Integrate Members between SilverStripe and Discourse

DigNZ · 29 August 2019 09:20

Silverstripe Version:
4.4
**Is there an approach or module for having SilverStripe Members registered on a self-hosted Discourse forum automatically? **

I’m trying to make the solution seamless for people who are logged in to the site. THe discourse forum will be hosted on a subdomain of the main site similar to how silverstripe.org is doing it, I just don’t want members to have to register for each separately and hoping there was a standard approach for this.

Cheers!

Tim · 29 August 2019 09:27

I haven’t seen a module to do it, but in theory it’s perfectly possible using SSO.

As I see it, you have a couple of options in implementing SSO:

Set up an external identity provider which can handle the authentication / registration for users on both systems
Set up SilverStripe as an identity provider
Use an existing identity provider (eg. Github, Facebook, Google, etc.) and integrate both systems to that

Discourse has SSO support (Official Single-Sign-On for Discourse (sso) - developers - Discourse Meta)

You could look at the SilverStripe SAML package for ideas on SSO there (GitHub - silverstripe/silverstripe-saml: SAML authentication support module for SilverStripe)

also there’s the oAuth package here (GitHub - bigfork/silverstripe-oauth-login: SilverStripe logins via OAuth2, using the PHP League's OAuth2 client)

purplespider · 8 February 2022 10:19

@DigNZ Did you attempt this at all? Curious as to how you got on as I’m about to attempt this for a project I’m working on.

DigNZ · 8 February 2022 18:48

For this particular project I ended up using Flarum and wrote a custom connector that created and/or logged in the Flarum account when the SilverStripe user logged in. To be honest it was a complete pain and not very robust.

I’m working on a different project that uses SSO across a wide range of services and I’m using Keycloak as the identity provider. As I already had an extensive member database in SilverStripe I used this plugin for Keycloak: daniel-frak/keycloak-user-migration: A Keycloak plugin for migrating users from legacy systems (github.com)

Now can use Keycloak for SSO across everything, SS users get migrated automatically and OpenID and SAML SPs can be connected. Its complex but once set up it has been easy to add more services and streamline the user experience.

purplespider · 9 February 2022 13:23

@DigNZ Thanks, that’s very helpful. (I actually considered Flarum for this project). Will look into Keycloak.

I did actually manage to get OAuth working between Discourse and Silverstripe, documented that here if useful to anyone.

purplespider · 15 February 2022 15:34

I’ve also just created a DiscourseConnect (SSO) module for Silverstripe: