Flarum like SSO / SAML / auth provider

llaumgui

Hi,
is there a way to use Flarum like a SSO or SAML provider to login from Flarum in other application (Drupal, MEdiawiki, etc...).

Thanks for you responses.

tankerkiller125

Not currently, however you could use something like a basic Laravel App with Passport and authenticate Flarum and other services against that.

luceos

llaumgui I'd highly recommend against opening an api endpoint to check user passwords for obvious reasons. Either, as tankerkiller125 mentions, use a central app or integrate a decent oauth server package. Passport should be possible to integrate.

llaumgui

Thanks for you response. There isn't API or method to check login / password usable in external of Flarum ?

tankerkiller125

You could make an HTTP POST request to https://yourdomain.tld/login with the following JSON body:

{
    "identification": "username",
    "password": "userspassword",
    "remember": false
}

The problem however is that this call requires the CSFR header to be part of the request. If your missing the CSRF token header you'll get an error. It's for sure something you could play with though.

Other than that HTTP request though to my knowlege there is no API request method for dealing with user logins and there is for sure no OAuth2 server built-in or anything of that nature.

One of the other developers may know more about the API and it's methods than I do though.

llaumgui

Or I can use User:checkPassword()
https://api.flarum.dev/php/v0.1.0-beta.10/Flarum/User/User.html#method_checkPassword

tankerkiller125

llaumgui Via an extension sure, I don't see why that wouldn't work. There is no direct HTTP API access to that method.