58°F

Aaron Parecki

  • Articles
  • Notes
  • Photos
  • IMAP Authentication for Wordpress 2.7.1

    February 13, 2009

    Due to some significant changes to the Wordpress authentication mechanism, my original IMAP Authentication plugin stopped working in version 2.7.1. I have updated the plugin to work in 2.7.1. The only difference is that users are no longer automatically created in Wordpress if they have a valid IMAP account. I will try to add that back in soon, but for now this will do.

    <?php
    /*
    Plugin Name: IMAP Authentication 2
    Version: 1.2
    Plugin URI: https://aaronparecki.com/2009/02/13/1/imap-authentication-for-wordpress-2-7-1
    Description: Authenticate users using IMAP authentication. For Wordpress 2.7.1
    Author: Aaron Parecki
    Author URI: http://www.aaronparecki.com
    
    
    Copyright 2009 by Aaron Parecki  (email : aaron@parecki.com)
    
        This program is free software; you can redistribute it and/or modify
        it under the terms of the GNU General Public License as published by
        the Free Software Foundation; either version 2 of the License, or
        (at your option) any later version.
    
        This program is distributed in the hope that it will be useful,
        but WITHOUT ANY WARRANTY; without even the implied warranty of
        MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
        GNU General Public License for more details.
    
        You should have received a copy of the GNU General Public License
        along with this program; if not, write to the Free Software
        Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
    */
    
    add_action('admin_menu', array('IMAPAuthentication', 'admin_menu'));
    add_action('lost_password', array('IMAPAuthentication', 'disable_password'));
    add_action('retrieve_password', array('IMAPAuthentication', 'disable_password'));
    add_action('password_reset', array('IMAPAuthentication', 'disable_password'));
    add_filter('show_password_fields', array('IMAPAuthentication', 'show_password_fields'));
    
    add_action('wp_authenticate_user', array('IMAPAuthentication', 'authenticate_user'), 1, 2);
    add_filter('check_password', array('IMAPAuthentication', 'check_password'), 1, 4);
    
    
    if( is_plugin_page() ) {
        $mailbox = IMAPAuthentication::get_mailbox();
        $user_suffix = IMAPAuthentication::get_user_suffix();
    ?>
    <div class="wrap">
      <h2>IMAP Authentication Options</h2>
      <form name="imapauthenticationoptions" method="post" action="options.php">
        <?php wp_nonce_field('update-options'); ?>
        <input type="hidden" name="action" value="update" />
        <input type="hidden" name="page_options" value="imap_authentication_mailbox,imap_authentication_user_suffix" />
        <fieldset class="options">
          <table width="100%" cellspacing="2" cellpadding="5" class="form-table">
            <tr valign="top">
            <th width="33%" scope="row"><label for="imap_authentication_mailbox">Mailbox</label></th>
            <td><input name="imap_authentication_mailbox" type="text" id="imap_authentication_mailbox" value="<?php echo htmlspecialchars($mailbox) ?>" size="80" /><br />eg: {mail.example.com/readonly}INBOX or {mail.example.com:993/ssl/novalidate-cert/readonly}INBOX</td>
            </tr>
            <tr valign="top">
            <th scope="row"><label for="imap_authentication_user_suffix">User Suffix</label></th>
            <td><input name="imap_authentication_user_suffix" type="text" id="imap_authentication_user_suffix" value="<?php echo htmlspecialchars($user_suffix) ?>" size="50" /><br />A suffix to add to usernames (typically used to automatically add the domain part of the login).<br />eg: @example.com</td>
            </tr>
          </table>
        </fieldset>
        <p class="submit">
          <input type="submit" name="Submit" value="<?php _e('Save Changes') ?>" />
        </p>
      </form>
    </div>
    <?php
    }
    
    if( !class_exists('IMAPAuthentication') ) {
        class IMAPAuthentication {
            /*
             * Add an options pane for this plugin.
             */
            function admin_menu() {
                add_options_page('IMAP Authentication', 'IMAP Authentication', 10, __FILE__);
            }
    
            /*
             * Return the mailbox option from the database, creating the option if it doesn't exist.
             */
            function get_mailbox() {
                global $cache_nonexistantoptions;
    
