Skip to content

Instantly share code, notes, and snippets.

@Rojoss

Rojoss/sso.php Secret

Created Jan 14, 2017
Embed
What would you like to do?
<?php
include_once('page.php');
require_once('settings.php');
require_once('db.php');
require_once('auth.php');
if (!isset($_GET['sso']) || !isset($_GET['sig'])) {
echo('Invalid request!');
return;
}
if ($user == null) {
return;
}
// Decode signature received from Discourse
$raw_payload = urldecode($_GET['sso']);
$payload = base64_decode($raw_payload);
$signature = urldecode($_GET['sig']);
// Hash signature to match with.
$discourse_signature = hash_hmac("sha256", $raw_payload, $discourse_secret);
// Validate signature.
if ($discourse_signature != $signature) {
echo('Unauthorized request!');
return;
}
// Get query data from payload
$payload_data = array();
parse_str($payload, $payload_data);
// Add user details to payload
$payload_data['email'] = $user['email'];
$payload_data['external_id'] = $user['user_id'];
$payload_data['username'] = $user['user_name'];
if ($user['role_id'] != null && isset($roles_to_group[$user['role_id']])) {
$payload_data['add_groups'] = $roles_to_group[$user['role_id']];
}
$payload_data['custom.user_field_1'] = $user['rank'];
$payload_data['custom.user_field_2'] = $user['games'];
// Create payload and encode it
$payload_query = http_build_query($payload_data);
$return_payload = base64_encode($payload_query);
// Create return signature
$return_signature = hash_hmac("sha256", $return_payload, $discourse_secret);
// Redirect back
$redirect_url = $payload_data['return_sso_url'] . '/?sso=' . $return_payload . '&sig=' . $return_signature;
header('Location: ' . $redirect_url);
exit;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment