Merge pull request #5 from robertstaddon/master

Allow users with existing WordPress accounts to log in
9 years ago · b737eac518
parent 7905bfdd12 9371b8132f
commit b737eac518
2 changed files with 45 additions and 1 deletions
--- a/includes/openid-connect-generic-client-wrapper.php
+++ b/includes/openid-connect-generic-client-wrapper.php
@ -412,6 +412,13 @@ class OpenID_Connect_Generic_Client_Wrapper {
 			$username = $this->get_username_from_claim( $user_claim );
 		}

+		// Before trying to create the user, first check if a user with the same email already exists
+		if( $this->settings->link_existing_users ) {
+			if( $uid = email_exists( $email ) ) {
+				return $this->update_existing_user( $uid, $subject_identity );
+			}
+		}
+		
 		// allow other plugins / themes to determine authorization 
 		// of new accounts based on the returned user claim
 		$create_user = apply_filters( 'openid-connect-generic-user-creation-test', TRUE, $user_claim );
@ -443,4 +450,25 @@ class OpenID_Connect_Generic_Client_Wrapper {
 		
 		return $user;
 	}
+	
+	
+	/**
+	 * Update an existing user with OpenID Connect meta data
+	 * 
+	 * @param $uid
+	 * @param $subject_identity
+	 *
+	 * @return \WP_Error | \WP_User
+	 */
+	function update_existing_user( $uid, $subject_identity ) {
+		// add the OpenID Connect meta data 
+		add_user_meta( $uid, 'openid-connect-generic-user', TRUE, TRUE );
+		add_user_meta( $uid, 'openid-connect-generic-subject-identity', (string) $subject_identity, TRUE );
+		
+		// allow plugins / themes to take action on user update
+		do_action( 'openid-connect-generic-user-update', $uid );
+		
+		// return our updated user
+		return get_user_by( 'id', $uid );
+	}
 }
--- a/includes/openid-connect-generic-settings-page.php
+++ b/includes/openid-connect-generic-settings-page.php
@ -111,6 +111,12 @@ class OpenID_Connect_Generic_Settings_Page {
 				'type'        => 'checkbox',
 				'section'     => 'authorization_settings',
 			),
+			'link_existing_users'   => array(
+				'title'       => __( 'Link Existing Users' ),
+				'description' => __( 'If a WordPress account already exists with the same email address as a newly-authenticated user over OpenID Connect, login as that user instead of generating an error.' ),
+				'type'        => 'checkbox',
+				'section'     => 'user_settings',
+			),
 			'enable_logging'    => array(
 				'title'       => __( 'Enable Logging' ),
 				'description' => __( 'Very simple log messages for debugging purposes.' ),
@ -183,6 +189,12 @@ class OpenID_Connect_Generic_Settings_Page {
 			$this->options_page_name
 		);

+		add_settings_section( 'user_settings',
+			__( 'WordPress User Settings' ),
+			array( $this, 'user_settings_description' ),
+			$this->options_page_name
+		);
+		
 		add_settings_section( 'authorization_settings',
 			__( 'Authorization Settings' ),
 			array( $this, 'authorization_settings_description' ),
@ -356,7 +368,11 @@ class OpenID_Connect_Generic_Settings_Page {
 	public function client_settings_description() {
 		_e( 'Enter your OpenID Connect identity provider settings' );
 	}
-
+	
+	public function user_settings_description() {
+		_e( 'Modify the interaction between OpenID Connect and WordPress users' );
+	}
+	
 	public function authorization_settings_description() {
 		_e( 'Control the authorization mechanics of the site' );
 	}