SSO Implementation - Login Error

I set up my site for SSO, and when I test the implementation, it just says “Login Error.”

I am using PHP.

Going for simple SSO where my site logs users into the Discourse. My SSO endpoint process is:

Validate the incoming payload. This part works. When I hash the payload with my secret, it matches the sig.

urldecode(payload)
base64decode(urldecodedpayload)

Then I discovered that the result includes nonce=(stuff)&return_sso_url=(stuff), and I only need the nonce, so I explode the string at & and assign the first element to my nonce variable.

I then build my return string

"nonce=abunchofstuff&email=my@email.address&external_id=1861&username=MyName&admin=true&moderator=true&suppress_welcome_message=true";

Once I have that string, the rest:

  //base64_encode the return payload
  $base64payload = base64_encode($returnpayload);
  //url encode the return payload
  $codedpayload = urlencode($base64payload);
  //make the return sig - hash payload with sso_secret and false
  $returnsig = hash_hmac('sha256',$codedpayload,$sso_secret,false);
  $returnURL = "https://thebar.hoosplace.com/session/sso_login?sso=$codedpayload&sig=$returnsig";
  header("Location: $returnURL");

End result: “Login Error.”

And I am unable to find my sso log.

All help is appreciated.

Figured it out. Thanks for all your help.

Most of the team was in Montreal for our yearly meetup. Did you follow the standard troubleshooting in the SSO topic? It says to turn on verbose SSO logging in your site settings, and check your admin error logs at /logs.

1 Like