* Update openid-connect-generic-client-wrapper.php
Add openid-connect-generic-session-expired action before to allow consumers to act on the refresh token expiration
* Implement singleton pattern for OpenID_Connect_Generic class
This will allow developers who want to be able to call methods belonging to this class (or methods belonging to any of this class's properties) to do so, without having to create a new instance, and therefore repeat all the bootstrapping.
Instead, they will just be able to call OpenID_Connect_Generic::instance() to retrieve the singleton.
* Add functions.php file for global functions
These will act as wrappers for methods you would otherwise call by getting the Open_ID_Connect_Generic singleton and then calling the appropriate method.
* Make client_wrapper a public property
This allows us to access client_wrapper methods via the singleton of Open_ID_Connect_Generic.
* Support aggregated claims (#254)
* use tabs instead of spaces
* added define config with OIDC_LOGIN_TYPE and OIDC_CLIENT_SCOPE
scopes are needed when logging in so this is a no-brainer and this
can be deployed using deployments
login type can be defined here when you want to enforce SSO from the
deployment.
* More define-driven settings
* fix linting
* fix code analysis errors
* fix more linting, add more exception handling
* Added the OIDC_CREATE_IF_DOES_NOT_EXIST define
* Added documentation and phpstan defines
* Added data in environment_settings
* Fixes QS not being added to the redirect URL
* fix#178
Update last-token-response user meta after refresh
* add a basic method to refresh user claim outside of this plugin
* fix return doc
* add a basic method to refresh user claim outside of this plugin
* fix return doc
* Revert "fix return doc"
This reverts commit e19d6f3ffd3f7684dd843408ec911c4b6d614328.
* Revert "add a basic method to refresh user claim outside of this plugin"
This reverts commit 1a5fa9b045c7b50a17dc3cfd5482fc33be9aa6ee.
* Initial Codepsaces Development Environment
* Adds Gitpod Support Alongside Codespaces Support
* Only load admin CSS when showing settings page
* Updates Development Environment for PHP & WordPress
- Updates local development environment to use a Composer Docker
container.
- Updates VS Code/Codespaces devcontainer to bullseye/PHP 7.4.
- Updates VS Code/Codespaces devcontainer & GitPod starting commands.
- Updates build environment to use PHP 7.4 & Composer 2.
- Updates build environment Composer packages.
- Updates Composer WordPress install to use the johnpbloch packages.
* Fixes Running PHPStan in Docker & Static Analysis Issues
- Updates the PHP/Composer Docker image memory limit to
allow PHPStand to run properly.
- Fixes static analysis issues reported by PHPStan.
- Updates PHPStan & extensions to latest versions.
- Updates PHPStan configuration for latest version.
* Update GitHub Actions for PHP/Composer/WordPress Changes
- Updates GitHub Actions to use Composer v2.
- Updates GitHub Actions to use PHP 7.4.
- Updates GitHub Actions to use WordPress 5.7 as stable.
* Updates WordPress Version Composer Dependencies
- Updates the installed WordPress version to 5.7.
- Updates the installed WordPress stubs version to 5.7.
* Fixes GitHub Actions for Composer 2 Changes
* Fixes GitHub Actions for PHP Unit testing
- Changes PHPUnit switch to dev-master for PHP 8.0.
* Updates GrumPHP & GrumPHP Unit Testing PHP 8 Support
- Updates GrumPHP to a newer version.
- Updates Unit Testing PHP 8.0 to use GrumPHP dev-master.
* Updates Unit Testing for PHPUnit Testing w/ PHP8
* Updates Unit Testing Composer Updates to Run w/ PHP 8
* Updates Composer PHPUnit for PHP 8 Override
* Multisite/network configurations use your current blog as the default when using the WP_User_Query which means if a user already exists, from a different blog, you will not find them, but also can't create a new account because they already exist. This overrides your current blog and will search 'all'
* CodeSpaces Dev Container Updates & Composer Updates
* Updating GrumPHP & Composer Dependencies
* Updates NPM Modules & Changes Plugin Instance Visibility
* Updates @wordpress/scripts & ~wordpress/env to the latest versions.
* Changes the visibility of the plugin class instance attribute.
* Bump tar from 4.4.13 to 4.4.19
Bumps [tar](https://github.com/npm/node-tar) from 4.4.13 to 4.4.19.
