close
WordPress.org
Get WordPress

Plugin Directory

Changeset 2986913


Ignore:
Timestamp:
10/31/2023 04:34:47 PM (2 years ago)
Author:
jrchamp
Message:

Version 2.4.3

Location:
shibboleth
Files:
15 added
3 edited

Legend:

Unmodified
Added
Removed

  • shibboleth/trunk/options-user.php

    r2958392 r2986913  
    187187            check_admin_referer( 'shibboleth-link' );
    188188
    189             $shib_logging = shibboleth_getoption( 'shibboleth_logging', false, true );
    190189            $allowed = shibboleth_getoption( 'shibboleth_manually_combine_accounts', 'disallow' );
    191190
     
    206205                        if ( $user->user_login === $username && strtolower( $user->user_email ) === strtolower( $email ) ) {
    207206                            update_user_meta( $user->ID, 'shibboleth_account', true );
    208                             if ( in_array( 'account_merge', $shib_logging, true ) || defined( 'WP_DEBUG' ) && WP_DEBUG ) {
    209                                 error_log( '[Shibboleth WordPress Plugin Logging] SUCCESS: User ' . $user->user_login . ' (ID: ' . $user->ID . ') merged accounts manually.' );
    210                             }
     207                            shibboleth_log_message( 'account_merge', 'SUCCESS: User ' . $user->user_login . ' (ID: ' . $user->ID . ') merged accounts manually.' );
    211208                            wp_safe_redirect( get_edit_user_link() . '?shibboleth=linked' );
    212209                            exit;
     
    217214                            if ( ! $prevent_conflict->ID ) {
    218215                                update_user_meta( $user->ID, 'shibboleth_account', true );
    219                                 if ( in_array( 'account_merge', $shib_logging, true ) || defined( 'WP_DEBUG' ) && WP_DEBUG ) {
    220                                     error_log( '[Shibboleth WordPress Plugin Logging] SUCCESS: User ' . $user->user_login . ' (ID: ' . $user->ID . ') merged accounts manually.' );
    221                                 }
     216                                shibboleth_log_message( 'account_merge', 'SUCCESS: User ' . $user->user_login . ' (ID: ' . $user->ID . ') merged accounts manually.' );
    222217                                wp_safe_redirect( get_edit_user_link() . '?shibboleth=linked' );
    223218                                exit;
    224219                                // If username matches and there is an existing account with the email, fail.
    225220                            } else {
    226                                 if ( in_array( 'account_merge', $shib_logging, true ) || defined( 'WP_DEBUG' ) && WP_DEBUG ) {
    227                                     error_log( '[Shibboleth WordPress Plugin Logging] ERROR: User ' . $user->user_login . ' (ID: ' . $user->ID . ') failed to manually merge accounts. Reason: An account already exists with the email: ' . $email . ' .' );
    228                                 }
     221                                shibboleth_log_message( 'account_merge', 'ERROR: User ' . $user->user_login . ' (ID: ' . $user->ID . ') failed to manually merge accounts. Reason: An account already exists with the email: ' . $email . ' .' );
    229222                                wp_safe_redirect( get_edit_user_link() . '?shibboleth=failed' );
    230223                                exit;
     
    236229                            if ( ! $prevent_conflict->ID ) {
    237230                                update_user_meta( $user->ID, 'shibboleth_account', true );
    238                                 if ( in_array( 'account_merge', $shib_logging, true ) || defined( 'WP_DEBUG' ) && WP_DEBUG ) {
    239                                         error_log( '[Shibboleth WordPress Plugin Logging] SUCCESS: User ' . $user->user_login . ' (ID: ' . $user->ID . ') merged accounts manually using username bypass. Username provided by attribute is: ' . $username . '.' );
    240                                 }
     231                                shibboleth_log_message( 'account_merge', 'SUCCESS: User ' . $user->user_login . ' (ID: ' . $user->ID . ') merged accounts manually using username bypass. Username provided by attribute is: ' . $username . '.' );
    241232                                wp_safe_redirect( get_edit_user_link() . '?shibboleth=linked' );
    242233                                exit;
    243234                                // If there is an existing account with the email, fail.
    244235                            } else {
    245                                 if ( in_array( 'account_merge', $shib_logging, true ) || defined( 'WP_DEBUG' ) && WP_DEBUG ) {
    246                                     error_log( '[Shibboleth WordPress Plugin Logging] ERROR: User ' . $user->user_login . ' (ID: ' . $user->ID . ') failed to manually merge accounts using username bypass. Reason: An account already exists with the email: ' . $email . ' .' );
    247                                 }
     236                                shibboleth_log_message( 'account_merge', 'ERROR: User ' . $user->user_login . ' (ID: ' . $user->ID . ') failed to manually merge accounts using username bypass. Reason: An account already exists with the email: ' . $email . ' .' );
    248237                                wp_safe_redirect( get_edit_user_link() . '?shibboleth=failed' );
    249238                                exit;
     
