Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add additional hooks for allow users to _gracefully_ not be logged in… #127

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

add additional hooks for allow users to _gracefully_ not be logged in… #127

wants to merge 1 commit into from

Conversation

matgargano
Copy link

@matgargano matgargano commented Feb 9, 2022
edited

… to WordPress but still use OneLogin SAML

Hi @pitbulk,

As a developer from a large company that uses this plugin on several sites, we have added the ability to have users log in with SAML but not exist in the database.

For now, we are using this plugin for admin login, but we will have a need to use it for logging in customers that don't have an account, nor do they need an account, stored in the WP database (so we would need to log in users without having it / creating it in the WP database).

These users would log in via 'onelogin-saml-sso' and the user data would be stored in a PHP session.
We've made some changes to the plugin so we could use it that way, via WordPress actions/hooks and not impact any other usage of this plugin. We would really appreciate it if you would merge in our changes.

We've added just a few hooks to the plugin that allows us to modify the plugin log-in behavior, no functionalities were changed.

If hooks aren't used plugin will work the same way as is now (without our changes).

We had to implement following hooks / changes to be able to use the plugin:

  1. do_action('onelogin_saml_attrs_pre_setup_user', $attrs)
  • location: php / functions.php (line 395)
  • this will allow us to get user attributes from SAML response so we can save them in PHP session
  1. apply_filters('onelogin_saml_show_no_user_error_response', true)
  • location: php / functions.php (line 462)
  • changed: } else {
  • replaced with: } elseif (apply_filters('onelogin_saml_show_no_user_error_response', true)) {
  • this will allow us have a logged in user without having an existing user in the WP database (if we don't create it this would echo an error message)
  1. do_action( 'onelogin_saml_attrs', $attrs, wp_get_current_user(), get_current_user_id(), $newuser)
  • location: php / functions.php (moved from line 492 to line 476)
  • we moved this function inside above if statement that checks if there is user_id set up (we are storing user data in a PHP session and don't create a user in WP db, so this would cause an error (we are skipping throwing an error if no user is found / created in Problem with translations #2))
  1. apply_filters('onelogin_saml_after_login_redirect_url', home_url())
  • location: php / functions.php (lines 510 and 521)
  • changed: wp_redirect(home_url());
  • replaced with: wp_redirect( apply_filters('onelogin_saml_after_login_redirect_url', home_url()) );
  • this is added so we customize default redirect path after user is logged in (if 'RelayState' wasn't passed in response we can modify default redirect path)

Please let us know if you have any questions at all.

@matgargano
Copy link
Author

@pitbulk any update?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@matgargano