user-creation failed if claims does not contain nickname_key (3.8.0 regression) #243
Closed
4 tasks done
Comments
|
@drzraf thanks for reporting this, and your analysis. We'll work on a fix. |
|
May I ask for any news regarding resolving this 3.8.0 regression? |
6 tasks
timnolte
added a commit
to timnolte/openid-connect-generic
that referenced
this issue
Mar 15, 2022
* Fixes the regression caused by the code changes in 3.8.0 which resulted in not performing proper fallbacks for missing cliams such as the nickname.
timnolte
added a commit
to timnolte/openid-connect-generic
that referenced
this issue
Mar 15, 2022
* Fixes the regression caused by the code changes in 3.8.0 which resulted in not performing proper fallbacks for missing cliams such as the nickname. * Fixes invalid Node version in NVM configuration.
timnolte
added a commit
that referenced
this issue
Mar 23, 2022
* Update openid-connect-generic-client-wrapper.php Add openid-connect-generic-session-expired action before to allow consumers to act on the refresh token expiration * Implement singleton pattern for OpenID_Connect_Generic class This will allow developers who want to be able to call methods belonging to this class (or methods belonging to any of this class's properties) to do so, without having to create a new instance, and therefore repeat all the bootstrapping. Instead, they will just be able to call OpenID_Connect_Generic::instance() to retrieve the singleton. * Add functions.php file for global functions These will act as wrappers for methods you would otherwise call by getting the Open_ID_Connect_Generic singleton and then calling the appropriate method. * Make client_wrapper a public property This allows us to access client_wrapper methods via the singleton of Open_ID_Connect_Generic. * Support aggregated claims (#254) * use tabs instead of spaces * added define config with OIDC_LOGIN_TYPE and OIDC_CLIENT_SCOPE scopes are needed when logging in so this is a no-brainer and this can be deployed using deployments login type can be defined here when you want to enforce SSO from the deployment. * More define-driven settings * fix linting * fix code analysis errors * fix more linting, add more exception handling * Added the OIDC_CREATE_IF_DOES_NOT_EXIST define * Added documentation and phpstan defines * Added data in environment_settings * Fixes QS not being added to the redirect URL * fix #178 Update last-token-response user meta after refresh * add a basic method to refresh user claim outside of this plugin * fix return doc * add a basic method to refresh user claim outside of this plugin * fix return doc * Revert "fix return doc" This reverts commit e19d6f3. * Revert "add a basic method to refresh user claim outside of this plugin" This reverts commit 1a5fa9b. * Initial Codepsaces Development Environment * Adds Gitpod Support Alongside Codespaces Support * Only load admin CSS when showing settings page * Updates Development Environment for PHP & WordPress - Updates local development environment to use a Composer Docker container. - Updates VS Code/Codespaces devcontainer to bullseye/PHP 7.4. - Updates VS Code/Codespaces devcontainer & GitPod starting commands. - Updates build environment to use PHP 7.4 & Composer 2. - Updates build environment Composer packages. - Updates Composer WordPress install to use the johnpbloch packages. * Fixes Running PHPStan in Docker & Static Analysis Issues - Updates the PHP/Composer Docker image memory limit to allow PHPStand to run properly. - Fixes static analysis issues reported by PHPStan. - Updates PHPStan & extensions to latest versions. - Updates PHPStan configuration for latest version. * Update GitHub Actions for PHP/Composer/WordPress Changes - Updates GitHub Actions to use Composer v2. - Updates GitHub Actions to use PHP 7.4. - Updates GitHub Actions to use WordPress 5.7 as stable. * Updates WordPress Version Composer Dependencies - Updates the installed WordPress version to 5.7. - Updates the installed WordPress stubs version to 5.7. * Fixes GitHub Actions for Composer 2 Changes * Fixes GitHub Actions for PHP Unit testing - Changes PHPUnit switch to dev-master for PHP 8.0. * Updates GrumPHP & GrumPHP Unit Testing PHP 8 Support - Updates GrumPHP to a newer version. - Updates Unit Testing PHP 8.0 to use GrumPHP dev-master. * Updates Unit Testing for PHPUnit Testing w/ PHP8 * Updates Unit Testing Composer Updates to Run w/ PHP 8 * Updates Composer PHPUnit for PHP 8 Override * Multisite/network configurations use your current blog as the default when using the WP_User_Query which means if a user already exists, from a different blog, you will not find them, but also can't create a new account because they already exist. This overrides your current blog and will search 'all' * CodeSpaces Dev Container Updates & Composer Updates * Updating GrumPHP & Composer Dependencies * Updates NPM Modules & Changes Plugin Instance Visibility * Updates @wordpress/scripts & ~wordpress/env to the latest versions. * Changes the visibility of the plugin class instance attribute. * Bump tar from 4.4.13 to 4.4.19 Bumps [tar](https://github.com/npm/node-tar) from 4.4.13 to 4.4.19. - [Release notes](https://github.com/npm/node-tar/releases) - [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v4.4.13...v4.4.19) --- updated-dependencies: - dependency-name: tar dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * Bump hosted-git-info from 2.8.8 to 2.8.9 Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.8 to 2.8.9. - [Release notes](https://github.com/npm/hosted-git-info/releases) - [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md) - [Commits](npm/hosted-git-info@v2.8.8...v2.8.9) --- updated-dependencies: - dependency-name: hosted-git-info dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * Bump lodash from 4.17.19 to 4.17.21 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.19...4.17.21) --- updated-dependencies: - dependency-name: lodash dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * Bump ssri from 6.0.1 to 6.0.2 Bumps [ssri](https://github.com/npm/ssri) from 6.0.1 to 6.0.2. - [Release notes](https://github.com/npm/ssri/releases) - [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md) - [Commits](npm/ssri@v6.0.1...v6.0.2) --- updated-dependencies: - dependency-name: ssri dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * Bump path-parse from 1.0.6 to 1.0.7 Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. - [Release notes](https://github.com/jbgutierrez/path-parse/releases) - [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7) --- updated-dependencies: - dependency-name: path-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * Bump ws from 6.2.1 to 6.2.2 Bumps [ws](https://github.com/websockets/ws) from 6.2.1 to 6.2.2. - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@6.2.1...6.2.2) --- updated-dependencies: - dependency-name: ws dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * coding standards issues * Fix wordpress coding standards issues * Redone acr-values-support acr-values support * Fix code-standard errors Fixed reported code-standard issues found * Update openid-connect-generic-client.php fixing code-indentment after report * Update openid-connect-generic-client-wrapper.php fix for reported code-standard errors * Update openid-connect-generic-settings-page.php Fixing code-standard reported errors * Update openid-connect-generic-client.php re-aligned line 225 ( indentment error) * Refactors new ACR Handling Code for Better Code Quality * Fixes some incorrect ACR handling code that incorrectly added the ACR when it wasn't set. * Adds missing settings disable handling when ACR constant is set. * Refactors code for simplicity and code quality. * Fixes #243 Nickname from Claim Regression * Fixes the regression caused by the code changes in 3.8.0 which resulted in not performing proper fallbacks for missing cliams such as the nickname. * Fixes invalid Node version in NVM configuration. * Fixes Indentity Mapping & Creation Issues * Fixes issues with improperly handling combinations of the "Link Existing Users", "Create user if does not exist", and "Identify with User Name" configuration options. * Addresses issues related to case sensitivity of usernames when attempting to "Link Existing Users". * Fixes typos and formatting on the plugin Settings screen. * Dependabot Security Related Fixes & Refactoring * Update to require Node v14 & NPM 6.14.15. * Updates to Grunt 1.4.1. * Forces resolution of dependencies for security fixes. * Update @WordPress packages to their latest versions. * Refactors the NPM & Composer scripts. * Updates WP to Latest Dev Standard for Local Development * Refactors Callable Refresh User Claims Function & Action * Moves `openid-connect-generic-update-user-using-current-claim` action to within update user metadata during login. * Adds a new publicly callable method that uses the plugin singleton. * Prep for 3.9.0 Release Co-authored-by: jkouris <35877237+jkouris@users.noreply.github.com> Co-authored-by: Rob Skilling <rob@dxw.com> Co-authored-by: Martin Schanzenbach <schanzen@gnunet.org> Co-authored-by: Chloé "Matcha" Desoutter <chloe.desoutter@bluenove.com> Co-authored-by: Martin <schanzen@users.noreply.github.com> Co-authored-by: Sylwester Kardziejonek <sylwester.kardziejonek@gmail.com> Co-authored-by: Nicolas Dhers <nicolas@rkcreation.fr> Co-authored-by: Tom McCaffery <tom@weareadjacent.com> Co-authored-by: Dan <dan@testinnovators.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: John Kouris <jkouris@everyincome.com> Co-authored-by: Glowsome <administrator@comsolve.nl>
timnolte
added a commit
that referenced
this issue
Aug 19, 2022
