SSO and guest checkout

My web site has two sections, a public-facing store that allows guest checkout and a members-only event registration. I require members to have an account and be logged in in order to register. The last part works fine, but for the public-facing store, when I get the redirect from Foxycart, I display a login for with a guest checkout link. The guest link looks like this:
https://xxxxxx.foxycart.com/checkout?fc_auth_token=012a9cc49973df1aa8dcce424faf5d28b5799091&fc_customer_id=0&timestamp=1444267823&fcsid=8h40soetrrsphftvcv6e0i9856
After clicking on the link, FoxyCart redirects back to my home page instead of going to checkout. How should I form the link so Foxycart will allow a guest checkout?

In my checkout settings under Templates/Configuration, Customize the checkout user type (account vs. guest) is set to "Allow guest and customer accounts, default to guest"
Comments
  • fc_adamfc_adam FoxyCart Team
    @GeorgeInActon,

    Are you generating that link dynamically at the moment the customer hits that page - so the timestamp and consequently the fc_auth_token is valid for that time? Also, the fcsid value is the one for the customers current session?
  • Yes, the link is generated dynamically as follows:

    $customer_id = 0;
    $timestamp = $_REQUEST['timestamp'] + (60 * 30); // valid for 30 minutes;
    $fcsid = $_REQUEST['fcsid'];
    $redirect_url = FCDOMAIN . '/checkout?fc_auth_token=';
    $return_hash = sha1($customer_id . '|' . $timestamp . '|' . $foxycart_api_key);
    $guest_login_url = $redirect_url . $return_hash . '&fc_customer_id=' . $customer_id . '&timestamp=' . $timestamp . '&fcsid=' . $fcsid;
  • fc_adamfc_adam FoxyCart Team
    @GeorgeInActon,

    Thanks for providing those details and whispering your store domain. If you take a look at your store's error log, you will see the following error:
    Invalid SSO hash. Redirecting back to store home page.
    Within your return hash - you're referencing $foxycart_api_key but with what you whispered you defined it as FCAPI. Try making that change and see if it works then.
  • I fixed the hash and now guest check out works. Now my only issue is the "Cancel and Continue Shopping" button. It goes back to my SSO URL instead of the page the cart item was added from. It's kind of confusing for guest checkout, but even worse when logged in. If the customer logs in on my SSO URL he's redirected to checkout. Then if he clicks on "Cancel and Continue Shopping" the SSO URL page redirects back to checkout, since the user is already logged in. Mysteriously, if the user logs in before starting checkout, the Cancel and Continue button is correct.
  • fc_adamfc_adam FoxyCart Team
    edited October 2015
    @GeorgeInActon,

    That's right - the "cancel and continue shopping" button will link to the last page that brought the user to the checkout. If your SSO endpoint directs the user to your login page, then that will technically be the last page.

    Is there another page you would be ok directing people to? For example, just the general products page? If so, you could do that by adding this to the "footer" textarea on your store's FoxyCart configuration page for the "Add custom header and footer code" option:
    <script>
    FC.client.on("render.done", updateCancelLink);
    FC.client.on("ready.done", updateCancelLink);

    function updateCancelLink() { jQuery(".fc-cancel-continue-shopping a").attr("href", "YOURWEBSITEURL"); }
    </script>
Sign In or Register to comment.