PluginProbe ʕ •ᴥ•ʔ
Firebase Authentication / 1.1.2
Firebase Authentication v1.1.2
1.7.0 trunk 1.0.0 1.1.1 1.1.2 1.1.3 1.1.4 1.2.0 1.3.0 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.8 1.5.0 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.5.9 1.6.0 1.6.1 1.6.2 1.6.3 1.6.4 1.6.5 1.6.6 1.6.7 1.6.8 1.6.9
firebase-authentication / class-mo-firebase-config.php
firebase-authentication Last commit date
admin 6 years ago includes 6 years ago js 6 years ago languages 6 years ago public 6 years ago views 6 years ago LICENSE.txt 6 years ago README.txt 6 years ago class-contact-us.php 6 years ago class-mo-firebase-config.php 6 years ago firebase-authentication.php 6 years ago index.php 6 years ago uninstall.php 6 years ago
class-mo-firebase-config.php
200 lines
1 <?php
2
3 class Mo_Firebase_Config {
4 function __construct() {
5 add_action('init', array( $this, 'testconfig' ));
6 }
7 function testconfig() {
8 if ( isset($_POST['fb_jwt']) ) {
9 $user = $this->sample();
10 }
11
12 if( isset( $_REQUEST['mo_action'] ) && 'firebaselogin' === sanitize_text_field( wp_unslash( $_REQUEST['mo_action'] ) ) && isset( $_REQUEST['test'] ) && 'true' === wp_unslash( $_REQUEST['test'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['mo_firebase_auth_test_config_field'] ) ), 'mo_firebase_auth_test_config_form' ) ) {
13
14 $project_id = get_option('mo_firebase_auth_project_id');
15 $api_key = get_option('mo_firebase_auth_api_key');
16 wp_register_script( 'mo_firebase_app_main_script', plugins_url( 'admin/js/firebase-auth-main-script.js', __FILE__), [ 'jquery' ], false, true );
17 wp_enqueue_script( 'mo_firebase_app_main_script' );
18 wp_register_script( 'mo_firebase_testconfig_script', plugins_url( 'js/firebase-test-config.js', __FILE__), [ 'jquery' ] );
19 $data = [];
20 $data['api_key'] = get_option( 'mo_firebase_auth_api_key' );
21 $data['project_id'] = get_option( 'mo_firebase_auth_project_id' );
22 $data['test_username'] = isset( $_POST['test_username'] ) ? sanitize_text_field( $_POST['test_username'] ) : '';
23 $data['test_password'] = isset( $_POST['test_password'] ) ? sanitize_text_field( $_POST['test_password'] ) : '';
24 $data['test_check_field'] = isset( $_POST['test_check_field'] ) ? sanitize_text_field( $_POST['test_check_field'] ) : '';
25 wp_localize_script( 'mo_firebase_testconfig_script', 'firebase_data_testconfig', $data );
26 wp_enqueue_script( 'mo_firebase_testconfig_script', plugins_url( 'js/firebase-test-config.js', __FILE__), ['jquery'], false, true );
27 }
28 }
29
30 function sample() {
31 if ( isset( $_POST['fb_jwt'] ) && sanitize_text_field( wp_unslash( $_POST['fb_jwt'] ) ) == 'empty_string' ) {
32 if ( isset( $_POST['fb_is_test'] ) && sanitize_text_field( wp_unslash( $_POST['fb_is_test'] ) ) == 'test_check_true' ) {
33 echo '<div style="font-family:Calibri;padding: 0 30%;">';
34 echo '<h1 style="color:#d9534f;text-align:center;">test failed</h1>';
35 if ( isset( $_POST['fb_error_msg'] ) ) {
36 echo '<h4 style="text-align:center;"><b>ERROR :</b>'.sanitize_text_field( wp_unslash( $_POST['fb_error_msg'] ) ).'</h4>';
37 }
38 echo '</div>';
39 echo '<div style="padding: 10px;"></div><div style="position:absolute;padding:0 46%;"><input style="padding:1%;width:100px;height:30px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Close" onClick="self.close();"></div>';
