Feature #68 state time limit option (#69)

* Added an option for state time limit on the settings page
isekai
Antti Leppä 7 years ago committed by Jonathan Daggerhart
parent 6bc53f96d4
commit 56bd5718e6

@ -25,8 +25,9 @@ class OpenID_Connect_Generic_Client {
* @param $endpoint_userinfo * @param $endpoint_userinfo
* @param $endpoint_token * @param $endpoint_token
* @param $redirect_uri * @param $redirect_uri
* @param $state_time_limit time states are valid in seconds
*/ */
function __construct( $client_id, $client_secret, $scope, $endpoint_login, $endpoint_userinfo, $endpoint_token, $redirect_uri ){ function __construct( $client_id, $client_secret, $scope, $endpoint_login, $endpoint_userinfo, $endpoint_token, $redirect_uri, $state_time_limit){
$this->client_id = $client_id; $this->client_id = $client_id;
$this->client_secret = $client_secret; $this->client_secret = $client_secret;
$this->scope = $scope; $this->scope = $scope;
@ -34,6 +35,7 @@ class OpenID_Connect_Generic_Client {
$this->endpoint_userinfo = $endpoint_userinfo; $this->endpoint_userinfo = $endpoint_userinfo;
$this->endpoint_token = $endpoint_token; $this->endpoint_token = $endpoint_token;
$this->redirect_uri = $redirect_uri; $this->redirect_uri = $redirect_uri;
$this->state_time_limit = $state_time_limit;
} }
/** /**

@ -155,6 +155,12 @@ class OpenID_Connect_Generic_Settings_Page {
'type' => 'checkbox', 'type' => 'checkbox',
'section' => 'client_settings', 'section' => 'client_settings',
), ),
'state_time_limit' => array(
'title' => __( 'State time limit' ),
'description' => __( 'State valid time in seconds. Defaults to 180' ),
'type' => 'number',
'section' => 'client_settings',
),
'link_existing_users' => array( 'link_existing_users' => array(
'title' => __( 'Link Existing Users' ), 'title' => __( 'Link Existing Users' ),
'description' => __( 'If a WordPress account already exists with the same identity as a newly-authenticated user over OpenID Connect, login as that user instead of generating an error.' ), 'description' => __( 'If a WordPress account already exists with the same identity as a newly-authenticated user over OpenID Connect, login as that user instead of generating an error.' ),

@ -78,6 +78,11 @@ class OpenID_Connect_Generic {
if ( $this->settings->alternate_redirect_uri ){ if ( $this->settings->alternate_redirect_uri ){
$redirect_uri = site_url( '/openid-connect-authorize' ); $redirect_uri = site_url( '/openid-connect-authorize' );
} }
$state_time_limit = 180;
if ($this->settings->state_time_limit) {
$state_time_limit = intval($this->settings->state_time_limit);
}
$this->client = new OpenID_Connect_Generic_Client( $this->client = new OpenID_Connect_Generic_Client(
$this->settings->client_id, $this->settings->client_id,
@ -86,7 +91,8 @@ class OpenID_Connect_Generic {
$this->settings->endpoint_login, $this->settings->endpoint_login,
$this->settings->endpoint_userinfo, $this->settings->endpoint_userinfo,
$this->settings->endpoint_token, $this->settings->endpoint_token,
$redirect_uri $redirect_uri,
$state_time_limit
); );
$this->client_wrapper = OpenID_Connect_Generic_Client_Wrapper::register( $this->client, $this->settings, $this->logger ); $this->client_wrapper = OpenID_Connect_Generic_Client_Wrapper::register( $this->client, $this->settings, $this->logger );

Loading…
Cancel
Save