public function test_sync_callable_whitelist() { // $this->setSyncClientDefaults(); $callables = array('wp_max_upload_size' => wp_max_upload_size(), 'is_main_network' => Jetpack::is_multi_network(), 'is_multi_site' => is_multisite(), 'main_network_site' => Jetpack_Sync_Functions::main_network_site_url(), 'single_user_site' => Jetpack::is_single_user_site(), 'updates' => Jetpack::get_updates(), 'home_url' => Jetpack_Sync_Functions::home_url(), 'site_url' => Jetpack_Sync_Functions::site_url(), 'has_file_system_write_access' => Jetpack_Sync_Functions::file_system_write_access(), 'is_version_controlled' => Jetpack_Sync_Functions::is_version_controlled(), 'taxonomies' => Jetpack_Sync_Functions::get_taxonomies(), 'post_types' => Jetpack_Sync_Functions::get_post_types(), 'post_type_features' => Jetpack_Sync_Functions::get_post_type_features(), 'rest_api_allowed_post_types' => Jetpack_Sync_Functions::rest_api_allowed_post_types(), 'rest_api_allowed_public_metadata' => Jetpack_Sync_Functions::rest_api_allowed_public_metadata(), 'sso_is_two_step_required' => Jetpack_SSO_Helpers::is_two_step_required(), 'sso_should_hide_login_form' => Jetpack_SSO_Helpers::should_hide_login_form(), 'sso_match_by_email' => Jetpack_SSO_Helpers::match_by_email(), 'sso_new_user_override' => Jetpack_SSO_Helpers::new_user_override(), 'sso_bypass_default_login_form' => Jetpack_SSO_Helpers::bypass_login_forward_wpcom(), 'wp_version' => Jetpack_Sync_Functions::wp_version(), 'get_plugins' => Jetpack_Sync_Functions::get_plugins(), 'active_modules' => Jetpack::get_active_modules(), 'hosting_provider' => Jetpack_Sync_Functions::get_hosting_provider(), 'locale' => get_locale(), 'site_icon_url' => Jetpack_Sync_Functions::site_icon_url()); if (is_multisite()) { $callables['network_name'] = Jetpack::network_name(); $callables['network_allow_new_registrations'] = Jetpack::network_allow_new_registrations(); $callables['network_add_new_users'] = Jetpack::network_add_new_users(); $callables['network_site_upload_space'] = Jetpack::network_site_upload_space(); $callables['network_upload_file_types'] = Jetpack::network_upload_file_types(); $callables['network_enable_administration_menus'] = Jetpack::network_enable_administration_menus(); } $this->sender->do_sync(); foreach ($callables as $name => $value) { // TODO: figure out why _sometimes_ the 'support' value of // the post_types value is being removed from the output if ($name === 'post_types') { continue; } $this->assertCallableIsSynced($name, $value); } $whitelist_keys = array_keys($this->callable_module->get_callable_whitelist()); $callables_keys = array_keys($callables); // Are we testing all the callables in the defaults? $whitelist_and_callable_keys_difference = array_diff($whitelist_keys, $callables_keys); $this->assertTrue(empty($whitelist_and_callable_keys_difference), 'Some whitelisted options don\'t have a test: ' . print_r($whitelist_and_callable_keys_difference, 1)); // Are there any duplicate keys? $unique_whitelist = array_unique($whitelist_keys); $this->assertEquals(count($unique_whitelist), count($whitelist_keys), 'The duplicate keys are: ' . print_r(array_diff_key($whitelist_keys, array_unique($whitelist_keys)), 1)); }
function login_init() { global $action; if (Jetpack_SSO_Helpers::should_hide_login_form()) { /** * Since the default authenticate filters fire at priority 20 for checking username and password, * let's fire at priority 30. wp_authenticate_spam_check is fired at priority 99, but since we return a * WP_Error in disable_default_login_form, then we won't trigger spam processing logic. */ add_filter('authenticate', array($this, 'disable_default_login_form'), 30); /** * Filter the display of the disclaimer message appearing when default WordPress login form is disabled. * * @module sso * * @since 2.8.0 * * @param bool true Should the disclaimer be displayed. Default to true. */ $display_sso_disclaimer = apply_filters('jetpack_sso_display_disclaimer', true); if ($display_sso_disclaimer) { add_filter('login_message', array($this, 'msg_login_by_jetpack')); } } /** * If the user is attempting to logout AND the auto-forward to WordPress.com * login is set then we need to ensure we do not auto-forward the user and get * them stuck in an infinite logout loop. */ if (isset($_GET['loggedout']) && Jetpack_SSO_Helpers::bypass_login_forward_wpcom()) { add_filter('jetpack_remove_login_form', '__return_true'); } /** * Check to see if the site admin wants to automagically forward the user * to the WordPress.com login page AND that the request to wp-login.php * is not something other than login (Like logout!) */ if ($this->wants_to_login() && Jetpack_SSO_Helpers::bypass_login_forward_wpcom()) { add_filter('allowed_redirect_hosts', array('Jetpack_SSO_Helpers', 'allowed_redirect_hosts')); $this->maybe_save_cookie_redirect(); $reauth = !empty($_GET['force_reauth']); $sso_url = $this->get_sso_url_or_die($reauth); JetpackTracking::record_user_event('sso_login_redirect_bypass_success'); wp_safe_redirect($sso_url); exit; } if ('login' === $action) { $this->display_sso_login_form(); } elseif ('jetpack-sso' === $action) { if (isset($_GET['result'], $_GET['user_id'], $_GET['sso_nonce']) && 'success' == $_GET['result']) { $this->handle_login(); $this->display_sso_login_form(); } else { if (Jetpack::check_identity_crisis()) { JetpackTracking::record_user_event('sso_login_redirect_failed', array('error_message' => 'identity_crisis')); wp_die(__("Error: This site's Jetpack connection is currently experiencing problems.", 'jetpack')); } else { $this->maybe_save_cookie_redirect(); // Is it wiser to just use wp_redirect than do this runaround to wp_safe_redirect? add_filter('allowed_redirect_hosts', array('Jetpack_SSO_Helpers', 'allowed_redirect_hosts')); $reauth = !empty($_GET['force_reauth']); $sso_url = $this->get_sso_url_or_die($reauth); JetpackTracking::record_user_event('sso_login_redirect_success'); wp_safe_redirect($sso_url); exit; } } } }
function login_init() { global $action; /** * If the user is attempting to logout AND the auto-forward to WordPress.com * login is set then we need to ensure we do not auto-forward the user and get * them stuck in an infinite logout loop. */ if (isset($_GET['loggedout']) && Jetpack_SSO_Helpers::bypass_login_forward_wpcom()) { add_filter('jetpack_remove_login_form', '__return_true'); } /** * Check to see if the site admin wants to automagically forward the user * to the WordPress.com login page AND that the request to wp-login.php * is not something other than login (Like logout!) */ if ($this->wants_to_login() && Jetpack_SSO_Helpers::bypass_login_forward_wpcom()) { add_filter('allowed_redirect_hosts', array($this, 'allowed_redirect_hosts')); $this->maybe_save_cookie_redirect(); $reauth = !empty($_GET['force_reauth']); $sso_url = $this->get_sso_url_or_die($reauth); JetpackTracking::record_user_event('sso_login_redirect_bypass_success'); wp_safe_redirect($sso_url); exit; } if ('login' === $action) { $this->display_sso_login_form(); } elseif ('jetpack-sso' === $action) { if (isset($_GET['result'], $_GET['user_id'], $_GET['sso_nonce']) && 'success' == $_GET['result']) { $this->handle_login(); $this->display_sso_login_form(); } else { if (Jetpack::check_identity_crisis()) { JetpackTracking::record_user_event('sso_login_redirect_failed', array('error_message' => 'identity_crisis')); wp_die(__("Error: This site's Jetpack connection is currently experiencing problems.", 'jetpack')); } else { $this->maybe_save_cookie_redirect(); // Is it wiser to just use wp_redirect than do this runaround to wp_safe_redirect? add_filter('allowed_redirect_hosts', array($this, 'allowed_redirect_hosts')); $reauth = !empty($_GET['force_reauth']); $sso_url = $this->get_sso_url_or_die($reauth); JetpackTracking::record_user_event('sso_login_redirect_success'); wp_safe_redirect($sso_url); exit; } } } }
function test_sso_helpers_sso_bypass_default_login_form_filter_false() { add_filter('jetpack_sso_bypass_login_forward_wpcom', '__return_false'); $this->assertFalse(Jetpack_SSO_Helpers::bypass_login_forward_wpcom()); remove_filter('jetpack_sso_bypass_login_forward_wpcom', '__return_false'); }