Example #1
0
 public function run_update_method($token = null)
 {
     $response = new OAuth2\Response();
     if (!isset($token['user_id']) || $token['user_id'] == 0) {
         $response->setError(400, 'invalid_request', 'Missing or invalid access token');
         $response->send();
         exit;
     }
     $user_id =& $token['user_id'];
     if (!current_user_can('edit_user', $user_id)) {
         $response->setError(400, 'invalid_request', 'You are not allowed to edit this user');
         $response->send();
         exit;
     }
     $user_id = wp_update_user(array('ID' => $user_id, 'display_name' => sanitize_text_field($_POST['name'])));
     if (is_wp_error($user_id)) {
         // There was an error, probably that user doesn't exist.
         $response->setError(400, 'invalid_request', 'There was an error updating me');
         $response->send();
         exit;
     } else {
         $return = array('success' => 'updated-me');
         $response = new OAuth2\Response($return);
         $response->send();
         exit;
     }
 }
Example #2
0
/**
 * DEFAULT ME METHOD - DO NOT REMOVE DIRECTLY
 * This is the default resource call "/oauth/me". Do not edit or remove.
 */
function _wo_method_me($token = null)
{
    if (!isset($token['user_id']) || $token['user_id'] == 0) {
        $response = new OAuth2\Response();
        $response->setError(400, 'invalid_request', 'Missing or invalid access token');
        $response->send();
        exit;
    }
    $user = get_user_by('id', $token['user_id']);
    $me_data = (array) $user->data;
    unset($me_data['user_pass']);
    unset($me_data['user_activation_key']);
    unset($me_data['user_url']);
    /**
     * @since  3.0.5 
     * OpenID Connect looks for the field "email".
     * Sooooo. We shall provide it. (at least for Moodle)
     */
    $me_data['email'] = $me_data['user_email'];
    $response = new OAuth2\Response($me_data);
    $response->send();
    exit;
}
Example #3
0
/**
 * DEFAULT ME METHOD - DO NOT REMOVE DIRECTLY
 * This is the default resource call "/oauth/me". Do not edit or remove.
 */
function _wo_method_me($token = null)
{
    /** 
     * Added 3.0.2 to handle access tokens not asigned to user
     */
    if (!isset($token['user_id']) || $token['user_id'] == 0) {
        $response = new OAuth2\Response();
        $response->setError(400, 'invalid_request', 'Missing or invalid access token');
        $response->send();
        exit;
    }
    $user_id =& $token['user_id'];
    global $wpdb;
    $me_data = $wpdb->get_row("SELECT * FROM {$wpdb->prefix}users WHERE ID={$user_id}", ARRAY_A);
    /** prevent sensative data - makes me happy ;) */
    unset($me_data['user_pass']);
    unset($me_data['user_activation_key']);
    unset($me_data['user_url']);
    /**
     * @since  3.0.5 
     * OpenID Connect looks for the field "email".
     * Sooooo. We shall provide it. (at least for Moodle)
     */
    $me_data['email'] = $me_data['user_email'];
    $response = new OAuth2\Response($me_data);
    $response->send();
    exit;
}
Example #4
0
$ext_methods = apply_filters("wo_endpoints", null);
// Check to see if the method exists in the filter
if (array_key_exists($method, $ext_methods)) {
    // If the method is is set to public, lets just run the method without
    if (isset($ext_methods[$method]['public']) && $ext_methods[$method]['public']) {
        call_user_func_array($ext_methods[$method]['func'], $_REQUEST);
        exit;
    }
    $response = new OAuth2\Response();
    if (!$server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) {
        $response->setError(400, 'invalid_request', 'Missing or invalid parameter(s)');
        $response->send();
        exit;
    }
    $token = $server->getAccessTokenData(OAuth2\Request::createFromGlobals());
    if (is_null($token)) {
        $server->getResponse()->send();
        exit;
    }
    do_action('wo_endpoint_user_authenticated', array($token));
    call_user_func_array($ext_methods[$method]['func'], array($token));
    exit;
}
/**
 * Server error response. End of line
 * @since 3.1.0
 */
$response = new OAuth2\Response();
$response->setError(400, 'invalid_request', 'Unknown request');
$response->send();
exit;