Version Description
Added filter gal_login_button_text so developers can customize the 'Login with Google' button in all versions (in Premium/Enterprise, it is possible to set the button text in settings, and that will always take priority if set).
Fixed a text injection vulnerability whereby it was possible for a third party to trick a user into viewing a version of the login page containing an error message entirely of their own choosing - all sites should upgrade to this plugin version.
Download this release
Release Info
Developer | danlester |
Plugin | Google Apps Login |
Version | 2.8.17 |
Comparing to | |
See all releases |
Code changes from version 2.8.16 to 2.8.17
- core/core_google_apps_login.php +7 -7
- google_apps_login.php +2 -2
- lang/google-apps-login.pot +48 -44
- readme.txt +10 -2
core/core_google_apps_login.php
CHANGED
@@ -242,7 +242,8 @@ class core_google_apps_login {
|
|
242 |
}
|
243 |
|
244 |
protected function get_login_button_text() {
|
245 |
-
|
|
|
246 |
}
|
247 |
|
248 |
protected function should_hidewplogin($options) {
|
@@ -272,8 +273,12 @@ class core_google_apps_login {
|
|
272 |
.'<a href="http://wp-glogin.com/installing-google-apps-login/#main-settings"'
|
273 |
.' target="_blank">instructions here</a>' , 'google-apps-login');
|
274 |
break;
|
|
|
|
|
|
|
|
|
275 |
default:
|
276 |
-
$error_message =
|
277 |
break;
|
278 |
}
|
279 |
$user = new WP_Error('ga_login_error', $error_message);
|
@@ -366,7 +371,6 @@ class core_google_apps_login {
|
|
366 |
}
|
367 |
|
368 |
if (is_wp_error($user)) {
|
369 |
-
$this->checkRegularWPError($user, $username, $password); // May exit
|
370 |
$this->displayAndReturnError($user);
|
371 |
}
|
372 |
|
@@ -382,10 +386,6 @@ class core_google_apps_login {
|
|
382 |
return $user;
|
383 |
}
|
384 |
|
385 |
-
// Has content in Premium
|
386 |
-
protected function checkRegularWPError($user, $username, $password) {
|
387 |
-
}
|
388 |
-
|
389 |
// Has content in Enterprise
|
390 |
protected function check_groups($client, $userinfo, $user, $userdidnotexist) {
|
391 |
}
|
242 |
}
|
243 |
|
244 |
protected function get_login_button_text() {
|
245 |
+
$login_button_text = __('Login with Google', 'google-apps-login');
|
246 |
+
return apply_filters('gal_login_button_text', $login_button_text);
|
247 |
}
|
248 |
|
249 |
protected function should_hidewplogin($options) {
|
273 |
.'<a href="http://wp-glogin.com/installing-google-apps-login/#main-settings"'
|
274 |
.' target="_blank">instructions here</a>' , 'google-apps-login');
|
275 |
break;
|
276 |
+
case 'ga_user_must_glogin':
|
277 |
+
$error_message = sprintf(__( 'The user must use <i>%s</i> to access the site' , 'google-apps-login'),
|
278 |
+
htmlentities($this->get_login_button_text()));
|
279 |
+
break;
|
280 |
default:
|
281 |
+
$error_message = __( 'Unrecognized error message' , 'google-apps-login');
|
282 |
break;
|
283 |
}
|
284 |
$user = new WP_Error('ga_login_error', $error_message);
|
371 |
}
|
372 |
|
373 |
if (is_wp_error($user)) {
|
|
|
374 |
$this->displayAndReturnError($user);
|
375 |
}
|
376 |
|
386 |
return $user;
|
387 |
}
|
388 |
|
|
|
|
|
|
|
|
|
389 |
// Has content in Enterprise
|
390 |
protected function check_groups($client, $userinfo, $user, $userdidnotexist) {
|
391 |
}
|
google_apps_login.php
CHANGED
@@ -4,7 +4,7 @@
|
|
4 |
* Plugin Name: Google Apps Login
|
5 |
* Plugin URI: http://wp-glogin.com/
|
6 |
* Description: Simple secure login for Wordpress through users' Google Apps accounts (uses secure OAuth2, and MFA if enabled)
|
7 |
-
* Version: 2.8.
|
8 |
* Author: Dan Lester
|
9 |
* Author URI: http://wp-glogin.com/
|
10 |
* License: GPL3
|
@@ -17,7 +17,7 @@ require_once( plugin_dir_path(__FILE__).'/core/core_google_apps_login.php' );
|
|
17 |
|
18 |
class basic_google_apps_login extends core_google_apps_login {
|
19 |
|
20 |
-
protected $PLUGIN_VERSION = '2.8.
|
21 |
|
22 |
// Singleton
|
23 |
private static $instance = null;
|
4 |
* Plugin Name: Google Apps Login
|
5 |
* Plugin URI: http://wp-glogin.com/
|
6 |
* Description: Simple secure login for Wordpress through users' Google Apps accounts (uses secure OAuth2, and MFA if enabled)
|
7 |
+
* Version: 2.8.17
|
8 |
* Author: Dan Lester
|
9 |
* Author URI: http://wp-glogin.com/
|
10 |
* License: GPL3
|
17 |
|
18 |
class basic_google_apps_login extends core_google_apps_login {
|
19 |
|
20 |
+
protected $PLUGIN_VERSION = '2.8.17';
|
21 |
|
22 |
// Singleton
|
23 |
private static $instance = null;
|
lang/google-apps-login.pot
CHANGED
@@ -1,14 +1,14 @@
|
|
1 |
-
# Copyright (C)
|
2 |
# This file is distributed under the same license as the package.
|
3 |
msgid ""
|
4 |
msgstr ""
|
5 |
"Project-Id-Version: \n"
|
6 |
"Report-Msgid-Bugs-To: http://wordpress.org/tag/googleappslogin\n"
|
7 |
-
"POT-Creation-Date:
|
8 |
"MIME-Version: 1.0\n"
|
9 |
"Content-Type: text/plain; charset=UTF-8\n"
|
10 |
"Content-Transfer-Encoding: 8bit\n"
|
11 |
-
"PO-Revision-Date:
|
12 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
13 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
14 |
|
@@ -52,129 +52,125 @@ msgstr ""
|
|
52 |
msgid "Error"
|
53 |
msgstr ""
|
54 |
|
55 |
-
#: core/commercial_google_apps_login.php:
|
56 |
-
msgid "User with email address %s must use Login with Google"
|
57 |
-
msgstr ""
|
58 |
-
|
59 |
-
#: core/commercial_google_apps_login.php:71
|
60 |
msgid "User %s does not exist"
|
61 |
msgstr ""
|
62 |
|
63 |
-
#: core/commercial_google_apps_login.php:
|
64 |
msgid "Invalid email address"
|
65 |
msgstr ""
|
66 |
|
67 |
-
#: core/commercial_google_apps_login.php:
|
68 |
msgid "Email address needs to be in %s."
|
69 |
msgstr ""
|
70 |
|
71 |
-
#: core/commercial_google_apps_login.php:
|
72 |
msgid "%s not authorized - <a href=\"%s\">Sign out of Google</a> to switch accounts"
|
73 |
msgstr ""
|
74 |
|
75 |
-
#: core/commercial_google_apps_login.php:
|
76 |
#: core/core_google_apps_login.php:197
|
77 |
msgid "Redirecting to <a href=\"%s\">Login via Google</a>..."
|
78 |
msgstr ""
|
79 |
|
80 |
-
#: core/commercial_google_apps_login.php:
|
81 |
msgid "By default, any existing account can authenticate either via Google (if a Gmail/Google Apps account), or by WordPress username/password."
|
82 |
msgstr ""
|
83 |
|
84 |
-
#: core/commercial_google_apps_login.php:
|
85 |
msgid "To allow special behaviour on your Google Apps domain (auto-create users who don't yet exist, or disable regular WordPress username/password access for your users), fill in the following section."
|
86 |
msgstr ""
|
87 |
|
88 |
-
#: core/commercial_google_apps_login.php:
|
89 |
msgid "Please read the <a href=\"%s\" target=\"gainstr\">instructions here</a> first."
|
90 |
msgstr ""
|
91 |
|
92 |
-
#: core/commercial_google_apps_login.php:
|
93 |
msgid "My Google Apps domain"
|
94 |
msgstr ""
|
95 |
|
96 |
-
#: core/commercial_google_apps_login.php:
|
97 |
msgid "Auto-create new users on my domain"
|
98 |
msgstr ""
|
99 |
|
100 |
-
#: core/commercial_google_apps_login.php:
|
101 |
msgid "Default role for new users"
|
102 |
msgstr ""
|
103 |
|
104 |
-
#: core/commercial_google_apps_login.php:
|
105 |
msgid "Disable WordPress username/password login for my domain"
|
106 |
msgstr ""
|
107 |
|
108 |
-
#: core/commercial_google_apps_login.php:
|
109 |
msgid "Completely hide WordPress username and password boxes"
|
110 |
msgstr ""
|
111 |
|
112 |
-
#: core/commercial_google_apps_login.php:
|
113 |
msgid "Tick the last two with caution - leave unchecked until you are confident Google Login is working for your own admin account"
|
114 |
msgstr ""
|
115 |
|
116 |
-
#: core/commercial_google_apps_login.php:
|
117 |
msgid "Automatically logout of Google when logging out of WordPress"
|
118 |
msgstr ""
|
119 |
|
120 |
-
#: core/commercial_google_apps_login.php:
|
121 |
msgid "Login button text (optional)"
|
122 |
msgstr ""
|
123 |
|
124 |
-
#: core/commercial_google_apps_login.php:
|
125 |
#: core/core_google_apps_login.php:245
|
126 |
msgid "Login with Google"
|
127 |
msgstr ""
|
128 |
|
129 |
-
#: core/commercial_google_apps_login.php:
|
130 |
msgid "You should have received a license key when you purchased this professional version of Google Apps Login."
|
131 |
msgstr ""
|
132 |
|
133 |
-
#: core/commercial_google_apps_login.php:
|
134 |
msgid "Please enter it below to enable automatic updates, or <a href=\"mailto:contact@wp-glogin.com\">email us</a> if you do not have one."
|
135 |
msgstr ""
|
136 |
|
137 |
-
#: core/commercial_google_apps_login.php:
|
138 |
msgid "License Key"
|
139 |
msgstr ""
|
140 |
|
141 |
-
#: core/commercial_google_apps_login.php:
|
142 |
msgid "Domain name should be a space-separated list of valid domains, in lowercase letters (or blank)"
|
143 |
msgstr ""
|
144 |
|
145 |
-
#: core/commercial_google_apps_login.php:
|
146 |
msgid "License key is too short"
|
147 |
msgstr ""
|
148 |
|
149 |
-
#: core/commercial_google_apps_login.php:
|
150 |
msgid "License key failed to activate"
|
151 |
msgstr ""
|
152 |
|
153 |
-
#: core/commercial_google_apps_login.php:
|
154 |
msgid "License key does not exist in our system at all"
|
155 |
msgstr ""
|
156 |
|
157 |
-
#: core/commercial_google_apps_login.php:
|
158 |
msgid "License key entered is for the wrong product"
|
159 |
msgstr ""
|
160 |
|
161 |
-
#: core/commercial_google_apps_login.php:
|
162 |
msgid "License key has expired"
|
163 |
msgstr ""
|
164 |
|
165 |
-
#: core/commercial_google_apps_login.php:
|
166 |
msgid "License key is not permitted for this website"
|
167 |
msgstr ""
|
168 |
|
169 |
-
#: core/commercial_google_apps_login.php:
|
170 |
msgid "License key is not active for this website"
|
171 |
msgstr ""
|
172 |
|
173 |
-
#: core/commercial_google_apps_login.php:
|
174 |
msgid "License key has been disabled"
|
175 |
msgstr ""
|
176 |
|
177 |
-
#: core/commercial_google_apps_login.php:
|
178 |
msgid "License key was not provided"
|
179 |
msgstr ""
|
180 |
|
@@ -186,31 +182,39 @@ msgstr ""
|
|
186 |
msgid "or"
|
187 |
msgstr ""
|
188 |
|
189 |
-
#: core/core_google_apps_login.php:
|
190 |
msgid "You did not grant access"
|
191 |
msgstr ""
|
192 |
|
193 |
-
#: core/core_google_apps_login.php:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
194 |
msgid "Session mismatch - try again, but there could be a problem setting state"
|
195 |
msgstr ""
|
196 |
|
197 |
-
#: core/core_google_apps_login.php:
|
198 |
msgid "Session mismatch - try again, but there could be a problem passing state"
|
199 |
msgstr ""
|
200 |
|
201 |
-
#: core/core_google_apps_login.php:
|
202 |
msgid "Session mismatch - try again, but there could be a problem setting cookies"
|
203 |
msgstr ""
|
204 |
|
205 |
-
#: core/core_google_apps_login.php:
|
206 |
msgid "Email needs to be verified on your Google Account"
|
207 |
msgstr ""
|
208 |
|
209 |
-
#: core/core_google_apps_login.php:
|
210 |
msgid "User authenticated OK, but error fetching user details from Google"
|
211 |
msgstr ""
|
212 |
|
213 |
-
#: core/core_google_apps_login.php:
|
214 |
msgid "User %s not registered in Wordpress"
|
215 |
msgstr ""
