diff --git a/README.md b/README.md index bbd98e4..f62457e 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ **Tags:** authentication, SAML **Requires at least:** 4.4 **Tested up to:** 5.7 -**Stable tag:** 1.2.2 +**Stable tag:** 1.2.3 **License:** GPLv2 or later **License URI:** http://www.gnu.org/licenses/gpl-2.0.html @@ -277,6 +277,9 @@ There is no third step. Because SimpleSAMLphp loads WordPress, which has WP Nati ## Changelog ## +### 1.2.3 (May 25, 2021) ### +* Adds a `wp_saml_auth_force_authn` filter to allow forceAuthn="true" to be enabled [[#248](https://github.com/pantheon-systems/wp-saml-auth/pull/248)]. + ### 1.2.2 (Apr 26, 2021) ### * Ensures SAML button and explanations are only added to the login screen [[#242](https://github.com/pantheon-systems/wp-saml-auth/pull/242)]. diff --git a/inc/class-wp-saml-auth.php b/inc/class-wp-saml-auth.php index 346e5de..58cf583 100644 --- a/inc/class-wp-saml-auth.php +++ b/inc/class-wp-saml-auth.php @@ -258,7 +258,13 @@ function() use ( $redirect_to ) { } else { $redirect_to = filter_input( INPUT_GET, 'redirect_to', FILTER_SANITIZE_URL ); $redirect_to = $redirect_to ? $redirect_to : $_SERVER['REQUEST_URI']; - $provider->login( $redirect_to ); + /** + * Allows forceAuthn="true" to be enabled. + * + * @param boolean $force_auth forceAuthn behavior. + */ + $force_authn = apply_filters( 'wp_saml_auth_force_authn', false ); + $provider->login( $redirect_to, array(), $force_authn ); } } elseif ( is_a( $provider, $this->simplesamlphp_class ) ) { $redirect_to = filter_input( INPUT_GET, 'redirect_to', FILTER_SANITIZE_URL ); diff --git a/languages/wp-saml-auth.pot b/languages/wp-saml-auth.pot index 5a446e4..7918cad 100644 --- a/languages/wp-saml-auth.pot +++ b/languages/wp-saml-auth.pot @@ -2,16 +2,16 @@ # This file is distributed under the same license as the WP SAML Auth plugin. msgid "" msgstr "" -"Project-Id-Version: WP SAML Auth 1.2.1\n" +"Project-Id-Version: WP SAML Auth 1.2.3\n" "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/wp-saml-auth\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"POT-Creation-Date: 2021-03-02T13:38:37+00:00\n" +"POT-Creation-Date: 2021-05-25T12:43:53+00:00\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" -"X-Generator: WP-CLI 2.4.0\n" +"X-Generator: WP-CLI 2.5.0\n" "X-Domain: wp-saml-auth\n" #. Plugin Name of the plugin @@ -182,45 +182,45 @@ msgstr "" msgid "N/A" msgstr "" -#: inc/class-wp-saml-auth.php:147 +#: inc/class-wp-saml-auth.php:151 msgid "Use one-click authentication:" msgstr "" -#: inc/class-wp-saml-auth.php:148 +#: inc/class-wp-saml-auth.php:152 msgid "Sign In" msgstr "" -#: inc/class-wp-saml-auth.php:149 +#: inc/class-wp-saml-auth.php:153 msgid "Or, sign in with WordPress:" msgstr "" #. Translators: Includes error reason from OneLogin. -#: inc/class-wp-saml-auth.php:234 +#: inc/class-wp-saml-auth.php:238 msgid "User is not authenticated with SAML IdP. Reason: %s" msgstr "" -#: inc/class-wp-saml-auth.php:287 +#: inc/class-wp-saml-auth.php:297 msgid "Invalid provider specified for SAML authentication" msgstr "" -#: inc/class-wp-saml-auth.php:312 +#: inc/class-wp-saml-auth.php:322 msgid "No attributes were present in SAML response. Attributes are used to create and fetch users. Please contact your administrator" msgstr "" #. Translators: Communicates how the user is fetched based on the SAML response. -#: inc/class-wp-saml-auth.php:319 +#: inc/class-wp-saml-auth.php:329 msgid "\"%1$s\" attribute is expected, but missing, in SAML response. Attribute is used to fetch existing user by \"%2$s\". Please contact your administrator." msgstr "" -#: inc/class-wp-saml-auth.php:334 +#: inc/class-wp-saml-auth.php:344 msgid "No WordPress user exists for your account. Please contact your administrator." msgstr "" #. Translators: Links to the WP SAML Auth plugin. -#: inc/class-wp-saml-auth.php:386 +#: inc/class-wp-saml-auth.php:396 msgid "WP SAML Auth wasn't able to find the OneLogin\\Saml2\\Auth class. Please verify your Composer autoloader, or visit the plugin page for more information." msgstr "" -#: inc/class-wp-saml-auth.php:397 +#: inc/class-wp-saml-auth.php:407 msgid "WP SAML Auth wasn't able to find the %1$s class. Please check the simplesamlphp_autoload configuration option, or visit the plugin page for more information." msgstr "" diff --git a/readme.txt b/readme.txt index 66b2dc6..8a3f44f 100644 --- a/readme.txt +++ b/readme.txt @@ -3,7 +3,7 @@ Contributors: getpantheon, danielbachhuber, Outlandish Josh Tags: authentication, SAML Requires at least: 4.4 Tested up to: 5.7 -Stable tag: 1.2.2 +Stable tag: 1.2.3 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html @@ -277,6 +277,9 @@ There is no third step. Because SimpleSAMLphp loads WordPress, which has WP Nati == Changelog == += 1.2.3 (May 25, 2021) = +* Adds a `wp_saml_auth_force_authn` filter to allow forceAuthn="true" to be enabled [[#248](https://github.com/pantheon-systems/wp-saml-auth/pull/248)]. + = 1.2.2 (Apr 26, 2021) = * Ensures SAML button and explanations are only added to the login screen [[#242](https://github.com/pantheon-systems/wp-saml-auth/pull/242)]. diff --git a/wp-saml-auth.php b/wp-saml-auth.php index 8f1608a..7f5ee46 100644 --- a/wp-saml-auth.php +++ b/wp-saml-auth.php @@ -1,7 +1,7 @@