# WP One Tap Google Sign In

WP One Tap Google Sign In adds secure Google One Tap authentication to WordPress while keeping sign-in tied to existing site users. It verifies Google ID tokens server-side, supports explicit account linking from user profiles, and records authentication activity for administrator review.

## Plugin Summary

- Plugin name: WP One Tap Google Sign In
- Text domain: `wp-onetapgsi`
- Current version: `1.2.1`
- Author: Sunil Kumar Sharma
- WordPress.org username: `sunilkumarthz`
- Website: https://wpsimplified.in/

## Requirements

- WordPress 7.0 or later
- PHP 8.1 or later
- A Google OAuth 2.0 Web application client ID
- HTTPS on production sites, as recommended for authentication flows

## Key Features

- Google One Tap prompt on the WordPress login screen.
- Optional site-wide One Tap prompt for logged-out visitors.
- Server-side Google ID token verification through WordPress HTTP APIs.
- Existing-user login only; the plugin does not create new WordPress users automatically.
- Google account linking from WordPress user profiles.
- Google account disconnect controls for users and administrators with edit permission.
- Automatic migration to linked Google account IDs after a successful verified email login.
- Admin activity screen for successful logins, failed attempts, account linking, and unlinking events.
- Privacy-conscious activity records with salted hashes for IP addresses and Google account identifiers.
- Optional custom message block with image, heading, and formatted content beside the One Tap prompt.

## Security Model

The plugin follows a conservative authentication model:

- Google credentials are verified server-side before any WordPress auth cookie is set.
- The Google token audience must match the saved OAuth client ID.
- Google email addresses must be verified by Google.
- Login succeeds only when the Google account maps to an existing WordPress user.
- AJAX actions use WordPress nonces.
- Profile linking and unlinking require `edit_user` capability checks.
- Admin activity screens require `manage_options`.
- Saved settings are sanitized on input and escaped on output.

## Privacy Notes

The activity log stores event status, reason, event time, Google email address, WordPress user ID when available, user agent, and salted hashes of the request IP address and Google subject identifier. Activity records older than 90 days are pruned automatically when new events are logged.

## Installation

1. Upload the `wp-one-tap-google-sign-in` folder to `/wp-content/plugins/`.
2. Activate WP One Tap Google Sign In from the WordPress Plugins screen.
3. Go to Settings > One Tap GSI.
4. Paste your Google OAuth 2.0 Web application client ID.
5. Save the settings.

## Google OAuth Setup

1. Open Google Cloud Console credentials: https://console.developers.google.com/apis/credentials
2. Create an OAuth 2.0 Client ID.
3. Select Web application as the application type.
4. Add your WordPress site's authorized JavaScript origin, for example `https://example.com`.
5. Copy the generated client ID into Settings > One Tap GSI.

## Plugin Configuration

### Display Scope

Choose where the Google One Tap prompt should appear:

- WordPress login page only.
- Site-wide for logged-out visitors, while still keeping the prompt available on the login page.

### Custom Message Block

The custom message block lets administrators display supporting copy next to the One Tap prompt. It supports:

- An image selected from the Media Library or entered as a URL.
- A short title.
- Basic formatted content such as paragraphs, lists, links, and emphasis.
- A visibility toggle so saved content can be temporarily hidden.

### Account Linking

Users can link a verified Google account from Users > Profile. Administrators with permission to edit users can also manage account linking for other users. Once linked, future logins use Google's stable account identifier instead of relying only on email matching.

## Activity Log

Administrators can review events from Settings > One Tap GSI Activity. The log includes:

- Successful Google sign-ins.
- Failed sign-in attempts.
- Account linking events.
- Account unlinking events.
- Event reason and timestamp.
- Shortened salted IP hash for correlation.

## Development Notes

- Composer requires `google/apiclient` for Google API compatibility.
- Runtime token verification currently uses WordPress HTTP APIs while keeping the Google API client available as a project dependency.
- PHP files are structured around WordPress hooks, Settings API callbacks, AJAX handlers, and small helper functions.
- Public assets are enqueued with plugin file modification versions for cache busting.

## Changelog

### 1.2.1

- Changed: Raised the minimum PHP requirement to 8.1 for production readiness on PHP 8.1, 8.2, and 8.3.
- Changed: Updated Composer and WordPress.org metadata to match the PHP 8.1+ support policy.
- Fixed: Updated package metadata for PHP 8.1+ and Google API client compatibility.

### 1.2.0

- Added: Google account linking and disconnect controls on WordPress user profiles.
- Added: Admin activity log for login, failed login, link, and unlink events.
- Added: Automatic account-link migration after successful verified email login.
- Added: Optional site-wide One Tap display and custom message block.
- Changed: Reworked runtime token verification to use WordPress HTTP APIs.
- Changed: Expanded WordPress.org-ready documentation.
- Security: Uses Google's stable account identifier after linking and stores IP/Google identifiers as salted hashes.

### 1.1.0

- Added: Declared WordPress 7.0, PHP 7.4, and modern Composer package requirements.
- Changed: Reworked script loading to use WordPress script APIs.
- Fixed: Updated AJAX responses to use structured JSON.
- Security: Added nonce verification and stricter Google ID token validation.
