/**
* Get the user and password in the request body and generate a JWT
*
* @param [type] $request [description]
*
* @return [type] [description]
*/
public function generate_token($request)
{
$secret_key = defined('JWT_AUTH_SECRET_KEY') ? JWT_AUTH_SECRET_KEY : false;
$username = $request->get_param('username');
$password = $request->get_param('password');
/** First thing, check the secret key if not exist return a error*/
if (!$secret_key) {
return new WP_Error('jwt_auth_bad_config', __('JWT is not configurated properly, please contact the admin', 'wp-api-jwt-auth'), array('status' => 403));
}
/** Try to authenticate the user with the passed credentials*/
$user = wp_authenticate($username, $password);
/** If the authentication fails return a error*/
if (is_wp_error($user)) {
return new WP_Error('jwt_auth_failed', __('Invalid Credentials.', 'wp-api-jwt-auth'), array('status' => 403));
}
/** Valid credentials, the user exists create the according Token */
$issuedAt = time();
$notBefore = apply_filters('jwt_auth_not_before', $issuedAt, $issuedAt);
$expire = apply_filters('jwt_auth_expire', $issuedAt + DAY_IN_SECONDS * 7, $issuedAt);
$token = array('iss' => get_bloginfo('url'), 'iat' => $issuedAt, 'nbf' => $notBefore, 'exp' => $expire, 'data' => array('user' => array('id' => $user->data->ID)));
/** Let the user modify the token data before the sign. */
$token = JWT::encode(apply_filters('jwt_auth_token_before_sign', $token), $secret_key);
/** The token is signed, now create the object with no sensible user data to the client*/
$data = array('token' => $token, 'user_email' => $user->data->user_email, 'user_nicename' => $user->data->user_nicename, 'user_display_name' => $user->data->display_name);
/** Let the user modify the data before send it back */
return apply_filters('jwt_auth_token_before_dispatch', $data, $user);
}
/**
* Get the user and password in the request body and generate a JWT
*
* @param [type] $request [description]
*
* @return [type] [description]
*/
public function generate_token($request)
{
$secret_key = defined('JWT_AUTH_SECRET_KEY') ? JWT_AUTH_SECRET_KEY : false;
$username = isset($request->get_param('username')) ? $request->get_param('username') : null;
$password = isset($request->get_param('password')) ? $request->get_param('password') : null;
$fb_token = isset($request->get_param('fb_token')) ? $request->get_param('fb_token') : null;
/** First thing, check the secret key if not exist return a error*/
if (!$secret_key) {
return new WP_Error('jwt_auth_bad_config', __('JWT is not configurated properly, please contact the admin', 'wp-api-jwt-auth'), array('status' => 403));
}
/** Try to authenticate the user with the passed facebook token */
if ($fb_token) {
// User data from Facebook
$fb_check = wp_remote_get('https://graph.facebook.com/me?fields=id,email&access_token=' . $fb_token);
// check if the response is correct
if (!is_array($fb_check)) {
$user = null;
} else {
$fb_user = json_decode($fb_check['body']);
if ($fb_user && $fb_user->id && $fb_user->email) {
$user = get_user_by('email', $fb_user->email);
} else {
$user = null;
}
}
} else {
/** Try to authenticate the user with the passed credentials*/
$user = wp_authenticate($username, $password);
}
/** If the authentication fails return a error*/
if (is_wp_error($user) || $user == null) {
return new WP_Error('jwt_auth_failed', __('Invalid Credentials.', 'wp-api-jwt-auth'), array('status' => 403));
}
/** Valid credentials, the user exists create the according Token */
$issuedAt = time();
$notBefore = apply_filters('jwt_auth_not_before', $issuedAt, $issuedAt);
$expire = apply_filters('jwt_auth_expire', $issuedAt + DAY_IN_SECONDS * 7, $issuedAt);
$token = array('iss' => get_bloginfo('url'), 'iat' => $issuedAt, 'nbf' => $notBefore, 'exp' => $expire, 'data' => array('user' => array('id' => $user->data->ID)));
/** Let the user modify the token data before the sign. */
$token = JWT::encode(apply_filters('jwt_auth_token_before_sign', $token), $secret_key);
/** The token is signed, now create the object with no sensible user data to the client*/
$data = array('token' => $token, 'user_email' => $user->data->user_email, 'user_nicename' => $user->data->user_nicename, 'user_display_name' => $user->data->display_name);
/** Let the user modify the data before send it back */
return apply_filters('jwt_auth_token_before_dispatch', $data, $user);
}
/**
* Get the user and password in the request body and generate keys and token
*
* @param [type] $request [description]
*
* @return [type] [description]
*/
public function generate_token($request)
{
$username = $request->get_param('username');
$password = $request->get_param('password');
/**
* In multi-site, wp_authenticate_spam_check filter is run on authentication. This filter calls
* get_currentuserinfo which in turn calls the determine_current_user filter. This leads to infinite
* recursion and a stack overflow unless the current function is removed from the determine_current_user
* filter during authentication.
*/
remove_filter('determine_current_user', array($this, 'determine_current_user'), 20);
/** Try to authenticate the user with the passed credentials*/
$user = wp_authenticate($username, $password);
add_filter('determine_current_user', array($this, 'determine_current_user'), 20);
/** If the authentication fails return a error*/
if (is_wp_error($user)) {
return new WP_Error('token_auth_failed', __('Invalid Credentials.', 'wp-api-token-auth'), array('status' => 403));
}
/** Valid credentials, the user exists attempt to create the according keys */
$public_key = $this->get_user_public_key($user->ID);
$secret_key = $this->get_user_secret_key($user->ID);
if (empty($public_key)) {
$new_public_key = $this->generate_public_key($user->user_email);
$new_secret_key = $this->generate_private_key($user->ID);
} else {
return new WP_Error('token_auth_keys_exist', __('Keys already exist. Retrieve them.', 'wp-api-token-auth'), array('status' => 403));
}
update_user_meta($user->ID, 'rest_api_token_auth_public_key', $new_public_key);
update_user_meta($user->ID, 'rest_api_token_auth_secret_key', $new_secret_key);
$token = $this->get_token($user->ID);
$data = array();
$data['token'] = $token;
$data['public_key'] = $new_public_key;
/** Let the user modify the data before send it back */
// todo: docbloc
$data = apply_filters('token_auth_token_before_dispatch_generate', $data, $user);
return json_encode($data);
}
