SSO for Pro sites
Testing
- Log out on Minds
- Visit any Pro Domain site (standalone) - user should be logged out
- Visit Minds
- Log in on Minds
- Visit any Pro Domain site - user should be logged in
- Log out on the Pro Domain site
- Visit Minds - user should be logged out
- Visit any Pro Domain site
- Log in on Pro Domain site
- Visit Minds - user should be logged in
Note: This testing procedure is valid on browsers with 3rd-party cookies enabled. On other strict-security browsers (such as Brave), Minds and Pro Domain sessions are completely independent.
Sandbox
- Minds: https://goal-pro-sso.minds.io/
- Pro Domain: http://another-domain-goal-pro-sso.minds.io
Helm Chart (Sandbox deployment chart)
- Check out this branch: https://gitlab.com/minds/helm-charts/tree/goal/pro-sso
- Manually deploy:
helm upgrade --install --reuse-values --recreate-pods --set features.pro=true --set jwtsecret="<something random here>" --wait goal-pro-sso ./minds/
Issues
- Closes #1127
added scoped label
added 3 commits
-
aacc7678...cc738264 - 2 commits from branch
master - cd9a4013 - Merge remote-tracking branch 'origin/master' into goal/pro-sso
-
aacc7678...cc738264 - 2 commits from branch
added 2 commits
added 3 commits
-
e4e5e0ea...d592fd9d - 2 commits from branch
master - c2c95dfd - Merge remote-tracking branch 'origin/master' into goal/pro-sso
-
e4e5e0ea...d592fd9d - 2 commits from branch
unmarked as a Work In Progress
added scoped label
changed the description
mentioned in issue front#2236 (closed)
![Mark Harding](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="200" height="200"><rect fill-opacity="0"/></svg>)
Last updated by Emiliano Balbuena12 class ProDelegate 13 { 14 /** @var ProDomain */ 15 protected $proDomain; 16 17 /** 18 * ProDelegate constructor. 19 * @param ProDomain $proDomain 20 */ 21 public function __construct( 22 $proDomain = null 23 ) { 24 $this->proDomain = $proDomain ?: Di::_()->get('Pro\Domain'); 25 } 26 27 public function isAllowed($domain) - Owner
bool return type
changed this line in version 9 of the diff
added 13 commits
-
1155faab...52a592b9 - 11 commits from branch
master - d9f6f766 - (chore): Pro Delegate types
- cf4c1059 - Merge remote-tracking branch 'origin/master' into goal/pro-sso
-
1155faab...52a592b9 - 11 commits from branch
added 1 commit
- fd91559b - (fix): Origin's scheme should have more relevance for CORS
changed the description
approved this merge request
![Xander Miller](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="80" height="80"><rect fill-opacity="0"/></svg>)
DeveloperI tested on Chrome and Brave. I actually found that the system work just as well on Brave as it did on Chrome even with the shield turned on.
http://another-domain-goal-pro-sso.minds.io https://goal-pro-sso.minds.io/
I'm guessing that Brave shield might be smart enough to detect that both domains are minds.io but I'm not sure what's going on.
