Skip to content

Instantly share code, notes, and snippets.

@rheinardkorf

rheinardkorf/slack-sso.php

Last active September 30, 2016 00:28
Show Gist options
  • Save rheinardkorf/91431d6e8e7b5070730352321876d5d3 to your computer and use it in GitHub Desktop.
Save rheinardkorf/91431d6e8e7b5070730352321876d5d3 to your computer and use it in GitHub Desktop.
Download ZIP
Very basic implementation of a Slack SSO plugin.
Raw
slack-sso.php
<?php
/*
Plugin Name: Slack SSO
Plugin URI: https://gist.github.com/rheinardkorf/91431d6e8e7b5070730352321876d5d3
Description: Sign into your WordPress site with Slack.
Version: 0.1-alpha
Author: Rheinard Korf
Author URI: https://gist.github.com/rheinardkorf/91431d6e8e7b5070730352321876d5d3
License: GPL2
License URI: http://www.gnu.org/licenses/gpl-2.0.html
Text Domain: slack-sso
Domain Path: /languages
*/
const SLACK_SSO_CLIENT_ID = '<YOUR_SLACK_CLIENT_ID>';
const SLACK_SSO_CLIENT_SECRET = '<YOUR_SLACK_CLIENT_SECRET>';
/**
* Handle Slack Sign-In.
*/
add_action( 'init', function () {
/**
* Note: Set your callback URL to your login page and include ?slack_sso=1 as the URI parameter for the following to work.
**/
$is_slack_sso = isset( $_GET['slack_sso'] );
$is_slack_error = isset( $_GET['error'] );
$is_slack_authenticated = isset( $_GET['code'] );
$error_code = $is_slack_error ? sanitize_text_field( wp_unslash( $_GET['error'] ) ) : '';
$auth_code = $is_slack_authenticated ? sanitize_text_field( wp_unslash( $_GET['code'] ) ) : '';
if ( $is_slack_sso && $is_slack_authenticated ) {
/**
* User approved Slack Sign-In.
*/
$slack_auth_uri = esc_url_raw( sprintf( 'https://slack.com/api/oauth.access?client_id=%s&client_secret=%s&code=%s', SLACK_SSO_CLIENT_ID, SLACK_SSO_CLIENT_SECRET, $auth_code ) );
$response = wp_safe_remote_get( $slack_auth_uri );
$response_object = json_decode( $response['body'] );
if ( isset( $response_object->user ) ) {
$slack_user = $response_object->user;
$user = get_user_by( 'email', $slack_user->email );
if ( false === $user ) {
$id = wp_create_user( $slack_user->name, wp_generate_password(), $slack_user->email );
$user = ! is_wp_error( $id ) ? get_user_by( 'email', $slack_user->email ) : false;
}
if ( false === $user ) {
$is_slack_error = true;
$error_code = 'wp_user_error';
} else {
// Save slack user to user meta.
update_user_option( $user->ID, 'slack_user', wp_json_encode( $slack_user ) );
wp_set_auth_cookie( $user->ID );
if ( isset( $_REQUEST['redirect_to'] ) ) {
$redirect_to = $_REQUEST['redirect_to'];
// Redirect to https if user wants ssl
if ( is_ssl() && false !== strpos( $redirect_to, 'wp-admin' ) ) {
$redirect_to = preg_replace( '|^http://|', 'https://', $redirect_to );
}
} else {
$redirect_to = admin_url();
}
wp_safe_redirect( $redirect_to );
exit();
}
}
}
/**
* Well this sign-in was unsuccessful.
*/
if ( $is_slack_sso && $is_slack_error ) {
switch ( $error_code ) {
case 'wp_user_error':
$error_message = esc_html__( 'Could not find or create a user.', 'slack-sso' );
break;
case 'access_denied':
$error_message = esc_html__( 'Could not log you in via Slack: Access Denied.', 'slack-sso' );
break;
default:
$error_message = 'wat';
}
add_filter( 'login_message', function ( $message ) use ( $error_message ) {
return '<div id="login_error">' . apply_filters( 'login_errors', $error_message ) . '</div>';
} );
}
} );
/**
* Add "Sign in with Slack" button on Login Form.
*/
add_action( 'login_form', function () {
echo sprintf( '<div><a href="https://slack.com/oauth/authorize?scope=identity.basic,identity.email,identity.team,identity.avatar&client_id=%s"><img alt="Sign in with Slack" height="40" width="172" src="https://platform.slack-edge.com/img/sign_in_with_slack.png" srcset="https://platform.slack-edge.com/img/sign_in_with_slack.png 1x, https://platform.slack-edge.com/img/sign_in_with_slack@2x.png 2x" /></a></div>', SLACK_SSO_CLIENT_ID ); // PHPCS: XSS ok.
} );
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment