Isekai-Project
/
isekai-openid-connect-generic
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
184 Commits
1 Branch
0 Tags
1.4 MiB
isekai
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '3ff22090dd'
${ noResults }
Commit Graph

184 Commits (3ff22090dda8681fe7d9472a911dbf5bc3f160d1)
 

Author SHA1 Message Date
Jonathan Daggerhart 814a7e6ca7 Merge pull request #31 from robbiepaul/dev 
Calls the wp_login action at the end of the login flow
 8 years ago
Robbie Paul 82162ec753 Escape the error message 
* This commit prevents a possible reflected XSS
 8 years ago
Robbie Paul 672d7292e2 Include wp_login action after auth cookie is set 
* Many plugins will hook in to this action, it should be at the end of any
  WordPress login flow
* See: https://core.trac.wordpress.org/browser/tags/4.7.3/src/wp-includes/user.php#L104
 8 years ago
Jonathan Daggerhart b8ad2dd560 updating version and readmes 8 years ago
Jonathan Daggerhart 61c549189c adding port to the request headers per issue #30 8 years ago
Jonathan Daggerhart 14133138a7 some method annotation corrections, and minor settings page typoes 8 years ago
Jonathan Daggerhart 54c43eb2b9 Merge pull request #27 from opencollector/moriyoshi/more-flexible-identity-settings 
More flexible identity settings.
 8 years ago
Moriyoshi Koizumi 0bbfc3437f More flexible identity settings. 8 years ago
Jonathan Daggerhart e723799397 updating change log with new reverse proxy support feature 8 years ago
Jonathan Daggerhart 4866765768 Merge pull request #25 from ahatherly/master 
Set the Host header on http requests to openid-connect endpoint
 8 years ago
Adam Hatherly 2281246816 Set the Host header on http requests to openid-connect endpoint so it works behind a reverse proxy 8 years ago
Jonathan Daggerhart e7f390477c fixing error on php 5.4 8 years ago
Jonathan Daggerhart e4b1340dff updating readmes for alternate redirect_uri 8 years ago
Jonathan Daggerhart 14d0ec44f6 Allow for the use of an alternate authentication route (redirect_uri) as opposed to the default admin-ajax method 8 years ago
Jonathan Daggerhart 0dc448fee5 clean up autoloader, default settings values, and validate refresh token result before attempting response 8 years ago
Jonathan Daggerhart aafb5f7a2c minor logger and settings page documentation improvements 8 years ago
Jonathan Daggerhart 6e9790c221 adding comments on new functions 8 years ago
Jonathan Daggerhart 403aa6ddeb changing next-version number to represent a new features in the update 8 years ago
Jonathan Daggerhart 9992960752 updating plugin version and readme files 8 years ago
Jonathan Daggerhart 37579f7a90 Merge pull request #24 from rwasef1830/oidc_integrated_logout 
OpenID Connect end_session_endpoint integrated logout support
 8 years ago
Raif Atef 69930fcd3c OpenID Connect end_session_endpoint integrated logout support. 8 years ago
Jonathan Daggerhart 0f2d8fc5a8 moving auto login redirect to a method that fires during hook init 8 years ago
Jonathan Daggerhart ef97d0b8b8 Merge pull request #19 from rwasef1830/keep_oidc_button_on_login_with_error 
In case of an error redirect and auto sso, keep the button and hide the normal form
 8 years ago
Raif Atef c377e50cfa In case of an error redirect and auto sso, keep the openid connect button and hide the login form. 8 years ago
Jonathan Daggerhart fede005f1f fix autoloader for diff environments, use wp_remote_post instead of ‘get’, and move cookie setting to hook init 8 years ago
Jonathan Daggerhart bf60b37f7e Merge pull request #22 from rwasef1830/handle_optional_refresh_token 
If IdP doesn't issue a refresh token, expire the session when the access token expires
 8 years ago
Raif Atef 38f78cc274 If IdP doesn't issue a refresh token, expire the session when the access token expires. 8 years ago
Jonathan Daggerhart 2655668089 Merge pull request #20 from rwasef1830/fix_redirect_to_origin_for_error_redirect 
Working to fix "redirect to origin" for error redirect
 8 years ago
Raif Atef 2ff33dba41 Move redirect cookie set earlier to save origin on error redirect and clear it during the redirect. 8 years ago
Robert Staddon 954b72848f Merge pull request #18 from rwasef1830/refresh_token_support 
Refresh tokens when needed instead of logging out when access_token expires
 8 years ago
Raif Atef a47f6d2bfc Refresh tokens when needed instead of logging out when access_token expires. 
