Using Discourse as a SSO provider


(Arpit Jalan) #22

Our official WordPress plugin provides SSO functionality. See:


(Sveinn Svavarsson) #23

Is there a way to make the WP Discourse make wordpress use Discourse as the SSO provider. It looks to me like it is the other way around. As it makes Discourse use wordpress as the SSO.
I already have users set up in discourse and I have an aplication that I would like to give my forum users access to without having them set up their accounts again in wordpress.


(Arpit Jalan) #24

Sorry, I misread your question above.

There is currently no WordPress plugin that provides “Login with Discourse” functionality.

That said, I think you can create one easily using this PHP script (by @paxmanchris) as base:


(Tobias Eigen) #25

This would be a great contribution and I would use it if it existed. I think it would a great addition to the wp discourse plugin as an option. The discourse login system is far superior to wordpress.


(Jay Pfaffman) #26

This seems like a fairly popular request. It would be great if the Wordpress Plugin would handle this as well.

The other thing that I get requests for is having Wordpress as an optional authentication source (along side of Google and others).


(Gunnar Helliesen) #27

We need this as well (Discourse as SSO provider for Wordpress). I can provide a $500 bounty, if that would help?

The code would need to provide an implementation good enough to be included in the WP Discourse plugin. We do not want to be running custom code in either Discourse or WP, just “official” code and supported plugins. Obviously, the code would have to be released to the community.

Any takers?

Gunnar


(Ionuț Staicu) #28

I did this plugin few months ago, but I didn’t knew is such a demand for this, so I didn’t published anywhere. :slight_smile:

Here it is:

In order to minimize duplication, this plugin requires wp-discourse to be installed. If that’s not good, I can tweak it to add custom fields to it.


(Erlend Sogge Heggen) #29

Great! Could you repurpose this code as a PR against wp-discourse? That way users could get it straight from the WP plugin repo, and we could help you maintain the code.

I think a dependency on wp-discourse should be fine since that’s our canonical WordPress plugin and SSO functionality can become a security hazard if it goes stale.


(Ionuț Staicu) #30

Well, then…

Later edit:

Finished linting, added documentation, I think I’m done.

I only need some testers to install it, set it up and play around to know if it’s all good.

Even later edit:

  • also added Log in with Discourse link on login form;
  • added errors if email from your discourse account is already in the db.

cc @Gunnar


(Tobias Eigen) #31

This is shweet! Nice work. :rocket: I’m eager to see it in the wild somewhere and help with testing. Feel free to PM me if you’d like help with testing, or share links where this is being used now here.


(Tobias Eigen) #32

I have yet to see the wp-discourse using discourse as sso provider functionality in the wild and would love to do so. Anyone have a link?

I’m very interested in allowing members to log in via discourse (and consequently via discourse social logins using twitter, facebook etc) but following the discussion about it on github it seems my use case is not supported.

Upon login, if the account does not already exist in wordpress, I’d like to kick the user over to the signup form on wordpress, which has some customizations on our side to deal with synchronization of profile details from wordpress to discourse upon signup, along with a custom welcome PM. It works quite well and I don’t want to mess with it too much. I suspect this is not such a rare setup.

I don’t think your functionality offers support for this type of setup so far.

Maybe I need to find a different wordpress plugin to handle social logins even if it means bypassing discourse’s quite amazing social login functionality which would be a shame. If anyone has done this already and has tips, I’d appreciate it.


(Ionuț Staicu) #33

So basically you want to disable SSO auth for new users? If so, this is possible by unchecking Add “Login with Discourse” on the login form and add this line on your functions.php file:

add_filter('discourse/sso/provider/add_link_buttons_on_profile', '__return_true');

#34

I just published a really easy to use implementation of this: GitHub - Biarity/DiscourseSso: Easy, configurable Discourse SSO: GET /auth/login -> recieve a JWT with user data.

Essentially you just add configuration, make a request to GET /auth/login, and receive a JWT authenticating the user.

It’s built on ASP.NET Core but can be used with any tech stack since you needn’t touch the code to get this working.


#35

I’m trying to look for something that’s unique and persistent (can’t be changed by the user) to identify users & store data unique to each user.

Apparently a user can change their username so that won’t work. I found a property external_id but I’m not sure what it is; seems to be unique & unchangeable though, so is that what I’m looking for?


(Andrew Waugh) #36

I’m running discourse v1.8.0.beta5 +39 and wordpress 4.7.2 with the wp-discourse 1.1.3 plugin installed.

When I go to configure the plugin I do not see the Enable Discourse SSO checkbox at all:

The SSO functionality does work between the two.

I’m trying to enable SSO from Discourse. What have I missed?


(Simon Cossar) #37

The latest version isn’t in the WordPress plugin repo yet. I’ll push it there tomorrow. If you want to try it now you can get it from here: GitHub - discourse/wp-discourse: WordPress plugin that lets you use Discourse as the community engine for a WordPress blog


(Andrew Waugh) #38

So, the version in the plugin repo works (WOO HOO!).

One minor issue, it doesn’t populate the “Website” or “Discourse Username” fields.

Although I can sort of imagine that some installations might not want absolutely everything in the WP profile to be duplicated from the Discourse Profile, surely the “Discourse Username” should be mapped.

Perhaps a series of checkboxes for what Discourse Profile fields should be mapped (Username, Website, Avatar) would be in order.


(Simon Cossar) #39

That’s coming in the next few days.

Edit: I’ve set it up to set the Discourse username. I’ll push the changes to the WordPress repo tomorrow.


#40

Is there additional documentation on the Node.js Passport repository? There seems to be quite a few issues with it. Is there an alternative way for me to use Discourse as an SSO provider in Node through passport?
Any alternatives for Node.js?


(Erlend Sogge Heggen) #41

Did you try reach @edhemphill either here on Meta or on GitHub by raising an issue?