1. What should be the field value for “Url for load.js file (required)”.

Discussion
After requesting a password reset, an email is sent out with the following URL for reset:

https://php.hgv.dev/wp-admin/admin-ajax.php?action=janrain_capture_redirect_uri&code=wna6bd772nr3bv

When this occurs, janrain-capture.php will forward the request to the registered wp_ajax method of redirect_uri. From there, the JanrainCaptureApi is immediately instantiated and a new access token is generated base on the above code. That code will log the user back in! Obviously a security risk if the email is compromised.

After the token has been generated, it appears one condition continues the flow of password reset. That is:

if ( $api->password_recover === true ) {
    wp_redirect( add_query_arg( array( 'janrain_capture_action' => 'password_recover' ),  home_url() ) );
}

Essentially redirecting the user back to the homepage, as logged in, with the final query request of:

https://php.hgv.dev/?janrain_capture_action=password_recover

After digging through the plugin, it appears this is a fragment from the capture legacy implementation. We can find a reference to password recover action within the JanrainCaptureUi Object. There it begins the process of using admin ajax to create a modal. However, this doesn’t apply to us as we use the modern capture implementation provided from janrain screens.

Therefore, it appears the token code attempts to log a user back in and redirect them with the above query request. Because the query is not associated with a registered wp ajax action method, it doesn’t do anything. And even if it attempts to load a provisioned screen of forgot.html, it couldn’t without a code in query.

The functionality of resetting a password, from an email, seems to be non-existent for this plugin. If we attempt the current workflow in loading a screen, it is possible to load the markup file by correctly appending the following query parameters:

https://php.hgv.dev/wp-admin/admin-ajax.php?action=janrain_capture_redirect_uri&url_type=forgot&code=123

This will load an individual page but proves to be incorrect and non-working when attempting the reset. The correct flow, would of course, launch up the screens in the existing provisioned modal.

https://www.ads-software.com/plugins/janrain-capture/

Problem
Janrain Registration works as should in logging a user through backplane in support of both janrain and livefyre. That is, janrain shows log out in place of all shortcode declarations as well as livefyre listing the logged in user for comments. However, when a user logs out, backplane is not working in signing out a user from both services.

Discussion
If a user logs out of Janrain, through its shortcode, we are able to successfully log out of Janrain services and the WordPress session. Upon refresh, the shortcode declaration now requires we sign-in. A quick check of related federate sites shows the event was emitted and user is now signed out of all sites. Nevertheless, if we look at an article that has livefyre enabled, we see that a user is still logged in.

The same situation applies if we use livefyre to sign out. When you select sign out from livefyre, the current session of livefyre has ended and a user is logged out of all related federate sites. However, even after manually refreshing the page, the shortcode shows the link to log out. In both cases, you can sign out of one but not the other.

Our implementation of livefyre registration is strictly based on the recommended workflow from:

https://answers.livefyre.com/developers/identity-integration/janrain-capture/

More specifically, following the same object creation for the authentication delegate.

A few initial ideas that we’ve played around with include forcing a redirect to the same page, with a logout query, after the auth delegate runs the logout function. We would follow a similar action that you have injected in your shortcode declaration when a user is signed in:

https://php.hgv.dev/wp-login.php?action=logout&redirect_to=http%3A%2F%2Fphp.hgv.dev%2Fpreparation%2Fhack-cash-449%2F&_wpnonce=ca9e59831e

This code is generated from your janrain-capture-ui.php:
$href = wp_logout_url( self::current_page_url() );

This does work in logging a user out from both janrain and livefyre. However, when a user attempts to log out from the generated shortcode link, that is from janrain, a user is signed out of janrain but as mentioned above, is not logged out of livefyre.

So while we can resolve this issue one way, the problem shouldn’t exist at all if backplane is correctly working with both services. We understand that in a successful flow, we would be responsible for any asynchronous UI changes that need to occur to properly reflect livefyre sign out. We also understand that wordpress session also comes into play in logging a user out.

Thanks for reading!

https://www.ads-software.com/plugins/janrain-capture/

LINE 31:
– if ( JanrainCapture::get_option( JanrainCapture::$name . '_widget_bp_enabled' ) > 0 ) {
Should be:
– if ( JanrainCapture::get_option( JanrainCapture::$name . '_widget_backplane_enabled' ) > 0 ) {

LINE 620:
$bus = JanrainCapture::get_option( JanrainCapture::$name . '_bp_bus_name' );
should be
$bus = JanrainCapture::get_option( JanrainCapture::$name . '_widget_bp_bus_name' );

The following fix will resolve the backplane javascript library from properly loading in the head tag for immediate reference for any services that use the protocol.

Discussion
This is an essential piece of the service. As such, it leads me to believe this feature was not fully fleshed out for support. I will be creating a separate forum for this discussion as well as a Janrain support ticket. I will stress though that the above should be fixed before continuing resolving other issues involving backplane.

https://www.ads-software.com/plugins/janrain-capture/

https://www.ads-software.com/plugins/rpx/

https://www.ads-software.com/plugins/rpx/

Requirements:

1. A single, secure database of all user information – including email, phone numbers passwords, age, gender, etc.

2. This ‘master’ database should support data exports to other systems – mailchimp (email), eventbrite (event tickets), ecommerce, etc.

3. Front end mobile-friendly UIs for users to log into my wordpress site via email+password, facebook login, google+ login or twitter login and manage their profiles

4. (optional) Compatibility (or native features) for social interaction across my site like commenting, following, badges, sentiment tagging (buzzfeed), UGC uploads, etc.

I think vendors like Gigya and JanRain might offer solutions for this, and I’d love to hear people’s thoughts about integration these tools. Also curious about newer solutions that might be less expensive and easier to integrate.

Thanks!
-D

If not, I’d be interested in sponsoring this functionality if it’s not already baked in.

https://www.ads-software.com/plugins/gravity-forms-janrain-add-on/

I have installed the plugin and integrated janrain sign-in widget (using triggerFlow). It works on http but doesn’t login/registers a user if it’s a https page. What could be a possible solution for this issue?

Thanks in advance!

https://www.ads-software.com/plugins/rpx/