    251240                            // If no other conditions are met, fail.
    252241                        } else {
    253                             if ( in_array( 'account_merge', $shib_logging, true ) || defined( 'WP_DEBUG' ) && WP_DEBUG ) {
    254                                 error_log( '[Shibboleth WordPress Plugin Logging] ERROR: User ' . $user->user_login . ' (ID: ' . $user->ID . ') failed to manually merge accounts. Reason: Username and email do not match what is provided by attributes. Username provided by attribute is: ' . $username . ' and email provided by attribute is ' . $email . '.' );
    255                             }
     242                            shibboleth_log_message( 'account_merge', 'ERROR: User ' . $user->user_login . ' (ID: ' . $user->ID . ') failed to manually merge accounts. Reason: Username and email do not match what is provided by attributes. Username provided by attribute is: ' . $username . ' and email provided by attribute is ' . $email . '.' );
    256243                            wp_safe_redirect( get_edit_user_link() . '?shibboleth=failed' );
    257244                            exit;
     
    266253                    // If manual merging is disabled, fail.
    267254                } else {
    268                     if ( in_array( 'account_merge', $shib_logging, true ) || defined( 'WP_DEBUG' ) && WP_DEBUG ) {
    269                         error_log( '[Shibboleth WordPress Plugin Logging] ERROR: User ' . $user->user_login . ' (ID: ' . $user->ID . ') failed to manually merge accounts. Reason: Manual account merging is disabled.' );
    270                     }
     255                    shibboleth_log_message( 'account_merge', 'ERROR: User ' . $user->user_login . ' (ID: ' . $user->ID . ') failed to manually merge accounts. Reason: Manual account merging is disabled.' );
    271256                    wp_safe_redirect( get_edit_user_link() . '?shibboleth=failed' );
    272257                    exit;
     
    274259                // If account is already merged, warn.
    275260            } else {
    276                 if ( in_array( 'account_merge', $shib_logging, true ) || defined( 'WP_DEBUG' ) && WP_DEBUG ) {
    277                     error_log( '[Shibboleth WordPress Plugin Logging] WARN: User ' . $user->user_login . ' (ID: ' . $user->ID . ') failed to manually merge accounts. Reason: User\'s account is already merged.' );
    278                 }
     261                shibboleth_log_message( 'account_merge', 'WARN: User ' . $user->user_login . ' (ID: ' . $user->ID . ') failed to manually merge accounts. Reason: User\'s account is already merged.' );
    279262                wp_safe_redirect( get_edit_user_link() . '?shibboleth=duplicate' );
    280263                exit;

  • shibboleth/trunk/readme.txt

    r2958392 r2986913  
    11=== Shibboleth ===
    2 Contributors: michaelryanmcneill, willnorris, mitchoyoshitaka, jrchamp, dericcrago, bshelton229, Alhrath, dandalpiaz
     2Contributors: michaelryanmcneill, willnorris, mitchoyoshitaka, jrchamp, dericcrago, bshelton229, Alhrath, dandalpiaz, masteradhoc, junaidkbr
    33Tags: shibboleth, authentication, login, saml
    44Requires at least: 4.0
    5 Tested up to: 6.3
     5Tested up to: 6.4
    66Requires PHP: 5.6
    7 Stable tag: 2.4.2
     7Stable tag: 2.4.3
    88
    99Allows WordPress to externalize user authentication and account creation to a Shibboleth Service Provider.
     
    198198
    199199== Changelog ==
    200 = version 2.4.3 (not yet released) =
     200= version 2.4.3 (2023-10-31) =
     201 - Compatibility: Check for Shibboleth username instead of Shib-Session-ID; thanks @spfncer [#97](https://github.com/michaelryanmcneill/shibboleth/pull/97)
    201202 - CI: Update GitHub Action workflows and code for WordPress coding standard v3 [#94](https://github.com/michaelryanmcneill/shibboleth/pull/94)
     203 - Cleanup: Reduced duplication via a logging helper function [#95](https://github.com/michaelryanmcneill/shibboleth/pull/95)
    202204
    203205= version 2.4.2 (2023-04-07) =

