Easy, configurable Discourse SSO: GET /auth/login -> recieve a JWT with user data
C# HTML
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
src/DiscourseSso
.gitattributes
.gitignore
DiscourseSso.sln
README.md

README.md

Discourse SSO

Easy, configurable Discourse SSO: GET api/auth/login -> recieve a JWT with user data. Allows using Discord as your SSO provider to authenticate users into your own websites.

Based on the official implementation, written in ASP.NET Core, but you needn't touch the code, everything is setup using configuration. This means you can use this regardless of your tech stack.

Using this will alow you to share your discourse userbase with your websites!

Usage

  1. Build the project for your target OS (probably ubuntu)
  2. Add your configuration to appsettings.json
  3. In your Discourse app, go to settings -> login -> and set enable sso provider to true, also enter the sso secret
  4. Thats it! Perform GET api/auth/login to get a JWT contining user data! (the user will be prompted to log in if not already logged in)

Ideally your JS client would make that request then store the JWT and use it in the authorization header when querying your APIs, once the JWT experies it would make that request again to get another JWT and so on.

Configuration

The configuration is located in the file appsettings.json, resembling:

{
  "DiscourseSso": {
    "SsoSecret": "Xmp4wB6aMULmujXd", // sso secret you setup in Discourse settings
    "DiscourseRootUrl": "http://community.example.com" // your discourse site URL without the trailing backslash at end
  },
  "Jwt": {
    "SecretKey": "Xmp4wB6aMULmujXd", // key used to sign the JWT (the one your APIs will use to validate it)
    "Issuer": "DiscourseSso", // "iss" claim in JWT
    "Expiry": "", // "exp" claim in JWT, if empty will default to 30 days
    "Audience": "DefaultAud" // "aud" claim in JWT
  }
}

Token

The JWT that you'll recieve will look like this:

{
  "sub": "1",
  "iss": "DiscourseSso",
  "iat": 1485393544,
  "exp": 1487985544,
  "aud": "DefaultAud",
  "name": "UserName+LastName",
  "username": "user",
  "email": "user@example.com",
  "external_id": "1",
  "admin": "true",
  "moderator": "false"
}

The sub claim is equivalent to external_id.