I have a similar scenario as saintmulligan.
I have a rails website, which I’ve configured for json login.
I am creating a wordpress website. I would like to have a “single sign-on”, so that users who have signed on (and are cookied) on my rails site can access the wordpress site
(eventually to post as well as to read posts).
I am investigating using this plugin, along with another plugin to limit reader — Ive been looking at this https://www.ads-software.com/plugins/restricted-site-access/
So far, I’ve installed and filled out the settings for RESTful Single Sign-On Plugin,
but I don’t see it doing anything happening. I don’t see any requests goint to my rails server when I log in or post, and using wp-login.php still uses the wordpress logins, not my rails logins.
I am not an expert in wordpress, or PHP. I looked in the apache logs and don’t see anything relevant.
My sites are running locally right now, but I can push the test out if that would help.
Maybe I’m misunderstanding what this plugin does, or maybe I’ve not configured it correctly.
Here are my settings:
Authentication Endpoint https://localhost:5001/auth/login
Password Reset Endpoint (blank)
Authenticated Resource user
Resource Username email
Resource Password password
Resource Email email
Resource First Name first_name
Resource Last Name last_name
Response Error Property error
Authorization Cookie nysci-wp.dev (my local wordpress. I tried chang
Cookie Domain nysci-wp.dev (I tried localhost:5001 as well)
Current User Info URL localhost:5001/auth/edit (this may not be right but I don’t think we are getting this far)
https://www.ads-software.com/plugins/wp-restful-single-sign-on/
]]>Interested in using this if I understand it correctly. I have a PHP site with 50K users. I want my wordpress/bbpress site to be closed to new registrations but instead require that forum posts be from existing users on the main site.
I’m looking for a login form on the wordpress site that routes the email/password to a PHP page on the main site where it would verify the user and return a go/no-go authentication. All wordpress users would be limited to the forums (participant role) and not be able to post to blog. The main site can create the needed JSON response format after user lookup.
Questions: is that the scope of this plugin? would a user record need to be created on the WP side in order for their forum posts to have valid user references? does your plugin handle that? i assume that i don’t need to sync users since the lookup will always be against the main site. deleting a user there would result in denied access on the WP site.
Thanks,
https://www.ads-software.com/plugins/wp-restful-single-sign-on/
]]>An empty or malformed HTTP response treated as successful authentication
RestfulSingleSignOnPlugin.php (error)
if (!$data instanceof WP_Error)
RestfulSingleSignOnPlugin.php (fixed)
if (!is_null($data) && !$data instanceof WP_Error && array_key_exists($username_property, $data) && $username==$data[$first_name_property])
https://www.ads-software.com/plugins/wp-restful-single-sign-on/
]]>For example, if the auth endpoint returns an HTTP 403, the users is still logged in. I have fixed this in my copy
Rest.php (original)
protected function _make_request($endpoint, $method = 'GET', $data = array(), $headers = array(), $cookies = array())
{
$result = wp_remote_request(
$endpoint,
array(
'headers' => array(
'Accept' => 'application/json',
'Content-type' => 'application/json'
) + $headers,
'cookies' => $cookies,
'body' => json_encode($data),
'method' => $method,
)
);
return $result;
}Rest.php (fixed)
protected function _make_request($endpoint, $method = 'GET', $data = array(), $headers = array(), $cookies = array())
{
$result = wp_remote_request(
$endpoint,
array(
'headers' => array(
'Accept' => 'application/json',
'Content-type' => 'application/json'
) + $headers,
'cookies' => $cookies,
'body' => json_encode($data),
'method' => $method,
)
);
if ( $result['response']['code'] != 200 ) {
return new WP_Error(
'HTTP'.$result['response']['code'],
$result['response']['message']
);
}
return $result;
}https://www.ads-software.com/plugins/wp-restful-single-sign-on/
]]>Hi,
I’d like to use your plugin and was just wondering against which versions do you recommend using it? Or whether there are known issues with certain versions of WP.
Thanks,
Kyvinh
https://www.ads-software.com/plugins/wp-restful-single-sign-on/
]]>