Fixes Post Password Redirects & TravisCI Builds (#259)

- Fixes an issue with post password submission results in SSO
  authentication when "auto" mode is enabled.
- Fixes issues with TravisCI builds failing due to Composer updates
  occurring incorrectly during builds.
- Fixes to allow for WP version changes according to build matrix.
- Updates TravisCI build matrix.

.travis.yml

@@ -40,28 +40,28 @@ matrix:
   include:
     - name: Internationalization
       php: 7.3
-      env: WP_MODE=single WP_VERSION=5.4.* I18N=1
+      env: WP_MODE=single WP_VERSION=5.6.* I18N=1
     - name: Coding Standards
       php: 7.3
-      env: WP_MODE=single WP_VERSION=5.4.* PHP_LINT=1 COVERAGE=1
+      env: WP_MODE=single WP_VERSION=5.6.* PHP_LINT=1 COVERAGE=1
     - name: Static Code Analysis
       php: 7.3
-      env: WP_MODE=single WP_VERSION=5.4.* PHP_ANALYZE=1
+      env: WP_MODE=single WP_VERSION=5.6.* PHP_ANALYZE=1
     - name: Latest Stable
       php: 7.3
-      env: WP_MODE=single WP_VERSION=5.4.* PHP_UNIT=1
+      env: WP_MODE=single WP_VERSION=5.6.* PHP_UNIT=1
     - name: Preferred Minimum requirements
       php: 7.2
-      env: WP_MODE=single WP_VERSION=5.3.* PHP_UNIT=1
+      env: WP_MODE=single WP_VERSION=5.4.* PHP_UNIT=1
     - name: Minimum requirements
       php: 7.1
-      env: WP_MODE=single WP_VERSION=5.2.* PHP_UNIT=1
+      env: WP_MODE=single WP_VERSION=5.3.* PHP_UNIT=1
     - name: Bleeding Edge
       php: 7.4
       env: WP_MODE=single WP_VERSION=dev-master PHP_UNIT=1
     - name: Multisite Compatibility
       php: 7.3
-      env: WP_MODE=multi WP_VERSION=5.4.* PHP_UNIT=1
+      env: WP_MODE=multi WP_VERSION=5.6.* PHP_UNIT=1
   allow_failures:
     - name: Bleeding Edge
 
@@ -70,13 +70,16 @@ addons:
     packages:
       - nodejs
 
+# We need to make sure we stick with Composer 1.x for compatibility.
 before_install:
   - npm install -g npm@6.14
   - npm install -g grunt-cli
+  - composer self-update --1
   - composer require "wordpress/wordpress:${WP_VERSION}" --dev --prefer-source --no-update
 
 install:
-  - composer update --prefer-source --no-interaction --optimize-autoloader
+  - composer update "wordpress/wordpress" --prefer-source --no-interaction --optimize-autoloader
+  - composer install
   - npm install
 
 before_script:

changelog.md

@@ -1,5 +1,10 @@
 # OpenId Connect Generic Changelog
 
+3.8.1
+
+* Fix: @timnolte - Prevent SSO redirect on password protected posts.
+* Fix: @timnolte - CI/CD build issues.
+
 3.8.0
 
 * Feature: @timnolte - Ability to use 6 new constants for setting client configuration instead of storing in the DB.

includes/openid-connect-generic-login-form.php

@@ -76,7 +76,8 @@ class OpenID_Connect_Generic_Login_Form {
 
 		if ( 'wp-login.php' == $GLOBALS['pagenow']
 			&& ( 'auto' == $this->settings->login_type || ! empty( $_GET['force_redirect'] ) )
-			&& ( ! isset( $_GET['action'] ) || 'logout' !== $_GET['action'] )
+			// Don't send users to the IDP on logout or post password protected authentication.
+			&& ( ! isset( $_GET['action'] ) || ! in_array( $_GET['action'], array( 'logout', 'postpass' ) ) )
 			&& ! isset( $_POST['wp-submit'] ) ) {
 			if ( ! isset( $_GET['login-error'] ) ) {
 				$this->handle_redirect_cookie();