                $mailbox = get_settings('imap_authentication_mailbox');
                if (! $mailbox or $cache_nonexistantoptions['imap_authentication_mailbox']) {
                    $mailbox = '{localhost:143}INBOX';
                    IMAPAuthentication::add_mailbox_option($mailbox);
                }
    
                return $mailbox;
            }
    
            /*
             * Add the mailbox option to the database.
             */
            function add_mailbox_option($mailbox) {
                add_option('imap_authentication_mailbox', $mailbox, 'The mailbox to try and log into.');
            }
    
            /*
             * Return the user_suffix option from the database, creating the option if it doesn't exist.
             */
            function get_user_suffix() {
                global $cache_nonexistantoptions;
    
                $user_suffix = get_settings('imap_authentication_user_suffix');
                if (! $user_suffix or $cache_nonexistantoptions['imap_authentication_user_suffix']) {
                    $user_suffix = '';
                    IMAPAuthentication::add_user_suffix_option($user_suffix);
                }
    
                return $user_suffix;
            }
    
            /*
             * Add the user_suffix option to the database.
             */
            function add_user_suffix_option($user_suffix) {
                add_option('imap_authentication_user_suffix', $user_suffix, 'A suffix to add to usernames (typically used to automatically add the domain part of the login).');
            }
    
            // custom error handler
            function eh($type, $msg, $file, $line, $context)
            {
                $error = $error.$msg;
            }
    
            function authenticate_user(&$user, $password) {
                global $wpdb;
    
                // Apparently this method is no longer called for users who are not in the WP database
    
                $mbox = imap_open(IMAPAuthentication::get_mailbox(), $user->user_login.IMAPAuthentication::get_user_suffix(), $password, OP_HALFOPEN|OP_READONLY) or $error = imap_last_error();
    
                if ($mbox) {
                    $userInfo = get_userdatabylogin($user->user_login);
                    imap_close($mbox);
                    return new WP_User($userInfo->ID);
                } else {
                    do_action( 'wp_login_failed', $user->user_login );
                    return new WP_Error('incorrect_password', __('<strong>ERROR</strong>: Incorrect password. '.$error));
                }
            }
    
            function check_password($unknown, $enteredPassword, $storedPassword, $userID) {
                $user = new WP_User($userID);
                return IMAPAuthentication::authenticate_user($user, $enteredPassword);
            }
    
            /*
             * Used to disable certain login functions, e.g. retrieving a
             * user's password.
             */
            function disable_password() {
                login_header('Login', '<p class="message"><strong>ERROR</strong>: You can\'t do that here. This blog uses the IMAP login mechanism. Your password is set with your email account.</p>', 'error');
                die();
            }
    
            /*
             * Used to disable certain display elements, e.g. password
             * fields on profile screen.
             */
            function show_password_fields($username) {
                return false;
            }
        }
    }
    ?>
    
    Fri, Feb 13, 2009 10:36am -08:00 #imap #wordpress
    1 mention

    Other Mentions

    • Aaron Parecki aaronparecki.com
      Wordpress
      Fri, Jun 26, 2009 11:22am -07:00
Posted in /articles

Hi, I'm Aaron Parecki, Director of Identity Standards at Okta, and co-founder of IndieWebCamp. I maintain oauth.net, write and consult about OAuth, and participate in the OAuth Working Group at the IETF. I also help people learn about video production and livestreaming. (detailed bio)

I've been tracking my location since 2008 and I wrote 100 songs in 100 days. I've spoken at conferences around the world about owning your data, OAuth, quantified self, and explained why R is a vowel. Read more.

  • Director of Identity Standards at Okta
  • IndieWebCamp Founder
  • OAuth WG Editor
  • OpenID Board Member

  • 🎥 YouTube Tutorials and Reviews
  • 🏠 We're building a triplex!
  • ⭐️ Life Stack
  • ⚙️ Home Automation
  • All
  • Articles
  • Bookmarks
  • Notes
  • Photos
  • Replies
  • Reviews
  • Trips
  • Videos
  • Contact
© 1999-2025 by Aaron Parecki. Powered by p3k. This site supports Webmention.
Except where otherwise noted, text content on this site is licensed under a Creative Commons Attribution 3.0 License.
IndieWebCamp Microformats Webmention W3C HTML5 Creative Commons
WeChat ID
aaronpk_tv