Making WordPress.org

Changeset 2204


Ignore:
Timestamp:
12/18/2015 05:32:19 PM (8 years ago)
Author:
stephdau
Message:

WPORG SSO (login.worpress.org): relax redirect rule to allow themeing of /oauth/* paths on SSO host (upcoming).

File:
1 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/common/includes/wporg-sso/wp-plugin.php

    r2166 r2204  
    6363                    // And actually redirect to the SSO login
    6464                    $this->_safe_redirect( $redirect_to_sso_login );
     65               
    6566                } else {
    6667                    // Otherwise, filter the login_url to point to the SSO
    6768                    add_action( 'login_url', array( &$this, 'login_url' ), 10, 2 );
    6869                }
     70           
    6971            } else if ( self::SSO_HOST === $this->host ) {
    7072                // If on the SSO host
    7173                if ( ! preg_match( '/\/wp-login\.php$/', $this->script ) ) {
    72                     // ... but not on its login or signup screen.
    73                     // TODO: Relax rules when we want more  out of our theme then bypassing it altogether with redirects.
    74                     if ( is_user_logged_in() ) {
    75                         // Mimic what happens after a login without a specified redirect.
     74                    // ... but not on its login screen.
     75                    if ( preg_match( '/^\/oauth([\/\?]{1}.*)?$/', $_SERVER['REQUEST_URI'] ) ) {
     76                        // Let the theme render for oauth paths (/oauth, /oauth/, /oauth/*, but not /notoauth or /oauthnot)
     77                        return;
     78                    } else  if ( is_user_logged_in() ) {
     79                        // Or mimic what happens after a login without a specified redirect (send to profile).
    7680                        $this->_safe_redirect( 'https://wordpress.org/support/profile/' . get_currentuserinfo()->user_login );
    7781                    } else {
     
    7983                        $this->_safe_redirect( $this->sso_login_url );
    8084                    }
     85               
    8186                } else {
    8287                    // if on login screen, filter network_site_url to make sure our forms go to the SSO host, not wordpress.org
Note: See TracChangeset for help on using the changeset viewer.