|
216 |
|
1 |
+
# Copyright (C) 2016
|
2 |
# This file is distributed under the same license as the package.
|
3 |
msgid ""
|
4 |
msgstr ""
|
5 |
"Project-Id-Version: \n"
|
6 |
"Report-Msgid-Bugs-To: http://wordpress.org/tag/googleappslogin\n"
|
7 |
+
"POT-Creation-Date: 2016-01-20 10:28:20+00:00\n"
|
8 |
"MIME-Version: 1.0\n"
|
9 |
"Content-Type: text/plain; charset=UTF-8\n"
|
10 |
"Content-Transfer-Encoding: 8bit\n"
|
11 |
+
"PO-Revision-Date: 2016-MO-DA HO:MI+ZONE\n"
|
12 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
13 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
14 |
|
52 |
msgid "Error"
|
53 |
msgstr ""
|
54 |
|
55 |
+
#: core/commercial_google_apps_login.php:60
|
|
|
|
|
|
|
|
|
56 |
msgid "User %s does not exist"
|
57 |
msgstr ""
|
58 |
|
59 |
+
#: core/commercial_google_apps_login.php:69
|
60 |
msgid "Invalid email address"
|
61 |
msgstr ""
|
62 |
|
63 |
+
#: core/commercial_google_apps_login.php:77
|
64 |
msgid "Email address needs to be in %s."
|
65 |
msgstr ""
|
66 |
|
67 |
+
#: core/commercial_google_apps_login.php:80
|
68 |
msgid "%s not authorized - <a href=\"%s\">Sign out of Google</a> to switch accounts"
|
69 |
msgstr ""
|
70 |
|
71 |
+
#: core/commercial_google_apps_login.php:137
|
72 |
#: core/core_google_apps_login.php:197
|
73 |
msgid "Redirecting to <a href=\"%s\">Login via Google</a>..."
|
74 |
msgstr ""
|
75 |
|
76 |
+
#: core/commercial_google_apps_login.php:156
|
77 |
msgid "By default, any existing account can authenticate either via Google (if a Gmail/Google Apps account), or by WordPress username/password."
|
78 |
msgstr ""
|
79 |
|
80 |
+
#: core/commercial_google_apps_login.php:158
|
81 |
msgid "To allow special behaviour on your Google Apps domain (auto-create users who don't yet exist, or disable regular WordPress username/password access for your users), fill in the following section."
|
82 |
msgstr ""
|
83 |
|
84 |
+
#: core/commercial_google_apps_login.php:160
|
85 |
msgid "Please read the <a href=\"%s\" target=\"gainstr\">instructions here</a> first."
