Merge pull request #8 from robertstaddon/master

Allow users to login with WP account after using OpenID Connect
9 years ago · 1002943a22
parent e2ab1b18d8 960f475aad
commit 1002943a22
4 changed files with 21 additions and 3 deletions
--- a/includes/openid-connect-generic-client-wrapper.php
+++ b/includes/openid-connect-generic-client-wrapper.php
@ -138,6 +138,12 @@ class OpenID_Connect_Generic_Client_Wrapper {
 	 * Remove cookies
 	 */
 	function wp_logout() {
+		// set OpenID Connect user flag to false on logout to allow users to log into the same account without OpenID Connect
+		if( $this->settings->link_existing_users ) {
+			if( get_user_meta( wp_get_current_user()->ID, 'openid-connect-generic-user', TRUE ) )
+				update_user_meta( wp_get_current_user()->ID, 'openid-connect-generic-user', FALSE );
+		}
+		
 		setcookie( $this->cookie_id_key, false, 0, COOKIEPATH, COOKIE_DOMAIN, is_ssl() );
 	}

@ -300,6 +306,11 @@ class OpenID_Connect_Generic_Client_Wrapper {
 		update_user_meta( $user->ID, 'openid-connect-generic-last-id-token-claim', $id_token_claim );
 		update_user_meta( $user->ID, 'openid-connect-generic-last-user-claim', $user_claim );

+		// if we're allowing users to use WordPress and OpenID Connect, we need to set this to true at every login
+		if( $this->settings->link_existing_users ) {
+			update_user_meta( $user->ID, 'openid-connect-generic-user', TRUE );
+		}
+		
 		// save our authorization cookie for the response expiration
 		$oauth_expiry = $token_response['expires_in'] + current_time( 'timestamp', TRUE );
 		setcookie( $this->cookie_id_key, $subject_identity, $oauth_expiry, COOKIEPATH, COOKIE_DOMAIN, is_ssl() );
@ -422,7 +433,7 @@ class OpenID_Connect_Generic_Client_Wrapper {
 			$username = $this->get_username_from_claim( $user_claim );
 		}

-		// Before trying to create the user, first check if a user with the same email already exists
+		// before trying to create the user, first check if a user with the same email already exists
 		if( $this->settings->link_existing_users ) {
 			if( $uid = email_exists( $email ) ) {
 				return $this->update_existing_user( $uid, $subject_identity );
--- a/openid-connect-generic.php
+++ b/openid-connect-generic.php
@ -3,7 +3,7 @@
 Plugin Name: OpenID Connect - Generic Client
 Plugin URI: https://github.com/daggerhart/openid-connect-generic
 Description:  Connect to an OpenID Connect identity provider with Authorization Code Flow
-Version: 3.0.5
+Version: 3.0.6
 Author: daggerhart
 Author URI: http://www.daggerhart.com
 License: GPLv2 Copyright (c) 2015 daggerhart
--- a/readme.md
+++ b/readme.md
@ -33,6 +33,9 @@ Replace `example.com` with your domain name and path to WordPress.

 ### Changelog

+**3.0.6**
+
+* If "Link Existing Users" is enabled, allow users who login with OpenID Connect to also log in with WordPress credentials

 **3.0.5**

--- a/readme.txt
+++ b/readme.txt
@ -3,7 +3,7 @@ Contributors: daggerhart
 Donate link: http://www.daggerhart.com/
 Tags: security, login, oauth2, openidconnect, apps, authentication, autologin, sso 
 Requires at least: 4
-Tested up to: 4.2.2
+Tested up to: 4.5.2
 Stable tag: trunk
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
@ -40,6 +40,10 @@ Replace `example.com` with your domain name and path to WordPress.

 == Changelog ==

+= 3.0.6 =
+
+* If "Link Existing Users" is enabled, allow users who login with OpenID Connect to also log in with WordPress credentials
+
 = 3.0.5 =

 * Added [openid_connect_generic_login_button] shortcode to allow the login button to be placed anywhere