Version Description
Added clearer instructions, plus new options: automatically redirect users to Login via Google; plus force users to fully approve access to their Google account every time they login (allowing them to switch accounts if only logged into the wrong one, as well as making the process clearer).
Download this release
Release Info
Developer | danlester |
Plugin | Google Apps Login |
Version | 1.4 |
Comparing to | |
See all releases |
Code changes from version 1.3 to 1.4
- core/core_google_apps_login.php +99 -45
- google_apps_login.php +3 -3
- readme.txt +8 -1
core/core_google_apps_login.php
CHANGED
@@ -35,7 +35,7 @@ class core_google_apps_login {
|
|
35 |
$client->setRedirectUri($this->get_login_url());
|
36 |
|
37 |
$client->setScopes(Array('openid', 'email', 'https://www.googleapis.com/auth/userinfo.profile'));
|
38 |
-
$client->setApprovalPrompt('auto');
|
39 |
|
40 |
$oauthservice = new Google_Oauth2Service($client);
|
41 |
|
@@ -93,7 +93,33 @@ class core_google_apps_login {
|
|
93 |
}
|
94 |
|
95 |
public function ga_login_form() {
|
|
|
|
|
96 |
$authUrl = $this->ga_start_auth_get_url();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
97 |
?>
|
98 |
<div class="galogin">
|
99 |
<a href="<?php echo $authUrl; ?>">or <b>Login with Google</b></a>
|
@@ -308,6 +334,7 @@ class core_google_apps_login {
|
|
308 |
|
309 |
$this->ga_admin_init_main();
|
310 |
$this->ga_admin_init_domain();
|
|
|
311 |
$this->ga_admin_init_multisite();
|
312 |
|
313 |
// Admin notice that configuration is required
|
@@ -347,7 +374,18 @@ class core_google_apps_login {
|
|
347 |
array($this, 'ga_do_settings_ms_usesubsitecallback'), $this->get_options_name(), 'galogin_multisite_section');
|
348 |
}
|
349 |
}
|
350 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
351 |
public function ga_admin_menu() {
|
352 |
if (is_multisite()) {
|
353 |
add_submenu_page( 'settings.php', 'Google Apps Login settings', 'Google Apps Login',
|
@@ -371,7 +409,16 @@ class core_google_apps_login {
|
|
371 |
|
372 |
<div>
|
373 |
<h2>Google Apps Login setup</h2>
|
374 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
375 |
<form action="<?php echo $submit_page; ?>" method="post">
|
376 |
<?php settings_fields($this->get_options_pagename()); ?>
|
377 |
<?php do_settings_sections($this->get_options_name()); ?>
|
@@ -423,43 +470,10 @@ class core_google_apps_login {
|
|
423 |
|
424 |
public function ga_mainsection_text() {
|
425 |
?>
|
426 |
-
<p>The
|
427 |
-
|
428 |
-
are not the domain admin, you may still have permissions to use the console, so just try it. If you are
|
429 |
-
not using Google Apps, then just use your regular Gmail account to access the console.
|
430 |
</p>
|
431 |
-
<p>There, create a new project (any name is fine, and just leave Project ID as it is) - you may be required to
|
432 |
-
accept a verification phone call or SMS from Google.</p>
|
433 |
-
|
434 |
-
<p>Then create a new 'Client ID' within the project, of type 'Web Application'. To create this,
|
435 |
-
you need to click into the new project, then click <i>APIs & Auth</i> in the left-hand menu.
|
436 |
-
Click <i>Credentials</i> beneath that, then click the red <i>Create New Client ID</i> button.
|
437 |
-
Make sure you select <i>Web Application</i> as the Platform type.
|
438 |
-
</p>
|
439 |
-
<p>You must input, into your new Google 'Client ID', the following items:
|
440 |
-
<ul style="margin-left: 10px;">
|
441 |
-
<li>Authorized Javascript origins: <?php echo (is_ssl() || force_ssl_login() || force_ssl_admin() ? 'https://' : 'http://').$_SERVER['HTTP_HOST'].'/'; ?></li>
|
442 |
-
<li>Authorized redirect URI: <?php echo $this->get_login_url(); ?></li>
|
443 |
-
</ul>
|
444 |
-
</p>
|
445 |
-
<p>
|
446 |
-
Once you have created the application (click the blue <i>Create Client ID</i> button), you need to turn to the
|
447 |
-
<i>Client ID for web application</i> section to be able to complete
|
448 |
-
the following steps. (<b>Not</b> the <i>Compute Engine and App Engine</i> section at the top.)
|
449 |
-
</p>
|
450 |
-
|
451 |
-
<p>You will see a Client ID and Client Secret which you must copy
|
452 |
-
and paste into the boxes below on this screen - i.e. back in your Wordpress admin, right here.</p>
|
453 |
-
|
454 |
-
<p><b>Optional:</b> In the Google Cloud Console, you can configure some things your users will see when they
|
455 |
-
login. By default, Google will tell them they are authorizing 'Project Default Service Account', which is
|
456 |
-
not very user friendly. You can change this to your company or blog name (and add your logo etc) by clicking
|
457 |
-
<i>Consent screen</i> (which is another sub-menu of <i>APIs & Auth</i>).
|
458 |
-
</p>
|
459 |
-
|
460 |
<?php
|
461 |
-
|
462 |
-
$this->ga_section_text_end();
|
463 |
}
|
464 |
|
465 |
protected function ga_section_text_end() {
|
@@ -467,18 +481,33 @@ class core_google_apps_login {
|
|
467 |
|
468 |
public function ga_multisitesection_text() {
|
469 |
?>
|
470 |
-
<p>
|
471 |
-
(since that is the only Redirect URL you were asked to submit to Google Cloud Console above).
|
472 |
-
If you have a reason to register Redirect URLs for each of your sub-sites too, tick the box below to
|
473 |
-
have all logins submitted to the sub-site they were invoked on.
|
474 |
</p>
|
475 |
<?php
|
476 |
}
|
477 |
-
|
478 |
public function ga_do_settings_ms_usesubsitecallback() {
|
479 |
$options = $this->get_option_galogin();
|
480 |
echo "<input id='input_ga_ms_usesubsitecallback' name='".$this->get_options_name()."[ga_ms_usesubsitecallback]' type='checkbox' ".($options['ga_ms_usesubsitecallback'] ? 'checked' : '')." />";
|
481 |
-
echo "<div>Leave unchecked in
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
482 |
}
|
483 |
|
484 |
public function ga_options_validate($input) {
|
@@ -502,6 +531,8 @@ class core_google_apps_login {
|
|
502 |
);
|
503 |
}
|
504 |
$newinput['ga_ms_usesubsitecallback'] = isset($input['ga_ms_usesubsitecallback']) ? $input['ga_ms_usesubsitecallback'] : false;
|
|
|
|
|
505 |
$newinput['ga_version'] = $this->PLUGIN_VERSION;
|
506 |
return $newinput;
|
507 |
}
|
@@ -522,7 +553,12 @@ class core_google_apps_login {
|
|
522 |
}
|
523 |
|
524 |
protected function get_default_options() {
|
525 |
-
return Array('ga_version' => $this->PLUGIN_VERSION,
|
|
|
|
|
|
|
|
|
|
|
526 |
}
|
527 |
|
528 |
protected $ga_options = null;
|
@@ -576,6 +612,24 @@ class core_google_apps_login {
|
|
576 |
}
|
577 |
}
|
578 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
579 |
// PLUGINS PAGE
|
580 |
|
581 |
public function ga_plugin_action_links( $links, $file ) {
|
35 |
$client->setRedirectUri($this->get_login_url());
|
36 |
|
37 |
$client->setScopes(Array('openid', 'email', 'https://www.googleapis.com/auth/userinfo.profile'));
|
38 |
+
$client->setApprovalPrompt($options['ga_force_permissions'] ? 'force' : 'auto');
|
39 |
|
40 |
$oauthservice = new Google_Oauth2Service($client);
|
41 |
|
93 |
}
|
94 |
|
95 |
public function ga_login_form() {
|
96 |
+
$options = $this->get_option_galogin();
|
97 |
+
|
98 |
$authUrl = $this->ga_start_auth_get_url();
|
99 |
+
|
100 |
+
$do_autologin = false;
|
101 |
+
|
102 |
+
if (isset($_GET['gaautologin'])) { // This GET param can always override the option set in admin pabel
|
103 |
+
$do_autologin = $_GET['gaautologin'] == 'true';
|
104 |
+
}
|
105 |
+
elseif (($options['ga_auto_login'] && count($_GET) == 0)) {
|
106 |
+
$do_autologin = true;
|
107 |
+
}
|
108 |
+
|
109 |
+
if ($do_autologin) {
|
110 |
+
if (!headers_sent()) {
|
111 |
+
wp_redirect($authUrl);
|
112 |
+
exit;
|
113 |
+
}
|
114 |
+
else { ?>
|
115 |
+
<p><b>Redirecting to <a href="<?php echo $authUrl; ?>">Login via Google</a>...</b></p>
|
116 |
+
<script type="text/javascript">
|
117 |
+
window.location = "<?php echo $authUrl; ?>";
|
118 |
+
</script>
|
119 |
+
<?php
|
120 |
+
}
|
121 |
+
}
|
122 |
+
|
123 |
?>
|
124 |
<div class="galogin">
|
125 |
<a href="<?php echo $authUrl; ?>">or <b>Login with Google</b></a>
|
334 |
|
335 |
$this->ga_admin_init_main();
|
336 |
$this->ga_admin_init_domain();
|
337 |
+
$this->ga_admin_init_advanced();
|
338 |
$this->ga_admin_init_multisite();
|
339 |
|
340 |
// Admin notice that configuration is required
|
374 |
array($this, 'ga_do_settings_ms_usesubsitecallback'), $this->get_options_name(), 'galogin_multisite_section');
|
375 |
}
|
376 |
}
|
377 |
+
|
378 |
+
public function ga_admin_init_advanced() {
|
379 |
+
add_settings_section('galogin_advanced_section', 'Advanced Options',
|
380 |
+
array($this, 'ga_advancedsection_text'), $this->get_options_name());
|
381 |
+
|
382 |
+
add_settings_field('ga_force_permissions', 'Force user to confirm Google permissions every time',
|
383 |
+
array($this, 'ga_do_settings_force_permissions'), $this->get_options_name(), 'galogin_advanced_section');
|
384 |
+
|
385 |
+
add_settings_field('ga_auto_login', 'Automatically redirect to Google from login page',
|
386 |
+
array($this, 'ga_do_settings_auto_login'), $this->get_options_name(), 'galogin_advanced_section');
|
387 |
+
}
|
388 |
+
|
389 |
public function ga_admin_menu() {
|
390 |
if (is_multisite()) {
|
391 |
add_submenu_page( 'settings.php', 'Google Apps Login settings', 'Google Apps Login',
|
409 |
|
410 |
<div>
|
411 |
<h2>Google Apps Login setup</h2>
|
412 |
+
|
413 |
+
<p>To set up your website to enable Google logins, you will need to follow instructions specific to your website.</p>
|
414 |
+
|
415 |
+
<p><a href="<?php echo $this->calculate_instructions_url(); ?>#config" target="gainstr">Click here to open your
|
416 |
+
personalized instructions in a new window</a></p>
|
417 |
+
|
418 |
+
<?php
|
419 |
+
$this->ga_section_text_end();
|
420 |
+
?>
|
421 |
+
|
422 |
<form action="<?php echo $submit_page; ?>" method="post">
|
423 |
<?php settings_fields($this->get_options_pagename()); ?>
|
424 |
<?php do_settings_sections($this->get_options_name()); ?>
|
470 |
|
471 |
public function ga_mainsection_text() {
|
472 |
?>
|
473 |
+
<p>The instructions above will guide you to Google's Cloud Console where you will enter two URLs, and also
|
474 |
+
obtain two codes (Client ID and Client Secret) which you will need to enter in the boxes below.
|
|
|
|
|
475 |
</p>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
476 |
<?php
|
|
|
|
|
477 |
}
|
478 |
|
479 |
protected function ga_section_text_end() {
|
481 |
|
482 |
public function ga_multisitesection_text() {
|
483 |
?>
|
484 |
+
<p>This setting is for multisite admins only. See <a href="<?php echo $this->calculate_instructions_url('m'); ?>#multisite" target="gainstr">instructions here</a>.
|
|
|
|
|
|
|
485 |
</p>
|
486 |
<?php
|
487 |
}
|
488 |
+
|
489 |
public function ga_do_settings_ms_usesubsitecallback() {
|
490 |
$options = $this->get_option_galogin();
|
491 |
echo "<input id='input_ga_ms_usesubsitecallback' name='".$this->get_options_name()."[ga_ms_usesubsitecallback]' type='checkbox' ".($options['ga_ms_usesubsitecallback'] ? 'checked' : '')." />";
|
492 |
+
echo "<div>Leave unchecked if in doubt</div>";
|
493 |
+
}
|
494 |
+
|
495 |
+
public function ga_advancedsection_text() {
|
496 |
+
?>
|
497 |
+
<p>Once you have the plugin working, you can try these settings to customize the login flow for your users.
|
498 |
+
See <a href="<?php echo $this->calculate_instructions_url('a'); ?>#advanced" target="gainstr">instructions here</a>.
|
499 |
+
</p>
|
500 |
+
<?php
|
501 |
+
}
|
502 |
+
|
503 |
+
public function ga_do_settings_force_permissions() {
|
504 |
+
$options = $this->get_option_galogin();
|
505 |
+
echo "<input id='input_ga_force_permissions' name='".$this->get_options_name()."[ga_force_permissions]' type='checkbox' ".($options['ga_force_permissions'] ? 'checked' : '')." />";
|
506 |
+
}
|
507 |
+
|
508 |
+
public function ga_do_settings_auto_login() {
|
509 |
+
$options = $this->get_option_galogin();
|
510 |
+
echo "<input id='input_ga_auto_login' name='".$this->get_options_name()."[ga_auto_login]' type='checkbox' ".($options['ga_auto_login'] ? 'checked' : '')." />";
|
511 |
}
|
512 |
|
513 |
public function ga_options_validate($input) {
|
531 |
);
|
532 |
}
|
533 |
$newinput['ga_ms_usesubsitecallback'] = isset($input['ga_ms_usesubsitecallback']) ? $input['ga_ms_usesubsitecallback'] : false;
|
534 |
+
$newinput['ga_force_permissions'] = isset($input['ga_force_permissions']) ? $input['ga_force_permissions'] : false;
|
535 |
+
$newinput['ga_auto_login'] = isset($input['ga_auto_login']) ? $input['ga_auto_login'] : false;
|
536 |
$newinput['ga_version'] = $this->PLUGIN_VERSION;
|
537 |
return $newinput;
|
538 |
}
|
553 |
}
|
554 |
|
555 |
protected function get_default_options() {
|
556 |
+
return Array('ga_version' => $this->PLUGIN_VERSION,
|
557 |
+
'ga_clientid' => '',
|
558 |
+
'ga_clientsecret' => '',
|
559 |
+
'ga_ms_usesubsitecallback' => false,
|
560 |
+
'ga_force_permissions' => false,
|
561 |
+
'ga_auto_login' => false);
|
562 |
}
|
563 |
|
564 |
protected $ga_options = null;
|
612 |
}
|
613 |
}
|
614 |
|
615 |
+
protected function calculate_instructions_url($refresh='n') {
|
616 |
+
return add_query_arg(
|
617 |
+
array( 'garedirect' => urlencode( $this->get_login_url() ),
|
618 |
+
'gaorigin' => urlencode( (is_ssl() || force_ssl_login() || force_ssl_admin()
|
619 |
+
? 'https://' : 'http://').$_SERVER['HTTP_HOST'].'/' ),
|
620 |
+
'ganotms' => is_multisite() ? 'false' : 'true',
|
621 |
+
'gar' => urlencode( $refresh ),
|
622 |
+
'utm_source' => 'Admin%20Instructions',
|
623 |
+
'utm_medium' => 'freemium',
|
624 |
+
'utm_campaign' => 'Freemium' ),
|
625 |
+
$this->get_wpglogincom_baseurl()
|
626 |
+
);
|
627 |
+
}
|
628 |
+
|
629 |
+
protected function get_wpglogincom_baseurl() {
|
630 |
+
return 'http://wp-glogin.com/installing-google-apps-login/basic-setup/';
|
631 |
+
}
|
632 |
+
|
633 |
// PLUGINS PAGE
|
634 |
|
635 |
public function ga_plugin_action_links( $links, $file ) {
|
google_apps_login.php
CHANGED
@@ -4,7 +4,7 @@
|
|
4 |
* Plugin Name: Google Apps Login
|
5 |
* Plugin URI: http://wp-glogin.com/
|
6 |
* Description: Simple secure login for Wordpress through users' Google Apps accounts (uses secure OAuth2, and MFA if enabled)
|
7 |
-
* Version: 1.
|
8 |
* Author: Dan Lester
|
9 |
* Author URI: http://wp-glogin.com/
|
10 |
* License: GPL3
|
@@ -15,12 +15,12 @@ require_once( plugin_dir_path(__FILE__).'/core/core_google_apps_login.php' );
|
|
15 |
|
16 |
class basic_google_apps_login extends core_google_apps_login {
|
17 |
|
18 |
-
protected $PLUGIN_VERSION = '1.
|
19 |
|
20 |
public function ga_section_text_end() {
|
21 |
?>
|
22 |
<p><b>For full support, and premium features that greatly simplify WordPress user management for admins, please visit:
|
23 |
-
<a href="http://wp-glogin.com/?utm_source=Admin%
|
24 |
</p>
|
25 |
<?php
|
26 |
}
|
4 |
* Plugin Name: Google Apps Login
|
5 |
* Plugin URI: http://wp-glogin.com/
|
6 |
* Description: Simple secure login for Wordpress through users' Google Apps accounts (uses secure OAuth2, and MFA if enabled)
|
7 |
+
* Version: 1.4
|
8 |
* Author: Dan Lester
|
9 |
* Author URI: http://wp-glogin.com/
|
10 |
* License: GPL3
|
15 |
|
16 |
class basic_google_apps_login extends core_google_apps_login {
|
17 |
|
18 |
+
protected $PLUGIN_VERSION = '1.4';
|
19 |
|
20 |
public function ga_section_text_end() {
|
21 |
?>
|
22 |
<p><b>For full support, and premium features that greatly simplify WordPress user management for admins, please visit:
|
23 |
+
<a href="http://wp-glogin.com/?utm_source=Admin%20Promo&utm_medium=freemium&utm_campaign=Freemium" target="_blank">http://wp-glogin.com/</a></b>
|
24 |
</p>
|
25 |
<?php
|
26 |
}
|
readme.txt
CHANGED
@@ -3,7 +3,7 @@ Contributors: danlester
|
|
3 |
Tags: login, google, authentication, oauth2, oauth, admin, google apps, sso, single-sign-on, auth, intranet
|
4 |
Requires at least: 3.3
|
5 |
Tested up to: 3.8
|
6 |
-
Stable tag: 1.
|
7 |
License: GPLv3
|
8 |
License URI: http://www.gnu.org/licenses/gpl-3.0.html
|
9 |
|
@@ -138,6 +138,13 @@ the Plugins section of your Wordpress admin
|
|
138 |
|
139 |
== Changelog ==
|
140 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
141 |
= 1.3 =
|
142 |
Much neater support for redirecting users to most appropriate page post-login,
|
143 |
especially on multisite installations; Better notices guiding admins through
|
3 |
Tags: login, google, authentication, oauth2, oauth, admin, google apps, sso, single-sign-on, auth, intranet
|
4 |
Requires at least: 3.3
|
5 |
Tested up to: 3.8
|
6 |
+
Stable tag: 1.4
|
7 |
License: GPLv3
|
8 |
License URI: http://www.gnu.org/licenses/gpl-3.0.html
|
9 |
|
138 |
|
139 |
== Changelog ==
|
140 |
|
141 |
+
= 1.4 =
|
142 |
+
|
143 |
+
Added clearer instructions, plus new options: automatically redirect users
|
144 |
+
to Login via Google; plus force users to fully approve access to their
|
145 |
+
Google account every time they login (allowing them to switch accounts if only
|
146 |
+
logged into the wrong one, as well as making the process clearer).
|
147 |
+
|
148 |
= 1.3 =
|
149 |
Much neater support for redirecting users to most appropriate page post-login,
|
150 |
especially on multisite installations; Better notices guiding admins through
|