跳至内容
  • 登录
  • 注册
WordPress.org

China 简体中文

  • 主题
  • 插件
  • 消息
  • 支持
    • 文档
    • 论坛
  • 关于
  • 获取 WordPress
获取 WordPress

插件

  • 我的收藏
  • Beta测试
  • 开发者

该插件尚未通过WordPress的最新3个主要版本进行测试。 当与较新版本的WordPress一起使用时,可能不再受到维护或支持,并且可能会存在兼容性问题。

下载

JWT Single Sign On

作者seschi98
  • 详情
  • 评价
  • 安装
  • 开发进展
支持

描述

This plugin allows signing in users via JSON Web Token (JWT) in WordPress. It is used to allow users from another website/service/etc. to securely use their credentials for the WordPress site.
Sample use case: There is an existing user database (e.g. in an intranet environment) and the users should be able to login to an external site that is powered by wordpress, without having to remember another password. This mechanism is also called Single Sign On (SSO).
Please note that the user information and role mappings are updated each time the user logs in via SSO. If you do not want to sync the roles from your existing system to wordpress, you can disable the functionality via the settings page.

JWT Server

You will need to implement an endpoint on your website/app that has access to the logged
in user (via login form or Kerberos-like authentication etc). That endpoint needs to create
and sign a JWT with the HS256 algorithm and the below described information in the payload.
It then has to redirect the user back to the WordPress site https://example.org/?auth=jwt&code={jwt}
where {jwt} is the signed JWT as string representation.

{
“iat”: 1516239022,
“iss”: “issuer_name”,
“user_info”: {
“user_login”: “johndoe”,
“user_name”: “John Doe”,
“first_name”: “John”,
“last_name”: “Doe”,
“user_email”: “johndoe@example.org”,
“user_roles”: [“role1”]
}
}

安装

  1. Upload the downloaded plugin folder to the /wp-content/plugins/ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress
  3. In the administration dashboard, go to “Settings” > “Single Sign On” and configure the JWT settings.

常见问题

Where can I configure the plugin?

In the administration dashboard, go to “Settings” > “Single Sign On”.

Can I request a feature?

Yes! You can create an issue on GitHub. The repository can be found under https://github.com/seschi98/wordpress-jwt-single-sign-on

评价

Great start for new JWT plugin

dragonword 2019年6月3日
Using on my site and excited with it so far. It does what it says on the tin, although there are a few drawbacks: - When activated, no users are able to log out - Documentation lists auth url parameter as 'jwt', but it should be 'sso' - Would be nice if the wordpress login page could automatically redirect to SSO page, or maybe just have a 'continue to SSO' button with the default form hidden until you click 'I am an admin' or something else to use the native auth. Current display means people will try logging in and then click the SSO button, which is a bit confusing. - It is keyed off username AND e-mail. Email is not a great thing to key off since it may change in future if user changes their email in either SSO site or wordpress site. Also, in my case, users can have multiple accounts with identical e-mail. So an option to only key off username only (which cannot be changed in stock wordpress) would be ideal. That said, having JWT auth is very useful and am much appreciative for this plugin! I am really excited to follow this plugin's development, and hope it continues to improve in future too 🙂
阅读所有1条评价

贡献者及开发者

“JWT Single Sign On” 是开源软件。 以下人员对此插件做出了贡献。

贡献者
  • seschi98

将“JWT Single Sign On”翻译成您的语言。

对开发感兴趣吗?

您可以浏览代码,查看SVN仓库,或通过RSS订阅开发日志。

更新日志

1.2.0

  • Adding some validation so that default values for new plugin settings are automatically populated when a plugin update is performed.
  • Adding the possibility to disable the SSO button on the login page.

1.1.1

  • Fixing the plugin name in readme.txt so it is compliant to the WordPress specification

1.1.0

  • Updating readme file to provide more information
  • Updating admin settings page to give more information about the setup process
  • Removed dependecy for jQueryUI CDN
  • Adding a proper readme.txt file for WordPress Plugin Directory
  • Adding the ability to control whether the clientId and site’s SSO address should be appended to the JWT Server URL
  • Adding the ability to disable role synchronisation

1.0.0

  • Initial Proof-Of-Concept for this plugin.

额外信息

  • 版本:1.2.0
  • 最后更新:4年前
  • 有效安装数量:20+
  • WordPress版本: 3.0.1 或更高版本
  • 最高兼容版本:5.1.16
  • PHP版本: 5.2 或更高版本
  • 语言:
    English (US)
  • 标签:
    jwtloginSingle Sign-onsso
  • 高级视图

评级

查看所有评价
  • 5星 0
  • 4星 1
  • 3星 0
  • 2星 0
  • 1星 0
登录以提交评价。

贡献者

  • seschi98

支持

最近两个月解决的问题:

总计 1,已解决 0

查看支持论坛

  • 关于
  • 消息
  • 主机
  • 捐助
  • Swag
  • 支持
  • 开发者
  • 参与
  • 学习
  • 展示站点
  • 插件
  • 主题
  • 区块样板
  • WordCamp
  • WordPress.TV
  • BuddyPress
  • bbPress
  • WordPress.com
  • Matt
  • 隐私
  • Public Code
WordPress.org
WordPress.org

China 简体中文

  • 访问我们的 Facebook 公共主页
  • 关注我们的 Twitter 账号
  • 关注我们的 Instagram 账号
  • 关注我们的 LinkedIn 主页
  • Visit our YouTube channel
代码如诗