Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Cannot Get jsConnect to Work

I have tried all that I think I can. I have read through all of the documentation and forum posts. I believe I have done all that is required to get this to work, but I am obviously missing something. If anyone can help or point me in the right direction, I would be much obliged.

I am running Vanilla Version 2.0.18.8
jsConnect Version 1.4.1

I am trying to get jsConnect to SSO into my website. A user logs in at the home page and is directed to a command page, as such:

http://www.mydomain.com -> Login re-directs to -> http://www.mydomain.com/control/command.html

From there a user would click on a link to go to the forum, which is not embedded.

http://www.mydomain.com/control/forum.html

I have installed jsConnect and I have installed Vanilla jsConnect Auto SignIn.

I can log into my website, and I can navigate to the forum. When I click on the "MIE Forum" button I get a login box, which redirects to the "login.html." It allows me to log into my website again, but does not log the user into the forum. The "User Registration Settings" are set to "Connect".

Here's what I have set for the jsConnect settings:

My jsConnect settings in the authentication.php are:


<?php session_start(); require_once '../assets/functions.jsconnect.php'; // Set username session variable $sessionuser = $_SESSION['username']; $sessionid = $_SESSION['id']; // 1. Get your client ID and secret here. These must match those in your jsConnect settings. $clientID = '386315444'; $secret = 'cb48d3f575dd308e490295c072698514'; // 2. Grab the current user from your session management system or database here. $signedIn = true; // this is just a placeholder // YOUR CODE HERE. // 3. Fill in the user information in a way that Vanilla can understand. $user = array(); if ($signedIn) { // CHANGE THESE FOUR LINES. $user['uniqueid'] = $sessionid; $user['name'] = 'Anonymous'; $user['email'] = $sessionuser; $user['photourl']=''; $user['clientID'] = '386315444'; // REQUIRED. Your client ID. } // 4. Generate the jsConnect string. // This should be true unless you are testing. // You can also use a hash name like md5, sha1 etc which must be the name as the connection settings in Vanilla. $secure = sha1; WriteJsConnect($user, $_GET, $clientID, $secret, $secure); ?>

Clicking on the "Test URL" link in the jsConnect settings produces the following response:

testtest({"clientid":"386315444","email":"mnelson@asdubai.org","name":"Anonymous","photourl":"","uniqueid":"5","client_id":"386315444","signature":"d0261bea8265bc97f3e358e06b047137077148f3"})

I'm not sure where the extra "test" comes from in the front, but I am getting a "response" from the plugin.

Any assistance would be greatly appreciated!

Comments

  • peregrineperegrine MVP
    edited May 2014

    not the answer you were hoping for, BUT .... your first mistake is running a version that has security flaws. you should upgrade to 2.0.18.11 or 2.1 and then worry about jsconnect. which I hope someone can help you with.

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

  • Hi Peregrine,

    Thanks for the info, that's the install version that GoDaddy uses. I will look to manually update Vanilla. Maybe that will help, but we'll see.

  • Ok, so I was able to get jsConnect to authenticate into my website. I am now getting a signature error. In looking at the jsConnect docs, I'm a bit confused on how to get the signature values into the user array. They mention user_sort and then adding the signature value back into the user. Does the user_sort all need to happen before the user array is constructed, or do you construct the user array, run the sort, and then re-construct the user? Can someone provide a short example of what this really looks like?

Sign In or Register to comment.