We are running a suite of services for a specific closed community and we are deciding to include Discourse as the social platform. I am wondering what is the best and most elegant way (technically) to seamlessly integrate a Discourse instance to our suite.
To give you an example, our suite includes service A and service B (which we have built in-house) as well as an OAuth2 SSO service.
If a user clicks to sign-in on either service A or B, he/she is redirected to the SSO service where he logs-in and redirected back as usual. However, with cookies and session control, logging-in to service A will not require the user to log-in again to service B if he/she decides to visit service B afterwards (he/she will already have a session).
Similarly, we want a way to let users seamlessly traverse to Discourse service from either service A or B after logging-in with the SSO service. Assume the user entry exists in all services. Right now, the OAuth2 Discourse plugin has been evaluated and works with our SSO service, but it requires users to click sign-in with SSO again when they visit Discourse. Is there a way, e.g. an API call to automatically initiate a session with Discourse as well when users log-in via the common SSO from Service A or B?
Furthermore, the above question extends also to comment integration though the embedded component. Maintaining a “public” Discourse service poses no issue with the comment section, and comments are embedded properly. However if running a private Discourse service, the embedded comment window will not display the comments properly if users has not logged-in also to Discourse beforehand, which is a problem when talking about seamless integration.
Is there a way to work around these issues? I was thinking about building a middleware plugin which will decode a token or cookie and instantly authenticate and log-in the appropriate use before making the actual call. Is there an existing plugin for that?
Thanks for your support