Could I allow SSO user to become moderator?
193 views
Skip to first unread message
Antoine Benevaut
Mar 12, 2013, 9:05:11 AM3/12/13
to disqu...@googlegroups.com
Hello everyone,
A simple question about disqus, could I allow SSO users to become moderator?
Is what the way to allow SSO users to moderate topics, is to use the SSO ID of the user?
Thank you for any answers :D
Michael Hazell
Mar 12, 2013, 10:12:44 AM3/12/13
to disqu...@googlegroups.com
Yeah, I believe the SSO ID is what you need. I think you can get it by looking at their profile.
Antoine Benevaut
Mar 13, 2013, 7:50:06 AM3/13/13
to disqu...@googlegroups.com
Fine, thank you ! I will post here all of mine comments/question related. See you :)
John Loee
Nov 1, 2013, 12:18:25 AM11/1/13
to disqu...@googlegroups.com
How would one become a Google Groups moderator/admin??
Chris Morton
May 19, 2014, 7:51:13 AM5/19/14
to disqu...@googlegroups.com
Hi Antoine, i assume that by your question u got SSO to work, since u want to make them into moderators....
I am having tremendous trouble getting SSO to work for disqus, and was hoping u could help by posting the code (any language) that u wrote to get sso working on ur app...
So far i have not been able to find a working example of SSO for disqus, and the api documentation is utterly useless!
Would you be able to help?
Chris,
for interests sake here is my php code
<?phpdefine('DISQUS_SECRET_KEY', '3kxlilB6r8SHpQDuwiE7wC8G4gvb6zwOH5cQzhCX5oZbEO4RLTpKX8bGxtm6yAnU');define('DISQUS_PUBLIC_KEY', 'sS4ev3TiAT4EHLOhzrVTJSKmZKv2aVDLzPJ3dSbTOuuntgG6ZG5A2lsHeIj9EGPE');define('DISQUS_ACCOUNT_OWNER_ACCESS_TOKEN','a82ea60af24c428f9a97b88c991b8f4b');
class bb_one_disqus_forum extends baseclass { var $bbsetting_skip_permissions = array('loginSSO');
static function dsq_sso() { if (($key = DISQUS_SECRET_KEY) && ($public = DISQUS_PUBLIC_KEY)) { // use new style SSO $new = true; } else { // sso is not configured return array(); } $current_user = $_SESSION['user']; if ($current_user['_id']) { //$avatar_tag = get_avatar($current_user->ID); //$avatar_data = array(); //preg_match('/(src)=((\'|")[^(\'|")]*(\'|"))/i', $avatar_tag, $avatar_data); $avatar = null;//str_replace(array('"', "'"), '', $avatar_data[2]); $user_data = array( 'username' => $current_user['first_name'].' '.$current_user['last_name'], 'id' => $current_user['_id'], 'avatar' => $avatar, 'email' => $current_user['email'], 'url' =>'' //$current_user->user_url, ); } else { $user_data = array(); } //var_dump(self::cfjson_encode($user_data)); $user_data = base64_encode(self::cfjson_encode($user_data)); $time = time(); $hmac = self::dsq_hmacsha1($user_data.' '.$time, $key);
$payload = $user_data.' '.$hmac.' '.$time;
if ($new) { return array('remote_auth_s3'=>$payload, 'api_key'=>$public); } else { return array('remote_auth_s2'=>$payload); }}
static function dsq_sso_login() { //global $current_site; $sitename = 'one.om'; $button = '/portal/oneom/custom_templates/one/images/login.png';// get_option('disqus_sso_button'); $icon = '/portal/oneom/custom_templates/one/images/disqus-social-icon-blue-white.png';//get_option('disqus_sso_icon'); $sso_login_str = ' this.sso = { name: "'.$sitename.'", button: "'.$button.'", icon: "'.$icon.'", url: "'.'http://'.$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI].'", width: "800", height: "700" };'; return $sso_login_str;}
// Calculate HMAC-SHA1 according to RFC2104
function dsq_hmacsha1($data, $key) { $blocksize=64; $hashfunc='sha1'; if (strlen($key)>$blocksize) $key=pack('H*', $hashfunc($key)); $key=str_pad($key,$blocksize,chr(0x00)); $ipad=str_repeat(chr(0x36),$blocksize); $opad=str_repeat(chr(0x5c),$blocksize); $hmac = pack( 'H*',$hashfunc( ($key^$opad).pack( 'H*',$hashfunc( ($key^$ipad).$data ) ) ) ); return bin2hex($hmac);}
private static function getsiteid($url) { global $global; $subdomain = self::getsubdomain($url); $sitesql=' SELECT _id FROM bb_one_sites WHERE domain = '.SQLStr($subdomain.'.one.om').' '; $siteresult = $global['database']->SQLQuery($sitesql); return strtolower($siteresult[0]['_id']); }
private static function getpageid($url) {
global $global; $matches = array(); preg_match('/http:\/\/one\.om\/([A-z0-9-]+)[\/]*?/',$url,$matches); $page = strtolower(str_replace(array('one.om','http://','/','.'),'',$matches[0])); $pagesql = ' SELECT _id FROM bb_one_pages WHERE url_key = '.SQLStr($page).' '; $pageresult = $global['database']->SQLQuery($pagesql); return strtolower($pageresult[0]['_id']); }
private function getsubdomainid($url) { global $global;
$subdomain = strtolower(self::getsubdomain($url)); $subdomainidsql = ' SELECT _id FROM bb_one_pages WHERE name = '.SQLStr($subdomain).' '; $subdomainidresult = $global['database']->SQLQuery($subdomainidsql); return ($subdomainidresult[0]['_id'])?$subdomainidresult[0]['_id']:0;}
private static function getsubdomain ($url) { $matches = array(); preg_match('/[https:\/\/|http:\/\/]([a-z0-9_-]+)[\.][a-z0-9_-]+[\.][a-z0-9]{2,4}[\/]?+/',$url,$matches); $subdomain = ucwords(strtolower(str_replace(array('one.om','http://','/','.'),'',$matches[0]))); if (empty($subdomain)||$subdomain=='www') { $subdomain ='one'; } return $subdomain; }
private function getpagetitle($url) { $matches = array(); preg_match('/.+[\/]\d+-([a-z0-9-.]*[\/]?).+/',$url,$matches); $urlkey = ucwords(strtolower(str_replace('-',' ',(str_replace('/','',$matches[1])))));
$subdomain = ucwords(strtolower(strtolower(self::getsubdomain($url)))); $matches = array(); preg_match('/http:\/\/one\.om\/([A-z0-9-]+)[\/]*?/',$url,$matches); $page = strtolower(str_replace(array('one.om','http://','/','.'),'',$matches[0]));
if ($urlkey && $subdomain) { return $urlkey.' - '.$subdomain; } elseif (!empty($page)&&empty($urlkey)&&empty($subdomain)) { return $page; } else if (empty($page)&&!empty($subdomain)) { return $subdomain; } }private static function getparamfromresponse($response,$paramname='access_token'){ $matches = array(); preg_match('/"'.$paramname.'":["]?([A-z0-9_-]+)["]?/',$response, $matches); return $matches[1]; }private static function geturlkeyid($url) { global $global; $matches = array(); preg_match('/.+[\/]\d+-([a-z0-9-.]*[\/]?).+/',$url,$matches); $urlkey = strtolower(str_replace('/','',$matches[1])); $urlkeytablessql = ' SELECT table_name as name FROM INFORMATION_SCHEMA.COLUMNS c WHERE c.column_name = \'url_key\''; $urlkeytablesresult = $global['database']->SQLQuery($urlkeytablessql); $urlkeyidsql=''; $resultcount = count($urlkeytablesresult); $x=0; foreach ($urlkeytablesresult as $key=>$name) { $urlkeyidsql.=' SELECT _id FROM '.$name['name'].' WHERE _deleted != 1 AND url_key = '.SQLStr($urlkey).' '; if ($x<$resultcount-1) { $urlkeyidsql.= ' UNION DISTINCT '; } $x++; } $urlkeyresult = $global['database']->SQLQuery($urlkeyidsql); return $urlkeyresult[0]['_id']; }
private static function getdateadded($id,$mode='pages') { global $global; $pageaddedsql = ' SELECT _dateadded FROM bb_one_'.$mode.' WHERE _id = '.SQLStr($id).' '; $pageaddedresult = $global['database']->SQLQuery($pageaddedsql); return strtotime($pageaddedresult[0]['_dateadded']);} private static function getidentifier($url) { $siteid = self::getsiteid($url); if (empty($siteid)) { $siteid = 1; } $pageid = self::getsubdomainid($url); if (empty($pageid)) { $pageid = self::getpageid($url); } $postid = self::geturlkeyid($url); if (empty($postid)) { $postid = $pageid; } $dateadded = self::getdateadded($pageid); if (empty($dateadded)){ $dateadded = self::getdateadded($siteid,'sites'); } return dechex($siteid.$pageid) . ' ' . dechex($postid.$dateadded);}
