Skip to content

Instantly share code, notes, and snippets.

@adamcapriola
Created February 5, 2015 04:13
Show Gist options
  • Save adamcapriola/5dfd721b2e7a5d1c9c15 to your computer and use it in GitHub Desktop.
Save adamcapriola/5dfd721b2e7a5d1c9c15 to your computer and use it in GitHub Desktop.
WordPress --> Discourse SSO
<?php
/**
* SSO "Page"
*
*/
add_action( 'parse_request', 'ac_parse_request' );
function ac_parse_request() {
// Check for SSO request
if ( isset( $_GET['request'] ) && $_GET['request'] == 'sso' ) {
// Variables
$sso_secret = 'your_sso_secret';
$discourse_url = 'http://discourse.example.com'; // no trailing slash
$email = get_option( 'admin_email' );
//
// Check if user is logged in to WordPress
//
// Not logged in to WordPress, redirect to WordPress login page with redirect back to here
if ( ! is_user_logged_in() ) {
// Preserve sso and sig parameters
$redirect = add_query_arg( '', '' );
// Change %0A to %0B so it's not stripped out in wp_sanitize_redirect
$redirect = str_replace( '%0A', '%0B', $redirect );
// Build login URL
$login = wp_login_url( $redirect );
// Redirect to login
wp_redirect( $login );
exit;
}
// Logged in to WordPress, now try to log in to Discourse with WordPress user information
else {
// Payload and signature
$payload = $_GET['sso'];
$sig = $_GET['sig'];
// Change %0B back to %0A
$payload = urldecode( str_replace( '%0B', '%0A', urlencode( $payload ) ) );
// Check for helper class
if ( ! class_exists( 'Discourse_SSO' ) ) {
// Error message
echo( 'Helper class is not properly included.' );
// Terminate
exit;
}
// Validate signature
$sso = new Discourse_SSO( $sso_secret );
if ( ! ( $sso->validate( $payload, $sig ) ) ) {
// Error message
echo( '<p>Something went wrong. An administrator has been notified and will look into the issue.</p>' );
// Notify administrator
mail( $email, 'Invalid SSO Request', $current_user->user_login . ' ' . $current_user->user_email );
// Terminate
exit;
}
// Nonce
$nonce = $sso->getNonce( $payload );
// Current user info
get_currentuserinfo();
// Map information
$params = array(
'nonce' => $nonce,
'name' => $current_user->display_name,
'username' => $current_user->user_login,
'email' => $current_user->user_email,
'about_me' => $current_user->description,
'external_id' => $current_user->ID
);
// Build login string
$q = $sso->buildLoginString( $params );
// Redirect back to Discourse
wp_redirect( $discourse_url . '/session/sso_login?' . $q );
exit;
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment