Sign Up ›
  • Prashant Bhure 28
  • NEWBIE
  • 0 Points
  • Member since 2018
  • Chatter
    Feed
  • 0
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 0
    Questions
  • 1
    Replies
2 replies

Enable Auth. Providers for Salesforce Communities Help

I am trying to setup SSO for Salesforce Communities where the Auth Provider is Salesforce.  So, Salesforce users from other org will be signing on to my Communities pages.  I have followed mostly the steps described in this article (http://wiki.developerforce.com/page/Salesforce_as_an_Identity_Provider_for_Customer_Portal).

 

I have a Connected App to get the Consumer Key, Secret, and Callback URL.  I then setup an Auth Provider as Salesforce and for the RegistrationHandler, I clicked the option to "Automatically create a registration handler template".  The resulting Class was created.  I'm not fluent in APEX, so I don't know if this code alone should work or if it requires modification.  Note in all cases for my SSO, the person logging into my Community will already have been given Community access and Community User will exist, so I don't need the Handler to create a user; just find one.

 

The error I'm getting when the person tries to connect is...

 

https://collabrax.force.com/success/_nc_external/identity/sso/ui/AuthorizationError?ErrorCode=NO_ACCESS&ErrorDescription=Unable+to+find+a+user&startURL=%2Fsuccess%2F
 
I thought perhaps I didn't need the Handler, but when I take it out the error is...
 
https://collabrax.force.com/success/_nc_external/identity/sso/ui/AuthorizationError?ErrorCode=NO_REGISTRATION_HANDLER&startURL=%2Fsuccess%2Fhome%2Fhome.jsp
 
So, I think the problem is tied to my Handler Class.  Can anyone help based on my requirements?

 

 

//TODO:This autogenerated class includes the basics for a Registration
//Handler class. You will need to customize it to ensure it meets your needs and
//the data provided by the third party.

global class AutocreatedRegHandler1384140305788 implements Auth.RegistrationHandler{
global boolean canCreateUser(Auth.UserData data) {
  //TODO: Check whether we want to allow creation of a user with this data
  //Set<String> s = new Set<String>{'usernamea', 'usernameb', 'usernamec'};
  //if(s.contains(data.username)) {
    //return true;
  //}
  return false;
}

global User createUser(Id portalId, Auth.UserData data){
  if(!canCreateUser(data)) {
    //Returning null or throwing an exception fails the SSO flow
    return null;
  }
  if(data.attributeMap.containsKey('sfdc_networkid')) {
    //We have a community id, so create a user with community access
    //TODO: Get an actual account
    Account a = [SELECT Id FROM account WHERE name='Acme'];
    Contact c = new Contact();
    c.accountId = a.Id;
    c.email = data.email;
    c.firstName = data.firstName;
    c.lastName = data.lastName;
    insert(c);

    //TODO: Customize the username and profile. Also check that the username doesn't already exist and
    //possibly ensure there are enough org licenses to create a user. Must be 80 characters or less.
    User u = new User();
    Profile p = [SELECT Id FROM profile WHERE name='Customer Portal User'];
    u.username = data.username + '@acmecorp.com';
    u.email = data.email;
    u.lastName = data.lastName;
    u.firstName = data.firstName;
    String alias = data.username;
    //Alias must be 8 characters or less
    if(alias.length() > 8) {
      alias = alias.substring(0, 8);
    }
    u.alias = alias;
    u.languagelocalekey = UserInfo.getLocale();
    u.localesidkey = UserInfo.getLocale();
    u.emailEncodingKey = 'UTF-8';
    u.timeZoneSidKey = 'America/Los_Angeles';
    u.profileId = p.Id;
    u.contactId = c.Id;
    return u;
  } else {
    //This is not a community, so create a regular standard user
    User u = new User();
    Profile p = [SELECT Id FROM profile WHERE name='Standard User'];
    //TODO: Customize the username. Also check that the username doesn't already exist and
    //possibly ensure there are enough org licenses to create a user. Must be 80 characters
    //or less.
    u.username = data.username + '@myorg.com';
    u.email = data.email;
    u.lastName = data.lastName;
    u.firstName = data.firstName;
    String alias = data.username;
    //Alias must be 8 characters or less
    if(alias.length() > 8) {
      alias = alias.substring(0, 8);
    }
    u.alias = alias;
    u.languagelocalekey = UserInfo.getLocale();
    u.localesidkey = UserInfo.getLocale();
    u.emailEncodingKey = 'UTF-8';
    u.timeZoneSidKey = 'America/Los_Angeles';
    u.profileId = p.Id;
    return u;
  }
}

global void updateUser(Id userId, Id portalId, Auth.UserData data){
  User u = new User(id=userId);
  //TODO: Customize the username. Must be 80 characters or less.
  //u.username = data.username + '@myorg.com';
  u.email = data.email;
  u.lastName = data.lastName;
  u.firstName = data.firstName;
  //String alias = data.username;
  //Alias must be 8 characters or less
  //if(alias.length() > 8) {
    //alias = alias.substring(0, 8);
  //}
  //u.alias = alias;
  update(u);
}
}