Make STARTTLS LDAP option more precise on UI

languages/authorizer-fr_FR.po

@@ -4,7 +4,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: Authorizer en français\n"
 "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/authorizer\n"
-"POT-Creation-Date: 2023-02-14 15:44+0100\n"
+"POT-Creation-Date: 2023-04-22 19:42+0200\n"
 "PO-Revision-Date: \n"
 "Last-Translator: University of Hawaii <[email protected]>\n"
 "Language-Team: Paul Ryan <[email protected]>\n"
@@ -13,7 +13,7 @@ msgstr ""
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 "Plural-Forms: nplurals=2; plural=(n > 1);\n"
-"X-Generator: Poedit 3.0.1\n"
+"X-Generator: Poedit 3.2.2\n"
 "X-Poedit-Basepath: ..\n"
 "X-Poedit-KeywordsList: __;_e;__ngettext:1,2;_n:1,2;__ngettext_noop:1,2;"
 "_n_noop:1,2;_c,_nc:4c,1,2;_x:1,2c;_nx:4c,1,2;_nx_noop:4c,1,2;_ex:1,2c;"
@@ -236,13 +236,14 @@ msgid ""
 "log in with their LDAP (Lightweight Directory Access Protocol) credentials. "
 "You will need to enter details about your LDAP server (host, port, search "
 "base, uid attribute, directory user, directory user password, and whether to "
-"use TLS) to enable Google Logins."
+"use STARTTLS) to enable Google Logins."
 msgstr ""
 "<strong>Activer la connexion LDAP</strong> : indiquez si vous souhaitez "
 "autoriser les utilisateurs à se connecter avec leurs identifiants LDAP "
 "(Lightweight Directory Access Protocol). Vous devrez saisir des détails à "
 "propos de votre serveur LDAP (hôte, port, base de recherche, attribut uid, "
-"utilisateur d’annuaire, mot de passe utilisateur et s’il faut utiliser TLS)."
+"utilisateur d’annuaire, mot de passe utilisateur et s’il faut utiliser "
+"STARTTLS)."
 
 #: src/authorizer/class-admin-page.php:95
 msgid ""
@@ -516,11 +517,12 @@ msgstr ""
 
 #: src/authorizer/class-admin-page.php:128
 msgid ""
-"<strong>Use TLS</strong>: Select whether all communication with the LDAP "
-"server should be performed over a TLS-secured connection."
+"<strong>Use STARTTLS</strong>: Select whether unencrypted communication with "
+"the LDAP server should be upgraded to a TLS-secured connection using "
+"STARTTLS."
 msgstr ""
-"<strong>Utiliser TLS</strong> : Indiquez si toute communication avec le "
-"serveur LDAP devra passer par une connexion TLS sécurisée."
+"<strong>Utiliser STARTTLS</strong> : Indiquez si communication en clair avec "
+"le serveur LDAP devrait être sécurisée par TLS en utilisant STARTTLS."
 
 #: src/authorizer/class-admin-page.php:129
 msgid ""
@@ -873,8 +875,8 @@ msgstr "Port LDAP"
 #: src/authorizer/class-admin-page.php:611
 #: src/authorizer/class-admin-page.php:985
 #: src/authorizer/options/external/class-ldap.php:104
-msgid "Use TLS"
-msgstr "Utiliser TLS"
+msgid "Use STARTTLS"
+msgstr "Utiliser STARTTLS"
 
 #: src/authorizer/class-admin-page.php:618
 #: src/authorizer/class-admin-page.php:989
@@ -2112,8 +2114,12 @@ msgstr ""
 "champ est ignoré."
 
 #: src/authorizer/options/external/class-ldap.php:105
-msgid "If ldaps is used, this should be unchecked"
-msgstr "Si ldaps est utilisé, cela devrait être décoché"
+msgid ""
+"If an ldaps:// URL (and therefore Implicit TLS) is used, this checkbox is "
+"ignored."
+msgstr ""
+"Si vous utilisez une URL ldaps:// (et donc Implicit TLS), cette case à "
+"cocher est ignorée."
 
 #: src/authorizer/options/external/class-ldap.php:125
 msgid "Example:  ou=people,dc=example,dc=edu"
@@ -2268,22 +2274,33 @@ msgstr "Exemple : https://espace.site.test/login/oauth/access_token"
 msgid "Example:  https://api.example.edu/user"
 msgstr "Exemple : https://api.site.test/user"
 
-#~ msgid "Sign in with Google"
-#~ msgstr "S’authentifier avec Google"
+#. Plugin Name of the plugin/theme
+msgid "Authorizer"
+msgstr "Authorizer"
 
-#~ msgid "Authorizer"
-#~ msgstr "Authorizer"
+#. Plugin URI of the plugin/theme
+msgid "https://github.com/uhm-coe/authorizer"
+msgstr "https://github.com/uhm-coe/authorizer"
 
-#~ msgid "https://github.com/uhm-coe/authorizer"
-#~ msgstr "https://github.com/uhm-coe/authorizer"
+#. Description of the plugin/theme
+#, fuzzy
+#| msgid ""
+#| "Authorizer limits login attempts, restricts access to specified users, "
+#| "and authenticates against external sources (e.g., Google, LDAP, or CAS)."
+msgid ""
+"Authorizer limits login attempts, restricts access to specified users, and "
+"authenticates against external sources (e.g., OAuth2, Google, LDAP, or CAS)."
+msgstr ""
+"Authorizer limite les tentatives d’authentification, restreint les accès à "
+"des utilisateurs spécifiques, et permet l’authentification via des sources "
+"externes (ex : OAuth2, Google, LDAP, ou CAS)."
+
+#. Author of the plugin/theme
+msgid "Paul Ryan <[email protected]>"
+msgstr "Paul Ryan <[email protected]>"
 
-#~ msgid ""
-#~ "Authorizer limits login attempts, restricts access to specified users, "
-#~ "and authenticates against external sources (e.g., Google, LDAP, or CAS)."
-#~ msgstr ""
-#~ "Authorizer limite les tentatives d’authentification, restreint les accès "
-#~ "à des utilisateurs spécifiques, et permet l’authentification via des "
-#~ "sources externes (ex : OAuth2, Google, LDAP, ou CAS)."
+#~ msgid "If ldaps is used, this should be unchecked"
+#~ msgstr "Si ldaps est utilisé, cela devrait être décoché"
 
-#~ msgid "Paul Ryan <[email protected]>"
-#~ msgstr "Paul Ryan <[email protected]>"
+#~ msgid "Sign in with Google"
+#~ msgstr "S’authentifier avec Google"

languages/authorizer.pot

@@ -3,14 +3,14 @@ msgid ""
 msgstr ""
 "Plural-Forms: nplurals=INTEGER; plural=EXPRESSION;\n"
 "Project-Id-Version: Authorizer\n"
-"POT-Creation-Date: 2023-01-30 14:47-1000\n"
+"POT-Creation-Date: 2023-04-22 19:42+0200\n"
 "PO-Revision-Date: 2023-01-30 14:42-1000\n"
 "Last-Translator: University of Hawaii <[email protected]>\n"
 "Language-Team: University of Hawaii <[email protected]>\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"X-Generator: Poedit 1.8.12\n"
+"X-Generator: Poedit 3.2.2\n"
 "X-Poedit-Basepath: ..\n"
 "X-Poedit-WPHeader: authorizer.php\n"
 "X-Poedit-SourceCharset: UTF-8\n"
@@ -161,11 +161,11 @@ msgstr ""
 
 #: src/authorizer/class-admin-page.php:94
 msgid ""
-"<strong>Enable LDAP Logins</strong>: Choose if you want to allow users to "
-"log in with their LDAP (Lightweight Directory Access Protocol) credentials. "
-"You will need to enter details about your LDAP server (host, port, search "
-"base, uid attribute, directory user, directory user password, and whether to "
-"use TLS) to enable Google Logins."
+"<strong>Enable LDAP Logins</strong>: Choose if you want to allow users to log "
+"in with their LDAP (Lightweight Directory Access Protocol) credentials. You "
+"will need to enter details about your LDAP server (host, port, search base, "
+"uid attribute, directory user, directory user password, and whether to use "
+"STARTTLS) to enable Google Logins."
 msgstr ""
 
