public function run_update_method($token = null)
{
$response = new OAuth2\Response();
if (!isset($token['user_id']) || $token['user_id'] == 0) {
$response->setError(400, 'invalid_request', 'Missing or invalid access token');
$response->send();
exit;
}
$user_id =& $token['user_id'];
if (!current_user_can('edit_user', $user_id)) {
$response->setError(400, 'invalid_request', 'You are not allowed to edit this user');
$response->send();
exit;
}
$user_id = wp_update_user(array('ID' => $user_id, 'display_name' => sanitize_text_field($_POST['name'])));
if (is_wp_error($user_id)) {
// There was an error, probably that user doesn't exist.
$response->setError(400, 'invalid_request', 'There was an error updating me');
$response->send();
exit;
} else {
$return = array('success' => 'updated-me');
$response = new OAuth2\Response($return);
$response->send();
exit;
}
}
/**
* DEFAULT ME METHOD - DO NOT REMOVE DIRECTLY
* This is the default resource call "/oauth/me". Do not edit or remove.
*/
function _wo_method_me($token = null)
{
if (!isset($token['user_id']) || $token['user_id'] == 0) {
$response = new OAuth2\Response();
$response->setError(400, 'invalid_request', 'Missing or invalid access token');
$response->send();
exit;
}
$user = get_user_by('id', $token['user_id']);
$me_data = (array) $user->data;
unset($me_data['user_pass']);
unset($me_data['user_activation_key']);
unset($me_data['user_url']);
/**
* @since 3.0.5
* OpenID Connect looks for the field "email".
* Sooooo. We shall provide it. (at least for Moodle)
*/
$me_data['email'] = $me_data['user_email'];
$response = new OAuth2\Response($me_data);
$response->send();
exit;
}
/**
* DEFAULT ME METHOD - DO NOT REMOVE DIRECTLY
* This is the default resource call "/oauth/me". Do not edit or remove.
*/
function _wo_method_me($token = null)
{
/**
* Added 3.0.2 to handle access tokens not asigned to user
*/
if (!isset($token['user_id']) || $token['user_id'] == 0) {
$response = new OAuth2\Response();
$response->setError(400, 'invalid_request', 'Missing or invalid access token');
$response->send();
exit;
}
$user_id =& $token['user_id'];
global $wpdb;
$me_data = $wpdb->get_row("SELECT * FROM {$wpdb->prefix}users WHERE ID={$user_id}", ARRAY_A);
/** prevent sensative data - makes me happy ;) */
unset($me_data['user_pass']);
unset($me_data['user_activation_key']);
unset($me_data['user_url']);
/**
* @since 3.0.5
* OpenID Connect looks for the field "email".
* Sooooo. We shall provide it. (at least for Moodle)
*/
$me_data['email'] = $me_data['user_email'];
$response = new OAuth2\Response($me_data);
$response->send();
exit;
}
$ext_methods = apply_filters("wo_endpoints", null);
// Check to see if the method exists in the filter
if (array_key_exists($method, $ext_methods)) {
// If the method is is set to public, lets just run the method without
if (isset($ext_methods[$method]['public']) && $ext_methods[$method]['public']) {
call_user_func_array($ext_methods[$method]['func'], $_REQUEST);
exit;
}
$response = new OAuth2\Response();
if (!$server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) {
$response->setError(400, 'invalid_request', 'Missing or invalid parameter(s)');
$response->send();
exit;
}
$token = $server->getAccessTokenData(OAuth2\Request::createFromGlobals());
if (is_null($token)) {
$server->getResponse()->send();
exit;
}
do_action('wo_endpoint_user_authenticated', array($token));
call_user_func_array($ext_methods[$method]['func'], array($token));
exit;
}
/**
* Server error response. End of line
* @since 3.1.0
*/
$response = new OAuth2\Response();
$response->setError(400, 'invalid_request', 'Unknown request');
$response->send();
exit;
