Version Description
Download this release
Release Info
Developer | danlester |
Plugin | Google Apps Login |
Version | 1.2 |
Comparing to | |
See all releases |
Code changes from version 1.1 to 1.2
- core/core_google_apps_login.php +515 -0
- google_apps_login.php +10 -359
- readme.txt +41 -5
- uninstall.php +1 -1
core/core_google_apps_login.php
ADDED
@@ -0,0 +1,515 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
/**
|
4 |
+
* Plugin component common to all versions of Google Apps Login
|
5 |
+
*/
|
6 |
+
|
7 |
+
class core_google_apps_login {
|
8 |
+
|
9 |
+
public function __construct() {
|
10 |
+
$this->add_actions();
|
11 |
+
}
|
12 |
+
|
13 |
+
protected $newcookievalue = null;
|
14 |
+
protected function get_cookie_value() {
|
15 |
+
if (!$this->newcookievalue) {
|
16 |
+
if (isset($_COOKIE['google_apps_login'])) {
|
17 |
+
$this->newcookievalue = $_COOKIE['google_apps_login'];
|
18 |
+
}
|
19 |
+
else {
|
20 |
+
$this->newcookievalue = md5(rand());
|
21 |
+
}
|
22 |
+
}
|
23 |
+
return $this->newcookievalue;
|
24 |
+
}
|
25 |
+
|
26 |
+
protected function createGoogleClient($options) {
|
27 |
+
require_once( plugin_dir_path(__FILE__).'/../googleclient/Google_Client.php' );
|
28 |
+
require_once( plugin_dir_path(__FILE__).'/../googleclient/contrib/Google_Oauth2Service.php' );
|
29 |
+
|
30 |
+
$client = new Google_Client();
|
31 |
+
$client->setApplicationName("Wordpress Blog");
|
32 |
+
|
33 |
+
$client->setClientId($options['ga_clientid']);
|
34 |
+
$client->setClientSecret($options['ga_clientsecret']);
|
35 |
+
$client->setRedirectUri($this->get_login_url());
|
36 |
+
|
37 |
+
$client->setScopes(Array('openid', 'email', 'https://www.googleapis.com/auth/userinfo.profile'));
|
38 |
+
$client->setApprovalPrompt('auto');
|
39 |
+
|
40 |
+
$oauthservice = new Google_Oauth2Service($client);
|
41 |
+
|
42 |
+
return Array($client, $oauthservice);
|
43 |
+
}
|
44 |
+
|
45 |
+
public function ga_login_styles() { ?>
|
46 |
+
<style type="text/css">
|
47 |
+
form#loginform div.galogin {
|
48 |
+
float: right;
|
49 |
+
margin-top: 28px;
|
50 |
+
background: #DFDFDF;
|
51 |
+
text-align: center;
|
52 |
+
vertical-align: middle;
|
53 |
+
border-radius: 3px;
|
54 |
+
padding: 2px;
|
55 |
+
width: 58%;
|
56 |
+
height: 27px;
|
57 |
+
}
|
58 |
+
|
59 |
+
form#loginform div.galogin a {
|
60 |
+
color: #21759B;
|
61 |
+
position: relative;
|
62 |
+
top: 6px;
|
63 |
+
}
|
64 |
+
|
65 |
+
form#loginform div.galogin a:hover {
|
66 |
+
color: #278AB7;
|
67 |
+
}
|
68 |
+
|
69 |
+
.login .button-primary {
|
70 |
+
float: none;
|
71 |
+
margin-top: 10px;
|
72 |
+
}
|
73 |
+
</style>
|
74 |
+
<?php }
|
75 |
+
|
76 |
+
public function ga_login_form() {
|
77 |
+
$options = $this->get_option_galogin();
|
78 |
+
$clients = $this->createGoogleClient($options);
|
79 |
+
$client = $clients[0];
|
80 |
+
|
81 |
+
// Generate a CSRF token
|
82 |
+
$state = wp_create_nonce('google_apps_login');
|
83 |
+
$client->setState(urlencode($state
|
84 |
+
.'|'.$this->get_cookie_value()
|
85 |
+
.'|'.(array_key_exists('redirect_to', $_REQUEST) ? $_REQUEST['redirect_to'] : '')
|
86 |
+
));
|
87 |
+
|
88 |
+
$authUrl = $client->createAuthUrl();
|
89 |
+
if ($client->getClientId() == "") {
|
90 |
+
$authUrl = "http://wp-glogin.com/installing-google-apps-login/#main-settings";
|
91 |
+
}
|
92 |
+
?>
|
93 |
+
<div class="galogin">
|
94 |
+
<a href="<?php echo $authUrl; ?>">or <b>Login with Google</b></a>
|
95 |
+
</div>
|
96 |
+
<?php
|
97 |
+
}
|
98 |
+
|
99 |
+
public function ga_authenticate($user, $username=null, $password=null) {
|
100 |
+
if (isset($_REQUEST['error'])) {
|
101 |
+
$user = new WP_Error('ga_login_error', $_REQUEST['error'] == 'access_denied' ? 'You did not grant access' : $_REQUEST['error']);
|
102 |
+
return $this->displayAndReturnError($user);
|
103 |
+
}
|
104 |
+
|
105 |
+
$options = $this->get_option_galogin();
|
106 |
+
$clients = $this->createGoogleClient($options);
|
107 |
+
$client = $clients[0];
|
108 |
+
$oauthservice = $clients[1];
|
109 |
+
|
110 |
+
if (isset($_GET['code'])) {
|
111 |
+
if (!isset($_REQUEST['state'])) {
|
112 |
+
$user = new WP_Error('ga_login_error', "Session mismatch - try again, but there could be a problem setting state");
|
113 |
+
return $this->displayAndReturnError($user);
|
114 |
+
}
|
115 |
+
|
116 |
+
$statevars = explode('|', urldecode($_REQUEST['state']));
|
117 |
+
if (count($statevars) != 3) {
|
118 |
+
$user = new WP_Error('ga_login_error', "Session mismatch - try again, but there could be a problem computing state");
|
119 |
+
return $this->displayAndReturnError($user);
|
120 |
+
}
|
121 |
+
$retnonce = $statevars[0];
|
122 |
+
$retcookie = $statevars[1];
|
123 |
+
$retredirectto = $statevars[2];
|
124 |
+
|
125 |
+
if (!wp_verify_nonce($retnonce, 'google_apps_login')) {
|
126 |
+
$user = new WP_Error('ga_login_error', "Session mismatch - try again, but there could be a problem setting nonce");
|
127 |
+
return $this->displayAndReturnError($user);
|
128 |
+
}
|
129 |
+
|
130 |
+
if (!isset($_COOKIE['google_apps_login']) || $retcookie != $_COOKIE['google_apps_login']) {
