fdecicco

Authorization code.

thank you.

ok Justin,
we just purchased a business license, I’m hoping the /oauth/destroy will do what I need.

thank you.

Hey Justin,

I think I didn’t explain myself very well although your reply answers my subsequent questions.

the problem i see is this:

user logs in via sso/oauth2, I get token and save in session and also user is signed on wordpress. I have a logout page that clears token from session and also calls wp_logout() via new registered route but this logout doesn’t seem to work.

next user logs in using same browser via sso/oauth2, plugin seems smart enough to know wordpress session is ongoing and uses same user id but new token.

I need to force new user to login with his credentials but can’t seem to figure out how to do this as the wp_logout() end point doesn’t seem to work.

I am not using nor plan to use OpenId.

I hope this is better explanation. I am sorry for taking up so much of your time.

Frank.

not sure if I should start another thread or if its more valuable to keep it here.

anyway, my oauth2 based sso seems to work. users that authenticate via oauth2 are also logged into WP in the background and if they bring up a WP page then it shows the admin bar ok.

The question now is how can I create a single logout? I tried your logout snippet code on github but it doesn’t work and I guess I can see why as the redirect never really can take place since i’m in a different browser tab on a different domain.
I think I’m missing something still. Any idea?

Thanks Frank.

OK, I need to do some testing then to actually see what’s going on.
I will report back soon.

Thank you very much.

Thank you for the prompt reply.

Yes, I totally understand your approach but I think I’m missing 2 points:
1. I can do a /oauth/me just fine and get several users field but not the password
2. I looked but did not find a /login restApi endpoint, do I need to create this or did I miss something

I think that with the above I could just add the login call right after successful /oauth/token call. I could figure out the login endpoint but not sure about the password though unless I create a separate login page/form and save it. what would you do?

i dont understand why this topic is addressed offline in separate support form. I’m sure there is a reason but i’m having what might be similar issues and would be nice to see your finding here.
hopefully you’ll update this thread with something for the rest of us.
thank you.

oops, sorry, I just saw the faq.
multi select is not supported.

wow!!, i would think that is a most essential feature but i guess i understand the difficulties with the permalinks.

i am really sorry, I must have missed your earlier response.
getting pro now.

thank you.

Thank you Nicolas. I appreciate your prompt reply.

I figured this would not be possible with a shortcode that places a button but wanted to give it a try in case you had some fancy filter. ??

What is interesting is that no such plugin exists, neither on WordPress nor CodeCanyon or anywhere else. I checked many of them and they all do the same thing.

The alternatives seem to be to use full woocommerce, use add-on to form builder plugin such as gravity, ninja etc. for about $200 or just custom code it which is rather simple and I have already done but don’t really like to implement for clients for long term maintenance reasons.

your solutions when available will fill a huge void and the form builder plugin vendors might not appreciate it. (Just joking)

Thank you again.

Frank.

Vibban is absolutely correct, I found out the hard way. I wish I had come here first.

The role name and role id (sometime also called slug) must match exactly except that the name can have upper case letters which it converts to lower case prior to the compare. I would also not use any special chars.

–FDeCicco

I totally understand and agree with your points.

I think I was wishing for some kind of hook or code snippet to stick in functions.php to make the plugin less powerful to use to maintain an auxiliary table.
On this site we have users that have been given Admin rights to access legacy features not too well written.

Thank you very much for the reply and for the great plugin.

Frank.

Wow, what a great idea!!
I wish I would have thought of it or received a bit earlier, I ended up using a plugin called User Specific Content which, although not as flexible as yours, its doing a pretty decent job.

I am sure that I’ll use your plugin in the future though now that I know what to do.

Thank you very much for the reply.

Good luck.

OK, so its like I figured – Duplicator need the wp root folder to be writable the the webserver/php.

we run our own server(s), and definitively not budget, and we’d rather not make the wp root writable by php, how do we then use the subfolder concept you mentioned?

How do we tell duplicator to use a subfolder? or how can I make duplicator use a folder under wp-content instead of he root?

I hope I’m being clear with what i’m asking.

Thank you.

any idea what is involved in enabling/installing the sqli module. we run centos. maybe our server guys will do it if i can show them its trivial.