I have an interesting case where I need to handle SSO from a mobile app. I have SSO working fine (great docs, thanks) on the web side, but need to detect if the incoming SSO request if from the app or the web.
Im writing a plugin to add a new endpoint to handle mobile SSO that simply registers and returns the nonce, instead of redirecting you to an external URL. The code looks something like this:
class MobileController < ApplicationController require_dependency 'single_sign_on' respond_to :json def returnNonce @url = DiscourseSingleSignOn.generate_url() respond_with @url end end
Here is plugin.rb
require_dependency 'single_sign_on' after_initialize do load File.expand_path("../controllers/mobile_controller.rb", __FILE__) Discourse::Application.routes.prepend do get 'session/sso/mobile' => 'mobile#returnNonce' end end
Currently it sends back all of the home page markup, and I’m looking to just return the nonce, and continue auth with 3rd party SSO host site, then return to Discourse / mobile app. I can add any additional details if necessary. Thanks a bunch.
EDIT: Digging deeper, I’m seeing that the generate_url() method actually performs the redirect, so I may have to create an abridged version of the generate_url() method that excludes the redirect. The new question is how should the plugin directory be structured to support this? Im trying to keep it as simple as possible, based on what I’ve read from @sam
I may have just answered my own question. Rambling over.