|
131 |
+
$user = new WP_Error('ga_login_error', "Session mismatch - try again, but there could be a problem setting cookie");
|
132 |
+
return $this->displayAndReturnError($user);
|
133 |
+
}
|
134 |
+
|
135 |
+
try {
|
136 |
+
$client->authenticate($_GET['code']);
|
137 |
+
|
138 |
+
/* userinfo example:
|
139 |
+
"id": "115886881859296909934",
|
140 |
+
"email": "dan@danlester.com",
|
141 |
+
"verified_email": true,
|
142 |
+
"name": "Dan Lester",
|
143 |
+
"given_name": "Dan",
|
144 |
+
"family_name": "Lester",
|
145 |
+
"link": "https://plus.google.com/115886881859296909934",
|
146 |
+
"picture": "https://lh3.googleusercontent.com/-r4WThnaSX8o/AAAAAAAAAAI/AAAAAAAAABE/pEJQwH5wyqM/photo.jpg",
|
147 |
+
"gender": "male",
|
148 |
+
"locale": "en-GB",
|
149 |
+
"hd": "danlester.com"
|
150 |
+
*/
|
151 |
+
$userinfo = $oauthservice->userinfo->get();
|
152 |
+
if ($userinfo && is_array($userinfo) && array_key_exists('email', $userinfo)
|
153 |
+
&& array_key_exists('verified_email', $userinfo)) {
|
154 |
+
|
155 |
+
$google_email = $userinfo['email'];
|
156 |
+
$google_verified_email = $userinfo['verified_email'];
|
157 |
+
|
158 |
+
if (!$google_verified_email) {
|
159 |
+
$user = new WP_Error('ga_login_error', 'Email needs to be verified on your Google Account');
|
160 |
+
}
|
161 |
+
else {
|
162 |
+
$user = get_user_by('email', $google_email);
|
163 |
+
|
164 |
+
if (!$user) {
|
165 |
+
$user = $this->createUserOrError($userinfo, $options);
|
166 |
+
}
|
167 |
+
|
168 |
+
if (!$user) {
|
169 |
+
// Set redirect for next load - including if "" to force reset to no redirect
|
170 |
+
setcookie('galogin_do_redirect_to', $retredirectto, time()+60, '/');
|
171 |
+
// Reset client-side login cookie so it doesn't expire on us next login time
|
172 |
+
setcookie('google_apps_login', '', time()-3600, '/');
|
173 |
+
}
|
174 |
+
}
|
175 |
+
}
|
176 |
+
else {
|
177 |
+
$user = new WP_Error('ga_login_error', "User authenticated OK, but error fetching user details from Google");
|
178 |
+
}
|
179 |
+
} catch (Google_Exception $e) {
|
180 |
+
$user = new WP_Error('ga_login_error', $e->getMessage());
|
181 |
+
}
|
182 |
+
}
|
183 |
+
else {
|
184 |
+
$user = $this->checkRegularWPLogin($user, $username, $password, $options);
|
185 |
+
}
|
186 |
+
|
187 |
+
if (is_wp_error($user)) {
|
188 |
+
$this->checkRegularWPError($user, $username, $password); // May exit
|
189 |
+
$this->displayAndReturnError($user);
|
190 |
+
}
|
191 |
+
|
192 |
+
return $user;
|
193 |
+
}
|
194 |
+
|
195 |
+
protected function createUserOrError($userinfo, $options) {
|
196 |
+
return( new WP_Error('ga_login_error', 'User '.$userinfo['email'].' not registered in Wordpress') );
|
197 |
+
}
|
198 |
+
|
199 |
+
protected function checkRegularWPLogin($user, $username, $password, $options) {
|
200 |
+
return $user;
|
201 |
+
}
|
202 |
+
|
203 |
+
protected function checkRegularWPError($user, $username, $password) {
|
204 |
+
}
|
205 |
+
|
206 |
+
protected function displayAndReturnError($user) {
|
207 |
+
if (is_wp_error($user) && get_bloginfo('version') < 3.7) {
|
208 |
+
// Only newer wordpress versions display errors from $user for us
|
209 |
+
global $error;
|
210 |
+
$error = htmlentities2($user->get_error_message());
|
211 |
+
}
|
212 |
+
return $user;
|
213 |
+
}
|
214 |
+
|
215 |
+
public function ga_init() {
|
216 |
+
if (isset($_COOKIE['galogin_do_redirect_to'])) {
|
217 |
+
$do_redirect = $_COOKIE['galogin_do_redirect_to'];
|
218 |
+
setcookie('galogin_do_redirect_to', '', time()-3600, '/');
|
219 |
+
|
220 |
+
if ($do_redirect != "") {
|
221 |
+
wp_redirect($do_redirect);
|
222 |
+
exit;
|
223 |
+
}
|
224 |
+
}
|
225 |
+
|
226 |
+
if (!isset($_COOKIE['google_apps_login']) && $GLOBALS['pagenow'] == 'wp-login.php') {
|
227 |
+
setcookie('google_apps_login', $this->get_cookie_value(), time()+1800, '/');
|
228 |
+
}
|
229 |
+
}
|
230 |
+
|
231 |
+
protected function get_login_url() {
|
232 |
+
$login_url = wp_login_url();
|
233 |
+
|
234 |
+
if (is_multisite() && defined('SUBDOMAIN_INSTALL') && SUBDOMAIN_INSTALL === false) {
|
235 |
+
$login_url = network_site_url('wp-login.php');
|
236 |
+
}
|
237 |
+
|
238 |
+
if ((force_ssl_login() || force_ssl_admin()) && strtolower(substr($login_url,0,7)) == 'http://') {
|
239 |
+
$login_url = 'https://'.substr($login_url,7);
|
240 |
+
}
|
241 |
+
|
242 |
+
return $login_url;
|
243 |
+
}
|
244 |
+
|
245 |
+
// ADMIN AND OPTIONS
|
246 |
+
// *****************
|
247 |
+
|
248 |
+
protected function get_options_menuname() {
|
249 |
+
return 'galogin_list_options';
|
250 |
+
}
|
251 |
+
|
252 |
+
protected function get_options_pagename() {
|
253 |
+
return 'galogin_options';
|
254 |
+
}
|
255 |
+
|
256 |
+
public function ga_admin_init() {
|
257 |
+
register_setting( $this->get_options_pagename(), $this->get_options_name(), Array($this, 'ga_options_validate') );
|
258 |
+
|
259 |
+
$this->ga_admin_init_main();
|
260 |
+
$this->ga_admin_init_domain();
|
261 |
+
}
|
262 |
+
|
263 |
+
protected function ga_admin_init_main() {
|
264 |
