login_jump[2] is used to redirect to laws.gsu.edu and log in the WordPress user into Contentor/agora
Usage:
[login_jump url="http://laws.gsu.edu/agora/index/My_WebCourses"]
The script adds the WordPress username and a "token" hash code that is good for 1 minute (technically it is good for 3 minutes in case the two server’s clocks are off by up to a minute.)
The WordPress username must match the MyLaw username on laws.gsu.edu (both are generally Campus ID)
Three scripts make it work: the Shortcode UI PHP code, laws.gsu.edu/includes/util/login.php (autheticates for Contentor pages) and lawmedia.gsu.edu/mylaw_lookup.php (script that authenticates against Campus ID and authorizes via the MyLaw user table). The token is a 32-character hexadecimal MD5 hash[1] generated from the username, the time down to the minute, and a "secret" string that is in the Shortcode script and mylaw_lookup.php script.
The "url" must be a Contentor or Agora page for this to work!
A similar system will likely be used on LawProxy using "tickets" login.
Notes
[1] 3.40282366e+38 possible combinations (that’s 340,282,366,920,938,463,463,374,607,431,768,211,456) - the MD5 hash function has been broken for many usages because of collisions and rainbow tables. In this application, it is highly unlikely that that a rainbow table would expose the core structure of the hash, and a collision rainbow table reverse of the hash is not useful as it gives no clue as to how to generate another hash valid during this minute.
[2] This was previously the shortcode "[login_redirect..." until a conflict arose with the update of the WCK Content type construction kit plugin, to wit:
2014/11/20 12:17:00 [error] 22418#0: *194954 FastCGI sent in stderr: "PHP message: PHP Warning: Missing argument 2 for wck_fep_login_redirect() in /var/www/wordpress/wp-content/plugins/wck-custom-fields-and-custom-post-types-creator/wordpress-creation-kit-api/wck-fep/wck-fep.php on line 818 PHP message: PHP Warning: Missing argument 3 for wck_fep_login_redirect() in /var/www/wordpress/wp-content/plugins/wck-custom-fields-and-custom-post-types-creator/wordpress-creation-kit-api/wck-fep/wck-fep.php on line 818" while reading response header from upstream, client: 131.96.186.205, server: insidelaw.gsu.edu, request: "GET /my_webcourses/ HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "insidelaw.gsu.edu", referrer: "https://insidelaw.gsu.edu/"