livehelperchat icon indicating copy to clipboard operation
livehelperchat copied to clipboard

Published 20 hours ago verified publisher icon LiveHelperChat

Single Sign On for Operators

Open dkwiebe opened this issue 7 years ago • 6 comments

We'd like to support Google Sign In for our operators. Eventually, we might want to be able to add other SSO sources but it would only be Google for now.

https://developers.google.com/identity/sign-in/web/

For our use case, we want to create the users ahead of time and the Google email address would have to match the one they already have on file.

Using the Google hd= option documented here (https://developers.google.com/identity/work/it-apps) we can limit it so users can only select their accounts at our main domain. This isn't really a security feature but it would be nice to have it available as an option.

So the flow I'm envisioning would be like this:

  1. Administrator logs in and adds users. Their email addresses need to match what Google will use to authenticate.
  2. Users login. They can login manually using their username and IP address. If they press the button to login with Google it will bring up the Google form.
  3. Google will send the verification info back to our system which will cross reference the google email address with the operator email addresses in our system.
  4. If the email address exists as an operator they will be signed in. Otherwise they'll be presented with the "incorrect username or password" error message.

dkwiebe avatar Jan 22 '18 22:01 dkwiebe

It would be pluginable, because there are many SSO ways like Shibboleth, OpenID etc.

black23 avatar Feb 05 '18 12:02 black23

Is integration to something OpenID integration on the roadmap and if so, is there a potential timing for it?

cbenoist avatar Feb 14 '18 15:02 cbenoist

Yes, it's under way. In upcoming month or so.

remdex avatar Feb 14 '18 16:02 remdex

Hi, Any updates on this. I tried using the https://github.com/LiveHelperChat/livehelperchat-extensions/tree/master/singlesignon with latest code with no success. I am also not seeing this plugin updated for a while now (28 Dec 2014 last commit). We are looking to integrate the livechat but the major blocker for us is Operators being managed by SSO (OpenID).

ravipetlur avatar Jun 09 '20 05:06 ravipetlur

This code you see in extension it's still valid even it was not updated for a long time. Also you can take look at how login using google was implemented. https://github.com/LiveHelperChat/lhcgoogleauth

remdex avatar Jun 09 '20 05:06 remdex

Thanks!!!

ravipetlur avatar Jun 09 '20 06:06 ravipetlur