Skip to content

Instantly share code, notes, and snippets.

@jerome-labidurie
Created October 17, 2015 14:01
Show Gist options
  • Save jerome-labidurie/d92d9441c4d021f5181d to your computer and use it in GitHub Desktop.
Save jerome-labidurie/d92d9441c4d021f5181d to your computer and use it in GitHub Desktop.
Synology SSO server login example
<html>
<head>
<!-- include Synology SSO js -->
<script src="http://ds:5000/webman/sso/synoSSO-1.0.0.js"></script>
</head>
<body>
<script>
/** Display login/logout button.
* Use a html element with id button
* @param logged boolean, are we logged ?
*/
function setButton (logged) {
if (logged) {
document.getElementById('button').innerHTML = '<button onclick="SYNOSSO.logout()">Logout</button>';
} else {
document.getElementById('button').innerHTML = '<button onclick="SYNOSSO.login()">Login</button>';
}
}
/** Callback for SSO.
* Called by init() and login()
* @param reponse the JSON returned by SSO. See Syno SSO Dev Guide.
*/
function authCallback(reponse) {
console.log(JSON.stringify(reponse));
if (reponse.status == 'login') {
console.log('logged');
setButton(true);
}
else {
console.log('not logged ' + reponse.status);
setButton(false);
}
}
SYNOSSO.init({
oauthserver_url: 'http://ds:5000',
app_id: 'a80a2d975796104eb7a7f38b971a8f99',
redirect_uri: 'http://ds/test/relay.html', //no idea what this is :)
callback: authCallback
});
</script>
<h1> Syno SSO test</h1>
<p id='button'></p>
</body>
</html>
@jackietw
Copy link

is it have php example?

@jhfoo
Copy link

jhfoo commented Mar 7, 2018

Must Synology be configured with LDAP for SSO Server to work? Cos it's not working for me without.

@Kolossi
Copy link

Kolossi commented Jun 1, 2018

@cljk (hoping you are still around a year later) - that link to query.cgi/entry.cgi info is awesome. Is there somewhere on Synology where that is even vaguely documented?

Going to https://www.synology.com/en-us/support/developer#web_developer I get a list of ...uh... command line tools!!!

@alber68
Copy link

alber68 commented Jun 14, 2018

@cljk I use SYNO's directory server + SSO server, refer to your code to achieve SSO login,it's success,But I can't get the account information after login. The link (https://ds:5001/webapi/entry.cgi?method=get&version=1&api=SYNO.Core.NormalUser) you mentioned above can be obtained from the browser after login. I try to get account information by ajax or php file_get_contents,The result of the execution is Access-Control-Allow-Origin or timeout。
Is there another way to get account information?

@videoMonkey
Copy link

ditto! I can login, but if I can't know anything about the user who logged in, this system is useless to me!

@keombre
Copy link

keombre commented Aug 5, 2018

Hello,
First of all, thank's so much to @jerome-labidurie and @cljk.
I recently hit the same bottleneck as you guys.
After reading the official docs (all of them) and finding nothing that could help me, I found by a complete accident this repo: https://github.com/kwent/syno/tree/master/definitions/DSM/6.0.2/8451. Unfortunately there was no info about SSO. However, after some digging in Synology's JS, I finally connected over SSH to my NAS a started looking around in /usr/syno/synoman/webapi. There is a file called SYNO.SSO.Backend.lib, stating that there should be API SYNO.SSO.Backend.AccessToken with methods: verify and exchange. And voila!

After running:
/webapi/entry.cgi?api=SYNO.SSO.Backend.AccessToken&version=1&method=exchange&access_token=<my token>

I got:
{"data":{"user_id":[my id],"user_name":"[my username]"},"success":true}

YAY!

So after hours of detective work, we can finally get one's username from access_token.

@alber68
Copy link

alber68 commented Jan 19, 2019

Thank you, I solved a big problem. @keombre
At present, the system is basically integrated, running for a while, and it is found that sometimes 120 error codes appear when logging in(DSM has logged in). No regularity was found in the account and time of appearance.

@LucasHerb
Copy link

Hello! The example is great, but after logout and try to login again the form window only blinks and the status is "not_login". I try incognito mode and clear cookies with no effect. Is this a bug in Synology SSO or after logout should be any other sequence to clean something?

@dagababaev
Copy link

@LucasHerb
No matter how much I tried, I could not get this script to work in 2020, apparently due to updates in the Chrome security policy. I wrote my version in php, maybe it will help you – https://github.com/dagababaev/Synology_SSO_integration

@sandrickn
Copy link

@dagababaev Are you able to logout from the php version? I saw that the variables get unset, however, as I refresh the page, the auth gets passed and the variables get set again.

Also, the javascript version does not seem to work for me.

@dagababaev
Copy link

dagababaev commented Dec 10, 2020

@sandrickn
it's true If you stay signed in Synology. To log out you must send command to Synology (i am not use it), but not only your web site

@eocula
Copy link

eocula commented Jan 4, 2022

Hi all,

I'm using the code from dagababaev . On my WordPress-site. I'm able to login, from the WordPress-site, using "Synology SSL Server", and with a DSM-user. All works fine. But at the end I'm not able to show the logged-in user the home-page of the WordPress-site. Most probably because I have (almost) no knowledge of php.

Anybody any idea ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment