I have implemented SSO in ASP.net MVC using the sample code on this site as a guide.
The SSO authentication feature works great, however my group membership is not working.
Here’s the relevant code:
string returnPayload = "nonce=" + Server.UrlEncode(nonce) +
"&email=" + Server.UrlEncode(email) +
"&external_id=" + Server.UrlEncode(externalId) +
"&username=" + Server.UrlEncode(username) +
"&bio=" + Server.UrlEncode(bio) +
"&avatar_url=" + Server.UrlEncode(avatar_url) +
"&name=" + Server.UrlEncode(name);
// process groups
if (CurrentUser.IsAdministrator)
{
returnPayload += "&add_groups=admins,moderators,staff";
}
else if (CurrentUser.IsStaff)
{
returnPayload += "&remove_groups=admins&add_groups=moderators,staff";
}
For us, Staff is similar to moderator and Admin is the highest privileged user. My goal is to remove any obsolete groups while adding appropriate groups.
When a user logs in, all the other attributes are set, but groups are not.
Am I removing and assigning groups correctly?
Is it possible to assign admin, moderator, and staff groups this way?
Thank you.