From b189ec4c6fd98a03830f89c33495dbc2d22f990b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ingrid=20Az=C3=A9ma?= <iazema@beapi.fr>
Date: Thu, 23 Apr 2026 16:39:33 +0200
Subject: [PATCH] On a multisite, fix users only added on the first blog to
 which they connect

---
 default-wp-saml-auth.php | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/default-wp-saml-auth.php b/default-wp-saml-auth.php
index d497bba..d638f69 100644
--- a/default-wp-saml-auth.php
+++ b/default-wp-saml-auth.php
@@ -35,6 +35,8 @@
 }
 
 add_filter( 'wp_saml_auth_option', __NAMESPACE__ . '\\wp_saml_filter_option', 10, 2 );
+add_action( 'wp_saml_auth_existing_user_authenticated', __NAMESPACE__ . '\add_user_to_current_blog' );
+
 
 /**
  * Set options for SAML
@@ -212,3 +214,17 @@ function wp_saml_filter_option( $value, $option_name ) {
 
 	return $value;
 }
+
+/**
+ * Add the user to the current blog
+ *
+ * @param \WP_User $user
+ * @return void
+ * @author Ingrid Azéma
+ */
+function add_user_to_current_blog( $user ): void {
+	if ( ! is_multisite() || ! is_a( $user, 'WP_User' ) || is_user_member_of_blog( $user->ID ) ) {
+		return;
+	}
+	add_user_to_blog( get_current_blog_id(), $user->ID, get_option( 'default_role' ) );
+}