Skip to content

Releases: disisto/simplesamlphp-wordpressauth

0.2.0

22 Nov 00:34
@disisto disisto
0.2.0
daa56b9
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
0.2.0 Latest
Latest

[0.2.0] - 2025-11-22

Added

  • Support for WordPress 6.8+ password hashes with $wp$ prefix
  • Implements WordPress 6.8 HMAC-SHA384 + Base64 password verification method
  • Support for standard BCrypt hashes ($2y$, $2a$, $2b$) without prefix
  • Debug logging for password hash detection and verification process

Changed

  • Completely rewritten verifyPassword() method to match WordPress 6.8 behavior
  • WordPress 6.8+ now uses hash_hmac('sha384', password, 'wp-sha384') before BCrypt

Maintained

  • Full backward compatibility with legacy phpass hashes ($P$, $H$)
  • Existing configuration and database structure remain unchanged

⚠️ This is expected to be the final update. Development of this tool will be discontinued as both development and production environments have been fully migrated to Keycloak.

Assets 2
Loading

0.1.0

15 Aug 20:31
@disisto disisto
0.1.0
530ce95
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
0.1.0

Initial release

Loading