It looks correct to me. Since the site is using WordPress as the SSO provider, you could use the static add_user_to_discourse_group
and remove_user_from_discourse_group
functions to handle changing the group status on Discourse. That would let you do something like:
if ( in_array( $status, ACTIVE_STATUSES ) ) {
DiscourseUtilities::add_user_to_discourse_group( $user_id, 'your_discourse_group_name' );
} else {
DiscourseUtilities::remove_user_from_discourse_group( $user_id, 'your_discourse_group_name' );
}
Both of those functions take the user’s WordPress ID as the first argument, and a comma separated list of group names (with no spaces between the names) as the second argument. Those functions will take care of all the API credentials for you, so using them would simplify the code a bit. There are more details about those functions here: Manage group membership in Discourse with WP Discourse SSO.