openid-connect-generic
openid-connect-generic copied to clipboard
oidc-wp
WordPress plugin to provide an OpenID Connect Generic client
**Describe the bug** `save_refresh_token()` is called after the initial request. In our case of interest, the payload bring a `request_token` field (in the case of Google, this happens if `access_type=offline`....
The current strategy for refreshing tokens and expiring the current session is to run at `init` or `wp_loaded`, but after observing the many corner cases for logout and token timeouts...
We usually can not set the session validity (which depends upon the ID provider). Eg: 1h for Google. When editing, we end up with a popup: "Your session has expired....
Hello, I've looked and searched and I only found how to do the opposite, which is updating the user role on WordPress based on the user claim. What I want...
When the "redirect_user_back" setting is true, and the page has a query string parameter (a custom query string parameter, unrelated to any WordPress query string parameters), and uses a permalink,...
### All Submissions: * [ ] Have you followed the [plugin Contributing guideline](https://github.com/oidc-wp/openid-connect-generi/blob/dev/.github/CONTRIBUTING.md)? * [ ] Does your code follow the [WordPress' coding standards](https://make.wordpress.org/core/handbook/best-practices/coding-standards/)? * [ ] Have you checked...
**Describe the bug** After configuring all settings, when the login button is clicked, I get the error: error:invalid_request error_description:The mandatory 'code_challenge' parameter is missing. error_uri:https://documentation.openiddict.com/errors/ID2029 Even after removing the PKCE...
### All Submissions: * [X] Have you followed the [plugin Contributing guideline](https://github.com/oidc-wp/openid-connect-generi/blob/dev/.github/CONTRIBUTING.md)? * [X] Does your code follow the [WordPress' coding standards](https://make.wordpress.org/core/handbook/best-practices/coding-standards/)? * [X] Have you checked to ensure there...
**Describe the solution you'd like** Plugin configuration could contain a checkbox to only allow password-based login if the user isn't attached to an SSO user, this would reduce the chances...
This is currently untested. Just a starting point. ### All Submissions: * [ ] Have you followed the [plugin Contributing guideline](https://github.com/oidc-wp/openid-connect-generi/blob/dev/.github/CONTRIBUTING.md)? * [ ] Does your code follow the [WordPress'...