+
add_settings_section('galogin_main_section', 'Main Settings',
|
265 |
+
array($this, 'ga_mainsection_text'), $this->get_options_name());
|
266 |
+
|
267 |
+
add_settings_field('ga_clientid', 'Client ID',
|
268 |
+
array($this, 'ga_do_settings_clientid'), $this->get_options_name(), 'galogin_main_section');
|
269 |
+
add_settings_field('ga_clientsecret', 'Client Secret',
|
270 |
+
array($this, 'ga_do_settings_clientsecret'), $this->get_options_name(), 'galogin_main_section');
|
271 |
+
}
|
272 |
+
|
273 |
+
protected function ga_admin_init_domain() {
|
274 |
+
}
|
275 |
+
|
276 |
+
public function ga_admin_menu() {
|
277 |
+
if (is_multisite()) {
|
278 |
+
add_submenu_page( 'settings.php', 'Google Apps Login settings', 'Google Apps Login',
|
279 |
+
'manage_network_options', $this->get_options_menuname(),
|
280 |
+
array($this, 'ga_options_do_page'));
|
281 |
+
}
|
282 |
+
else {
|
283 |
+
add_options_page('Google Apps Login settings', 'Google Apps Login',
|
284 |
+
'manage_options', $this->get_options_menuname(),
|
285 |
+
array($this, 'ga_options_do_page'));
|
286 |
+
}
|
287 |
+
}
|
288 |
+
|
289 |
+
public function ga_options_do_page() {
|
290 |
+
$submit_page = is_multisite() ? 'edit.php?action='.$this->get_options_menuname() : 'options.php'; //settings.php?page=galogin_list_premium
|
291 |
+
|
292 |
+
if (is_multisite()) {
|
293 |
+
$this->ga_options_do_network_errors();
|
294 |
+
}
|
295 |
+
?>
|
296 |
+
|
297 |
+
<div>
|
298 |
+
<h2>Google Apps Login setup</h2>
|
299 |
+
Set up your website to enable Google logins.
|
300 |
+
<form action="<?php echo $submit_page; ?>" method="post">
|
301 |
+
<?php settings_fields($this->get_options_pagename()); ?>
|
302 |
+
<?php do_settings_sections($this->get_options_name()); ?>
|
303 |
+
|
304 |
+
<input name="Submit" type="submit" value="<?php esc_attr_e('Save Changes'); ?>" />
|
305 |
+
</form></div> <?php
|
306 |
+
}
|
307 |
+
|
308 |
+
protected function ga_options_do_network_errors() {
|
309 |
+
if (isset($_REQUEST['updated']) && $_REQUEST['updated']) {
|
310 |
+
?>
|
311 |
+
<div id="setting-error-settings_updated" class="updated settings-error">
|
312 |
+
<p>
|
313 |
+
<strong>Settings saved.</strong>
|
314 |
+
</p>
|
315 |
+
</div>
|
316 |
+
<?php
|
317 |
+
}
|
318 |
+
|
319 |
+
if (isset($_REQUEST['error_setting']) && is_array($_REQUEST['error_setting'])
|
320 |
+
&& isset($_REQUEST['error_code']) && is_array($_REQUEST['error_code'])) {
|
321 |
+
$error_code = $_REQUEST['error_code'];
|
322 |
+
$error_setting = $_REQUEST['error_setting'];
|
323 |
+
if (count($error_code) > 0 && count($error_code) == count($error_setting)) {
|
324 |
+
for ($i=0; $i<count($error_code) ; ++$i) {
|
325 |
+
?>
|
326 |
+
<div id="setting-error-settings_<?php echo $i; ?>" class="error settings-error">
|
327 |
+
<p>
|
328 |
+
<strong><?php echo htmlentities2($this->get_error_string($error_setting[$i].'|'.$error_code[$i])); ?></strong>
|
329 |
+
</p>
|
330 |
+
</div>
|
331 |
+
<?php
|
332 |
+
}
|
333 |
+
}
|
334 |
+
}
|
335 |
+
}
|
336 |
+
|
337 |
+
public function ga_do_settings_clientid() {
|
338 |
+
$options = $this->get_option_galogin();
|
339 |
+
echo "<input id='input_ga_domainname' name='".$this->get_options_name()."[ga_clientid]' size='80' type='text' value='{$options['ga_clientid']}' />";
|
340 |
+
echo "<br /><span>Normally something like 1234567890123.apps.googleusercontent.com</span>";
|
341 |
+
}
|
342 |
+
|
343 |
+
public function ga_do_settings_clientsecret() {
|
344 |
+
$options = $this->get_option_galogin();
|
345 |
+
echo "<input id='input_ga_clientsecret' name='".$this->get_options_name()."[ga_clientsecret]' size='40' type='text' value='{$options['ga_clientsecret']}' />";
|
346 |
+
echo "<br /><span>Normally something like sHSfR4_jf_2jsy-kjPjgf2dT</span>";
|
347 |
+
}
|
348 |
+
|
349 |
+
public function ga_mainsection_text() {
|
350 |
+
?>
|
351 |
+
<p>The Google Apps domain admin needs to go to
|
352 |
+
<a href="https://cloud.google.com/console" target="_blank">https://cloud.google.com/console</a>. If you
|
353 |
+
are not the domain admin, you may still have permissions to use the console, so just try it. If you are
|
354 |
+
not using Google Apps, then just use your regular Gmail account to access the console.
|
355 |
+
</p>
|
356 |
+
<p>There, create a new project (any name is fine, and just leave Project ID as it is) - you may be required to
|
357 |
+
accept a verification phone call or SMS from Google.</p>
|
358 |
+
|
359 |
+
<p>Then create a Web application within the project. To create the application,
|
360 |
+
you need to click into the new project, then click <i>APIs & Auth</i> in the left-hand menu.
|
361 |
+
Click <i>Registered Apps</i> beneath that, then click the red <i>Register App</i> button.
|
362 |
+
You can choose any name you wish, and make sure you select <i>Web Application</i> as the Platform type.
|
363 |
+
</p>
|
364 |
+
<p>
|
365 |
+
Once you have created the application, you may need to open up the <i>OAuth 2.0 Client ID</i> section to be able to complete
|
366 |
+
the following steps.
