function xfac_edit_user_profile_update($wpUserId)
{
$config = xfac_option_getConfig();
if (empty($config)) {
return;
}
if (!empty($_POST['xfac_disconnect'])) {
foreach ($_POST['xfac_disconnect'] as $recordId => $confirmed) {
if ($confirmed) {
$record = xfac_user_getRecordById($recordId);
if ($record->user_id == $wpUserId) {
xfac_user_deleteRecord($record);
}
}
}
}
if (!empty($_POST['xfac_connect'])) {
$xfUserId = intval($_POST['xfac_connect']);
if ($xfUserId > 0) {
$adminAccessToken = xfac_user_getAdminAccessToken($config);
if (!empty($adminAccessToken)) {
$userAccessToken = xfac_api_postOauthTokenAdmin($config, $adminAccessToken, $xfUserId);
if (!empty($userAccessToken)) {
$result = xfac_api_getUsersMe($config, $userAccessToken['access_token']);
if (!empty($result['user']['user_id'])) {
xfac_syncLogin_syncRole($config, get_user_by('id', $wpUserId), $result['user']);
if (isset($_POST['role'])) {
// because we have already sync'd role, ignore role submitted via POST
unset($_POST['role']);
}
xfac_user_updateRecord($wpUserId, $config['root'], $xfUserId, $result['user'], $userAccessToken);
}
}
}
}
}
}
function xfac_set_user_role($wpUserId, $newRole, $oldRoles)
{
if (!empty($GLOBALS['XFAC_SKIP_xfac_set_user_role'])) {
return;
}
$config = xfac_option_getConfig();
$accessToken = xfac_user_getAccessToken($wpUserId);
if (empty($accessToken)) {
return;
}
$me = xfac_api_getUsersMe($config, $accessToken);
if (empty($me['user'])) {
return;
}
$xfUser = $me['user'];
$wpUser = new WP_User($wpUserId);
xfac_syncLogin_syncRole($config, $wpUser, $xfUser, false);
}
function _xfac_subscription_handleCallback_user($config, $ping)
{
$wpUserData = xfac_user_getUserDataByApiData($config['root'], $ping['object_data']);
if (empty($wpUserData)) {
return false;
}
$accessToken = xfac_user_getAccessToken($wpUserData->ID);
if (empty($accessToken)) {
return false;
}
$me = xfac_api_getUsersMe($config, $accessToken, false);
if (empty($me)) {
return false;
}
$xfUser = $me['user'];
$wpUser = new WP_User($wpUserData);
xfac_syncLogin_syncBasic($config, $wpUser, $xfUser);
xfac_syncLogin_syncRole($config, $wpUser, $xfUser);
if (xfac_user_updateRecord($wpUserData->ID, $config['root'], $xfUser['user_id'], $xfUser)) {
return 'updated user record';
} else {
return false;
}
}
function xfac_dashboardOptions_admin_init()
{
if (empty($_REQUEST['page'])) {
return;
}
if ($_REQUEST['page'] !== 'xfac') {
return;
}
if (!empty($_REQUEST['cron'])) {
switch ($_REQUEST['cron']) {
case 'hourly':
do_action('xfac_cron_hourly');
wp_redirect(admin_url('options-general.php?page=xfac&ran=hourly'));
exit;
}
} elseif (!empty($_REQUEST['do'])) {
switch ($_REQUEST['do']) {
case 'xfac_meta':
update_option('xfac_meta', array());
wp_redirect(admin_url('options-general.php?page=xfac&done=xfac_meta'));
break;
case 'xfac_xf_guest_account_submit':
$config = xfac_option_getConfig();
if (empty($config)) {
wp_die('no_config');
}
$username = $_REQUEST['xfac_guest_username'];
if (empty($username)) {
wp_die('no_username');
}
$password = $_REQUEST['xfac_guest_password'];
if (empty($password)) {
wp_die('no_password');
}
$token = xfac_api_getAccessTokenFromUsernamePassword($config, $username, $password);
if (empty($token)) {
wp_die('no_token');
}
$guest = xfac_api_getUsersMe($config, $token['access_token'], false);
if (empty($guest['user'])) {
wp_die('no_xf_user');
}
xfac_user_updateRecord(0, $config['root'], $guest['user']['user_id'], $guest['user'], $token);
$records = xfac_user_getRecordsByUserId(0);
$record = reset($records);
update_option('xfac_xf_guest_account', $record->id);
// force meta rebuild
update_option('xfac_meta', array());
wp_redirect(admin_url('options-general.php?page=xfac&done=xfac_xf_guest_account'));
break;
}
}
}
function xfac_login_init()
{
if (empty($_REQUEST['xfac'])) {
return;
}
$config = xfac_option_getConfig();
if (empty($config)) {
return;
}
$loginUrl = site_url('wp-login.php', 'login_post');
$redirectTo = xfac_api_getRedirectTo();
$redirectToRequested = isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '';
$redirectBaseUrl = $loginUrl . (strpos($loginUrl, '?') !== false ? '&' : '?') . 'redirect_to=' . urlencode($redirectTo);
$callbackUrl = $redirectBaseUrl . '&xfac=callback';
$token = false;
$associateConfirmed = false;
switch ($_REQUEST['xfac']) {
case 'callback':
define('XFAC_SYNC_LOGIN_SKIP_REDIRECT', 1);
if (!empty($_REQUEST['authorizeHash'])) {
$callbackUrl .= '&authorizeHash=' . urlencode($_REQUEST['authorizeHash']);
$associateConfirmed = _xfac_login_verifyAuthorizeHash($_REQUEST['authorizeHash']);
}
if (!empty($_REQUEST['code'])) {
$token = xfac_api_getAccessTokenFromCode($config, $_REQUEST['code'], $callbackUrl);
}
break;
case 'associate':
define('XFAC_SYNC_LOGIN_SKIP_REDIRECT', 1);
if (empty($_REQUEST['refresh_token'])) {
wp_redirect($redirectBaseUrl . '&xfac_error=no_refresh_token');
exit;
}
if (empty($_REQUEST['scope'])) {
wp_redirect($redirectBaseUrl . '&xfac_error=no_scope');
exit;
}
if (empty($_REQUEST['xf_user']) or !is_array($_REQUEST['xf_user'])) {
wp_redirect($redirectBaseUrl . '&xfac_error=no_request_xf_user');
exit;
}
if (empty($_REQUEST['user_login'])) {
wp_redirect($redirectBaseUrl . '&xfac_error=no_user_login');
exit;
}
$wpUserForAssociate = get_user_by('login', $_REQUEST['user_login']);
if (!$wpUserForAssociate instanceof WP_User) {
wp_redirect($redirectBaseUrl . '&xfac_error=no_user_login_found');
exit;
}
if (empty($_REQUEST['pwd'])) {
_xfac_login_renderAssociateForm($wpUserForAssociate, $_REQUEST['xf_user'], $_REQUEST['refresh_token'], $_REQUEST['scope'], $redirectTo);
exit;
}
$password = $_REQUEST['pwd'];
$authenticatedUser = wp_authenticate($wpUserForAssociate->user_login, $password);
if (is_wp_error($authenticatedUser) or $authenticatedUser->ID != $wpUserForAssociate->ID) {
_xfac_login_renderAssociateForm($wpUserForAssociate, $_REQUEST['xf_user'], $_REQUEST['refresh_token'], $_REQUEST['scope'], $redirectTo);
exit;
}
$token = xfac_api_getAccessTokenFromRefreshToken($config, $_REQUEST['refresh_token']);
$associateConfirmed = $wpUserForAssociate->ID;
break;
case 'authorize':
default:
$scope = '';
if (!empty($_REQUEST['admin'])) {
$scope = XFAC_API_SCOPE . ' admincp';
}
if ($_REQUEST['xfac'] === 'authorize') {
// user is requesting to connect their own account
// include a hash to skip the associate submission if possible
$callbackUrl .= '&authorizeHash=' . urlencode(_xfac_login_getAuthorizeHash());
}
$authorizeUrl = xfac_api_getAuthorizeUrl($config, $callbackUrl, $scope);
// wp_redirect($authorizeUrl);
// cannot use wp_redirect because wp_sanitize_redirect changes our url
// issues: it removes basic auth (http://user:password@path)
// TODO: find better way to do this
header("Location: {$authorizeUrl}", true, 302);
exit;
}
if (empty($token)) {
wp_redirect($redirectBaseUrl . '&xfac_error=no_token');
exit;
}
if (empty($token['scope'])) {
wp_redirect($redirectBaseUrl . '&xfac_error=no_scope');
exit;
}
$me = xfac_api_getUsersMe($config, $token['access_token']);
if (empty($me['user'])) {
wp_redirect($redirectBaseUrl . '&xfac_error=no_xf_user');
exit;
}
$xfUser = $me['user'];
$wpUser = xfac_user_getUserByApiData($config['root'], $xfUser['user_id']);
if (empty($wpUser)) {
// no user with the API data found
// find user with matching email...
if (!empty($xfUser['user_email'])) {
$wpUserMatchingEmail = get_user_by('email', $xfUser['user_email']);
if (!empty($wpUserMatchingEmail)) {
// user with matching email found
if (!$associateConfirmed) {
_xfac_login_renderAssociateForm($wpUserMatchingEmail, $xfUser, $token['refresh_token'], $token['scope'], $redirectTo);
exit;
} elseif ($associateConfirmed == $wpUserMatchingEmail->ID) {
// association has been confirmed
$wpUser = $wpUserMatchingEmail;
}
}
}
}
if (empty($wpUser)) {
$currentWpUser = wp_get_current_user();
if (!empty($currentWpUser) and $currentWpUser->ID > 0) {
// a user is currently logged in, try to associate now
if (!$associateConfirmed) {
_xfac_login_renderAssociateForm($currentWpUser, $xfUser, $token['refresh_token'], $token['scope'], $redirectTo);
exit;
} elseif ($associateConfirmed == $currentWpUser->ID) {
// association has been confirmed
$wpUser = $currentWpUser;
if ($redirectTo == admin_url('profile.php')) {
// redirect target is profile.php page, it will alter it a bit
$redirectTo = admin_url('profile.php?xfac=associated');
}
}
} else {
// no matching user found, try to register
if (!!get_option('users_can_register') or !!get_option('xfac_bypass_users_can_register')) {
$newUserId = wp_create_user($xfUser['username'], wp_generate_password(), $xfUser['user_email']);
if (is_wp_error($newUserId)) {
wp_redirect($redirectBaseUrl . '&xfac_error=register_error&message=' . urlencode($newUserId->get_error_message()));
exit;
}
$wpUser = new WP_User($newUserId);
} else {
wp_redirect($redirectBaseUrl . '&xfac_error=users_cannot_register');
exit;
}
}
}
if (!empty($wpUser)) {
xfac_syncLogin_syncBasic($config, $wpUser, $xfUser);
xfac_syncLogin_syncRole($config, $wpUser, $xfUser);
xfac_user_updateRecord($wpUser->ID, $config['root'], $xfUser['user_id'], $xfUser, $token);
wp_set_auth_cookie($wpUser->ID, true);
$redirectToFiltered = apply_filters('login_redirect', $redirectTo, $redirectToRequested, $wpUser);
wp_redirect($redirectToFiltered);
exit;
}
}