|
86 |
msgstr ""
|
87 |
|
88 |
+
#: core/commercial_google_apps_login.php:165
|
89 |
msgid "My Google Apps domain"
|
90 |
msgstr ""
|
91 |
|
92 |
+
#: core/commercial_google_apps_login.php:170
|
93 |
msgid "Auto-create new users on my domain"
|
94 |
msgstr ""
|
95 |
|
96 |
+
#: core/commercial_google_apps_login.php:174
|
97 |
msgid "Default role for new users"
|
98 |
msgstr ""
|
99 |
|
100 |
+
#: core/commercial_google_apps_login.php:182
|
101 |
msgid "Disable WordPress username/password login for my domain"
|
102 |
msgstr ""
|
103 |
|
104 |
+
#: core/commercial_google_apps_login.php:187
|
105 |
msgid "Completely hide WordPress username and password boxes"
|
106 |
msgstr ""
|
107 |
|
108 |
+
#: core/commercial_google_apps_login.php:192
|
109 |
msgid "Tick the last two with caution - leave unchecked until you are confident Google Login is working for your own admin account"
|
110 |
msgstr ""
|
111 |
|
112 |
+
#: core/commercial_google_apps_login.php:214
|
113 |
msgid "Automatically logout of Google when logging out of WordPress"
|
114 |
msgstr ""
|
115 |
|
116 |
+
#: core/commercial_google_apps_login.php:217
|
117 |
msgid "Login button text (optional)"
|
118 |
msgstr ""
|
119 |
|
120 |
+
#: core/commercial_google_apps_login.php:220
|
121 |
#: core/core_google_apps_login.php:245
|
122 |
msgid "Login with Google"
|
123 |
msgstr ""
|
124 |
|
125 |
+
#: core/commercial_google_apps_login.php:228
|
126 |
msgid "You should have received a license key when you purchased this professional version of Google Apps Login."
|
127 |
msgstr ""
|
128 |
|
129 |
+
#: core/commercial_google_apps_login.php:230
|
130 |
msgid "Please enter it below to enable automatic updates, or <a href=\"mailto:contact@wp-glogin.com\">email us</a> if you do not have one."
|
131 |
msgstr ""
|
132 |
|
133 |
+
#: core/commercial_google_apps_login.php:234
|
134 |
msgid "License Key"
|
135 |
msgstr ""
|
136 |
|
137 |
+
#: core/commercial_google_apps_login.php:353
|
138 |
msgid "Domain name should be a space-separated list of valid domains, in lowercase letters (or blank)"
|
139 |
msgstr ""
|
140 |
|
141 |
+
#: core/commercial_google_apps_login.php:354
|
142 |
msgid "License key is too short"
|
143 |
msgstr ""
|
144 |
|
145 |
+
#: core/commercial_google_apps_login.php:356
|
146 |
msgid "License key failed to activate"
|
147 |
msgstr ""
|
148 |
|
149 |
+
#: core/commercial_google_apps_login.php:357
|
150 |
msgid "License key does not exist in our system at all"
|
151 |
msgstr ""
|
152 |
|
153 |
+
#: core/commercial_google_apps_login.php:358
|
154 |
msgid "License key entered is for the wrong product"
|
155 |
msgstr ""
|
156 |
|
157 |
+
#: core/commercial_google_apps_login.php:359
|
158 |
msgid "License key has expired"
|
159 |
msgstr ""
|
160 |
|
161 |
+
#: core/commercial_google_apps_login.php:360
|
162 |
msgid "License key is not permitted for this website"
|
163 |
msgstr ""
|
164 |
|
165 |
+
#: core/commercial_google_apps_login.php:361
|
166 |
msgid "License key is not active for this website"
|
167 |
msgstr ""
|
168 |
|
169 |
+
#: core/commercial_google_apps_login.php:362
|
170 |
msgid "License key has been disabled"
|
171 |
msgstr ""
|
172 |
|
173 |
+
#: core/commercial_google_apps_login.php:363
|
174 |
msgid "License key was not provided"
|
175 |
msgstr ""
|
176 |
|
182 |
msgid "or"
|
183 |
msgstr ""
|
184 |
|
185 |
+
#: core/core_google_apps_login.php:269
|
186 |
msgid "You did not grant access"
|
187 |
msgstr ""
|
188 |
|
189 |
+
#: core/core_google_apps_login.php:277
|
190 |
+
msgid "The user must use <i>%s</i> to access the site"
|
191 |
+
msgstr ""
|
192 |
+
|
193 |
+
#: core/core_google_apps_login.php:281
|
194 |
+
msgid "Unrecognized error message"