|
367 |
+
</p>
|
368 |
+
<p>You must input, into your new Google application, the following items:
|
369 |
+
<ul style="margin-left: 10px;">
|
370 |
+
<li>Web Origin: <?php echo (is_ssl() || force_ssl_login() || force_ssl_admin() ? 'https://' : 'http://').$_SERVER['HTTP_HOST'].'/'; ?></li>
|
371 |
+
<li>Redirect URL: <?php echo $this->get_login_url(); ?></li>
|
372 |
+
</ul>
|
373 |
+
</p>
|
374 |
+
<p>Click Generate. You will see a Client ID and Client Secret which you must copy
|
375 |
+
and paste into the boxes below on this screen - i.e. back in your Wordpress admin, right here.</p>
|
376 |
+
|
377 |
+
<p><b>Optional:</b> In the Google Cloud Console, you can configure some things your users will see when they
|
378 |
+
login. By default, Google will tell them they are authorizing 'Project Default Service Account', which is
|
379 |
+
not very user friendly. You can change this to your company or blog name (and add your logo etc) by clicking
|
380 |
+
<i>Consent screen</i> (which is another sub-menu of <i>APIs & Auth</i>).
|
381 |
+
</p>
|
382 |
+
|
383 |
+
<?php
|
384 |
+
|
385 |
+
$this->ga_section_text_end();
|
386 |
+
}
|
387 |
+
|
388 |
+
protected function ga_section_text_end() {
|
389 |
+
}
|
390 |
+
|
391 |
+
public function ga_options_validate($input) {
|
392 |
+
$newinput = Array();
|
393 |
+
$newinput['ga_clientid'] = trim($input['ga_clientid']);
|
394 |
+
$newinput['ga_clientsecret'] = trim($input['ga_clientsecret']);
|
395 |
+
if(!preg_match('/^.{10}.*$/i', $newinput['ga_clientid'])) {
|
396 |
+
add_settings_error(
|
397 |
+
'ga_clientid',
|
398 |
+
'tooshort_texterror',
|
399 |
+
self::get_error_string('ga_clientid|tooshort_texterror'),
|
400 |
+
'error'
|
401 |
+
);
|
402 |
+
}
|
403 |
+
if(!preg_match('/^.{10}.*$/i', $newinput['ga_clientsecret'])) {
|
404 |
+
add_settings_error(
|
405 |
+
'ga_clientsecret',
|
406 |
+
'tooshort_texterror',
|
407 |
+
self::get_error_string('ga_clientsecret|tooshort_texterror'),
|
408 |
+
'error'
|
409 |
+
);
|
410 |
+
}
|
411 |
+
return $newinput;
|
412 |
+
}
|
413 |
+
|
414 |
+
protected function get_error_string($fielderror) {
|
415 |
+
static $local_error_strings = Array(
|
416 |
+
'ga_clientid|tooshort_texterror' => 'The Client ID should be longer than that',
|
417 |
+
'ga_clientsecret|tooshort_texterror' => 'The Client Secret should be longer than that'
|
418 |
+
);
|
419 |
+
if (isset($local_error_strings[$fielderror])) {
|
420 |
+
return $local_error_strings[$fielderror];
|
421 |
+
}
|
422 |
+
return 'Unspecified error';
|
423 |
+
}
|
424 |
+
|
425 |
+
protected function get_options_name() {
|
426 |
+
return 'galogin';
|
427 |
+
}
|
428 |
+
|
429 |
+
protected function get_default_options() {
|
430 |
+
return Array( 'ga_clientid' => '', 'ga_clientsecret' => '');
|
431 |
+
}
|
432 |
+
|
433 |
+
protected $ga_options = null;
|
434 |
+
protected function get_option_galogin() {
|
435 |
+
if ($this->ga_options != null) {
|
436 |
+
return $this->ga_options;
|
437 |
+
}
|
438 |
+
|
439 |
+
$option = get_site_option($this->get_options_name(), Array());
|
440 |
+
|
441 |
+
$default_options = $this->get_default_options();
|
442 |
+
foreach ($default_options as $k => $v) {
|
443 |
+
if (!isset($option[$k])) {
|
444 |
+
$option[$k] = $v;
|
445 |
+
}
|
446 |
+
}
|
447 |
+
|
448 |
+
$this->ga_options = $option;
|
449 |
+
return $this->ga_options;
|
450 |
+
}
|
451 |
+
|
452 |
+
public function ga_save_network_options() {
|
453 |
+
check_admin_referer( $this->get_options_pagename().'-options' );
|
454 |
+
|
455 |
+
if (isset($_POST[$this->get_options_name()]) && is_array($_POST[$this->get_options_name()])) {
|
456 |
+
$inoptions = $_POST[$this->get_options_name()];
|
457 |
+
$outoptions = $this->ga_options_validate($inoptions);
|
458 |
+
|
459 |
+
$updated = false;
|
460 |
+
if ( !count( get_settings_errors() ) ) {
|
461 |
+
update_site_option($this->get_options_name(), $outoptions);
|
462 |
+
$updated = true;
|
463 |
+
}
|
464 |
+
|
465 |
+
$error_code = Array();
|
466 |
+
$error_setting = Array();
|
467 |
+
foreach (get_settings_errors() as $e) {
|
468 |
+
if (is_array($e) && isset($e['code']) && isset($e['setting'])) {
|
469 |
+
$error_code[] = $e['code'];
|
470 |
+
$error_setting[] = $e['setting'];
|
471 |
+
}
|
472 |
+
}
|
473 |
+
|
474 |
+
// redirect to settings page in network
|
475 |
+
wp_redirect(
|
476 |
+
add_query_arg(
|
477 |
+
array( 'page' => $this->get_options_menuname(),
|
478 |
+
'updated' => $updated,
|
479 |
+
'error_setting' => $error_setting,
|
480 |
+
'error_code' => $error_code ),
|
481 |
+
network_admin_url( 'admin.php' )
|
482 |
+
)
|
483 |
+
);
|
484 |
+
exit;
|
485 |
+
}
|
486 |
+
}
|
487 |
+
|
488 |
+
// HOOKS AND FILTERS
|
489 |
+
// *****************
|
490 |
+
|
491 |
+
protected function add_actions() {
|
492 |
+
add_action('login_enqueue_scripts', array($this, 'ga_login_styles'));
|
493 |
+
add_action('login_form', array($this, 'ga_login_form'));
|
494 |
+
add_action('authenticate', array($this, 'ga_authenticate'), 5, 3);
|
495 |
+
add_action('init', array($this, 'ga_init'), 1);
|
496 |
+
|
497 |
+
add_action('admin_init', array($this, 'ga_admin_init'));
|
498 |
+
|
499 |
+
add_action(is_multisite() ? 'network_admin_menu' : 'admin_menu', array($this, 'ga_admin_menu'));
|
500 |
+
|
501 |
+
if (is_multisite()) {
|
502 |
+
add_action('network_admin_edit_'.$this->get_options_menuname(), array($this, 'ga_save_network_options'));
|
503 |
+
}
|
504 |
+
}
|
505 |
+
|
506 |
+
public static function my_plugin_basename($file) {
|
507 |
+
$basename = plugin_basename($file);
|
508 |
+
if ('/'.$basename == $file) { // Maybe due to symlink
|
509 |
+
$basename = basename(dirname($file)).'/'.basename($file);
|
510 |
+
}
|
511 |
+
return $basename;
|
512 |
+
}
|
513 |
+
}
|
514 |
+
|
515 |
+
?>
|
google_apps_login.php
CHANGED
@@ -4,375 +4,26 @@
|
|
4 |
* Plugin Name: Google Apps Login
|
5 |
* Plugin URI: http://wp-glogin.com/
|
6 |
* Description: Easy login for your Wordpress users by using their Google accounts (uses OAuth2 and requires a Google Apps domain).
