Version Description
Added filter gal_login_button_text so developers can customize the 'Login with Google' button in all versions (in Premium/Enterprise, it is possible to set the button text in settings, and that will always take priority if set).
Fixed a text injection vulnerability whereby it was possible for a third party to trick a user into viewing a version of the login page containing an error message entirely of their own choosing - all sites should upgrade to this plugin version.
Download this release
Release Info
| Developer | danlester |
| Plugin |  Google Apps Login |
| Version | 2.8.17 |
| Comparing to | |
| See all releases | |
Code changes from version 2.8.16 to 2.8.17
- core/core_google_apps_login.php +7 -7
- google_apps_login.php +2 -2
- lang/google-apps-login.pot +48 -44
- readme.txt +10 -2
core/core_google_apps_login.php
CHANGED
|
@@ -242,7 +242,8 @@ class core_google_apps_login {
|
|
| 242 |
}
|
| 243 |
|
| 244 |
protected function get_login_button_text() {
|
| 245 |
-
|
|
|
|
| 246 |
}
|
| 247 |
|
| 248 |
protected function should_hidewplogin($options) {
|
|
@@ -272,8 +273,12 @@ class core_google_apps_login {
|
|
| 272 |
.'<a href="http://wp-glogin.com/installing-google-apps-login/#main-settings"'
|
| 273 |
.' target="_blank">instructions here</a>' , 'google-apps-login');
|
| 274 |
break;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 275 |
default:
|
| 276 |
-
$error_message =
|
| 277 |
break;
|
| 278 |
}
|
| 279 |
$user = new WP_Error('ga_login_error', $error_message);
|
|
@@ -366,7 +371,6 @@ class core_google_apps_login {
|
|
| 366 |
}
|
| 367 |
|
| 368 |
if (is_wp_error($user)) {
|
| 369 |
-
$this->checkRegularWPError($user, $username, $password); // May exit
|
| 370 |
$this->displayAndReturnError($user);
|
| 371 |
}
|
| 372 |
|
|
@@ -382,10 +386,6 @@ class core_google_apps_login {
|
|
| 382 |
return $user;
|
| 383 |
}
|
| 384 |
|
| 385 |
-
// Has content in Premium
|
| 386 |
-
protected function checkRegularWPError($user, $username, $password) {
|
| 387 |
-
}
|
| 388 |
-
|
| 389 |
// Has content in Enterprise
|
| 390 |
protected function check_groups($client, $userinfo, $user, $userdidnotexist) {
|
| 391 |
}
|
| 242 |
}
|
| 243 |
|
| 244 |
protected function get_login_button_text() {
|
| 245 |
+
$login_button_text = __('Login with Google', 'google-apps-login');
|
| 246 |
+
return apply_filters('gal_login_button_text', $login_button_text);
|
| 247 |
}
|
| 248 |
|
| 249 |
protected function should_hidewplogin($options) {
|
| 273 |
.'<a href="http://wp-glogin.com/installing-google-apps-login/#main-settings"'
|
| 274 |
.' target="_blank">instructions here</a>' , 'google-apps-login');
|
| 275 |
break;
|
| 276 |
+
case 'ga_user_must_glogin':
|
| 277 |
+
$error_message = sprintf(__( 'The user must use <i>%s</i> to access the site' , 'google-apps-login'),
|
| 278 |
+
htmlentities($this->get_login_button_text()));
|
| 279 |
+
break;
|
| 280 |
default:
|
| 281 |
+
$error_message = __( 'Unrecognized error message' , 'google-apps-login');
|
| 282 |
break;
|
| 283 |
}
|
| 284 |
$user = new WP_Error('ga_login_error', $error_message);
|
| 371 |
}
|
| 372 |
|
| 373 |
if (is_wp_error($user)) {
|
|
|
|
| 374 |
$this->displayAndReturnError($user);
|
| 375 |
}
|
| 376 |
|
| 386 |
return $user;
|
| 387 |
}
|
| 388 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 389 |
// Has content in Enterprise
|
| 390 |
protected function check_groups($client, $userinfo, $user, $userdidnotexist) {
|
| 391 |
}
|
google_apps_login.php
CHANGED
|
@@ -4,7 +4,7 @@
|
|
| 4 |
* Plugin Name: Google Apps Login
|
| 5 |
* Plugin URI: http://wp-glogin.com/
|
| 6 |
* Description: Simple secure login for Wordpress through users' Google Apps accounts (uses secure OAuth2, and MFA if enabled)
|
| 7 |
-
* Version: 2.8.
|
| 8 |
* Author: Dan Lester
|
| 9 |
* Author URI: http://wp-glogin.com/
|
| 10 |
* License: GPL3
|
|
@@ -17,7 +17,7 @@ require_once( plugin_dir_path(__FILE__).'/core/core_google_apps_login.php' );
|
|
| 17 |
|
| 18 |
class basic_google_apps_login extends core_google_apps_login {
|
| 19 |
|
| 20 |
-
protected $PLUGIN_VERSION = '2.8.
|
| 21 |
|
| 22 |
// Singleton
|
| 23 |
private static $instance = null;
|
| 4 |
* Plugin Name: Google Apps Login
|
| 5 |
* Plugin URI: http://wp-glogin.com/
|
| 6 |
* Description: Simple secure login for Wordpress through users' Google Apps accounts (uses secure OAuth2, and MFA if enabled)
|
| 7 |
+
* Version: 2.8.17
|
| 8 |
* Author: Dan Lester
|
| 9 |
* Author URI: http://wp-glogin.com/
|
| 10 |
* License: GPL3
|
| 17 |
|
| 18 |
class basic_google_apps_login extends core_google_apps_login {
|
| 19 |
|
| 20 |
+
protected $PLUGIN_VERSION = '2.8.17';
|
| 21 |
|
| 22 |
// Singleton
|
| 23 |
private static $instance = null;
|
lang/google-apps-login.pot
CHANGED
|
@@ -1,14 +1,14 @@
|
|
| 1 |
-
# Copyright (C)
|
| 2 |
# This file is distributed under the same license as the package.
|
| 3 |
msgid ""
|
| 4 |
msgstr ""
|
| 5 |
"Project-Id-Version: \n"
|
| 6 |
"Report-Msgid-Bugs-To: http://wordpress.org/tag/googleappslogin\n"
|
| 7 |
-
"POT-Creation-Date:
|
| 8 |
"MIME-Version: 1.0\n"
|
| 9 |
"Content-Type: text/plain; charset=UTF-8\n"
|
| 10 |
"Content-Transfer-Encoding: 8bit\n"
|
| 11 |
-
"PO-Revision-Date:
|
| 12 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
| 13 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
| 14 |
|
|
@@ -52,129 +52,125 @@ msgstr ""
|
|
| 52 |
msgid "Error"
|
| 53 |
msgstr ""
|
| 54 |
|
| 55 |
-
#: core/commercial_google_apps_login.php:
|
| 56 |
-
msgid "User with email address %s must use Login with Google"
|
| 57 |
-
msgstr ""
|
| 58 |
-
|
| 59 |
-
#: core/commercial_google_apps_login.php:71
|
| 60 |
msgid "User %s does not exist"
|
| 61 |
msgstr ""
|
| 62 |
|
| 63 |
-
#: core/commercial_google_apps_login.php:
|
| 64 |
msgid "Invalid email address"
|
| 65 |
msgstr ""
|
| 66 |
|
| 67 |
-
#: core/commercial_google_apps_login.php:
|
| 68 |
msgid "Email address needs to be in %s."
|
| 69 |
msgstr ""
|
| 70 |
|
| 71 |
-
#: core/commercial_google_apps_login.php:
|
| 72 |
msgid "%s not authorized - <a href=\"%s\">Sign out of Google</a> to switch accounts"
|
| 73 |
msgstr ""
|
| 74 |
|
| 75 |
-
#: core/commercial_google_apps_login.php:
|
| 76 |
#: core/core_google_apps_login.php:197
|
| 77 |
msgid "Redirecting to <a href=\"%s\">Login via Google</a>..."
