Isekai-Project
/
isekai-openid-connect-generic
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
70 Commits
1 Branch
0 Tags
1.4 MiB
isekai
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '0dc448fee5'
${ noResults }
Commit Graph

19 Commits (0dc448fee5be7e72e2c61885cafc6e86a86a27e7)

Author SHA1 Message Date
Jonathan Daggerhart 0dc448fee5 clean up autoloader, default settings values, and validate refresh token result before attempting response 8 years ago
Jonathan Daggerhart 6e9790c221 adding comments on new functions 8 years ago
Raif Atef 69930fcd3c OpenID Connect end_session_endpoint integrated logout support. 8 years ago
Raif Atef 38f78cc274 If IdP doesn't issue a refresh token, expire the session when the access token expires. 8 years ago
Raif Atef 2ff33dba41 Move redirect cookie set earlier to save origin on error redirect and clear it during the redirect. 8 years ago
Raif Atef a47f6d2bfc Refresh tokens when needed instead of logging out when access_token expires. 
- refresh_token + access_token expiry is sent via encrypted cookie to the browser.
- If cookie is missing or invalid, user is logged out.
- If last access token expired, use refresh token to fetch a new one and send a new cookie.
- If token refresh fails, user is logged out.
- Cookie encryption is with per-user random key stored in user meta.
- Encryption and key generation done using https://github.com/defuse/php-encryption
- Updated autoloader function to support loading namespaced classes.
 8 years ago
wgengarelly 257216e148 Added [openid-connect-generic-update-user-using-current-claim] action hook allowing other plugins/themes 
to take action using the fresh claims received when an existing user logs in.
 9 years ago
Robert Staddon db32baa60e Allow users to login with WP account after using OpenID Connect 
Resolve a bug that prevented users from logging in with their WordPress
credentials after having logged in via OpenID Connect.
 9 years ago
Robert Staddon f5c5ff8908 Add an action hook before the redirect 9 years ago
Robert Staddon 398612eaf1 Redirect to origin page instead of home page if setting enabled 
To know the origin page URL, read the value of a cookie that was set
when the button was created.
 9 years ago
Robert Staddon 9371b8132f Only link existing users if the setting is enabled 9 years ago
Robert Staddon 494cb43c49 Only link existing user if the setting is enabled 9 years ago
Robert Staddon 1de016485b Allow users with existing WordPress accounts to sign in 
An error occurs if a user with an existing WordPress account tries to
sign in using OpenID Connect. This patch fixes this problem by adding
the OpenID Connect meta data to the existing user's account after
successful authorization.
 9 years ago
daggerhart 7905bfdd12 incrementing version, updating readmes 9 years ago
daggerhart 94dd945843 fixing desired_username variable typo 9 years ago
daggerhart 6715eb2baf using wp's is_ssl() function for setcookie()'s secure parameter 9 years ago
Jonathan Daggerhart ada93ba4f3 Added setting for http_response_timeout 9 years ago
Jonathan Daggerhart c646078421 refactoring some internal settings for clarity 9 years ago
Jonathan Daggerhart 2e3167fa20 major refactor to separate responsibility 9 years ago