- [Release notes](https://github.com/npm/node-tar/releases)
- [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/npm/node-tar/compare/v4.4.13...v4.4.19)
---
updated-dependencies:
- dependency-name: tar
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
* Bump hosted-git-info from 2.8.8 to 2.8.9
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.8 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.8...v2.8.9)
---
updated-dependencies:
- dependency-name: hosted-git-info
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
* Bump lodash from 4.17.19 to 4.17.21
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.19...4.17.21)
---
updated-dependencies:
- dependency-name: lodash
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
* Bump ssri from 6.0.1 to 6.0.2
Bumps [ssri](https://github.com/npm/ssri) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/npm/ssri/releases)
- [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md)
- [Commits](https://github.com/npm/ssri/compare/v6.0.1...v6.0.2)
---
updated-dependencies:
- dependency-name: ssri
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
* Bump path-parse from 1.0.6 to 1.0.7
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)
---
updated-dependencies:
- dependency-name: path-parse
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
* Bump ws from 6.2.1 to 6.2.2
Bumps [ws](https://github.com/websockets/ws) from 6.2.1 to 6.2.2.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/6.2.1...6.2.2)
---
updated-dependencies:
- dependency-name: ws
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
* coding standards issues
* Fix wordpress coding standards issues
* Redone acr-values-support
acr-values support
* Fix code-standard errors
Fixed reported code-standard issues found
* Update openid-connect-generic-client.php
fixing code-indentment after report
* Update openid-connect-generic-client-wrapper.php
fix for reported code-standard errors
* Update openid-connect-generic-settings-page.php
Fixing code-standard reported errors
* Update openid-connect-generic-client.php
re-aligned line 225 ( indentment error)
* Refactors new ACR Handling Code for Better Code Quality
* Fixes some incorrect ACR handling code that incorrectly
added the ACR when it wasn't set.
* Adds missing settings disable handling when ACR constant
is set.
* Refactors code for simplicity and code quality.
* Fixes#243 Nickname from Claim Regression
* Fixes the regression caused by the code changes in 3.8.0
which resulted in not performing proper fallbacks for
missing cliams such as the nickname.
* Fixes invalid Node version in NVM configuration.
* Fixes Indentity Mapping & Creation Issues
* Fixes issues with improperly handling combinations of the
"Link Existing Users", "Create user if does not exist", and
"Identify with User Name" configuration options.
* Addresses issues related to case sensitivity of usernames
when attempting to "Link Existing Users".
* Fixes typos and formatting on the plugin Settings screen.
* Dependabot Security Related Fixes & Refactoring
* Update to require Node v14 & NPM 6.14.15.
* Updates to Grunt 1.4.1.
* Forces resolution of dependencies for security fixes.
* Update @wordpress packages to their latest versions.
* Refactors the NPM & Composer scripts.
* Updates WP to Latest Dev Standard for Local Development
* Refactors Callable Refresh User Claims Function & Action
* Moves `openid-connect-generic-update-user-using-current-claim` action
to within update user metadata during login.
* Adds a new publicly callable method that uses the plugin singleton.
* Prep for 3.9.0 Release
Co-authored-by: jkouris <35877237+jkouris@users.noreply.github.com>
Co-authored-by: Rob Skilling <rob@dxw.com>
Co-authored-by: Martin Schanzenbach <schanzen@gnunet.org>
Co-authored-by: Chloé "Matcha" Desoutter <chloe.desoutter@bluenove.com>
Co-authored-by: Martin <schanzen@users.noreply.github.com>
Co-authored-by: Sylwester Kardziejonek <sylwester.kardziejonek@gmail.com>
Co-authored-by: Nicolas Dhers <nicolas@rkcreation.fr>
Co-authored-by: Tom McCaffery <tom@weareadjacent.com>
Co-authored-by: Dan <dan@testinnovators.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: John Kouris <jkouris@everyincome.com>
Co-authored-by: Glowsome <administrator@comsolve.nl>
commit 39690e125092ff1392326a7738a6a815a41f0880
Author: Tim Nolte <tim.nolte@ndigitals.com>
Date: Sat Apr 10 16:41:14 2021 -0400
Preparation for New Maintenance Release
- Updates Version to 3.8.4.
- Updates Changelogs.
commit 1e1b84cfcc
Author: Tim Nolte <tnolte@forumone.com>
Date: Sat Apr 10 12:00:40 2021 -0400
Local Dev/Composer Scripts/Transient Redirection Fixes (#295)
- Fixes local Docker wp-env environment setup w/ cleanup.
- Fixes Composer scripts for linting and static analysis.
- Fixes invalid State transient object handling for redirection.
commit 40e60474ab
Author: Tim Nolte <tnolte@forumone.com>
Date: Thu Apr 8 22:10:53 2021 -0400
Preparation for Maintenance Release (#291)
commit 8a963301ab
Author: Tim Nolte <tnolte@forumone.com>
Date: Thu Apr 8 08:06:33 2021 -0400
Fixes Broken Redirect URL Handling & Moves Away from Cookies (#289)
* Initial Changes to Move Away from Cookies for Redirects
* Add Redirection via State Transient Support
- Adds adding the login redirection to the state transient.
- Deprecates the use of cookies to handle login redirection.
- Fixes Login button shortcode authentication URL encoding.
- Fixes some broken wp-env local Docker environment issues.
- Fixes make_authentication_url attributes usage.
- Removes error_log calls used for debugging.
* Fixes Missed WordPress Coding Standards Issues
- Updates PHP_CodeSniffer configuration to properly support all checks.
* Fixes Login Button Output for Proper Escaping
commit c839083cf1
Merge: 76c824a14dbc06
Author: Tim Nolte <tnolte@forumone.com>
Date: Wed Mar 24 10:10:09 2021 -0400
Merges branch 'main' into dev
commit 76c824ab32
Author: Tim Nolte <tnolte@forumone.com>
Date: Wed Mar 24 09:42:51 2021 -0400
Fixes Login Page XSS Issue (#283)
- Adds escaping to the errot output message.
- Adds escaping to the login button output.
commit 2c7c21d3bb
Author: Tim Nolte <tnolte@forumone.com>
Date: Mon Mar 22 12:53:01 2021 -0400
Feature/travis ci to GitHub actions (#282)
* Updates Composer/NPM Dependencies & Adds New GitHub Actions
* Moves All CI/CI Functionality to GitHub Actions
- Updates Composer & NPM dependencies to newer versions.
- Updates default development environment WordPress version to 5.6.x.
- Fixes missing updated to the language POT file.
- Moves to using a GitHub Release for WordPress.org deployment.
- Removes TravisCI configuration.
* Feature/travis ci to GitHub actions (#282)
* Updates Composer/NPM Dependencies & Adds New GitHub Actions
* Moves All CI/CI Functionality to GitHub Actions
- Updates Composer & NPM dependencies to newer versions.
- Updates default development environment WordPress version to 5.6.x.
- Fixes missing updated to the language POT file.
- Moves to using a GitHub Release for WordPress.org deployment.
- Removes TravisCI configuration.
* Fixes Login Page XSS Issue (#283)
- Adds escaping to the errot output message.
- Adds escaping to the login button output.
* Fixes Broken Redirect URL Handling & Moves Away from Cookies (#289)
* Initial Changes to Move Away from Cookies for Redirects
* Add Redirection via State Transient Support
- Adds adding the login redirection to the state transient.
- Deprecates the use of cookies to handle login redirection.
- Fixes Login button shortcode authentication URL encoding.
- Fixes some broken wp-env local Docker environment issues.
- Fixes make_authentication_url attributes usage.
- Removes error_log calls used for debugging.
* Fixes Missed WordPress Coding Standards Issues
- Updates PHP_CodeSniffer configuration to properly support all checks.
* Fixes Login Button Output for Proper Escaping
* Preparation for Maintenance Release
* Feature/travis ci to GitHub actions (#282)
* Updates Composer/NPM Dependencies & Adds New GitHub Actions
* Moves All CI/CI Functionality to GitHub Actions
- Updates Composer & NPM dependencies to newer versions.
- Updates default development environment WordPress version to 5.6.x.
- Fixes missing updated to the language POT file.
- Moves to using a GitHub Release for WordPress.org deployment.
- Removes TravisCI configuration.
* Fixes Login Page XSS Issue (#283)
- Adds escaping to the errot output message.
- Adds escaping to the login button output.
* Patch Version Bump & Changelog Updates for Release
- Fixes an issue with post password submission results in SSO
authentication when "auto" mode is enabled.
- Fixes issues with TravisCI builds failing due to Composer updates
occurring incorrectly during builds.
- Fixes to allow for WP version changes according to build matrix.
- Updates TravisCI build matrix.
- Reads from defined constants on plugin bootstrap.
- Disabled plugin settings fields when defined constants are used.
_ Prevents savings plugin settings that are using defined constants.
* Fixes missing i18n translation in main plugin file.
* Adds update POT file.
* Enforces i18n checks on commit with GrumPHP.
* Adds i18n check step to Travis CI builds.
* Ensures PHP Code Sniffs continue to pass.
* Fixes all code base issues to pass a level 5 PHP static analysis.
* Updates PHPStan configurations to use a level 5 baseline.
* allow developers to use the plain auth url by shortcode
* prevent to set the redirect cookie on every page request by moving the function call to the formular rendering.
When using wp-cli (eg: rewrite/cache flush), init() will run setcookie() which would trigger "headers already sent by". Just disable module when wp-cli is being used.
Some OpenID Connect providers offer additional functionality by adding
query params to the authentication URL
For example with Azure Active Directory if you pass in
`&domain_hint=REALM` you can customise the way the login screen looks
with your corporate logo etc
落雨楓
Tim Nolte
Tim Nolte
Jonathan Daggerhart
Simon Costea
SYLVAIN PAILLASSE
benoit
Sarah Lewis
Raphaël Droz
cswebservice
Antti Leppä
PJ Eby
Robbie Paul
Moriyoshi Koizumi