Is it possible to generate previews of restricted content (Drupal) via a SSO integration?

support
1

Hi all, new discourse user, first post, please be kind!

Can someone tell me if the following solution is possible?

Scenario:

  • Have a Drupal site
  • Have content on Drupal site which requires user authentication (“restricted Drupal content”)
  • Have SSO between Drupal and Discourse

Problem:

  • A Discourse user who pastes a link to “restricted Drupal content” in a post gets the 403 message: “Sorry, we were unable to generate a preview for this web page, because the web server returned an error code of 403. Instead of a preview, only a link will appear in your post.”

Desired Solution:

  • A Discourse user who pastes a link to restricted content gets the automatic preview if they have access to the content
2

There’s an ambiguity in what you’ve said so far. Do you mean that when viewing a discourse post with a Drupal link, the onebox preview should depend on

  1. the viewers Drupal access; or
  2. the creators Drupal access

Either way, it’s going to be easier to address if you can make it a discourse access issue. You can get automatic discourse group assignment based on Drupal role, that should be easy enough with the Drupal discourse SSO module.

You may also find you need some custom access logic on the Drupal end to make sure the onebox preview crawler can access restricted content.

1 Like
3

If you want to show content to some viewers but not others, I suspect you’re going to need to make the content use a script of some kind. It would be much easier if the content depended on the creator not the viewer.

1 Like
4

Thanks for the quick reply. I was thinking the preview would depend on the Discourse topic/comment creator’s access, not the Discourse viewer.

I was thinking about the preview as a snapshot that gets created and tied to the post as flat HTML, not a dynamic widget - I hadn’t even considered that as a possibility!

If I understand you correctly: this would possible with customization (via script) on the Discourse side, and/or custom access logic on the Drupal side?

5

Is it possible to set up Drupal so that the preview is in front of the login/paywall?

If the meta properties of the Drupal post are accessible then oneboxing should work fine.

4 Likes
6

In hosted (non-enterprise) Discourse product, seems like onebox is not really customizable in a way that will support this.

I think making at least the metadata publicly accessible will have to be the way to address this.

Thank you both for your responses

2 Likes