|
7 |
-
* Version: 1.
|
8 |
* Author: Dan Lester
|
9 |
* Author URI: http://danlester.com/
|
10 |
* License: GPL3
|
11 |
*/
|
12 |
|
13 |
-
|
14 |
-
|
15 |
-
public function __construct() {
|
16 |
-
$this->add_actions();
|
17 |
-
}
|
18 |
-
|
19 |
-
protected $newcookievalue = null;
|
20 |
-
protected function get_cookie_value() {
|
21 |
-
if (!$this->newcookievalue) {
|
22 |
-
if (isset($_COOKIE['google_apps_login'])) {
|
23 |
-
$this->newcookievalue = $_COOKIE['google_apps_login'];
|
24 |
-
}
|
25 |
-
else {
|
26 |
-
$this->newcookievalue = md5(rand());
|
27 |
-
}
|
28 |
-
}
|
29 |
-
return $this->newcookievalue;
|
30 |
-
}
|
31 |
-
|
32 |
-
protected function createGoogleClient($options) {
|
33 |
-
require_once 'googleclient/Google_Client.php';
|
34 |
-
require_once 'googleclient/contrib/Google_Oauth2Service.php';
|
35 |
-
|
36 |
-
$client = new Google_Client();
|
37 |
-
$client->setApplicationName("Wordpress Blog");
|
38 |
-
|
39 |
-
$client->setClientId($options['ga_clientid']);
|
40 |
-
$client->setClientSecret($options['ga_clientsecret']);
|
41 |
-
$client->setRedirectUri(wp_login_url());
|
42 |
-
|
43 |
-
$client->setScopes(Array('openid', 'email', 'https://www.googleapis.com/auth/userinfo.profile'));
|
44 |
-
$client->setApprovalPrompt('auto');
|
45 |
-
|
46 |
-
$oauthservice = new Google_Oauth2Service($client);
|
47 |
-
|
48 |
-
return Array($client, $oauthservice);
|
49 |
-
}
|
50 |
-
|
51 |
-
public function ga_login_styles() { ?>
|
52 |
-
<style type="text/css">
|
53 |
-
form#loginform div.galogin {
|
54 |
-
float: right;
|
55 |
-
margin-top: 28px;
|
56 |
-
background: #DFDFDF;
|
57 |
-
text-align: center;
|
58 |
-
vertical-align: middle;
|
59 |
-
border-radius: 3px;
|
60 |
-
padding: 2px;
|
61 |
-
width: 58%;
|
62 |
-
height: 27px;
|
63 |
-
}
|
64 |
-
|
65 |
-
form#loginform div.galogin a {
|
66 |
-
color: #21759B;
|
67 |
-
position: relative;
|
68 |
-
top: 6px;
|
69 |
-
}
|
70 |
-
|
71 |
-
form#loginform div.galogin a:hover {
|
72 |
-
color: #278AB7;
|
73 |
-
}
|
74 |
-
|
75 |
-
.login .button-primary {
|
76 |
-
float: none;
|
77 |
-
margin-top: 10px;
|
78 |
-
}
|
79 |
-
</style>
|
80 |
-
<?php }
|
81 |
-
|
82 |
-
public function ga_login_form() {
|
83 |
-
$options = $this->get_option_galogin();
|
84 |
-
$clients = $this->createGoogleClient($options);
|
85 |
-
$client = $clients[0];
|
86 |
-
|
87 |
-
// Generate a CSRF token
|
88 |
-
$state = wp_create_nonce('google_apps_login');
|
89 |
-
$client->setState(urlencode($state
|
90 |
-
.'|'.$this->get_cookie_value()
|
91 |
-
.'|'.(array_key_exists('redirect_to', $_REQUEST) ? $_REQUEST['redirect_to'] : '')
|
92 |
-
));
|
93 |
-
|
94 |
-
$authUrl = $client->createAuthUrl();
|
95 |
-
if ($client->getClientId() == "") {
|
96 |
-
$authUrl = "http://wp-glogin.com/installing-google-apps-login/#main-settings";
|
97 |
-
}
|
98 |
-
?>
|
99 |
-
<div class="galogin">
|
100 |
-
<a href="<?php echo $authUrl; ?>">or <b>Login with Google</b></a>
|
101 |
-
</div>
|
102 |
-
<?php
|
103 |
-
}
|
104 |
-
|
105 |
-
public function ga_authenticate($user) {
|
106 |
-
if (isset($_REQUEST['error'])) {
|
107 |
-
$user = new WP_Error('ga_login_error', $_REQUEST['error'] == 'access_denied' ? 'You did not grant access' : $_REQUEST['error']);
|
108 |
-
return $this->displayAndReturnError($user);
|
109 |
-
}
|
110 |
-
|
111 |
-
$options = $this->get_option_galogin();
|
112 |
-
$clients = $this->createGoogleClient($options);
|
113 |
-
$client = $clients[0];
|
114 |
-
$oauthservice = $clients[1];
|
115 |
-
|
116 |
-
if (isset($_GET['code'])) {
|
117 |
-
if (!isset($_REQUEST['state'])) {
|
118 |
-
$user = new WP_Error('ga_login_error', "Session mismatch - try again, but there could be a problem setting state");
|
119 |
-
return $this->displayAndReturnError($user);
|
120 |
-
}
|
121 |
-
|
122 |
-
$statevars = explode('|', urldecode($_REQUEST['state']));
|
123 |
-
if (count($statevars) != 3) {
|
124 |
-
$user = new WP_Error('ga_login_error', "Session mismatch - try again, but there could be a problem computing state");
|
125 |
-
return $this->displayAndReturnError($user);
|
126 |
-
}
|
127 |
-
$retnonce = $statevars[0];
|
128 |
-
$retcookie = $statevars[1];
|
129 |
-
$retredirectto = $statevars[2];
|
130 |
-
|
131 |
-
if (!wp_verify_nonce($retnonce, 'google_apps_login')) {
|
132 |
-
$user = new WP_Error('ga_login_error', "Session mismatch - try again, but there could be a problem setting nonce");
|
133 |
-
