Example #1
0
def handle_request():
    secret_key = "MY_SECRET_KEY_GENERATED_FROM_DISCOURSE_ADMIN_SETTINGS_PAGE"

    form = cgi.FieldStorage()
    if "sso" not in form or "sig" not in form:
        render_html(env.get_template("sso_error.html"))
        return

    if "encoded" in form:
        payload = form["sso"].value
        sig = form["sig"].value
    else:
        payload = urllib.parse.quote_plus(form["sso"].value)
        sig = urllib.parse.quote_plus(form["sig"].value)

    sso = DiscourseSSO(secret_key)
    if not sso.validate(payload, sig):
        render_html(env.get_template("sso_error.html"))
        return

    if "username" not in form or "password" not in form:
        render_html(env.get_template("login.html"), args={"sso": payload, "sig": sig})
        return

    username = form["username"].value
    password = form["password"].value

    result = validate_user_ldap_details(username, password)
    if result["status"]  == "FAIL":
        render_html(env.get_template("login.html"), args={"sso": payload, "sig": sig, "error": "Invalid LDAP username or password"})
        return

    nonce = sso.get_nonce(payload)
    min_req_credentials = {
        "external_id": result["external_id"],
        "nonce": nonce,
        "email": result["email"],
        "name": result["name"],
        "username": result["username"]
    }
    url = "https://forums.dev.mycompany.com/session/sso_login?%s" % sso.build_login_URL(min_req_credentials)
    redirect_url(url)
#! /usr/local/bin/python3

from discoursesso import DiscourseSSO

"""
These are the credentials used in the example
    https://meta.discourse.org/t/official-single-sign-on-for-discourse/13045
"""
payload = "bm9uY2U9Y2I2ODI1MWVlZmI1MjExZTU4YzAwZmYxMzk1ZjBjMGI%3D%0A"
secret_key = "d836444a9e4084d5b224a60c208dce14"
sig = "2828aa29899722b35a2f191d34ef9b3ce695e0e6eeec47deb46d588d70c7cb56"


min_req_credentials = {
    "external_id": "welenofsky",
    "nonce": "aod0f9ahdfha9d8hf8a",
    "email": "*****@*****.**"
}

sso = DiscourseSSO(secret_key)

sso.validate(payload, sig)
print("Nonce From Payload: ",    sso.get_nonce(payload))
print("Generated Login URL:")
print("http://discuss.example.com/session/sso_login?%s" % sso.build_login_URL(min_req_credentials))
#! /usr/local/bin/python3

from discoursesso import DiscourseSSO
"""
These are the credentials used in the example
    https://meta.discourse.org/t/official-single-sign-on-for-discourse/13045
"""
payload = "bm9uY2U9Y2I2ODI1MWVlZmI1MjExZTU4YzAwZmYxMzk1ZjBjMGI%3D%0A"
secret_key = "d836444a9e4084d5b224a60c208dce14"
sig = "2828aa29899722b35a2f191d34ef9b3ce695e0e6eeec47deb46d588d70c7cb56"

min_req_credentials = {
    "external_id": "welenofsky",
    "nonce": "aod0f9ahdfha9d8hf8a",
    "email": "*****@*****.**"
}

sso = DiscourseSSO(secret_key)

sso.validate(payload, sig)
print("Nonce From Payload: ", sso.get_nonce(payload))
print("Generated Login URL:")
print("http://discuss.example.com/session/sso_login?%s" %
      sso.build_login_URL(min_req_credentials))