/**
* handler for LaunchKey authentication
* @since 1.0.0
*/
public function launchkey_callback()
{
try {
$headers = array();
array_walk($_SERVER, function ($value, $key) use(&$headers) {
if (preg_match('/^HTTP\\_(.+)$/', $key, $matches)) {
$headers[str_replace('_', '-', $matches[1])] = $value;
}
});
preg_match('/^[^\\/]+\\/(.*)$/', $_SERVER['SERVER_PROTOCOL'], $matches);
$protocol_version = $matches ? $matches[1] : null;
$request = new Request($_SERVER['REQUEST_METHOD'], $_SERVER['REQUEST_URI'], $headers, $this->wp_facade->fopen('php://input', 'rb'), $protocol_version);
$http_response = new Response();
// Have the SDK client handle the callback
$response = $this->launchkey_client->serverSentEvent()->handleEvent($request, $http_response);
if ($response instanceof \LaunchKey\SDK\Domain\AuthResponse) {
// If this is an auth response
// Find the user by the auth_request provided in the response
$users = $this->wp_facade->get_users(array('meta_key' => 'launchkey_auth', 'meta_value' => $response->getAuthRequestId()));
if (count($users) > 1) {
throw new \LaunchKey\SDK\Service\Exception\InvalidRequestError('Too many users found for user hash ' . $response->getUserHash());
} elseif (count($users) < 1) {
throw new \LaunchKey\SDK\Service\Exception\InvalidRequestError('No user found for user hash ' . $response->getUserHash());
}
$user = array_pop($users);
// Update the auth value and the user hash in the user metadata based on response data
$this->wp_facade->update_user_meta($user->ID, "launchkey_authorized", $response->isAuthorized() ? 'true' : 'false');
$this->wp_facade->update_user_meta($user->ID, "launchkey_user", $response->getUserHash());
// If this is a native implementation and we have a valid User Push ID in the response,
// replace the username with that to prevent exposure of the username
$options = $this->get_option(LaunchKey_WP_Admin::OPTION_KEY);
$user_push_id = $response->getUserPushId();
if ($user_push_id && LaunchKey_WP_Implementation_Type::NATIVE === $options[LaunchKey_WP_Options::OPTION_IMPLEMENTATION_TYPE]) {
$this->wp_facade->update_user_meta($user->ID, "launchkey_username", $user_push_id);
}
} elseif ($response instanceof \LaunchKey\SDK\Domain\DeOrbitCallback) {
// If it's a de-orbit request
// Find the user by the provided user hash
$users = $this->wp_facade->get_users(array('meta_key' => 'launchkey_user', 'meta_value' => $response->getUserHash()));
if (count($users) !== 1) {
throw new \LaunchKey\SDK\Service\Exception\InvalidRequestError('Too many users found for user hash ' . $response->getUserHash());
}
$user = array_pop($users);
// Set authorized to false in the user metadata
$this->wp_facade->update_user_meta($user->ID, "launchkey_authorized", 'false');
$this->launchkey_client->auth()->deOrbit($user->launchkey_auth);
}
} catch (\Exception $e) {
if ($this->wp_facade->is_debug_log()) {
$this->wp_facade->error_log('Callback Exception: ' . $e->getMessage());
}
if ($e instanceof \LaunchKey\SDK\Service\Exception\InvalidRequestError || $e instanceof \LaunchKey\SDK\Service\Exception\UnknownCallbackActionError) {
$this->wp_facade->wp_die('Invalid Request', 400);
} else {
// Otherwise, return 500
$this->wp_facade->wp_die('Server Error', 500);
}
}
}
public function wizard_easy_setup_callback()
{
$headers = array();
array_walk($_SERVER, function ($value, $key) use(&$headers) {
if (preg_match('/^HTTP\\_(.+)$/', $key, $matches)) {
$headers[str_replace('_', '-', $matches[1])] = $value;
}
});
preg_match('/^[^\\/]+\\/(.*)$/', $_SERVER['SERVER_PROTOCOL'], $matches);
$protocol_version = $matches ? $matches[1] : null;
$request = new Request($_SERVER['REQUEST_METHOD'], $_SERVER['REQUEST_URI'], $headers, $this->wp_facade->fopen('php://input', 'rb'), $protocol_version);
$http_response = new Response();
if ($request->hasHeader('signature')) {
try {
// Have the SDK client handle the callback
$response = $this->launchkey_client->serverSentEvent()->handleEvent($request, $http_response);
if ($response instanceof \LaunchKey\SDK\Domain\RocketCreated) {
$config = $this->get_option(LaunchKey_WP_Configuration_Wizard::EASY_SETUP_OPTION);
if (empty($config['nonce']) || !$config['nonce'] instanceof \LaunchKey\SDK\Domain\NonceResponse) {
throw new \LaunchKey\SDK\Service\Exception\InvalidRequestError(sprintf('Easy config request with no valid "nonce" in option "%s"', LaunchKey_WP_Configuration_Wizard::EASY_SETUP_OPTION));
}
// Delete the option, valid or not.
