public function connect_clef_account()
{
if (ClefUtils::isset_GET('connect_clef_account') && ClefUtils::isset_get('code')) {
try {
$info = ClefUtils::exchange_oauth_code_for_info(ClefUtils::isset_GET('code'), $this->settings);
$result = ClefUtils::associate_clef_id($info->id);
if (is_wp_error($result)) {
$this->connect_error = $result;
} else {
$session = ClefSession::start();
$session->set('logged_in_at', time());
return;
}
} catch (LoginException $e) {
$this->connect_error = new WP_Error("bad_oauth_exchange", $e->getMessage());
} catch (ClefStateException $e) {
$this->connect_error = new WP_Error("bad_state_parameter", $e->getMessage());
}
}
}
public static function verify_state()
{
$state = ClefUtils::isset_GET('state') ? ClefUtils::isset_GET('state') : ClefUtils::isset_POST('state');
$session = ClefSession::start();
if ($session->get('state') && $state && $session->get('state') == $state) {
$session->set('state', null);
return true;
} else {
throw new ClefStateException('The state parameter is not verified. Please refresh your page and try again, you may be experiencing a CSRF attempt');
}
}
public function multisite_settings_edit()
{
if ($_SERVER['REQUEST_METHOD'] === 'POST' && ClefUtils::isset_GET('page') == 'clef' && ClefUtils::isset_GET('action') == 'clef_multisite' && !is_network_admin()) {
if (!wp_verify_nonce($_POST['_wpnonce'], 'clef_multisite')) {
die(__("Security check; nonce failed.", "wpclef"));
}
$override = get_option(ClefInternalSettings::MS_OVERRIDE_OPTION);
if (!add_option(ClefInternalSettings::MS_OVERRIDE_OPTION, !$override)) {
update_option(ClefInternalSettings::MS_OVERRIDE_OPTION, !$override);
}
wp_redirect(add_query_arg(array('page' => $this->settings->settings_path, 'updated' => 'true'), admin_url('admin.php')));
exit;
}
}
public static function verify_state()
{
$request_state = ClefUtils::isset_GET('state') ? ClefUtils::isset_GET('state') : ClefUtils::isset_POST('state');
$correct_state = ClefUtils::get_state();
if ($request_state && $correct_state && $correct_state == $request_state) {
ClefUtils::initialize_state(true);
return true;
} else {
throw new ClefStateException('The state parameter is not verified. This may be due to this page being cached by another WordPress plugin. Please refresh your page and try again');
}
}
public function add_login_form_classes($classes)
{
if (!$this->settings->is_configured()) {
return $classes;
}
array_push($classes, 'clef-login-form');
$override_key = ClefUtils::isset_GET('override');
$valid_override_or_invite = $this->is_valid_override_key($override_key) || $this->has_valid_invite_code();
if ($valid_override_or_invite) {
array_push($classes, 'clef-override-or-invite');
}
if ($this->settings->get('clef_password_settings_force')) {
array_push($classes, 'clef-hidden');
}
if (isset($this->clef_id_to_connect)) {
array_push($classes, 'clef-auto-connect-account');
}
if ($this->settings->should_embed_clef_login()) {
array_push($classes, 'clef-login-form-embed');
}
// used to show username and password form in worst case scenario
// where javascript fails and on-page toggle fails
$show_username_password_form = ClefUtils::isset_GET('clefup') == 'true';
if ($show_username_password_form) {
array_push($classes, 'clef-show-username-password');
}
return $classes;
}
public static function verify_state()
{
$request_state = ClefUtils::isset_GET('state') ? ClefUtils::isset_GET('state') : ClefUtils::isset_POST('state');
$correct_state = ClefUtils::get_state();
if ($request_state && $correct_state && $correct_state == $request_state) {
ClefUtils::initialize_state(true);
return true;
} else {
throw new ClefStateException('The state parameter is not verified. This may be due to this page being cached by another WordPress plugin. Please refresh your page and try again. If the issue persists, please follow <a href="http://support.getclef.com/article/95-the-state-parameter-is-not-verified-error#caching" target="_blank">this guide</a> to debug the issue.');
}
}
