Version Description
Service Account Client ID is imported from JSON key file so user can copy and paste it into admin.google.com
Download this release
Release Info
Developer | danlester |
Plugin | Google Apps Login |
Version | 2.8.11 |
Comparing to | |
See all releases |
Code changes from version 2.8.3 to 2.8.11
- core/core_google_apps_login.php +27 -11
- core/keyfile_uploader.php +8 -2
- google_apps_login.php +2 -2
- readme.txt +9 -1
core/core_google_apps_login.php
CHANGED
@@ -10,6 +10,8 @@ class core_google_apps_login {
|
|
10 |
$this->add_actions();
|
11 |
register_activation_hook($this->my_plugin_basename(), array( $this, 'ga_activation_hook' ) );
|
12 |
}
|
|
|
|
|
13 |
|
14 |
// May be overridden in basic or premium
|
15 |
public function ga_activation_hook($network_wide) {
|
@@ -22,8 +24,8 @@ class core_google_apps_login {
|
|
22 |
protected $newcookievalue = null;
|
23 |
protected function get_cookie_value() {
|
24 |
if (!$this->newcookievalue) {
|
25 |
-
if (isset($_COOKIE[
|
26 |
-
$this->newcookievalue = $_COOKIE[
|
27 |
}
|
28 |
else {
|
29 |
$this->newcookievalue = md5(rand());
|
@@ -181,6 +183,9 @@ class core_google_apps_login {
|
|
181 |
+ (isset($_GET['action']) && $_GET['action']=='login' ? 1 : 0)) {
|
182 |
$do_autologin = true;
|
183 |
}
|
|
|
|
|
|
|
184 |
}
|
185 |
|
186 |
if ($do_autologin && $options['ga_clientid'] != '' && $options['ga_clientsecret'] != '') {
|
@@ -417,7 +422,7 @@ class core_google_apps_login {
|
|
417 |
|
418 |
public function ga_init() {
|
419 |
if ($GLOBALS['pagenow'] == 'wp-login.php') {
|
420 |
-
setcookie(
|
421 |
}
|
422 |
}
|
423 |
|
@@ -432,8 +437,8 @@ class core_google_apps_login {
|
|
432 |
if ((force_ssl_login() || force_ssl_admin()) && strtolower(substr($login_url,0,7)) == 'http://') {
|
433 |
$login_url = 'https://'.substr($login_url,7);
|
434 |
}
|
435 |
-
|
436 |
-
return $login_url;
|
437 |
}
|
438 |
|
439 |
// Build our own nonce functions as wp_create_nonce is user dependent,
|
@@ -712,6 +717,15 @@ class core_google_apps_login {
|
|
712 |
|
713 |
echo '<br class="clear">';
|
714 |
if ($saoptions['ga_serviceemail'] != '') {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
715 |
// Display service email
|
716 |
echo '<label for="input_ga_serviceemail" class="textinput">'.__('Service Account email address', 'google-apps-login').'</label>';
|
717 |
echo "<div class='gal-lowerinput'>";
|
@@ -728,7 +742,7 @@ class core_google_apps_login {
|
|
728 |
}
|
729 |
}
|
730 |
|
731 |
-
echo '<label for="input_ga_keyfileupload" class="textinput gal_jsonkeyfile">'.__('Upload Service Account JSON file', 'google-apps-login').'</label>';
|
732 |
echo '<label for="input_ga_keyjson" class="textinput gal_jsonkeytext" style="display: none;">'.__('Paste contents of JSON file', 'google-apps-login').'</label>';
|
733 |
|
734 |
echo "<div class='gal-lowerinput'>";
|
@@ -788,7 +802,7 @@ class core_google_apps_login {
|
|
788 |
</table>
|
789 |
</p>
|
790 |
|
791 |
-
<p>Here is a comma-separated list of
|
792 |
<br />
|
793 |
<div class="gal-admin-scopes-list"><?php echo htmlentities(implode(', ',array_unique($all_scopes))); ?></div>
|
794 |
</p>
|
@@ -908,10 +922,12 @@ class core_google_apps_login {
|
|
908 |
|
909 |
$kfu = new gal_keyfile_uploader('ga_keyfileupload', isset($input['ga_keyjson']) ? $input['ga_keyjson'] : '');
|
910 |
$newemail = $kfu->getEmail();
|
|
|
911 |
$newkey = $kfu->getKey();
|
912 |
$newprint = $kfu->getPrint();
|
913 |
-
if ($newemail != '' && $newkey != '') {
|
914 |
$saoptions['ga_serviceemail'] = $newemail;
|
|
|
915 |
$saoptions['ga_sakey'] = $newkey;
|
916 |
$saoptions['ga_pkey_print'] = $newprint;
|
917 |
$this->save_sa_option($saoptions);
|
@@ -942,7 +958,7 @@ class core_google_apps_login {
|
|
942 |
'ga_jsonkeyfile|file_upload_error7' => __('Error with file upload on the server - failed to write to disk', 'google-apps-login'),
|
943 |
'ga_jsonkeyfile|no_content' => __('JSON key file was empty'),
|
944 |
'ga_jsonkeyfile|decode_error' => __('JSON key file could not be decoded correctly'),
|
945 |
-
'ga_jsonkeyfile|missing_values' => __('JSON key file does not contain all of client_email, private_key, and type'),
|
946 |
'ga_jsonkeyfile|not_serviceacct' => __('JSON key file does not represent a Service Account'),
|
947 |
'ga_jsonkeyfile|bad_pem' => __('Key cannot be coerced into a PEM key - invalid format in private_key of JSON key file')
|
948 |
);
|
@@ -1021,7 +1037,7 @@ class core_google_apps_login {
|
|
1021 |
}
|
1022 |
|
1023 |
// Set defaults
|
1024 |
-
foreach (array('ga_sakey', 'ga_serviceemail', 'ga_pkey_print') as $k) {
|
1025 |
if (!isset($ga_sa_options[$k])) {
|
1026 |
$ga_sa_options[$k] = '';
|
1027 |
}
|
@@ -1072,7 +1088,7 @@ class core_google_apps_login {
|
|
1072 |
return add_query_arg(
|
1073 |
array( 'garedirect' => urlencode( $this->get_login_url() ),
|
1074 |
'gaorigin' => urlencode( (is_ssl() || force_ssl_login() || force_ssl_admin()
|
1075 |
-
? 'https://' : 'http://').$_SERVER['HTTP_HOST']
|
1076 |
'ganotms' => is_multisite() ? 'false' : 'true',
|
1077 |
'gar' => urlencode( $refresh ),
|
1078 |
'utm_source' => 'Admin%20Instructions',
|
10 |
$this->add_actions();
|
11 |
register_activation_hook($this->my_plugin_basename(), array( $this, 'ga_activation_hook' ) );
|
12 |
}
|
13 |
+
|
14 |
+
protected static $gal_cookie_name = 'wordpress_google_apps_login';
|
15 |
|
16 |
// May be overridden in basic or premium
|
17 |
public function ga_activation_hook($network_wide) {
|
24 |
protected $newcookievalue = null;
|
25 |
protected function get_cookie_value() {
|
26 |
if (!$this->newcookievalue) {
|
27 |
+
if (isset($_COOKIE[self::$gal_cookie_name])) {
|
28 |
+
$this->newcookievalue = $_COOKIE[self::$gal_cookie_name];
|
29 |
}
|
30 |
else {
|
31 |
$this->newcookievalue = md5(rand());
|
183 |
+ (isset($_GET['action']) && $_GET['action']=='login' ? 1 : 0)) {
|
184 |
$do_autologin = true;
|
185 |
}
|
186 |
+
if (isset($_POST['log']) && isset($_POST['pwd'])) { // This was a WP username/password login attempt
|
187 |
+
$do_autologin = false;
|
188 |
+
}
|
189 |
}
|
190 |
|
191 |
if ($do_autologin && $options['ga_clientid'] != '' && $options['ga_clientsecret'] != '') {
|
422 |
|
423 |
public function ga_init() {
|
424 |
if ($GLOBALS['pagenow'] == 'wp-login.php') {
|
425 |
+
setcookie(self::$gal_cookie_name, $this->get_cookie_value(), time()+36000, '/', defined(COOKIE_DOMAIN) ? COOKIE_DOMAIN : '' );
|
426 |
}
|
427 |
}
|
428 |
|
437 |
if ((force_ssl_login() || force_ssl_admin()) && strtolower(substr($login_url,0,7)) == 'http://') {
|
438 |
$login_url = 'https://'.substr($login_url,7);
|
439 |
}
|
440 |
+
|
441 |
+
return apply_filters( 'gal_login_url', $login_url );
|
442 |
}
|
443 |
|
444 |
// Build our own nonce functions as wp_create_nonce is user dependent,
|
717 |
|
718 |
echo '<br class="clear">';
|
719 |
if ($saoptions['ga_serviceemail'] != '') {
|
720 |
+
if ($saoptions['ga_serviceid'] != '') {
|
721 |
+
// Display client id
|
722 |
+
echo '<label for="input_ga_serviceid" class="textinput">'.__('Service Account Client ID / Name', 'google-apps-login').'</label>';
|
723 |
+
echo "<div class='gal-lowerinput'>";
|
724 |
+
//echo "<span id='input_ga_serviceid'>".htmlentities($saoptions['ga_serviceid'])."</span>";
|
725 |
+
echo "<div id='input_ga_serviceid' class='gal-admin-scopes-list'>".htmlentities($saoptions['ga_serviceid'])."</div>";
|
726 |
+
echo '</div>';
|
727 |
+
echo '<br class="clear">';
|
728 |
+
}
|
729 |
// Display service email
|
730 |
echo '<label for="input_ga_serviceemail" class="textinput">'.__('Service Account email address', 'google-apps-login').'</label>';
|
731 |
echo "<div class='gal-lowerinput'>";
|
742 |
}
|
743 |
}
|
744 |
|
745 |
+
echo '<label for="input_ga_keyfileupload" class="textinput gal_jsonkeyfile">'.__('Upload a new Service Account JSON file', 'google-apps-login').'</label>';
|
746 |
echo '<label for="input_ga_keyjson" class="textinput gal_jsonkeytext" style="display: none;">'.__('Paste contents of JSON file', 'google-apps-login').'</label>';
|
747 |
|
748 |
echo "<div class='gal-lowerinput'>";
|
802 |
</table>
|
803 |
</p>
|
804 |
|
805 |
+
<p>Here is a comma-separated list of API Scopes to copy and paste into your Google Apps admin security page (see instructions).
|
806 |
<br />
|
807 |
<div class="gal-admin-scopes-list"><?php echo htmlentities(implode(', ',array_unique($all_scopes))); ?></div>
|
808 |
</p>
|
922 |
|
923 |
$kfu = new gal_keyfile_uploader('ga_keyfileupload', isset($input['ga_keyjson']) ? $input['ga_keyjson'] : '');
|
924 |
$newemail = $kfu->getEmail();
|
925 |
+
$newid = $kfu->getId();
|
926 |
$newkey = $kfu->getKey();
|
927 |
$newprint = $kfu->getPrint();
|
928 |
+
if ($newemail != '' && $newkey != '' && $newid != '') {
|
929 |
$saoptions['ga_serviceemail'] = $newemail;
|
930 |
+
$saoptions['ga_serviceid'] = $newid;
|
931 |
$saoptions['ga_sakey'] = $newkey;
|
932 |
$saoptions['ga_pkey_print'] = $newprint;
|
933 |
$this->save_sa_option($saoptions);
|
958 |
'ga_jsonkeyfile|file_upload_error7' => __('Error with file upload on the server - failed to write to disk', 'google-apps-login'),
|
959 |
'ga_jsonkeyfile|no_content' => __('JSON key file was empty'),
|
960 |
'ga_jsonkeyfile|decode_error' => __('JSON key file could not be decoded correctly'),
|
961 |
+
'ga_jsonkeyfile|missing_values' => __('JSON key file does not contain all of client_email, client_id, private_key, and type'),
|
962 |
'ga_jsonkeyfile|not_serviceacct' => __('JSON key file does not represent a Service Account'),
|
963 |
'ga_jsonkeyfile|bad_pem' => __('Key cannot be coerced into a PEM key - invalid format in private_key of JSON key file')
|
964 |
);
|
1037 |
}
|
1038 |
|
1039 |
// Set defaults
|
1040 |
+
foreach (array('ga_sakey', 'ga_serviceemail', 'ga_serviceid', 'ga_pkey_print') as $k) {
|
1041 |
if (!isset($ga_sa_options[$k])) {
|
1042 |
$ga_sa_options[$k] = '';
|
1043 |
}
|
1088 |
return add_query_arg(
|
1089 |
array( 'garedirect' => urlencode( $this->get_login_url() ),
|
1090 |
'gaorigin' => urlencode( (is_ssl() || force_ssl_login() || force_ssl_admin()
|
1091 |
+
? 'https://' : 'http://').$_SERVER['HTTP_HOST'] ),
|
1092 |
'ganotms' => is_multisite() ? 'false' : 'true',
|
1093 |
'gar' => urlencode( $refresh ),
|
1094 |
'utm_source' => 'Admin%20Instructions',
|
core/keyfile_uploader.php
CHANGED
@@ -47,8 +47,8 @@ class gal_keyfile_uploader {
|
|
47 |
$this->error = 'decode_error';
|
48 |
return;
|
49 |
}
|
50 |
-
if (!isset($fullkey['client_email']) || !isset($fullkey['private_key']) || !isset($fullkey['type'])
|
51 |
-
|
52 |
$this->error = 'missing_values';
|
53 |
return;
|
54 |
}
|
@@ -63,6 +63,7 @@ class gal_keyfile_uploader {
|
|
63 |
}
|
64 |
|
65 |
$this->key = $fullkey['private_key'];
|
|
|
66 |
$this->email = $fullkey['client_email'];
|
67 |
$this->pkeyprint = isset($fullkey['private_key_id']) ? $fullkey['private_key_id'] : '<unspecified>';
|
68 |
}
|
@@ -82,6 +83,11 @@ class gal_keyfile_uploader {
|
|
82 |
return $this->email;
|
83 |
}
|
84 |
|
|
|
|
|
|
|
|
|
|
|
85 |
protected $key = '';
|
86 |
public function getKey() {
|
87 |
return $this->key;
|
47 |
$this->error = 'decode_error';
|
48 |
return;
|
49 |
}
|
50 |
+
if (!isset($fullkey['client_id']) || !isset($fullkey['client_email']) || !isset($fullkey['private_key']) || !isset($fullkey['type'])
|
51 |
+
|| $fullkey['client_id'] == '' || $fullkey['client_email'] == '' || $fullkey['private_key'] == '') {
|
52 |
$this->error = 'missing_values';
|
53 |
return;
|
54 |
}
|
63 |
}
|
64 |
|
65 |
$this->key = $fullkey['private_key'];
|
66 |
+
$this->id = $fullkey['client_id'];
|
67 |
$this->email = $fullkey['client_email'];
|
68 |
$this->pkeyprint = isset($fullkey['private_key_id']) ? $fullkey['private_key_id'] : '<unspecified>';
|
69 |
}
|
83 |
return $this->email;
|
84 |
}
|
85 |
|
86 |
+
protected $id = '';
|
87 |
+
public function getId() {
|
88 |
+
return $this->id;
|
89 |
+
}
|
90 |
+
|
91 |
protected $key = '';
|
92 |
public function getKey() {
|
93 |
return $this->key;
|
google_apps_login.php
CHANGED
@@ -4,7 +4,7 @@
|
|
4 |
* Plugin Name: Google Apps Login
|
5 |
* Plugin URI: http://wp-glogin.com/
|
6 |
* Description: Simple secure login for Wordpress through users' Google Apps accounts (uses secure OAuth2, and MFA if enabled)
|
7 |
-
* Version: 2.8.
|
8 |
* Author: Dan Lester
|
9 |
* Author URI: http://wp-glogin.com/
|
10 |
* License: GPL3
|
@@ -17,7 +17,7 @@ require_once( plugin_dir_path(__FILE__).'/core/core_google_apps_login.php' );
|
|
17 |
|
18 |
class basic_google_apps_login extends core_google_apps_login {
|
19 |
|
20 |
-
protected $PLUGIN_VERSION = '2.8.
|
21 |
|
22 |
// Singleton
|
23 |
private static $instance = null;
|
4 |
* Plugin Name: Google Apps Login
|
5 |
* Plugin URI: http://wp-glogin.com/
|
6 |
* Description: Simple secure login for Wordpress through users' Google Apps accounts (uses secure OAuth2, and MFA if enabled)
|
7 |
+
* Version: 2.8.11
|
8 |
* Author: Dan Lester
|
9 |
* Author URI: http://wp-glogin.com/
|
10 |
* License: GPL3
|
17 |
|
18 |
class basic_google_apps_login extends core_google_apps_login {
|
19 |
|
20 |
+
protected $PLUGIN_VERSION = '2.8.11';
|
21 |
|
22 |
// Singleton
|
23 |
private static $instance = null;
|
readme.txt
CHANGED
@@ -3,7 +3,7 @@ Contributors: danlester
|
|
3 |
Tags: login, google, authentication, oauth2, oauth, google login, google apps, sso, single-sign-on, auth, intranet
|
4 |
Requires at least: 3.7
|
5 |
Tested up to: 4.3
|
6 |
-
Stable tag: 2.8.
|
7 |
License: GPLv3
|
8 |
License URI: http://www.gnu.org/licenses/gpl-3.0.html
|
9 |
|
@@ -226,6 +226,14 @@ please [click here](http://wp-glogin.com/installing-google-apps-login/basic-setu
|
|
226 |
|
227 |
== Changelog ==
|
228 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
229 |
= 2.8.3 =
|
230 |
|
231 |
Resolved conflict with some other plugins over Google-related function names.
|
3 |
Tags: login, google, authentication, oauth2, oauth, google login, google apps, sso, single-sign-on, auth, intranet
|
4 |
Requires at least: 3.7
|
5 |
Tested up to: 4.3
|
6 |
+
Stable tag: 2.8.11
|
7 |
License: GPLv3
|
8 |
License URI: http://www.gnu.org/licenses/gpl-3.0.html
|
9 |
|
226 |
|
227 |
== Changelog ==
|
228 |
|
229 |
+
= 2.8.11 =
|
230 |
+
|
231 |
+
Service Account Client ID is imported from JSON key file so user can copy and paste it into admin.google.com
|
232 |
+
|
233 |
+
= 2.8.10 =
|
234 |
+
|
235 |
+
Changed name of login cookie from 'google_apps_login' to 'wp_google_apps_login'.
|
236 |
+
|
237 |
= 2.8.3 =
|
238 |
|
239 |
Resolved conflict with some other plugins over Google-related function names.
|