Přejít na obsah
  • O WordPressu
    • O WordPressu
    • Česká lokalizace
    • Manuál (anglicky)
    • Rozcestník podpory
    • Zpětná vazba
  • Přihlásit se
  • Registrace
WordPress.org
WordPress.org

Česko

  • Šablony
  • Pluginy
  • Novinky
  • Podpora
  • O WordPressu
  • Openverse
  • Vzory
  • Komunitní podpora
  • Překlady
  • Kontakt
  • Získejte WordPress
Získejte WordPress

Pluginy

  • Oblíbené
  • Beta testy
  • Vývojáři
Stáhnout

WP OAuth Server ( Login with WordPress )

Autor: miniOrange
  • Podrobnosti
  • Hodnocení
  • Instalace
  • Podpora
  • Vývojáři

Popis

WP OAuth Server plugin turns your WordPress site into an OAuth Server. It allows you to login into Rocket Chat, Invision Community, WordPress, Odoo, EasyGenerator, Salesforce, Zapier, Moodle, Edunext, Wickr, Freshdesk, FreshWorks, ServiceNow, Knack database, Circlo.so, Tribe.so, Tribe, Mobilize, Nextcloud, Church Online, iSpring LMS, Nextcloud, Academy of Mine, BoardEffect, TalentLMS, PowerSchool and any other OAuth 2.0 compliant applications using WordPress credentials.

Basically, the OAuth Server plugin allows users to login into applications that are OAuth 2.0 compliant, using their WordPress login credentials. As it’s name suggests, it follows the OAuth 2.0 protocol. Along with that, it also supports OpenID Connect (OIDC), and JWT protocols.

The primary goal of the OAuth Server plugin is to enable Single Sign On so that users do not need to remember username and password for each application.
Once Single Sign On is enabled, users do not need to store sensitive information to login into different applications.

LIST OF POPULAR OAUTH CLIENTS SUPPORTED

  • Rocket.Chat
  • Invision Community (IPB Forum)
  • Odoo
  • WordPress
  • EasyGenerator
  • Salesforce
  • Zapier
  • Moodle
  • Edunext
  • Wickr
  • Freshdesk
  • FreshWorks
  • ServiceNow
  • Knack database
  • Circle.so
  • Tribe.so
  • Mobilize
  • Nextcloud
  • iSpring LMS
  • Church Online
  • Academy of Mine
  • BoardEffect

WORDPRESS OAUTH / OPENID CONNECT SERVER USE CASES

  • If you want to use your WordPress site as an Identity Server / OAuth Server / OAuth Provider and use WordPress user’s login credentials to login into your client site / application then you can use this plugin. You can also decide what kind of User data / attributes you want to send while Single Sign On into your client site / application.
  • If you want to login to your Mobile app / Single Page web app (SPA) using your WordPress credentials, then you can use the Authorization code with PKCE flow grant type to achieve your use case.
  • Single set of credentials will be used to login to multiple WordPress websites.
  • You can access the NIGINX resources using NIGINX Authentication. Once you login into your client application using WP OAuth Server credentials, you will get JWT. Your client application can further use it for NGINX Authentication.

WORDPRESS OAUTH / OPENID CONNECT SERVER FREE VERSION FEATURES

  • Supports Login with WordPress for Single Client application
  • Protocol Support – OAuth 2.0, OpenID Connect (OIDC)
  • Master Switch – Block / unblock OAuth API calls between OAuth Clients and Server
  • Token Length – Change the access token length
  • Server Response – Sends User ID, username, email, first name, last name, display name in the response
  • Grant types Supported – Authorization Code grant
  • OAuth API Documentation
  • Setup guides to configure the plugin with various OAuth Clients (more coming soon)

WORDPRESS OAUTH / OPENID CONNECT SERVER PREMIUM VERSION FEATURES

  • All FREE version features
  • Supports Login with WordPress for Multiple Client applications
  • Server Response – Sends all the profile attributes along with roles, allows to send custom attributes from usermeta table and also customize the attribute names that need to be sent in server response
  • Grant Types Supported : Authorization Code Grant, Implicit Grant, Password Grant, Client Credentials Grant, Refresh Token Grant, Authorization Code grant with PKCE flow
  • Token Lifetime – Configure the access token and refresh token expiry time
  • Enforce State Parameter – Based on client configuration, you can enable or disable state parameter
  • Authorize / Consent prompt – Enable / disable the consent screen
  • Redirect/Callback URI Validation – Enable / disable this feature, based on dynamic redirect to a different pages for certain conditions
  • Multi-Site Support – Use the plugin in WordPress Multisite network environment
  • JWT Signing Algorithm – Supports signing algorithms HSA and RSA
  • Additional endpoints – Provides OpenID Connect Discovery endpoint, Introspection endpoint, OpenID Connect Single logout endpoint
    A grant is a method of acquiring an access token. Deciding which grants to implement depends on the type of client the end user will be using, and the experience you want for your users.

WE SUPPORT FOLLOWING GRANTS:

  • Authorization code grant : This code grant is used when there is a need to access the protected resources on behalf of the user on another third party application.
  • Implicit grant : This grant relies on resource owner and registration of redirect uri. In authorization code grant users need to ask for authorization and access token each time, but here access token is granted for a particular redirect uri provided by a client using a particular browser.
  • Client credential grant : This grant type heads towards specific clients, where access token is obtained by client by only providing client credentials. This grant type is quite confidential.
  • Resource owner password credentials grant : This type of grant is used where the resource owner has a trust relationship with the client. Just by using username and password, provided by resource owner authorization and authentication can be achieved.
  • Refresh token grant : Access tokens obtained in OAuth flow eventually expire. In this grant type client can refresh his or her access token.
  • Authorization code grant with PKCE flow : This grant type is used for public clients like mobile and native apps, Single Page web apps, where there is a risk of client secret being compromised.

REST API AUTHENTICATION

Rest API is very much open to interact. Creating posts, getting information of users and much more is readily available.
It secures unauthorized access to your WordPress sites/pages using our WordPress REST API Authentication plugin .

Snímky obrazovky

  • Add OAuth Client
  • Get Client ID and Client Secret
  • General settings
  • Advanced settings and other Premium features
  • Server Response
  • Endpoints
  • Frequently Asked Questions

Instalace

From your WordPress dashboard

  1. Visit Plugins > Add New
  2. Search for OAuth 2.0 server. Find and Install OAuth 2.0 server
  3. Activate the plugin from your Plugins page

From WordPress.org

  1. Download OAuth 2.0 server.
  2. Unzip and upload the miniorange-oauth-login directory to your /wp-content/plugins/ directory.
  3. Activate miniOrange OAuth from your Plugins page.

Nejčastější dotazy

I need to customize the plugin or I need support and help?

Please email us at info@xecurify.com or Contact us. You can also submit your query from plugin’s configuration page.

Recenze

Great support

jocasio 3. 6. 2022
Initial setup was giving my team some issues and we were able to get walked through a drupal to wordpress sso setup with the team at miniorange.

Support very helpful and capable

moaanders 17. 5. 2022
The plugin works without problems, and our Wordpress site's login is now working smooth. Very helpful and capable Support, who has answered in a fast manner. They get directly to the point and answer the questions with rich answers that makes even a (in the context of SSO) less experienced user understand what is happening.

Works, good support

marc2428 24. 4. 2022
The free version of this plugin worked great for my use case. I had some issues initially that ended up being on the side of my hosting provider, but the support I received by the developers of this plugin was well beyond what I would have expected.

Complicated but basically useless unless you go pro

Graham Smith 18. 4. 2022
I tried this plugin to link Wordpress with Invision Community (IPS). According to the docs at Invision, there are 2 ways to do this. I chose the first one linking IPS to WP as the server as opposed to IPS acting as the server. My review is based on this experience but I'll try the other way too. It quick and easy to set up, and clearly there's a large amount of work gone into it, but once I'd got the connection configured, that's when I found that the logins expire after just 600 seconds, that's just 10 minutes! According to the support section, it says this is fixed at 3600 seconds, unless you upgrade to the pro. But 10 mins isn't an hour, which would be okay at minimum for a WP site member to browse and compose a comment or review on Gallery images, post in a forum etc in Invision Community forming part of the same site. Secondly, probably 90%+ of this plugin is locked down and almost everything seems to say you need to upgrade to pro. Instead of 7 tabs full of settings and options you can't use, why not create a simpler lite version with a non-intrusive ad for the pro version benefits? If you want a simple Single Sign On OAUTH solution to link your WP user accounts to your IPS accounts and sync basic profile info for the convenience of your visitors but then forget about it, it will do the job but as crippled as it is, this probably isn't what you are looking for, unless you want the pro support and anything beyond the bare minimum.

Stellar Support

leemn 10. 11. 2021
We were very impressed with the level of support given by the miniorange team. During our development we ran into a few problems due to other plugins and our custom application, which caused problems for logout. However, the miniorange team was great they were quick to respond to our questions and even attended a zoom session with us to help track down the problem. Definitely one of the best plugin authors for support. I've worked with many and these guys are second to none.

Great pre-sales support

igorneumann 30. 4. 2021
We ended up not buying the plugin but we have to admit the pre-sales support was stellar including pro-actively reaching us to help configure it.
Přečtěte si všech 27 recenzí

Autoři

WP OAuth Server ( Login with WordPress ) je otevřený software. Následující lidé přispěli k vývoji tohoto pluginu.

Spolupracovníci
  • miniOrange
  • oauth

Přeložte “WP OAuth Server ( Login with WordPress )” do svého jazyka.

Zajímá vás vývoj?

Prohledejte kód, podívejte se do SVN repozitáře, nebo se přihlaste k odběru protokolu vývoje pomocí RSS.