 #: src/authorizer/class-admin-page.php:95
@@ -359,8 +359,8 @@ msgstr ""
 
 #: src/authorizer/class-admin-page.php:128
 msgid ""
-"<strong>Use TLS</strong>: Select whether all communication with the LDAP "
-"server should be performed over a TLS-secured connection."
+"<strong>Use STARTTLS</strong>: Select whether unencrypted communication with "
+"the LDAP server should be upgraded to a TLS-secured connection using STARTTLS."
 msgstr ""
 
 #: src/authorizer/class-admin-page.php:129
@@ -663,7 +663,7 @@ msgstr ""
 #: src/authorizer/class-admin-page.php:611
 #: src/authorizer/class-admin-page.php:985
 #: src/authorizer/options/external/class-ldap.php:104
-msgid "Use TLS"
+msgid "Use STARTTLS"
 msgstr ""
 
 #: src/authorizer/class-admin-page.php:618
@@ -1744,7 +1744,9 @@ msgid ""
 msgstr ""
 
 #: src/authorizer/options/external/class-ldap.php:105
-msgid "If ldaps is used, this should be unchecked"
+msgid ""
+"If an ldaps:// URL (and therefore Implicit TLS) is used, this checkbox is "
+"ignored."
 msgstr ""
 
 #: src/authorizer/options/external/class-ldap.php:125

src/authorizer/class-admin-page.php

@@ -91,7 +91,7 @@ public function admin_head() {
 			<p>' . __( '<strong>Enable OAuth2 Logins</strong>: Choose if you want to allow users to log in with one of the supported OAuth2 providers. You will need to enter your API Client ID and Secret to enable these logins.', 'authorizer' ) . '</p>
 			<p>' . __( '<strong>Enable Google Logins</strong>: Choose if you want to allow users to log in with their Google Account credentials. You will need to enter your API Client ID and Secret to enable Google Logins.', 'authorizer' ) . '</p>
 			<p>' . __( '<strong>Enable CAS Logins</strong>: Choose if you want to allow users to log in with via CAS (Central Authentication Service). You will need to enter details about your CAS server (host, port, and path) to enable CAS Logins.', 'authorizer' ) . '</p>
-			<p>' . __( '<strong>Enable LDAP Logins</strong>: Choose if you want to allow users to log in with their LDAP (Lightweight Directory Access Protocol) credentials. You will need to enter details about your LDAP server (host, port, search base, uid attribute, directory user, directory user password, and whether to use TLS) to enable Google Logins.', 'authorizer' ) . '</p>
+			<p>' . __( '<strong>Enable LDAP Logins</strong>: Choose if you want to allow users to log in with their LDAP (Lightweight Directory Access Protocol) credentials. You will need to enter details about your LDAP server (host, port, search base, uid attribute, directory user, directory user password, and whether to use STARTTLS) to enable Google Logins.', 'authorizer' ) . '</p>
 			<p>' . __( '<strong>Default role for new CAS users</strong>: Specify which role new external users will get by default. Be sure to choose a role with limited permissions!', 'authorizer' ) . '</p>
 			<p><strong><em>' . __( 'If you enable OAuth2 logins:', 'authorizer' ) . '</em></strong></p>
 			<ul>
@@ -125,7 +125,7 @@ public function admin_head() {
 				<li>' . __( '<strong>LDAP attribute containing username</strong>: Enter the name of the LDAP attribute that contains the usernames used by those attempting to log in. The plugin will search on this attribute to find the cn to bind against for login attempts.', 'authorizer' ) . '</li>
 				<li>' . __( '<strong>LDAP Directory User</strong>: Enter the name of the LDAP user that has permissions to browse the directory.', 'authorizer' ) . '<br>' . __( "Note: for increased security, you can leave this field blank and instead define this value either in wp-config.php via <code>define( 'AUTHORIZER_LDAP_USER', '...' );</code>, or you may fetch it from an external service like AWS Secrets Manager by hooking into the <code>authorizer_ldap_user</code> filter. This will prevent it from being stored in plaintext in the WordPress database.", 'authorizer' ) . '</li>