|
| 78 |
msgstr ""
|
| 79 |
|
| 80 |
-
#: core/commercial_google_apps_login.php:
|
| 81 |
msgid "By default, any existing account can authenticate either via Google (if a Gmail/Google Apps account), or by WordPress username/password."
|
| 82 |
msgstr ""
|
| 83 |
|
| 84 |
-
#: core/commercial_google_apps_login.php:
|
| 85 |
msgid "To allow special behaviour on your Google Apps domain (auto-create users who don't yet exist, or disable regular WordPress username/password access for your users), fill in the following section."
|
| 86 |
msgstr ""
|
| 87 |
|
| 88 |
-
#: core/commercial_google_apps_login.php:
|
| 89 |
msgid "Please read the <a href=\"%s\" target=\"gainstr\">instructions here</a> first."
|
| 90 |
msgstr ""
|
| 91 |
|
| 92 |
-
#: core/commercial_google_apps_login.php:
|
| 93 |
msgid "My Google Apps domain"
|
| 94 |
msgstr ""
|
| 95 |
|
| 96 |
-
#: core/commercial_google_apps_login.php:
|
| 97 |
msgid "Auto-create new users on my domain"
|
| 98 |
msgstr ""
|
| 99 |
|
| 100 |
-
#: core/commercial_google_apps_login.php:
|
| 101 |
msgid "Default role for new users"
|
| 102 |
msgstr ""
|
| 103 |
|
| 104 |
-
#: core/commercial_google_apps_login.php:
|
| 105 |
msgid "Disable WordPress username/password login for my domain"
|
| 106 |
msgstr ""
|
| 107 |
|
| 108 |
-
#: core/commercial_google_apps_login.php:
|
| 109 |
msgid "Completely hide WordPress username and password boxes"
|
| 110 |
msgstr ""
|
| 111 |
|
| 112 |
-
#: core/commercial_google_apps_login.php:
|
| 113 |
msgid "Tick the last two with caution - leave unchecked until you are confident Google Login is working for your own admin account"
|
| 114 |
msgstr ""
|
| 115 |
|
| 116 |
-
#: core/commercial_google_apps_login.php:
|
| 117 |
msgid "Automatically logout of Google when logging out of WordPress"
|
| 118 |
msgstr ""
|
| 119 |
|
| 120 |
-
#: core/commercial_google_apps_login.php:
|
| 121 |
msgid "Login button text (optional)"
|
| 122 |
msgstr ""
|
| 123 |
|
| 124 |
-
#: core/commercial_google_apps_login.php:
|
| 125 |
#: core/core_google_apps_login.php:245
|
| 126 |
msgid "Login with Google"
|
| 127 |
msgstr ""
|
| 128 |
|
| 129 |
-
#: core/commercial_google_apps_login.php:
|
| 130 |
msgid "You should have received a license key when you purchased this professional version of Google Apps Login."
|
| 131 |
msgstr ""
|
| 132 |
|
| 133 |
-
#: core/commercial_google_apps_login.php:
|
| 134 |
msgid "Please enter it below to enable automatic updates, or <a href=\"mailto:contact@wp-glogin.com\">email us</a> if you do not have one."
