WordPress Third Party Authentication

5,903 views

Published on

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
5,903
On SlideShare
0
From Embeds
0
Number of Embeds
9
Actions
Shares
0
Downloads
0
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

WordPress Third Party Authentication

  1. 1. 3rd Party WordPress Authentication: A Taster
  2. 2. Business Decisions <ul><li>Newspaper CMS with WordPress Blog Component </li></ul><ul><li>Enterprise Active Directory </li></ul><ul><li>Google/Facebook Integration </li></ul>
  3. 3. I am not a crypto, but I did stay at a Holiday Inn Express Last Night!
  4. 4. Authentication Tech <ul><li>Single Factor - User/Pass </li></ul><ul><ul><li>WordPress Default </li></ul></ul><ul><ul><li>Also, LDAP and Sometimes Active Directory </li></ul></ul><ul><ul><li>OpenID </li></ul></ul><ul><li>Two Factor - Something you have, something you know </li></ul><ul><ul><li>oAuth </li></ul></ul><ul><ul><li>Smart Card </li></ul></ul>
  5. 5. Two Approaches in WordPress! <ul><li>Replace wp_authenticate() in wp-includes/pluggable.php in a plugin. Or.... </li></ul><ul><li>Use hooks! (Best Option) </li></ul>
  6. 6. This is all Hookable in WordPress!
  7. 7. if ( !function_exists('wp_authenticate') ) : function wp_authenticate($username, $password) { $username = sanitize_user($username); $password = trim($password); $user = apply_filters('authenticate', null, $username, $password); if ( $user == null ) { // TODO what should the error message be? (Or would these even happen?) // Only needed if all authentication handlers fail to return anything. $user = new WP_Error('authentication_failed', __('<strong>ERROR</strong>: Invalid username or incorrect password.')); } $ignore_codes = array('empty_username', 'empty_password'); if (is_wp_error($user) && !in_array($user->get_error_code(), $ignore_codes) ) { do_action('wp_login_failed', $username); } return $user; } endif; endif; endif; endif; endif; endif; endif; endif; endif; endif; endif; endif; endif; endif; endif; endif; endif; endif; endif; endif; endif; endif;
  8. 8. Using the authenticate filter <ul><li>The authenticate hook is a multi-argument hook. You can pass more than one argument, but it can only return one! </li></ul><ul><li>In this case, if using a user/password authentication type, you can pass those: </li></ul><ul><ul><li>add_filter(‘authenticate’, null, ‘myuser’, ‘mypass’); </li></ul></ul><ul><ul><li>Return WP_User object </li></ul></ul><ul><li>Or... pass anything you want. Secret token for oAuth? </li></ul><ul><ul><li>Username and Password CAN be null, or not set. Just return a WP_User object! </li></ul></ul>
  9. 9. OpenID Example <ul><li>function wpb_authenticate( $openid_server, $openid_usr, $openid_pw){ </li></ul><ul><li>if( !isset($openid_server) || !isset( $openid_usr) || !isset($openid_pw) { </li></ul><ul><li>return new WP_Error(‘invalid’, ‘Invalid OpenID Creds’); </li></ul><ul><li>} $wp_user = wpb_request_openid_auth( </li></ul><ul><ul><ul><li>$openid_server, </li></ul></ul></ul><ul><ul><ul><li>$openid_usr, </li></ul></ul></ul><ul><ul><ul><li>$openid_pw </li></ul></ul></ul><ul><ul><ul><li>); return $wp_user; // Valid WP_User object or WP_Error object} </li></ul></ul></ul><ul><li>remove_action('authenticate', 'wp_authenticate_username_password', 20); </li></ul><ul><li>add_filter( ‘authenticate’, ‘wpb_authenticate’, 30, 3 ); </li></ul><ul><li>add_filter( ‘authenticate’, ‘wpb_authenticate’, 30, 3 ); </li></ul>
  10. 10. This is also replaceable Old Skool Style!
  11. 11. Pluggable Functions <ul><li>All functions in wp-includes/pluggable.php are replaceable by plugins </li></ul><ul><li>This is NOT the recommended way of doing business but when all else fails... </li></ul><ul><li>Key Auth functions: </li></ul><ul><ul><li>wp_authenticate() </li></ul></ul><ul><ul><li>wp_check_password() </li></ul></ul><ul><ul><li>wp_clear_auth_cookie(), wp_generate_auth_cookie(), wp_validate_auth_cookie(), wp_set_auth_cookie() </li></ul></ul>
  12. 12. Resources <ul><li>Will Norris on the authenticate hook and oAuth - http://willnorris.com/2009/03/authentication-in-wordpress-28 </li></ul><ul><li>WordPress Codex, Pluggable Functions http://codex.wordpress.org/Pluggable_Functions </li></ul><ul><li>WordPress Codex, WP_Error object http://codex.wordpress.org/Function_Reference/WP_Error </li></ul><ul><li>John Kolbert on using the authenticate hook http://www.johnkolbert.com/wordpress/how-to-add-your-own-authentication-criteria/ </li></ul>
  13. 13. Thank You! <ul><li>Aaron Brazell </li></ul><ul><li>Email: [email_address] </li></ul><ul><li>Biz: WP Engine, http://wpengine.com </li></ul><ul><li>Twitter: @technosailor </li></ul><ul><li>Book: WordPress Bible - 2E is out! Order on Amazon http://amzn.to/wpbible2 </li></ul>

×