Freshdesk Single Sign On URL - Node.js

freshdesk_sso.js

	
	var crypto = require('crypto');

	/**
	 * Generates and returns a Freshdesk Single Sign On URL
	 * {@link https://gist.github.com/derekseymour/26a6fe573c1274642976 Gist}
	 *
	 * @author Derek Seymour <[email protected]>
	 * @param {String} name - The name of the user logging in.
	 * @param {String} email - A valid email address to associate with the user.
	 * @param {String} [redirect_to] - An optional URL to redirect to after logging in.
	 * @returns {String} Freshdesk SSO URL.
	 */
	function getSSOUrl(name, email, redirect_to) {
		var freshdesk_secret = '____Place your Single Sign On Shared Secret here____';
		var freshdesk_base_url = 'http://{{your-account}}.freshdesk.com';

		var timestamp = Math.floor(new Date().getTime() / 1000).toString();
		var hmac = crypto.createHmac('md5', freshdesk_secret);
		hmac.update(name + email + timestamp);
		var hash = hmac.digest('hex');
		return freshdesk_base_url + '/login/sso/' +
			'?name=' + escape(name) +
			'&email=' + escape(email) +
			'&timestamp=' + escape(timestamp) +
			'&hash=' + escape(hash) +
			( typeof(redirect_to) === 'string' ? '&redirect_to=' + escape(redirect_to) : '' );
	}

	// Example
	console.log(getSSOUrl('John Smith', '[email protected]'));	// Under express, use something like res.redirect(getSSOUrl('Name', 'email'));

Based on PHP version: https://gist.github.com/1662527

Congratulations!

But to me does not work when the name contains accent.

Note that for the changes made to Freshdesk recently, this code would need to be changed to:

hmac.update(name + freshdesk_secret + email + timestamp);

Thanks @42degrees, it works!

I had trouble with emails that include a + character until I switched to:

'&email=' + encodeURIComponent(email)

hope that helps somone

I always get Login was unsuccessfull message with 302 response with this code

+++++++++++++++++++++++++++++++++

const crypto = require('crypto-browserify');

function integrateFreshdesk(name, email, redirectTo = CONFIG.LINKS.FRESHDESK.REDIRECT.DEFAULT){
const timestamp = Math.floor(new Date().getTime() / 1000).toString();
let hmac = crypto.createHmac('md5', CONFIG.SECRET_KEY.FRESHDESK);
hmac.update(name + CONFIG.SECRET_KEY.FRESHDESK + email + timestamp);

const hash = hmac.digest('hex');

return 'https://' + CONFIG.LINKS.FRESHDESK.ROOT + CONFIG.LINKS.FRESHDESK.LOGIN_SSO
        + '?name=' + encodeURI(name)
        + '&email=' + encodeURI(email)
        + '&hash=' + encodeURI(hash)
        + '&timestamp=' + encodeURI(timestamp)
        + '&redirect_to=' + CONFIG.LINKS.FRESHDESK.ROOT + redirectTo;

}

+++++++++++++++++++++++++++++++++

Hope someone could help.

Instead of using encodeURI() you should use encodeURIComponent(). There are some symbols like the plus symbol which do not escape correctly if you're using the encodeURI()

  return freshdesk_base_url + '/login/sso/' +
    '?name=' + encodeURIComponent(name) +
    '&email=' + encodeURIComponent(email) +
    '&timestamp=' + encodeURIComponent(timestamp) +
    '&hash=' + encodeURIComponent(hash) +
    ( !!phone ? '&phone=' + encodeURIComponent(phone) : '' ) +
    ( !!company ? '&company=' + encodeURIComponent(company) : '' ) +
    ( !!redirect_to ? '&redirect_to=' + encodeURIComponent(redirect_to) : '' );

@marudits this could have been your problem.

actually, the secret is missing according to the documentation:
hmac.update(name + freshdesk_secret + email + timestamp);