  • shibboleth/trunk/shibboleth.php

    r2895771 r2986913  
    99 * Plugin URI: https://wordpress.org/plugins/shibboleth/
    1010 * Description: Easily externalize user authentication to a <a href="https://www.incommon.org/software/shibboleth/">Shibboleth</a> Service Provider
    11  * Author: Michael McNeill, mitcho (Michael 芳貴 Erlewine), Will Norris
    12  * Version: 2.4.2
     11 * Author: Michael McNeill, Jonathan Champ, Michael Erlewine, Will Norris
     12 * Version: 2.4.3
    1313 * Requires PHP: 5.6
    1414 * Requires at least: 4.0
     
    1919define( 'SHIBBOLETH_MINIMUM_WP_VERSION', '4.0' );
    2020define( 'SHIBBOLETH_MINIMUM_PHP_VERSION', '5.6' );
    21 define( 'SHIBBOLETH_PLUGIN_VERSION', '2.4.2' );
     21define( 'SHIBBOLETH_PLUGIN_VERSION', '2.4.3' );
    2222
    2323/**
     
    377377    $active = false;
    378378    $method = shibboleth_getoption( 'shibboleth_attribute_access_method' );
    379     $session = shibboleth_getenv( 'Shib-Session-ID' );
     379    $shib_headers = shibboleth_getoption( 'shibboleth_headers', array(), true );
     380    $session = shibboleth_getenv( $shib_headers['username']['name'] );
    380381
    381382    if ( $session && 'http' !== $method ) {
     
    547548}
    548549
     550/**
     551 * Log Shibboleth message.
     552 *
     553 * @param string $message_type Message type.
     554 * @param string $message Message.
     555 * @since 2.4.3
     556 */
     557function shibboleth_log_message( $message_type, $message ) {
     558    static $shib_logging;
     559
     560    if ( ! isset( $shib_logging ) ) {
     561        $shib_logging = shibboleth_getoption( 'shibboleth_logging', array(), true );
     562    }
     563
     564    if ( defined( 'WP_DEBUG' ) && WP_DEBUG || in_array( $message_type, $shib_logging, true ) ) {
     565        error_log( '[Shibboleth WordPress Plugin Logging] ' . $message );
     566    }
     567}
    549568
    550569/**
     
    568587function shibboleth_authenticate_user() {
    569588    $shib_headers = shibboleth_getoption( 'shibboleth_headers', array(), true );
    570     $shib_logging = shibboleth_getoption( 'shibboleth_logging', array(), true );
    571589    $auto_combine_accounts = shibboleth_getoption( 'shibboleth_auto_combine_accounts' );
    572590    $manually_combine_accounts = shibboleth_getoption( 'shibboleth_manually_combine_accounts' );
     
    634652        if ( $do_account_combine ) {
    635653            update_user_meta( $user->ID, 'shibboleth_account', true );
    636             if ( in_array( 'account_merge', $shib_logging, true ) || defined( 'WP_DEBUG' ) && WP_DEBUG ) {
    637                 error_log( '[Shibboleth WordPress Plugin Logging] SUCCESS: User ' . $user->user_login . ' (ID: ' . $user->ID . ') merged accounts automatically.' );
    638             }
     654            shibboleth_log_message( 'account_merge', 'SUCCESS: User ' . $user->user_login . ' (ID: ' . $user->ID . ') merged accounts automatically.' );
    639655        } elseif ( 'username' === $user_by ) {
    640             if ( in_array( 'account_merge', $shib_logging, true ) || defined( 'WP_DEBUG' ) && WP_DEBUG ) {
    641                 error_log( '[Shibboleth WordPress Plugin Logging] ERROR: User ' . $user->user_login . ' (ID: ' . $user->ID . ') failed to automatically merge accounts. Reason: An account already exists with this username.' );
    642             }
     656            shibboleth_log_message( 'account_merge', 'ERROR: User ' . $user->user_login . ' (ID: ' . $user->ID . ') failed to automatically merge accounts. Reason: An account already exists with this username.' );
    643657            return new WP_Error( 'invalid_username', __( 'An account already exists with this username.', 'shibboleth' ) );
    644658        } else {
    645             if ( in_array( 'account_merge', $shib_logging, true ) || defined( 'WP_DEBUG' ) && WP_DEBUG ) {
    646                 error_log( '[Shibboleth WordPress Plugin Logging] ERROR: User ' . $user->user_login . ' (ID: ' . $user->ID . ') failed to automatically merge accounts. Reason: An account already exists with this email.' );
    647             }
     659            shibboleth_log_message( 'account_merge', 'ERROR: User ' . $user->user_login . ' (ID: ' . $user->ID . ') failed to automatically merge accounts. Reason: An account already exists with this email.' );
    648660            return new WP_Error( 'invalid_email', __( 'An account already exists with this email.', 'shibboleth' ) );
    649661        }
     
