1. General
  2. New features
  3. Ideas
+15
Completed

Single Signon ?

Anonymous 9 years ago in New features • updated by Sergey Stukov (co-founder) 3 years ago 23
Do you support single signon to identify the user

Answer

Answer
Completed
Vladimir Mullagaliyev (co-founder) 8 years ago
SSO is ready and is in testing stage, all who want to participate in testing, you are welcome
+1
Sven C. Andrae 8 years ago
I would also be very interested in this feature. Together with the possibility of switching off shareing on twitter and facebook it would make UserEcho perfect for the user feedback for our online application.
Answer
Under review
Sergey Stukov (co-founder) 8 years ago
+1
Criss Cross 8 years ago
When will there be Single Signon?
We want to use your system but without single signon it is not so helpfull for us.
Vladimir Mullagaliyev (co-founder) 8 years ago
SSO completed on 95% and we are testing it now. Also we are writing description how to use sso.
Criss Cross 8 years ago
Can we be part of a beta test or something?
It is the last important fact to decide if we want to use your system.
Vladimir Mullagaliyev (co-founder) 8 years ago
We will be glad if you will test the sso. We see you are using php language. We will do our php example and will be sent to your email.
Thank you.
Sergey Stukov (co-founder) 8 years ago
SSO is ready and is in testing stage, all who want to participate in testing, you are welcome
odd 8 years ago
I'd like to participate, whot should I do and where I can get instructions?
Vladimir Mullagaliyev (co-founder) 8 years ago
We will send instruction to your email. Thank you.
Vladimir Mullagaliyev (co-founder) 8 years ago
We have fixed sso_token cutting (redirection) and hide alert with email confirmation.
Answer
Completed
Vladimir Mullagaliyev (co-founder) 8 years ago
SSO is ready and is in testing stage, all who want to participate in testing, you are welcome
Leo S. 8 years ago
Как на счет плагина к WordPress?
Sergey Stukov (co-founder) 8 years ago
Завели как идею
http://feedback.userecho.com/feedback/30463-sso-plagin-dlya-wordpress/
Haichang Lai 5 years ago

I have made sso work in Java as:


import org.codehaus.jettison.json.JSONObject;
import sun.misc.BASE64Encoder;

import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.text.SimpleDateFormat;
import java.util.Arrays;
import java.util.Date;
import java.util.Random;

public class UserEchoSSOTokenGenerator {

  public static final int  BLOCK_SIZE  = 16;
  public static final int  DEFAULT_EXPIRES  = 1 * 24 * 60 * 60 * 1000; // 1 day
  public static final String DEFAULT_USER_LANGUAGE = "en";

  public static void main(String[] args) {

  try {

  if (args == null || args.length != 5) {
  System.out.println("Usage: UserEchoSSOTokenGenerator <api-key> <project-key> <id> <name> <email>");
  return;
  }

  String apiKey = args[0];
  String applicationKey = args[1];
  String id = args[2];
  String name = args[3];
  String email = args[4];

  Date expiredDate = new Date(new Date().getTime() + DEFAULT_EXPIRES);
  SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");

  JSONObject attributes = new JSONObject();

  attributes.put("guid", Long.parseLong(id));
  attributes.put("expires_date", dateFormat.format(expiredDate));
  attributes.put("display_name", name);
  attributes.put("email", email);
  attributes.put("locale", DEFAULT_USER_LANGUAGE);
  attributes.put("avatar_url", "");

  System.out.println(attributes);

  byte[] iv = getRandomIV();

  printByes("iv", iv);

  byte[] keyBytes = getKeyBytes(apiKey, applicationKey);

  printByes("keyBytes", keyBytes);

  byte[] inputBytes = attributes.toString().getBytes("UTF-8");

  printByes("inputBytes", inputBytes);

  ivXORFirstBlock(inputBytes, iv);

  printByes("XOR inputBytes", inputBytes);

  // Please note: we don't need to do padding here since the following encryption will handle the padding
  byte[] encryptedBytes = encrypt(inputBytes, iv, keyBytes);

  printByes("encryptedBytes", encryptedBytes);

