public function create($userinfo, $token) { // If the user doesn't exist we need to either create a new one, or asign him to an existing one $isDatabaseUser = false; foreach ($userinfo->identities as $identity) { if ($identity->provider == "auth0") { $isDatabaseUser = true; } } $joinUser = null; // If the user has a verified email or is a database user try to see if there is // a user to join with. The isDatabase is because we don't want to allow database // user creation if there is an existing one with no verified email if (isset($userinfo->email) && (isset($userinfo->email_verified) && $userinfo->email_verified || $isDatabaseUser)) { $joinUser = get_user_by('email', $userinfo->email); } // $auto_provisioning = WP_Auth0_Options::get('auto_provisioning'); // $allow_signup = WP_Auth0_Options::is_wp_registration_enabled() || $auto_provisioning; $allow_signup = WP_Auth0_Options::is_wp_registration_enabled(); if (!is_null($joinUser) && $joinUser instanceof WP_User) { // If we are here, we have a potential join user // Don't allow creation or assignation of user if the email is not verified, that would // be hijacking if (!$userinfo->email_verified) { throw new WP_Auth0_EmailNotVerifiedException($userinfo, $token); } $user_id = $joinUser->ID; } elseif ($allow_signup) { // If we are here, we need to create the user $user_id = WP_Auth0_Users::create_user($userinfo); // Check if user was created if (is_wp_error($user_id)) { throw new WP_Auth0_CouldNotCreateUserException($user_id->get_error_message()); } elseif ($user_id == -2) { throw new WP_Auth0_CouldNotCreateUserException('Could not create user. The registration process were rejected. Please verify that your account is whitelisted for this system.'); } elseif ($user_id < 0) { throw new WP_Auth0_CouldNotCreateUserException(); } } else { throw new WP_Auth0_RegistrationNotEnabledException(); } // If we are here we should have a valid $user_id with a new user or an existing one // log him in, and update the auth0_user table self::insertAuth0User($userinfo, $user_id); return $user_id; }
private static function login_user($userinfo, $data) { // If the userinfo has no email or an unverified email, and in the options we require a verified email // notify the user he cant login until he does so. if (WP_Auth0_Options::get('requires_verified_email')) { if (empty($userinfo->email)) { $msg = __('This account does not have an email associated. Please login with a different provider.', WPA0_LANG); $msg .= '<br/><br/>'; $msg .= '<a href="' . site_url() . '">' . __('← Go back', WPA0_LANG) . '</a>'; wp_die($msg); } if (!$userinfo->email_verified) { self::dieWithVerifyEmail($userinfo, $data); } } // See if there is a user in the auth0_user table with the user info client id $user = self::findAuth0User($userinfo->user_id); if (!is_null($user)) { // User exists! Log in self::updateAuth0Object($userinfo); wp_set_auth_cookie($user->ID); return true; } else { // If the user doesn't exist we need to either create a new one, or asign him to an existing one $isDatabaseUser = false; foreach ($userinfo->identities as $identity) { if ($identity->provider == "auth0") { $isDatabaseUser = true; } } $joinUser = null; // If the user has a verified email or is a database user try to see if there is // a user to join with. The isDatabase is because we don't want to allow database // user creation if there is an existing one with no verified email if ($userinfo->email_verified || $isDatabaseUser) { $joinUser = get_user_by('email', $userinfo->email); } if (!is_null($joinUser) && $joinUser instanceof WP_User) { // If we are here, we have a potential join user // Don't allow creation or assignation of user if the email is not verified, that would // be hijacking if (!$userinfo->email_verified) { self::dieWithVerifyEmail($userinfo, $data); } $user_id = $joinUser->ID; } else { // If we are here, we need to create the user $user_id = (int) WP_Auth0_Users::create_user($userinfo); // Check if user was created if ($user_id == -2) { $msg = __('Error: Could not create user. The registration process were rejected. Please verify that your account is whitelisted for this system.', WPA0_LANG); $msg .= '<br/><br/>'; $msg .= '<a href="' . site_url() . '">' . __('← Go back', WPA0_LANG) . '</a>'; wp_die($msg); } elseif ($user_id < 0) { $msg = __('Error: Could not create user.', WPA0_LANG); $msg .= '<br/><br/>'; $msg .= '<a href="' . site_url() . '">' . __('← Go back', WPA0_LANG) . '</a>'; wp_die($msg); } } // If we are here we should have a valid $user_id with a new user or an existing one // log him in, and update the auth0_user table self::insertAuth0User($userinfo, $user_id); wp_set_auth_cookie($user_id); return true; } }