Merge pull request #3 from jazzsequence/feature/saml-url-filters

jazzsequence · web-flow · commit 40c1e7e56848 · 2017-08-29T12:50:25.000-06:00
Allow wp-login.php query variables to be filtered
diff --git a/onelogin-saml-sso/onelogin_saml.php b/onelogin-saml-sso/onelogin_saml.php
@@ -39,7 +39,7 @@ function disable_password_reset() { return false; }
 $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : 'login';
 
 // Handle SLO
-if (isset($_COOKIE['saml_login']) && get_option('onelogin_saml_slo')) { 
+if (isset($_COOKIE['saml_login']) && get_option('onelogin_saml_slo')) {
 	add_action('init', 'saml_slo', 1);
 }
 
@@ -48,7 +48,8 @@ function disable_password_reset() { return false; }
 	add_action('init', 'saml_sso', 1);
 } else {
 	$execute_sso = false;
-	$saml_actions = isset($_GET['saml_metadata']) || (strpos($_SERVER['SCRIPT_NAME'], 'alternative_acs.php') !== FALSE);
+	$saml_metadata = apply_filters( 'onelogin_saml_metadata', 'saml_metadata' );
+	$saml_actions = isset($_GET[ $saml_metadata ]) || (strpos($_SERVER['SCRIPT_NAME'], 'alternative_acs.php') !== FALSE);
 
 	$wp_login_page = (strpos($_SERVER['SCRIPT_NAME'], 'wp-login.php') !== FALSE) && $action == 'login' && !isset($_GET['loggedout']);
 
@@ -69,7 +70,7 @@ function disable_password_reset() { return false; }
 	} else if ($local_wp_actions) {
 		$prevent_local_login = get_option('onelogin_saml_customize_action_prevent_local_login', false);
 
-		if (($want_to_local_login && $prevent_local_login) || ($want_to_reset && $prevent_reset_password)) {		
+		if (($want_to_local_login && $prevent_local_login) || ($want_to_reset && $prevent_reset_password)) {
 			$execute_sso = True;
 		}
 	}
diff --git a/onelogin-saml-sso/php/configuration.php b/onelogin-saml-sso/php/configuration.php
@@ -13,15 +13,17 @@
 
 	function onelogin_saml_configuration_render() {
 		$title = __("SSO/SAML Settings", 'onelogin-saml-sso');
+		$saml_metadata = apply_filters( 'onelogin_saml_metadata', 'saml_metadata' );
+		$saml_validate_config = apply_filters( 'onelogin_saml_validate_config', 'saml_validate_config' );
 		?>
 			<div class="wrap">
 				<?php screen_icon(); ?>
 				<div class="alignleft">
 					<a href="http://www.onelogin.com"><img src="<?php echo plugins_url('onelogin.png', dirname(__FILE__));?>"></a>
 				</div>
 				<div class="alignright">
-					<a href="<?php echo get_site_url().'/wp-login.php?saml_metadata'; ?>" target="blank"><?php echo __("Go to the metadata of this SP", 'onelogin-saml-sso');?></a><br>
-					<a href="<?php echo get_site_url().'/wp-login.php?saml_validate_config'; ?>" target="blank"><?php echo __("Once configured, validate here your OneLogin SSO/SAML Settings", 'onelogin-saml-sso');?></a>
+					<a href="<?php echo get_site_url( null, '/wp-login.php?' . $saml_metadata ); ?>" target="blank"><?php echo __("Go to the metadata of this SP", 'onelogin-saml-sso');?></a><br>
+					<a href="<?php echo get_site_url( null, '/wp-login.php?' . $saml_validate_config ); ?>" target="blank"><?php echo __("Once configured, validate here your OneLogin SSO/SAML Settings", 'onelogin-saml-sso');?></a>
 				</div>
 				<div style="clear:both"></div>
 				<h2><?php echo esc_html( $title ); ?></h2>
diff --git a/onelogin-saml-sso/php/functions.php b/onelogin-saml-sso/php/functions.php
@@ -10,14 +10,22 @@
 
 
 function saml_checker() {
-	if (isset($_GET['saml_acs'])) {
+	/**
+	 * Allow saml_acs query variables to be customized.
+	 */
+	$saml_acs             = apply_filters( 'onelogin_saml_acs', 'saml_acs' );
+	$saml_sls             = apply_filters( 'onelogin_saml_sls', 'saml_sls' );
+	$saml_metadata        = apply_filters( 'onelogin_saml_metadata', 'saml_metadata' );
+	$saml_validate_config = apply_filters( 'onelogin_saml_validate_config', 'saml_validate_config' );
+
+	if ( isset( $_GET[ $saml_acs ] ) ) {
 		saml_acs();
 	}
-	else if (isset($_GET['saml_sls'])) {
+	else if (isset($_GET[ $saml_sls ])) {
 		saml_sls();
-	} else if (isset($_GET['saml_metadata'])) {
+	} else if (isset($_GET[ $saml_metadata ])) {
 		saml_metadata();
-	} else if (isset($_GET['saml_validate_config'])) {
+	} else if (isset($_GET[ $saml_validate_config ])) {
 		saml_validate_config();
 	}
 }
diff --git a/onelogin-saml-sso/php/settings.php b/onelogin-saml-sso/php/settings.php
@@ -57,7 +57,12 @@
     }
 }
 
-$acs_endpoint = get_option('onelogin_saml_alternative_acs', false) ? plugins_url( 'alternative_acs.php', dirname( __FILE__ ) ) : wp_login_url() . '?saml_acs';
+/**
+ * Allow saml_acs URL query variable to be customized.
+ */
+$saml_acs = apply_filters( 'onelogin_saml_acs', 'saml_acs' );
+$saml_sls = apply_filters( 'onelogin_saml_acs', 'saml_sls' );
+$acs_endpoint = get_option( 'onelogin_saml_alternative_acs', false ) ? plugins_url( 'alternative_acs.php', dirname( __FILE__ ) ) : wp_login_url() . '?' . $saml_acs;
 
 $settings = array (
 
@@ -70,7 +75,7 @@
             'url' => $acs_endpoint
         ),
         'singleLogoutService' => array (
-            'url' => get_site_url().'/wp-login.php?saml_sls'
+            'url' => get_site_url( null, '/wp-login.php?' . $saml_sls )
         ),
         'NameIDFormat' => $opt['NameIDFormat'],
         'x509cert' => get_option('onelogin_saml_advanced_settings_sp_x509cert'),
