Release 2.6.0. Add Status setting in order to enable or disable the p…

…lugin (Required on multi-sites environment since the plugin is enabled globally for the network)
SAML-Toolkits · May 18, 2018 · 89f322a · 89f322a
1 parent 6e35829
commit 89f322a
Show file tree

Hide file tree

Showing 6 changed files with 69 additions and 10 deletions.
diff --git a/onelogin-saml-sso/onelogin_saml.php b/onelogin-saml-sso/onelogin_saml.php
@@ -4,7 +4,7 @@
 Plugin URI: https://github.com/onelogin/wordpress-saml
 Description: Give users secure one-click access to WordPress from OneLogin. This SAML integration eliminates passwords and allows you to authenticate users against your existing Active Directory or LDAP server as well increase security using YubiKeys or VeriSign VIP Access, browser PKI certificates and OneLogin's flexible security policies. OneLogin is pre-integrated with thousands of apps and handles all of your SSO needs in the cloud and behind the firewall.
 Author: OneLogin, Inc.
-Version: 2.5.0
+Version: 2.6.0
 Author URI: http://www.onelogin.com
 */
 
@@ -34,11 +34,15 @@
 // Localization
 add_action( 'init', 'saml_load_translations');
 
+// add menu option for configuration
+add_action('admin_menu', 'onelogin_saml_configuration');
+
 // Check if exists SAML Messages
 add_action('init', 'saml_checker', 1);
 
-// add menu option for configuration
-add_action('admin_menu', 'onelogin_saml_configuration');
+if (!is_saml_enabled()) {
+	return;
+}
 
 $prevent_reset_password = get_option('onelogin_saml_customize_action_prevent_reset_password', false);
 if ($prevent_reset_password) {

diff --git a/onelogin-saml-sso/php/configuration.php b/onelogin-saml-sso/php/configuration.php
@@ -50,6 +50,11 @@ function onelogin_saml_configuration() {
 
 		$option_group = 'onelogin_saml_configuration';
 
+		add_settings_section('status', __('STATUS', 'onelogin-saml-sso'), 'plugin_section_status_text', $option_group);
+
+		register_setting($option_group, 'onelogin_saml_enabled');
+		add_settings_field('onelogin_saml_enabled', __('Enable', 'onelogin-saml-sso'), "plugin_setting_boolean_onelogin_saml_enabled", $option_group, 'status');
+
 		add_settings_section('idp', __('IDENTITY PROVIDER SETTINGS', 'onelogin-saml-sso'), 'plugin_section_idp_text', $option_group);
 		$idp_fields = array (
 			'onelogin_saml_idp_entityid' => __('IdP Entity Id', 'onelogin-saml-sso') . ' *',
@@ -182,6 +187,13 @@ function onelogin_saml_configuration() {
 		add_settings_field('onelogin_saml_advanced_digestalgorithm', __('Digest Algorithm', 'onelogin-saml-sso'), "plugin_setting_select_onelogin_saml_advanced_digestalgorithm", $option_group, 'advanced_settings');
 	}
 
+	function plugin_setting_boolean_onelogin_saml_enabled() {
+		$value = get_option('onelogin_saml_enabled');
+		echo '<input type="checkbox" name="onelogin_saml_enabled" id="onelogin_saml_enabled"
+			  '.($value ? 'checked="checked"': '').'>'.
+			  '<p class="description">'.__("Check it in order to enable the SAML plugin.", 'onelogin-saml-sso').'</p>';
+	}
+
 	function plugin_setting_string_onelogin_saml_idp_entityid() {
 		echo '<input type="text" name="onelogin_saml_idp_entityid" id="onelogin_saml_idp_entityid"
 			  value= "'.esc_attr(get_option('onelogin_saml_idp_entityid')).'" size="80">'.

diff --git a/onelogin-saml-sso/php/functions.php b/onelogin-saml-sso/php/functions.php
@@ -8,7 +8,6 @@
 
 require_once "compatibility.php";
 
