Title: Patch to submit
Last modified: August 20, 2016
---
# Patch to submit
* [kkaland](https://wordpress.org/support/users/kkaland/)
* (@kkaland)
* [13 years, 5 months ago](https://wordpress.org/support/topic/patch-to-submit/)
* Hey there – how do I submit a patch? I fixed the issue where pre-SAML users couldn’t
log in afterward. This is admittedly an edge case, but it could help people implementing
simple sign-on who had existing users before with the same user names as their
SAML user names. Of course, if the names didn’t match, then it’s useless. Maybe
an optional function.
* Also trying to fix the reauth issue in a smart way (going to /wp-admin drops
me on wp-login.php with reauth set). Would like to contribute that…that seems
generally useful.
* [http://wordpress.org/extend/plugins/simplesamlphp-authentication/](http://wordpress.org/extend/plugins/simplesamlphp-authentication/)
Viewing 4 replies - 1 through 4 (of 4 total)
* [Tatichka](https://wordpress.org/support/users/tatichka/)
* (@tatichka)
* [13 years, 3 months ago](https://wordpress.org/support/topic/patch-to-submit/#post-3279401)
* Hi!
* Do you have the patch to solve the login problem? I am using WP 3.5 MU but everytime
I log in through my IdP I get redirected to wp-login.php without being logged
to WP…
* [colemab](https://wordpress.org/support/users/colemab/)
* (@colemab)
* [13 years, 3 months ago](https://wordpress.org/support/topic/patch-to-submit/#post-3279402)
* ```
function authenticate(&$username, &$password) {
global $simplesaml_authentication_opt, $simplesaml_configured, $as;
if (!$simplesaml_configured) {
die("simplesaml-authentication plugin not configured");
}
// Reset values from input ($_POST and $_COOKIE)
$username = $password = '';
$as->requireAuth();
$attributes = $as->getAttributes();
/*
* Only allow usernames that are not affected by sanitize_user(), and that are not
* longer than 60 characters (which is the 'user_login' database field length).
* Otherwise an account would be created but with a sanitized username, which might
* clash with an already existing account.
* See sanitize_user() in wp-includes/formatting.php.
*/
if(empty($simplesaml_authentication_opt['username_attribute'])) {
$username = $attributes['uid'][0];
} else {
$username = $attributes[$simplesaml_authentication_opt['username_attribute']][0];
}
if ($username != substr(sanitize_user($username, TRUE), 0, 60)) {
$error = sprintf(__('ERROR
We got back the following identifier from the login process:
%s
Unfortunately that is not suitable as a username.
Please contact the blog administrator and ask to reconfigure the
simpleSAMLphp plugin!'), $username, get_option('admin_email'));
$errors['registerfail'] = $error;
print($error);
exit();
}
$password = md5(SimpleSAMLAuthentication::passwordRoot());
if (!function_exists('get_user_by')) {
die("Could not load user data");
}
$user = get_user_by('login', $username);
if ($user) { // user already exists - try to log them in
$user = wp_authenticate($username, $password);
wp_set_current_user($user->ID); //Here is where we update the global user variables
wp_set_auth_cookie($user->ID);
do_action('wp_login',$userdata->ID);
if (isset($_REQUEST['redirect_to'])){
wp_redirect($_REQUEST['redirect_to']);
} else {
wp_redirect(get_bloginfo('url'));
}
exit;
} else {
// First time logging in
if ($simplesaml_authentication_opt['new_user'] == 1) {
// Auto-registration is enabled
// User is not in the WordPress database
// They passed SimpleSAML and so are authorised
// Add them to the database
// User must have an e-mail address to register
$user_email = '';
$email_attribute = empty($simplesaml_authentication_opt['email_attribute']) ? 'mail' : $simplesaml_authentication_opt['email_attribute'];
if($attributes[$email_attribute][0]) {
// Try to get email address from attribute
$user_email = $attributes[$email_attribute][0];
} else {
// Otherwise use default email suffix
if ($simplesaml_authentication_opt['email_suffix'] != '') {
$user_email = $username . '@' . $simplesaml_authentication_opt['email_suffix'];
}
}
$user_info = array();
$user_info['user_login'] = $username;
$user_info['user_pass'] = $password;
$user_info['user_email'] = $user_email;
if(empty($simplesaml_authentication_opt['firstname_attribute'])) {
$user_info['first_name'] = $attributes['givenName'][0];
} else {
$user_info['first_name'] = $attributes[$simplesaml_authentication_opt['firstname_attribute']][0];
}
if(empty($simplesaml_authentication_opt['lastname_attribute'])) {
$user_info['last_name'] = $attributes['sn'][0];
} else {
$user_info['last_name'] = $attributes[$simplesaml_authentication_opt['lastname_attribute']][0];
}
// Set user role based on eduPersonEntitlement
if ($simplesaml_authentication_opt['admin_entitlement'] != '' &&
$attributes['eduPersonEntitlement'] &&
in_array($simplesaml_authentication_opt['admin_entitlement'],
$attributes['eduPersonEntitlement'])) {
$user_info['role'] = "administrator";
} else {
$user_info['role'] = "subscriber";
}
$wp_uid = wp_insert_user($user_info);
// the user should have been crated so lets confirm this
$user = get_user_by('login', $username);
if ($user) { // user already exists - try to log them in
$user = wp_authenticate($username, $password);
wp_set_current_user($user->ID); //Here is where we update the global user variables
wp_set_auth_cookie($user->ID);
do_action('wp_login',$userdata->ID);
if (isset($_REQUEST['redirect_to'])){
wp_redirect($_REQUEST['redirect_to']);
} else {
wp_redirect(get_bloginfo('url'));
}
exit;
}
} else {
$error = sprintf(__('ERROR: %s is not registered with this blog.
Please contact the blog administrator to create a new
account!
'), $username, get_option('admin_email'));
$errors['registerfail'] = $error;
print($error);
print('Log out of SimpleSAML.
');
exit();
}
}
}
```
* [Ton van Leest](https://wordpress.org/support/users/tonvanleest/)
* (@tonvanleest)
* [13 years, 3 months ago](https://wordpress.org/support/topic/patch-to-submit/#post-3279403)
* Hi Colemab,
* In which php-file should this function be placed?
* When I look at the plugin I find 21 files where the function “authenticate” is
used…
* Thanks in advance for your response.
* Sincerely,
Ton
* [colemab](https://wordpress.org/support/users/colemab/)
* (@colemab)
* [13 years, 2 months ago](https://wordpress.org/support/topic/patch-to-submit/#post-3279404)
* Tonvanleest,
* These changes are related to the simplesamlphp-authentication.php file which
comes as part of this plugin and should be located in the plugins directory.
* Even though this is a complete copy of the code, You may want to also read the
other support thread for this plugin where Tatichka and I discuss some other
aspects of the implementation of this fix.
* Thanks
Viewing 4 replies - 1 through 4 (of 4 total)
The topic ‘Patch to submit’ is closed to new replies.
* 
* [simpleSAMLphp Authentication](https://wordpress.org/plugins/simplesamlphp-authentication/)
* [Frequently Asked Questions](https://wordpress.org/plugins/simplesamlphp-authentication/#faq)
* [Support Threads](https://wordpress.org/support/plugin/simplesamlphp-authentication/)
* [Active Topics](https://wordpress.org/support/plugin/simplesamlphp-authentication/active/)
* [Unresolved Topics](https://wordpress.org/support/plugin/simplesamlphp-authentication/unresolved/)
* [Reviews](https://wordpress.org/support/plugin/simplesamlphp-authentication/reviews/)
* 4 replies
* 4 participants
* Last reply from: [colemab](https://wordpress.org/support/users/colemab/)
* Last activity: [13 years, 2 months ago](https://wordpress.org/support/topic/patch-to-submit/#post-3279404)
* Status: not resolved