Hello Will. Thanks for the fantastic Shibboleth plugin.
I've been charged with updating the plugin for use on a system at MIT where we plan to use Shibboleth for authentication proper but then use another, MIT-internal system for permissions (WP role) management. We will be querying the logged in user's username + email against our system to get the proper user_role, so it doesn't make sense to have a static
What's working for me so far is to add a modify
shibboleth_get_user_role() so that we make the check there. Could we add a filter to the user role at that stage? If possible, we would like to not modify your plugin as much as possible so we don't need to completely fork this work MIT.
We're also going to have to patch up some incomplete parts of the plugin, such as duplicate user login handling (a TODO item in your code). If I can contribute to the Shibboleth plugin itself, even as a committer to the plugin, I would love to do so.