Custom Authentication Driver for seamless authentication from billing system

Hello,

My goal is to develop seamless authentication for clients from my billing system (WHMCS) to Sunstone. I want to implement the following scenario:

1. client navigates to his personal page,
2. script on the server gets OpenNebula username for the client from the db and generates a temporary token for this username with one.user.login method (using XML-RPC API),
3. personal page embeds username and token like an url to login to Sunstone (somehow like this: https://sunstone.example.com?username=USERNAME&token=TOKEN),
4. client clicks the url and immediately authenticates in the Sunstone without typing his username/password in any fields.

I think I need to make a custom auth driver for OpenNebula to be able to implement such scenario. I have read this document: http://docs.opennebula.org/5.0/integration/infrastructure_integration/devel-auth.html . But I still have questions:

1. How do I get GET parameters (username & token) from the request inside the auth driver script?
2. How do I validate a token? (yes, I can store and send a password instead of a token, but it is not safe, so I would like to avoid that)
3. Do I need to know something else in order to be able to do what I want? If so, what is it?

I’ll be very grateful for any help.

you could try my whmcs opennebula module that I just finished https://cubedata.net/opennebula
it supports provisioning from whmcs to opennebula and working right now on sso(single sign on) to opennebula from the module as well.

It does’t answer to my questions. I don’t need shareware solutions. I need to wrine my own module.

I can give you a free lifetime license for it then it wouldn’t be shareware then.

You can really help me if you show me piece of source code were you make single sign on to Sunstone.