The Shared Login plugin allows third-party system to automatically log clients into Blesta. |
Table of Contents |
---|
The Shared Login plugin can be installed under [Settings] > [Company] > [Plugins] > [Available].
The Shared Login plugin can be configured under [Settings] > [Company] > [Plugins] > [Installed] by clicking the Manage button next to the plugin.
Option | Description |
---|---|
Shared Key | The key used to compute the HMAC-SHA256, which is used to authenticate users. |
The Shared Login plugin works by accepting a GET request to a specially crafted URL, which then initializes a session within Blesta. Users can either be redirected to the specially crafted URL, or an AJAX request can be made from the user's browser.
The format of shared login URLs are:
https://yourdomain.com/path_to_blesta/plugin/shared_login/?u=CLIENT_USERNAME&t=UNIX_TIMESTAMP&r=REDIRECT_URI&h=HMAC_SHA256 |
Parameter | Description | ||
---|---|---|---|
u | The client's username in Blesta | ||
t | The current Unix timestamp. | ||
r | The URI to redirect the client to. The location where clients should be directed to after logging in. If performing a request via AJAX this value is ignored. If not set, the user will be redirect to the Blesta client interface. | ||
h | The token used to verify the content of the request is valid and unaltered. This is an HMAC-SHA256 hash of the current time, username, and redirect URI, using the Shared Key as the key. How to compute the hash
|
If you have issues authenticating, ensure the time is correct on both your Blesta server and the server the user is connected to. The shared login system will tolerate up to 30 minutes of clock drift. |
<?php // The key from [Settings] > [Company] > [Plugins] > [Shared Login] $key = "0123456789abcdef0123456789abcde"; $t = time(); $u = "client_username"; $r = "http://mydomain.com/"; $h = hash_hmac("sha256", $t . $u . $r, $key); header("Location: " . "https://yourdomain.com/path_to_blesta/plugin/shared_login/?" . http_build_query(compact("t", "u", "r", "h"))); exit; ?> |
<?php // The key from [Settings] > [Company] > [Plugins] > [Shared Login] $key = "0123456789abcdef0123456789abcde"; $t = time(); $u = "client_username"; $h = hash_hmac("sha256", $t . $u . $r, $key); $url = "https://yourdomain.com/path_to_blesta/plugin/shared_login/"; ?> <script src="http://code.jquery.com/jquery-1.10.1.min.js"></script> <script type="text/javascript"> $(document).ready(function() { $.get( '<?php echo htmlentities($url, ENT_QUOTES);?>', {u: '<?php echo htmlentities($u, ENT_QUOTES);?>', t: '<?php echo htmlentities($t, ENT_QUOTES);?>', h: '<?php echo htmlentities($h, ENT_QUOTES);?>'}, function(data) { if (data.success) alert('logged into Blesta'); else alert('login failed!'); }, 'json' ); }); </script> |