61c549189c
adding port to the request headers per issue #30
8 years ago
14133138a7
some method annotation corrections, and minor settings page typoes
8 years ago
4866765768
Merge pull request #25 from ahatherly/master
...
Set the Host header on http requests to openid-connect endpoint
8 years ago
2281246816
Set the Host header on http requests to openid-connect endpoint so it works behind a reverse proxy
8 years ago
6e9790c221
adding comments on new functions
8 years ago
fede005f1f
fix autoloader for diff environments, use wp_remote_post instead of ‘get’, and move cookie setting to hook init
8 years ago
a47f6d2bfc
Refresh tokens when needed instead of logging out when access_token expires.
...
- refresh_token + access_token expiry is sent via encrypted cookie to the browser.
- If cookie is missing or invalid, user is logged out.
- If last access token expired, use refresh token to fetch a new one and send a new cookie.
- If token refresh fails, user is logged out.
- Cookie encryption is with per-user random key stored in user meta.
- Encryption and key generation done using https://github.com/defuse/php-encryption
- Updated autoloader function to support loading namespaced classes.
8 years ago
d8a043a6c7
Make token_type check in validate_token_response case-insensitive (Fixes issue #15 ).
8 years ago
08d9f58d0d
When requesting userinfo, send the access token using the Authorization header field as recommended in section 5.3.1 of the specs.
9 years ago
4db956c119
bug: wrong variable as error data
9 years ago
ada93ba4f3
Added setting for http_response_timeout
9 years ago
9b2dd29659
Method comments, and unique errors
9 years ago
c646078421
refactoring some internal settings for clarity
9 years ago
2e3167fa20
major refactor to separate responsibility
9 years ago
Jonathan Daggerhart
Adam Hatherly
Raif Atef
wgengarelly
Jonathan Daggerhart