WordPress Multisite with Azure B2C redirect_urls after Login

by

My WP multisite has more than 300 sites which means I need to store all 300 redirect_urls in Azure AD B2C, but this number of redirect_urls cannot be stored in AD B2C as the maximum number of redirect URIs is 256.

What I do is that when the user logs in through www.abc1.com/wp-admin, it first redirects to B2C login page with the default redirect URL (www.abc.com) that I set. Once the token is verified, the user is redirected to their site (www.abc1.com).

But it doesn’t seem to work. I am even not sure if it is the best approach to redirect the user to site they want to access by this way.

//fetch the user' site id and redirect to the site.
$user_blogs = get_blogs_of_user($userID);
if (!empty($user_blogs)) {
$siteInfo = array();
foreach ($user_blogs as $site_id => $site_values) {
$siteInfo[] = $site_values->siteurl;
}
$redirect_url = $siteInfo[0] ; // to the primary site..
}

// Set cookies to authenticate on WP side
wp_set_auth_cookie($userID);

//Redirect to primary site that assigned to the user
wp_safe_redirect($redirect_url);
Contents hide
Answers:
Method 1

Answers:

Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

I can see a few issues with this approach:

  1. If the user doesn’t belong to a site yet, they won’t get redirected correctly because $redirect_url won’t be defined.
  2. If the user belongs to more than 1 site, they will always be redirected to the site with the lowest ID, not necessarily the one they’re trying to log into.

Have you tried any Azure SSO plugins? I built an intranet for a client that uses Azure for employees to log into the site, and we had great results using Single Sign-on with Azure Active Directory (for WordPress). It’s supposed to work with multisite; you’ll just need to make sure it’s configured correctly on each site.


All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x