private static function safeid($value){ return preg_replace('/[^a-zA-Z0-9_%\[().\]\\/-]/s', '', $value); }
private static function getshortname($url) { return strtolower(self::safeid(self::getpagetitle($url)));}
private static function trimquerystring($url) { return preg_replace('/(\?.*)/s', '', $url); }function loginSSO () {
$url = 'http://'.$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]; $aurl = 'https://disqus.com/api/oauth/2.0/authorize/?'; if (!empty($_SESSION['user']['_id'])){ if (self::trimquerystring($_SERVER['HTTP_REFERER'])==self::trimquerystring($url)&&$_COOKIE['disqusSSO']==null) {
if ($_GET['code'] && $_COOKIE['disqusSSO']==null) { $authcode = $_GET['code']; setcookie('disqusSSO',$authcode,null,'/','one.om'); $data = array( "id" =>$_SESSION['user']['_id'], "username" =>$_SESSION['user']['name'], "email" =>$_SESSION['user']['email'] ); $message = base64_encode(json_encode($data)); $timestamp = time(); $hmac = self::dsq_hmacsha1($message . ' ' . $timestamp, DISQUS_SECRET_KEY);
$fields = array( 'grant_type'=>'authorization_code', 'client_id'=>DISQUS_PUBLIC_KEY, 'client_secret'=>DISQUS_SECRET_KEY, 'redirect_uri'=>self::trimquerystring($url), 'code'=>$authcode ); foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; } $fields_string = rtrim($fields_string, "&"); $authurl = $aurl.$fields_string;
$acurl = curl_init(); curl_setopt_array($acurl, array( CURLOPT_RETURNTRANSFER => 1, CURLOPT_URL =>$aurl, CURLOPT_VERBOSE => 1, CURLOPT_HEADER => 1, CURLOPT_POSTFIELDS => $fields )); $response=curl_exec($acurl); curl_close($acurl); $accesstoken = self::getparamfromresponse($response); setcookie('disqusSSOaccesstoken',$accesstoken,null,'/','one.om'); } } else { $fields = array( 'client_id'=>DISQUS_PUBLIC_KEY, 'scope'=>'read,write', 'response_type'=>'code', 'redirect_uri'=>self::trimquerystring($url) );
foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; } $fields_string = rtrim($fields_string, "&"); if ($_COOKIE['disqusSSO']==null) { return ' <script> window.location.href = \''.$aurl.$fields_string.'\'; </script>'; } }
} $html .= ' <div id="disqus_thread"></div> <script type="text/javascript"> /* * * CONFIGURATION VARIABLES: EDIT BEFORE PASTING INTO YOUR WEBPAGE * * */ var disqus_shortname = \'one-om\'; var disqus_url = \''.$url.'\'; var disqus_identifier = \''.self::getidentifier($url).'\'; var disqus_title = \''.self::getpagetitle($url).'\'; var disqus_category_id = \''.self::getsubdomain($url).'\'; /* * * DON\'T EDIT BELOW THIS LINE * * */ (function() { var dsq = document.createElement(\'script\'); dsq.type = \'text/javascript\'; dsq.async = true; dsq.src = \'//\' + disqus_shortname + \'.disqus.com/embed.js\'; (document.getElementsByTagName(\'head\')[0] || document.getElementsByTagName(\'body\')[0]).appendChild(dsq); })(); </script> <noscript>Please enable JavaScript to view the <a href="http://disqus.com/?ref_noscript">comments powered by Disqus.</a></noscript> <a href="http://disqus.com" class="dsq-brlink">comments powered by <span class="logo-disqus">Disqus</span></a> '; if ($_COOKIE['disqusSSOaccesstoken']) { $html.=' <script type="text/javascript"> var disqus_config = function() { this.page.remote_auth_s3 = "'.$_COOKIE['disqusSSOaccesstoken'].'"; this.page.api_key = "'.DISQUS_PUBLIC_KEY.'"; '.self::dsq_sso_login().' }; </script> '; } return $html;
}}
?>
Reply all
Reply to author
Forward
0 new messages