* Adds support for setting the redirect cookie when shortcodes are used.
* Adds support for overriding some attributes for authentication URLs
and login buttons when using the shortcodes.
* Fixes code formatting.
Before: a missing state error could be returned for 3 reasons: a token was not provided, the token provided was invalid, or the token provided had expired.
There was no way of knowing which of these was the cause of any single missing state error.
Now: if no token is provided, a missing state error is returned, and the "openid-connect-generic-no-state-provided" action is called.
If the token provided is invalid, an "Invalid state" error is thrown and the "openid-connect-generic-state-not-found" action is called.
If the token provided has expired, an "Invalid state" error is returned and the "openid-connect-generic-state-expired" action is called.
This should allow for more granular error logging around state token errors.
Some OpenID Connect providers offer additional functionality by adding
query params to the authentication URL
For example with Azure Active Directory if you pass in
`&domain_hint=REALM` you can customise the way the login screen looks
with your corporate logo etc
- refresh_token + access_token expiry is sent via encrypted cookie to the browser.
- If cookie is missing or invalid, user is logged out.
- If last access token expired, use refresh token to fetch a new one and send a new cookie.
- If token refresh fails, user is logged out.
- Cookie encryption is with per-user random key stored in user meta.
- Encryption and key generation done using https://github.com/defuse/php-encryption
- Updated autoloader function to support loading namespaced classes.
Tim Nolte
Jonathan Daggerhart
Rob Skilling
James Collier
Simon Costea
SYLVAIN PAILLASSE
Gassan Gousseinov
Shane Mulligan
Matt Varblow
Antti Leppä
Robbie Paul
Adam Hatherly
Raif Atef
wgengarelly
Jonathan Daggerhart