 				<li>' . __( '<strong>LDAP Directory User Password</strong>: Enter the password for the LDAP user that has permission to browse the directory.', 'authorizer' ) . '<br>' . __( "Note: for increased security, you can leave this field blank and instead define this value either in wp-config.php via <code>define( 'AUTHORIZER_LDAP_PASSWORD', '...' );</code>, or you may fetch it from an external service like AWS Secrets Manager by hooking into the <code>authorizer_ldap_password</code> filter. This will prevent it from being stored in the WordPress database.", 'authorizer' ) . '</li>
-				<li>' . __( '<strong>Use TLS</strong>: Select whether all communication with the LDAP server should be performed over a TLS-secured connection.', 'authorizer' ) . '</li>
+				<li>' . __( '<strong>Use STARTTLS</strong>: Select whether unencrypted communication with the LDAP server should be upgraded to a TLS-secured connection using STARTTLS.', 'authorizer' ) . '</li>
 				<li>' . __( "<strong>Custom lost password URL</strong>: The WordPress login page contains a link to recover a lost password. If you have external users who shouldn't change the password on their WordPress account, point them to the appropriate location to change the password on their external authentication service here.", 'authorizer' ) . '</li>
 				<li>' . __( "<strong>LDAP attribute containing first name</strong>: Enter the LDAP attribute that has the user's first name. When this user first logs in, their WordPress account will have their first name retrieved from LDAP and added to their WordPress profile.", 'authorizer' ) . '</li>
 				<li>' . __( "<strong>LDAP attribute containing last name</strong>: Enter the LDAP attribute that has the user's last name. When this user first logs in, their WordPress account will have their last name retrieved from LDAP and added to their WordPress profile.", 'authorizer' ) . '</li>
@@ -608,7 +608,7 @@ public function page_init() {
 		);
 		add_settings_field(
 			'auth_settings_ldap_tls',
-			__( 'Use TLS', 'authorizer' ),
+			__( 'Use STARTTLS', 'authorizer' ),
 			array( Ldap::get_instance(), 'print_checkbox_ldap_tls' ),
 			'authorizer',
 			'auth_settings_external'
@@ -982,7 +982,7 @@ public function create_network_admin_page() {
 							<td><?php $ldap->print_text_ldap_port( array( 'context' => Helper::NETWORK_CONTEXT ) ); ?></td>
 						</tr>
 						<tr>
-							<th scope="row"><?php esc_html_e( 'Use TLS', 'authorizer' ); ?></th>
+							<th scope="row"><?php esc_html_e( 'Use STARTTLS', 'authorizer' ); ?></th>
 							<td><?php $ldap->print_checkbox_ldap_tls( array( 'context' => Helper::NETWORK_CONTEXT ) ); ?></td>
 						</tr>
 						<tr>

src/authorizer/options/external/class-ldap.php

@@ -101,8 +101,8 @@ public function print_checkbox_ldap_tls( $args = '' ) {
 
 		// Print option elements.
 		?>
-		<input type="checkbox" id="auth_settings_<?php echo esc_attr( $option ); ?>" name="auth_settings[<?php echo esc_attr( $option ); ?>]" value="1"<?php checked( 1 === intval( $auth_settings_option ) ); ?> /><label for="auth_settings_<?php echo esc_attr( $option ); ?>"><?php esc_html_e( 'Use TLS', 'authorizer' ); ?></label>
-		<p class="description"><small><?php esc_html_e( 'If ldaps is used, this should be unchecked', 'authorizer' ); ?></small></p>
+		<input type="checkbox" id="auth_settings_<?php echo esc_attr( $option ); ?>" name="auth_settings[<?php echo esc_attr( $option ); ?>]" value="1"<?php checked( 1 === intval( $auth_settings_option ) ); ?> /><label for="auth_settings_<?php echo esc_attr( $option ); ?>"><?php esc_html_e( 'Use STARTTLS', 'authorizer' ); ?></label>
+		<p class="description"><small><?php esc_html_e( 'If an ldaps:// URL (and therefore Implicit TLS) is used, this checkbox is ignored.', 'authorizer' ); ?></small></p>
 		<?php
 	}