Skip to content

Integrating External Applications Into MIDAS Accounts

Jump to bottom
Terry edited this page Feb 23, 2017 · 20 revisions

1. Midas SSO Application Registration

First, register the application with the MIDAS SSO Application Registration Form.

2. Auth0 Integration

Next, integrate Auth0 into the application so it can fetch SSOData.

Documentation for Auth0 is provided by auth0.com and a JavaScript example can be found below

3. Redirect to MIDAS Accounts

Have the application redirect to a deployed instance of MIDAS Accounts with the URL parameters, returnToUrl, title, and message, whenever authentication is required.

4. Handle Callback and Authentication

After a user is successfully authenticated MIDAS Accounts will direct the browser back to the specified callback URL of the application. The application must then handle the authentication by retrieving and processing the SSOData provided by Auth0 (version 6.8 uses getSSOData).

JavaScript example using Auth0 version 6.8:

<script src="https://cdn.auth0.com/w2/auth0-6.8.js"></script>
<script type="text/javascript">
    (function() {
        var auth0 = new Auth0({
            domain: '@aid.domain',
            clientID: '@aid.clientId',
            callbackURL: '@callbackUrl'
        });

        auth0.getSSOData(function (err, data) {
            var loggedInUserId = '@userId';

            if(data && data.sso === true) {
                console.log('SSO: an Auth0 SSO session already exists');

                if(loggedInUserId !== data.lastUsedUserID) {
                    console.log("SSO Session but NOT locally authenticated ");

                    auth0.login({
                        // state: '$ {state}',
                        scope: 'openid name email picture'
                    },
                    function (err) {
                        console.error('Error logging in: ' + err);
                    });
                }
                else {
                    console.log("SSO Session and locally authenticated ");

                    window.location = CONTEXT;
                }
            }
            else if(loggedInUserId) {
                console.log("NO SSO Session but locally authenticated -> log them out locally");

                window.location = CONTEXT + '/logout';
            }
            else {
                console.log("NO SSO Session and NOT locally authenticated ");

                var title = "Apollo LS",
                    message = "Please login to use the services",
                    hash = window.location.hash.substr(1);

                if(hash.match('^logout')) {
                    message = "Logged out successfully.";
                }

                window.location = '@aid.hubWsUrl/sso?returnToUrl='
                        + encodeURIComponent(window.location) + '&title=' + title + '&message=' + message;
            }
        });
    })();
</script>
Clone this wiki locally