M_Viper/Authentik-Login
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Upload folder via GUI - includes

Browse Source
This commit is contained in:
Git Manager GUI
2026-06-05 22:23:21 +02:00
parent 54170fa514
commit 5d6c2d73be
4 changed files with 534 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

204
includes/settings.php Normal file
View File

@@ -0,0 +1,204 @@
<?php
if ( ! defined( 'ABSPATH' ) ) exit;
add_action( 'admin_menu', 'authentik_admin_menu' );
function authentik_admin_menu() {
add_options_page(
'Authentik Login',
'Authentik Login',
'manage_options',
'authentik-login',
'authentik_settings_page'
);
}
add_action( 'admin_init', 'authentik_register_settings' );
function authentik_register_settings() {
register_setting( 'authentik_settings_group', 'authentik_settings', 'authentik_sanitize_settings' );
}
function authentik_sanitize_settings( $input ) {
$clean = [];
$fields = [
'client_id', 'client_secret', 'discovery_url',
'redirect_uri', 'default_role', 'admin_group',
'timeout'
];
foreach ( $fields as $f ) {
$clean[ $f ] = isset( $input[ $f ] ) ? sanitize_text_field( $input[ $f ] ) : '';
}
$clean['create_users'] = ! empty( $input['create_users'] ) ? 1 : 0;
$clean['link_existing'] = ! empty( $input['link_existing'] ) ? 1 : 0;
$clean['sync_roles'] = ! empty( $input['sync_roles'] ) ? 1 : 0;
return $clean;
}
function authentik_get_settings() {
$defaults = [
'client_id' => '',
'client_secret' => '',
'discovery_url' => '',
'redirect_uri' => admin_url( 'admin-ajax.php?action=authentik_callback' ),
'default_role' => 'subscriber',
'admin_group' => 'wordpress_admin',
'timeout' => 30,
'create_users' => 1,
'link_existing' => 1,
'sync_roles' => 1,
];
$saved = get_option( 'authentik_settings', [] );
return wp_parse_args( $saved, $defaults );
}
function authentik_settings_page() {
$s = authentik_get_settings();
?>
<div class="wrap">
<h1>Authentik Login Einstellungen</h1>
<?php
// Discovery import
if ( isset( $_POST['authentik_import_discovery'] ) && check_admin_referer( 'authentik_import' ) ) {
$url = esc_url_raw( $_POST['discovery_url_import'] ?? '' );
$res = wp_remote_get( $url, [ 'timeout' => 15 ] );
if ( ! is_wp_error( $res ) ) {
$data = json_decode( wp_remote_retrieve_body( $res ), true );
if ( $data ) {
$map = [
'authorization_endpoint' => 'authorize_url',
'token_endpoint' => 'token_url',
'userinfo_endpoint' => 'userinfo_url',
'jwks_uri' => 'jwks_url',
'issuer' => 'issuer',
'end_session_endpoint' => 'logout_url',
];
foreach ( $map as $key => $opt ) {
if ( isset( $data[ $key ] ) ) {
update_option( 'authentik_oidc_' . $opt, $data[ $key ] );
}
}
echo '<div class="notice notice-success"><p>Discovery-Dokument erfolgreich importiert!</p></div>';
}
} else {
echo '<div class="notice notice-error"><p>Fehler: ' . esc_html( $res->get_error_message() ) . '</p></div>';
}
}
?>
<form method="post" action="">
<?php wp_nonce_field( 'authentik_import' ); ?>
<h2>Discovery-Dokument importieren</h2>
<table class="form-table">
<tr>
<th>Discovery URL</th>
<td>
<input type="url" name="discovery_url_import" class="regular-text"
placeholder="https://auth.example.com/application/o/app/.well-known/openid-configuration"
value="<?php echo esc_attr( $s['discovery_url'] ); ?>">
<input type="submit" name="authentik_import_discovery" class="button button-secondary" value="Importieren">
<p class="description">Trägt alle Endpunkt-URLs automatisch ein.</p>
</td>
</tr>
</table>
</form>
<form method="post" action="options.php">
<?php settings_fields( 'authentik_settings_group' ); ?>
<h2>Client-Einstellungen</h2>
<table class="form-table">
<tr>
<th>Client ID</th>
<td><input type="text" name="authentik_settings[client_id]" class="regular-text" value="<?php echo esc_attr( $s['client_id'] ); ?>"></td>
</tr>
<tr>
<th>Client Secret</th>
<td><input type="password" name="authentik_settings[client_secret]" class="regular-text" value="<?php echo esc_attr( $s['client_secret'] ); ?>"></td>
</tr>
<tr>
<th>Discovery URL</th>
<td>
<input type="url" name="authentik_settings[discovery_url]" class="regular-text" value="<?php echo esc_attr( $s['discovery_url'] ); ?>">
<p class="description">Wird gespeichert aber nicht direkt verwendet nutze den Import-Button oben.</p>
</td>
</tr>
<tr>
<th>Redirect URI</th>
<td>
<input type="url" name="authentik_settings[redirect_uri]" class="regular-text" value="<?php echo esc_attr( $s['redirect_uri'] ); ?>">
<p class="description">Diese URI muss exakt in Authentik eingetragen sein.</p>
</td>
</tr>
<tr>
<th>HTTP-Timeout (Sekunden)</th>
<td><input type="number" name="authentik_settings[timeout]" value="<?php echo esc_attr( $s['timeout'] ); ?>" min="5" max="60"></td>
</tr>
</table>
<h2>Benutzer-Einstellungen</h2>
<table class="form-table">
<tr>
<th>Neue Benutzer erstellen</th>
<td><input type="checkbox" name="authentik_settings[create_users]" value="1" <?php checked( $s['create_users'], 1 ); ?>>
<p class="description">Erstellt automatisch einen WordPress-Account wenn kein passender User gefunden wird.</p>
</td>
</tr>
<tr>
<th>Bestehende User verknüpfen</th>
<td><input type="checkbox" name="authentik_settings[link_existing]" value="1" <?php checked( $s['link_existing'], 1 ); ?>>
<p class="description">Verknüpft Authentik-Login mit bestehendem WordPress-Account (per E-Mail oder Benutzername).</p>
</td>
</tr>
<tr>
<th>Rollen synchronisieren</th>
<td><input type="checkbox" name="authentik_settings[sync_roles]" value="1" <?php checked( $s['sync_roles'], 1 ); ?>>
<p class="description">Überträgt Authentik-Gruppen als WordPress-Rollen.</p>
</td>
</tr>
<tr>
<th>Standard-Rolle</th>
<td>
<?php wp_dropdown_roles( $s['default_role'] ); ?>
<input type="hidden" name="authentik_settings[default_role]" value="">
<select name="authentik_settings[default_role]">
<?php
foreach ( wp_roles()->roles as $role => $data ) {
echo '<option value="' . esc_attr( $role ) . '" ' . selected( $s['default_role'], $role, false ) . '>' . esc_html( $data['name'] ) . '</option>';
}
?>
</select>
<p class="description">Rolle für neue Benutzer ohne passende Authentik-Gruppe.</p>
</td>
</tr>
<tr>
<th>Admin-Gruppe in Authentik</th>
<td>
<input type="text" name="authentik_settings[admin_group]" class="regular-text" value="<?php echo esc_attr( $s['admin_group'] ); ?>">
<p class="description">Authentik-Gruppenname der WordPress-Administratoren werden soll (z.B. <code>wordpress_admin</code>).</p>
</td>
</tr>
</table>
<h2>Erkannte Endpunkte</h2>
<table class="form-table">
<?php
$endpoints = [
'authentik_oidc_authorize_url' => 'Authorize URL',
'authentik_oidc_token_url' => 'Token URL',
'authentik_oidc_userinfo_url' => 'Userinfo URL',
'authentik_oidc_jwks_url' => 'JWKS URL',
'authentik_oidc_issuer' => 'Issuer',
'authentik_oidc_logout_url' => 'Logout URL',
];
foreach ( $endpoints as $opt => $label ) {
$val = get_option( $opt, '' );
echo '<tr><th>' . esc_html( $label ) . '</th><td><code>' . esc_html( $val ) . '</code></td></tr>';
}
?>
</table>
<?php submit_button( 'Einstellungen speichern' ); ?>
</form>
</div>
<?php
}