Google Apps Login - Version 2.0

Version Description

Our platform provides centralized setup and management of Google-related features in your WordPress site and plugins.

Other developers can easily extend our Google authentication into their own plugins.

Release Info

Developer	danlester
Plugin	Google Apps Login
Version	2.0
Comparing to
See all releases

Code changes from version 1.4 to 2.0

Files changed (3) hide show

core/core_google_apps_login.php +21 -4
google_apps_login.php +20 -4
readme.txt +66 -23

core/core_google_apps_login.php CHANGED Viewed

	@@ -6,7 +6,7 @@
6
7	class core_google_apps_login {
8
9	- ~~public~~ function __construct() {
10	$this->add_actions();
11	}
12
	@@ -24,8 +24,14 @@ class core_google_apps_login {
24	}
25
26	protected function createGoogleClient($options) {
27	- ~~require_once(~~ ~~plugin_dir_path(__FILE__).'/../googleclient/Google_Client.php'~~ );
28	- ~~require_once(~~ ~~plugin_dir_path(__FILE__).'/../googleclient/contrib/Google_Oauth2Service.php'~~ );






29
30	$client = new Google_Client();
31	$client->setApplicationName("Wordpress Blog");
	@@ -34,7 +40,9 @@ class core_google_apps_login {
34	$client->setClientSecret($options['ga_clientsecret']);
35	$client->setRedirectUri($this->get_login_url());
36
37	- $~~client->setScopes~~(~~Array~~('~~openid~~', ~~'email', 'https://www.googleapis.com/auth/userinfo.profile'));~~


38	$client->setApprovalPrompt($options['ga_force_permissions'] ? 'force' : 'auto');
39
40	$oauthservice = new Google_Oauth2Service($client);
	@@ -630,6 +638,13 @@ class core_google_apps_login {
630	return 'http://wp-glogin.com/installing-google-apps-login/basic-setup/';
631	}
632







633	// PLUGINS PAGE
634
635	public function ga_plugin_action_links( $links, $file ) {
	@@ -655,6 +670,8 @@ class core_google_apps_login {
655	add_action('admin_init', array($this, 'ga_admin_init'));
656
657	add_action(is_multisite() ? 'network_admin_menu' : 'admin_menu', array($this, 'ga_admin_menu'));


658
659	if (is_multisite()) {
660	add_filter('network_admin_plugin_action_links', array($this, 'ga_plugin_action_links'), 10, 2 );


6
7	class core_google_apps_login {
8
9	+ protected function __construct() {
10	$this->add_actions();
11	}
12

24	}
25
26	protected function createGoogleClient($options) {
27	+ // Another plugin might have already included these files
28	+ // Unfortunately we just have to hope they have a similar enough version
29	+ if (!class_exists('Google_Client')) {
30	+ require_once( plugin_dir_path(__FILE__).'/../googleclient/Google_Client.php' );
31	+ }
32	+ if (!class_exists('Google_Oauth2Service')) {
33	+ require_once( plugin_dir_path(__FILE__).'/../googleclient/contrib/Google_Oauth2Service.php' );
34	+ }
35
36	$client = new Google_Client();
37	$client->setApplicationName("Wordpress Blog");

40	$client->setClientSecret($options['ga_clientsecret']);
41	$client->setRedirectUri($this->get_login_url());
42
43	+ $scopes = array_unique(apply_filters('gal_gather_scopes',
44	+ Array('openid', 'email', 'https://www.googleapis.com/auth/userinfo.profile')));
45	+ $client->setScopes($scopes);
46	$client->setApprovalPrompt($options['ga_force_permissions'] ? 'force' : 'auto');
47
48	$oauthservice = new Google_Oauth2Service($client);

638	return 'http://wp-glogin.com/installing-google-apps-login/basic-setup/';
639	}
640
641	+ // Google Apps Login platform
642	+
643	+ public function gal_get_clientid() {
644	+ $options = $this->get_option_galogin();
645	+ return $options['ga_clientid'];
646	+ }
647	+
648	// PLUGINS PAGE
649
650	public function ga_plugin_action_links( $links, $file ) {

670	add_action('admin_init', array($this, 'ga_admin_init'));
671
672	add_action(is_multisite() ? 'network_admin_menu' : 'admin_menu', array($this, 'ga_admin_menu'));
673	+
674	+ add_filter('gal_get_clientid', Array($this, 'gal_get_clientid') );
675
676	if (is_multisite()) {
677	add_filter('network_admin_plugin_action_links', array($this, 'ga_plugin_action_links'), 10, 2 );

google_apps_login.php CHANGED Viewed

	@@ -4,7 +4,7 @@
4	* Plugin Name: Google Apps Login
5	* Plugin URI: http://wp-glogin.com/
6	* Description: Simple secure login for Wordpress through users' Google Apps accounts (uses secure OAuth2, and MFA if enabled)
7	- * Version: 1.4
8	* Author: Dan Lester
9	* Author URI: http://wp-glogin.com/
10	* License: GPL3
	@@ -15,8 +15,18 @@ require_once( plugin_dir_path(__FILE__).'/core/core_google_apps_login.php' );
15
16	class basic_google_apps_login extends core_google_apps_login {
17
18	- protected $PLUGIN_VERSION = '1.4';
19










20	public function ga_section_text_end() {
21	?>
22	<p><b>For full support, and premium features that greatly simplify WordPress user management for admins, please visit:
	@@ -35,6 +45,12 @@ class basic_google_apps_login extends core_google_apps_login {
35
36	}
37
38	- ~~$ga_google_apps_login_plugin~~ = ~~new~~ ~~basic_google_apps_login();~~






39
40	- ?>


4	* Plugin Name: Google Apps Login
5	* Plugin URI: http://wp-glogin.com/
6	* Description: Simple secure login for Wordpress through users' Google Apps accounts (uses secure OAuth2, and MFA if enabled)
7	+ * Version: 2.0
8	* Author: Dan Lester
9	* Author URI: http://wp-glogin.com/
10	* License: GPL3

15
16	class basic_google_apps_login extends core_google_apps_login {
17
18	+ protected $PLUGIN_VERSION = '2.0';
19
20	+ // Singleton
21	+ private static $instance = null;
22	+
23	+ public static function get_instance() {
24	+ if (null == self::$instance) {
25	+ self::$instance = new self;
26	+ }
27	+ return self::$instance;
28	+ }
29	+
30	public function ga_section_text_end() {
31	?>
32	<p><b>For full support, and premium features that greatly simplify WordPress user management for admins, please visit:

45
46	}
47
48	+ // Global accessor function to singleton
49	+ function GoogleAppsLogin() {
50	+ return basic_google_apps_login::get_instance();
51	+ }
52	+
53	+ // Initialise at least once
54	+ GoogleAppsLogin();
55
56	+ ?>

readme.txt CHANGED Viewed

@@ -3,7 +3,7 @@ Contributors: danlester
             Tags: login, google, authentication, oauth2, oauth, admin, google apps, sso, single-sign-on, auth, intranet
             Requires at least: 3.3
             Tested up to: 3.8
-            -
            Stable tag: 1.4
             License: GPLv3
             License URI: http://www.gnu.org/licenses/gpl-3.0.html
@@ -12,10 +12,36 @@ Simple secure login and user management for Wordpress through your Google Apps d
             == Description ==
-            -
            Google Apps Login allows existing Wordpress user accounts to login to the website using Google to securely authenticate
-            -
            their account. This means that if they are already logged into Gmail for example, they can simply click their way
             through the Wordpress login screen - no username or password is explicitly required!
             One-click login will work for the following domains and user accounts:
             *  Google Apps for Business
@@ -23,28 +49,15 @@ One-click login will work for the following domains and user accounts:
             *  Google Apps for Non-profits
             *  Personal gmail.com and googlemail.com emails
-            -
            Plugin setup requires you to have admin access to any Google Apps domain, or a regular Gmail account, to register and
-            -
            obtain two simple codes from Google.
-            -
-            -
            **Full support and premium features are also available for purchase:**
-            -
-            -
            **Eliminate the need for Google Apps domain admins to  separately manage WordPress user accounts, and get piece
-            -
            of mind that only authorized employees have access to the organizations's websites and intranet.**
-            -
-            -
            **See [http://wp-glogin.com/](http://wp-glogin.com/)**
-            -
-            -
            Google Apps Login uses the latest secure OAuth2 authentication recommended by Google. Other 3rd party authentication plugins
-            -
            may allow you to use your Google username and password to login, but they do not do this securely:
-            -
            *  Other plugins: Users' passwords will be handled by your blog's server, potentially unencrypted. If these are compromised,
-            -
            hackers would be able to gain access to your Google email accounts! This includes all
-            -
            [Google Apps](http://www.google.com/enterprise/apps/business/products.html) (Gmail, Drive, Calendar
-            -
            etc), and any other services which use your Google account to login.
-            -
            *  This plugin: Users' passwords are only ever submitted to Google itself, then Google is asked to authenticate the user to
-            -
            your WordPress site. This means Multi-factor Authentication can still be used (if set up on your Google account).
-            -
            Your website only requires permission to authenticate the user and obtain basic profile data - it can never have access to
-            -
            your emails and other data.
             == Screenshots ==
@@ -99,6 +112,10 @@ network-wide for security reasons.
             There are many different possible configurations of multisite WordPress, however, so you must test carefully if you
             have any other plugins or special setup.
             = Is it secure? =
             Yes, and depending on your setup, it can be much more secure than just using
@@ -110,6 +127,21 @@ and it is your responsibility to ensure that your site is secure in the way you
             In particular, other plugins may conflict with each other, and different WordPress versions and configurations
             may render your site insecure.
             = What are the system requirements? =
             *  PHP 5.2.x or higher with Curl and JSON extensions
@@ -136,8 +168,19 @@ If you cannot install from the WordPress plugins directory for any reason, and n
             the Plugins section of your Wordpress admin
 . Follow the instructions from step 4 above
             == Changelog ==
             = 1.4 =
             Added clearer instructions, plus new options: automatically redirect users


3	Tags: login, google, authentication, oauth2, oauth, admin, google apps, sso, single-sign-on, auth, intranet
4	Requires at least: 3.3
5	Tested up to: 3.8
6	+ Stable tag: 2.0
7	License: GPLv3
8	License URI: http://www.gnu.org/licenses/gpl-3.0.html
9

12
13	== Description ==
14
15	+ Google Apps Login allows existing Wordpress user accounts to login to your website using Google to securely authenticate their account. This means that if they are already logged into Gmail for example, they can simply click their way

16	through the Wordpress login screen - no username or password is explicitly required!
17
18	+ Google Apps Login uses the latest secure OAuth2 authentication recommended by Google, including 2-factor Auth if enabled for your Google Apps accounts.
19	+
20	+ Plugin setup requires you to have admin access to any Google Apps domain, or a regular Gmail account, to register and obtain two simple codes from Google.
21	+
22	+ = Support and Premium features =
23	+
24	+ Full support and premium features are also available for purchase:
25	+
26	+ Eliminate the need for Google Apps domain admins to separately manage WordPress user accounts, and get piece
27	+ of mind that only authorized employees have access to the organizations's websites and intranet.
28	+
29	+ See [http://wp-glogin.com/](http://wp-glogin.com/)
30	+
31	+ = Extensible Platform =
32	+
33	+ Google Apps Login allows you to centralize your site's Google functionality and build your own extensions, or use
34	+ third-party extensions, which require no configuration themselves and share the same user authentication and
35	+ permissions that users already allowed for Google Apps Login itself.
36	+
37	+ Using our platform, your website appears to Google accounts as one unified 'web application', making it more secure
38	+ and easier to manage.
39	+
40	+ [Google Drive Embedder](http://wordpress.org/plugins/google-drive-embedder/) is our free extension plugin allowing
41	+ users to browse for Google Drive documents to embed directly in their posts or pages.
42	+
43	+ = Requirements =
44	+
45	One-click login will work for the following domains and user accounts:
46
47	* Google Apps for Business

49	* Google Apps for Non-profits
50	* Personal gmail.com and googlemail.com emails
51
52	+ Google Apps Login uses the latest secure OAuth2 authentication recommended by Google. Other 3rd party authentication
53	+ plugins may allow you to use your Google username and password to login, but they do not do this securely unless
54	+ they also use OAuth2. This is discussed further in the [FAQ](http://wordpress.org/plugins/google-apps-login/faq/).









55
56	+ = Website =



57
58	+ Please see our website [http://wp-glogin.com/](http://wp-glogin.com/) for more information about this free plugin
59	+ and extra features available in our Premium upgrade, plus support details and useful guides for admins of WordPress
60	+ sites and Google Apps.

61
62	== Screenshots ==
63

112	There are many different possible configurations of multisite WordPress, however, so you must test carefully if you
113	have any other plugins or special setup.
114
115	+ In a multisite setup, you will see an extra option in Settings -> Google Apps Login, named 'Use sub-site specific callback
116	+ from Google'. Read details in the configuration instructions (linked from the Settings page). This setting will need to be
117	+ ON if you are using any domain mapping plugin, and extra Redirect URIs will need to be registered in Google Cloud Console.
118	+
119	= Is it secure? =
120
121	Yes, and depending on your setup, it can be much more secure than just using

127	In particular, other plugins may conflict with each other, and different WordPress versions and configurations
128	may render your site insecure.
129
130	+ = How does it compare to other 3rd party auth plugins? =
131	+
132	+ Google Apps Login uses the latest secure OAuth2 authentication recommended by Google. Other 3rd party authentication plugins
133	+ may allow you to use your Google username and password to login, but they do not always do this securely:
134	+
135	+ * Other plugins: Users' passwords may be handled by your blog's server, potentially unencrypted. If these are compromised,
136	+ hackers would be able to gain access to your Google email accounts! This includes all
137	+ [Google Apps](http://www.google.com/enterprise/apps/business/products.html) (Gmail, Drive, Calendar
138	+ etc), and any other services which use your Google account to login.
139	+
140	+ * This plugin: Users' passwords are only ever submitted to Google itself, then Google is asked to authenticate the user to
141	+ your WordPress site. This means Multi-factor Authentication can still be used (if set up on your Google account).
142	+ Your website only requires permission to authenticate the user and obtain basic profile data - it can never have access to
143	+ your emails and other data.
144	+
145	= What are the system requirements? =
146
147	* PHP 5.2.x or higher with Curl and JSON extensions

168	the Plugins section of your Wordpress admin
169	1. Follow the instructions from step 4 above
170
171	+ Personalized instructions to configure the plugin by registering your site with Google Apps are linked from
172	+ the WordPress admin panel once you have activated the plugin. For a (non-personalized) preview of these instructions
173	+ please [click here](http://wp-glogin.com/installing-google-apps-login/basic-setup/).
174	+
175	== Changelog ==
176
177	+ = 2.0 =
178	+
179	+ Our platform provides centralized setup and management of Google-related features in your
180	+ WordPress site and plugins.
181	+
182	+ Other developers can easily extend our Google authentication into their own plugins.
183	+
184	= 1.4 =
185
186	Added clearer instructions, plus new options: automatically redirect users