Finalized version 0.2.0 -- accepts return_sso_url and can be used from multiple instances now (using same shared key).

This commit is contained in:
Dirk Jahnke 2016-10-05 16:11:38 +02:00
parent 17b97c3a39
commit a557e6441d
3 changed files with 10 additions and 7 deletions

View File

@ -120,6 +120,9 @@ class SsoController extends ActionController
} else { } else {
// Valid $sso string available, convert it. // Valid $sso string available, convert it.
parse_str(base64_decode($sso), $receivedPayload); parse_str(base64_decode($sso), $receivedPayload);
// Identify server entry in configuration.
$returnSsoUrl = $receivedPayload['return_sso_url'];
// GeneralUtility::devLog('authenticateAction valid sso request', $extKey, 0, array('payload' => $receivedPayload)); // GeneralUtility::devLog('authenticateAction valid sso request', $extKey, 0, array('payload' => $receivedPayload));
$user = null; $user = null;
if (isset($GLOBALS['TSFE']) === true if (isset($GLOBALS['TSFE']) === true
@ -145,7 +148,8 @@ class SsoController extends ActionController
$payload = base64_encode(http_build_query($parameters)); $payload = base64_encode(http_build_query($parameters));
$signature = hash_hmac('sha256', $payload, $sharedKey); $signature = hash_hmac('sha256', $payload, $sharedKey);
$query = http_build_query(array('sso' => $payload, 'sig' => $signature)); $query = http_build_query(array('sso' => $payload, 'sig' => $signature));
$redirectUrl = $redirectUrlRoot.'/session/sso_login?'.$query; $redirectUrl = $returnSsoUrl.'?'.$query;
// GeneralUtility::devLog('authenticateAction successful, redirecting', $extKey, 0, array('redirectUrl' => $redirectUrl, 'status' => $redirectStatus, 'payload' => $payload, 'parameter' => $parameters)); // GeneralUtility::devLog('authenticateAction successful, redirecting', $extKey, 0, array('redirectUrl' => $redirectUrl, 'status' => $redirectStatus, 'payload' => $payload, 'parameter' => $parameters));
$this->redirectToUri($redirectUrl, 0, $redirectStatus); $this->redirectToUri($redirectUrl, 0, $redirectStatus);
} else { } else {

View File

@ -1,8 +1,5 @@
# cat=basic/links; type=string; label=Redirect URL:URL to the discourse instance e.g. https://my.discourse.net
redirect_url =
# cat=basic/enable; type=string; label=Shared Key:The shared key as entered in the discourse configuration # cat=basic/enable; type=string; label=Shared Key:The shared key as entered in the discourse configuration
shared_key = shared_key =
# cat=basic/enable; type=int [300-399]; label=Http Status:The SSO status to be sent back on successful authentication. Typically do not change this value. # cat=basic/enable; type=int [300-399]; label=Http Status:The SSO status to be sent back on successful authentication. Typically do not change this value.
redirect_status = 303 redirect_status = 303

View File

@ -11,7 +11,9 @@
$EM_CONF[$_EXTKEY] = array( $EM_CONF[$_EXTKEY] = array(
'title' => 'Discourse SSO', 'title' => 'Discourse SSO',
'description' => 'This is a SSO Provider for Discourse (see discourse.org) allowing Typo3 to be used to authenticate discourse users. User\'s name, login and email address is passed to discourse, allowing easy setup of users.', 'description' => 'This is a SSO Provider for Discourse (see discourse.org) allowing Typo3 to '.
'be used to authenticate discourse users. User\'s name, login and email '.
'address is passed to discourse, allowing easy setup of users.',
'category' => 'plugin', 'category' => 'plugin',
'author' => 'Dirk Jahnke', 'author' => 'Dirk Jahnke',
'author_email' => 'dirk.jahnke@mailbox.org', 'author_email' => 'dirk.jahnke@mailbox.org',
@ -20,7 +22,7 @@ $EM_CONF[$_EXTKEY] = array(
'uploadfolder' => '0', 'uploadfolder' => '0',
'createDirs' => '', 'createDirs' => '',
'clearCacheOnLoad' => 0, 'clearCacheOnLoad' => 0,
'version' => '0.1.0', 'version' => '0.2.0',
'constraints' => array( 'constraints' => array(
'depends' => array('typo3' => '6.2.0-7.2.99'), 'depends' => array('typo3' => '6.2.0-7.2.99'),
'conflicts' => array(), 'conflicts' => array(),