PHPackages digitoimistodude/avoine-sso-login - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. digitoimistodude/avoine-sso-login ActiveWordpress-plugin[Authentication & Authorization](/categories/authentication) digitoimistodude/avoine-sso-login ================================= Integrate login to Avoine SSO. 22.0k1[1 PRs](https://github.com/digitoimistodude/avoine-sso-login/pulls)PHP Since Sep 1Pushed 3y ago3 watchersCompare [ Source](https://github.com/digitoimistodude/avoine-sso-login)[ Packagist](https://packagist.org/packages/digitoimistodude/avoine-sso-login)[ RSS](/packages/digitoimistodude-avoine-sso-login/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependenciesVersions (1)Used By (0) Avoine SSO Login ================ [](#avoine-sso--login) Plugin integrates Avoine SSO to WordPress and creates an shadow user in WordPress for users that log in via SSO. Using object cache like [Object Cache Pro](https://objectcache.pro), [Redis Object Cache](https://wordpress.org/plugins/redis-cache/), memcahed or something similar as plugin leverages [WP\_Object\_Cache](https://developer.wordpress.org/reference/classes/wp_object_cache/) class for SSO user activity checks is recommended. Setup ----- [](#setup) Plugin uses few environment variables for configuration. - `AVOINE_SSO_SERVICE_ID` is the ID for SSO - `AVOINE_SSO_KEY` is the communications key for SSO Auth flow --------- [](#auth-flow) ### Login [](#login) 1. User is sent to log in url get with `avoine_sso_get_login_url` function 2. From SSO service, user is redirected back to WP 3. Existence for SSO user is checked 4. User activity checks are done if added any via filters 5. If user does not exist, new shadow WP user is created 6. If user exists, shadow WP user details are updated 7. User is redirected to url that was specified when getting login url, defaults to home 8. Every two days, if not altered via hook, user activity is checked ### Logout [](#logout) 1. When logging out, user is sent to logout url by using `avoine_sso_get_logout_url` function 2. SSO service calls domain.fi/sso-logout which still has the WP shadow user logged in 3. WP shadow user is logged out with default WP logout functions and actions Functions --------- [](#functions) - `avoine_sso_get_login_url` returns login url for SSO service. Accepts one parameter for redirect url, to which user will be redirected after succesfull login. - `avoine_sso_get_logout_url` returns logout url for SSO service. - `avoine_is_sso_user` returns boolean based on if user loggedin from SSO. Accepts one parameter for WP user ID, defaults to current user if not given. - `avoine_is_sso_user_active` returns boolean based on if user is still active based on SSO data. Accepts one parameter for WP user ID, defaults to current user if not given. Caches the status in object cache (redis, memcached or similar). Hooks ----- [](#hooks) ### Setup [](#setup-1) - `avoine_sso_login\service\id` defaults to AVOINE\_SSO\_SERVICE\_ID environment variable - `avoine_sso_login\api\key` defaults to AVOINE\_SSO\_KEY environment variable - `avoine_sso_login\service\domain` defaults to tunnistus.avoine.fi - `avoine_sso_login\login\return_url` defaults to home (`home_url`) and overrides the value given for login url function - `avoine_sso_login\logout\url` defaults to https://{$sso\_service\_domain}/sso-logout/ - `avoine_sso_login\failed\redirect_url` defaults to WP login url ### Auth flow [](#auth-flow-1) - `avoine_sso_login\logout\message` message shown in case SSO logout becomes visible for the user. - `avoine_sso_login\login\user_is_active` when SSO user activity is checked during the lofgin, defaults to true. Gives activity status, SSO user and SSO user full data as parameters. ### User creation [](#user-creation) - `avoine_sso_login\user\create\user_login` allows filtering the user login for shadow WP user. Defaults to combination of unixtime and SSO user id. Gives default login, SSO user and SSO user full data as parameters. - `avoine_sso_login\user\create` allows filtering all the data given for wp\_insert\_user function when creating shadow WP user. Gives SSO user and SSO user full data as parameters. ### User data [](#user-data) - `avoine_sso_login\user\create\user_email\use_original` boolean setting if real user email from SSO data should be used also for WP shadow user. Defaults to false. - `avoine_sso_login\user\data` array given to wp\_insert\_user and wp\_update\_user functions. - `avoine_sso_login\user\mapping_id` allows chaning the unique identifier for SSO user againts which WP shadow user will be checked. Defults to $sso\_user->idp. Gives the mapping id, SSO user and SSO user full data as parameters. ### User activity [](#user-activity) - `avoine_sso_login\user\is_active` when avoine\_is\_sso\_user\_active function is called and activity status is not cached. Gives activity status, WP\_User object, SSO user and SSO user full data as parameters. - `avoine_sso_login\user\is_active\expiration` cache lifetime for user activity check. Stored in object cache. Defaults to two days or value of WP native filter auth\_cookie\_expiration. Actions ------- [](#actions) ### Auth flow [](#auth-flow-2) - `avoine_sso_login\succes\auth\before` when SSO user has been rediceted back and their activity validated but WP user is not logged in. Get's WP\_User object and SSO user data given by the redirect. - `avoine_sso_login\succes\auth\after` when SSO user has been rediceted back and their activity validated. Get's WP\_User object and SSO user data given by the redirect. - `avoine_sso_login\logout\after` after SSO service has called logout url and WP user logout has been done. - `avoine_sso_login\failed` when SSO user login fails for some reason after caputing valid redirect from SSO login. - `avoine_sso_login\login\user_is_active\after` after SSO user activity check has been done durign the login. Gives SSO user and SSO user full data as parameters. ### User creation [](#user-creation-1) - `avoine_sso_login\user\create\before` before new WP shadow user is created after succesfull SSO login. Gives SSO user and SSO user full data as parameters. - `avoine_sso_login\user\create\after` after new WP shadow user is created. Gives new WP user ID, SSO user and SSO user full data as parameters. ### User activity [](#user-activity-1) - `avoine_sso_login\user\is_active\after` when avoine\_is\_sso\_user\_active function is called and activity status is not cached. Gives WP\_User object and activity status as parameters. ### User action preventions [](#user-action-preventions) - `avoine_sso_login\user\prevented_wp_login` when SSO user normal WP login is prevented - `avoine_sso_login\user\prevented_password_reset` when SSO user WP password reset is prevented - `avoine_sso_login\user\prevented_password_reset\email` when SSO uset WP password reset email is prevented ### Health Score 20 — LowBetter than 14% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity21 Limited adoption so far Community11 Small or concentrated contributor base Maturity25 Early-stage or recently created project Bus Factor1 Top contributor holds 93.8% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/ac8f1091787825c059e30ad39ca1f58453f45c5ae0c585ba3be00904d045b8b2?d=identicon)[ronilaukkarinen](/maintainers/ronilaukkarinen) --- Top Contributors [![timiwahalahti](https://avatars.githubusercontent.com/u/415544?v=4)](https://github.com/timiwahalahti "timiwahalahti (15 commits)")[![teppokoivula](https://avatars.githubusercontent.com/u/1252021?v=4)](https://github.com/teppokoivula "teppokoivula (1 commits)") ### Embed Badge ![Health badge](/badges/digitoimistodude-avoine-sso-login/health.svg) ``` [![Health](https://phpackages.com/badges/digitoimistodude-avoine-sso-login/health.svg)](https://phpackages.com/packages/digitoimistodude-avoine-sso-login) ``` ### Alternatives [namshi/jose JSON Object Signing and Encryption library for PHP. 1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client OAuth 1.0 Client Library 99698.8M106](/packages/league-oauth1-client)[bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle Implements a refresh token system over Json Web Tokens in Symfony 70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client 41721.2M118](/packages/league-oauth2-google)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)