SugarCRM integration – website session and SOAP session

  Soap, Sugarcrm
Introduction

Here we are again to talk about SugarCRM integration. This time I’d like to explore some techniques to pass from a website session to a SOAP one. Can this be any useful? Judging from the number of questions I’ve received from friends who are messing around with SugarCRM, this is quite an interesting subject. Cases go from SOAP enabled desktop applications that need to open a sugacrm web session bypassing the login page to, in the opposite case, sugarcrm plugins to be able to open a soap connection making use of the already opened web session. We’ll see the two cases are to be treated using a different approach, the second one being a bit more tricky. Let’s start with the first one.

Using a SOAP session id to bypass the login page on the web interface

This is the easiest and is also widely documented. We simply achieve a SOAP login and with the obtained session id we call the SOAP “seamless_login” method. Then we just need to pass the session id to the URL of the desired SugarCRM page as parameter, named “MSID”. Ok, it’s easier to show than to explain, so here is some sample code:

 

1:<?php    
2:require_once("path_to_nusoap/nusoap.php");    
3:$server_url = "http://your_sugar_server/soap.php?wsdl";    
4:$credentials = array(    
5:    'user_name' => 'username',    
6:    'password' => md5('password')    
7:);    
8:$sugar_client = new soapclient($server_url, TRUE);    
9:$proxy = $sugar_client->getProxy();   
10:if (!$proxy) {   
11:        // do something in case of error   
12:}   
13:$result = $proxy->login($credentials, 'your_application_name');   
14:$session_id = $result['id'];   
15:$result = $proxy->seamless_login($session_id);   
16:header( "Location: http://your_sugar_server/index.php?module=Contacts&action=index&MSID={$session_id}";   
17:?>  

You need to customize to your needs: “path_to_nusoap”,”username”,”password”,”your_application_name”,”your_sugar_server”.
On line 8 we instantiate a soap client, and on line 9 we obtain a proxy from it. We use the proxy on line 13 to do a soap login and, if nothing goes wrong, we’ll get back a valid session_id (line 14).
If we now pass the session id to the soap method “seamless_login”(line 15), we are automatically authenticating to the web interface, so at this point we can directly point to a sugar page by just appending an “MSID” parameter (valued with our session id) to a normal sugarcrm url. Just make sure that the page(module/action) we are trying to access is one the user whose credentials we’ve used to login is allowed to see.
This has been easy, now let’s face the opposite situation.

Getting a SOAP session id by logging in to the web interface

I’ve searched around a bit but have had no luck in finding a clear and immediate recipe for this. If someone has been more lucky, please let us know.
The solution I’m currently using is a bit tricky, but it seems to work. Basically, when sugarCRM authenticates a web interface user, we can at the same time create a SOAP session_id and put it in th $_SESSION array for using it during the session lifetime.
In this case I’ve just put some code in the “modules/Users/authenticate.php” file.  The point of the file where to put the code depends on the installed SugarCRM version, but it’s usually quite easy to spot, as it is at the beginning of an “if” block checking if the login has been successful. In my case there’s a line:

if ($focus->is_authenticated)

in other cases (more recent SugarCRM versions) I’ve seen something like:

if(isset($_SESSION[‘authenticated_user_id’]))

 

Now, the code to add is not very different from the one used before. We need to get a soap session id using the same credentials SugarCRM has just used to authenticate the user to the web interface. In this case though, we’ll use the nusoap library included in SugarCRM which has some little differences. Here is the code:

 

 

    2:require_once("include/nusoap/nusoap.php");    
3:$server_url = "http://your_sugar_server/soap.php?wsdl";    
4:$credentials = array(    
5:    'user_name' => $_REQUEST['username'],    
6:    'password' => md5($_REQUEST['password'])    
7:);    
8:$sugarClient = new nusoapclient($server_url, TRUE);    
9:$proxy = $sugarClient->getProxy();   
10:if (!$proxy) {   
11:        // do something in case of error   
12:}   
13:$result = $proxy->login($credentials, 'your_application_name');   
14:$_SESSION['soap_sessionid'] = $result['id'];  

On line 2 we include the nusoap version present in our SugarCRM installation, on lines 5 and 6  we take the same “username” and “password” coming from the login form of the web interface. Note on line 8that the soapclient class name is now “nusoapclient”. We then call the soap “login” method and put the retrieved session id in the $_SESSION[‘soap_sessionid’] variable that we will be able to access from within our custom modules to make use of soap calls. It will be valid for the entire session lifetime. This time, the only thing to customize in the code are “your_sugar_server” and “your_application_name”, as the nusoap path is relative to sugarcrm  filesystem and username and password are already provided.

This approach is not very elegant and neutral, and be aware that upgrading your SugarCRM installation could end up with overwriting your Authenticate.php file, but it proved useful for writing plugins.

LEAVE A COMMENT