Developers
Custom CSS
Talki will automatically detect the CSS of a site, but for advanced users who want full control, Talki supports Custom CSS for Pro accounts (plans & pricing).
The information below only applies to Pro accounts and higher.
To append and overwrite styles in the existing Talki CSS
<script type="text/javascript">
window.chatter_options = {
'css_append': 'http://example.com/my.css'
}
</script>
<script src="http://EXAMPLE.embed.talkiforum.com/embed/1.js" type="text/javascript"></script>
To completely replace all CSS, place the following code inside your opening & closing script tags:
<script type="text/javascript">
window.chatter_options = {
'css_replace': 'http://example.com/my.css'
}
</script>
<script src="http://EXAMPLE.embed.talkiforum.com/embed/1.js" type="text/javascript"></script>
We recommend using the tool Firebug on Firefox to examine the CSS classes and ids on your Talki forum to know how to style them.
SSO - Single Sign On API
Embedding
<script type="text/javascript" src="http://<shortname>.<hostname>.embed.talkiforum.com/embed/1.js?<arguments>"></script>
Without arguments the forum is embedded without any SSO relying on third party authentication.
Possible arguments for SSO:
- (required) uid - unique user id
- (required) name
- (required) ap - authentication provider name (use 'site' for single site SSO)
- (required) sig - signature
- (required) expires - GMT timestamp at which the signature will expire
- (optional) level - 10 = member, 50 = moderator, 100 = admin
- (optional) email
- (optional) avatar_url - url to an image that is expected to be 50x50
- (optional) profile_url
- (optional) login_url
Required for generating signature but not required as a query argument:
- domain - shortname.hostname (e.g. offtopic.lefora)
GMT timestamp generation example: python: int(time.time() + 602) php: php()+602
SSO Signature
argument = name=value
serialized_arguments = argument&argument&... # arguments sorted by 'name', exclude empty values
signature = url_safebase64(hmac(serialized_arguments, secret_key, sha1))
URL Safe Base64:
+ replaced with -
/ replace with _
Example:
ap: talki
uid: 1
name: Bender
expires: 1265673544
domain: general.talki
email: test@example.com
serializes to:
ap=talki&email=test%40example.com&expires=1265673544&name=Bender&uid=1&domain=general.talki
signature is (if secrey key is 'topsecret'):
-4uxvTXub94XX6M_hXZ3SfqfdEo==
Python code to generate signature from a dictionary:
import base64
import hashlib
import hmac
from urllib import quote_plus
def serialize_fields(fields):
"""Return a string of the form 'key=value&key=value' where keys are sorted."""
return "&".join(
"%s=%s" % (
k, quote_plus(v.encode('utf-8') if isinstance(v, unicode) else str(v))
) for k, v in sorted(fields.items()) if v)
def generate_signature(fields, secret_key):
"""Return a signature for the dictionary 'fields'"""
data = serialize_fields(fields)
signature = hmac.new(str(secret_key), data, hashlib.sha1).digest()
return base64.urlsafe_b64encode(signature).rstrip('=')
PHP code to generate signature from an array:
function serialize_fields($fields) {
ksort($fields);
$data = array();
foreach ($fields as $key => $value) {
if ($value != "") {
$data[] = "$key=" . urlencode($value);
}
}
return join("&", $data);
}
function urlsafe_base64_encode($value) {
$res = base64_encode($value);
$res = str_replace("+", "-", $res);
return str_replace("/", "_", $res);
}
function generate_signature($fields, $secret_key) {
$data = serialize_fields($fields);
$signature = hash_hmac("sha1", $data, $secret_key, TRUE);
return urlsafe_base64_encode($signature);
}
Additional Arguments
The following are additional arguments that should not be included in the SSO signature generation:
- lang - refers to the language code, IS0 639-1. For example, lang=es for Español or lang=en for English.