merging dev at 1.0.0 release (#4)

* Merged PR that adds [PKCE support](oidc-wp/openid-connect-generic#421)
* Integrated Hellō Quickstart
* Removed unnecessary configuration options
* Renamed all relevant identifiers to be Hellō Login specific

Co-authored-by: Clement Boirie <cboirie@beapi.fr>
Co-authored-by: Dick Hardt <dick.hardt@hello.coop>

.gitattributes

@@ -11,8 +11,9 @@
 *.sh text eol=lf
 
 # Ignored directories during export.
-/.wordpress-org export-ignore
+/.devcontainer export-ignore
 /.github export-ignore
+/.wordpress-org export-ignore
 /scripts export-ignore
 /tests export-ignore
 /tools export-ignore
@@ -21,6 +22,7 @@
 /.editorconfig export-ignore
 /.gitattributes export-ignore
 /.gitignore export-ignore
+/.gitpod.yml export-ignore
 /.npmrc export-ignore
 /.nvmrc export-ignore
 /.travis.yml export-ignore

.github/CONTRIBUTING.md

@@ -1,20 +1,20 @@
-# Contributing to OpenID Connect Generic Client ✨
+# Contributing to Hellō Login
 
 This plugin provides security enhancements to WordPress, and your help making it even more awesome will be greatly appreciated :)
 
 There are many ways to contribute to the project!
 
-- [Translating strings into your language](https://translate.wordpress.org/projects/wp-plugins/daggerhart-openid-connect-generic/).
-- Answering open questions under the GitHub Issue Tracker (https://github.com/oidc-wp/openid-connect-generic/issues).
-- Testing open [issues](https://github.com/oidc-wp/openid-connect-generic/issues) or [pull requests](https://github.com/oidc-wp/openid-connect-generic/pulls) and sharing your findings in a comment.
+- [Translating strings into your language](TBD).
+- Answering open questions under the GitHub Issue Tracker (https://github.com/hellocoop/wordpress/issues).
+- Testing open [issues](https://github.com/hellocoop/wordpress/issues) or [pull requests](https://github.com/hellocoop/wordpress/pulls) and sharing your findings in a comment.
 - Submitting fixes, improvements, and enhancements.
 - Disclose a security issue to our team.
 
 If you wish to contribute code, please read the information in the sections below. Then [fork](https://help.github.com/articles/fork-a-repo/) the plugin, commit your changes, and [submit a pull request](https://help.github.com/articles/using-pull-requests/) 🎉
 
-We use the `good first issue` label to mark issues that are suitable for new contributors. You can find all the issues with this label [here](https://github.com/oidc-wp/openid-connect-generic/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22).
+We use the `good first issue` label to mark issues that are suitable for new contributors. You can find all the issues with this label [here](https://github.com/hellocoop/wordpress/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22).
 
-OpenID Connect Generic Client is licensed under the GPLv2.0, and all contributions to the project will be released under the same license. You maintain copyright over any contribution you make, and by submitting a pull request, you are agreeing to release that contribution under the GPLv2.0 license.
+Hellō Login is licensed under the GPLv2.0, and all contributions to the project will be released under the same license. You maintain copyright over any contribution you make, and by submitting a pull request, you are agreeing to release that contribution under the GPLv2.0 license.
 
 ## Getting started
 
@@ -34,4 +34,4 @@ OpenID Connect Generic Client is licensed under the GPLv2.0, and all contributio
 
 ## Feature Requests 🚀
 
-Feature requests can be [submitted to our issue tracker](https://github.com/oidc-wp/openid-connect-generic/issues/new?template=5-Feature-request.md). Be sure to include a description of the expected behavior and use case, and before submitting a request, please search for similar ones in the closed issues.
+Feature requests can be [submitted to our issue tracker](https://github.com/hellocoop/wordpress/issues/new?template=5-Feature-request.md). Be sure to include a description of the expected behavior and use case, and before submitting a request, please search for similar ones in the closed issues.

.github/ISSUE_TEMPLATE/2-Support.md

@@ -8,7 +8,7 @@ assignees: ''
 ---
 
 **Review Wiki**
-Please be sure to check the [GitHub Wiki](https://github.com/oidc-wp/openid-connect-generic/wiki) to see if your question has already been answered.
+Please be sure to check the [GitHub Wiki](https://github.com/hellocoop/wordpress/wiki) to see if your question has already been answered.
 
 **General usage questions**
 If your question hasn't been answered in the Wiki please be as descriptive as possible when asking your question.

.github/workflows/release.yml

@@ -12,7 +12,7 @@ jobs:
   release:
     name: New Release
 
-    if: github.repository == 'oidc-wp/openid-connect-generic'
+    if: github.repository == 'hellocoop/wordpress'
 
     runs-on: ubuntu-latest
 
@@ -56,4 +56,4 @@ jobs:
         SVN_PASSWORD: ${{ secrets.SVN_PASSWORD }}
         SVN_USERNAME: ${{ secrets.SVN_USERNAME }}
         SOURCE_DIR: dist/
-        SLUG: daggerhart-openid-connect-generic
+        SLUG: hello-login

.gitignore

@@ -13,6 +13,7 @@
 # Local Development files/folders.
 .env
 .wp-env.override.json
+composer.phar
 phpcs.xml
 phpstan.neon
 phpunit.xml

CHANGELOG.md

@@ -1,192 +1,12 @@
-# OpenId Connect Generic Changelog
+# Hellō Login Changelog
 
-**3.9.1**
+**1.0.0**
 
-- Improvement: @timnolte - Refactors Composer setup and GitHub Actions.
-- Improvement: @timnolte - Bumps WordPress tested version compatibility.
+- Forked https://github.com/oidc-wp/openid-connect-generic
+- Improvement: @mariuss - Merged PR that adds [PKCE support](https://github.com/oidc-wp/openid-connect-generic/pull/421)
+- Feature: @mariuss - Integrated Hellō Quickstart
+- Feature: @mariuss - Removed unnecessary configuration options
 
-**3.9.0**
+--------
 
-- Feature: @matchaxnb - Added support for additional configuration constants.
-- Feature: @schanzen - Added support for agregated claims.
-- Fix: @rkcreation - Fixed access token not updating user metadata after login.
-- Fix: @danc1248 - Fixed user creation issue on Multisite Networks.
-- Feature: @RobjS - Added plugin singleton to support for more developer customization.
-- Feature: @jkouris - Added action hook to allow custom handling of session expiration.
-- Fix: @tommcc - Fixed admin CSS loading only on the plugin settings screen.
-- Feature: @rkcreation - Added method to refresh the user claim.
-- Feature: @Glowsome - Added acr_values support & verification checks that it when defined in options is honored.
-- Fix: @timnolte - Fixed regression which caused improper fallback on missing claims.
-- Fix: @slykar - Fixed missing query string handling in redirect URL.
-- Fix: @timnolte - Fixed issue with some user linking and user creation handling.
-- Improvement: @timnolte - Fixed plugin settings typos and screen formatting.
-- Security: @timnolte - Updated build tooling security vulnerabilities.
-- Improvement: @timnolte - Changed build tooling scripts.
-
-**3.8.5**
-
-- Fix: @timnolte - Fixed missing URL request validation before use & ensure proper current page URL is setup for Redirect Back.
-- Fix: @timnolte - Fixed Redirect URL Logic to Handle Sub-directory Installs.
-- Fix: @timnolte - Fixed issue with redirecting user back when the openid_connect_generic_auth_url shortcode is used.
-
-**3.8.4**
-
-- Fix: @timnolte - Fixed invalid State object access for redirection handling.
-- Improvement: @timnolte - Fixed local wp-env Docker development environment.
-- Improvement: @timnolte - Fixed Composer scripts for linting and static analysis.
-
-**3.8.3**
-
-- Fix: @timnolte - Fixed problems with proper redirect handling.
-- Improvement: @timnolte - Changes redirect handling to use State instead of cookies.
-- Improvement: @timnolte - Refactored additional code to meet coding standards.
-
-**3.8.2**
-
-- Fix: @timnolte - Fixed reported XSS vulnerability on WordPress login screen.
-
-**3.8.1**
-
-- Fix: @timnolte - Prevent SSO redirect on password protected posts.
-- Fix: @timnolte - CI/CD build issues.
-- Fix: @timnolte - Invalid redirect handling on logout for Auto Login setting.
-
-**3.8.0**
-
-- Feature: @timnolte - Ability to use 6 new constants for setting client configuration instead of storing in the DB.
-- Improvement: @timnolte - NPM version requirements for development.
-- Improvement: @timnolte - Travis CI build fixes.
-- Improvement: @timnolte - GrumPHP configuration updates for code contributions.
-- Improvement: @timnolte - Refactored to meet WordPress coding standards.
-- Improvement: @timnolte - Refactored to provide localization.
-- Improvement: @timnolte - Refactored to provide a Docker-based local development environment.
-
-**3.7.1**
-
-- Fix: Release Version Number.
-
-**3.7.0**
-
-- Feature: @timnolte - Ability to enable/disable token refresh. Useful for IDPs that don't support token refresh.
-- Feature: @timnolte - Support custom redirect URL(`redirect_to`) with the authentication URL & login button shortcodes.
-- Supports additional attribute overrides including login `button_text`, `endpoint_login`, `scope`, `redirect_uri`.
-
-**3.6.0**
-
-- Improvement: @RobjS - Improved error messages during login state failure.
-- Improvement: @RobjS - New developer filter for login form button URL.
-- Fix: @cs1m0n - Only increment username during new user creation if the "Link existing user" setting is enabled.
-- Fix: @xRy-42 - Allow periods and spaces in usernames to match what WordPress core allows.
-- Feature: @benochen - New setting named "Create user if does not exist" determines whether new users are created during login attempts.
-- Improvement: @flat235 - Username transliteration and normalization.
-
-**3.5.1**
-
-- Fix: @daggerhart - New approach to state management using transients.
-
-**3.5.0**
-
-- Readme fix: @thijskh - Fix syntax error in example openid-connect-generic-login-button-text
-- Feature: @slavicd - Allow override of the plugin by posting credentials to wp-login.php
-- Feature: @gassan - New action on use login
-- Fix: @daggerhart - Avoid double question marks in auth url query string
-- Fix: @drzraf - wp-cli bootstrap must not inhibit custom rewrite rules
-- Syntax change: @mullikine - Change PHP keywords to comply with PSR2
-
-**3.4.1**
-
-- Minor documentation update and additional error checking.
-
-**3.4.0**
-
-- Feature: @drzraf - New filter hook: ability to filter claim and derived user data before user creation.
-- Feature: @anttileppa - State time limit can now be changed on the settings page.
-- Fix: @drzraf - Fix PHP notice when using traditional login, $token_response may be empty.
-- Fix: @drzraf - Fixed a notice when cookie does not contain expected redirect_url
-
-**3.3.1**
-
-- Prefixing classes for more efficient autoloading.
-- Avoid altering global wp_remote_post() parameters.
-- Minor metadata updates for wp.org
-
-**3.3.0**
-
-- Fix: @pjeby - Handle multiple user sessions better by using the `WP_Session_Tokens` object. Predecessor to fixes for multiple other issues: #49, #50, #51
-
-**3.2.1**
-
-- Bug fix: @svenvanhal - Exit after issuing redirect. Fixes #46
-
-**3.2.0**
-
-- Feature: @robbiepaul - trigger core action `wp_login` when user is logged in through this plugin
-- Feature: @moriyoshi - Determine the WP_User display name with replacement tokens on the settings page. Tokens can be any property of the user_claim.
-- Feature: New setting to set redirect URL when session expires.
-- Feature: @robbiepaul - New filter for modifying authentication URL
-- Fix: @cedrox - Adding id_token_hint to logout URL according to spec
-- Bug fix: Provide port to the request header when requesting the user_claim
-
-**3.1.0**
-
-- Feature: @rwasef1830 - Refresh tokens
-- Feature: @rwasef1830 - Integrated logout support with end_session endpoint
-- Feature: May use an alternate redirect_uri that doesn't rely on admin-ajax
-- Feature: @ahatherly - Support for IDP behind reverse proxy
-- Bug fix: @robertstaddon - case insensitive check for Bearer token
-- Bug fix: @rwasef1830 - "redirect to origin when auto-sso" cookie issue
-- Bug fix: @rwasef1830 - PHP Warnings headers already sent due to attempts to redirect and set cookies during login form message
-- Bug fix: @rwasef1830 - expire session when access_token expires if no refresh token found
-- UX fix: @rwasef1830 - Show login button on error redirect when using auto-sso
-
-**3.0.8**
-
-- Feature: @wgengarelly - Added `openid-connect-generic-update-user-using-current-claim` action hook allowing other plugins/themes
-  to take action using the fresh claims received when an existing user logs in.
-
-**3.0.7**
-
-- Bug fix: @wgengarelly - When requesting userinfo, send the access token using the Authorization header field as recommended in
-  section 5.3.1 of the specs.
-
-**3.0.6**
-
-- Bug fix: @robertstaddon - If "Link Existing Users" is enabled, allow users who login with OpenID Connect to also log in with WordPress credentials
-
-**3.0.5**
-
-- Feature: @robertstaddon - Added `[openid_connect_generic_login_button]` shortcode to allow the login button to be placed anywhere
-- Feature: @robertstaddon - Added setting to "Redirect Back to Origin Page" after a successful login instead of redirecting to the home page.
-
-**3.0.4**
-
-- Feature: @robertstaddon - Added setting to allow linking existing WordPress user accounts with newly-authenticated OpenID Connect login
-
-**3.0.3**
-
-- Using WordPresss's is_ssl() for setcookie()'s "secure" parameter
-- Bug fix: Incrementing username in case of collision.
-- Bug fix: Wrong error sent when missing token body
-
-**3.0.2**
-
-- Added http_request_timeout setting
-
-**3.0.1**
-
-- Finalizing 3.0.x api
-
-**3.0**
-
-- Complete rewrite to separate concerns
-- Changed settings keys for clarity (requires updating settings if upgrading from another version)
-- Error logging
-
-**2.1**
-
-- Working my way closer to spec. Possible breaking change. Now checking for preferred_username as priority.
-- New username determination to avoid collisions
-
-**2.0**
-
-Complete rewrite
+[See pre-fork changelogs here](https://github.com/oidc-wp/openid-connect-generic/blob/main/CHANGELOG.md)

Gruntfile.js

@@ -81,7 +81,7 @@ module.exports = function (grunt) {
 
 		addtextdomain: {
 			options: {
-				textdomain: 'daggerhart-openid-connect-generic',    // Project text domain.
+				textdomain: 'hello-login',    // Project text domain.
 			},
 			update_all_domains: {
 				options: {
@@ -113,11 +113,11 @@ module.exports = function (grunt) {
 						'vendor/.*', 							//composer
 						'wordpress/.*',
 					],                                // List of files or directories to ignore.
-					mainFile: 'openid-connect-generic.php',                     // Main project file.
-					potFilename: 'openid-connect-generic.pot',                  // Name of the POT file.
+					mainFile: 'hello-login.php',                     // Main project file.
+					potFilename: 'hello-login.pot',                  // Name of the POT file.
 					potHeaders: {
 						poedit: true,                   // Includes common Poedit headers.
-						'report-msgid-bugs-to': 'https://github.com/daggerhart/openid-connect-generic/issues',
+						'report-msgid-bugs-to': 'https://github.com/hellocoop/wordpress/issues',
 						'x-poedit-keywordslist': true   // Include a list of all possible gettext functions.
 					},                                // Headers to add to the generated POT file.
 					type: 'wp-plugin',                // Type of project (wp-plugin or wp-theme).
@@ -145,7 +145,7 @@ module.exports = function (grunt) {
 
 		checktextdomain: {
 			options: {
-				text_domain: 'daggerhart-openid-connect-generic',
+				text_domain: 'hello-login',
 				keywords: [
 					'__:1,2d',
 					'_e:1,2d',