0
Completed

SSO Redirect during new post loses post title

Richard Sloggett (Support) 6 years ago in Integration • updated by Sergey Stukov (co-founder) 6 years ago 8
We've been trying to get our SSO stuff up and working and it is now mostly working really well - the sign in link at the top of the forums page takes users to our sign in page and we can pass the SSO_TOKEN when directing to the forums to automatically log users in. 

There are 2 remaining problems we are trying to figure out how to solve. 

Firstly, if the user is not signed in when using the forums and creates a new post, they are directed to our login page (which is fine), but the return url querystring parameter is just the forum page and consequently when they return after login, they are not returned to the "new post" page and the post title they had typed is lost (i.e. they have start the new post process again).

Secondly (and more critically) the SSO login redirect doesn't appear to work for the feedback widget. When trying to create a new post directly from the feedback widget, the redirect happens to our login page is shown (but in a child frame), but when the login completes and the user is returned to the feedback widget (again with the original typed title lost) and tries to create a new post again the redirect to the login page happens again (i.e. the user gets stuck in a login loop).

Our objective is to allow users to a) automatically be signed in using the SSO_TOKEN if they happen to be signed in when we navigate to the forums from our site, b) provide the option for users that have already registered at our site to login using their existing credentials, c) ideally also allow them to login with your existing login options as an alternative to logging in at our site and SSO, d) have this work in a way that doesn't require them to retype details once they are logged in.

I wonder if you have considered allowing an embedded SSO login page, perhaps as an additional option to your existing sign in options, so that the redirect isn't necessary?

Answer

Answer
Completed
We release 1-st version now.
Seem's that all your requirements implemented.
Feedback very appreciated.

I've been playing around with some of the Sign in providers on your regular login dialog (google, twitter etc.) and it would be ideal if we could somehow add our site to those options - so we use SSO_TOKEN if a user is already logged in with us when we redirect them, and if they aren't logged in and want to post then we offer the ability to sign in using our own login mechanism in the same way as Google, Twitter, Facebook etc. - as a popup rather than a redirect. Is that possible?
Under review
We collaborating inside UE team for solution.

1-st. variant is to add your icon to the existing open-id providers and then wait for the SSO_TOKEN back.
Is adding our icon to the existing open-id providers something we can do at present? Does this require we register as an openid provider?
Started
We collaborating inside UE team for solution.

1-st. variant is to add your icon to the existing open-id providers and then wait for the SSO_TOKEN back.
1) When you pass SSO_TOKEN back to UserEcho you must urlquote it. At this time it's only works in some cases butwhin it contains '+' characters it's fails

2) When you pass user to our site your pass "return" and then "sso_token"
You pass "sso_token" with "?" prefix but return already has it, you must pass "sso_token" with "&" in this case.
Answer
Completed
We release 1-st version now.
Seem's that all your requirements implemented.
Feedback very appreciated.

I'm sorry if I'm being a bit dense, but what is the solution? I don't quite understand you comments 1) and 2) - are you saying that we are using SSO_TOKEN incorrectly? We do urlencode the SSO_TOKEN (we hit that problem early on).
Comments related to the issues which we found in your SSO implementation during we implement new version of SSO.
Now it's possible to authorize using SSO without leaving feedback form or widget.
User content which it enter before will not be lost.


That is awesome - thank you so much for that. The sign in flow works just great now, regardless of whether a user is logged in at our site before visiting the forums. 

Is there any way we can set an image/the html for that link so that it looks like the other login providers?
We will improve usability of sign-in/sign-up form soon
Then we decide how community owners can customize their SSO links.