|
| 135 |
msgstr ""
|
| 136 |
|
| 137 |
-
#: core/commercial_google_apps_login.php:
|
| 138 |
msgid "License Key"
|
| 139 |
msgstr ""
|
| 140 |
|
| 141 |
-
#: core/commercial_google_apps_login.php:
|
| 142 |
msgid "Domain name should be a space-separated list of valid domains, in lowercase letters (or blank)"
|
| 143 |
msgstr ""
|
| 144 |
|
| 145 |
-
#: core/commercial_google_apps_login.php:
|
| 146 |
msgid "License key is too short"
|
| 147 |
msgstr ""
|
| 148 |
|
| 149 |
-
#: core/commercial_google_apps_login.php:
|
| 150 |
msgid "License key failed to activate"
|
| 151 |
msgstr ""
|
| 152 |
|
| 153 |
-
#: core/commercial_google_apps_login.php:
|
| 154 |
msgid "License key does not exist in our system at all"
|
| 155 |
msgstr ""
|
| 156 |
|
| 157 |
-
#: core/commercial_google_apps_login.php:
|
| 158 |
msgid "License key entered is for the wrong product"
|
| 159 |
msgstr ""
|
| 160 |
|
| 161 |
-
#: core/commercial_google_apps_login.php:
|
| 162 |
msgid "License key has expired"
|
| 163 |
msgstr ""
|
| 164 |
|
| 165 |
-
#: core/commercial_google_apps_login.php:
|
| 166 |
msgid "License key is not permitted for this website"
|
| 167 |
msgstr ""
|
| 168 |
|
| 169 |
-
#: core/commercial_google_apps_login.php:
|
| 170 |
msgid "License key is not active for this website"
|
| 171 |
msgstr ""
|
| 172 |
|
| 173 |
-
#: core/commercial_google_apps_login.php:
|
| 174 |
msgid "License key has been disabled"
|
| 175 |
msgstr ""
|
| 176 |
|
| 177 |
-
#: core/commercial_google_apps_login.php:
|
| 178 |
msgid "License key was not provided"
|
| 179 |
msgstr ""
|
| 180 |
|
|
@@ -186,31 +182,39 @@ msgstr ""
|
|
| 186 |
msgid "or"
|
| 187 |
msgstr ""
|
| 188 |
|
| 189 |
-
#: core/core_google_apps_login.php:
|
| 190 |
msgid "You did not grant access"
|
| 191 |
msgstr ""
|
| 192 |
|
| 193 |
-
#: core/core_google_apps_login.php:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 194 |
msgid "Session mismatch - try again, but there could be a problem setting state"
|
| 195 |
msgstr ""
|
| 196 |
|
| 197 |
-
#: core/core_google_apps_login.php:
|
| 198 |
msgid "Session mismatch - try again, but there could be a problem passing state"
|
| 199 |
msgstr ""
|
| 200 |
|
| 201 |
-
#: core/core_google_apps_login.php:
|
| 202 |
msgid "Session mismatch - try again, but there could be a problem setting cookies"
|
| 203 |
msgstr ""
|
| 204 |
|
| 205 |
-
#: core/core_google_apps_login.php:
|
| 206 |
msgid "Email needs to be verified on your Google Account"
|
| 207 |
msgstr ""
|
| 208 |
|
| 209 |
-
#: core/core_google_apps_login.php:
|
| 210 |
msgid "User authenticated OK, but error fetching user details from Google"
|
| 211 |
msgstr ""
|
| 212 |
|
| 213 |
-
#: core/core_google_apps_login.php:
|
| 214 |
msgid "User %s not registered in Wordpress"
|
| 215 |
msgstr ""
|
| 216 |
|
| 1 |
+
# Copyright (C) 2016
|
| 2 |
# This file is distributed under the same license as the package.
|
| 3 |
msgid ""
|
| 4 |
msgstr ""
|
| 5 |
"Project-Id-Version: \n"
|
| 6 |
"Report-Msgid-Bugs-To: http://wordpress.org/tag/googleappslogin\n"
|
| 7 |
+
"POT-Creation-Date: 2016-01-20 10:28:20+00:00\n"
|
| 8 |
"MIME-Version: 1.0\n"
|
| 9 |
"Content-Type: text/plain; charset=UTF-8\n"
|
| 10 |
"Content-Transfer-Encoding: 8bit\n"
|
| 11 |
+
"PO-Revision-Date: 2016-MO-DA HO:MI+ZONE\n"
|
| 12 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
| 13 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
| 14 |
|
| 52 |
msgid "Error"
|
| 53 |
msgstr ""
|
| 54 |
|
| 55 |
+
#: core/commercial_google_apps_login.php:60
|
|
|
|
|
|
|
|
|
|
|
|
|
| 56 |
msgid "User %s does not exist"
|
| 57 |
msgstr ""
|
| 58 |
|
| 59 |
+
#: core/commercial_google_apps_login.php:69
|
| 60 |
msgid "Invalid email address"
|
| 61 |
msgstr ""
|
| 62 |
|
| 63 |
+
#: core/commercial_google_apps_login.php:77
|
| 64 |
msgid "Email address needs to be in %s."
|
| 65 |
msgstr ""
|
| 66 |
|
| 67 |
+
#: core/commercial_google_apps_login.php:80
|
| 68 |
msgid "%s not authorized - <a href=\"%s\">Sign out of Google</a> to switch accounts"
|
| 69 |
msgstr ""
|
| 70 |
|
| 71 |
+
#: core/commercial_google_apps_login.php:137
|
| 72 |
#: core/core_google_apps_login.php:197
|
| 73 |
msgid "Redirecting to <a href=\"%s\">Login via Google</a>..."
|
| 74 |
msgstr ""
|
| 75 |
|
| 76 |
+
#: core/commercial_google_apps_login.php:156
|
| 77 |
msgid "By default, any existing account can authenticate either via Google (if a Gmail/Google Apps account), or by WordPress username/password."
|
| 78 |
msgstr ""
|
| 79 |
|
| 80 |
+
#: core/commercial_google_apps_login.php:158
|
| 81 |
msgid "To allow special behaviour on your Google Apps domain (auto-create users who don't yet exist, or disable regular WordPress username/password access for your users), fill in the following section."
|
| 82 |
msgstr ""
|
| 83 |
|
| 84 |
+
#: core/commercial_google_apps_login.php:160
|
| 85 |
msgid "Please read the <a href=\"%s\" target=\"gainstr\">instructions here</a> first."
|
| 86 |
msgstr ""
|
| 87 |
|
| 88 |
+
#: core/commercial_google_apps_login.php:165
|
| 89 |
msgid "My Google Apps domain"
|
| 90 |
msgstr ""
|
| 91 |
|
| 92 |
+
#: core/commercial_google_apps_login.php:170
|
| 93 |
msgid "Auto-create new users on my domain"
|
| 94 |
msgstr ""
|
| 95 |
|
| 96 |
+
#: core/commercial_google_apps_login.php:174
|
| 97 |
msgid "Default role for new users"
|
| 98 |
msgstr ""
|
| 99 |
|
| 100 |
+
#: core/commercial_google_apps_login.php:182
|
| 101 |
msgid "Disable WordPress username/password login for my domain"
|
| 102 |
msgstr ""
|
| 103 |
|
| 104 |
+
#: core/commercial_google_apps_login.php:187
|
| 105 |
msgid "Completely hide WordPress username and password boxes"
|
| 106 |
msgstr ""
|
| 107 |
|
| 108 |
+
#: core/commercial_google_apps_login.php:192
|
| 109 |
msgid "Tick the last two with caution - leave unchecked until you are confident Google Login is working for your own admin account"
|
| 110 |
msgstr ""
|
| 111 |
|
| 112 |
+
#: core/commercial_google_apps_login.php:214
|
| 113 |
msgid "Automatically logout of Google when logging out of WordPress"
|
| 114 |
msgstr ""
|
| 115 |
|
| 116 |
+
#: core/commercial_google_apps_login.php:217
|
| 117 |
msgid "Login button text (optional)"
|
| 118 |
msgstr ""
|
| 119 |
|
| 120 |
+
#: core/commercial_google_apps_login.php:220
|
| 121 |
#: core/core_google_apps_login.php:245
|
| 122 |
msgid "Login with Google"
|
| 123 |
msgstr ""
|
| 124 |
|
| 125 |
+
#: core/commercial_google_apps_login.php:228
|
| 126 |
msgid "You should have received a license key when you purchased this professional version of Google Apps Login."
