Hey OpenID Team,

Is the plugin compatible with version 6.6.2?

kind regards

Is there any specific documentation for Azure AD implementation? Or has someone else been successful with Azure AD who can walk through the steps?

Hi,

I am trying to use your plugin to connect to a openid connect provider (GAR) but It isn’t working. They want me to add the parameter : ‘idRessource’ in the authorize request but I have the result :

“ERREUR (invalid-user-claim-Paramètre idRessource obligatoire):?Erreur du fournisseur d’identité.”

Can you help me solve this problem ?
Thank you in advance

While actively working in the editor the session will expire with no warning. While opening the media library to place an image the media library will stop working and shortly thereafter I will get the prompt to log back in. I’ve attempted to force the session longer via code but it does not seem to override the plugin’s session.

Hopefully there is a fix, I did not see any setting in the plugin to adjust session timing, only State timeout limit.

Hello, could you add Accept language header to calls that call oidc providers?

something like this?

public function request_authentication_token( $code ) {

// Add Host header – required for when the openid-connect endpoint is behind a reverse-proxy.
$parsed_url = parse_url( $this->endpoint_token );
$host = $parsed_url[‘host’];
$headerStringValue = $_SERVER[‘HTTP_ACCEPT_LANGUAGE’];

$request = array(
‘body’ => array(
‘code’ => $code,
‘client_id’ => $this->client_id,
‘client_secret’ => $this->client_secret,
‘redirect_uri’ => $this->redirect_uri,
‘grant_type’ => ‘authorization_code’,
‘scope’ => $this->scope,
),
‘headers’ => array( ‘Host’ => $host, ‘Accept-Language’ => $headerStringValue ),
);

Thanks

• This topic was modified 6 months ago by marky012.

Hi is there already a Shortcode for this plugin that points to “register new user”?
Something like:
https://<keycloak-url>/realms/<realm-name>/login-actions/registration?client_id=<client-id-name&gt;
is it possible to write custom shortcodes for this plugin? in case, is there an example?
Thanks.

Hi, I need to deploy the same wordpress page on different domains, with different authentication providers, so for each one I bulk-change all the domain recurrences both in the wordpress backup (/var/www/html/) and in the database backup (sql).
At the end, checking the deployments, all the domain recurrences are changes, but the Login Endpoint URL, which remain unchanged.
I wanted to know where is this and the other url settings saved?
I couldn’t find them in the DB…
Can you help me on this?

Am I correct in understanding, that site contents can still be read out using the REST API, even when the Enforce Privacy option is enabled?

Is there a way to check if the section in the IDP is still active? If the user logs out of another application, they continue with the active section in WordPress.

For this the Check session iframe is usually used.

Hello,

I would like to know if it is possible to hide the plugin in the wordpress menu and only make it visible to super administrators. I have been trying with remove_submenu_page and remove_menu_page but I don’t know what would be the slug that I should put.
I want that only the super admins of the multisite to be able to edit it

Thanks you

I really don’t know how to manage with that case : when I try to logout, the plugin is not redirecting me to opendid server logout. Like I’m only loggedout from WP session but not from the opendid server too

Hi!

Awesome plug-in, now I can let my users log into my wordpress site without the need for a new account.
However, every time my users close the browser they log out. I’ve set the theme cookie expiration date to 1 year but this does only affect the users logged in via WordPress, not openID.

I couldn’t find anything in the documentation about this. What I want is to let my users stay logged in for at least a week. The user data lives on Azure.

Thanks!
Lars

wrong theme. please delete it

• This topic was modified 1 year, 10 months ago by pitopy.

Hi,

Is oauth server password retrieved and saved as wordpress user password?

The user is registered but the login (wp-login.php) does not work.
Invalid password.

Thanks.

Hi is it possible to have “Login with Google” because I tried using Nextend Social Login SSO to register using google credentials, but when I click ” Login with OpenID Connect” button and then get redirect back to the site, it doesn’t seem to work.

I am trying to link ScoutsOnline (Scouts Netherlands Administration system) with the website. This system contains an OpenID protocol, which makes it possible to connect.

The manual (link below, page 9) describes a number of data that I cannot identify in the plugin. It is about this:
ON Endpoint URL
OP Identifier
and other variables.

What data do I need to transfer for a correct synchronization? Via SREG I can get back the membership number (Postal_code according to the manual). Can this be set directly?

Link to manual: https://www.scouting.nl/assets/uploads/doorzoekbareBestanden/06.Ondersteuning/Internet/openid_open_id_Handleiding_webmasters.pdf

Hi,

Thank you for this helpful plugin.

