diff --git a/shibboleth.php b/shibboleth.php index 3c4b522..f1942fd 100644 --- a/shibboleth.php +++ b/shibboleth.php @@ -290,6 +290,22 @@ function shibboleth_authenticate_user() { } $username = $_SERVER[$shib_headers['username']['name']]; + + /** + * Allows a bypass mechanism for native Shibboleth authentication. + * + * Returning a non-null value from this filter will result in your value being + * returned to WordPress. You can prevent a user from being authenticated + * by returning a WP_Error object. + * + * @param null $auth + * @param string $username + */ + $authenticate = apply_filters( 'shibboleth_authenticate_user', null, $username ); + if ( null !== $authenticate ) { + return $authenticate; + } + $user = new WP_User($username); if ( $user->ID ) {