Isekai-Project
/
isekai-openid-connect-generic
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
180 Commits
1 Branch
0 Tags
1.4 MiB
isekai
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f81dbcc6e5'
${ noResults }
Commit Graph

57 Commits (f81dbcc6e5f592a9418a63386a40f81555d6bb45)

Author SHA1 Message Date
Jonathan Daggerhart f81dbcc6e5
Merge pull request #148 from benochen/contribution 
Add a setting checkbox defining the behavior of the client if a user…
 5 years ago
Jonathan Daggerhart 4a84b3c651
Merge pull request #183 from cs1m0n/increment_username_fix 
Increment username just when link_existing_users is off
 5 years ago
Eersink.Michael d21bc60fbc Allow periods and spaces in usernames 
issue #141
 5 years ago
Simon Costea 8c82b86f29 Increment username just when link_existing_users is off 5 years ago
Jonathan Daggerhart f401b3f53b moving openid-connect-generic-alter-user-claim to top of method 5 years ago
Karlo Šimunović 47ea6d6ec3 Add two filters to modify received $token_response and $id_token_claim before validation 
This is related to daggerhart/openid-connect-generic#155
 5 years ago
benoit 66a0b319d4 Add a setting checkbox defining the behavior of the client if a user authenticates with a user not map with existing WP user. If tick the user is created. If not tick the authentication failed 5 years ago
Stephanie 54d6784d44 Allow multiple query params when redirecting back to origin 5 years ago
Jonathan Daggerhart 4955be3b71
Merge pull request #137 from dfredell/patch-1 
More logging on incomplete-user-claim
 5 years ago
Dan Fredell 8c5b265ca7
More logging on incomplete-user-claim 
Add logging so the user can more quickly discover which filed is unavailable during formatting. 
Helps in debugging #91
 6 years ago
gguseynov caf3ea7267 1. run 'openid-connect-generic-update-user-using-current-claim' action 
if existing user was updated
2. add_user_meta with single=true does not overwrite old value
 6 years ago
Gassan Gousseinov 96b25f6c90 added force_redirect parameter and login action 6 years ago
Shane Mulligan 0b51e9c1e5 Change PHP keywords to comply with PSR2 (#116) 
Signed-off-by: CodeLingoBot <bot@codelingo.io>
 6 years ago
Matt Varblow 6917df262f Allow identity providers which do not support the userinfo endpoint. (#100) 
* Allow identity providers which do not support the userinfo endpoint.

* Fixed empty check for userinfo endpoint
 6 years ago
Raphaël Droz f3096b6f14 fix a notice: If using traditional login, $token_response may be empty (#86) 
fix a 404: In Bedrock-like layout configuration, $redirect_url === 'wp-login.php?loggedout=true'
 (which work for local redirection). But canonicalization should take into account the additional /wp/
 prefix. site_url() does meanwhile home_url() does not.
 7 years ago
Raphaël Droz f9c076a5c0 hook: ability to filter claim and derived user data (#84) 7 years ago
Raphaël Droz 6263bee23b google provider: do not attempt to use their not-compliant /revoke endpoint (#83) 7 years ago
Raphaël Droz 58c8b7ac9a disconnect hook: get user meta from information provided by filter parameters (#82) 7 years ago
Raphaël Droz d0b79313c2 fixed a notice when cookie does not contain expected redirect_url (#80) 7 years ago
Raphaël Droz 756c3c05a1 Translit names' special characters (#73) 
When nickname is generated from a full name, intent to translit them to ascii instead of stripping special characters.
 7 years ago
Jonathan Daggerhart a99280600a removed generic wp filter used for request timeout 7 years ago
Jonathan Daggerhart 326efbb416 prefixing generic classes with oidcg comment class names. adjusting autoloading to look for the standardized prefix. 7 years ago
PJ Eby b14554e8fe WP still supports PHP 5.2.4 :( 7 years ago
PJ Eby 662e9fb25b Track refresh token expiration (fixes #51) 7 years ago
PJ Eby caf1324499 Defer logouts to after all WP plugins initialize 7 years ago
PJ Eby 134d0116b8 Drop unnecessary user_meta keys 7 years ago
PJ Eby 7879835b49 Store refresh token in sessions, instead of a cookie 7 years ago
Sven van Hal 3869aa0fde
Terminate authentication_request_callback() after execution 7 years ago
Jonathan Daggerhart 08af84a851 readme and changelog updates. minor whitespace update. 7 years ago
Jonathan Daggerhart 3683cd3286 Merge pull request #42 from daggerhart/redirect-on-logout-as-setting 
New setting to determine if users should be redirected when session expires.
 7 years ago
Jonathan Daggerhart c73d9f6956 new setting allows administrator to determine if users should be redirected when their acces token expires. 7 years ago
skidos 059d672de2 Update openid-connect-generic-client-wrapper.php 
Add id_token_hint to end session logout redirect url 
http://openid.net/specs/openid-connect-session-1_0.html#RPLogout
 8 years ago
Robbie Paul 82162ec753 Escape the error message 
* This commit prevents a possible reflected XSS
 8 years ago
Robbie Paul 672d7292e2 Include wp_login action after auth cookie is set 
* Many plugins will hook in to this action, it should be at the end of any
  WordPress login flow
* See: https://core.trac.wordpress.org/browser/tags/4.7.3/src/wp-includes/user.php#L104
 8 years ago
Jonathan Daggerhart 14133138a7 some method annotation corrections, and minor settings page typoes 8 years ago
Moriyoshi Koizumi 0bbfc3437f More flexible identity settings. 8 years ago
Jonathan Daggerhart e7f390477c fixing error on php 5.4 8 years ago
Jonathan Daggerhart 14d0ec44f6 Allow for the use of an alternate authentication route (redirect_uri) as opposed to the default admin-ajax method 8 years ago
Jonathan Daggerhart 0dc448fee5 clean up autoloader, default settings values, and validate refresh token result before attempting response 8 years ago
Jonathan Daggerhart 6e9790c221 adding comments on new functions 8 years ago
Raif Atef 69930fcd3c OpenID Connect end_session_endpoint integrated logout support. 8 years ago
Raif Atef 38f78cc274 If IdP doesn't issue a refresh token, expire the session when the access token expires. 8 years ago
Raif Atef 2ff33dba41 Move redirect cookie set earlier to save origin on error redirect and clear it during the redirect. 8 years ago
Raif Atef a47f6d2bfc Refresh tokens when needed instead of logging out when access_token expires. 
- refresh_token + access_token expiry is sent via encrypted cookie to the browser.
- If cookie is missing or invalid, user is logged out.
- If last access token expired, use refresh token to fetch a new one and send a new cookie.
- If token refresh fails, user is logged out.
- Cookie encryption is with per-user random key stored in user meta.
- Encryption and key generation done using https://github.com/defuse/php-encryption
- Updated autoloader function to support loading namespaced classes.
 8 years ago
wgengarelly 257216e148 Added [openid-connect-generic-update-user-using-current-claim] action hook allowing other plugins/themes 
to take action using the fresh claims received when an existing user logs in.
 9 years ago
Robert Staddon db32baa60e Allow users to login with WP account after using OpenID Connect 
Resolve a bug that prevented users from logging in with their WordPress
credentials after having logged in via OpenID Connect.
 9 years ago
Robert Staddon f5c5ff8908 Add an action hook before the redirect 9 years ago
Robert Staddon 398612eaf1 Redirect to origin page instead of home page if setting enabled 
To know the origin page URL, read the value of a cookie that was set
when the button was created.
 9 years ago
Robert Staddon 9371b8132f Only link existing users if the setting is enabled 9 years ago
Robert Staddon 494cb43c49 Only link existing user if the setting is enabled 9 years ago