-
-
Save EGreg/3ae51989c2ce2fb9a657b3d5f6d03698 to your computer and use it in GitHub Desktop.
Here is some PHP code and you'd do similar for iOS and Android. Remember to intercept the URL request in WebView!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
include('../Q.inc.php'); | |
function SSO($params = array()) { | |
$params = array_merge($_REQUEST, $params); | |
$sso = Q::ifset($params, 'sso', null); | |
$sig = Q::ifset($params, 'sig', null); | |
$secret = Q_Config::get("Communities", "Discourse", "SSO", "secret", null); | |
$secret = '92738172819238912'; | |
$step = Q::ifset($params, 'step', null); | |
if(is_null($sso)) { | |
die("SSO is required"); | |
//throw new Q_Exception("SSO is required"); | |
} | |
if(is_null($sig)) { | |
die("SIG is required"); | |
//throw new Q_Exception("SIG is required"); | |
} | |
if(is_null($secret)) { | |
die("Communities.Discourse.SSO.secret config is required"); | |
//throw new Q_Exception("Communities.Discourse.SSO.secret config is required"); | |
} | |
$hash = hash_hmac('sha256', $sso, $secret); | |
if($hash != $sig) { | |
die("Wrong signature"); | |
//throw new Q_Exception("Wrong signature"); | |
} | |
$decodedSSO = urldecode(base64_decode($sso)); | |
parse_str($decodedSSO, $ssoVars); | |
$nonce = $ssoVars['nonce']; | |
$returnSsoUrl = $ssoVars['return_sso_url']; | |
// $user = Users::loggedInUser(); | |
if($step != 'onboarding') { | |
/* | |
$emailAddress = 'bobsaget@qbix.com'; | |
$name = 'Bob Saget'; | |
$username = 'BobbySaget2'; | |
$avatarUrl = 'https://variety.com/wp-content/uploads/2022/01/Bob-Saget-14-1.jpg?w=681&h=383&crop=1'; | |
*/ | |
$forceUpdate = true; | |
$emailAddress = 'mariah@careybaby.com'; | |
$name = 'Mariah Carey'; | |
$username = 'Mariah'; | |
$avatarUrl = 'https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTH8gEwxrzlwR-N4RHRXG70rISK0yneAZ7Me1Io-n5p2aIGqqYZLSKeYRSFHg&s'; | |
$externalId = $emailAddress; | |
$urlParams = [ | |
'nonce' => $nonce, | |
'email' => $emailAddress, | |
'external_id' => $externalId, | |
'name' => $name, | |
'username' => $username, | |
'avatar_url' => $avatarUrl, | |
'avatar_force_update' => $forceUpdate | |
]; | |
$querystring = http_build_query($urlParams); | |
$encodedQS = base64_encode($querystring); | |
$payloadHash = hash_hmac('sha256', $encodedQS, $secret); | |
$returnParams = http_build_query([ | |
'sso' => $encodedQS, | |
'sig' => $payloadHash | |
]); | |
$returnFullUrl = $returnSsoUrl . '?' . $returnParams; | |
header("Location: " . $returnFullUrl); | |
exit; | |
} | |
Q_Response::addScript('{{Communities}}/js/pages/discourseSso.js'); | |
return Q_Response::layoutView('Communities/content/discourseSso.php'); | |
//return Q::view("Communities/content/discourseSso.php"); | |
} | |
SSO(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment