The Foxy forums are on the move!

We're in the process of moving our forums over to a new system, and so these forums are now read-only.
If you have a question about your store in the meantime, please don't hesitate to reach out to us via email.

Joomla and SSO code / where?

ellarocellaroc Member
in Bugs & Feature Requests edited June 2011
Hello, Just wondering about the SSO code on a Joomla site. The code on the wiki has 2 options but I don't know which one applies or where to put it.

http://wiki.foxycart.com/integration/php/shared_authentication_example

And, then I add the url to that file (where the SSO code is) to the advanced settings for SSO in FC admin?

Thank you.
Comments
  • lukeluke FoxyCart Team
    Hello ellaroc. Can you be a little more specific? What two options are you referring to?

    It sounds like you're on the right track... You just need to make your SSO endpoint available to the internet and then point the SSO setting in the admin to that URL.

    Does that help?
  • @luke

    I would also like some more step by step instructions on how to implement SSO with my joomla site.
  • fc_adamfc_adam FoxyCart Team
    @BrandonBK,

    We don't have any specific instructions for Joomla - but it would be essentially the same as integrating it into any other site. You would need to create a script on your server that is publicly accessible, and set that script as the URL for your SSO endpoint in your stores FoxyCart administration.

    At that endpoint you would check if a user is currently logged in to your website and if so, find their FoxyCart customer record (or create it if it doesn't exist) and then pass those details along to the checkout so the customer will be automatically logged in. We have full details on that and a link to some sample code on our wiki here: http://wiki.foxycart.com/static/redirect/sso
  • @fc_adam

    just a heads up, I'm more of a front end developer than a programmer, so I'm being stretched here...

    So when you say script, you mean the one found here: https://wiki.foxycart.com/integration/php/shared_authentication_example

    I would then create a page on my site with a redirect to this php script on my server. This URL that has this redirect code in it would then be plugged into FC in the admin? Am I getting it or am I completely off?
  • @fc_adam

    one more thing... in the sample code it says the following:

    // Put in your database query or session variable here
    // for the current logged in user's FoxyCart customer_id
    $foxycart_customer_id = 123456;
    /**************************************************/

    where do I find my database query or session variable?
  • fc_adamfc_adam FoxyCart Team
    @BrandonBK,

    Yep - that's the script.

    You wouldn't set up a redirect page to that script though - you would put that script somewhere on your server that is publicly accessible, and put the direct URL to that script as the SSO endpoint in your stores advanced settings.

    You'd then need to update that script to find the authenticated user in Joomla, and possibly also fetch that users details from the Joomla database.

    where do I find my database query or session variable?

    I'm not familiar enough with Joomla to answer that unfortunately. You'd need to find out how Joomla deals with authenticated users - generally you should be able to access the details of that particular user. Once you do find the user, you then need to work out what the corresponding user ID on the FoxyCart side is. You could do that one of two ways - either by storing that customer ID on your side against the user record in the Joomla database, or by sending off a API request to FoxyCart checking for the users email address.

    If you haven't already, I'd suggest reading through that SSO page as it gives a good overview of the different pieces involved with SSO and how the flow would work. If it is all a bit foreign to you, it might be best to work with a developer who could help you set it up - there is some assumed knowledge when it comes to setting up the SSO endpoint.
  • Thanks for the quick reply. I have read through all of the info. My head hurts.

    If I were to use the API to compare my user id with FC, where would I put the API script?
  • fc_adamfc_adam FoxyCart Team
    @BrandonBK,

    You would place your call to the API within the SSO script.
  • @fc-adam

    thanks for all your help.

    Would it be ok if you give me step by step instructions on what I need to do as far as the sample script and FC? I will get support for Joomla for the joomla stuff. I just need someone to hold my hand in this. I understand all of the separate topics but I need someone to help put it all together in a step 1, step 2 format.
  • fc_adamfc_adam FoxyCart Team
    @BrandonBK,

    The sample code gives you a basic overview of how it would work - I'll try my best to expand how it would work:

    Firstly, your script needs to check if there is a logged in user in Joomla.
    If there is a logged in user, then you get their details from the database. If you've stored the FoxyCart customer ID in your database already, then you get that, create the hash for the SSO and redirect the customer on to the checkout with that information.
    If there is a logged in user and you don't have their FC customer ID, then you would need to send off a call to the API to see if a customer exists with the users email address. If a customer does exist, then you create the hash and forward them on. If the customer doesn't exist, then you would trigger a second API call to create the user from their information on your side and with the newly created FC customer ID, create the hash and forward them on. You could also save their FC customer ID against their Joomla user record for easy access next time.

    If there isn't a user logged in - you have a couple options. You could either send the user to a login form to force them to log in on your website first, or you could forward them to the checkout as a guest.

    On the checkout, you can then either force them to create an account, or give them the option to. If they create an account on the checkout, you would then want to add that user account to your Joomla database so their login exists there too. To do that, you would integrate with the XML datafeed, which sends an encrypted copy of each successful order to an endpoint on your server. At that endpoint, you could check if a user exists already for that specific customer, and if they don't, create them in the Joomla database. You could also associate their FoxyCart customer ID with their Joomla user record for easy access in the future.

    I'm not sure if Joomla allows for it, but you could also look at hooking into the registration process of Joomla - that if a user registers on your website, you also shoot off an API call to create a user for that customer at the same time, and save their customer ID against their user record in the Joomla database.

    Also - one quick gotcha - when it comes to integrating with SSO and syncing users between FoxyCart and your own system, you need to ensure that the password hashing methods are the same between the two. You would need to select the hashing algorithm that matches what Joomla does under the advanced settings page of your FoxyCart administration.
  • BrandonBKBrandonBK Member
    edited May 2014
    @fc_adam

    Also, how do I integrate FC with Mad Mimi?
  • fc_adamfc_adam FoxyCart Team
    @BrandonBK,

    You could set up that integration manually yourself - and you'd do that with the XML datafeed - sending on the required information to Mad Mimi for each successful order. Alternatively the third party integration OrderDesk has integrated with Mad Mimi already.
Sign In or Register to comment.