I am reposting and rewording this here, as I understand this is where you want such posts to go.
I wrote an authentication plugin for Joomla following, I believe, the instructions for such plugins in the Joomla documentation, to allow someone to use their Microsoft Office 365 credentials single sign on to Joomla. It worked for several months, but since recent updates to Joomla it has stopped working and instead returns the user to the Joomla login screen. It is effectively authenticating against Azure Active Directory.
The logic is as follows:
- Attempt to log in to Joomla with a guest login and random password.
- Joomla authentication fails, so the authentication is passed on to the custom authentication routine.
- The authentication routine calls another PHP script that validates against the Azure Active Directory.
- This PHP script calls the Joomla index.php again.
- Joomla authentication fails, but the custom script now picks up the MS credentials, maps to the Joomla user name and returns success.
Despite return success, Joomla fails to acknowledge that the user is logged in, and returns to the login screen. If you log in as an administrator, you can see the user appears to be logged in to Joomla.
I have spent a few days attempting to debug this, but without success and am at a loss to know where to go from here. Of course, if someone can suggest an alternative authentication plugin, that would be great.
Per Yngve Berg requested I upload the files, so I have uploaded the key ones, namely the authentication script and the one called to authenticate against Office 365.
Can anyone suggest a way forward?