SingleSignOn controller with routes and config

app/controllers/discourse_sso_controller.rb

@@ -0,0 +1,38 @@
+require 'discourse/single_sign_on'
+
+class DiscourseSsoController < ApplicationController
+  include SharedHelper
+
+  def sso
+    if spree_current_user
+      begin
+        redirect_to sso_url
+      rescue TypeError
+        render text: "Bad SingleSignOn request.", status: :bad_request
+      end
+    else
+      redirect_to login_path
+    end
+  end
+
+  def sso_url
+    secret = ENV['DISCOURSE_SSO_SECRET'] or raise 'Missing SSO secret'
+    discourse_url = ENV['DISCOURSE_SSO_URL'] or raise 'Missing Discourse SSO login URL.'
+    sso = Discourse::SingleSignOn.parse(request.query_string, secret)
+    sso.email = spree_current_user.email
+    sso.username = spree_current_user.login
+    sso.external_id = spree_current_user.id
+    sso.sso_secret = secret
+    sso.admin = admin_user?
+    sso.require_activation = require_activation?
+    sso.to_url(discourse_url)
+  end
+
+  def require_activation?
+    !admin_user? && !email_validated?
+  end
+
+  def email_validated?
+    spree_current_user.confirmed.map(&:email).include?(spree_current_user.email)
+  end
+end