public function test_is_debug_log()
{
if (!defined('WP_DEBUG_LOG')) {
define('WP_DEBUG_LOG', true);
}
$this->assertEquals(WP_DEBUG_LOG, $this->facade->is_debug_log());
}
/**
* @param $user_id
* @param $launchkey_username
*
* @return null|WP_Error
*/
private function authenticate_user($user_id, $launchkey_username)
{
// reset user authentication
$this->reset_auth($user_id);
// Get the auth client from the SDK
$auth = $this->launchkey_client->auth();
try {
// Authenticate and get the request ID
$auth_request = $auth->authenticate($launchkey_username)->getAuthRequestId();
// Set the auth request ID in the user metadata to be available to the server side event
$this->wp_facade->update_user_meta($user_id, 'launchkey_auth', $auth_request);
// Loop until a response has been recorded by the SSE callback
do {
// Sleep before checking for the response to not kill the server
sleep(1);
// See if the user has authorized
$auth = $this->get_user_authorized($user_id);
} while (null === $auth);
// If the response is null, continue the loop
if ($auth) {
// If the user accepted, return true
$response = true;
} else {
// Otherwise, return an error
$response = new WP_Error('launchkey_authentication_denied', $this->wp_facade->__('Authentication denied!', $this->language_domain));
}
} catch (Exception $e) {
// Process exceptions appropriately
$response = new WP_Error();
if ($e instanceof \LaunchKey\SDK\Service\Exception\NoPairedDevicesError) {
$response->add('launchkey_authentication_denied', $this->wp_facade->__('No Paired Devices!', $this->language_domain));
} elseif ($e instanceof \LaunchKey\SDK\Service\Exception\NoSuchUserError) {
$response->add('launchkey_authentication_denied', $this->wp_facade->__('Authentication denied!', $this->language_domain));
} elseif ($e instanceof \LaunchKey\SDK\Service\Exception\RateLimitExceededError) {
$response->add('launchkey_authentication_denied', $this->wp_facade->__('Authentication denied!', $this->language_domain));
} elseif ($e instanceof \LaunchKey\SDK\Service\Exception\ExpiredAuthRequestError) {
$response->add('launchkey_authentication_timeout', $this->wp_facade->__('Authentication denied!', $this->language_domain));
} else {
if ($this->wp_facade->is_debug_log()) {
$this->wp_facade->error_log('Error authenticating user with Launchkey: ' . $e->getMessage());
}
$response->add('launchkey_authentication_error', $this->wp_facade->__('Authentication error! Please try again later', $this->language_domain));
}
}
return $response;
}
/**
* Logout the user and perform a de-orbit if there is a known LaunchKey auth_request
*
* @since 1.0.0
*/
public function logout()
{
// If there is a current user
if ($user = $this->wp_facade->wp_get_current_user()) {
// And that user has logged in with LaunchKey
if (!empty($user->launchkey_auth)) {
try {
// De-orbit the auth
$this->launchkey_client->auth()->deOrbit($user->launchkey_auth);
} catch (Exception $e) {
if ($this->wp_facade->is_debug_log()) {
$this->wp_facade->error_log('LaunchKey Error on native client log out: ' . $e->getMessage());
}
}
}
// Remove the aith data for the user
$this->reset_auth($user->ID);
}
}
private function debug_log($level, $message, array $context = array())
{
if ($this->wp_facade->is_debug_log()) {
$this->log($level, $message, $context);
}
}
public function wizard_easy_setup_callback()
{
$headers = array();
array_walk($_SERVER, function ($value, $key) use(&$headers) {
if (preg_match('/^HTTP\\_(.+)$/', $key, $matches)) {
$headers[str_replace('_', '-', $matches[1])] = $value;
}
});
preg_match('/^[^\\/]+\\/(.*)$/', $_SERVER['SERVER_PROTOCOL'], $matches);
$protocol_version = $matches ? $matches[1] : null;
$request = new Request($_SERVER['REQUEST_METHOD'], $_SERVER['REQUEST_URI'], $headers, $this->wp_facade->fopen('php://input', 'rb'), $protocol_version);
$http_response = new Response();
if ($request->hasHeader('signature')) {
try {
// Have the SDK client handle the callback
$response = $this->launchkey_client->serverSentEvent()->handleEvent($request, $http_response);
if ($response instanceof \LaunchKey\SDK\Domain\RocketCreated) {
$config = $this->get_option(LaunchKey_WP_Configuration_Wizard::EASY_SETUP_OPTION);
if (empty($config['nonce']) || !$config['nonce'] instanceof \LaunchKey\SDK\Domain\NonceResponse) {
throw new \LaunchKey\SDK\Service\Exception\InvalidRequestError(sprintf('Easy config request with no valid "nonce" in option "%s"', LaunchKey_WP_Configuration_Wizard::EASY_SETUP_OPTION));
}
// Delete the option, valid or not.
$this->wp_facade->delete_option(LaunchKey_WP_Configuration_Wizard::EASY_SETUP_OPTION);
// Check for expiration of the nonce
$expires = $config['nonce']->getExpiration();
if ($expires <= new DateTime("now", new DateTimeZone("UTC"))) {
throw new \LaunchKey\SDK\Service\Exception\InvalidRequestError('Easy config "nonce" has expired');
}
$rocketConfig = $response->getRocketConfig($this->crypt_service, $config['nonce']->getNonce());
$expected_callback_url = $this->wp_facade->admin_url('admin-ajax.php?action=' . LaunchKey_WP_Native_Client::CALLBACK_AJAX_ACTION);
// Verify the callback URL before attempting to decrypt the data
$actual_callback_url = $rocketConfig->getCallbackURL();
if ($actual_callback_url !== $expected_callback_url) {
throw new \LaunchKey\SDK\Service\Exception\InvalidRequestError(sprintf('Easy config is not for this site based on callback. Expected: %s, Actual: %s.', $expected_callback_url, $actual_callback_url));
}
$options = $this->get_option(LaunchKey_WP_Admin::OPTION_KEY);
$rocket_type = $rocketConfig->isWhiteLabel() ? LaunchKey_WP_Implementation_Type::WHITE_LABEL : LaunchKey_WP_Implementation_Type::NATIVE;
// Update options from server sent event service response
$options[LaunchKey_WP_Options::OPTION_IMPLEMENTATION_TYPE] = $rocket_type;
$options[LaunchKey_WP_Options::OPTION_ROCKET_KEY] = $rocketConfig->getKey();
$options[LaunchKey_WP_Options::OPTION_SECRET_KEY] = $rocketConfig->getSecret();
$options[LaunchKey_WP_Options::OPTION_PRIVATE_KEY] = $rocketConfig->getPrivateKey();
$this->update_option(LaunchKey_WP_Admin::OPTION_KEY, $options);
$response_string = "";
$body = $http_response->getBody();
$body->rewind();
while ($segment = $body->read(256)) {
$response_string .= $segment;
}
$this->wp_facade->header("Content-Type: text/plain", true, $http_response->getStatusCode());
$this->wp_facade->wp_die($response_string);
}
} catch (\Exception $e) {
if ($this->wp_facade->is_debug_log()) {
$this->wp_facade->error_log('Callback Exception: ' . $e->getMessage());
}
if ($e instanceof \LaunchKey\SDK\Service\Exception\InvalidRequestError) {
$this->wp_facade->http_response_code(400);
$this->wp_facade->wp_die('Invalid Request');
} else {
$this->wp_facade->http_response_code(500);
$this->wp_facade->wp_die('Server Error');
}
}
}
}
