PluginProbe ʕ •ᴥ•ʔ
Firebase Authentication / 1.0.0
Firebase Authentication v1.0.0
trunk 1.0.0 1.1.1 1.1.2 1.1.3 1.1.4 1.2.0 1.3.0 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.8 1.5.0 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.5.9 1.6.0 1.6.1 1.6.2 1.6.3 1.6.4 1.6.5 1.6.6 1.6.7 1.6.8 1.6.9
firebase-authentication / firebase-authentication.php
firebase-authentication Last commit date
admin 6 years ago includes 6 years ago js 6 years ago languages 6 years ago public 6 years ago LICENSE.txt 6 years ago README.txt 6 years ago class-mo-firebase-config.php 6 years ago firebase-authentication.php 6 years ago index.php 6 years ago uninstall.php 6 years ago
firebase-authentication.php
160 lines
1 <?php
2
3
4 /**
5 *
6 * @link https://miniorange.com
7 * @since 1.0.0
8 * @package Firebase_Authentication
9 *
10 * @wordpress-plugin
11 * Plugin Name: Firebase Authentication
12 * Plugin URI: http://miniorange.com
13 * Description: This plugin allows login into Wordpress using Firebase as Identity provider.
14 * Version: 1.0.0
15 * Author: miniOrange
16 * Author URI: https://miniorange.com
17 * License: GPL2
18 */
19
20 // If this file is called directly, abort.
21 if ( ! defined( 'WPINC' ) ) {
22 die;
23 }
24
25 /**
26 * Currently plugin version.
27 * Start at version 1.0.0 and use SemVer - https://semver.org
28 * Rename this for your plugin and update it as you release new versions.
29 */
30 define( 'MO_FIREBASE_AUTHENTICATION_VERSION', '1.0.0' );
31
32 /**
33 * The code that runs during plugin activation.
34 * This action is documented in includes/class-firebase-authentication-activator.php
35 */
36 function mo_firebase_activate_firebase_authentication() {
37 require_once plugin_dir_path( __FILE__ ) . 'includes/class-firebase-authentication-activator.php';
38 MO_Firebase_Authentication_Activator::activate();
39 }
40
41 /**
42 * The code that runs during plugin deactivation.
43 * This action is documented in includes/class-firebase-authentication-deactivator.php
44 */
45 function mo_firebase_deactivate_firebase_authentication() {
46 require_once plugin_dir_path( __FILE__ ) . 'includes/class-firebase-authentication-deactivator.php';
47 MO_Firebase_Authentication_Deactivator::deactivate();
48 }
49
50 register_activation_hook( __FILE__, 'mo_firebase_activate_firebase_authentication' );
51 register_deactivation_hook( __FILE__, 'mo_firebase_deactivate_firebase_authentication' );
52
53 /**
54 * The core plugin class that is used to define internationalization,
55 * admin-specific hooks, and public-facing site hooks.
56 */
57 require plugin_dir_path( __FILE__ ) . 'includes/class-firebase-authentication.php';
58 require_once 'class-mo-firebase-config.php';
59
60 /**
61 * Begins execution of the plugin.
62 *
63 * Since everything within the plugin is registered via hooks,
64 * then kicking off the plugin from this point in the file does
65 * not affect the page life cycle.
66 *
67 * @since 1.0.0
68 */
69 function mo_firebase_run_firebase_authentication() {
70
71 $plugin = new MO_Firebase_Authentication();
72 $plugin->run();
73
74 }
75 mo_firebase_run_firebase_authentication();
76
77 class mo_firebase_authentication_login {
78 function __construct() {
79 add_action( 'init', array( $this, 'postResgiter' ) );
80 if ( get_option( 'mo_enable_firebase_auth' ) == 1 ) {
81 remove_filter( 'authenticate', 'wp_authenticate_username_password', 20, 3 );
82 add_filter( 'authenticate', array( $this, 'mo_firebase_auth' ), 0, 3 );
83 }
84 }
85
86 function postResgiter() {
87 if ( isset( $_POST['verify_user'] ) && isset( $_REQUEST['page'] ) && sanitize_text_field( wp_unslash( $_REQUEST['page'] ) ) == 'mo_firebase_configuration' && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['mo_firebase_auth_config_field'] ) ), 'mo_firebase_auth_config_form' ) ) {
88
89 if( current_user_can( 'administrator' ) ) {
90 update_option( 'mo_firebase_auth_disable_wordpress_login', isset( $_POST['disable_wordpress_login'] ) ? (int)filter_var( $_POST['disable_wordpress_login'], FILTER_SANITIZE_NUMBER_INT ) : 0 );
91
92 $project_id = isset( $_POST['projectid'] ) ? sanitize_text_field( $_POST['projectid'] ) : '';
93 update_option( 'mo_firebase_auth_project_id', $project_id );
94
95 $api_key = isset( $_POST['apikey'] ) ? sanitize_text_field( $_POST['apikey'] ) : '';
96 update_option( 'mo_firebase_auth_api_key', $api_key );
97
98 $response = wp_remote_get( 'https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com' );
99 if ( is_array( $response ) ) {
100 $header = $response['headers']; // array of http header lines
101 $body = $response['body']; // use the content
102
103 $split_result = explode( ":", $body );
104
105 $kid1 = substr( $split_result[0], 5, 40 );
106 $s = explode( ",", $split_result[1] );
107 $c1 = substr( $s[0], 2, 1158 );
108 $kid2 = substr( $s[1], 4, 40);
109 $c2 = explode( "}", $split_result[2] );
110 $c2[0] = substr( $c2[0], 2, 1158 );
111 $c1 = str_replace( '\n', '', $c1 );
112 update_option( 'mo_firebase_auth_kid1', $kid1 );
113 update_option( 'mo_firebase_auth_cert1', $c1 );
114 $c2[0] = str_replace( '\n', '', $c2[0] );
115 update_option( 'mo_firebase_auth_kid2', $kid2 );
116 update_option( 'mo_firebase_auth_cert2', $c2[0] );
117 }
118 }
119 }
120 }
121
122
123 function mo_firebase_auth( $user, $username, $password ) {
124 if( "POST" !== sanitize_text_field( wp_unslash( $_SERVER['REQUEST_METHOD'] ) ) ) {
125 return $user;
126 }
127 if ( empty( $username ) || empty ( $password ) ) {
128
129 $error = new WP_Error();
130
131 if( isset( $_POST['fb_error_msg'] ) ) {
132 $error->add( 'firebase_error_msg', __( '<strong>ERROR</strong>: '.esc_html( $_POST['fb_error_msg'] ) ) );
133 }
134
135 //create new error object and add errors to it.
136
137
138 else if ( empty( $username ) ) { //No email
139 $error->add( 'empty_username', __( '<strong>ERROR</strong>: Email field is empty.' ) );
140 }
141
142 else if ( empty( $password ) ) { //No password
143 $error->add( 'empty_password', __( '<strong>ERROR</strong>: Password field is empty.' ) );
144 }
145 return $error;
146 }
147 if ( boolval( get_option( 'mo_firebase_auth_disable_wordpress_login' ) ) == false ) {
148 $user = get_user_by( "login", $username );
149 if( !$user ) {
150 $user = get_user_by( "email", $username );
151 }
152 if ( $user && wp_check_password( $password, $user->data->user_pass, $user->ID ) ) {
153 return $user;
154 }
155 }
156 }
157
158 }
159
160 $mo_firebase_authentication_obj = new mo_firebase_authentication_login();