WordPress SSO Page Template

(Adam Capriola) #1

Continuing the discussion from Single-Sign-On help class for PHP:

I am working on syncing up my WordPress install with Discourse, and many thanks to @ArmedGuy for his PHP SSO help class and template which were invaluable in helping me piece this together.

This is a WordPress page template file, so you will want to store it in the root of your theme’s folder. Create a new page in WordPress (you will likely want to title it “SSO”) and select “Discourse SSO” as the page template. Also be sure to customize the $sso_secret and $discourse_url.

You will need to include ArmedGuy’s help class in some manner too and configure Discourse settings as described here.

WP Discourse SSO Plugin
Discourse to look to Wordpress for user meta/login
Using Stripe for Members only Group and Category
Laravel SSO and pre-registration
(Jeff Atwood) #2

This is awesome, we want to get to a good SSO story with WordPress (where WP is the source of authority for all Discourse accounts) in the next year! Thanks for your work on this. Let us know how we can help.

(Johan Jatko) #3

@riking included it as an example in my repository, which gave me an idea to maybe gather a list of PHP-based CMS systems that we could write SSO hooks for.

Got any ideas?

Also, @AdamCapriola, if you want you can push any changes to the wordpress file to my repository, whenever you update the gist.

(Rahul Dhingra) #4

I am trying to implement sso using wordpress page template it does redirect to login but once you are logged in it just shows blank white page ie 500 error with nonce key in url bar

any idea what causing this issue ?


(Adam Capriola) #5

Did you configure $sso_secret and $discourse_url in the page template?

(Rahul Dhingra) #6

oh yes i did and also included discourse_sso.php in the template include('discourse_sso.php'); like so

(Adam Capriola) #7

Hmm. Are you using one of the default WordPress themes? Multi-site or single?

Someone else is having some trouble with this too, so I might need to bugtest more. I have it running fine in a live environment, so I’m not sure what might be going on.

(Rahul Dhingra) #8

Its single site running on nginx based linode ( used easyengine ) and discourse app is running on digital ocean

(raul) #9

Hi, this is my first post here. I am evaluating a number of forums, and am exploring sign on with wordpress.

First thanks Adam and @ArmeGuy for working on this and making this available, and to the Discourse team for making the SSO sign on a simple process.

I just tried this and it works, but only when the user is not logged into wordpress. In the case the user is already logged in and then comes to the Discourse forum page, and clicks to Sign In, it redirects back to the wordrpress discourse url and you get the error ‘invalid request’. Is anyone else seeing this?


(Adam Capriola) #10

So you are saying if you are logged out of both Discourse and WordPress and click “Sign In” from Discourse it works for you?

(raul) #11

HI Adam, yes, if you are logged out of both, and select the ‘Sign In’ button in Discourse it works perfectly.

But if you are already logged in to wordpress but not Discourse, and then go to the Discourse forum page and click ‘Sign In’, then it redirects to the Wordpress discourse login page and you get the ‘invalid request’ error.

(Adam Capriola) #12

Try commenting out lines 43 and 47 (but leave line 45 active); I’m curious if that will make any difference.

(raul) #13

@ Adam, fantastic! I commented out line 43 and 47 and it worked! Thanks a ton!

if ( isset( $_GET[‘fresh’] ) && $_GET[‘fresh’] == true ) {

According to the comment this line is sanitizing the redirect URL, so it seems it creates an issue on my end.

I tested this in both scenarios;

  1. Logged out of both Wordpress and Discourse and then logging into Discourse. Success.

  2. Already logged in to Wordpress only and then trying to log in into Discourse. Success. This was failing earlier.

So now it works for both.

(Adam Capriola) #14

Great! It seems like the issue is that the character %0A was lost from the payload for some reason. WordPress will strip the character out of from redirect URLs, so I had to add it back in on a “fresh” WordPress login. I’m not sure why it would be lost otherwise (it wasn’t for me); I guess I’ll need to add a catch-all check to look for it at the end of the string and if it isn’t there then add it.

(Adam Capriola) #15

I’ve made a slight update to the page template which should now better account for the %0A needed at the end of the payload. I also added an error message if @ArmedGuy’s helper class is not properly included.

(Matt) #16

I’m a bit stuck trying to implement this.
I’ve configured the wordpress page template but I’m not sure what to put for the discourse_url.

I’m also not sure how to include ArmedGuys’ help class.

I’m struggling with this and be so appreciative of any help you could offer.

Thank you!

(Adam Capriola) #17

discourse_url is where your Discourse install resides.

The easiest way to include the helper class would be to copy it and tack it onto your theme’s functions.php file. You might even be able to add it onto the page template but I’m not 100% sure that will work. (You could try though.)

(Steven Greco) #18

This is what I had done. I just added an include statement into the template file itself for the helper class. It works great. thanks for the work on this.

SSO from Wordpress for Two Different Discourse Sites
(Matt) #19

It works!
Thank you.

Do you know how I might set this up for Wordpress multisite? Does it work with WPMU?

(Adam Capriola) #20

I’m not sure; I’m not real familiar with how WPMU works. Are plugins applied across all users/sites? A plugin version of this instead of a page template might do the trick.