How to Implement Single Sign-On with Chatwee.com

A few days ago Chatwee API release took place, and with it the ability to integrate Single Sign-On (SSO). This article shows how to integrate Single Sign-On with regular website and will be constantly updated, so you may want to look into it from time to time.

 

Integrating Single Sign-On

Chatwee API supports both HTTP and HTTPS requests. To integrate Chatwee with hosting website session mechanism two API calls have to be triggered.

Every request is using GET method to pass the parameters.

RemoteLogin

RemoteLogin should be called whenever user signs into the website.

Method endpoint

http://chatwee-api.com/api/remotelogin

Parameters

  • chatId
  • clientKey
  • login (user name on userlist)
  • avatar (possible values: 1 or 0, url pointing to user avatar image)
  • isMobile (flag indicating whether user uses mobile device)
  • ipAddress (IP address of the user to resolve his country name)

For RemoteLogin call server would respond with sessionId token which should be passed to the client browser using cookie file with chch-SI key and expiring date being 30 days later than current timestamp. Chatwee client will automatically seek for that cookie to find user session data and use it to authorize every further requests.

Example call

http://chatwee-api.com/api/remotelogin?chatId=CHAT_ID&clientKey=CLIENT_KEY&login=JohnnyDoe&avatar=AVATAR_URL&isMobile=1&ipAddress=127.0.0.1

RemoteLogout

RemoteLogout should be triggered whenever user signs out from the website.

Method endpoint

http://chatwee-api.com/api/remotelogout

Parameters

  • chatId
  • clientKey
  • sessionId (stored user token obtained by RemoteLogin)

Example call

http://chatwee-api.com/api/remotelogout?chatId=CHAT_ID&clientKey=CLIENT_KEY&sessionId=SESSION_ID

Example PHP implementation

RemoteLogin

<?php

//assembling HTTP request parameters

$url = “http://chatwee-api.com/api/remotelogin?chatId=CHAT_ID&clientKey=CLIENT_KEY&login=JohnnyDoe&avatar=AVATAR_URL&isMobile=1&ipAddress=127.0.0.1”;

//API call with retrieving sessionId as a result

$sessionId = file_get_contents($url);

//passing sessionId to client browser

setcookie(“chch-SI”, $sessionId, time() + 2592000, “/”);

?>

RemoteLogout

<?php

//assembling HTTP request parameters

$url = “http://chatwee-api.com/api/remotelogout?chatId=CHAT_ID&clientKey=CLIENT_KEY&sessionId=SESSION_ID”;

//API call

file_get_contents($url);

//removing client Chatwee session by destroying the session cookie

setcookie(“chch-SI”, “”, time() – 1);

?>