spinen / laravel-discourse-sso by david.mathews

Integrate Discourse SSO into Laravel.
68,406
47
10
library sso laravel single sign on discourse spinen
Github Link
Packagist Link
Package Data
Maintainer Username: david.mathews
Maintainer Contact: jimmy.puckett@spinen.com (Jimmy Puckett)
Package Create Date: 2017-07-08
Package Last Update: 2024-04-14
Home Page: https://spinen.com
Language: PHP
License: MIT
Last Refreshed: 2024-04-18 15:06:20
Package Statistics
Total Downloads: 68,406
Monthly Downloads: 1,618
Daily Downloads: 101
Total Stars: 47
Total Watchers: 10
Total Forks: 13
Total Open Issues: 0

SPINEN's Discourse SSO for Laravel

Latest Stable Version Latest Unstable Version Total Downloads License

Discourse is a great online forum software that supports Single Sign On (SSO). There is a great PHP library that handles all of the heavy lifting to make the SSO work called cviebrock/discourse-php, which this package uses. This package is loosely based on the work done by jaewun/discourse-sso-laravel.

Build Status

| Branch | Status | Coverage | Code Quality | | ------ | :----: | :------: | :----------: | | Develop | Build Status | Code Coverage | Scrutinizer Code Quality | | Master | Build Status | Code Coverage | Scrutinizer Code Quality |

Prerequisite

NOTE: If you need to use < PHP 7.2, please stay with version 1.x

Aside from Laravel >= 5.5, there is 1 package that is required.

Install

Install Discourse SSO for Laravel:

$ composer require spinen/laravel-discourse-sso

The package uses the auto registration feature of Laravel 5.

Configuration

All of the configuration values are stored in under a discourse key in config/services.php. Here is the array to add...

    'discourse' => [
        // The route's URI that acts as the entry point for Discourse to start the SSO process.
        // Used by Discourse to route incoming logins.
        'route' => 'discourse/sso',
        
        // Secret string used to encrypt/decrypt SSO information,
        // be sure that it is 10 chars or longer
        'secret' => env('DISCOURSE_SECRET'),
        
        // Disable Discourse from sending welcome message
        'suppress_welcome_message' => 'true',
        
        // Where the Discourse forum lives
        'url' => env('DISCOURSE_URL'),
        
        // User-specific items
        // NOTE: The 'email' & 'external_id' are the only 2 required fields
        'user' => [
            // Check to see if the user has forum access & should be logged in via SSO
            'access' => null,
        
            // Discourse Groups to make sure that the user is part of in a comma-separated string
            // NOTE: Groups cannot have spaces in their names & must already exist in Discourse
            'add_groups' => null,

            // Boolean for making the user a Discourse admin. Leave null to ignore
            'admin' => null,

            // Full path to user's avatar image
            'avatar_url' => null,
            
            // The avatar is cached, so this triggers an update
            'avatar_force_update' => false,
            
            // Content of the user's bio
            'bio' => null,
            
            // Verified email address (see "require_activation" if not verified)
            'email' => 'email',
            
            // Unique string for the user that will never change
            'external_id' => 'id',
            
            // Boolean for making user a Discourse moderator. Leave null to ignore 
            'moderator' => null,
            
            // Full name on Discourse if the user is new or 
            // if SiteSetting.sso_overrides_name is set
            'name' => 'name',

            // Discourse Groups to make sure that the user is *NOT* part of in a comma-separated string.
            // NOTE: Groups cannot have spaces in their names & must already exist in Discourse
            // There is not a way to specify the exact list of groups that a user is in, so
            // you may want to send the inverse of the 'add_groups'
            'remove_groups' => null,
            
            // If the email has not been verified, set this to true
            'require_activation' => false,
            
            // username on Discourse if the user is new or 
            // if SiteSetting.sso_overrides_username is set
            'username' => 'email',
        ],
    ],

The value of the properties for the user property can be one of 4 values...

  1. false -- passed as set to Discourse
  2. true -- passed as set to Discourse
  3. null -- disables sending property to Discourse
  4. a string -- name of a property on the User model

You can then add logic to the User model inside of Accessors to provide the values for the properties configured for the user. For example, if you wanted any user with an email address that matched "yourdomain.tld" to be a moderator, then you could set the moderator property to a string like discourse_moderator and add the following to your User model...

    /**
     * Is the user a Discourse moderator?
     *
     * @param  string  $value
     * @return boolean
     */
    public function getDiscourseModeratorAttribute($value)
    {
        return ends_with($this->email, "yourdomain.tld");
    }

Left to do

  • document Discourse configuration
  • send log out to Discourse when disabling/deleting the user
  • badges for user
  • support for custom_fields
  • failed login redirect
  • return_paths support