return $this->displayAndReturnError($user);
|
134 |
-
}
|
135 |
-
|
136 |
-
if (!isset($_COOKIE['google_apps_login']) || $retcookie != $_COOKIE['google_apps_login']) {
|
137 |
-
$user = new WP_Error('ga_login_error', "Session mismatch - try again, but there could be a problem setting cookie");
|
138 |
-
return $this->displayAndReturnError($user);
|
139 |
-
}
|
140 |
-
|
141 |
-
try {
|
142 |
-
$client->authenticate($_GET['code']);
|
143 |
-
|
144 |
-
/* userinfo example:
|
145 |
-
"id": "115886881859296909934",
|
146 |
-
"email": "dan@danlester.com",
|
147 |
-
"verified_email": true,
|
148 |
-
"name": "Dan Lester",
|
149 |
-
"given_name": "Dan",
|
150 |
-
"family_name": "Lester",
|
151 |
-
"link": "https://plus.google.com/115886881859296909934",
|
152 |
-
"picture": "https://lh3.googleusercontent.com/-r4WThnaSX8o/AAAAAAAAAAI/AAAAAAAAABE/pEJQwH5wyqM/photo.jpg",
|
153 |
-
"gender": "male",
|
154 |
-
"locale": "en-GB",
|
155 |
-
"hd": "danlester.com"
|
156 |
-
*/
|
157 |
-
$userinfo = $oauthservice->userinfo->get();
|
158 |
-
if ($userinfo && is_array($userinfo) && array_key_exists('email', $userinfo)
|
159 |
-
&& array_key_exists('verified_email', $userinfo)) {
|
160 |
-
|
161 |
-
$google_email = $userinfo['email'];
|
162 |
-
$google_verified_email = $userinfo['verified_email'];
|
163 |
-
|
164 |
-
if (!$google_verified_email) {
|
165 |
-
$user = new WP_Error('ga_login_error', 'Email needs to be verified on your Google Account');
|
166 |
-
}
|
167 |
-
else {
|
168 |
-
$user = get_user_by('email', $google_email);
|
169 |
-
|
170 |
-
if (!$user) {
|
171 |
-
$user = new WP_Error('ga_login_error', 'User '.$google_email.' not registered in Wordpress');
|
172 |
-
}
|
173 |
-
else {
|
174 |
-
// Set redirect for next load - including if "" to force reset to no redirect
|
175 |
-
setcookie('galogin_do_redirect_to', $retredirectto, time()+60, '/');
|
176 |
-
// Reset client-side login cookie so it doesn't expire on us next login time
|
177 |
-
setcookie('google_apps_login', '', time()-3600, '/');
|
178 |
-
}
|
179 |
-
}
|
180 |
-
}
|
181 |
-
else {
|
182 |
-
$user = new WP_Error('ga_login_error', "User authenticated OK, but error fetching user details from Google");
|
183 |
-
}
|
184 |
-
} catch (Google_Exception $e) {
|
185 |
-
$user = new WP_Error('ga_login_error', $e->getMessage());
|
186 |
-
}
|
187 |
-
}
|
188 |
-
|
189 |
-
if (is_wp_error($user)) {
|
190 |
-
$this->displayAndReturnError($user);
|
191 |
-
}
|
192 |
-
|
193 |
-
return $user;
|
194 |
-
}
|
195 |
-
|
196 |
-
protected function displayAndReturnError($user) {
|
197 |
-
if (is_wp_error($user) && get_bloginfo('version') < 3.7) {
|
198 |
-
// Only newer wordpress versions display errors from $user for us
|
199 |
-
global $error;
|
200 |
-
$error = htmlentities2($user->get_error_message());
|
201 |
-
}
|
202 |
-
return $user;
|
203 |
-
}
|
204 |
-
|
205 |
-
public function ga_init() {
|
206 |
-
if (isset($_COOKIE['galogin_do_redirect_to'])) {
|
207 |
-
$do_redirect = $_COOKIE['galogin_do_redirect_to'];
|
208 |
-
setcookie('galogin_do_redirect_to', '', time()-3600, '/');
|
209 |
-
|
210 |
-
if ($do_redirect != "") {
|
211 |
-
wp_redirect($do_redirect);
|
212 |
-
exit;
|
213 |
-
}
|
214 |
-
}
|
215 |
-
|
216 |
-
if (!isset($_COOKIE['google_apps_login']) && $GLOBALS['pagenow'] == 'wp-login.php') {
|
217 |
-
setcookie('google_apps_login', $this->get_cookie_value(), time()+1800, '/');
|
218 |
-
}
|
219 |
-
}
|
220 |
-
|
221 |
-
public function ga_admin_init() {
|
222 |
-
|
223 |
-
register_setting( 'galogin_options', 'galogin', Array($this, 'ga_options_validate') );
|
224 |
-
|
225 |
-
add_settings_section('galogin_main_section', 'Main Settings',
|
226 |
-
array($this, 'ga_section_text'), 'galogin');
|
227 |
-
|
228 |
-
add_settings_field('ga_clientid', 'Client ID',
|
229 |
-
array($this, 'ga_do_settings_clientid'), 'galogin', 'galogin_main_section');
|
230 |
-
add_settings_field('ga_clientsecret', 'Client Secret',
|
231 |
-
array($this, 'ga_do_settings_clientsecret'), 'galogin', 'galogin_main_section');
|
232 |
-
}
|
233 |
-
|
234 |
-
public function ga_admin_menu() {
|
235 |
-
add_options_page('Google Apps Login settings', 'Google Apps Login',
|
236 |
-
'manage_options', 'galogin_list_options',
|
237 |
-
array($this, 'ga_options_do_page'));
|
238 |
-
}
|
239 |
-
|
240 |
-
public function ga_options_do_page() { ?>
|
241 |
-
<div>
|
242 |
-
<h2>Google Apps Login setup</h2>
|
243 |
-
Set up your blog to enable Google logins.
