Plugin for MantisBT (https://www.mantisbt.org/)
System A needs to call features (pages) present on a MantisBT installation.
Users will be create on System A and on MantisBT having same username.
MantisBT feature (bug_report_page.php) will be called in this way:
token is the JSON Web Token computed for:
Payload:
{
"username": "Dee Dee"
}
Header
{
"typ": "JWT",
"alg": "HS256"
}
using secret key: dexter.laboratory
will be set as login page, for the features (pages) that we will want be called from System A.
will be set as credential page, when plugin method auth_user_flags() will be called by login_sso_page.
sso.php is the place where token decoding and user authentication will be done.
function auth_flags() present in authentication_api.php, was modified to fire event EVENT_AUTH_USER_FLAGS, even when non user is provided.
mantisbt/mantisbt#1070 (comment)
mantisbt-plugins/SampleAuth#5