Skip to content

add additional hooks for allow users to _gracefully_ not be logged in…#127

Open
matgargano wants to merge 1 commit intoSAML-Toolkits:masterfrom
matgargano:PRH-Additional-Hooks
Open

add additional hooks for allow users to _gracefully_ not be logged in…#127
matgargano wants to merge 1 commit intoSAML-Toolkits:masterfrom
matgargano:PRH-Additional-Hooks

Conversation

@matgargano
Copy link

@matgargano matgargano commented Feb 9, 2022
edited
Loading

… to WordPress but still use OneLogin SAML

Hi @pitbulk,

As a developer from a large company that uses this plugin on several sites, we have added the ability to have users log in with SAML but not exist in the database.

For now, we are using this plugin for admin login, but we will have a need to use it for logging in customers that don't have an account, nor do they need an account, stored in the WP database (so we would need to log in users without having it / creating it in the WP database).

These users would log in via 'onelogin-saml-sso' and the user data would be stored in a PHP session.
We've made some changes to the plugin so we could use it that way, via WordPress actions/hooks and not impact any other usage of this plugin. We would really appreciate it if you would merge in our changes.

We've added just a few hooks to the plugin that allows us to modify the plugin log-in behavior, no functionalities were changed.

If hooks aren't used plugin will work the same way as is now (without our changes).

We had to implement following hooks / changes to be able to use the plugin:

  1. do_action('onelogin_saml_attrs_pre_setup_user', $attrs)
  • location: php / functions.php (line 395)
  • this will allow us to get user attributes from SAML response so we can save them in PHP session
  1. apply_filters('onelogin_saml_show_no_user_error_response', true)
  • location: php / functions.php (line 462)
  • changed: } else {
  • replaced with: } elseif (apply_filters('onelogin_saml_show_no_user_error_response', true)) {
  • this will allow us have a logged in user without having an existing user in the WP database (if we don't create it this would echo an error message)
  1. do_action( 'onelogin_saml_attrs', $attrs, wp_get_current_user(), get_current_user_id(), $newuser)
  • location: php / functions.php (moved from line 492 to line 476)
  • we moved this function inside above if statement that checks if there is user_id set up (we are storing user data in a PHP session and don't create a user in WP db, so this would cause an error (we are skipping throwing an error if no user is found / created in Problem with translations #2))
  1. apply_filters('onelogin_saml_after_login_redirect_url', home_url())
  • location: php / functions.php (lines 510 and 521)
  • changed: wp_redirect(home_url());
  • replaced with: wp_redirect( apply_filters('onelogin_saml_after_login_redirect_url', home_url()) );
  • this is added so we customize default redirect path after user is logged in (if 'RelayState' wasn't passed in response we can modify default redirect path)

Please let us know if you have any questions at all.

@matgargano
Copy link
Author

matgargano commented Mar 18, 2022

@pitbulk any update?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@matgargano