public static function getUser($jwt) { global $wpdb; if ($jwt instanceof WP_User) { return $jwt; } $user_property = esc_sql(JWT_AUTH_Options::get('user_property')); $jwt_attribute = JWT_AUTH_Options::get('jwt_attribute'); if (trim($user_property) == '' || trim($jwt_attribute) == '') { return; } $id = $jwt->{$jwt_attribute}; $sql = 'SELECT u.* FROM ' . $wpdb->users . ' WHERE ' . $user_property . ' = %s'; $userRow = $wpdb->get_row($wpdb->prepare($sql, $id)); if (is_null($userRow)) { return null; } elseif ($userRow instanceof WP_Error) { self::insertAuth0Error('findAuth0User', $userRow); return null; } $user = new WP_User(); $user->init($userRow); return $user; }
protected static function decodeJWT($encUser) { require_once JWT_AUTH_PLUGIN_DIR . 'lib/php-jwt/Exceptions/BeforeValidException.php'; require_once JWT_AUTH_PLUGIN_DIR . 'lib/php-jwt/Exceptions/ExpiredException.php'; require_once JWT_AUTH_PLUGIN_DIR . 'lib/php-jwt/Exceptions/SignatureInvalidException.php'; require_once JWT_AUTH_PLUGIN_DIR . 'lib/php-jwt/Authentication/JWT.php'; $aud = JWT_AUTH_Options::get('aud'); $secret = JWT_AUTH_Options::get('secret'); $secret_base64_encoded = JWT_AUTH_Options::get('secret_base64_encoded'); if ($secret_base64_encoded) { $secret = base64_decode(strtr($secret, '-_', '+/')); } try { // Decode the user $decodedToken = \JWT::decode($encUser, $secret, ['HS256']); // validate that this JWT was made for us if ($decodedToken->aud != $aud) { throw new Exception("This token is not intended for us."); } } catch (\UnexpectedValueException $e) { throw new Exception($e->getMessage()); } return $decodedToken; }
public static function isJWTConfigured() { return JWT_AUTH_Options::get('aud') == WP_Auth0_Options::get('client_id') && JWT_AUTH_Options::get('secret') == WP_Auth0_Options::get('client_secret') && JWT_AUTH_Options::get('secret_base64_encoded') && WP_Auth0_Options::get('jwt_auth_integration') && JWT_AUTH_Options::get('jwt_attribute') == 'sub'; }
public static function render_jwt_attribute() { $v = JWT_AUTH_Options::get('jwt_attribute'); echo '<input type="text" name="' . JWT_AUTH_Options::OPTIONS_NAME . '[jwt_attribute]" id="jwt_auth_jwt_attribute" value="' . esc_attr($v) . '"/>'; echo '<br/><span class="description">' . __('JWT Attribute the plugin should use to match the users.', JWT_AUTH_LANG) . '</span>'; }