The sad SaaS state of software sufferin’ succotash

Recently I was looking to add OAuth2 login to my wordpress system.

Side note: when you see an icon ‘sign-in with Google/Github/…’ on a site, please use that, rather than creating a new account. The protocol is called ‘OAuth2’. Its not (usually) giving that new site permission to read your gmail, rather its allowing you to federate and use less logins.

Back to the story. I was looking to add OAuth2 to my wordpress. I wanted to handle a few different logins (Google, Github, Linkedin being the minimum). This is not overly complex, I was not expecting trouble. A couple of hours later of looking at a bewildering array of plugins, all of which had 2 or more of these properties:

  • Some freemium approach where the part you wanted is not available, the yearly cost is high, and its not obvious they will stay in business
  • There is a SaaS component you are delegating to that now owns your site
  • Has not been updated in 4 years

Sigh. So I picked one (miniOrange). It worked, I was ready to hit the buy now on $400/yr, when suddenly, the removed it from the wordpress marketplace. No reason given. This one used a SaaS component so I was instantly broken.

Enraged, I wrote the attached, on Github. Its certainly not great. Its not even good. But it works, I’ve made it free (as in speech, also as in beer). It uses only your site, no 3rd party site is involved in the OAuth2 dance with your credentials. And, more importantly, I can now improve it. And so can you, pull requests welcome.







Leave a Reply

Your email address will not be published. Required fields are marked *