- refresh_token + access_token expiry is sent via encrypted cookie to the browser.
- If cookie is missing or invalid, user is logged out.
- If last access token expired, use refresh token to fetch a new one and send a new cookie.
- If token refresh fails, user is logged out.
- Cookie encryption is with per-user random key stored in user meta.
- Encryption and key generation done using https://github.com/defuse/php-encryption
- Updated autoloader function to support loading namespaced classes.
 8 years ago
Robert Staddon 29c223c606 Merge pull request #17 from daggerhart/master 
Make token_type check in validate_token_response case-insensitive (Fixes issue #15).
 8 years ago
Robert Staddon 5d0ad04123 Merge pull request #16 from rwasef1830/token_type_case_insensitive 
Fix issue #15
 8 years ago
Raif Atef d8a043a6c7 Make token_type check in validate_token_response case-insensitive (Fixes issue #15). 8 years ago
Robert Staddon f2d2a8083b Merge pull request #10 from wgengarelly/master 
Added hook for existing user login allowing others to take action using updated claims
 9 years ago
wgengarelly 257216e148 Added [openid-connect-generic-update-user-using-current-claim] action hook allowing other plugins/themes 
to take action using the fresh claims received when an existing user logs in.
 9 years ago
Robert Staddon 1c471f84ed Merge pull request #9 from wgengarelly/master 
Send access token in the Authorization header when requesting user info
 9 years ago
wgengarelly 08d9f58d0d When requesting userinfo, send the access token using the Authorization header field as recommended in section 5.3.1 of the specs. 9 years ago
Robert Staddon 1002943a22 Merge pull request #8 from robertstaddon/master 
Allow users to login with WP account after using OpenID Connect
 9 years ago
Robert Staddon 960f475aad Update readme and version numbers for 3.0.6 9 years ago
Robert Staddon db32baa60e Allow users to login with WP account after using OpenID Connect 
Resolve a bug that prevented users from logging in with their WordPress
credentials after having logged in via OpenID Connect.
 9 years ago
Robert Staddon 326a2cd213 Merge remote-tracking branch 'refs/remotes/daggerhart/master' 9 years ago
Robert Staddon e2ab1b18d8 Merge pull request #6 from robertstaddon/master 
Add OpenID Connect button shortcode for insertion on any login form
 9 years ago
Robert Staddon f5c5ff8908 Add an action hook before the redirect 9 years ago
Robert Staddon 74153ec363 Support "redirect_to" parameter on login page 9 years ago
Robert Staddon 6cd6cc126a Record the URL of the current page when creating a login button 9 years ago
Robert Staddon 398612eaf1 Redirect to origin page instead of home page if setting enabled 
To know the origin page URL, read the value of a cookie that was set
when the button was created.
 9 years ago
Robert Staddon 6b5d6a9782 Add "Redirect Back to Origin Page" setting 
This setting would override the default action of redirecting the user
to the home page after a successful login and instead redirect the user
back to the page on which they clicked the OpenID Connect login button.
This would cause the login process to proceed in a traditional WordPress
fashion.
 9 years ago
Robert Staddon 669e3b8030 Add shortcode for login button 
[openid_connect_generic_login_button]
 9 years ago
Robert Staddon 8852c9d52e Increment version and update readme 9 years ago