Přehled změn

4.0.1

  • Vulnerability fixes
  • Code improvements

3.0.4

  • Token Post Response header already sent warning fix

3.0.3

  • Database Query Optimization

3.0.2

  • CORS issue fix
  • Added trial option of the premium
  • Licensing page changes

3.0.1

  • Added compatibility with WP 5.9
  • Improved performance of website by setting autoload to false

3.0.0

  • Support for email attribute in the userinfo endpoint
  • Link to the OAuth API documention
  • Client specific UI improvements

2.13.8

  • Security Fixes

2.13.7

  • UI improvement – Copy button for endpoints and client credentials
  • Bug fix for supplied_redirect_uri
  • Consent screen on every login

2.13.6

  • permission_callback warning fix

2.13.5

  • minor bug fixes
  • added copy button to copy the client credentials and endpoints
  • readme update

2.13.4

  • minor UI updates
  • added compatibility with WP 5.7

2.13.3

  • minor bug fixes
  • fixed compatibility with Brizzy
  • added compatibility with WP 5.6

2.13.2

  • minor bug fixes
  • fixed issue with deactivation form
  • added compatibility with WP 5.5

2.13.1

  • Added compatibility with WordPress v5.5

2.13.0

  • Added UI fixes
  • Updated demo plan fixes
  • Minor bugfixes and compatibility fixes

2.12.4

  • Licensing tab fix

2.12.3

  • Added fixes for some features
  • Added option to disable authorize screen

2.12.2

  • Added Compatibility with WordPress v5.4

2.12.0

  • Performance Improvements

2.11.0

  • Fixed bug where blank scope led to blank screen
  • Fixed „Deny“ button resulting in clicking „Allow“
  • Fixed unaccounted bytes error notice on activation
  • Updated plugin licensing
  • Minor UI Improvements

2.10.0

  • Added fixes for Loopback Request failure
  • Updated Endpoints based on REST API and Authorize Consent Screen
  • Minor Bugfixes

2.9.1

  • Fixed migration issue

2.9.0

  • Fixed bug where bearer access_token was not recognized.
  • Updated Endpoints

2.8.2

  • Updated Installation Steps

2.8.1

  • Compatibility changes for miniOrange OAuth Single Sign On

2.8.0

  • Updated registration form
  • Advertised Introspection Endpoint

2.7.0

  • Added compatibility for WordPress Version 5.2
  • Added fixes for OpenID Connect flow
  • Added fixes for OTP related issue
  • Updated Endpoints
  • Added alternative for Sign Up
  • Advertised Scope Based Response

2.6.1

  • Fixed conflicts for function generateRandomString()

2.6.0

  • Advertised new features as per new Licensing Plan

2.5.6

  • Added Compatibility for Rocket.chat

2.5.5

  • Fixed OTP related issue

2.5.4

  • Updated Licensing Plan

2.5.3

  • Added Visual Tour fixes

2.5.2

  • Added bugfixes

2.5.1

  • Added missing files

2.5.0

  • New Features
  • Major UI Revamp
  • Added Feature Tour

2.4.0

  • Compatibility with WordPress 5.1

2.3.0

  • Added Feedback Form and Updated UI

2.2.1

  • Added support for Invision Community and Rocket.chat

2.2.0

  • Updated UI

2.1.0

  • Fixed the PHP7.2 Compatibility issue

2.0.3

  • Changes in the title

2.0.2

  • Added features

2.0.1

  • Added support for multiple client

1.0.1

  • Initial Release

Meta

  • Verze pluginu: 4.0.1
  • Poslední aktualizace: před 5 dny
  • Aktivních instalací: 300+
  • Verze WordPressu: 3.0.2 nebo novější
  • Testováno až do WordPressu: 6.0
  • Jazyk:
    English (US)
  • Štítky:
    OAuth provideroauth serveroauth2OpenIDwordpress login
  • Podrobnosti

Hodnocení

Zobrazit vše
  • 5 hvězdiček 25
  • 4 hvězdičky 1
  • 3 hvězdičky 0
  • 2 hvězdičky 1
  • 1 hvězdička 0
Přihlašte se a vytvořte hodnocení

Spolupracovníci

  • miniOrange
  • oauth

Podpora

Vyřešené problémy během posledních dvou měsíců:

1 z 1

Fórum podpory

  • O WordPressu
  • Novinky
  • Hosting
  • Podpořit
  • Podpora
  • Vývojáři
  • Zapojte se
  • Vzdělávání
  • Příklady
  • Pluginy
  • Šablony
  • Vzory
  • WordCamp
  • WordPress.TV
  • BuddyPress
  • bbPress
  • WordPress.com
  • Matt
  • Soukromí
  • Veřejný kód
WordPress.org
WordPress.org

Česko

  • Navštivte naši stránku na Facebooku
  • Navštivte náš Twitter účet
Code is Poetry.