I currently use Login by Auth0 plugin that, in addition to Auth0’s native Lock form, offers a hosted login experience which redirects all login and signup requests from /wp-login.php to its (hosted) universal login page on Auth0. I assume your plugin can be used with Auth0 as an IDP. But, I am considering other IDP providers too and hence I am here. I am still researching and just need some clarity please, if you do not mind.

Q1: Hosted Login Redirect: Does OpenID Connect Generic Client plugin, similar to Login by Auth0, allow me to redirect users to hosted login forms provided by OAuth Servers / IDP providers and then log me back into WordPress?

Q2: Replace WP Form with OIDC Form: When I tried your plugin, I noticed that on the WP Login page, there’s a button “Login with OpenID Connect” placed just above the standard WP Login form. Instead, if I want to use a form, is it possible to completely replace the WordPress authentication flow with a custom OIDC form (similar to Lock form offered by Auth0)?

If there’s a roadmap for your plugin, I’d be happy to follow along.

Kind regards,

Hello,

our client wanted us to use OpenID Connect plugin on their WP website and they have asked us to provide the following information. Can someone please explain what there are and where can we find the information they’ve requested?

Thank you.

Clients requests:
—————–
1) Which of the following are you using?
– SAML(Allows the user to select a SAML (Security Assertion Markup Language) connection.)
– OIDC(Allows the user to select an OIDC (OpenID Connect) connection.)

2) Can you provide the values for either the Entity or Client ID?
– Entity ID – (SAML) A unique identifier the business application will send when users are directed to MyID for authentication.
– Client ID – (OIDC) A unique identifier the business application will send when users are directed to MyID for authentication.

3) Can you provide this URL?
– Assertion Consumer Service URL – (SAML) Application URL expecting the MyID payload.`

My current site is https://conferences.unite.un.org/athenaknowledgehub/

——————————————-
I have set up other site, URL is https://conferences.unite.un.org/athenaknowledgehub/nadi

This site is setup in another folder called nadi
See screenshot: https://prnt.sc/iRp1wmPWKqGq

——————————————-

I am facing currently 2 issues are:

1: I am trying to access url: https://conferences.unite.un.org/athenaknowledgehub/nadi without login and after successfully login it will redirect me to https://conferences.unite.un.org/athenaknowledgehub/nadi/nadi page which is not exist.

2: For the redirect issue, go to Tools on the home page and click on NADI. You are taken to https://conferences.unite.un.org/athenaknowledgehub/nadi/nadi/ rather than https://conferences.unite.un.org/athenaknowledgehub/nadi
See screenshot: https://prnt.sc/DzNjazRXhxIJ

Please help me here. Waiting for your reply

Thanks. Regards

Hi! I’m doing some research about all this OpenID stuff and it looks like what I need. I think your plugin might be the right solution but I don’t know how to configure it. Do you have any documentation with an example.
I’ve read that wordpress.com is an OpenID validator but I couldn’t know how to get all the information your plugin is requiring.
If wordpress.com doesn’t work, would you recommend any other platform to make it possible?
Thanks!

Hi team,

I am unable to do openid login after upgrade to wordpress 6.0. Is this tested for wordpress 6.0?

Aravind

Error “invalid-client-claim” is Displayed on Login Action when the Userinfo Endpoint is Added in the Plugin Settings.

According to tutorial (https://www.puppeteers.net/how-to-add-openid-to-wordpress-with-keycloak/) nothing worked, when we removed the user info endpoint url, we get error 5xx from your plugin however after refresh it seems to be working to a point, where logout is called. When user tries to re-login he doest not get a login prompt, rather same access token is used regardless of user requested a logout (hence destroying the token).

Used Keycloak version: 5.1.1

Used plugin version: 3.9.0

The property “Redirect Back to Origin Page” seems not to be working.
I created a wordpress page on which I entered the Login Button Shortcode. On click, the OpenID Connect authentication page is redirected, but after authentication, the user is not redirected to the page on which they clicked the OpenID Connect login button but redirected to the home page. How can I solve the problem?

Thanks in advance

after user creation, it doesn’t log in,

i think the problem is here?

do_action( ‘wp_login’, $user->user_login, $user );

in file :
\daggerhart-openid-connect-generic\includes\openid-connect-generic-client-wrapper.php

can you help me?