$this->wp_facade->delete_option(LaunchKey_WP_Configuration_Wizard::EASY_SETUP_OPTION);
// Check for expiration of the nonce
$expires = $config['nonce']->getExpiration();
if ($expires <= new DateTime("now", new DateTimeZone("UTC"))) {
throw new \LaunchKey\SDK\Service\Exception\InvalidRequestError('Easy config "nonce" has expired');
}
$rocketConfig = $response->getRocketConfig($this->crypt_service, $config['nonce']->getNonce());
$expected_callback_url = $this->wp_facade->admin_url('admin-ajax.php?action=' . LaunchKey_WP_Native_Client::CALLBACK_AJAX_ACTION);
// Verify the callback URL before attempting to decrypt the data
$actual_callback_url = $rocketConfig->getCallbackURL();
if ($actual_callback_url !== $expected_callback_url) {
throw new \LaunchKey\SDK\Service\Exception\InvalidRequestError(sprintf('Easy config is not for this site based on callback. Expected: %s, Actual: %s.', $expected_callback_url, $actual_callback_url));
}
$options = $this->get_option(LaunchKey_WP_Admin::OPTION_KEY);
$rocket_type = $rocketConfig->isWhiteLabel() ? LaunchKey_WP_Implementation_Type::WHITE_LABEL : LaunchKey_WP_Implementation_Type::NATIVE;
// Update options from server sent event service response
$options[LaunchKey_WP_Options::OPTION_IMPLEMENTATION_TYPE] = $rocket_type;
$options[LaunchKey_WP_Options::OPTION_ROCKET_KEY] = $rocketConfig->getKey();
$options[LaunchKey_WP_Options::OPTION_SECRET_KEY] = $rocketConfig->getSecret();
$options[LaunchKey_WP_Options::OPTION_PRIVATE_KEY] = $rocketConfig->getPrivateKey();
$this->update_option(LaunchKey_WP_Admin::OPTION_KEY, $options);
$response_string = "";
$body = $http_response->getBody();
$body->rewind();
while ($segment = $body->read(256)) {
$response_string .= $segment;
}
$this->wp_facade->header("Content-Type: text/plain", true, $http_response->getStatusCode());
$this->wp_facade->wp_die($response_string);
}
} catch (\Exception $e) {
if ($this->wp_facade->is_debug_log()) {
$this->wp_facade->error_log('Callback Exception: ' . $e->getMessage());
}
if ($e instanceof \LaunchKey\SDK\Service\Exception\InvalidRequestError) {
$this->wp_facade->http_response_code(400);
$this->wp_facade->wp_die('Invalid Request');
} else {
$this->wp_facade->http_response_code(500);
$this->wp_facade->wp_die('Server Error');
}
}
}
}
