function _xfac_subscription_handleCallback_user($config, $ping) { $wpUserData = xfac_user_getUserDataByApiData($config['root'], $ping['object_data']); if (empty($wpUserData)) { return false; } $accessToken = xfac_user_getAccessToken($wpUserData->ID); if (empty($accessToken)) { return false; } $me = xfac_api_getUsersMe($config, $accessToken, false); if (empty($me)) { return false; } $xfUser = $me['user']; $wpUser = new WP_User($wpUserData); xfac_syncLogin_syncBasic($config, $wpUser, $xfUser); xfac_syncLogin_syncRole($config, $wpUser, $xfUser); if (xfac_user_updateRecord($wpUserData->ID, $config['root'], $xfUser['user_id'], $xfUser)) { return 'updated user record'; } else { return false; } }
function xfac_profile_update($wpUserId) { if (!empty($GLOBALS['XFAC_SKIP_xfac_profile_update'])) { return; } $config = xfac_option_getConfig(); $accessToken = xfac_user_getAccessToken($wpUserId); if (empty($accessToken)) { return; } $me = xfac_api_getUsersMe($config, $accessToken); if (empty($me['user'])) { return; } $xfUser = $me['user']; $wpUser = new WP_User($wpUserId); xfac_syncLogin_syncBasic($config, $wpUser, $xfUser, false); }
function xfac_login_init() { if (empty($_REQUEST['xfac'])) { return; } $config = xfac_option_getConfig(); if (empty($config)) { return; } $loginUrl = site_url('wp-login.php', 'login_post'); $redirectTo = xfac_api_getRedirectTo(); $redirectToRequested = isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : ''; $redirectBaseUrl = $loginUrl . (strpos($loginUrl, '?') !== false ? '&' : '?') . 'redirect_to=' . urlencode($redirectTo); $callbackUrl = $redirectBaseUrl . '&xfac=callback'; $token = false; $associateConfirmed = false; switch ($_REQUEST['xfac']) { case 'callback': define('XFAC_SYNC_LOGIN_SKIP_REDIRECT', 1); if (!empty($_REQUEST['authorizeHash'])) { $callbackUrl .= '&authorizeHash=' . urlencode($_REQUEST['authorizeHash']); $associateConfirmed = _xfac_login_verifyAuthorizeHash($_REQUEST['authorizeHash']); } if (!empty($_REQUEST['code'])) { $token = xfac_api_getAccessTokenFromCode($config, $_REQUEST['code'], $callbackUrl); } break; case 'associate': define('XFAC_SYNC_LOGIN_SKIP_REDIRECT', 1); if (empty($_REQUEST['refresh_token'])) { wp_redirect($redirectBaseUrl . '&xfac_error=no_refresh_token'); exit; } if (empty($_REQUEST['scope'])) { wp_redirect($redirectBaseUrl . '&xfac_error=no_scope'); exit; } if (empty($_REQUEST['xf_user']) or !is_array($_REQUEST['xf_user'])) { wp_redirect($redirectBaseUrl . '&xfac_error=no_request_xf_user'); exit; } if (empty($_REQUEST['user_login'])) { wp_redirect($redirectBaseUrl . '&xfac_error=no_user_login'); exit; } $wpUserForAssociate = get_user_by('login', $_REQUEST['user_login']); if (!$wpUserForAssociate instanceof WP_User) { wp_redirect($redirectBaseUrl . '&xfac_error=no_user_login_found'); exit; } if (empty($_REQUEST['pwd'])) { _xfac_login_renderAssociateForm($wpUserForAssociate, $_REQUEST['xf_user'], $_REQUEST['refresh_token'], $_REQUEST['scope'], $redirectTo); exit; } $password = $_REQUEST['pwd']; $authenticatedUser = wp_authenticate($wpUserForAssociate->user_login, $password); if (is_wp_error($authenticatedUser) or $authenticatedUser->ID != $wpUserForAssociate->ID) { _xfac_login_renderAssociateForm($wpUserForAssociate, $_REQUEST['xf_user'], $_REQUEST['refresh_token'], $_REQUEST['scope'], $redirectTo); exit; } $token = xfac_api_getAccessTokenFromRefreshToken($config, $_REQUEST['refresh_token']); $associateConfirmed = $wpUserForAssociate->ID; break; case 'authorize': default: $scope = ''; if (!empty($_REQUEST['admin'])) { $scope = XFAC_API_SCOPE . ' admincp'; } if ($_REQUEST['xfac'] === 'authorize') { // user is requesting to connect their own account // include a hash to skip the associate submission if possible $callbackUrl .= '&authorizeHash=' . urlencode(_xfac_login_getAuthorizeHash()); } $authorizeUrl = xfac_api_getAuthorizeUrl($config, $callbackUrl, $scope); // wp_redirect($authorizeUrl); // cannot use wp_redirect because wp_sanitize_redirect changes our url // issues: it removes basic auth (http://user:password@path) // TODO: find better way to do this header("Location: {$authorizeUrl}", true, 302); exit; } if (empty($token)) { wp_redirect($redirectBaseUrl . '&xfac_error=no_token'); exit; } if (empty($token['scope'])) { wp_redirect($redirectBaseUrl . '&xfac_error=no_scope'); exit; } $me = xfac_api_getUsersMe($config, $token['access_token']); if (empty($me['user'])) { wp_redirect($redirectBaseUrl . '&xfac_error=no_xf_user'); exit; } $xfUser = $me['user']; $wpUser = xfac_user_getUserByApiData($config['root'], $xfUser['user_id']); if (empty($wpUser)) { // no user with the API data found // find user with matching email... if (!empty($xfUser['user_email'])) { $wpUserMatchingEmail = get_user_by('email', $xfUser['user_email']); if (!empty($wpUserMatchingEmail)) { // user with matching email found if (!$associateConfirmed) { _xfac_login_renderAssociateForm($wpUserMatchingEmail, $xfUser, $token['refresh_token'], $token['scope'], $redirectTo); exit; } elseif ($associateConfirmed == $wpUserMatchingEmail->ID) { // association has been confirmed $wpUser = $wpUserMatchingEmail; } } } } if (empty($wpUser)) { $currentWpUser = wp_get_current_user(); if (!empty($currentWpUser) and $currentWpUser->ID > 0) { // a user is currently logged in, try to associate now if (!$associateConfirmed) { _xfac_login_renderAssociateForm($currentWpUser, $xfUser, $token['refresh_token'], $token['scope'], $redirectTo); exit; } elseif ($associateConfirmed == $currentWpUser->ID) { // association has been confirmed $wpUser = $currentWpUser; if ($redirectTo == admin_url('profile.php')) { // redirect target is profile.php page, it will alter it a bit $redirectTo = admin_url('profile.php?xfac=associated'); } } } else { // no matching user found, try to register if (!!get_option('users_can_register') or !!get_option('xfac_bypass_users_can_register')) { $newUserId = wp_create_user($xfUser['username'], wp_generate_password(), $xfUser['user_email']); if (is_wp_error($newUserId)) { wp_redirect($redirectBaseUrl . '&xfac_error=register_error&message=' . urlencode($newUserId->get_error_message())); exit; } $wpUser = new WP_User($newUserId); } else { wp_redirect($redirectBaseUrl . '&xfac_error=users_cannot_register'); exit; } } } if (!empty($wpUser)) { xfac_syncLogin_syncBasic($config, $wpUser, $xfUser); xfac_syncLogin_syncRole($config, $wpUser, $xfUser); xfac_user_updateRecord($wpUser->ID, $config['root'], $xfUser['user_id'], $xfUser, $token); wp_set_auth_cookie($wpUser->ID, true); $redirectToFiltered = apply_filters('login_redirect', $redirectTo, $redirectToRequested, $wpUser); wp_redirect($redirectToFiltered); exit; } }