A webapp that sits in the middle of Discourse and Google Apps.
It implements Discourse SSO protocol and authenticates users via OAuth2 against your Google Apps domain.
This is not another plugin implementing plugin to add social login for Discourse.
The advantages of SSO integration approach are described at https://meta.discourse.org/t/official-single-sign-on-for-discourse-sso/13045
This is not better or worse than default social Google auth integration, it is just different and for different purposes.
-
Decide under what hostname are you going to run this application, be sure it is accessible under https. For the sake of this example we will use
https://my.sso.appfor this app andhttps://my.forumfor the Discourse forum location. -
Register a new project and create credentials as describe at https://meta.discourse.org/t/configuring-google-login-for-discourse/15858, but do not update Discourse settings. We are going to use the OAuth2 credentials in a different way. Set _Authorized Javascript Origins
tohttps://my.sso.app` and Authorized redirect URIs to ``https://my.sso.app/discourse/sso/google-oauth2/callback` -
Set the following Discourse settings
enable_sso = true sso_url = https://my.sso.app/discourse/sso sso_secret = YOUR_SSO_SECRET_KEY -
Launch this webapp with the following settings
DISCOURSE_SECRET = 'YOUR_SSO_SECRET_KEY' DISCOURSE_SSO_LOGIN = 'https://my.forum/session/sso_login' GOOGLE_CLIENT_ID = 'The Client ID provided by Google in step 2' GOOGLE_SECRET = 'The secret provided by Google in step 2' GOOGLE_REDIRECT_URI = 'https://my.auth.app/discourse/sso/google-oauth2/callback' GOOGLE_DOMAIN = 'your-google-apps-domain.com'
-
That's all.