|
| 127 |
msgstr ""
|
| 128 |
|
| 129 |
+
#: core/commercial_google_apps_login.php:230
|
| 130 |
msgid "Please enter it below to enable automatic updates, or <a href=\"mailto:contact@wp-glogin.com\">email us</a> if you do not have one."
|
| 131 |
msgstr ""
|
| 132 |
|
| 133 |
+
#: core/commercial_google_apps_login.php:234
|
| 134 |
msgid "License Key"
|
| 135 |
msgstr ""
|
| 136 |
|
| 137 |
+
#: core/commercial_google_apps_login.php:353
|
| 138 |
msgid "Domain name should be a space-separated list of valid domains, in lowercase letters (or blank)"
|
| 139 |
msgstr ""
|
| 140 |
|
| 141 |
+
#: core/commercial_google_apps_login.php:354
|
| 142 |
msgid "License key is too short"
|
| 143 |
msgstr ""
|
| 144 |
|
| 145 |
+
#: core/commercial_google_apps_login.php:356
|
| 146 |
msgid "License key failed to activate"
|
| 147 |
msgstr ""
|
| 148 |
|
| 149 |
+
#: core/commercial_google_apps_login.php:357
|
| 150 |
msgid "License key does not exist in our system at all"
|
| 151 |
msgstr ""
|
| 152 |
|
| 153 |
+
#: core/commercial_google_apps_login.php:358
|
| 154 |
msgid "License key entered is for the wrong product"
|
| 155 |
msgstr ""
|
| 156 |
|
| 157 |
+
#: core/commercial_google_apps_login.php:359
|
| 158 |
msgid "License key has expired"
|
| 159 |
msgstr ""
|
| 160 |
|
| 161 |
+
#: core/commercial_google_apps_login.php:360
|
| 162 |
msgid "License key is not permitted for this website"
|
| 163 |
msgstr ""
|
| 164 |
|
| 165 |
+
#: core/commercial_google_apps_login.php:361
|
| 166 |
msgid "License key is not active for this website"
|
| 167 |
msgstr ""
|
| 168 |
|
| 169 |
+
#: core/commercial_google_apps_login.php:362
|
| 170 |
msgid "License key has been disabled"
|
| 171 |
msgstr ""
|
| 172 |
|
| 173 |
+
#: core/commercial_google_apps_login.php:363
|
| 174 |
msgid "License key was not provided"
|
| 175 |
msgstr ""
|
| 176 |
|
| 182 |
msgid "or"
|
| 183 |
msgstr ""
|
| 184 |
|
| 185 |
+
#: core/core_google_apps_login.php:269
|
| 186 |
msgid "You did not grant access"
|
| 187 |
msgstr ""
|
| 188 |
|
| 189 |
+
#: core/core_google_apps_login.php:277
|
| 190 |
+
msgid "The user must use <i>%s</i> to access the site"
|
| 191 |
+
msgstr ""
|
| 192 |
+
|
| 193 |
+
#: core/core_google_apps_login.php:281
|
| 194 |
+
msgid "Unrecognized error message"
|
| 195 |
+
msgstr ""
|
| 196 |
+
|
| 197 |
+
#: core/core_google_apps_login.php:292
|
| 198 |
msgid "Session mismatch - try again, but there could be a problem setting state"
|
| 199 |
msgstr ""
|
| 200 |
|
| 201 |
+
#: core/core_google_apps_login.php:298
|
| 202 |
msgid "Session mismatch - try again, but there could be a problem passing state"
|
| 203 |
msgstr ""
|
| 204 |
|
| 205 |
+
#: core/core_google_apps_login.php:305
|
| 206 |
msgid "Session mismatch - try again, but there could be a problem setting cookies"
|
| 207 |
msgstr ""
|
| 208 |
|
| 209 |
+
#: core/core_google_apps_login.php:339
|
| 210 |
msgid "Email needs to be verified on your Google Account"
|
| 211 |
msgstr ""
|
| 212 |
|
| 213 |
+
#: core/core_google_apps_login.php:363
|
| 214 |
msgid "User authenticated OK, but error fetching user details from Google"
|
| 215 |
msgstr ""
|
| 216 |
|
| 217 |
+
#: core/core_google_apps_login.php:381
|
| 218 |
msgid "User %s not registered in Wordpress"
|
| 219 |
msgstr ""
|
| 220 |
|
readme.txt
CHANGED
|
@@ -3,7 +3,7 @@ Contributors: danlester
|
|
| 3 |
Tags: login, google, authentication, oauth2, oauth, google login, google apps, sso, single-sign-on, auth, intranet
|
| 4 |
Requires at least: 3.7
|
| 5 |
Tested up to: 4.4
|
| 6 |
-
Stable tag: 2.8.
