Setting up SSO - redirect back to cart

bobmeetinbobmeetin Member
in Help edited January 2015
See the test shop at: www.dottedi.us/foxycart

I followed the instructions grabbing the example code from https://wiki.foxycart.com/v/2.0/api and modifying customizing it to my test shop's parameters:

<?php

// $my_email and $my_password - these using a cookie to grab the email correctly
$foxy_domain = "dottedi.foxycart.com";
$foxyData = array();
$foxyData["api_token"] = "Rw8...RL2";
$foxyData["api_action"] = "customer_save";
// $foxyData["customer_id"] = "12345";
// OR use the email:
$foxyData["customer_email"] = "$my_email"; // this is good
$foxyData["customer_password"] = "$my_password"; // this is good

Leaving the rest of the default example intact the above works correctly if I click on "PROCEED TO CHECKOUT". It sends me to my sso.php page and creates the Foxycart user if the user doesn't exist. I verfied this by signing up for Order Desk Admin and signing in and viewing the customer list.

The document says that a success result is supposed to send the visitor back to the cart, to checkout with all customer data populated. How do you make this happen? Turning off the response messages does not help. Other than seeing success on my test site and seeing the customer is created, it doesn't go any further.
Tagged:
Comments
  • fc_adamfc_adam FoxyCart Team
    @bobmeetin,

    The code you've got there will create the customer within your FoxyCart store - but that's only part of what you need to do with SSO. Take a look at our PHP sample code for an SSO endpoint here: https://wiki.foxycart.com/integration/php/shared_authentication_example - linked to from the bottom of the SSO wiki page. If you follow through that, that should get you up and running.
  • I found the code you referenced, disable all response messages from displaying and at the bottom of the page added the php code:

    if (!$allow_non_auth_checkout) {
    if (!$user_is_authenticated) {
    header('Location: ' . $redirect_url);
    exit();
    }
    }

    $redirect_url = 'https://' . $foxycart_domain . '/checkout?fc_auth_token=';
    $return_hash = sha1($customer_id . '|' . $timestamp . '|' . $foxycart_api_key);
    $full_redirect = $redirect_url . $return_hash . '&fc_customer_id=' . $customer_id . '×tamp=' . $timestamp . '&fcsid=' . $fcsid;
    header('Location: ' . $full_redirect);

    If the person is logged in (on my website) and clicks PROCEED TO CHECKOUT, we now get an apache error page after a small eternity:

    ###############################################
    The page isn't redirecting properly

    Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

    This problem can sometimes be caused by disabling or refusing to accept cookies.
    ###############################################

    As it happens we see the same page if not logged in. Next?
  • fc_adamfc_adam FoxyCart Team
    @bobmeetin,

    What is the value of $full_redirect if you output that?
  • I added: print $full_redirect;

    I see: https:///checkout?fc_auth_token=c65f37b2cb1ae26c89e9b4f26e2ca9e9cde4ae5b&fc_customer_id=×tamp=&fcsid=

    So apparently there is some missing data.
  • fc_adamfc_adam FoxyCart Team
    @bobmeetin,

    Have you correctly set the $foxycart_domain variable up the top of the script?
  • The variable line at the top of the script is:

    $foxy_domain = "dottedi.foxycart.com";

    So $foxycart_domain was not getting set; lack of consistency. I have added:

    I made the following changes:

    // $redirect_url = 'https://' . $foxycart_domain . '/checkout?fc_auth_token=';
    $redirect_url = 'https://' . $foxy_domain . '/checkout?fc_auth_token=';

    // $return_hash = sha1($customer_id . '|' . $timestamp . '|' . $foxycart_api_key);
    $return_hash = sha1($my_id . '|' . $timestamp . '|' . $api_token);

    // $full_redirect = $redirect_url . $return_hash . '&fc_customer_id=' . $customer_id . '×tamp=' . $timestamp . '&fcsid=' . $fcsid;
    $full_redirect = $redirect_url . $return_hash . '&fc_customer_id=' . $my_id . '×tamp=' . $timestamp . '&fcsid=' . $fcsid;


    // $redirect_url = 'https://' . $foxycart_domain . '/checkout?fc_auth_token=';
    $redirect_url = 'https://' . $foxy_domain . '/checkout?fc_auth_token=';

    It is now printing:

    https://dottedi.foxycart.com/checkout?fc_auth_token=2e41e98001d744f755fa67ac4787b636e589d526&fc_customer_id=3×tamp=1420508154&fcsid=tbitvid843bs1h2esufbg29me6

    #3 is the correct customer ID in my registration system, but I can't figure out "xtamp"

  • fc_adamfc_adam FoxyCart Team
    edited January 2015
    @bobmeetin,

    I believe the "xtamp" is caused by the URL being "& times" (without the space) which is being replaced as a HTML entity of the times symbol. If you check the source of the page - I believe it would be the raw "×tamp" there. If you let the redirect happen rather than outputting the variable, does it work now that you've fixed the URL?
  • fc_adamfc_adam FoxyCart Team
    @bobmeetin,

    One other thing I just realised when responding to your other thread relating to this - the $foxy_domain and $foxycart_domain discrepancy is because you're mixing two different scripts there. The $foxy_domain variable comes from the API code you're using - but the $foxycart_domain variable is from the SSO endpoint, and is what you want to set for the SSO script. There are a few other variables in the SSO script that you need to edit as well.
Sign In or Register to comment.