/** * launchkey_admin_callback - performed during admin_init action * */ public function launchkey_admin_callback() { $options = $this->get_option(); if (isset($_GET['launchkey_admin_pair'])) { $user = $this->wp_facade->wp_get_current_user(); $this->launchkey_pair("", $user->data); } //check status of oauth access token if (isset($_COOKIE['launchkey_access_token'])) { $args = array('httpversion' => '1.1', 'headers' => array('Authorization' => 'Bearer ' . $_COOKIE['launchkey_access_token'], 'Connection' => 'close'), 'sslverify' => $options[LaunchKey_WP_Options::OPTION_SSL_VERIFY], 'timeout' => $options[LaunchKey_WP_Options::OPTION_REQUEST_TIMEOUT]); $oauth_response = $this->wp_facade->wp_remote_post("{$this->base_url}/resource/ping", $args); $response_object = $oauth_response instanceof WP_Error ? null : json_decode($oauth_response['body'], true); if ($response_object && isset($response_object['message'])) { if ($response_object['message'] != 'valid') { //refresh_token if (isset($_COOKIE['launchkey_refresh_token'])) { //prepare data for access token $data = array('httpversion' => '1.1', 'body' => array('client_id' => $options[LaunchKey_WP_Options::OPTION_ROCKET_KEY], 'client_secret' => $options[LaunchKey_WP_Options::OPTION_SECRET_KEY], 'redirect_uri' => $this->wp_facade->admin_url(), 'refresh_token' => $_COOKIE['launchkey_refresh_token'], 'grant_type' => "refresh_token"), 'sslverify' => $options[LaunchKey_WP_Options::OPTION_SSL_VERIFY], 'timeout' => $options[LaunchKey_WP_Options::OPTION_REQUEST_TIMEOUT], 'headers' => array('Connection' => 'close')); //make oauth call $oauth_get = $this->wp_facade->wp_remote_post("{$this->base_url}/access_token", $data); if (!$this->wp_facade->is_wp_error($oauth_get)) { $oauth_response = json_decode($oauth_get['body'], true); } else { $this->wp_facade->wp_logout(); $this->wp_facade->wp_redirect($this->wp_facade->wp_login_url() . "?launchkey_ssl_error=1"); return; } if (isset($oauth_response['refresh_token']) && isset($oauth_response['access_token'])) { $launchkey_access_token = $oauth_response['access_token']; $launchkey_refresh_token = $oauth_response['refresh_token']; $timestamp = $this->wp_facade->current_time('timestamp', true); $launchkey_expires = $timestamp + $oauth_response['expires_in']; $cookie_expires = $timestamp + 86400 * 30; $this->wp_facade->setcookie('launchkey_access_token', $launchkey_access_token, $cookie_expires, COOKIEPATH, COOKIE_DOMAIN); $this->wp_facade->setcookie('launchkey_refresh_token', $launchkey_refresh_token, $cookie_expires, COOKIEPATH, COOKIE_DOMAIN); $this->wp_facade->setcookie('launchkey_expires', $launchkey_expires, $cookie_expires, COOKIEPATH, COOKIE_DOMAIN); } else { $this->wp_facade->wp_logout(); $this->wp_facade->wp_redirect($this->wp_facade->wp_login_url() . "?loggedout=1"); return; } } else { $this->wp_facade->wp_logout(); $this->wp_facade->wp_redirect($this->wp_facade->wp_login_url() . "?loggedout=1"); return; } } } else { $this->wp_facade->wp_logout(); $this->wp_facade->wp_redirect($this->wp_facade->wp_login_url() . "?launchkey_ssl_error=1"); return; } } }
/** * Hearbeat filter to see if a LaunchKey authenticated user has been de-orbited and log them out if that is the case * * @since 1.0.0 */ public function launchkey_still_authenticated_heartbeat() { /** * If the current session */ if ($this->wp_facade->is_user_logged_in()) { // Get the current user $user = $this->wp_facade->wp_get_current_user(); // If they have been de-authorized if (false === $this->get_user_authorized($user->ID)) { // Log out the user $this->wp_facade->wp_logout(); // Reset the LaunchKey auth properties $this->reset_auth($user->ID); } } }