cannot figure out SSO jsConnect & embedded comments
santiagogp
New
Hello,
Im doing some PoC to check if vanilla will be good for us.
The first issue Im having is getting to work SSO using embedded comments (we have no interest in the full site).
I think I've followed the instructions, but I cant manage.
here's what I've done so far:
-installed the jsConnect addon
-Configure a new connection using using jsConnect V3
-I added the embedded code into my page (https://success.vanillaforums.com/kb/articles/49-universal-comments)
The comment box seems functional and I can comment, it's the SSO that I cannot manage
-I've added a vanilla_sso string generated as following:
a JSON string with some user information:
{ "client_id": "5832754", (taken from the jsConnect configuration)
"uniqueid": "1234567890",
"name": "santiago",
"email": "santiago@example.com",
"photourl": "http://localhost/photo",
"roles":"member"
}
The Java snippet I used for the quick test
#encode json in base64 base64 = new String(Base64.getEncoder().encode(json.getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8); #get timestamp String timestamp = "" + new Date().getTime(); #encrypt using the jsconnect secret as key, input is <base64String= timestamp> signature = new HmacUtils(HmacAlgorithms.HMAC_SHA_1, secret).hmacHex(base64 + " " + timestamp); #Concatenate base64String signature timestamp hmacsha1 ssoString = base64 + " " + signature + " " + timestamp + " hmacsha1";
and added that as
var vanilla_sso = '${vanilla.ssoString}';
The comment box loads fine but the button always say "comment as.." and requests a login, so Im clearly not logged in into vanilla. Also, no user is generated.
Im a bit lost of what could I be missing.
The only thing I might have skipped is the authentication URL configuration in the jsConnect configuration, which I left with a dummy url, but AFAIK that is used only for full site integration, not embedded comments.
I've also tried hmac_sha_256 with the same results
I would appreciate any help on what I might be missing.
Thank you
EDIT-
Forgot to mention. Im using vanilla forums Version 2021.009
Answers
[Disclaimer: I am out of my knowledge comfort zone, so merely brain- storming]
Does it work via the backdoor
URL /entry/password to sign-in with an existing forum account.Does it work in full-site mode
In the guides I scrolled over only "id" is used
Did you test the connection
https://success.vanillaforums.com/kb/articles/206-upgrading-jsconnect-to-version-3#test-your-connection
https://open.vanillaforums.com/discussion/comment/261531/#Comment_261531
the full site SSO does not work since I havent implemented the JWT part in my side. From what I can understand in the docs, this is not required for embedded comments (I have no interest in the full site, only embedded comments)
regarding the user id field, the docs say to use uniqueid ( https://success.vanillaforums.com/kb/articles/131-embedded-sso-with-jsconnect). Anyway, I 've just tried id, with no success
well. My only clue is that it seems that the request to
/discussion/embed/which includes the parameterssodoes not return a 200 but a 302. The new location is exactly the same url, minus the SSO parameter (the parametersc, vanilla_url and vanilla_identifierare kept).guess the sso parameter is not process correctly for some reason.
Does it work when you embed the full site, not just the comments?
The embedded SSO option may only apply to general embedding since it is not mentioned anywhere in the comment docs.
My themes: pure | minusbaseline - My plugins: CSSedit | HTMLedit | InfiniteScroll | BirthdayModule | [all] - PM me about customizations
VanillaSkins.com - Plugins, Themes and Graphics for Vanillaforums OS