  String base64Encoded = base64Encode(encryptedBytes);

  System.out.println("\nbase64Encoded: \n");
  System.out.println(base64Encoded);

  String result = urlEncode(base64Encoded);

  System.out.println("\nencoded: \n");
  System.out.println("sso_token=" + result);

  } catch (Exception e) {
  e.printStackTrace();
  }

  }

  // print out byte values to compare output from other language eg. php
  protected static void printByes(String name, byte[] bytes) {

  System.out.println();
  System.out.print(name);
  System.out.println(" length=" + bytes.length);
  System.out.println();

  for (int i = 0; i < bytes.length; i++) {
  System.out.print(" ");
  System.out.print(bytes[i] & 0xff);
  }

  System.out.println();

  }

  private static byte[] getRandomIV() throws UnsupportedEncodingException {

  StringBuilder builder = new StringBuilder();

  Random random = new Random();

  for (int i = 0; i < BLOCK_SIZE; i++) {
  builder.append((char) Math.floor(26 * random.nextDouble() + 65));
  }

  return builder.toString().getBytes("UTF-8");

  }


  private static byte[] getKeyBytes(String apiKey, String applicationKey) throws NoSuchAlgorithmException, UnsupportedEncodingException {

  String message = apiKey + applicationKey;

  MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
  messageDigest.update(message.getBytes("UTF-8"));

  return Arrays.copyOfRange(messageDigest.digest(), 0, BLOCK_SIZE);

  }

  private static void ivXORFirstBlock(byte[] inputBytes, byte[] iv) {

  // double XOR first block message_json
  for (int i = 0; i < BLOCK_SIZE; i++) {
  inputBytes[i] ^= iv[i];
  }

  }

  private static byte[] encrypt(byte[] json, byte[] iv, byte[] keyBytes) {

  try {

  SecretKeySpec key = new SecretKeySpec(keyBytes, "AES");

  Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");

  IvParameterSpec ips = new IvParameterSpec(iv);

  cipher.init(Cipher.ENCRYPT_MODE, key, ips);

  return cipher.doFinal(json);

  } catch (Exception e) {
  e.printStackTrace();
  return null;
  }

  }

  private static String base64Encode(byte[] inputBytes) {

  BASE64Encoder encoder = new BASE64Encoder();

  return encoder.encode(inputBytes);

  }

  private static String urlEncode(String input) throws UnsupportedEncodingException {

  return URLEncoder.encode(input, "UTF-8");

  }

}

Richard Sawyer 4 years ago
Do you have the SSO code in javascript for node?
Sergey Stukov (co-founder) 4 years ago
Sure, you can get NODE JS example here
https://github.com/UserEcho/userecho_sso_samples/b...
Richard Sawyer 4 years ago
Thanks Sergey! Very quick. Appreciate the help :)
Richard Sawyer 4 years ago
This is really mission-critical for me. Can you help?
Vladimir Mullagaliyev (co-founder) 4 years ago
Sergey has been posted the SSO example for you. Do you need something else? Feel free to ask any questions here.
Алексей Наумов 3 years ago
guid was removed from profile http://take.ms/4H9Mw few days ago, how can we get it back?
Vladimir Mullagaliyev (co-founder) 3 years ago
Hello Alexey,
We've returned it back. Sorry for inconvenience.
+1
Владимир Худяков 3 years ago
Мы настроили SSO, но я и админ Userecho, и пользователь нашего веб-приложения. Когда я пытаюсь залогиниться в Userecho с другого компьютера, то не могу залогиниться под своим логином/паролем (созданными при регситрации в Userecho). Так как требуются мои логин/пароль нашего веб-приложения. Как можно решить этот вопрос?
Sergey Stukov (co-founder) 3 years ago
Если у пользователя который авторизуется через SSO (email адрес в профили совпадает с адресом пользователя администратора (1-й не SSO аккаунт)), то вы можете зайти в его профиль и обьединить аккаунты.

Если не получится напишите нам на support@userecho.com

Customer support service by UserEcho