I am attempting to create a plugin that causes WordPress to use an external site for authentication using a custom single sign-on protocol.
Essentially, the plugin will need to redirect users to the external site when they need to log in. After authenticating the user, the external site will redirect them back to WordPress, passing a username, along with a message authentication code, which my plugin will need to validate.
I see a number of plugins in the official directory that claim to provide various forms of single sign-on. However, looking at the code for these plugins I see little commonality in the approaches taken.
Can anyone point me to code that they would consider exemplary for implementing web single sign-on in a plugin?