From 3fe4ec8f6e84ad86ef637b23a78b1870795bd15c Mon Sep 17 00:00:00 2001 From: Alexander Skvortsov Date: Mon, 9 Dec 2019 23:56:10 -0500 Subject: [PATCH 1/3] Added support for updating user attrs on subsequent logins --- inc/namespace.php | 61 ++++++++++++++++++++++++++++++++--------------- 1 file changed, 42 insertions(+), 19 deletions(-) diff --git a/inc/namespace.php b/inc/namespace.php index c9d732a3..9079cc20 100644 --- a/inc/namespace.php +++ b/inc/namespace.php @@ -53,6 +53,7 @@ function bootstrap() { add_action( 'wpsimplesaml_action_metadata', __NAMESPACE__ . '\\action_metadata' ); add_action( 'wpsimplesaml_user_created', __NAMESPACE__ . '\\map_user_roles', 10, 2 ); + add_action( 'wpsimplesaml_user_updated', __NAMESPACE__ . '\\map_user_roles', 10, 2 ); // is_plugin_active_for_network can only be used once the plugin.php file is // included. More information can be found here: @@ -372,32 +373,54 @@ function get_or_create_wp_user( \OneLogin\Saml2\Auth $saml ) { $user = get_user_by( 'email', $email ); } + $first_name = isset( $map['first_name'], $attributes[ $map['first_name'] ] ) && is_array( $attributes[ $map['first_name'] ] ) ? reset( $attributes[ $map['first_name'] ] ) : ''; + $last_name = isset( $map['last_name'], $attributes[ $map['last_name'] ] ) && is_array( $attributes[ $map['last_name'] ] ) ? reset( $attributes[ $map['last_name'] ] ) : ''; + + $user_data = [ + 'ID' => null, + 'user_login' => isset( $map['user_login'], $attributes[ $map['user_login'] ] ) ? $attributes[ $map['user_login'] ][0] : $saml->getNameId(), + 'user_pass' => wp_generate_password(), + 'user_nicename' => implode( ' ', array_filter( [ $first_name, $last_name ] ) ), + 'first_name' => $first_name, + 'last_name' => $last_name, + 'user_email' => $email, + ]; + + /** + * Filters user data before insertion to the database + * + * @param array $attributes Attributes array coming from SAML Response object + * + * @return array User data to be used with wp_insert_user + */ + $user_data = apply_filters( 'wpsimplesaml_user_data', $user_data, $attributes ); + // No user yet ? lets create a new one. if ( empty( $user ) ) { - $first_name = isset( $map['first_name'], $attributes[ $map['first_name'] ] ) && is_array( $attributes[ $map['first_name'] ] ) ? reset( $attributes[ $map['first_name'] ] ) : ''; - $last_name = isset( $map['last_name'], $attributes[ $map['last_name'] ] ) && is_array( $attributes[ $map['last_name'] ] ) ? reset( $attributes[ $map['last_name'] ] ) : ''; + $user_id = wp_insert_user( $user_data ); - $user_data = [ - 'ID' => null, - 'user_login' => isset( $map['user_login'], $attributes[ $map['user_login'] ] ) ? $attributes[ $map['user_login'] ][0] : $saml->getNameId(), - 'user_pass' => wp_generate_password(), - 'user_nicename' => implode( ' ', array_filter( [ $first_name, $last_name ] ) ), - 'first_name' => $first_name, - 'last_name' => $last_name, - 'user_email' => $email, - ]; + if ( is_wp_error( $user_id ) ) { + return $user_id; + } + + $user = get_user_by( 'ID', $user_id ); /** - * Filters user data before insertion to the database - * - * @param array $attributes Attributes array coming from SAML Response object + * Used to handle post-user-creation logic, ie: role mapping * - * @return array User data to be used with wp_insert_user + * @param \WP_User $user User object + * @param array $attributes SAML Attributes passed from IdP */ - $user_data = apply_filters( 'wpsimplesaml_user_data', $user_data, $attributes ); + do_action( 'wpsimplesaml_user_created', $user, $attributes ); + } else { + foreach ( $user_data as $key => $value ) { + if ( ! $value ) { + $user_data[$key] = $user->$key; + } + } - $user_id = wp_insert_user( $user_data ); + $user_id = wp_update_user( $user_data ); if ( is_wp_error( $user_id ) ) { return $user_id; @@ -406,12 +429,12 @@ function get_or_create_wp_user( \OneLogin\Saml2\Auth $saml ) { $user = get_user_by( 'ID', $user_id ); /** - * Used to handle post-user-creation logic, ie: role mapping + * Used to handle post-user-update logic, ie: role mapping * * @param \WP_User $user User object * @param array $attributes SAML Attributes passed from IdP */ - do_action( 'wpsimplesaml_user_created', $user, $attributes ); + do_action( 'wpsimplesaml_user_updated', $user, $attributes ); } if ( ! is_a( $user, 'WP_User' ) ) { From bca601c71090a1b18758c54e06533a312ba47637 Mon Sep 17 00:00:00 2001 From: Alexander Skvortsov Date: Tue, 10 Dec 2019 00:02:26 -0500 Subject: [PATCH 2/3] Stylistic changes --- inc/namespace.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inc/namespace.php b/inc/namespace.php index 9079cc20..66c9c39f 100644 --- a/inc/namespace.php +++ b/inc/namespace.php @@ -416,7 +416,7 @@ function get_or_create_wp_user( \OneLogin\Saml2\Auth $saml ) { } else { foreach ( $user_data as $key => $value ) { if ( ! $value ) { - $user_data[$key] = $user->$key; + $user_data[ $key ] = $user -> $key; } } From dfdf163aef266065a68e4bc0a53d837dc0a2596f Mon Sep 17 00:00:00 2001 From: Alexander Skvortsov Date: Tue, 10 Dec 2019 00:04:26 -0500 Subject: [PATCH 3/3] More stylistic conformity changes --- inc/namespace.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inc/namespace.php b/inc/namespace.php index 66c9c39f..3f38e8e9 100644 --- a/inc/namespace.php +++ b/inc/namespace.php @@ -416,7 +416,7 @@ function get_or_create_wp_user( \OneLogin\Saml2\Auth $saml ) { } else { foreach ( $user_data as $key => $value ) { if ( ! $value ) { - $user_data[ $key ] = $user -> $key; + $user_data[ $key ] = $user->$key; } }