    660672    if ( ! $user ) {
    661673        $error_message = 'Unable to create account based on data provided.';
    662         if ( in_array( 'account_create', $shib_logging, true ) || defined( 'WP_DEBUG' ) && WP_DEBUG ) {
    663             error_log( '[Shibboleth WordPress Plugin Logging] ERROR: Unable to create account based on data provided.' );
    664         }
     674        shibboleth_log_message( 'account_create', 'ERROR: Unable to create account based on data provided.' );
    665675        return new WP_Error( 'missing_data', $error_message );
    666676    }
     
    674684        $user_role = shibboleth_get_user_role();
    675685        $user->set_role( $user_role );
    676         if ( in_array( 'role_update', $shib_logging, true ) || defined( 'WP_DEBUG' ) && WP_DEBUG ) {
    677             error_log( '[Shibboleth WordPress Plugin Logging] SUCCESS: User ' . $user->user_login . ' (ID: ' . $user->ID . ') role was updated to ' . $user_role . '.' );
    678         }
     686        shibboleth_log_message( 'role_update', 'SUCCESS: User ' . $user->user_login . ' (ID: ' . $user->ID . ') role was updated to ' . $user_role . '.' );
    679687        do_action( 'shibboleth_set_user_roles', $user );
    680688    }
    681689
    682     if ( in_array( 'auth', $shib_logging, true ) || defined( 'WP_DEBUG' ) && WP_DEBUG ) {
    683         error_log( '[Shibboleth WordPress Plugin Logging] SUCCESS: User ' . $user->user_login . ' (ID: ' . $user->ID . ') successfully authenticated.' );
    684     }
     690    shibboleth_log_message( 'auth', 'SUCCESS: User ' . $user->user_login . ' (ID: ' . $user->ID . ') successfully authenticated.' );
    685691    return $user;
    686692}
     
    697703function shibboleth_create_new_user( $user_login, $user_email ) {
    698704    $create_accounts = shibboleth_getoption( 'shibboleth_create_accounts' );
    699     $shib_logging = shibboleth_getoption( 'shibboleth_logging', array(), true );
    700705    $user_role = shibboleth_get_user_role();
    701706
     
    714719        );
    715720        if ( is_wp_error( $user_id ) ) {
    716             if ( in_array( 'account_create', $shib_logging, true ) || defined( 'WP_DEBUG' ) && WP_DEBUG ) {
    717                 error_log( '[Shibboleth WordPress Plugin Logging] ERROR: Unable to create account based on data provided. Reason: ' . $user_id->get_error_message() . '.' );
    718             }
     721            shibboleth_log_message( 'account_create', 'ERROR: Unable to create account based on data provided. Reason: ' . $user_id->get_error_message() . '.' );
    719722            return new WP_Error( 'account_create_failed', $user_id->get_error_message() );
    720723        } else {
     
    726729            $user->set_role( $user_role );
    727730            do_action( 'shibboleth_set_user_roles', $user );
    728             if ( in_array( 'account_create', $shib_logging, true ) || defined( 'WP_DEBUG' ) && WP_DEBUG ) {
    729                 error_log( '[Shibboleth WordPress Plugin Logging] SUCCESS: User ' . $user->user_login . ' (ID: ' . $user->ID . ') was created with role ' . ( $user_role ? $user_role : 'none' ) . '.' );
    730             }
     731            shibboleth_log_message( 'account_create', 'SUCCESS: User ' . $user->user_login . ' (ID: ' . $user->ID . ') was created with role ' . ( $user_role ? $user_role : 'none' ) . '.' );
    731732            return $user;
    732733        }
    733734    } else {
    734         if ( in_array( 'auth', $shib_logging, true ) || defined( 'WP_DEBUG' ) && WP_DEBUG ) {
    735             error_log( '[Shibboleth WordPress Plugin Logging] ERROR: User account does not exist and account creation is disabled.' );
    736         }
     735        shibboleth_log_message( 'auth', 'ERROR: User account does not exist and account creation is disabled.' );
    737736        return new WP_Error( 'no_access', __( 'You do not have sufficient access.' ) );
    738737    }
Note: See TracChangeset for help on using the changeset viewer.