* Update openid-connect-generic-client-wrapper.php Add openid-connect-generic-session-expired action before to allow consumers to act on the refresh token expiration * Implement singleton pattern for OpenID_Connect_Generic class This will allow developers who want to be able to call methods belonging to this class (or methods belonging to any of this class's properties) to do so, without having to create a new instance, and therefore repeat all the bootstrapping. Instead, they will just be able to call OpenID_Connect_Generic::instance() to retrieve the singleton. * Add functions.php file for global functions These will act as wrappers for methods you would otherwise call by getting the Open_ID_Connect_Generic singleton and then calling the appropriate method. * Make client_wrapper a public property This allows us to access client_wrapper methods via the singleton of Open_ID_Connect_Generic. * Support aggregated claims (#254) * use tabs instead of spaces * added define config with OIDC_LOGIN_TYPE and OIDC_CLIENT_SCOPE scopes are needed when logging in so this is a no-brainer and this can be deployed using deployments login type can be defined here when you want to enforce SSO from the deployment. * More define-driven settings * fix linting * fix code analysis errors * fix more linting, add more exception handling * Added the OIDC_CREATE_IF_DOES_NOT_EXIST define * Added documentation and phpstan defines * Added data in environment_settings * Fixes QS not being added to the redirect URL * fix #178 Update last-token-response user meta after refresh * add a basic method to refresh user claim outside of this plugin * fix return doc * add a basic method to refresh user claim outside of this plugin * fix return doc * Revert "fix return doc" This reverts commit e19d6f3. * Revert "add a basic method to refresh user claim outside of this plugin" This reverts commit 1a5fa9b. * Initial Codepsaces Development Environment * Adds Gitpod Support Alongside Codespaces Support * Only load admin CSS when showing settings page * Updates Development Environment for PHP & WordPress - Updates local development environment to use a Composer Docker container. - Updates VS Code/Codespaces devcontainer to bullseye/PHP 7.4. - Updates VS Code/Codespaces devcontainer & GitPod starting commands. - Updates build environment to use PHP 7.4 & Composer 2. - Updates build environment Composer packages. - Updates Composer WordPress install to use the johnpbloch packages. * Fixes Running PHPStan in Docker & Static Analysis Issues - Updates the PHP/Composer Docker image memory limit to allow PHPStand to run properly. - Fixes static analysis issues reported by PHPStan. - Updates PHPStan & extensions to latest versions. - Updates PHPStan configuration for latest version. * Update GitHub Actions for PHP/Composer/WordPress Changes - Updates GitHub Actions to use Composer v2. - Updates GitHub Actions to use PHP 7.4. - Updates GitHub Actions to use WordPress 5.7 as stable. * Updates WordPress Version Composer Dependencies - Updates the installed WordPress version to 5.7. - Updates the installed WordPress stubs version to 5.7. * Fixes GitHub Actions for Composer 2 Changes * Fixes GitHub Actions for PHP Unit testing - Changes PHPUnit switch to dev-master for PHP 8.0. * Updates GrumPHP & GrumPHP Unit Testing PHP 8 Support - Updates GrumPHP to a newer version. - Updates Unit Testing PHP 8.0 to use GrumPHP dev-master. * Updates Unit Testing for PHPUnit Testing w/ PHP8 * Updates Unit Testing Composer Updates to Run w/ PHP 8 * Updates Composer PHPUnit for PHP 8 Override * Multisite/network configurations use your current blog as the default when using the WP_User_Query which means if a user already exists, from a different blog, you will not find them, but also can't create a new account because they already exist. This overrides your current blog and will search 'all' * CodeSpaces Dev Container Updates & Composer Updates * Updating GrumPHP & Composer Dependencies * Updates NPM Modules & Changes Plugin Instance Visibility * Updates @wordpress/scripts & ~wordpress/env to the latest versions. * Changes the visibility of the plugin class instance attribute. * Bump tar from 4.4.13 to 4.4.19 Bumps [tar](https://github.com/npm/node-tar) from 4.4.13 to 4.4.19. - [Release notes](https://github.com/npm/node-tar/releases) - [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v4.4.13...v4.4.19) --- updated-dependencies: - dependency-name: tar dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * Bump hosted-git-info from 2.8.8 to 2.8.9 Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.8 to 2.8.9. - [Release notes](https://github.com/npm/hosted-git-info/releases) - [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md) - [Commits](npm/hosted-git-info@v2.8.8...v2.8.9) --- updated-dependencies: - dependency-name: hosted-git-info dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * Bump lodash from 4.17.19 to 4.17.21 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.19...4.17.21) --- updated-dependencies: - dependency-name: lodash dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * Bump ssri from 6.0.1 to 6.0.2 Bumps [ssri](https://github.com/npm/ssri) from 6.0.1 to 6.0.2. - [Release notes](https://github.com/npm/ssri/releases) - [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md) - [Commits](npm/ssri@v6.0.1...v6.0.2) --- updated-dependencies: - dependency-name: ssri dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * Bump path-parse from 1.0.6 to 1.0.7 Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. - [Release notes](https://github.com/jbgutierrez/path-parse/releases) - [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7) --- updated-dependencies: - dependency-name: path-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * Bump