326efbb416
prefixing generic classes with oidcg comment class names. adjusting autoloading to look for the standardized prefix.
7 years ago
6f077c932a
incrementing to 3.3.x, updating readmes and changelog
7 years ago
e02e455965
Merge pull request #52 from dirtsimple/wp_tokens
...
Simplify refresh/logout handling (to fix #49 , #50 , and #51 )
7 years ago
e541a9f3b4
updating version
7 years ago
134d0116b8
Drop unnecessary user_meta keys
7 years ago
08af84a851
readme and changelog updates. minor whitespace update.
7 years ago
c73d9f6956
new setting allows administrator to determine if users should be redirected when their acces token expires.
7 years ago
69a431793f
Authentication URL can be modified
...
Some OpenID Connect providers offer additional functionality by adding
query params to the authentication URL
For example with Azure Active Directory if you pass in
`&domain_hint=REALM` you can customise the way the login screen looks
with your corporate logo etc
8 years ago
b8ad2dd560
updating version and readmes
8 years ago
0bbfc3437f
More flexible identity settings.
8 years ago
14d0ec44f6
Allow for the use of an alternate authentication route (redirect_uri) as opposed to the default admin-ajax method
8 years ago
0dc448fee5
clean up autoloader, default settings values, and validate refresh token result before attempting response
8 years ago
403aa6ddeb
changing next-version number to represent a new features in the update
8 years ago
9992960752
updating plugin version and readme files
8 years ago
fede005f1f
fix autoloader for diff environments, use wp_remote_post instead of ‘get’, and move cookie setting to hook init
8 years ago
a47f6d2bfc
Refresh tokens when needed instead of logging out when access_token expires.
...
- refresh_token + access_token expiry is sent via encrypted cookie to the browser.
- If cookie is missing or invalid, user is logged out.
- If last access token expired, use refresh token to fetch a new one and send a new cookie.
- If token refresh fails, user is logged out.
- Cookie encryption is with per-user random key stored in user meta.
- Encryption and key generation done using https://github.com/defuse/php-encryption
- Updated autoloader function to support loading namespaced classes.
8 years ago
257216e148
Added [openid-connect-generic-update-user-using-current-claim] action hook allowing other plugins/themes
...
to take action using the fresh claims received when an existing user logs in.
9 years ago
960f475aad
Update readme and version numbers for 3.0.6
9 years ago
8852c9d52e
Increment version and update readme
9 years ago
7905bfdd12
incrementing version, updating readmes
9 years ago
e6da3154a4
incrementing version 3.0.2
9 years ago
ada93ba4f3
Added setting for http_response_timeout
9 years ago
d0ceb60a37
settings upgrade to follow refactoring
9 years ago
822c2befd3
typo in hook name
9 years ago
af0bbe6bbe
updating version number and readme. prepared upgrade flow
9 years ago
c646078421
refactoring some internal settings for clarity
9 years ago
2e3167fa20
major refactor to separate responsibility
9 years ago
0ddb501a55
whitespace- switching to sweet-sweet tabs
9 years ago
782e674def
first attempt at logging. needs a big refactor some day
9 years ago
bac8b481d6
changing how usernames are determined.
9 years ago
3a04abcb4f
fixing old debug code
10 years ago
506ac3b338
fixing bad identity_key check
10 years ago
fe3896099d
un-lazying approach to getting the first user from a query result
10 years ago
8cce143275
admin field fixes
10 years ago
a1023f966d
more hooks for other plugins and themes to interrupt the login or user creation flow. new hook for custom handling of user_claims
10 years ago
8f792be29e
typos and touch ups
10 years ago
76be3ba371
Added readme, improved some comments
10 years ago
7ce9613650
initial commit of working plugin
10 years ago
Jonathan Daggerhart
PJ Eby
Robbie Paul
Moriyoshi Koizumi
Raif Atef
wgengarelly
Robert Staddon
Jonathan Daggerhart