fix autoloader for diff environments, use wp_remote_post instead of ‘get’, and move cookie setting to hook init

includes/openid-connect-generic-client.php

@@ -195,7 +195,7 @@ class OpenID_Connect_Generic_Client {
 		$request['headers']['Authorization'] = 'Bearer '.$access_token;
 
 		// attempt the request including the access token in the query string for backwards compatibility
-		$response = wp_remote_get( $this->endpoint_userinfo . '?access_token=' . $access_token, $request );
+		$response = wp_remote_post( $this->endpoint_userinfo, $request );
 
 		if ( is_wp_error( $response ) ){
 			$response->add( 'request_userinfo' , __( 'Request for userinfo failed.' ) );

includes/openid-connect-generic-login-form.php

@@ -28,34 +28,46 @@ class OpenID_Connect_Generic_Login_Form {
 		
 		// add a shortcode for the login button
 		add_shortcode( 'openid_connect_generic_login_button', array( $login_form, 'make_login_button' ) );
+		
+		$login_form->handle_redirect_cookie();
 
 		return $login_form;
 	}
-	
+
 	/**
-	 * Implements filter login_message
-	 *
-	 * @param $message
-	 * @return string
+	 * Handle login related redirects
 	 */
-	function handle_login_page( $message ) {
-		$settings = $this->settings;
-
+	function handle_redirect_cookie()
+	{
 		// record the URL of this page if set to redirect back to origin page
-		if ( $this->settings->redirect_user_back ) {
-			$redirect_expiry = time() + DAY_IN_SECONDS;
+		if ( $this->settings->redirect_user_back )
+		{
+			$redirect_expiry = current_time('timestamp') + DAY_IN_SECONDS;
+
+			// default redirect to the homepage
+			$redirect_url = home_url( esc_url( add_query_arg( NULL, NULL ) ) );
+
 			if ( $GLOBALS['pagenow'] == 'wp-login.php' ) {
+				// if using the login form, default redirect to the admin dashboard
+				$redirect_url = admin_url();
+
 				if ( isset( $_REQUEST['redirect_to'] ) ) {
 					$redirect_url = esc_url( $_REQUEST[ 'redirect_to' ] );
 				}
-				else {
-					$redirect_url = admin_url();
-				}
-			} else {
-				$redirect_url = home_url( esc_url( add_query_arg( NULL, NULL ) ) );
 			}
+
 			setcookie( $this->client_wrapper->cookie_redirect_key, $redirect_url, $redirect_expiry, COOKIEPATH, COOKIE_DOMAIN, is_ssl() );
 		}
+	}
+	
+	/**
+	 * Implements filter login_message
+	 *
+	 * @param $message
+	 * @return string
+	 */
+	function handle_login_page( $message ) {
+		$settings = $this->settings;
 
 		// errors and auto login can't happen at the same time
 		if ( isset( $_GET['login-error'] ) ) {
@@ -110,4 +122,4 @@ class OpenID_Connect_Generic_Login_Form {
 		<?php
 		return ob_get_clean();
 	}
-}
+}

openid-connect-generic.php

@@ -151,14 +151,18 @@ class OpenID_Connect_Generic {
 	 */
 	static public function autoload( $class ) {
 		$filename = $class . '.php';
+
 		if ( false === strpos( $class, '\\' ) ) {
 			$filename = strtolower( str_replace( '_', '-', $class ) ) . '.php';
 		}
+		else {
+			$filename  = str_replace('\\', DIRECTORY_SEPARATOR, $filename);
+		}
 
 		$filepath = dirname( __FILE__ ) . '/includes/' . $filename;
-		
+
 		if ( file_exists( $filepath ) ) {
-			require $filepath;
+			require_once $filepath;
 		}
 	}