ws from 6.2.1 to 6.2.2 Bumps [ws](https://github.com/websockets/ws) from 6.2.1 to 6.2.2. - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@6.2.1...6.2.2) --- updated-dependencies: - dependency-name: ws dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * coding standards issues * Fix wordpress coding standards issues * Redone acr-values-support acr-values support * Fix code-standard errors Fixed reported code-standard issues found * Update openid-connect-generic-client.php fixing code-indentment after report * Update openid-connect-generic-client-wrapper.php fix for reported code-standard errors * Update openid-connect-generic-settings-page.php Fixing code-standard reported errors * Update openid-connect-generic-client.php re-aligned line 225 ( indentment error) * Refactors new ACR Handling Code for Better Code Quality * Fixes some incorrect ACR handling code that incorrectly added the ACR when it wasn't set. * Adds missing settings disable handling when ACR constant is set. * Refactors code for simplicity and code quality. * Fixes #243 Nickname from Claim Regression * Fixes the regression caused by the code changes in 3.8.0 which resulted in not performing proper fallbacks for missing cliams such as the nickname. * Fixes invalid Node version in NVM configuration. * Fixes Indentity Mapping & Creation Issues * Fixes issues with improperly handling combinations of the "Link Existing Users", "Create user if does not exist", and "Identify with User Name" configuration options. * Addresses issues related to case sensitivity of usernames when attempting to "Link Existing Users". * Fixes typos and formatting on the plugin Settings screen. * Dependabot Security Related Fixes & Refactoring * Update to require Node v14 & NPM 6.14.15. * Updates to Grunt 1.4.1. * Forces resolution of dependencies for security fixes. * Update @WordPress packages to their latest versions. * Refactors the NPM & Composer scripts. * Updates WP to Latest Dev Standard for Local Development * Refactors Callable Refresh User Claims Function & Action * Moves `openid-connect-generic-update-user-using-current-claim` action to within update user metadata during login. * Adds a new publicly callable method that uses the plugin singleton. * Updates to Allow Composer Installers Version 1 & 2 (#426) * Bump minimist from 1.2.5 to 1.2.6 (#398) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Tim Nolte <tim.nolte@ndigitals.com> * Bump grunt from 1.4.1 to 1.5.3 (#407) Bumps [grunt](https://github.com/gruntjs/grunt) from 1.4.1 to 1.5.3. - [Release notes](https://github.com/gruntjs/grunt/releases) - [Changelog](https://github.com/gruntjs/grunt/blob/main/CHANGELOG) - [Commits](gruntjs/grunt@v1.4.1...v1.5.3) --- updated-dependencies: - dependency-name: grunt dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump terser from 5.12.1 to 5.14.2 (#422) Bumps [terser](https://github.com/terser/terser) from 5.12.1 to 5.14.2. - [Release notes](https://github.com/terser/terser/releases) - [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md) - [Commits](https://github.com/terser/terser/commits) --- updated-dependencies: - dependency-name: terser dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Fixes and Updates GitHub Actions (#430) * Updates GitHub Actions for better handling of environment versions and caching. * Fixes GitHub Actions to leverage environment variables and matrices. * Prepares New Bug Fix and Refactoring Release Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: jkouris <35877237+jkouris@users.noreply.github.com> Co-authored-by: Rob Skilling <rob@dxw.com> Co-authored-by: Martin Schanzenbach <schanzen@gnunet.org> Co-authored-by: Chloé "Matcha" Desoutter <chloe.desoutter@bluenove.com> Co-authored-by: Martin <schanzen@users.noreply.github.com> Co-authored-by: Sylwester Kardziejonek <sylwester.kardziejonek@gmail.com> Co-authored-by: Nicolas Dhers <nicolas@rkcreation.fr> Co-authored-by: Tom McCaffery <tom@weareadjacent.com> Co-authored-by: Dan <dan@testinnovators.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: John Kouris <jkouris@everyincome.com> Co-authored-by: Glowsome <administrator@comsolve.nl>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
Before 3.8,
get_nickname_from_claimwould returnnullifnickname_key(eg:preferred_username) was absent.create_new_userwould, in turn, just set$values_missingor omit setting$nickname.The user-creation wasn't stopped giving a chance for
get_displayname_from_claim.With 78ede5d#diff-4d7e36ea02368e60c2a32a11344f55b8143ac3656bc95e68204a6fee3bafcdb6R639, then prototype of the function was changed to return WP_Error, but
create_new_userwasn't changed accordingly.(I suggest you look for other errors of this kind in the release)
To Reproduce
Steps to reproduce the behavior:
wp/wp-admin/with an inexistant userLogin using openidScreenshots
New user would see the following instead:
Expected behavior
The absence of said claim should fail safely to give a chance to next hook.
Isolating the problem (mark completed items with an [x]):
WordPress Environment
The text was updated successfully, but these errors were encountered: