/jquery.sso-bg-connect

JQuery plugin to test if someone is already connected to a sso service

Primary LanguageJavaScriptGNU General Public License v2.0GPL-2.0

SSO Background Connect, the peaceful authentication

This jquery plugin tries to loggin your visitors by using their prefered SSO service(s).

Improve UX

Most of your users are already connected on one or more SSO providers, in this case the plugin will be able to quietly log them in your web application and notify the web browser.

On pages that doesn't necessarily require to be authenticated you will be able to enable new features on the fly or by refreshing the web page.

All of the login process is done without needing the user to click on his prefered SSO, resulting in a painful login experience.

Power to the People ! Allow several SSO

Of course some javascript sdk like facebook connect-js have a "background" connection feature, but the power of this plugin is letting your users rely on more SSO than just "Facebook". Your users should be able choose between several SSO for the sake of an open web.

Not every SSO service provide a javascript sdk like connect-js. Even if they do, enabling several SSO would mean loading more javascript libraries (more bandwidth), learning how to use each library, etc. This plugin is a all-in-one SSO helper.

Extend it with your plugins

TODO

Example :

$.ssoBgConnect ({
  services: [
    {
      service: "https://cas.univ-avignon.fr/?service={%callback%}",
      callback: "http://yoursite.com/CasLogin"
    },
    {
      service: "twitter",
      callback: "http://yoursite.com/TwitterLogin",
      appId: "YOUR_APP_ID"
    },
    {
      service: "facebook",
      callback: "http://yoursite.com/FacebookLogin",
      appId: "YOUR_APP_ID"
    }
  ],
  success: function () { /* do something */ }
});

Check the example.

How does it work ?

  1. On the client side, the ssoBgConnect open as many iframes as you have configured SSO services. Each iframe is pointing to each SSO login url.

  2. If the user is authenticated on the SSO, the iframe will be redirected to your web server in order for you to identify him and log him in.

  3. Once logged in, you will have to notify the parent frame that the user is known by returning a script to the iframe containing : parent.$.ssoBgConnect ('finishAuthentication', {some data});, which will fire the success event handler. See the example identification script

API documentation, ssoBgConnect() options

ssoBgConnect take an array containing the following keys as parameter.

services

Array describing each SSO service. Each service array must contain at least a service key which is the SSO login url or a preconfigured SSO alias. If you provide an url don't forget to include the correct GET parametter in order for the SSO to redirect the iframe back to you.

The callback key is mandatory. If used the plugin will encode it and substitute the {%callback%} token for you in the service key. If you ommit it don't forget to encode and include it in the service url !

You can also add other options that will be passed to the SSO handler, an api_key for example.

success

callback or url (null by default).

if null, the plugin will reload the web page. If it is an url, the user will be redirected to this url. Otherwise the callback will be fired.

What this plugin does not do ?

  • This plugin is not an OpenId/OAuth/... client, you still write the glue code to integrate with each SSO client.
  • This plugin will not log the users in if they haven't granted your application the right to access to their account.

Related libraries