Google Apps Login - Version 2.10.5

Version Description

Multisite improvements: better handling of COOKIE_DOMAIN configuration and also allows login redirects straight to subsites even when login is handled by the root site's wp-login.php page. Login page cookies now last for the length of the current browser session instead of for a fixed time, so this should reduce unexpected 'Session mismatch' errors.

Ensures plugin options are not loaded until 'plugins_loaded' stage. This makes it easier to use the gal_options hook more reliably.

Added language files for be_BY. Added filters 'gal_options' and 'gal_sa_options' so you can configure settings using PHP code.

Changed the way Google client library is included to avoid conflicts with other Google-related plugins that set the include path in a way that doesn't allow for other plugins.

Download this release

Release Info

Developer	danlester
Plugin	Google Apps Login
Version	2.10.5
Comparing to
See all releases

Code changes from version 2.10.4 to 2.10.5

Files changed (5) hide show

core/core_google_apps_login.php +47 -1
google_apps_login.php +6 -6
lang/google-apps-login-id_ID.mo +0 -0
lang/google-apps-login-id_ID.po +286 -0
readme.txt +58 -84

core/core_google_apps_login.php CHANGED Viewed

@@ -429,6 +429,12 @@ class core_google_apps_login {
             		if ($user && !is_wp_error($user)) {
             			$final_redirect = $this->getFinalRedirect();
             			if ($final_redirect !== '') {
             				return $final_redirect;
+            			}
+            		}
@@ -443,7 +449,8 @@ class core_google_apps_login {
+            			}
+            		}
             		if (!isset($_COOKIE[self::$gal_cookie_name]) && apply_filters('gal_set_login_cookie', true)) {
-            -
            			setcookie(self::$gal_cookie_name, $this->get_cookie_value(), time()+36000, '/', defined(COOKIE_DOMAIN) ? COOKIE_DOMAIN : '' );
+            		}
+            	}
@@ -461,6 +468,45 @@ class core_google_apps_login {
             		return apply_filters( 'gal_login_url', $login_url );
+            	}
             	// Build our own nonce functions as wp_create_nonce is user dependent,
             	// and our nonce is created when logged-out, then verified when logged-in


429	if ($user && !is_wp_error($user)) {
430	$final_redirect = $this->getFinalRedirect();
431	if ($final_redirect !== '') {
432	+ $option = $this->get_option_galogin();
433	+ // Whitelist the subdomain if all auth is going through the top level domain's wp-login.php
434	+ if (is_multisite() && !$option['ga_ms_usesubsitecallback']) {
435	+ $this->add_allowed_redirect_host($final_redirect);
436	+ add_filter('allowed_redirect_hosts', array($this,'gal_allowed_redirect_hosts'), 10);
437	+ }
438	return $final_redirect;
439	}
440	}

449	}
450	}
451	if (!isset($_COOKIE[self::$gal_cookie_name]) && apply_filters('gal_set_login_cookie', true)) {
452	+ $secure = ( 'https' === parse_url( $this->get_login_url(), PHP_URL_SCHEME ) );
453	+ setcookie(self::$gal_cookie_name, $this->get_cookie_value(), 0, '/', defined('COOKIE_DOMAIN') ? COOKIE_DOMAIN : '', $secure );
454	}
455	}
456

468
469	return apply_filters( 'gal_login_url', $login_url );
470	}
471	+
472	+ protected $allowed_redirect_hosts = array();
473	+ // In multisite, add subdomains to allowed_redirect_hosts so redirect_to can work for them
474	+ public function gal_allowed_redirect_hosts($hosts) {
475	+ return array_merge($hosts, $this->allowed_redirect_hosts);
476	+ }
477	+
478	+ protected function add_allowed_redirect_host($location) {
479	+ if (!is_multisite()) {
480	+ return;
481	+ }
482	+
483	+ if (!defined('SUBDOMAIN_INSTALL') \|\| !SUBDOMAIN_INSTALL) {
484	+ return;
485	+ }
486	+
487	+ $location = trim( strtolower($location) );
488	+ // browsers will assume 'http' is your protocol, and will obey a redirect to a URL starting with '//'
489	+ if ( substr($location, 0, 2) == '//' )
490	+ $location = 'http:' . $location;
491	+
492	+ // In php 5 parse_url may fail if the URL query part contains http://, bug #38143
493	+ $test = ( $cut = strpos($location, '?') ) ? substr( $location, 0, $cut ) : $location;
494	+
495	+ // @-operator is used to prevent possible warnings in PHP < 5.3.3.
496	+ $lp = @parse_url($test);
497	+
498	+ // Give up if malformed URL
499	+ if ( false === $lp )
500	+ return;
501	+
502	+ $sites = get_sites(
503	+ array('domain' => $lp['host'])
504	+ );
505	+
506	+ if (count($sites) > 0) {
507	+ $this->allowed_redirect_hosts[] = $lp['host'];
508	+ }
509	+ }
510
511	// Build our own nonce functions as wp_create_nonce is user dependent,
512	// and our nonce is created when logged-out, then verified when logged-in

google_apps_login.php CHANGED Viewed

	@@ -4,7 +4,7 @@
4	* Plugin Name: Google Apps Login
5	* Plugin URI: http://wp-glogin.com/
6	* Description: Simple secure login for Wordpress through users' Google Apps accounts (uses secure OAuth2, and MFA if enabled)
7	- * Version: 2.10.4
8	* Author: Dan Lester
9	* Author URI: http://wp-glogin.com/
10	* License: GPL3
	@@ -23,7 +23,7 @@ else {
23
24	class basic_google_apps_login extends core_google_apps_login {
25
26	- protected $PLUGIN_VERSION = '2.10.4';
27
28	// Singleton
29	private static $instance = null;
	@@ -128,7 +128,7 @@ class basic_google_apps_login extends core_google_apps_login {
128	<h3 data-drip-attribute="headline">Get the most out of Google Apps and WordPress</h3>
129	<p data-drip-attribute="description">
130	Register your email address to receive information on building a WordPress site
131	- that truly integrates ~~Google~~ ~~Apps~~ and WordPress.
132	</p>
133	<div>
134	<label for="fields[email]">Email Address</label>
	@@ -165,17 +165,17 @@ class basic_google_apps_login extends core_google_apps_login {
165
166	<h3>Premium Upgrade</h3>
167
168	- <p>In our professional plugins, you can specify your Google Apps domain name to obtain more powerful features.</p>
169
170	<ul class="ul-disc">
171	<li>Save time and increase security</li>
172	- <li>Completely forget about WordPress user management – it syncs users from Google Apps automatically</li>
173	<li>Ensures that employees who leave or change roles no longer have unauthorized access to sensitive sites</li>
174	<li>Specify Google Groups whose members should be mapped to different roles in WordPress (Enterprise only)</li>
175	</ul>
176
177	<p>Find out more about purchase options on our website:
178	- <a href="~~http~~://wp-glogin.com/~~google-apps-login-premium~~/?utm_source=Domain%20Control&utm_medium=freemium&utm_campaign=Freemium" target="_blank">http://wp-glogin.com/</a>
179	</p>
180
181	<?php


4	* Plugin Name: Google Apps Login
5	* Plugin URI: http://wp-glogin.com/
6	* Description: Simple secure login for Wordpress through users' Google Apps accounts (uses secure OAuth2, and MFA if enabled)
7	+ * Version: 2.10.5
8	* Author: Dan Lester
9	* Author URI: http://wp-glogin.com/
10	* License: GPL3

23
24	class basic_google_apps_login extends core_google_apps_login {
25
26	+ protected $PLUGIN_VERSION = '2.10.5';
27
28	// Singleton
29	private static $instance = null;

128	<h3 data-drip-attribute="headline">Get the most out of Google Apps and WordPress</h3>
129	<p data-drip-attribute="description">
130	Register your email address to receive information on building a WordPress site
131	+ that truly integrates G Suite and WordPress.
132	</p>
133	<div>
134	<label for="fields[email]">Email Address</label>

165
166	<h3>Premium Upgrade</h3>
167
168	+ <p>In our professional plugins, you can specify your G Suite (Google Apps) domain name to obtain more powerful features.</p>
169
170	<ul class="ul-disc">
171	<li>Save time and increase security</li>
172	+ <li>Completely forget about WordPress user management – it syncs users from G Suite (Google Apps) automatically</li>
173	<li>Ensures that employees who leave or change roles no longer have unauthorized access to sensitive sites</li>
174	<li>Specify Google Groups whose members should be mapped to different roles in WordPress (Enterprise only)</li>
175	</ul>
176
177	<p>Find out more about purchase options on our website:
178	+ <a href="https://wp-glogin.com/glogin/?utm_source=Domain%20Control&utm_medium=freemium&utm_campaign=Freemium" target="_blank">http://wp-glogin.com/</a>
179	</p>
180
181	<?php

lang/google-apps-login-id_ID.mo ADDED Viewed

Binary file

lang/google-apps-login-id_ID.po ADDED Viewed

	@@ -0,0 +1,286 @@


1	+ # Copyright (C) 2014
2	+ # This file is distributed under the same license as the package.
3	+ msgid ""
4	+ msgstr ""
5	+ "Project-Id-Version: \n"
6	+ "Report-Msgid-Bugs-To: http://wordpress.org/tag/googleappslogin\n"
7	+ "POT-Creation-Date: 2014-02-03 15:02:47+00:00\n"
8	+ "MIME-Version: 1.0\n"
9	+ "Content-Type: text/plain; charset=UTF-8\n"
10	+ "Content-Transfer-Encoding: 8bit\n"
11	+ "PO-Revision-Date: 2017-04-10 17:28-0000\n"
12	+ "Last-Translator: Jordan Silaen <jordan.silaen@chameleonjohn.com>\n"
13	+ "Language-Team: ChameleonJohn.com <jordan.silaen@chameleonjohn.com>\n"
14	+ "X-Generator: Poedit 1.6.4\n"
15	+ "Language: id_ID\n"
16	+
17	+ #: basic_google_apps_login.php:34
18	+ msgid ""
19	+ "For full support, and premium features that greatly simplify WordPress user "
20	+ "management for admins, please visit:"
21	+ msgstr ""
22	+ "Untuk dukungan penuh, dan fitur-fitur premium yang sangat menyederhanakan "
23	+ "manajemen pengguna WordPress untuk admin, silahkan kunjungi:"
24	+
25	+ #: core/core_google_apps_login.php:128
26	+ msgid "Redirecting to <a href=\"%s\">Login via Google</a>..."
27	+ msgstr "Mengarahkan <a href=\" %s \"> Login via Google </a> ..."
28	+
29	+ #: core/core_google_apps_login.php:138
30	+ msgid "Login with Google"
31	+ msgstr "Masuk dengan Google"
32	+
33	+ #: core/core_google_apps_login.php:146
34	+ msgid "or"
35	+ msgstr "atau"
36	+
37	+ #: core/core_google_apps_login.php:169
38	+ msgid "You did not grant access"
39	+ msgstr "Anda tidak memberikan akses"
40	+
41	+ #: core/core_google_apps_login.php:191
42	+ msgid ""
43	+ "Session mismatch - try again, but there could be a problem setting state"
44	+ msgstr "Sesi mismatch - coba lagi, tapi mungkin ada keadaan masalah pengaturan"
45	+
46	+ #: core/core_google_apps_login.php:197
47	+ msgid ""
48	+ "Session mismatch - try again, but there could be a problem passing state"
49	+ msgstr "Sesi mismatch - coba lagi, tapi mungkin ada keadaan masalah yang lewat"
50	+
51	+ #: core/core_google_apps_login.php:204
52	+ msgid ""
53	+ "Session mismatch - try again, but there could be a problem setting cookies"
54	+ msgstr "Sesi mismatch - coba lagi, tapi mungkin ada masalah pengaturan cookie"
55	+
56	+ #: core/core_google_apps_login.php:232
57	+ msgid "Email needs to be verified on your Google Account"
58	+ msgstr "Email perlu diverifikasi di Akun Google"
59	+
60	+ #: core/core_google_apps_login.php:249
61	+ msgid "User authenticated OK, but error fetching user details from Google"
62	+ msgstr ""
63	+ "Pengguna dikonfirmasi OK, tapi kesalahan saat mengambil rincian pengguna "
64	+ "dari Google"
65	+
66	+ #: core/core_google_apps_login.php:268
67	+ msgid "User %s not registered in Wordpress"
68	+ msgstr "Pengguna %s tidak terdaftar di Wordpress"
69	+
70	+ #: core/core_google_apps_login.php:380
71	+ msgid "Main Settings"
72	+ msgstr "Pengaturan utama"
73	+
74	+ #: core/core_google_apps_login.php:383
75	+ msgid "Client ID"
76	+ msgstr "ID klien"
77	+
78	+ #: core/core_google_apps_login.php:385
79	+ msgid "Client Secret"
80	+ msgstr "klien Rahasia"
81	+
82	+ #: core/core_google_apps_login.php:394
83	+ msgid "Multisite Options"
84	+ msgstr "Pilihan multisite"
85	+
86	+ #: core/core_google_apps_login.php:397
87	+ msgid "Use sub-site specific callback from Google"
88	+ msgstr "Gunakan sub-situs panggilan balik dari Google"
89	+
90	+ #: core/core_google_apps_login.php:403
91	+ msgid "Advanced Options"
92	+ msgstr "advanced Options"
93	+
94	+ #: core/core_google_apps_login.php:406
95	+ msgid "Force user to confirm Google permissions every time"
96	+ msgstr "Memaksa pengguna untuk mengkonfirmasi izin Google setiap kali"
97	+
98	+ #: core/core_google_apps_login.php:409
99	+ msgid "Automatically redirect to Google from login page"
100	+ msgstr "redirect ke Google secara otomatis dari halaman login"
101	+
102	+ #: core/core_google_apps_login.php:415 core/core_google_apps_login.php:420
103	+ msgid "Google Apps Login settings"
104	+ msgstr "setelan Google Apps Login"
105	+
106	+ #: core/core_google_apps_login.php:415 core/core_google_apps_login.php:420
107	+ msgid "Google Apps Login"
108	+ msgstr "Google Apps Login"
109	+
110	+ #: core/core_google_apps_login.php:435
111	+ msgid "Google Apps Login setup"
112	+ msgstr "Setup Google Apps Login"
113	+
114	+ #: core/core_google_apps_login.php:437
115	+ msgid ""
116	+ "To set up your website to enable Google logins, you will need to follow "
117	+ "instructions specific to your website."
118	+ msgstr ""
119	+ "Untuk membuat situs untuk mengaktifkan login Google, Anda harus mengikuti "
120	+ "petunjuk khusus untuk situs web Anda."
121	+
122	+ #: core/core_google_apps_login.php:440
123	+ msgid "Click here to open your personalized instructions in a new window"
124	+ msgstr "Klik di sini untuk membuka petunjuk pribadi Anda di jendela baru"
125	+
126	+ #: core/core_google_apps_login.php:450
127	+ msgid "Save Changes"
128	+ msgstr "Simpan perubahan"
129	+
130	+ #: core/core_google_apps_login.php:459
131	+ msgid "Settings saved."
132	+ msgstr "Pengaturan disimpan."
133	+
134	+ #: core/core_google_apps_login.php:487 core/core_google_apps_login.php:495
135	+ msgid "Normally something like %s"
136	+ msgstr "Biasanya sesuatu seperti %s"
137	+
138	+ #: core/core_google_apps_login.php:501
139	+ msgid ""
140	+ "The instructions above will guide you to Google's Cloud Console where you "
141	+ "will enter two URLs, and also obtain two codes (Client ID and Client Secret) "
142	+ "which you will need to enter in the boxes below."
143	+ msgstr ""
144	+ "Petunjuk di atas akan memandu Anda untuk Google Cloud Console di mana Anda "
145	+ "akan memasukkan dua URL, dan juga memperoleh dua kode (Client ID dan Client "
146	+ "Rahasia) yang Anda akan perlu untuk memasukkan di kotak di bawah."
147	+
148	+ #: core/core_google_apps_login.php:511
149	+ msgid ""
150	+ "This setting is for multisite admins only. See <a href=\"%s\" target="
151	+ "\"gainstr\">instructions here</a>."
152	+ msgstr ""
153	+ "Pengaturan ini untuk admin multisite saja. Lihat <a href=\" %s \" target="
154	+ "\"gainstr\"> petunjuk di sini </a>."
155	+
156	+ #: core/core_google_apps_login.php:520
157	+ msgid "Leave unchecked if in doubt"
158	+ msgstr "Tinggalkan dicentang jika ragu-ragu"
159	+
160	+ #: core/core_google_apps_login.php:526
161	+ msgid ""
162	+ "Once you have the plugin working, you can try these settings to customize "
163	+ "the login flow for your users."
164	+ msgstr ""
165	+ "Setelah Anda memiliki kerja Plugin, Anda dapat mencoba pengaturan ini untuk "
166	+ "menyesuaikan aliran masuk bagi pengguna Anda."
167	+
168	+ #: core/core_google_apps_login.php:527
169	+ msgid "See <a href=\"%s\" target=\"gainstr\">instructions here</a>."
170	+ msgstr "Lihat <a href=\" %s \" target=\"gainstr\"> petunjuk di sini </a>."
171	+
172	+ #: core/core_google_apps_login.php:571
173	+ msgid "The Client ID should be longer than that"
174	+ msgstr "ID Klien harus lebih lama dari itu"
175	+
176	+ #: core/core_google_apps_login.php:572
177	+ msgid "The Client Secret should be longer than that"
178	+ msgstr "Klien Rahasia harus lebih lama dari itu"
179	+
180	+ #: core/core_google_apps_login.php:577
181	+ msgid "Unspecified error"
182	+ msgstr "Kesalahan yang tidak spesifik"
183	+
184	+ #: core/core_google_apps_login.php:673
185	+ msgid "Settings"
186	+ msgstr "pengaturan"
187	+
188	+ #: premium_google_apps_login.php:87
189	+ msgid "User with email address %s must use Login with Google"
190	+ msgstr "Pengguna dengan alamat email %s harus menggunakan Login dengan Google"
191	+
192	+ #: premium_google_apps_login.php:115
193	+ msgid "User %s does not exist"
194	+ msgstr "Pengguna %s tidak ada"
195	+
196	+ #: premium_google_apps_login.php:124
197	+ msgid "Invalid email address"
198	+ msgstr "alamat email salah"
199	+
200	+ #: premium_google_apps_login.php:132
201	+ msgid "Email address needs to be in %s"
202	+ msgstr "Alamat email harus di %s"
203	+
204	+ #: premium_google_apps_login.php:135
205	+ msgid "%s not authorized"
206	+ msgstr "%s tidak berwenang"
207	+
208	+ #: premium_google_apps_login.php:180
209	+ msgid "Domain Control"
210	+ msgstr "Kontrol domain"
211	+
212	+ #: premium_google_apps_login.php:183
213	+ msgid "My Google Apps domain"
214	+ msgstr "domain Google Apps saya"
215	+
216	+ #: premium_google_apps_login.php:185
217	+ msgid "Auto-create new users on my domain"
218	+ msgstr "Otomatis membuat pengguna baru di domain saya"
219	+
220	+ #: premium_google_apps_login.php:187
221	+ msgid "Disable WordPress username/password login for my domain"
222	+ msgstr "Nonaktifkan WordPress username / password login untuk domain saya"
223	+
224	+ #: premium_google_apps_login.php:189
225	+ msgid "Default role for new Google users"
226	+ msgstr "Peran default untuk pengguna Google baru"
227	+
228	+ #: premium_google_apps_login.php:195
229	+ msgid ""
230	+ "By default, any existing account can authenticate either via Google (if a "
231	+ "Gmail/Google Apps account), or by WordPress username/password."
232	+ msgstr ""
233	+ "Secara default, setiap akun yang ada dapat mengotentikasi baik melalui "
234	+ "Google (jika / Google akun Gmail Apps), atau dengan WordPress username / "
235	+ "password."
236	+
237	+ #: premium_google_apps_login.php:197
238	+ msgid ""
239	+ "To allow special behaviour on your Google Apps domain (auto-create users who "
240	+ "don't yet exist, or disable regular WordPress username/password access for "
241	+ "your users), fill in the following section."
242	+ msgstr ""
243	+ "Untuk membiarkan perilaku khusus pada domain Google Apps Anda (otomatis "
244	+ "membuat pengguna yang belum ada, atau menonaktifkan akses username / "
245	+ "password WordPress reguler untuk pengguna Anda), mengisi bagian berikut."
246	+
247	+ #: premium_google_apps_login.php:199
248	+ msgid ""
249	+ "Please read the <a href=\"%s\" target=\"gainstr\">instructions here</a> "
250	+ "first."
251	+ msgstr ""
252	+ "Silakan baca <a href=\" %s \" target=\"gainstr\"> petunjuk di sini </a> "
253	+ "pertama."
254	+
255	+ #: premium_google_apps_login.php:217
256	+ msgid ""
257	+ "Tick with caution - leave unchecked until you are confident Google Login is "
258	+ "working for your own admin account"
259	+ msgstr ""
260	+ "Centang dengan hati-hati - jangan dicentang sampai Anda yakin Google Login "
261	+ "bekerja untuk akun admin Anda sendiri"
262	+
263	+ #: premium_google_apps_login.php:252
264	+ msgid ""
265	+ "Domain name should be a space-separated list of valid domains, in lowercase "
266	+ "letters (or blank)"
267	+ msgstr ""
268	+ "Nama domain harus daftar dipisahkan dengan spasi dari domain yang valid, "
269	+ "dalam huruf kecil (atau kosong)"
270	+
271	+ msgid ""
272	+ "Simple secure login for Wordpress through users' Google Apps accounts (uses "
273	+ "secure OAuth2, and MFA if enabled)"
274	+ msgstr ""
275	+ "login yang aman sederhana untuk Wordpress melalui rekening pengguna Google "
276	+ "Apps (menggunakan OAuth2 aman, dan MFA jika diaktifkan)"
277	+
278	+ msgid ""
279	+ "Simple secure login and user management for Wordpress through your Google "
280	+ "Apps domain (uses secure OAuth2, and MFA if enabled)"
281	+ msgstr ""
282	+ "Sederhana login yang aman dan manajemen pengguna untuk Wordpress melalui "
283	+ "domain Google Apps Anda (menggunakan OAuth2 aman, dan MFA jika diaktifkan)"
284	+
285	+ msgid "Google Apps Login Premium"
286	+ msgstr "Google Apps Login Premium"

readme.txt CHANGED Viewed

	@@ -1,33 +1,36 @@
1	=== Plugin Name ===
2	Contributors: danlester
3	- Tags: login, google, authentication, ~~oauth2,~~ oauth, google login, google apps, sso, single-sign-on, auth, intranet
4	Requires at least: 3.7
5	- Tested up to: 4.6
6	- Stable tag: 2.10.4
7	License: GPLv3
8	License URI: http://www.gnu.org/licenses/gpl-3.0.html
9
10	- Simple secure login and user management for Wordpress through your Google Apps domain
11	(uses secure OAuth2, and MFA if enabled)
12
13	== Description ==
14
15	Google Apps Login allows existing Wordpress user accounts to login to your website using Google to securely authenticate their account. This means that if they are already logged into Gmail for example, they can simply click their way through the Wordpress login screen - no username or password is explicitly required!
16
17	- Google Apps Login uses the latest secure OAuth2 authentication recommended by Google, including 2-factor Auth if enabled for your Google Apps accounts.

18
19	- ~~Plugin~~ ~~setup~~ ~~requires~~ ~~you~~ to ~~have~~ ~~admin~~ ~~access~~ to ~~any~~ Google Apps ~~domain,~~ or a ~~regular~~ ~~Gmail~~ ~~account,~~ to ~~register~~ and ~~obtain~~ ~~two~~ ~~simple~~ ~~codes~~ ~~from~~ Google.


20
21	= Support and Premium features =
22
23	Full support and premium features are also available for purchase:
24
25	- Eliminate the need for Google Apps domain admins to separately manage WordPress user accounts, and get peace
26	of mind that only authorized employees have access to your organizations's websites and intranet.
27
28	See [our website at wp-glogin.com](http://wp-glogin.com/glogin/?utm_source=Login%20Readme%20Top&utm_medium=freemium&utm_campaign=Freemium) for more details.
29
30	- The Premium version allows everyone in your Google Apps domain to login to WordPress - an account will be automatically created in WordPress if one doesn't already exist.
31
32	Our Enterprise version goes further, allowing you to specify granular access and role controls based on Google Group membership.
33	You can also see logs of accounts created and roles changed by the plugin.
	@@ -35,17 +38,14 @@ You can also see logs of accounts created and roles changed by the plugin.
35
36	= Extensible Platform =
37
38	- Google Apps Login allows you to centralize your site's Google functionality and build your own extensions, or use
39	- third-party extensions, which require no configuration themselves and share the same user authentication and
40	- permissions that users already allowed for Google Apps Login itself.
41
42	- Using our platform, your website appears to Google accounts as one unified 'web application', making it more secure
43	- and easier to manage.
44
45	- [Google Drive Embedder](http://wp-glogin.com/wpgoogledriveembedder) is a ~~free~~ extension plugin allowing
46	users to browse for Google Drive documents to embed directly in their posts or pages.
47
48	- [Google Apps Directory](http://wp-glogin.com/wpgoogleappsdirectory) is a ~~free~~ extension plugin allowing
49	logged-in users to search your Google Apps employee directory from a widget on your intranet or client site.
50
51	[Google Profile Avatars](http://wp-glogin.com/avatars/?utm_source=Login%20Readme%20Avatars&utm_medium=freemium&utm_campaign=Freemium)
	@@ -57,15 +57,14 @@ Google Apps Login works on single or multisite WordPress websites or private int
57
58	One-click login will work for the following domains and user accounts:
59
60	- * Google Apps for Work
61	- * Google Apps for ~~Business~~
62	- * Google Apps for Education
63	- * Google Apps for Non-profits

64	* Personal gmail.com and googlemail.com emails
65
66	- Google Apps Login uses the latest secure OAuth2 authentication recommended by Google. Other 3rd party authentication
67	- plugins may allow you to use your Google username and password to login, but they do not do this securely unless
68	- they also use OAuth2. This is discussed further in the [FAQ](http://wordpress.org/plugins/google-apps-login/faq/).
69
70	= Translations =
71
	@@ -83,115 +82,89 @@ This plugin currently operates in the following languages:
83	* Italian (it_IT) - translated by Giorgio Draghetti of [tipinoncomuni](http://tipinoncomuni.it/)
84	* Persian (fa_IR) - translated by [Saeed1000](https://profiles.wordpress.org/saeed1000/)
85	* Belarussian (be_BY) - translated by Natasha Dyatko of [UStarCash](https://www.ustarcash.com/)

86
87	- We welcome volunteers to translate into their own language. If you would like to contribute a translation, please
88	- click Translate Google Apps Login on the right hand side of this page.
89
90	= Website and Upgrades =
91
92	- Please see our website [http://wp-glogin.com/](http://wp-glogin.com/?utm_source=Login%20Readme%20Website&utm_medium=freemium&utm_campaign=Freemium) for more information about this free plugin
93	- and extra features available in our Premium and Enterprise upgrades, plus support details, other plugins, and useful guides for admins of
94	- WordPress sites and Google Apps.
95
96	The [Premium and Enterprise versions](http://wp-glogin.com/glogin/?utm_source=Login%20Readme%20PremEnt&utm_medium=freemium&utm_campaign=Freemium) eliminate the need to manage user accounts in your WordPress site - everything is synced from Google Apps instead.
97
98	- If you are building your organization's intranet on WordPress, try out our
99	- [All-In-One Intranet plugin](http://wp-glogin.com/intranet/?utm_source=Login%20Readme%20AIOI&utm_medium=freemium&utm_campaign=Freemium).
100
101	== Screenshots ==
102
103	1. User login screen can work as normal or via Google's authentication system
104	- 2. ~~Admin~~ ~~obtains~~ ~~two~~ ~~simple~~ ~~codes~~ ~~from~~ ~~Google~~ to ~~set~~ up - ~~easy~~ ~~instructions~~ to ~~follow~~


105
106	== Frequently Asked Questions ==
107
108	= How can I obtain support for this product? =
109
110	- Full support is available if you purchase the appropriate license from the author via:
111	- [http://wp-glogin.com/glogin/](http://wp-glogin.com/glogin/?utm_source=Login%20Readme%20Premium&utm_medium=freemium&utm_campaign=Freemium)
112
113	- Please feel free to email [contact@wp-glogin.com](mailto:contact@wp-glogin.com) with any questions,
114	- as we may be able to help, but you may be required to purchase a support license if the problem
115	- is specific to your installation or requirements.
116
117	- We may occasionally be able to respond to support queries posted on the 'Support' forum here on the wordpress.org
118	- plugin page, but we recommend sending us an email instead if possible.
119
120	- = Is login restricted to the ~~Google~~ ~~Apps~~ domain I use to set up the plugin? =
121
122	- No, once you set up the plugin, any WordPress accounts whose email address corresponds to any Google account,
123	- whether on a different Google Apps domain or even a personal gmail.com account, will be able to use 'Login with
124	- Google' to easily connect to your WordPress site.
125
126	- However, our [premium plugin](http://wp-glogin.com/glogin/?utm_source=Login%20Readme%20FAQ&utm_medium=freemium&utm_campaign=Freemium) has features that greatly simplify
127	- your WordPress user management if your WordPress users are mostly on the same Google Apps domain(s).
128
129	= Does the plugin work with HTTP or HTTPS login pages? =
130
131	The plugin will work whether your site is configured for HTTP or HTTPS.
132
133	- However, you may have configured your site to run so that the login pages
134	- can be accessed by either HTTP or HTTPS. In that case, you may run into problems.
135	We recommend that you set [FORCE_SSL_ADMIN](http://codex.wordpress.org/Administration_Over_SSL)
136	to true. This will ensure that all users are consistently using HTTPS
137	for login.
138
139	- You may then need to ensure the Redirect URL and Web Origin in the Google Cloud Console are
140	- set as HTTPS (this will make sense if you follow the installation instructions again).
141
142	- If for some reason you cannot set FORCE_SSL_ADMIN, then instead you can add two URLs to the Google
143	- Cloud Console for each entry, e.g. Redirect URL = http://wpexample.com/wp-login.php, and
144	- then add another one for https://wpexample.com/wp-login.php. Same idea for Web Origin.
145
146	= Does the plugin work on Multisite? =
147
148	- It is written, tested, and secure for multisite WordPress, both for subdirectories and subdomains, and must be activated
149	- network-wide for security reasons.
150
151	- There are many different possible configurations of multisite WordPress, however, so you must test carefully if you
152	- have any other plugins or special setup.
153
154	- In a multisite setup, you will see an extra option in Settings -> Google Apps Login, named 'Use sub-site specific callback
155	- from Google'. Read details in the configuration instructions (linked from the Settings page). This setting will need to be
156	- ON if you are using any domain mapping plugin, and extra Redirect URIs will need to be registered in Google Cloud Console.
157
158	= Is it secure? =
159
160	- Yes, and depending on your setup, it can be much more secure than just using
161	- WordPress usernames and passwords.
162
163	- However, the author does not accept liability or offer any guarantee,
164	- and it is your responsibility to ensure that your site is secure in the way you require.
165
166	- In particular, other plugins may conflict with each other, and different WordPress versions and configurations
167	- may render your site insecure.
168
169	= Does it conflict with any other plugins? =
170
171	- Sometimes conflicts can arise. We have built workarounds for some problems, and would always appreciate your feedback
172	- to resolve any issues you might encounter yourself.
173
174	- One known issue is with iThemes Security: the settings 'filter suspicious query strings' and 'filter long URL strings' can
175	- both cause intermittent conflicts and should be turned off if you are happy with the implications.
176
177	- ~~Jonradio~~ Private Site - Try setting the ~~Jonradio~~ option "Omit ?redirect_to= from URL (this option is recommended for Custom Login pages)".
178
179	WP Email Login - incompatible with Google Apps Login
180
181	= How does it compare to other 3rd party auth plugins? =
182
183	- Google Apps Login uses the latest secure OAuth2 authentication recommended by Google. Other 3rd party authentication plugins
184	- may allow you to use your Google username and password to login, but they do not always do this securely:
185
186	- * Other plugins: Users' passwords may be handled by your blog's server, potentially unencrypted. If these are compromised,
187	- ~~hackers~~ ~~would~~ be ~~able~~ to ~~gain~~ ~~access~~ to ~~your~~ ~~Google~~ ~~email~~ ~~accounts!~~ ~~This~~ ~~includes~~ ~~all~~
188	- [Google Apps](http://www.google.com/enterprise/apps/business/products.html) (Gmail, Drive, Calendar
189	- etc), and any other services which use your Google account to login.
190
191	- * This plugin: Users' passwords are only ever submitted to Google itself, then Google is asked to authenticate the user to
192	- ~~your~~ ~~WordPress~~ ~~site.~~ ~~This~~ ~~means~~ ~~Multi~~-~~factor~~ ~~Authentication~~ can ~~still~~ be ~~used~~ ~~(if~~ ~~set~~ up on ~~your~~ ~~Google account)~~.
193	- Your website only requires permission to authenticate the user and obtain basic profile data - it can never have access to
194	- your emails and other data.
195
196	= What are the system requirements? =
197
	@@ -203,7 +176,7 @@ And you will need a Google account to set up the plugin.
203
204	== Installation ==
205
206	- To set up the plugin, you will need access to a Google Apps domain as an administrator, or just a regular Gmail account.
207
208	Easiest way:
209
	@@ -216,17 +189,18 @@ Easiest way:
216
217	If you cannot install from the WordPress plugins directory for any reason, and need to install from ZIP file:
218
219	- 1. Upload `googleappslogin` directory and contents to the `/wp-content/plugins/` directory, or upload the ZIP file directly in
220	- the Plugins section of your Wordpress admin
221	1. Follow the instructions from step 4 above
222
223	Personalized instructions to configure the plugin by registering your site with Google Apps are linked from
224	- the WordPress admin panel once you have activated the plugin. For a (non-personalized) preview of these instructions
225	- please [click here](http://wp-glogin.com/installing-google-apps-login/basic-setup/).
226
227	== Changelog ==
228
229	- = 2.10.4 =



230
231	Ensures plugin options are not loaded until 'plugins_loaded' stage. This makes it easier to use the gal_options hook more reliably.
232


1	=== Plugin Name ===
2	Contributors: danlester
3	+ Tags: login, google, authentication, oauth, google login, google apps, g suite, sso, single-sign-on, auth, intranet
4	Requires at least: 3.7
5	+ Tested up to: 4.7
6	+ Stable tag: 2.10.5
7	License: GPLv3
8	License URI: http://www.gnu.org/licenses/gpl-3.0.html
9
10	+ Simple secure login and user management for Wordpress through your G Suite / Google Apps domain
11	(uses secure OAuth2, and MFA if enabled)
12
13	== Description ==
14
15	Google Apps Login allows existing Wordpress user accounts to login to your website using Google to securely authenticate their account. This means that if they are already logged into Gmail for example, they can simply click their way through the Wordpress login screen - no username or password is explicitly required!
16
17	+ Google Apps Login uses the latest secure OAuth2 authentication recommended by Google, including 2-factor Auth if enabled for your G Suite (formerly Google Apps) accounts.
18	+ This is far simpler to configure than the older SAML protocol.
19
20	+ Trusted by thousands of organizations from schools to large public companies, Google Apps Login is the most popular enterprise grade plugin enabling login and user management based on your Google Apps domain.
21	+
22	+ Plugin setup requires you to have admin access to any G Suite (Google Apps) domain, or a regular Gmail account, to register and obtain two simple codes from Google.
23
24	= Support and Premium features =
25
26	Full support and premium features are also available for purchase:
27
28	+ Eliminate the need for G Suite (Google Apps) domain admins to separately manage WordPress user accounts, and get peace
29	of mind that only authorized employees have access to your organizations's websites and intranet.
30
31	See [our website at wp-glogin.com](http://wp-glogin.com/glogin/?utm_source=Login%20Readme%20Top&utm_medium=freemium&utm_campaign=Freemium) for more details.
32
33	+ The Premium version allows everyone in your G Suite (Google Apps) domain to login to WordPress - an account will be automatically created in WordPress if one doesn't already exist.
34
35	Our Enterprise version goes further, allowing you to specify granular access and role controls based on Google Group membership.
36	You can also see logs of accounts created and roles changed by the plugin.

38
39	= Extensible Platform =
40
41	+ Google Apps Login allows you to centralize your site's Google functionality and build your own extensions, or use third-party extensions, which require no configuration themselves and share the same user authentication and permissions that users already allowed for Google Apps Login itself.


42
43	+ Using our platform, your website appears to Google accounts as one unified 'web application', making it more secure and easier to manage.

44
45	+ [Google Drive Embedder](http://wp-glogin.com/wpgoogledriveembedder) is an extension plugin allowing
46	users to browse for Google Drive documents to embed directly in their posts or pages.
47
48	+ [Google Apps Directory](http://wp-glogin.com/wpgoogleappsdirectory) is an extension plugin allowing
49	logged-in users to search your Google Apps employee directory from a widget on your intranet or client site.
50
51	[Google Profile Avatars](http://wp-glogin.com/avatars/?utm_source=Login%20Readme%20Avatars&utm_medium=freemium&utm_campaign=Freemium)

57
58	One-click login will work for the following domains and user accounts:
59
60	+ * G Suite Basic (Google Apps for Work)
61	+ * G Suite Business (Google Apps Unlimited for Work)
62	+ * G Suite for Education (Google Apps for Education)
63	+ * G Suite for Non-profits (Google Apps for Non-profits)
64	+ * G Suite for Government (Google Apps for Government)
65	* Personal gmail.com and googlemail.com emails
66
67	+ Google Apps Login uses the latest secure OAuth2 authentication recommended by Google. Other 3rd party authentication plugins may allow you to use your Google username and password to login, but they do not do this securely unless they also use OAuth2. This is discussed further in the [FAQ](http://wordpress.org/plugins/google-apps-login/faq/).


68
69	= Translations =
70

82	* Italian (it_IT) - translated by Giorgio Draghetti of [tipinoncomuni](http://tipinoncomuni.it/)
83	* Persian (fa_IR) - translated by [Saeed1000](https://profiles.wordpress.org/saeed1000/)
84	* Belarussian (be_BY) - translated by Natasha Dyatko of [UStarCash](https://www.ustarcash.com/)
85	+ * Indonesian (id_ID) - translated by Jordan Silaen of [ChameleonJohn.com](http://ChameleonJohn.com/)
86
87	+ We welcome volunteers to translate into their own language. If you would like to contribute a translation, please click Translate under Contributors & Developers below.

88
89	= Website and Upgrades =
90
91	+ Please see our website [http://wp-glogin.com/](http://wp-glogin.com/?utm_source=Login%20Readme%20Website&utm_medium=freemium&utm_campaign=Freemium) for more information about this free plugin and extra features available in our Premium and Enterprise upgrades, plus support details, other plugins, and useful guides for admins of WordPress sites and Google Apps.


92
93	The [Premium and Enterprise versions](http://wp-glogin.com/glogin/?utm_source=Login%20Readme%20PremEnt&utm_medium=freemium&utm_campaign=Freemium) eliminate the need to manage user accounts in your WordPress site - everything is synced from Google Apps instead.
94
95	+ If you are building your organization's intranet on WordPress, try out our [All-In-One Intranet plugin](http://wp-glogin.com/intranet/?utm_source=Login%20Readme%20AIOI&utm_medium=freemium&utm_campaign=Freemium).

96
97	== Screenshots ==
98
99	1. User login screen can work as normal or via Google's authentication system
100	+ 2. Login to Google account - only if not already logged in to Google within the browser
101	+ 3. First time only grant permissions for Google to connect to the WordPress site
102	+ 4. Admin obtains two simple codes from Google to set up - easy instructions to follow
103
104	== Frequently Asked Questions ==
105
106	= How can I obtain support for this product? =
107
108	+ Full support is available if you purchase the appropriate license from the author via: [http://wp-glogin.com/glogin/](http://wp-glogin.com/glogin/?utm_source=Login%20Readme%20Premium&utm_medium=freemium&utm_campaign=Freemium)

109
110	+ Please feel free to email [contact@wp-glogin.com](mailto:contact@wp-glogin.com) with any questions, as we may be able to help, but you may be required to purchase a support license if the problem is specific to your installation or requirements.


111
112	+ We may occasionally be able to respond to support queries posted on the 'Support' forum here on the wordpress.org plugin page, but we recommend sending us an email instead if possible.

113
114	+ = Is login restricted to the G Suite domain I use to set up the plugin? =
115
116	+ No, once you set up the plugin, any WordPress accounts whose email address corresponds to any Google account, whether on a different G Suite domain or even a personal gmail.com account, will be able to use 'Login with Google' to easily connect to your WordPress site.


117
118	+ However, our [premium plugin](http://wp-glogin.com/glogin/?utm_source=Login%20Readme%20FAQ&utm_medium=freemium&utm_campaign=Freemium) has features that greatly simplify your WordPress user management if your WordPress users are mostly on the same G Suite domain(s).

119
120	= Does the plugin work with HTTP or HTTPS login pages? =
121
122	The plugin will work whether your site is configured for HTTP or HTTPS.
123
124	+ However, you may have configured your site to run so that the login pages can be accessed by either HTTP or HTTPS. In that case, you may run into problems.

125	We recommend that you set [FORCE_SSL_ADMIN](http://codex.wordpress.org/Administration_Over_SSL)
126	to true. This will ensure that all users are consistently using HTTPS
127	for login.
128
129	+ You may then need to ensure the Redirect URL and Web Origin in the Google Cloud Console are set as HTTPS (this will make sense if you follow the installation instructions again).

130
131	+ If for some reason you cannot set FORCE_SSL_ADMIN, then instead you can add two URLs to the Google Cloud Console for each entry, e.g. Redirect URL = http://wpexample.com/wp-login.php, and then add another one for https://wpexample.com/wp-login.php. Same idea for Web Origin.


132
133	= Does the plugin work on Multisite? =
134
135	+ It is written, tested, and secure for multisite WordPress, both for subdirectories and subdomains, and must be activated network-wide for security reasons.

136
137	+ There are many different possible configurations of multisite WordPress, however, so you must test carefully if you have any other plugins or special setup.

138
139	+ In a multisite setup, you will see an extra option in Settings -> Google Apps Login, named 'Use sub-site specific callback from Google'. Read details in the configuration instructions (linked from the Settings page). This setting will need to be ON if you are using any domain mapping plugin, and extra Redirect URIs will need to be registered in Google Cloud Console.


140
141	= Is it secure? =
142
143	+ Yes, and depending on your setup, it can be much more secure than just using WordPress usernames and passwords.

144
145	+ However, the author does not accept liability or offer any guarantee, and it is your responsibility to ensure that your site is secure in the way you require.

146
147	+ In particular, other plugins may conflict with each other, and different WordPress versions and configurations may render your site insecure.

148
149	= Does it conflict with any other plugins? =
150
151	+ Sometimes conflicts can arise. We have built workarounds for some problems, and would always appreciate your feedback to resolve any issues you might encounter yourself.

152
153	+ One known issue is with iThemes Security: the settings 'filter suspicious query strings' and 'filter long URL strings' can both cause intermittent conflicts and should be turned off if you are happy with the implications.

154
155	+ My Private Site - Try setting the My Private Site option "Omit ?redirect_to= from URL (this option is recommended for Custom Login pages)".
156
157	WP Email Login - incompatible with Google Apps Login
158
159	= How does it compare to other 3rd party auth plugins? =
160
161	+ Google Apps Login uses the latest secure OAuth2 authentication recommended by Google. Other 3rd party authentication plugins may allow you to use your Google username and password to login, but they do not always do this securely:

162
163	+ * Other plugins: Users' passwords may be handled by your blog's server, potentially unencrypted. If these are compromised, hackers would be able to gain access to your Google email accounts! This includes all
164	+ [G Suite apps](https://gsuite.google.com/products/) (Gmail, Drive, Calendar etc), and any other services which use your Google account to login.


165
166	+ * This plugin: Users' passwords are only ever submitted to Google itself, then Google is asked to authenticate the user to your WordPress site. This means Multi-factor Authentication can still be used (if set up on your Google account).
167	+ Your website only requires permission to authenticate the user and obtain basic profile data - it can never have access to your emails and other data.


168
169	= What are the system requirements? =
170

176
177	== Installation ==
178
179	+ To set up the plugin, you will need access to a G Suite (Google Apps) domain as an administrator, or just a regular Gmail account.
180
181	Easiest way:
182

189
190	If you cannot install from the WordPress plugins directory for any reason, and need to install from ZIP file:
191
192	+ 1. Upload `googleappslogin` directory and contents to the `/wp-content/plugins/` directory, or upload the ZIP file directly in the Plugins section of your Wordpress admin

193	1. Follow the instructions from step 4 above
194
195	Personalized instructions to configure the plugin by registering your site with Google Apps are linked from
196	+ the WordPress admin panel once you have activated the plugin. For a (non-personalized) preview of these instructions please [click here](http://wp-glogin.com/installing-google-apps-login/basic-setup/).

197
198	== Changelog ==
199
200	+ = 2.10.5 =
201	+
202	+ Multisite improvements: better handling of COOKIE_DOMAIN configuration and also allows login redirects straight to subsites even when login is handled by the root site's wp-login.php page.
203	+ Login page cookies now last for the length of the current browser session instead of for a fixed time, so this should reduce unexpected 'Session mismatch' errors.
204
205	Ensures plugin options are not loaded until 'plugins_loaded' stage. This makes it easier to use the gal_options hook more reliably.
206