Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Zendesk Single Sign-On
06-27-2013, 10:53 PM (This post was last modified: 06-28-2013 08:58 AM by paul.)
Post: #1
Zendesk Single Sign-On
clearFusionCMS can be used to authenticate users for Zendesk, the following describes the process of enabling it in just 4 steps.

Step 1 Enable Single Sign-On at Zendesk
Login to your Zendesk to enable single sign-on and get the shared secret you'll need in the next step.
  • Click the Admin cog at the bottom left of the screen
  • Click Security then select the Single Sign-On
  • Click edit next to JSON Web Token
  • Click Enable and put the address where the login page will be located on your site into the Remote login URL field.
  • Copy the Shared secret you'll need it later on

Step 2 Add the Code
Login to your clearFusionCMS installation that will be authenticating Zendesk users, go to Elements and create a new snippet. Name the snippet zendeskLogin and use the following code:
PHP Code:
/**
 * THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED
 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
 *
 * package clearFusionCMS
 * copyright Copyright (c) 2013 clearFusionCMS. All rights reserved.
 * link http://clearfusioncms.com
 */

// Check that the shared key and subdomain have been passed
if(!isset($key) || !isset($subdomain))
    return;

// Only run if user authenticated
$user clearFusionCMS::getUser();
if(
$user->isAuthenticated()) {
    
// Create JWT
    
$now time();
    
$token = array(
        
'jti'   => md5($now rand()),
        
'iat'   => $now,
        
'external_id' => $user->getId(),
        
'name'  => $user->getUsername(),
        
'email' => $user->getEmail()
    );
    
    
// Encode and sign
    
$segments = array();
    
$segments[] = str_replace('='''strtr(base64_encode(json_encode(array('typ' => 'JWT''alg' => 'HS256'))), '+/''-_'));
    
$segments[] = str_replace('='''strtr(base64_encode(json_encode($token)), '+/''-_'));
    
$segments[] = str_replace('='''strtr(base64_encode(hash_hmac('sha256'implode('.'$segments), $keytrue)), '+/''-_'));
    
    
// Redirect
    
clearFusionCMS::getResponse()->redirectTo(clearFusionCMS::getSession()->flashGet('zendesk_returnto''https://' $subdomain '.zendesk.com/access/jwt') . '?jwt=' implode('.'$segments));
}
else {
    if(
clearFusionCMS::getRequest()->hasQuery('return_to'))
        
clearFusionCMS::getSession()->flashSet('zendesk_returnto'clearFusionCMS::getRequest()->getQuery('return_to'));
    else
        
clearFusionCMS::getSession()->flashKeep('zendesk_returnto');

Save the snippet.

Step 3 Create a Login Page
Head back to the dashboard and select Documents, create a new document which will be the help desk login page making sure that it's in the location that you specified in the Remote login URL field, and add the following to the content:
Code:
[[!members.login &loginByUsername=`1` &loginByEmail=`1`]]
[[!zendeskLogin &key=`xxxxxxxxxxxxxxxxxxx` &subdomain=`example`]]
Change xxxxxxxxxxxxxxxxxxx to be the shared secret you recorded when enabling single sign-on and change example to be your zendesk subdomain e.g. if your help desk is at example.zendesk.com then your subdomain will be example. The subdomain is only required as a fallback if something unexpected happens.

Publish the page.

Step 4 Testing
Make sure that you're logged out of clearFusionCMS and Zendesk, then head to your Zendesk subdomain and click login, if everything is working correctly you'll be presented with the login page on your website, login and you should be redirected back to Zendesk.

That's it all done.

clearFusionCMS Lead Developer
Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)