I have a standalone authentication server that implements IdentityServer3 as an OpenID provider. It works well with existing clients and resources. I have an Angular-based application and a .NET API that both rely on it.
I am attempting to create a custom provider for Discourse that will allow users to login via this authentication server, or simply consent if already authenticated. To date, I have tried four different implementations:
- Custom OmniAuth OAuth gem and provider (inheriting Auth::Authenticator)
- Custom OmniAuth OpenID gem and provider (inheriting Auth::Authenticator)
- Third-party OmniAuth OpenID gem (openid-reconnect)
- Built-in Discourse OpenID Authenticator (Auth::OpenIdAuthenticator)
All fail with varying degrees of severity. I’m more than happy to post some of my defunct code to be judged by the community, but I’m hoping that someone here - and I’m guessing there’s someone - has already done the research and implementation of this use case, and will be willing to go through it with me.
As all four of my attempts have failed, I am guessing that I am just missing some valuable, epiphany-spewing detail due to the lack of documentation. Kudos to the group working on the community documentation effort, by the way