Users running a non-download version of Vanilla (pulled from github), on branch release/2019.016 or master from the last 2 weeks should upgrade to release/2019.017 or latest master for security reasons. Downloaded official open sources releases are not affected.

Vanille 3.2 embed SSO not working

Hi

I'm having some trouble while upgrading my old v2 forum to v3. I'm embedding the forum in a parent website, and I'm using the SSO attribute to handle authentiction. I haven't been able to get it to work though.

My sso string looks like this: eyJ1bmlxdWVpZCI6MSwibmFtZSI6ImRhZWRlbG90aCIsImVtYWlsIjoidGhpanNAY2F0bGFiLmJlIiwicGhvdG91cmwiOiIiLCJjbGllbnRfaWQiOiJjYXRsYWJpbnRlcmFjdGl2ZSJ9 30af6b32bfecxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1572261940 hmacsha1

(signature redacted)

I'm using easyXDM for the embedding, and I'm setting the parameter like this:

var options = {
    root : 'https://forum.catlab.eu/',
    sso : ssoString,
    initialPath: '/categories/quizwitz',
    notifyLocation: function( ) {

    }
};

var container = $(this.el).find ('.loungecontainer').get (0);
options.container = container;

window.Vanilla.embed(options);

It embeds fine, but the user is not authenticated. The client id and password are set correctly.

Any tips on how to debug this?

Thanks!

Comments

  • Update: apparently it's working fine in Firefox, but for some reason it doesn't work in Chrome. Could it be some kind of security measure?

  • daedelothdaedeloth New
    edited October 28

    Update 2: it seems no cookies are ever set.

    Feel free to check it out at https://social.quizwitz.com/lounge

  • Update 3: I'm very, very confused. On computer A, everything works fine. On computer B, on the same chrome build (Version 78.0.3904.70 (Official Build) (64-bit) authentication doesn't work. I have no idea what could be different between those two situations.

    So not sure if this is an issue or not, maybe someone else has seen a similar issue?

Sign In or Register to comment.