|
244 |
-
<form action="options.php" method="post">
|
245 |
-
<?php settings_fields('galogin_options'); ?>
|
246 |
-
<?php do_settings_sections('galogin'); ?>
|
247 |
-
|
248 |
-
<input name="Submit" type="submit" value="<?php esc_attr_e('Save Changes'); ?>" />
|
249 |
-
</form></div> <?php
|
250 |
-
}
|
251 |
-
|
252 |
-
public function ga_do_settings_clientid() {
|
253 |
-
$options = $this->get_option_galogin();
|
254 |
-
echo "<input id='plugin_text_string' name='galogin[ga_clientid]' size='80' type='text' value='{$options['ga_clientid']}' />";
|
255 |
-
echo "<br /><span>Normally something like 1234567890123.apps.googleusercontent.com</span>";
|
256 |
-
}
|
257 |
|
258 |
-
|
259 |
-
$options = $this->get_option_galogin();
|
260 |
-
echo "<input id='plugin_text_string' name='galogin[ga_clientsecret]' size='40' type='text' value='{$options['ga_clientsecret']}' />";
|
261 |
-
echo "<br /><span>Normally something like sHSfR4_jf_2jsy-kjPjgf2dT</span>";
|
262 |
-
}
|
263 |
|
264 |
-
public function
|
265 |
-
|
266 |
-
<p>
|
267 |
-
|
268 |
-
are not the domain admin, you may still have permissions to use the console, so just try it. If you are
|
269 |
-
not using Google Apps, then just use your regular Gmail account to access the console.
|
270 |
-
</p>
|
271 |
-
<p>There, create a new project (any name is fine, and just leave Project ID as it is) - you may be required to
|
272 |
-
accept a verification phone call or SMS from Google.</p>
|
273 |
-
|
274 |
-
<p>Then create a Web application within the project. To create the application,
|
275 |
-
you need to click into the new project, then click <i>APIs & Auth</i> in the left-hand menu.
|
276 |
-
Click <i>Registered Apps</i> beneath that, then click the red <i>Register App</i> button.
|
277 |
-
You can choose any name you wish, and make sure you select <i>Web Application</i> as the Platform type.
|
278 |
-
</p>
|
279 |
-
<p>
|
280 |
-
Once you have created the application, you may need to open up the <i>OAuth 2.0 Client ID</i> section to be able to complete
|
281 |
-
the following steps.
|
282 |
-
</p>
|
283 |
-
<p>You must input, into your new Google application, the following items:
|
284 |
-
<ul style="margin-left: 10px;">
|
285 |
-
<li>Web Origin: <?php echo (is_ssl() ? 'https://' : 'http://').$_SERVER['HTTP_HOST'].'/'; ?></li>
|
286 |
-
<?php
|
287 |
-
if (is_ssl()) {
|
288 |
-
?>
|
289 |
-
<li>
|
290 |
-
Web Origin (add a 2nd entry): http://<?php echo $_SERVER['HTTP_HOST'].'/'; ?>
|
291 |
-
</li>
|
292 |
-
<?php
|
293 |
-
}
|
294 |
-
?>
|
295 |
-
|
296 |
-
<li>Redirect URL: <?php echo wp_login_url(); ?></li>
|
297 |
-
<?php
|
298 |
-
if (force_ssl_login() && strtolower(substr(wp_login_url(),0,7)) == 'http://') {
|
299 |
-
?>
|
300 |
-
<li>
|
301 |
-
Redirect URL (add a 2nd entry): https://<?php echo substr(wp_login_url(),7); ?>
|
302 |
-
</li>
|
303 |
-
<?php
|
304 |
-
}
|
305 |
-
?>
|
306 |
-
</ul>
|
307 |
</p>
|
308 |
-
|
309 |
-
and paste into the boxes below on this screen - i.e. back in your Wordpress admin, right here.</p>
|
310 |
-
|
311 |
-
<p><b>Optional:</b> In the Google Cloud Console, you can configure some things your users will see when they
|
312 |
-
login. By default, Google will tell them they are authorizing 'Project Default Service Account', which is
|
313 |
-
not very user friendly. You can change this to your company or blog name (and add your logo etc) by clicking
|
314 |
-
<i>Consent screen</i> (which is another sub-menu of <i>APIs & Auth</i>).
|
315 |
-
</p>
|
316 |
-
|
317 |
-
<p><b>For support and premium features, please visit:
|
318 |
-
<a href="http://wp-glogin.com/?utm_source=Admin%20Panel&utm_medium=freemium&utm_campaign=Freemium" target="_blank">http://wp-glogin.com/</a></b>
|
319 |
-
</p>
|
320 |
-
|
321 |
-
<?php
|
322 |
-
}
|
323 |
-
|
324 |
-
public function ga_options_validate($input) {
|
325 |
-
$newinput = Array();
|
326 |
-
$newinput['ga_clientid'] = trim($input['ga_clientid']);
|
327 |
-
$newinput['ga_clientsecret'] = trim($input['ga_clientsecret']);
|
328 |
-
if(!preg_match('/^.{10}.*$/i', $newinput['ga_clientid'])) {
|
329 |
-
add_settings_error(
|
330 |
-
'ga_clientid',
|
331 |
-
'tooshort_texterror',
|
332 |
-
'The Client ID should be longer than that',
|
333 |
-
'error'
|
334 |
-
);
|
335 |
-
}
|
336 |
-
if(!preg_match('/^.{10}.*$/i', $newinput['ga_clientsecret'])) {
|
337 |
-
add_settings_error(
|
338 |
-
'ga_clientsecret',
|
339 |
-
'tooshort_texterror',
|
340 |
-
'The Client Secret should be longer than that',
|
341 |
-
'error'
|
342 |
-
);
|
343 |
-
}
|
344 |
-
return $newinput;
|
345 |
-
}
|
346 |
-
|
347 |
-
static $default_options = Array( 'ga_clientid' => '', 'ga_clientsecret' => '');
|
348 |
-
private $ga_options = null;
|
349 |
-
protected function get_option_galogin() {
|
350 |
-
if ($this->ga_options != null) {
|
351 |
-
return $this->ga_options;
|
352 |
-
}
|
353 |
-
|
354 |
-
$option = get_option('galogin');
|
355 |
-
|
356 |
-
foreach (self::$default_options as $k => $v) {
|
357 |
-
if (!isset($option[$k])) {
|
358 |
-
$option[$k] = $v;
|
359 |
-
}
|
360 |
-
}
|
361 |
-
$this->ga_options = $option;
|
362 |
-
return $this->ga_options;
|
363 |
-
}
|
364 |
-
|
365 |
-
protected function add_actions() {
|
366 |
-
add_action('login_enqueue_scripts', array($this, 'ga_login_styles'));
|
367 |
-
add_action('login_form', array($this, 'ga_login_form'));
|
368 |
-
add_action('authenticate', array($this, 'ga_authenticate'), 5, 3);
|
369 |
-
add_action('init', array($this, 'ga_init'), 1);
|
370 |
-
|
371 |
-
add_action('admin_init', array($this, 'ga_admin_init'));
|
372 |
-
add_action('admin_menu', array($this, 'ga_admin_menu'));
|
373 |
}
|
|
|
374 |
}
|
375 |
|
376 |
-
$ga_google_apps_login_plugin = new
|
377 |
|
378 |
?>
|
4 |
* Plugin Name: Google Apps Login
|
5 |
* Plugin URI: http://wp-glogin.com/
|
6 |
* Description: Easy login for your Wordpress users by using their Google accounts (uses OAuth2 and requires a Google Apps domain).