|
| 7 |
License: GPLv3
|
| 8 |
License URI: http://www.gnu.org/licenses/gpl-3.0.html
|
| 9 |
|
|
@@ -133,7 +133,7 @@ The plugin will work whether your site is configured for HTTP or HTTPS.
|
|
| 133 |
However, you may have configured your site to run so that the login pages
|
| 134 |
can be accessed by *either* HTTP *or* HTTPS. In that case, you may run into problems.
|
| 135 |
We recommend that you set [FORCE_SSL_ADMIN](http://codex.wordpress.org/Administration_Over_SSL)
|
| 136 |
-
|
| 137 |
for login.
|
| 138 |
|
| 139 |
You may then need to ensure the Redirect URL and Web Origin in the Google Cloud Console are
|
|
@@ -226,6 +226,14 @@ please [click here](http://wp-glogin.com/installing-google-apps-login/basic-setu
|
|
| 226 |
|
| 227 |
== Changelog ==
|
| 228 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 229 |
= 2.8.16 =
|
| 230 |
|
| 231 |
Updated to work correctly alongside some plugins that change the login URL from /wp-login.php to something else.
|
| 3 |
Tags: login, google, authentication, oauth2, oauth, google login, google apps, sso, single-sign-on, auth, intranet
|
| 4 |
Requires at least: 3.7
|
| 5 |
Tested up to: 4.4
|
| 6 |
+
Stable tag: 2.8.17
|
| 7 |
License: GPLv3
|
| 8 |
License URI: http://www.gnu.org/licenses/gpl-3.0.html
|
| 9 |
|
| 133 |
However, you may have configured your site to run so that the login pages
|
| 134 |
can be accessed by *either* HTTP *or* HTTPS. In that case, you may run into problems.
|
| 135 |
We recommend that you set [FORCE_SSL_ADMIN](http://codex.wordpress.org/Administration_Over_SSL)
|
| 136 |
+
to true. This will ensure that all users are consistently using HTTPS
|
| 137 |
for login.
|
| 138 |
|
| 139 |
You may then need to ensure the Redirect URL and Web Origin in the Google Cloud Console are
|
| 226 |
|
| 227 |
== Changelog ==
|
| 228 |
|
| 229 |
+
= 2.8.17 =
|
| 230 |
+
|
| 231 |
+
Added filter gal_login_button_text so developers can customize the 'Login with Google' button in all versions (in Premium/Enterprise,
|
| 232 |
+
it is possible to set the button text in settings, and that will always take priority if set).
|
| 233 |
+
|
| 234 |
+
Fixed a text injection vulnerability whereby it was possible for a third party to trick a user into viewing a version of the login page
|
| 235 |
+
containing an error message entirely of their own choosing - all sites should upgrade to this plugin version.
|
| 236 |
+
|
| 237 |
= 2.8.16 =
|
| 238 |
|
| 239 |
Updated to work correctly alongside some plugins that change the login URL from /wp-login.php to something else.
|
