Isekai-Project
/
isekai-openid-connect-generic
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
140 Commits
1 Branch
0 Tags
1.4 MiB
isekai
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f33225fc2c'
${ noResults }
Commit Graph

72 Commits (f33225fc2cd254edd9b41878cb9c690eddebd9dd)

Author SHA1 Message Date
Jonathan Daggerhart f33225fc2c
Issue #108: Attempt to fix regression for cookie during auto flow (#119) 6 years ago
Jonathan Daggerhart 6dfb0fafa5
Issue #76: Avoid double question marks in auth url query string (#120) 6 years ago
Shane Mulligan 0b51e9c1e5 Change PHP keywords to comply with PSR2 (#116) 
Signed-off-by: CodeLingoBot <bot@codelingo.io>
 6 years ago
Slavic Dragovtev 6ecb69f1cb Allow override of the plugin by posting credentials to wp-login.php (#118) 
* allow overriding the plugin if credentials are POSTed to wp-login.php

* fix indentation to be consistent
 6 years ago
Jonathan Daggerhart 4d7939e9e5
Bug with some special char in the firstname or lastname 
Add str_replace because token is encoded in base64 URL (and not just base64).
Solves the problem with some special char
Re: #101
 6 years ago
Jonathan Daggerhart 0d4e4bd006 additional error detection on user_claim 6 years ago
Matt Varblow 6917df262f Allow identity providers which do not support the userinfo endpoint. (#100) 
* Allow identity providers which do not support the userinfo endpoint.

* Fixed empty check for userinfo endpoint
 6 years ago
cswebservice 54f3ff4193 allow developers to use the plain auth url by shortcode (#98) 
* allow developers to use the plain auth url by shortcode

* prevent to set the redirect cookie on every page request by moving the function call to the formular rendering.
 6 years ago
Raphaël Droz f3096b6f14 fix a notice: If using traditional login, $token_response may be empty (#86) 
fix a 404: In Bedrock-like layout configuration, $redirect_url === 'wp-login.php?loggedout=true'
 (which work for local redirection). But canonicalization should take into account the additional /wp/
 prefix. site_url() does meanwhile home_url() does not.
 7 years ago
Raphaël Droz f9c076a5c0 hook: ability to filter claim and derived user data (#84) 7 years ago
Raphaël Droz 6263bee23b google provider: do not attempt to use their not-compliant /revoke endpoint (#83) 7 years ago
Raphaël Droz 58c8b7ac9a disconnect hook: get user meta from information provided by filter parameters (#82) 7 years ago
Raphaël Droz d0b79313c2 fixed a notice when cookie does not contain expected redirect_url (#80) 7 years ago
Raphaël Droz 756c3c05a1 Translit names' special characters (#73) 
When nickname is generated from a full name, intent to translit them to ascii instead of stripping special characters.
 7 years ago
Antti Leppä 56bd5718e6 Feature #68 state time limit option (#69) 
* Added an option for state time limit on the settings page
 7 years ago
Jonathan Daggerhart a99280600a removed generic wp filter used for request timeout 7 years ago
Jonathan Daggerhart 326efbb416 prefixing generic classes with oidcg comment class names. adjusting autoloading to look for the standardized prefix. 7 years ago
PJ Eby b14554e8fe WP still supports PHP 5.2.4 :( 7 years ago
PJ Eby 662e9fb25b Track refresh token expiration (fixes #51) 7 years ago
PJ Eby caf1324499 Defer logouts to after all WP plugins initialize 7 years ago
PJ Eby 134d0116b8 Drop unnecessary user_meta keys 7 years ago
PJ Eby 7879835b49 Store refresh token in sessions, instead of a cookie 7 years ago
Sven van Hal 3869aa0fde
Terminate authentication_request_callback() after execution 7 years ago
Jonathan Daggerhart 08af84a851 readme and changelog updates. minor whitespace update. 7 years ago
Jonathan Daggerhart 3683cd3286 Merge pull request #42 from daggerhart/redirect-on-logout-as-setting 
New setting to determine if users should be redirected when session expires.
 7 years ago
Jonathan Daggerhart c73d9f6956 new setting allows administrator to determine if users should be redirected when their acces token expires. 7 years ago
skidos 059d672de2 Update openid-connect-generic-client-wrapper.php 
Add id_token_hint to end session logout redirect url 
http://openid.net/specs/openid-connect-session-1_0.html#RPLogout
 7 years ago
Robbie Paul 69a431793f Authentication URL can be modified 
Some OpenID Connect providers offer additional functionality by adding
query params to the authentication URL