openid-connect-generic.php

@@ -16,7 +16,7 @@
  * Plugin Name:       OpenID Connect Generic
  * Plugin URI:        https://github.com/daggerhart/openid-connect-generic
  * Description:       Connect to an OpenID Connect generic client using Authorization Code Flow.
- * Version:           3.8.0
+ * Version:           3.8.1
  * Author:            daggerhart
  * Author URI:        http://www.daggerhart.com
  * Text Domain:       daggerhart-openid-connect-generic
@@ -80,7 +80,7 @@ class OpenID_Connect_Generic {
 	 *
 	 * @var
 	 */
-	const VERSION = '3.8.0';
+	const VERSION = '3.8.1';
 
 	/**
 	 * Plugin settings.

package-lock.json

@@ -1,6 +1,6 @@
 {
 	"name": "openid-connect-generic",
-	"version": "3.8.0",
+	"version": "3.8.1",
 	"lockfileVersion": 1,
 	"requires": true,
 	"dependencies": {
@@ -3148,12 +3148,6 @@
 					"integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==",
 					"dev": true
 				},
-				"prettier": {
-					"version": "npm:wp-prettier@2.0.5",
-					"resolved": "https://registry.npmjs.org/wp-prettier/-/wp-prettier-2.0.5.tgz",
-					"integrity": "sha512-5GCgdeevIXwR3cW4Qj5XWC5MO1iSCz8+IPn0mMw6awAt/PBiey8yyO7MhePRsaMqghJAhg6Q3QLYWSnUHWkG6A==",
-					"dev": true
-				},
 				"puppeteer": {
 					"version": "npm:puppeteer-core@3.0.0",
 					"resolved": "https://registry.npmjs.org/puppeteer-core/-/puppeteer-core-3.0.0.tgz",
@@ -17855,6 +17849,12 @@
 			"integrity": "sha1-1PRWKwzjaW5BrFLQ4ALlemNdxtw=",
 			"dev": true
 		},
+		"prettier": {
+			"version": "npm:wp-prettier@2.0.5",
+			"resolved": "https://registry.npmjs.org/wp-prettier/-/wp-prettier-2.0.5.tgz",
+			"integrity": "sha512-5GCgdeevIXwR3cW4Qj5XWC5MO1iSCz8+IPn0mMw6awAt/PBiey8yyO7MhePRsaMqghJAhg6Q3QLYWSnUHWkG6A==",
+			"dev": true
+		},
 		"prettier-linter-helpers": {
 			"version": "1.0.0",
 			"resolved": "https://registry.npmjs.org/prettier-linter-helpers/-/prettier-linter-helpers-1.0.0.tgz",

package.json

@@ -1,6 +1,6 @@
 {
 	"name": "openid-connect-generic",
-	"version": "3.8.0",
+	"version": "3.8.1",
 	"description": "OpenID Connect generic WordPress plugin.",
 	"main": "Gruntfile.js",
 	"repository": {

readme.txt

@@ -4,7 +4,7 @@ Donate link: http://www.daggerhart.com/
 Tags: security, login, oauth2, openidconnect, apps, authentication, autologin, sso
 Requires at least: 4.9
 Tested up to: 5.4.2
-Stable tag: 3.8.0
+Stable tag: 3.8.1
 Requires PHP: 5.6
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
@@ -51,6 +51,11 @@ On the settings page for this plugin (Dashboard > Settings > OpenID Connect Gene
 
 == Changelog ==
 
+= 3.8.1 =
+
+* Fix: @timnolte - Prevent SSO redirect on password protected posts.
+* Fix: @timnolte - CI/CD build issues.
+
 = 3.8.0 =
 
 * Feature: @timnolte - Ability to use 6 new constants for setting client configuration instead of storing in the DB.