-
 function saml_checker() {
 	if (isset($_GET['saml_acs'])) {
 		if (empty($_POST['SAMLResponse'])) {
@@ -68,6 +67,10 @@ function saml_sso() {
 		return true;
 	}
 	$auth = initialize_saml();
+	if ($auth == false) {
+		wp_redirect(home_url());
+		exit();
+	}
 	if (isset($_SERVER['REQUEST_URI']) && !isset($_GET['saml_sso'])) {
 		$auth->login($_SERVER['REQUEST_URI']);
 	} else {
@@ -99,6 +102,10 @@ function saml_slo() {
 			}
 
 			$auth = initialize_saml();
+			if ($auth == false) {
+				wp_redirect(home_url());
+				exit();
+			}
 			$auth->logout(home_url(), array(), $nameId, $sessionIndex, false, $nameIdFormat);
 			return false;
 		}
@@ -136,6 +143,10 @@ function saml_role_order_compare($role1, $role2) {
 
 function saml_acs() {
 	$auth = initialize_saml();
+	if ($auth == false) {
+		wp_redirect(home_url());
+		exit();
+	}
 
 	$auth->processResponse();
 
@@ -311,6 +322,11 @@ function saml_acs() {
 
 function saml_sls() {
 	$auth = initialize_saml();
+	if ($auth == false) {
+		wp_redirect(home_url());
+		exit();
+	}
+
 	$retrieve_parameters_from_server = get_option('onelogin_saml_advanced_settings_retrieve_parameters_from_server', false);
 	if (isset($_GET) && isset($_GET['SAMLRequest'])) {
 		// Close session before send the LogoutResponse to the IdP
@@ -370,6 +386,10 @@ function initialize_saml() {
 	require_once plugin_dir_path(__FILE__).'_toolkit_loader.php';
 	require plugin_dir_path(__FILE__).'settings.php';
 
+	if (!is_saml_enabled()) {
+		return false;
+	}
+
 	try {
 		$auth = new Onelogin_Saml2_Auth($settings);
 	} catch (Exception $e) {
@@ -382,6 +402,23 @@ function initialize_saml() {
 	return $auth;
 }
 
+function is_saml_enabled() {
+	$saml_enabled = get_option('onelogin_saml_enabled', null);
+	if ($saml_enabled == null) {
+		// If no data was saved about enable/disable saml, then
+		// check if entityId also is null and then consider the
+		// plugin disabled
+		if (get_option('onelogin_saml_idp_entityid', null) == null) {
+			$saml_enabled = false;
+		} else {
+			$saml_enabled = true;
+		}
+	} else {
+		$saml_enabled = $saml_enabled == 'on'? true : false;
+	}
+	return $saml_enabled;
+}
+
 // Prevent that the user change important fields
 class preventLocalChanges
 {

diff --git a/onelogin-saml-sso/php/lib/Saml2/version.json b/onelogin-saml-sso/php/lib/Saml2/version.json
@@ -1,6 +1,6 @@
 {
     "php-saml": {
-        "version": "2.11.0",
-        "released": "21/07/2017"
+        "version": "2.13.0",
+        "released": "05/03/2018"
     }
 }
diff --git a/onelogin-saml-sso/readme.txt b/onelogin-saml-sso/readme.txt
@@ -21,6 +21,12 @@ If you used this plugin before 2.2.0 with just-in-time provision active, Read: h
 To mitigate that bug, place the script at the root of wordpress and execute it (later remove it) https://gist.github.com/pitbulk/a8223c90a3534e9a7d5e0a93009a094f
 
 == Changelog ==
+= 2.6.0 =
+* Update php-saml to 2.13.0
+* Add Status setting in order to enable or disable the plugin (Required on multi-sites environment since the plugin is enabled globally for the network)
+* Add 'Remember Me' Login option to Settings
+* Fix bug on escaping value for customize_links_saml_login
+* If password is disabled.. turn field readonly.. not disable it
 
 = 2.5.0 =
 * Update php-saml library to 2.11.0

diff --git a/onelogin-saml-sso/version.json b/onelogin-saml-sso/version.json
@@ -1,12 +1,12 @@
 {
     "php-saml": {
-        "version": "2.11.0",
-        "released": "21/07/2017"
+        "version": "2.13.0",
+        "released": "05/05/2018"
     },
     "plugin": {
         "app":      "wordpress",
         "name":     "onelogin-saml-sso",
-        "version":  "2.5.0",
-        "released": "02/08/2017"
+        "version":  "2.6.0",
+        "released": "18/05/2018"
     }
 }