For example with Azure Active Directory if you pass in
`&domain_hint=REALM` you can customise the way the login screen looks
with your corporate logo etc
 8 years ago
Robbie Paul 82162ec753 Escape the error message 
* This commit prevents a possible reflected XSS
 8 years ago
Robbie Paul 672d7292e2 Include wp_login action after auth cookie is set 
* Many plugins will hook in to this action, it should be at the end of any
  WordPress login flow
* See: https://core.trac.wordpress.org/browser/tags/4.7.3/src/wp-includes/user.php#L104
 8 years ago
Jonathan Daggerhart 61c549189c adding port to the request headers per issue #30 8 years ago
Jonathan Daggerhart 14133138a7 some method annotation corrections, and minor settings page typoes 8 years ago
Moriyoshi Koizumi 0bbfc3437f More flexible identity settings. 8 years ago
Jonathan Daggerhart 4866765768 Merge pull request #25 from ahatherly/master 
Set the Host header on http requests to openid-connect endpoint
 8 years ago
Adam Hatherly 2281246816 Set the Host header on http requests to openid-connect endpoint so it works behind a reverse proxy 8 years ago
Jonathan Daggerhart e7f390477c fixing error on php 5.4 8 years ago
Jonathan Daggerhart 14d0ec44f6 Allow for the use of an alternate authentication route (redirect_uri) as opposed to the default admin-ajax method 8 years ago
Jonathan Daggerhart 0dc448fee5 clean up autoloader, default settings values, and validate refresh token result before attempting response 8 years ago
Jonathan Daggerhart aafb5f7a2c minor logger and settings page documentation improvements 8 years ago
Jonathan Daggerhart 6e9790c221 adding comments on new functions 8 years ago
Raif Atef 69930fcd3c OpenID Connect end_session_endpoint integrated logout support. 8 years ago
Jonathan Daggerhart 0f2d8fc5a8 moving auto login redirect to a method that fires during hook init 8 years ago
Raif Atef c377e50cfa In case of an error redirect and auto sso, keep the openid connect button and hide the login form. 8 years ago
Jonathan Daggerhart fede005f1f fix autoloader for diff environments, use wp_remote_post instead of ‘get’, and move cookie setting to hook init 8 years ago
Raif Atef 38f78cc274 If IdP doesn't issue a refresh token, expire the session when the access token expires. 8 years ago
Raif Atef 2ff33dba41 Move redirect cookie set earlier to save origin on error redirect and clear it during the redirect. 8 years ago
Raif Atef a47f6d2bfc Refresh tokens when needed instead of logging out when access_token expires. 
- refresh_token + access_token expiry is sent via encrypted cookie to the browser.
- If cookie is missing or invalid, user is logged out.
- If last access token expired, use refresh token to fetch a new one and send a new cookie.
- If token refresh fails, user is logged out.
- Cookie encryption is with per-user random key stored in user meta.
- Encryption and key generation done using https://github.com/defuse/php-encryption
- Updated autoloader function to support loading namespaced classes.
 8 years ago
Raif Atef d8a043a6c7 Make token_type check in validate_token_response case-insensitive (Fixes issue #15). 8 years ago
wgengarelly 257216e148 Added [openid-connect-generic-update-user-using-current-claim] action hook allowing other plugins/themes 
to take action using the fresh claims received when an existing user logs in.
 9 years ago
wgengarelly 08d9f58d0d When requesting userinfo, send the access token using the Authorization header field as recommended in section 5.3.1 of the specs. 9 years ago