SSO Isnt working for me

I am having problems with my SSO, It says no external_Id.

PHP:

    <?php
    $user = $_SESSION['username'];
    try {
    	$handler = new PDO('mysql:host=localhost;dbname=removed', 'removed', 'removed');
    	$handler->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    } catch(PDOException $e) {
    	echo $e->getMessage();
    	die();
    }
    $conn = mysql_connect("localhost", "removed", "removed");
    mysql_select_db("removed");
    if ($user) {
    $myusr = $handler->query("SELECT * FROM users WHERE username='".$user."'");
    $myu = $myusr->fetch(PDO::FETCH_OBJ);
    if ($myu->banned == "1") {
        header('Location: https://bloxplays.com/suspended');
    }
    $userExist = ($myusr->rowCount());
    if ($userExist == "0") {
    session_destroy();
    header("Location: ../");
    } else {
        $ID = $myu->id;
    }
    }
    echo "<title>".$ID."</title>";
    namespace Cviebrock\DiscoursePHP;

    use Cviebrock\DiscoursePHP\Exception\PayloadException;


    class SSOHelper
    {

        /**
         * @var
         */
        private $secret;

        /**
         * @param $secret
         * @return $this
         */
        public function setSecret($secret)
        {
            $this->secret = $secret;

            return $this;
        }

        /**
         * @param $payload
         * @param $signature
         * @return mixed
         */
        public function validatePayload($payload, $signature)
        {
            $payload = urldecode($payload);

            return $this->signPayload($payload) === $signature;
        }

        /**
         * @param $payload
         * @return mixed
         * @throws PayloadException
         */
        public function getNonce($payload)
        {
            $payload = urldecode($payload);
            $query = array();
            parse_str(base64_decode($payload), $query);
            if (!array_key_exists('nonce', $query)) {
                throw new PayloadException('Nonce not found in payload');
            }

            return $query['nonce'];
        }

        /**
         * @param $payload
         * @return mixed
         * @throws PayloadException
         */
        public function getReturnSSOURL($payload)
        {
            $payload = urldecode($payload);
            $query = array();
            parse_str(base64_decode($payload), $query);
            if (!array_key_exists('return_sso_url', $query)) {
                throw new PayloadException('Return SSO URL not found in payload');
            }

            return $query['return_sso_url'];
        }

        /**
         * @param $nonce
         * @param $id
         * @param $email
         * @param array $extraParameters
         * @return string
         */
        public function getSignInString($nonce, $id, $email, $extraParameters = [])
        {

            $parameters = array(
                    'nonce'       => $nonce,
                    'external_id' => $id,
                    'email'       => $email,
                ) + $extraParameters;

            $payload = base64_encode(http_build_query($parameters));

            $data = array(
                'sso' => $payload,
                'sig' => $this->signPayload($payload),
            );

            return http_build_query($data);
        }

        /**
         * @param $payload
         * @return string
         */
        protected function signPayload($payload)
        {
            return hash_hmac('sha256', $payload, $this->secret);
        }
    }
    ?>

    <?php

    $sso = new SSOHelper();

    // this should be the same in your code and in your Discourse settings:
    $secret = 'removed';
    $sso->setSecret( $secret );

    // load the payload passed in by Discourse
    $payload = $_GET['sso'];
    $signature = $_GET['sig'];

    // validate the payload
    if (!($sso->validatePayload($payload,$signature))) {
        // invaild, deny
        header("HTTP/1.1 403 Forbidden");
        echo("Bad SSO request");
        die();
    }

    $nonce = $sso->getNonce($payload);

    // Insert your user authentication code here ...

    // Required and must be unique to your application
    $userId = $myu->id;
    // Required and must be consistent with your application
    $userEmail = $myu->email;

    // Optional - if you don't set these, Discourse will generate suggestions
    // based on the email address

    $extraParameters = array(
        'username' => $myu->username,
        'name'     => $myu->username
    );

    // build query string and redirect back to the Discourse site
    $query = $sso->getSignInString($nonce, $userId, $userEmail, $extraParameters);
    header('Location: http://forum.bloxplays.com/session/sso_login?' . $query);
    exit(0);
    ?>

Have a look through this topic to see if your SSO code is doing everything it needs to: Official Single-Sign-On for Discourse (sso).

If you enable the verbose sso logging site setting, additional details about the SSO login requests will be displayed in your site’s error logs. To view your error logs, go to Admin / Logs and click the “Error Logs” entry from the admin navigation menu. The relevant log entries will start with the text “Verbose SSO log.” If you see errors in the logs that are unclear, feel free to post them here.

2 Likes