BrianHenryIE · February 23, 2018 15:50
diff --git a/wp-single-sign-on-client-actions-filters-friendly-errors.diff b/wp-single-sign-on-client-actions-filters-friendly-errors.diff
 diff --git a/includes/callback.php b/includes/callback.php
 index 81ca282..39b15db 100644
 --- a/includes/callback.php
 +++ b/includes/callback.php
 @@ -74,13 +74,22 @@ if ( isset( $_GET['code'] ) && ! empty( $_GET['code'] ) ) {
 	$user_info = json_decode( $response['body'] );
 	$user_id   = username_exists( $user_info->user_login );
 	if ( ! $user_id && email_exists( $user_info->user_email ) == false ) {
 -
 +		
 +		$new_user_permitted = true;
 +		$new_user_permitted = apply_filters( 'oauth-single-sign-on-permit-user', $new_user_permitted, $user_info );
 +		if ( ! $new_user_permitted ) {
 +			wp_redirect( esc_url( add_query_arg( array( 'ssofail' => "Account cannot be created for this user" ), wp_login_url() ) ) );
 +			exit;
 +		}
 +		
 		// Does not have an account... Register and then log the user in
 		$random_password = wp_generate_password( $length = 12, $include_standard_special_chars = false );
 		$user_id         = wp_create_user( $user_info->user_login, $random_password, $user_info->user_email );
 		wp_clear_auth_cookie();
 		wp_set_current_user( $user_id );
 		wp_set_auth_cookie( $user_id );
 +		
 +		do_action( 'oauth-single-sign-on-new-user', $user_info, $user_id );
 
 		if ( is_user_logged_in() ) {
 			wp_redirect( $user_redirect );
 @@ -102,6 +111,8 @@ if ( isset( $_GET['code'] ) && ! empty( $_GET['code'] ) ) {
 		wp_set_current_user( $user->ID );
 		wp_set_auth_cookie( $user->ID );
 
 +		do_action( 'oauth-single-sign-on', $user );
 +		
 		if ( is_user_logged_in() ) {
 			wp_redirect( $user_redirect );
 			exit;
 @@ -109,5 +120,6 @@ if ( isset( $_GET['code'] ) && ! empty( $_GET['code'] ) ) {
 
 	}
 
 -	exit( 'Single Sign On Failed.' );
 -}
 \ No newline at end of file
 +	wp_redirect( esc_url( add_query_arg( array( 'ssofail' => 'Single Sign On Failed.' ), wp_login_url() ) ) );
 +	exit();
 +}
 diff --git a/includes/functions.php b/includes/functions.php
 index fead972..862b86b 100644
 --- a/includes/functions.php
 +++ b/includes/functions.php
 @@ -56,4 +56,13 @@ function wpssoc_get_user_redirect_url() {
 	$user_redirect = apply_filters( 'wpssoc_user_redirect_url', $user_redirect_set );
 
 	return $user_redirect;
 +}
 +
 +
 +
 +function add_sso_fail_message() {
 +	return '<p id="login_error"><strong>ERROR:</strong> '.$_GET['ssofail'].'</p>';
 +}
 +if ( isset( $_GET['ssofail'] ) ) {
 +	add_filter('login_message', 'add_sso_fail_message');
 }
 \ No newline at end of file
	diff --git a/includes/callback.php b/includes/callback.php
	index 81ca282..39b15db 100644
	--- a/includes/callback.php
	+++ b/includes/callback.php
	@@ -74,13 +74,22 @@ if ( isset( $_GET['code'] ) && ! empty( $_GET['code'] ) ) {
	$user_info = json_decode( $response['body'] );
	$user_id = username_exists( $user_info->user_login );
	if ( ! $user_id && email_exists( $user_info->user_email ) == false ) {
	-
	+
	+ $new_user_permitted = true;
	+ $new_user_permitted = apply_filters( 'oauth-single-sign-on-permit-user', $new_user_permitted, $user_info );
	+ if ( ! $new_user_permitted ) {
	+ wp_redirect( esc_url( add_query_arg( array( 'ssofail' => "Account cannot be created for this user" ), wp_login_url() ) ) );
	+ exit;
	+ }
	+
	// Does not have an account... Register and then log the user in
	$random_password = wp_generate_password( $length = 12, $include_standard_special_chars = false );
	$user_id = wp_create_user( $user_info->user_login, $random_password, $user_info->user_email );
	wp_clear_auth_cookie();
	wp_set_current_user( $user_id );
	wp_set_auth_cookie( $user_id );
	+
	+ do_action( 'oauth-single-sign-on-new-user', $user_info, $user_id );

	if ( is_user_logged_in() ) {
	wp_redirect( $user_redirect );
	@@ -102,6 +111,8 @@ if ( isset( $_GET['code'] ) && ! empty( $_GET['code'] ) ) {
	wp_set_current_user( $user->ID );
	wp_set_auth_cookie( $user->ID );

	+ do_action( 'oauth-single-sign-on', $user );
	+
	if ( is_user_logged_in() ) {
	wp_redirect( $user_redirect );
	exit;
	@@ -109,5 +120,6 @@ if ( isset( $_GET['code'] ) && ! empty( $_GET['code'] ) ) {

	}

	- exit( 'Single Sign On Failed.' );
	-}
	\ No newline at end of file
	+ wp_redirect( esc_url( add_query_arg( array( 'ssofail' => 'Single Sign On Failed.' ), wp_login_url() ) ) );
	+ exit();
	+}
	diff --git a/includes/functions.php b/includes/functions.php
	index fead972..862b86b 100644
	--- a/includes/functions.php
	+++ b/includes/functions.php
	@@ -56,4 +56,13 @@ function wpssoc_get_user_redirect_url() {
	$user_redirect = apply_filters( 'wpssoc_user_redirect_url', $user_redirect_set );

	return $user_redirect;
	+}
	+
	+
	+
	+function add_sso_fail_message() {
	+ return '<p id="login_error"><strong>ERROR:</strong> '.$_GET['ssofail'].'</p>';
	+}
	+if ( isset( $_GET['ssofail'] ) ) {
	+ add_filter('login_message', 'add_sso_fail_message');
	}
	\ No newline at end of file