|
195 |
+
msgstr ""
|
196 |
+
|
197 |
+
#: core/core_google_apps_login.php:292
|
198 |
msgid "Session mismatch - try again, but there could be a problem setting state"
|
199 |
msgstr ""
|
200 |
|
201 |
+
#: core/core_google_apps_login.php:298
|
202 |
msgid "Session mismatch - try again, but there could be a problem passing state"
|
203 |
msgstr ""
|
204 |
|
205 |
+
#: core/core_google_apps_login.php:305
|
206 |
msgid "Session mismatch - try again, but there could be a problem setting cookies"
|
207 |
msgstr ""
|
208 |
|
209 |
+
#: core/core_google_apps_login.php:339
|
210 |
msgid "Email needs to be verified on your Google Account"
|
211 |
msgstr ""
|
212 |
|
213 |
+
#: core/core_google_apps_login.php:363
|
214 |
msgid "User authenticated OK, but error fetching user details from Google"
|
215 |
msgstr ""
|
216 |
|
217 |
+
#: core/core_google_apps_login.php:381
|
218 |
msgid "User %s not registered in Wordpress"
|
219 |
msgstr ""
|
220 |
|
readme.txt
CHANGED
@@ -3,7 +3,7 @@ Contributors: danlester
|
|
3 |
Tags: login, google, authentication, oauth2, oauth, google login, google apps, sso, single-sign-on, auth, intranet
|
4 |
Requires at least: 3.7
|
5 |
Tested up to: 4.4
|
6 |
-
Stable tag: 2.8.
|
7 |
License: GPLv3
|
8 |
License URI: http://www.gnu.org/licenses/gpl-3.0.html
|
9 |
|
@@ -133,7 +133,7 @@ The plugin will work whether your site is configured for HTTP or HTTPS.
|
|
133 |
However, you may have configured your site to run so that the login pages
|
134 |
can be accessed by *either* HTTP *or* HTTPS. In that case, you may run into problems.
|
135 |
We recommend that you set [FORCE_SSL_ADMIN](http://codex.wordpress.org/Administration_Over_SSL)
|
136 |
-
|
137 |
for login.
|
138 |
|
139 |
You may then need to ensure the Redirect URL and Web Origin in the Google Cloud Console are
|
@@ -226,6 +226,14 @@ please [click here](http://wp-glogin.com/installing-google-apps-login/basic-setu
|
|
226 |
|
227 |
== Changelog ==
|
228 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
229 |
= 2.8.16 =
|
230 |
|
231 |
Updated to work correctly alongside some plugins that change the login URL from /wp-login.php to something else.
|
3 |
Tags: login, google, authentication, oauth2, oauth, google login, google apps, sso, single-sign-on, auth, intranet
|
4 |
Requires at least: 3.7
|
5 |
Tested up to: 4.4
|
6 |
+
Stable tag: 2.8.17
|
7 |
License: GPLv3
|
8 |
License URI: http://www.gnu.org/licenses/gpl-3.0.html
|
9 |
|
133 |
However, you may have configured your site to run so that the login pages
|
134 |
can be accessed by *either* HTTP *or* HTTPS. In that case, you may run into problems.
|
135 |
We recommend that you set [FORCE_SSL_ADMIN](http://codex.wordpress.org/Administration_Over_SSL)
|
136 |
+
to true. This will ensure that all users are consistently using HTTPS
|
137 |
for login.
|
138 |
|
139 |
You may then need to ensure the Redirect URL and Web Origin in the Google Cloud Console are
|
226 |
|
227 |
== Changelog ==
|
228 |
|
229 |
+
= 2.8.17 =
|
230 |
+
|
231 |
+
Added filter gal_login_button_text so developers can customize the 'Login with Google' button in all versions (in Premium/Enterprise,
|
232 |
+
it is possible to set the button text in settings, and that will always take priority if set).
|
233 |
+
|
234 |
+
Fixed a text injection vulnerability whereby it was possible for a third party to trick a user into viewing a version of the login page
|
235 |
+
containing an error message entirely of their own choosing - all sites should upgrade to this plugin version.
|
236 |
+
|
237 |
= 2.8.16 =
|
238 |
|
239 |
Updated to work correctly alongside some plugins that change the login URL from /wp-login.php to something else.
|