public static function getUser($jwt) { global $wpdb; if ($jwt instanceof WP_User) { return $jwt; } $user_property = esc_sql(JWT_AUTH_Options::get('user_property')); $jwt_attribute = JWT_AUTH_Options::get('jwt_attribute'); if (trim($user_property) == '' || trim($jwt_attribute) == '') { return; } $id = $jwt->{$jwt_attribute}; $sql = 'SELECT u.* FROM ' . $wpdb->users . ' WHERE ' . $user_property . ' = %s'; $userRow = $wpdb->get_row($wpdb->prepare($sql, $id)); if (is_null($userRow)) { return null; } elseif ($userRow instanceof WP_Error) { self::insertAuth0Error('findAuth0User', $userRow); return null; } $user = new WP_User(); $user->init($userRow); return $user; }
public static function set($key, $value) { $options = self::get_options(); $options[$key] = $value; self::$_opt = $options; update_option(self::OPTIONS_NAME, $options); }
protected static function setupjwt() { if (WP_Auth0::isJWTAuthEnabled()) { JWT_AUTH_Options::set('aud', WP_Auth0_Options::get('client_id')); JWT_AUTH_Options::set('secret', WP_Auth0_Options::get('client_secret')); JWT_AUTH_Options::set('secret_base64_encoded', true); JWT_AUTH_Options::set('override_user_repo', 'WP_Auth0_UsersRepo'); WP_Auth0_Options::set('jwt_auth_integration', true); } }
protected static function decodeJWT($encUser) { require_once JWT_AUTH_PLUGIN_DIR . 'lib/php-jwt/Exceptions/BeforeValidException.php'; require_once JWT_AUTH_PLUGIN_DIR . 'lib/php-jwt/Exceptions/ExpiredException.php'; require_once JWT_AUTH_PLUGIN_DIR . 'lib/php-jwt/Exceptions/SignatureInvalidException.php'; require_once JWT_AUTH_PLUGIN_DIR . 'lib/php-jwt/Authentication/JWT.php'; $aud = JWT_AUTH_Options::get('aud'); $secret = JWT_AUTH_Options::get('secret'); $secret_base64_encoded = JWT_AUTH_Options::get('secret_base64_encoded'); if ($secret_base64_encoded) { $secret = base64_decode(strtr($secret, '-_', '+/')); } try { // Decode the user $decodedToken = \JWT::decode($encUser, $secret, ['HS256']); // validate that this JWT was made for us if ($decodedToken->aud != $aud) { throw new Exception("This token is not intended for us."); } } catch (\UnexpectedValueException $e) { throw new Exception($e->getMessage()); } return $decodedToken; }
public static function isJWTConfigured() { return JWT_AUTH_Options::get('aud') == WP_Auth0_Options::get('client_id') && JWT_AUTH_Options::get('secret') == WP_Auth0_Options::get('client_secret') && JWT_AUTH_Options::get('secret_base64_encoded') && WP_Auth0_Options::get('jwt_auth_integration') && JWT_AUTH_Options::get('jwt_attribute') == 'sub'; }
public static function render_jwt_attribute() { $v = JWT_AUTH_Options::get('jwt_attribute'); echo '<input type="text" name="' . JWT_AUTH_Options::OPTIONS_NAME . '[jwt_attribute]" id="jwt_auth_jwt_attribute" value="' . esc_attr($v) . '"/>'; echo '<br/><span class="description">' . __('JWT Attribute the plugin should use to match the users.', JWT_AUTH_LANG) . '</span>'; }