|
7 |
+
* Version: 1.2
|
8 |
* Author: Dan Lester
|
9 |
* Author URI: http://danlester.com/
|
10 |
* License: GPL3
|
11 |
*/
|
12 |
|
13 |
+
require_once( plugin_dir_path(__FILE__).'/core/core_google_apps_login.php' );
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
14 |
|
15 |
+
class basic_google_apps_login extends core_google_apps_login {
|
|
|
|
|
|
|
|
|
16 |
|
17 |
+
public function ga_section_text_end() {
|
18 |
+
?>
|
19 |
+
<p><b>For support and premium features, please visit:
|
20 |
+
<a href="http://wp-glogin.com/?utm_source=Admin%20Panel&utm_medium=freemium&utm_campaign=Freemium" target="_blank">http://wp-glogin.com/</a></b>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
21 |
</p>
|
22 |
+
<?php
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
23 |
}
|
24 |
+
|
25 |
}
|
26 |
|
27 |
+
$ga_google_apps_login_plugin = new basic_google_apps_login();
|
28 |
|
29 |
?>
|
readme.txt
CHANGED
@@ -1,9 +1,9 @@
|
|
1 |
=== Plugin Name ===
|
2 |
Contributors: danlester
|
3 |
-
Tags: login, google, authentication, oauth2, oauth, admin, googleapps
|
4 |
Requires at least: 3.3
|
5 |
-
Tested up to: 3.
|
6 |
-
Stable tag:
|
7 |
License: GPLv3
|
8 |
License URI: http://www.gnu.org/licenses/gpl-3.0.html
|
9 |
|
@@ -41,9 +41,45 @@ has permission to authenticate the user and obtain basic profile data - it can n
|
|
41 |
1. User login screen can work as normal or via Google's authentication system
|
42 |
2. Admin obtains two simple codes from Google to set up - easy instructions to follow
|
43 |
|
44 |
-
==
|
45 |
|
46 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
47 |
|
48 |
* PHP 5.2.x or higher with Curl and JSON extensions
|
49 |
* Wordpress 3.3 or above
|
1 |
=== Plugin Name ===
|
2 |
Contributors: danlester
|
3 |
+
Tags: login, google, authentication, oauth2, oauth, admin, googleapps, sso
|
4 |
Requires at least: 3.3
|
5 |
+
Tested up to: 3.8
|
6 |
+
Stable tag: 1.1
|
7 |
License: GPLv3
|
8 |
License URI: http://www.gnu.org/licenses/gpl-3.0.html
|
9 |
|
41 |
1. User login screen can work as normal or via Google's authentication system
|
42 |
2. Admin obtains two simple codes from Google to set up - easy instructions to follow
|
43 |
|
44 |
+
== Frequently Asked Questions ==
|
45 |
|
46 |
+
= Does the plugin work with HTTP or HTTPS login pages? =
|
47 |
+
|
48 |
+
The plugin will work whether your site is configured for HTTP or HTTPS.
|
49 |
+
|
50 |
+
However, you may have configured your site to run so that the login pages
|
51 |
+
can be accessed by *either* HTTP *or* HTTPS. In that case, you may run into problems.
|
52 |
+
We recommend that you set [FORCE_SSL_ADMIN](http://codex.wordpress.org/Administration_Over_SSL)
|
53 |
+
or at least FORCE_SSL_LOGIN to true. This will ensure that all users are consistently using HTTPS
|
54 |
+
for login.
|
55 |
+
|
56 |
+
You may then need to ensure the Redirect URL and Web Origin in the Google Cloud Console are
|
57 |
+
set as HTTPS (this will make sense if you follow the installation instructions again).
|
58 |
+
|
59 |
+
If for some reason you cannot set FORCE_SSL_ADMIN, then you can add two URLs to the Google
|
60 |
+
Cloud Console for each entry, e.g. Redirect URL = http://wpexample.com/wp-login.php, and
|
61 |
+
then add another one for https://wpexample.com/wp-login.php. Same idea for Web Origin.
|
62 |
+
|
63 |
+
= Does the plugin work on Multisite? =
|
64 |
+
|
65 |
+
It is written, tested, and secure for multisite in subdirectories (not subdomains), and *must* be activated
|
66 |
+
network-wide for security reasons.
|
67 |
+
|
68 |
+
If you do require it used for subdomains, please contact the plugin author who may
|
69 |
+
be able to help for your specific installation.
|
70 |
+
|
71 |
+
= Is it secure? =
|
72 |
+
|
73 |
+
Yes, and depending on your setup, it can be much more secure than just using
|
74 |
+
WordPress usernames and passwords.
|
75 |
+
|
76 |
+
However, the author does not accept liability or offer any guarantee,
|
77 |
+
and it is your responsibility to ensure that your site is secure in the way you require.
|
78 |
+
|
79 |
+
In particular, other plugins may conflict with each other, and different WordPress versions and configurations
|
80 |
+
may render your site insecure.
|
81 |
+
|
82 |
+
= What are the system requirements? =
|
83 |
|
84 |
* PHP 5.2.x or higher with Curl and JSON extensions
|
85 |
* Wordpress 3.3 or above
|
uninstall.php
CHANGED
@@ -10,6 +10,6 @@ if (!defined('ABSPATH') && !defined('WP_UNINSTALL_PLUGIN')) {
|
|
10 |
if (!current_user_can('activate_plugins'))
|
11 |
exit;
|
12 |
|
13 |
-
|
14 |
|
15 |
?>
|
10 |
if (!current_user_can('activate_plugins'))
|
11 |
exit;
|
12 |
|
13 |
+
delete_site_option('galogin');
|
14 |
|
15 |
?>
|