSignIn

&flowEntry=ServiceLogin

Youtube first sign in set 4 cookies:

  1. remote-session-name {"data":"youtube-desktop","creation":1541948055176}

  2. remote-session-app {"data":"Desktop","creation":1541948055176}

  3. remote-device-id {"data":"f6b539df-f025-445d-b15e-cffe11be188b","expiration":1571461396512,"creation":1539925396512}

  4. remote-uilel {"data":"3","creation":1541947781364}

** After youtube sign out cookies remove

** If youtube sign out gmail also signout if refresh

Activity table:

  1. service
  2. continue
  3. flowName
  4. flowEntry
  5. passive
  6. hl
  7. remote-session-name (password)
  8. remote-session-app
  9. remote-device-id
    10.remote-uilel
    11.uid
    12.browser_header (cookie hijacking)

Login process:

** After login from gmail insert all data in activity table & set cookies in https://accounts.google.com

** If try to login in youtube from new tab https://accounts.google.com check cookies value isset or not.

** if isset check browser_header (cookie hijacking)
remote-session-name | remote-device-id |
remote-uilel exits in database or not.

** if isset auto login from backend & redirect.

** Get uid from remote-session-name & insert new data in activity table & set cookies.

Logout process:

** If logout from gmail remove all row from activity table related uid & Unset session

** Remove cookies from https://accounts.google.com remote-session-name | remote-session-app | remote-device-id | remote-uilel

** Set set interval check 30 for youtube uid exits table or not | Or set it in next refresh

© 2022 GitHub, Inc.
Terms
Privacy
Security
Status
Docs
Contact GitHub
Pricing
API
Training
Blog
About
Loading complete

https://photos.app.goo.gl/dmrkVQGGdWPZskcd7

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment