Google Apps Login - Version 2.8.11

Version Description

Service Account Client ID is imported from JSON key file so user can copy and paste it into admin.google.com

Release Info

Developer	danlester
Plugin	Google Apps Login
Version	2.8.11
Comparing to
See all releases

Code changes from version 2.8.3 to 2.8.11

Files changed (4) hide show

core/core_google_apps_login.php +27 -11
core/keyfile_uploader.php +8 -2
google_apps_login.php +2 -2
readme.txt +9 -1

core/core_google_apps_login.php CHANGED Viewed

	@@ -10,6 +10,8 @@ class core_google_apps_login {
10	$this->add_actions();
11	register_activation_hook($this->my_plugin_basename(), array( $this, 'ga_activation_hook' ) );
12	}


13
14	// May be overridden in basic or premium
15	public function ga_activation_hook($network_wide) {
	@@ -22,8 +24,8 @@ class core_google_apps_login {
22	protected $newcookievalue = null;
23	protected function get_cookie_value() {
24	if (!$this->newcookievalue) {
25	- if (isset($_COOKIE[~~'google_apps_login'~~])) {
26	- $this->newcookievalue = $_COOKIE[~~'google_apps_login'~~];
27	}
28	else {
29	$this->newcookievalue = md5(rand());
	@@ -181,6 +183,9 @@ class core_google_apps_login {
181	+ (isset($_GET['action']) && $_GET['action']=='login' ? 1 : 0)) {
182	$do_autologin = true;
183	}



184	}
185
186	if ($do_autologin && $options['ga_clientid'] != '' && $options['ga_clientsecret'] != '') {
	@@ -417,7 +422,7 @@ class core_google_apps_login {
417
418	public function ga_init() {
419	if ($GLOBALS['pagenow'] == 'wp-login.php') {
420	- setcookie(~~'google_apps_login'~~, $this->get_cookie_value(), time()+36000, '/', defined(COOKIE_DOMAIN) ? COOKIE_DOMAIN : '' );
421	}
422	}
423
	@@ -432,8 +437,8 @@ class core_google_apps_login {
432	if ((force_ssl_login() \|\| force_ssl_admin()) && strtolower(substr($login_url,0,7)) == 'http://') {
433	$login_url = 'https://'.substr($login_url,7);
434	}
435	-
436	- return $login_url;
437	}
438
439	// Build our own nonce functions as wp_create_nonce is user dependent,
	@@ -712,6 +717,15 @@ class core_google_apps_login {
712
713	echo '<br class="clear">';
714	if ($saoptions['ga_serviceemail'] != '') {









715	// Display service email
716	echo '<label for="input_ga_serviceemail" class="textinput">'.__('Service Account email address', 'google-apps-login').'</label>';
717	echo "<div class='gal-lowerinput'>";
	@@ -728,7 +742,7 @@ class core_google_apps_login {
728	}
729	}
730
731	- echo '<label for="input_ga_keyfileupload" class="textinput gal_jsonkeyfile">'.__('Upload Service Account JSON file', 'google-apps-login').'</label>';
732	echo '<label for="input_ga_keyjson" class="textinput gal_jsonkeytext" style="display: none;">'.__('Paste contents of JSON file', 'google-apps-login').'</label>';
733
734	echo "<div class='gal-lowerinput'>";
	@@ -788,7 +802,7 @@ class core_google_apps_login {
788	</table>
789	</p>
790
791	- <p>Here is a comma-separated list of ~~scopes~~ to copy and paste into your Google Apps admin security page (see instructions).
792	<br />
793	<div class="gal-admin-scopes-list"><?php echo htmlentities(implode(', ',array_unique($all_scopes))); ?></div>
794	</p>
	@@ -908,10 +922,12 @@ class core_google_apps_login {
908
909	$kfu = new gal_keyfile_uploader('ga_keyfileupload', isset($input['ga_keyjson']) ? $input['ga_keyjson'] : '');
910	$newemail = $kfu->getEmail();

911	$newkey = $kfu->getKey();
912	$newprint = $kfu->getPrint();
913	- if ($newemail != '' && $newkey != '') {
914	$saoptions['ga_serviceemail'] = $newemail;

915	$saoptions['ga_sakey'] = $newkey;
916	$saoptions['ga_pkey_print'] = $newprint;
917	$this->save_sa_option($saoptions);
	@@ -942,7 +958,7 @@ class core_google_apps_login {
942	'ga_jsonkeyfile\|file_upload_error7' => __('Error with file upload on the server - failed to write to disk', 'google-apps-login'),
943	'ga_jsonkeyfile\|no_content' => __('JSON key file was empty'),
944	'ga_jsonkeyfile\|decode_error' => __('JSON key file could not be decoded correctly'),
945	- 'ga_jsonkeyfile\|missing_values' => __('JSON key file does not contain all of client_email, private_key, and type'),
946	'ga_jsonkeyfile\|not_serviceacct' => __('JSON key file does not represent a Service Account'),
947	'ga_jsonkeyfile\|bad_pem' => __('Key cannot be coerced into a PEM key - invalid format in private_key of JSON key file')
948	);
	@@ -1021,7 +1037,7 @@ class core_google_apps_login {
1021	}
1022
1023	// Set defaults
1024	- foreach (array('ga_sakey', 'ga_serviceemail', 'ga_pkey_print') as $k) {
1025	if (!isset($ga_sa_options[$k])) {
1026	$ga_sa_options[$k] = '';
1027	}
	@@ -1072,7 +1088,7 @@ class core_google_apps_login {
1072	return add_query_arg(
1073	array( 'garedirect' => urlencode( $this->get_login_url() ),
1074	'gaorigin' => urlencode( (is_ssl() \|\| force_ssl_login() \|\| force_ssl_admin()
1075	- ? 'https://' : 'http://').$_SERVER['HTTP_HOST']~~.'/'~~ ),
1076	'ganotms' => is_multisite() ? 'false' : 'true',
1077	'gar' => urlencode( $refresh ),
1078	'utm_source' => 'Admin%20Instructions',


10	$this->add_actions();
11	register_activation_hook($this->my_plugin_basename(), array( $this, 'ga_activation_hook' ) );
12	}
13	+
14	+ protected static $gal_cookie_name = 'wordpress_google_apps_login';
15
16	// May be overridden in basic or premium
17	public function ga_activation_hook($network_wide) {

24	protected $newcookievalue = null;
25	protected function get_cookie_value() {
26	if (!$this->newcookievalue) {
27	+ if (isset($_COOKIE[self::$gal_cookie_name])) {
28	+ $this->newcookievalue = $_COOKIE[self::$gal_cookie_name];
29	}
30	else {
31	$this->newcookievalue = md5(rand());

183	+ (isset($_GET['action']) && $_GET['action']=='login' ? 1 : 0)) {
184	$do_autologin = true;
185	}
186	+ if (isset($_POST['log']) && isset($_POST['pwd'])) { // This was a WP username/password login attempt
187	+ $do_autologin = false;
188	+ }
189	}
190
191	if ($do_autologin && $options['ga_clientid'] != '' && $options['ga_clientsecret'] != '') {

422
423	public function ga_init() {
424	if ($GLOBALS['pagenow'] == 'wp-login.php') {
425	+ setcookie(self::$gal_cookie_name, $this->get_cookie_value(), time()+36000, '/', defined(COOKIE_DOMAIN) ? COOKIE_DOMAIN : '' );
426	}
427	}
428

437	if ((force_ssl_login() \|\| force_ssl_admin()) && strtolower(substr($login_url,0,7)) == 'http://') {
438	$login_url = 'https://'.substr($login_url,7);
439	}
440	+
441	+ return apply_filters( 'gal_login_url', $login_url );
442	}
443
444	// Build our own nonce functions as wp_create_nonce is user dependent,

717
718	echo '<br class="clear">';
719	if ($saoptions['ga_serviceemail'] != '') {
720	+ if ($saoptions['ga_serviceid'] != '') {
721	+ // Display client id
722	+ echo '<label for="input_ga_serviceid" class="textinput">'.__('Service Account Client ID / Name', 'google-apps-login').'</label>';
723	+ echo "<div class='gal-lowerinput'>";
724	+ //echo "<span id='input_ga_serviceid'>".htmlentities($saoptions['ga_serviceid'])."</span>";
725	+ echo "<div id='input_ga_serviceid' class='gal-admin-scopes-list'>".htmlentities($saoptions['ga_serviceid'])."</div>";
726	+ echo '</div>';
727	+ echo '<br class="clear">';
728	+ }
729	// Display service email
730	echo '<label for="input_ga_serviceemail" class="textinput">'.__('Service Account email address', 'google-apps-login').'</label>';
731	echo "<div class='gal-lowerinput'>";

742	}
743	}
744
745	+ echo '<label for="input_ga_keyfileupload" class="textinput gal_jsonkeyfile">'.__('Upload a new Service Account JSON file', 'google-apps-login').'</label>';
746	echo '<label for="input_ga_keyjson" class="textinput gal_jsonkeytext" style="display: none;">'.__('Paste contents of JSON file', 'google-apps-login').'</label>';
747
748	echo "<div class='gal-lowerinput'>";

802	</table>
803	</p>
804
805	+ <p>Here is a comma-separated list of API Scopes to copy and paste into your Google Apps admin security page (see instructions).
806	<br />
807	<div class="gal-admin-scopes-list"><?php echo htmlentities(implode(', ',array_unique($all_scopes))); ?></div>
808	</p>

922
923	$kfu = new gal_keyfile_uploader('ga_keyfileupload', isset($input['ga_keyjson']) ? $input['ga_keyjson'] : '');
924	$newemail = $kfu->getEmail();
925	+ $newid = $kfu->getId();
926	$newkey = $kfu->getKey();
927	$newprint = $kfu->getPrint();
928	+ if ($newemail != '' && $newkey != '' && $newid != '') {
929	$saoptions['ga_serviceemail'] = $newemail;
930	+ $saoptions['ga_serviceid'] = $newid;
931	$saoptions['ga_sakey'] = $newkey;
932	$saoptions['ga_pkey_print'] = $newprint;
933	$this->save_sa_option($saoptions);

958	'ga_jsonkeyfile\|file_upload_error7' => __('Error with file upload on the server - failed to write to disk', 'google-apps-login'),
959	'ga_jsonkeyfile\|no_content' => __('JSON key file was empty'),
960	'ga_jsonkeyfile\|decode_error' => __('JSON key file could not be decoded correctly'),
961	+ 'ga_jsonkeyfile\|missing_values' => __('JSON key file does not contain all of client_email, client_id, private_key, and type'),
962	'ga_jsonkeyfile\|not_serviceacct' => __('JSON key file does not represent a Service Account'),
963	'ga_jsonkeyfile\|bad_pem' => __('Key cannot be coerced into a PEM key - invalid format in private_key of JSON key file')
964	);

1037	}
1038
1039	// Set defaults
1040	+ foreach (array('ga_sakey', 'ga_serviceemail', 'ga_serviceid', 'ga_pkey_print') as $k) {
1041	if (!isset($ga_sa_options[$k])) {
1042	$ga_sa_options[$k] = '';
1043	}

1088	return add_query_arg(
1089	array( 'garedirect' => urlencode( $this->get_login_url() ),
1090	'gaorigin' => urlencode( (is_ssl() \|\| force_ssl_login() \|\| force_ssl_admin()
1091	+ ? 'https://' : 'http://').$_SERVER['HTTP_HOST'] ),
1092	'ganotms' => is_multisite() ? 'false' : 'true',
1093	'gar' => urlencode( $refresh ),
1094	'utm_source' => 'Admin%20Instructions',

core/keyfile_uploader.php CHANGED Viewed

	@@ -47,8 +47,8 @@ class gal_keyfile_uploader {
47	$this->error = 'decode_error';
48	return;
49	}
50	- if (!isset($fullkey['client_email']) \|\| !isset($fullkey['private_key']) \|\| !isset($fullkey['type'])
51	- \|\| $fullkey['client_email'] == '' \|\| $fullkey['private_key'] == '') {
52	$this->error = 'missing_values';
53	return;
54	}
	@@ -63,6 +63,7 @@ class gal_keyfile_uploader {
63	}
64
65	$this->key = $fullkey['private_key'];

66	$this->email = $fullkey['client_email'];
67	$this->pkeyprint = isset($fullkey['private_key_id']) ? $fullkey['private_key_id'] : '<unspecified>';
68	}
	@@ -82,6 +83,11 @@ class gal_keyfile_uploader {
82	return $this->email;
83	}
84





85	protected $key = '';
86	public function getKey() {
87	return $this->key;


47	$this->error = 'decode_error';
48	return;
49	}
50	+ if (!isset($fullkey['client_id']) \|\| !isset($fullkey['client_email']) \|\| !isset($fullkey['private_key']) \|\| !isset($fullkey['type'])
51	+ \|\| $fullkey['client_id'] == '' \|\| $fullkey['client_email'] == '' \|\| $fullkey['private_key'] == '') {
52	$this->error = 'missing_values';
53	return;
54	}

63	}
64
65	$this->key = $fullkey['private_key'];
66	+ $this->id = $fullkey['client_id'];
67	$this->email = $fullkey['client_email'];
68	$this->pkeyprint = isset($fullkey['private_key_id']) ? $fullkey['private_key_id'] : '<unspecified>';
69	}

83	return $this->email;
84	}
85
86	+ protected $id = '';
87	+ public function getId() {
88	+ return $this->id;
89	+ }
90	+
91	protected $key = '';
92	public function getKey() {
93	return $this->key;

google_apps_login.php CHANGED Viewed

	@@ -4,7 +4,7 @@
4	* Plugin Name: Google Apps Login
5	* Plugin URI: http://wp-glogin.com/
6	* Description: Simple secure login for Wordpress through users' Google Apps accounts (uses secure OAuth2, and MFA if enabled)
7	- * Version: 2.8.3
8	* Author: Dan Lester
9	* Author URI: http://wp-glogin.com/
10	* License: GPL3
	@@ -17,7 +17,7 @@ require_once( plugin_dir_path(__FILE__).'/core/core_google_apps_login.php' );
17
18	class basic_google_apps_login extends core_google_apps_login {
19
20	- protected $PLUGIN_VERSION = '2.8.3';
21
22	// Singleton
23	private static $instance = null;


4	* Plugin Name: Google Apps Login
5	* Plugin URI: http://wp-glogin.com/
6	* Description: Simple secure login for Wordpress through users' Google Apps accounts (uses secure OAuth2, and MFA if enabled)
7	+ * Version: 2.8.11
8	* Author: Dan Lester
9	* Author URI: http://wp-glogin.com/
10	* License: GPL3

17
18	class basic_google_apps_login extends core_google_apps_login {
19
20	+ protected $PLUGIN_VERSION = '2.8.11';
21
22	// Singleton
23	private static $instance = null;

readme.txt CHANGED Viewed

	@@ -3,7 +3,7 @@ Contributors: danlester
3	Tags: login, google, authentication, oauth2, oauth, google login, google apps, sso, single-sign-on, auth, intranet
4	Requires at least: 3.7
5	Tested up to: 4.3
6	- Stable tag: 2.8.3
7	License: GPLv3
8	License URI: http://www.gnu.org/licenses/gpl-3.0.html
9
	@@ -226,6 +226,14 @@ please [click here](http://wp-glogin.com/installing-google-apps-login/basic-setu
226
227	== Changelog ==
228








229	= 2.8.3 =
230
231	Resolved conflict with some other plugins over Google-related function names.


3	Tags: login, google, authentication, oauth2, oauth, google login, google apps, sso, single-sign-on, auth, intranet
4	Requires at least: 3.7
5	Tested up to: 4.3
6	+ Stable tag: 2.8.11
7	License: GPLv3
8	License URI: http://www.gnu.org/licenses/gpl-3.0.html
9

226
227	== Changelog ==
228
229	+ = 2.8.11 =
230	+
231	+ Service Account Client ID is imported from JSON key file so user can copy and paste it into admin.google.com
232	+
233	+ = 2.8.10 =
234	+
235	+ Changed name of login cookie from 'google_apps_login' to 'wp_google_apps_login'.
236	+
237	= 2.8.3 =
238
239	Resolved conflict with some other plugins over Google-related function names.