Last active
March 24, 2020 14:21
-
-
Save adamcapriola/11300529 to your computer and use it in GitHub Desktop.
WordPress Page Template for SSO with Discourse
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * Template Name: Discourse SSO | |
| * Author: Adam Capriola | |
| * Version: 1.1 | |
| * Author URI: https://meta.discourse.org/users/AdamCapriola/activity | |
| * Adapted From: https://github.com/ArmedGuy/discourse_sso_php | |
| * Uses: https://meta.discourse.org/t/official-single-sign-on-for-discourse/13045 | |
| * | |
| */ | |
| // Customize these two variables | |
| $sso_secret = 'meow'; | |
| $discourse_url = 'http://discourse.example.com'; // Note: No trailing slash! | |
| // | |
| // Check if user is logged in to WordPress | |
| // | |
| // Not logged in to WordPress, redirect to WordPress login page with redirect back to here | |
| if ( ! is_user_logged_in() ) { | |
| // Preserve sso and sig parameters | |
| $redirect = add_query_arg(); | |
| // Change %0A to %0B so it's not stripped out in wp_sanitize_redirect | |
| $redirect = str_replace( '%0A', '%0B', $redirect ); | |
| // Build login URL | |
| $login = wp_login_url( $redirect ); | |
| // Redirect to login | |
| wp_redirect( $login ); | |
| exit; | |
| } | |
| // Logged in to WordPress, now try to log in to Discourse with WordPress user information | |
| else { | |
| // Payload and signature | |
| $payload = $_GET['sso']; | |
| $sig = $_GET['sig']; | |
| // Change %0B back to %0A | |
| $payload = urldecode( str_replace( '%0B', '%0A', urlencode( $payload ) ) ); | |
| // Check for helper class | |
| if ( ! class_exists( 'Discourse_SSO' ) ) { | |
| // Error message | |
| echo( 'Helper class is not properly included.' ); | |
| // Terminate | |
| exit; | |
| } | |
| // Validate signature | |
| $sso = new Discourse_SSO( $sso_secret ); | |
| if ( ! ( $sso->validate( $payload, $sig ) ) ) { | |
| // Error message | |
| echo( 'Invalid request.' ); | |
| // Terminate | |
| exit; | |
| } | |
| // Nonce | |
| $nonce = $sso->getNonce( $payload ); | |
| // Current user info | |
| get_currentuserinfo(); | |
| // Map information | |
| $params = array( | |
| 'nonce' => $nonce, | |
| 'name' => $current_user->display_name, | |
| 'username' => $current_user->user_login, | |
| 'email' => $current_user->user_email, | |
| 'about_me' => $current_user->description, | |
| 'external_id' => $current_user->ID | |
| ); | |
| // Build login string | |
| $q = $sso->buildLoginString( $params ); | |
| // Redirect back to Discourse | |
| wp_redirect( $discourse_url . '/session/sso_login?' . $q ); | |
| exit; | |
| } |
@servermeta It's standard practice to leave the PHP tag unclosed to prevent unwanted whitespace at the end of a file which may cause the script to send header info earlier than desired:
http://stackoverflow.com/questions/4410704/why-would-one-omit-the-close-tag
Installation instructions are here:
https://meta.discourse.org/t/wordpress-sso-page-template/15072
Helper class is not properly included. how to include helper class
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
why you dont close the php tag?