f3096b6f14
fix a notice: If using traditional login, $token_response may be empty ( #86 )
...
fix a 404: In Bedrock-like layout configuration, $redirect_url === 'wp-login.php?loggedout=true'
(which work for local redirection). But canonicalization should take into account the additional /wp/
prefix. site_url() does meanwhile home_url() does not.
7 years ago
f9c076a5c0
hook: ability to filter claim and derived user data ( #84 )
7 years ago
6263bee23b
google provider: do not attempt to use their not-compliant /revoke endpoint ( #83 )
7 years ago
58c8b7ac9a
disconnect hook: get user meta from information provided by filter parameters ( #82 )
7 years ago
d0b79313c2
fixed a notice when cookie does not contain expected redirect_url ( #80 )
7 years ago
756c3c05a1
Translit names' special characters ( #73 )
...
When nickname is generated from a full name, intent to translit them to ascii instead of stripping special characters.
7 years ago
a99280600a
removed generic wp filter used for request timeout
7 years ago
326efbb416
prefixing generic classes with oidcg comment class names. adjusting autoloading to look for the standardized prefix.
7 years ago
b14554e8fe
WP still supports PHP 5.2.4 :(
7 years ago
662e9fb25b
Track refresh token expiration ( fixes #51 )
7 years ago
caf1324499
Defer logouts to after all WP plugins initialize
7 years ago
134d0116b8
Drop unnecessary user_meta keys
7 years ago
7879835b49
Store refresh token in sessions, instead of a cookie
7 years ago
3869aa0fde
Terminate authentication_request_callback() after execution
7 years ago
08af84a851
readme and changelog updates. minor whitespace update.
7 years ago
3683cd3286
Merge pull request #42 from daggerhart/redirect-on-logout-as-setting
...
New setting to determine if users should be redirected when session expires.
7 years ago
c73d9f6956
new setting allows administrator to determine if users should be redirected when their acces token expires.
7 years ago
059d672de2
Update openid-connect-generic-client-wrapper.php
...
Add id_token_hint to end session logout redirect url
http://openid.net/specs/openid-connect-session-1_0.html#RPLogout
7 years ago
82162ec753
Escape the error message
...
* This commit prevents a possible reflected XSS
8 years ago
672d7292e2
Include wp_login action after auth cookie is set
...
* Many plugins will hook in to this action, it should be at the end of any
WordPress login flow
* See: https://core.trac.wordpress.org/browser/tags/4.7.3/src/wp-includes/user.php#L104
8 years ago
14133138a7
some method annotation corrections, and minor settings page typoes
8 years ago
0bbfc3437f
More flexible identity settings.
8 years ago
e7f390477c
fixing error on php 5.4
8 years ago
14d0ec44f6
Allow for the use of an alternate authentication route (redirect_uri) as opposed to the default admin-ajax method
8 years ago
0dc448fee5
clean up autoloader, default settings values, and validate refresh token result before attempting response
8 years ago
6e9790c221
adding comments on new functions
8 years ago
69930fcd3c
OpenID Connect end_session_endpoint integrated logout support.
8 years ago
38f78cc274
If IdP doesn't issue a refresh token, expire the session when the access token expires.
8 years ago
2ff33dba41
Move redirect cookie set earlier to save origin on error redirect and clear it during the redirect.
8 years ago
a47f6d2bfc
Refresh tokens when needed instead of logging out when access_token expires.
...
- refresh_token + access_token expiry is sent via encrypted cookie to the browser.
- If cookie is missing or invalid, user is logged out.
- If last access token expired, use refresh token to fetch a new one and send a new cookie.
- If token refresh fails, user is logged out.
- Cookie encryption is with per-user random key stored in user meta.
- Encryption and key generation done using https://github.com/defuse/php-encryption
- Updated autoloader function to support loading namespaced classes.
8 years ago
257216e148
Added [openid-connect-generic-update-user-using-current-claim] action hook allowing other plugins/themes
...
to take action using the fresh claims received when an existing user logs in.
9 years ago
db32baa60e
Allow users to login with WP account after using OpenID Connect
...
Resolve a bug that prevented users from logging in with their WordPress
credentials after having logged in via OpenID Connect.
9 years ago
f5c5ff8908
Add an action hook before the redirect
9 years ago
398612eaf1
Redirect to origin page instead of home page if setting enabled
...
To know the origin page URL, read the value of a cookie that was set
when the button was created.
9 years ago
9371b8132f
Only link existing users if the setting is enabled
9 years ago
494cb43c49
Only link existing user if the setting is enabled
9 years ago
1de016485b
Allow users with existing WordPress accounts to sign in
...
An error occurs if a user with an existing WordPress account tries to
sign in using OpenID Connect. This patch fixes this problem by adding
the OpenID Connect meta data to the existing user's account after
successful authorization.
9 years ago
7905bfdd12
incrementing version, updating readmes
9 years ago
94dd945843
fixing desired_username variable typo
9 years ago
6715eb2baf
using wp's is_ssl() function for setcookie()'s secure parameter
9 years ago
ada93ba4f3
Added setting for http_response_timeout
9 years ago
c646078421
refactoring some internal settings for clarity
9 years ago
2e3167fa20
major refactor to separate responsibility
9 years ago
Raphaël Droz
Jonathan Daggerhart
PJ Eby
Sven van Hal
skidos
Robbie Paul
Moriyoshi Koizumi
Raif Atef
wgengarelly
Robert Staddon
Jonathan Daggerhart