I am looking for a filter to hook a function to clean the username during user creation. Can you help me?

thank you so much

i’m using aws cognito for my sso
the connection with cognito is working,
but when i insert my data for login, the site respond ERROR invalid user claim
would it be possipble that the error is the identity or nickname key?
now i insertd the examples values
oter parametres are:
Scope: openid
Login Endpoint URL: my.domain.org/oauth2/authorize
Userinfo Endpoint URL: my.domain.org/oauth2/UserInfo
Token Validation Endpoint URL: my.domain.org/oauth2/token: my.domain.org/oauth2/logout
Disable SSL Verify: true
Email Formatting: {email}
Display Name Formatting: {family_name}
Identify with User Name: false
Link Existing Users: true
Create user if does not exist: true

any suggestion for fix the problem?

thank
Emanuele

i get an Error: “invalid-token-response” error when using oauth2 WordPress 5.4.2 with OpenID Connect Generic Plugin 3.6.0 Nextcloud 19 (OAuth2-Provider)

what am i doing wrong?

this is the log in the OpenID Connect Generic Plugin:

Typ: make_authentication_url
Datum: 2020-07-16 07:14:57
Benutzer: 0
URI: /wp/wp-login.php?login-error=invalid-token-response&message=Invalid+token+response
Data: string(349) "https://auth0.mydomain.de/nc/index.php/apps/oauth2/authorize?response_type=code&scope=openid%20profile%20email&client_id=ta0XeuISWT9cZB5lojfODJuL4mkXhVijh7rrzgETAquyuAcGQVK4Yg414nuFzcpj&state=604f27813e83e814854391957a830788&redirect_uri=https%3A%2F%2Fauth0.mydomain.de%2Fwp%2Fwp-admin%2Fadmin-ajax.php%3Faction%3Dopenid-connect-authorize"

Typ: invalid-token-response
Datum: 2020-07-16 07:14:57
Benutzer: 0
URI: /wp/wp-admin/admin-ajax.php?action=openid-connect-authorize&state=1efc17338ebeb61f3f1d37da3fe7867c&code=
Data: object(WP_Error)#7808 (2) {
      ["errors"]=>
      array(1) {
        ["invalid-token-response"]=>
        array(1) {
          [0]=>
          string(22) "Invalid token response"
        }
      }
      ["error_data"]=>
      array(1) {
        ["invalid-token-response"]=>
        array(5) {
          ["access_token"]=>
          string(72) "6WQ23PeixVHPyyhfXQk3ZDVze4UeBxdf9RsXRwU6w9CToLJW1VWPbFboFRQgvRUi9FfxG71D"
          ["token_type"]=>
          string(6) "Bearer"
          ["expires_in"]=>
          int(3600)
          ["refresh_token"]=>
          string(128) "zSRCTRWqZcD5izDpHZTACr4WGW20YrTQtNBivAELocLqD8RJ5bUCnPHnjMPUfzzGJ3g2jCn9xR7EW3Qj2EC8xcC35ekeaEVikrpVRhztMOWptlHjOnYGt9DuuXoYPA9U"
          ["user_id"]=>
          string(6) "theUser"
        }
      }
    }

Typ: request_authentication_token
Datum: 2020-07-16 07:14:57
Benutzer: 0
URI: /wp/wp-admin/admin-ajax.php?action=openid-connect-authorize&state=1efc17338ebeb61f3f1d37da3fe7867c&code=
Data: string(68) "https://auth0.mydomain.de/nc/index.php/apps/oauth2/api/v1/token"

Typ: make_authentication_url
Datum: 2020-07-16 07:14:50
Benutzer: 0
URI: /wp/wp-login.php?loggedout=true&wp_lang=de_DE
Data: string(349) "https://auth0.mydomain.de/nc/index.php/apps/oauth2/authorize?response_type=code&scope=openid%20profile%20email&client_id=ta0XeuISWT9cZB5lojfODJuL4mkXhVijh7rrzgETAquyuAcGQVK4Yg414nuFzcpj&state=1efc17338ebeb61f3f1d37da3fe7867c&redirect_uri=https%3A%2F%2Fauth0.mydomain.de%2Fwp%2Fwp-admin%2Fadmin-ajax.php%3Faction%3Dopenid-connect-authorize"

Is it possible to change the text of ‘Login with OpenID Connect’ button? Users may not readily understand it.

Hi Jonathan,
first let me say thank you very much for this plugin! I use it to log in users to WP via my Keycloak server and retrieve the access_token in my Angular custom elements from the WP user meta “openid-connect-generic-last-token-response” via WP ajax to authorize calls to my system.
This works like a charm, except that the access token in the user meta does not appear to be updated. Only when the user logs in, the access_token is updated.

My question is, is this the correct way to retrieve the access_token in the frontend and how can i get the refreshed access_token?

This plugin is working so good with my site, I’m using it with my own Openid Connect Provider (Gluu server), but the only problem I have is when I try to logout, it log out from my WordPress site but it still login in the Gluu Server, it seems like the End Session endpoint is not working, but I use the same one with another web app (developed in Laravel) I made and it works on it.