BrianHenryIE/wp-single-sign-on-client-actions-filters-friendly-errors.diff

## wp-single-sign-on-client-actions-filters-friendly-errors.diff
diff --git a/includes/callback.php b/includes/callback.php
index 81ca282..39b15db 100644
--- a/includes/callback.php
+++ b/includes/callback.php
@@ -74,13 +74,22 @@ if ( isset( $_GET['code'] ) && ! empty( $_GET['code'] ) ) {
 	$user_info = json_decode( $response['body'] );
 	$user_id   = username_exists( $user_info->user_login );
 	if ( ! $user_id && email_exists( $user_info->user_email ) == false ) {
-
+
+		$new_user_permitted = true;
+		$new_user_permitted = apply_filters( 'oauth-single-sign-on-permit-user', $new_user_permitted, $user_info );
+		if ( ! $new_user_permitted ) {
+			wp_redirect( esc_url( add_query_arg( array( 'ssofail' => "Account cannot be created for this user" ), wp_login_url() ) ) );
+			exit;
+		}
+
 		// Does not have an account... Register and then log the user in
 		$random_password = wp_generate_password( $length = 12, $include_standard_special_chars = false );
 		$user_id         = wp_create_user( $user_info->user_login, $random_password, $user_info->user_email );
 		wp_clear_auth_cookie();
 		wp_set_current_user( $user_id );
 		wp_set_auth_cookie( $user_id );
+
+		do_action( 'oauth-single-sign-on-new-user', $user_info, $user_id );

 		if ( is_user_logged_in() ) {
 			wp_redirect( $user_redirect );
@@ -102,6 +111,8 @@ if ( isset( $_GET['code'] ) && ! empty( $_GET['code'] ) ) {
 		wp_set_current_user( $user->ID );
 		wp_set_auth_cookie( $user->ID );

+		do_action( 'oauth-single-sign-on', $user );
+
 		if ( is_user_logged_in() ) {
 			wp_redirect( $user_redirect );
 			exit;
@@ -109,5 +120,6 @@ if ( isset( $_GET['code'] ) && ! empty( $_GET['code'] ) ) {

 	}

-	exit( 'Single Sign On Failed.' );
-}
\ No newline at end of file
+	wp_redirect( esc_url( add_query_arg( array( 'ssofail' => 'Single Sign On Failed.' ), wp_login_url() ) ) );
+	exit();
+}
diff --git a/includes/functions.php b/includes/functions.php
index fead972..862b86b 100644
--- a/includes/functions.php
+++ b/includes/functions.php
@@ -56,4 +56,13 @@ function wpssoc_get_user_redirect_url() {
 	$user_redirect = apply_filters( 'wpssoc_user_redirect_url', $user_redirect_set );

 	return $user_redirect;
+}
+
+
+
+function add_sso_fail_message() {
+	return '<p id="login_error"><strong>ERROR:</strong> '.$_GET['ssofail'].'</p>';
+}
+if ( isset( $_GET['ssofail'] ) ) {
+	add_filter('login_message', 'add_sso_fail_message');
 }
\ No newline at end of file
	diff --git a/includes/callback.php b/includes/callback.php
	index 81ca282..39b15db 100644
	--- a/includes/callback.php
	+++ b/includes/callback.php
	@@ -74,13 +74,22 @@ if ( isset( $_GET['code'] ) && ! empty( $_GET['code'] ) ) {
	$user_info = json_decode( $response['body'] );
	$user_id = username_exists( $user_info->user_login );
	if ( ! $user_id && email_exists( $user_info->user_email ) == false ) {
	-
	+
	+ $new_user_permitted = true;
	+ $new_user_permitted = apply_filters( 'oauth-single-sign-on-permit-user', $new_user_permitted, $user_info );
	+ if ( ! $new_user_permitted ) {
	+ wp_redirect( esc_url( add_query_arg( array( 'ssofail' => "Account cannot be created for this user" ), wp_login_url() ) ) );
	+ exit;
	+ }
	+
	// Does not have an account... Register and then log the user in
	$random_password = wp_generate_password( $length = 12, $include_standard_special_chars = false );
	$user_id = wp_create_user( $user_info->user_login, $random_password, $user_info->user_email );
	wp_clear_auth_cookie();
	wp_set_current_user( $user_id );
	wp_set_auth_cookie( $user_id );
	+
	+ do_action( 'oauth-single-sign-on-new-user', $user_info, $user_id );

	if ( is_user_logged_in() ) {
	wp_redirect( $user_redirect );
	@@ -102,6 +111,8 @@ if ( isset( $_GET['code'] ) && ! empty( $_GET['code'] ) ) {
	wp_set_current_user( $user->ID );
	wp_set_auth_cookie( $user->ID );

	+ do_action( 'oauth-single-sign-on', $user );
	+
	if ( is_user_logged_in() ) {
	wp_redirect( $user_redirect );
	exit;
	@@ -109,5 +120,6 @@ if ( isset( $_GET['code'] ) && ! empty( $_GET['code'] ) ) {

	}

	- exit( 'Single Sign On Failed.' );
	-}
	\ No newline at end of file
	+ wp_redirect( esc_url( add_query_arg( array( 'ssofail' => 'Single Sign On Failed.' ), wp_login_url() ) ) );
	+ exit();
	+}
	diff --git a/includes/functions.php b/includes/functions.php
	index fead972..862b86b 100644
	--- a/includes/functions.php
	+++ b/includes/functions.php
	@@ -56,4 +56,13 @@ function wpssoc_get_user_redirect_url() {
	$user_redirect = apply_filters( 'wpssoc_user_redirect_url', $user_redirect_set );

	return $user_redirect;
	+}
	+
	+
	+
	+function add_sso_fail_message() {
	+ return '<p id="login_error"><strong>ERROR:</strong> '.$_GET['ssofail'].'</p>';
	+}
	+if ( isset( $_GET['ssofail'] ) ) {
	+ add_filter('login_message', 'add_sso_fail_message');
	}
	\ No newline at end of file