Created
February 26, 2014 16:25
-
-
Save paully21/9232979 to your computer and use it in GitHub Desktop.
ASP.NET MVC Discourse SSO Example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
public ActionResult DiscourseLogin() | |
{ | |
if (string.IsNullOrEmpty(Request.QueryString["sso"]) || string.IsNullOrEmpty(Request.QueryString["sig"])) | |
return Content("Invalid"); | |
string ssoSecret = "YOUR SSO SECRET"; //must match sso_secret in discourse settings | |
string sso = Request.QueryString["sso"]; | |
string sig = Request.QueryString["sig"]; | |
string checksum = getHash(sso, ssoSecret); | |
if (checksum != sig) | |
return Content("Invalid"); | |
byte[] ssoBytes = Convert.FromBase64String(sso); | |
string decodedSso = Encoding.UTF8.GetString(ssoBytes); | |
NameValueCollection nvc = HttpUtility.ParseQueryString(decodedSso); | |
string nonce = nvc["nonce"]; | |
//TODO: Add your own get user information | |
//Ensure user is logged in by adding the [Authorize] | |
//Attribute to this controller method and validate the | |
//user has permission to access the forum | |
string email = "[email protected]"; | |
string username = "testuser"; | |
string name = "Test User"; | |
string externalId = "21"; | |
string returnPayload = "nonce=" + Server.UrlEncode(nonce) + | |
"&email=" + Server.UrlEncode(email) + | |
"&external_id=" + Server.UrlEncode(externalId) + | |
"&username=" + Server.UrlEncode(username) + | |
"&name=" + Server.UrlEncode(name); | |
string encodedPayload = Convert.ToBase64String(Encoding.UTF8.GetBytes(returnPayload)); | |
string returnSig = getHash(encodedPayload, ssoSecret); | |
string redirectUrl = ConfigurationManager.AppSettings["DiscourseUrl"] + "/session/sso_login?sso=" + encodedPayload + "&sig=" + returnSig; | |
return Redirect(redirectUrl); | |
} | |
public string getHash(string payload, string ssoSecret) | |
{ | |
var encoding = new System.Text.UTF8Encoding(); | |
byte[] keyBytes = encoding.GetBytes(ssoSecret); | |
System.Security.Cryptography.HMACSHA256 hasher = new System.Security.Cryptography.HMACSHA256(keyBytes); | |
byte[] bytes = encoding.GetBytes(payload); | |
byte[] hash = hasher.ComputeHash(bytes); | |
string ret = string.Empty; | |
foreach (byte x in hash) | |
ret += String.Format("{0:x2}", x); | |
return ret; | |
} |
Thanks for posting
I know this is was posted YEARS ago, but thanks for sharing it. You'e saved me lots of time integrating Discourse SSO with an ASP.NET MVC application.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Does the externalId need to be an integer? I'm using EF Identity and all my IDs are GUID.