40 exit();
41 }
42 $error = new WP_Error();
43 $error->add( "error_fetching_user", __( "<strong>ERROR</strong>: user doesn't exist !!." ) );
44 return $error;
45 }
46
47 if ( isset( $_POST['fb_jwt'] ) && sanitize_text_field( wp_unslash( $_POST['fb_jwt'] ) ) != 'empty_string' ) {
48 $payload = $this->decode_jwt( sanitize_text_field( wp_unslash( $_POST['fb_jwt'] ) ) );
49
50 if ( isset( $_POST['fb_is_test'] ) && sanitize_text_field( wp_unslash( $_POST['fb_is_test'] ) ) == 'test_check_true' ) {
51 echo '<div style="font-family:Calibri;margin: auto;padding:5%;">';
52 echo '<h1 style="color:#00C851;text-align:center;">Test Successful !</h1>';
53 echo '<style>table{border-collapse:collapse;}th {background-color: #eee; text-align: center; padding: 8px; border-width:1px; border-style:solid; border-color:#212121;}tr:nth-child(odd) {background-color: #f2f2f2;} td{padding:8px;border-width:1px; border-style:solid; border-color:#212121;}</style>';
54 echo '<h3 style="text-align:center;">Test Configuration</h3><table style="margin: auto;"><tr><th>Attribute Name</th><th>Attribute Value</th></tr>';
55 $this->testattrmappingconfig( "", $payload );
56 echo '</table></div>';
57 echo '<div style="margin: auto;padding: 10px;></div><div style="margin: auto;position:absolute;padding:0 46%;"><input style="padding:8px;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>';
58 exit();
59 }
60
61 $user = $this->getUser( $payload );
62 if ( $user ) {
63 $user_id = $user->ID;
64 wp_set_auth_cookie( $user_id, true );
65 wp_redirect( home_url() );
66 exit;
67 }
68
69 //$user = get_user_by('email',$email);
70
71 }
72 }
73
74 function testattrmappingconfig( $nestedprefix, $payload ) {
75 foreach ( $payload as $key => $value ){
76 if ( is_array( $value ) || is_object( $value ) ) {
77 if ( ! empty( $nestedprefix ) ) {
78 $nestedprefix .= ".";
79 }
80 $this->testattrmappingconfig( $nestedprefix.$key, $value );
81 } else {
82 echo '<tr><td>';
83 if ( ! empty( $nestedprefix ) )
84 echo $nestedprefix.".";
85 echo $key.'</td><td>'.$value.'</td></tr>';
86 }
87 }
88 }
89
90 function decode_jwt( $jwt_token ) {
91 $flag = 0;
92 $pieces = explode( ".", $jwt_token );
93 $jwt_data = $pieces[0].".".$pieces[1];
94 $jwt_signature = str_replace( ['-','_'], ['+','/'], $pieces[2] );
95 $jwt_signature = base64_decode( $jwt_signature );
96 $jwt_header = json_decode( base64_decode( str_replace( ['-','_'], ['+','/'], $pieces[0] ) ), true );
97
98 $alg = $jwt_header['alg'];
99 $kid = $jwt_header['kid'];
100
101 if ( strpos( $alg, "RS" ) !== false ) {
102 $algorithm = "RSA";
103 $sha = explode( "RS", $alg )[1];
104 }
105
106 $kid_stored = get_option( 'mo_firebase_auth_kid1' );
107 if ( $kid_stored != $kid ) {
108 $flag = 1;
109 $kid_stored = get_option( 'mo_firebase_auth_kid2' );
110 }
111 if ( $kid_stored == $kid ) {
112 if ( $flag == 0 ) {
113 $jwt_raw_certificate = get_option( 'mo_firebase_auth_cert1' );
114 } else {
115 $jwt_raw_certificate = get_option( 'mo_firebase_auth_cert2' );
116 }
117 } else {
118 echo "Please update your information by clicking on <b>Configuration</b> button in Firebase Authentication plugin and then try.";
119 exit;
120 }
121
122 $public_key = "";
123 $parts = explode( "-----", $jwt_raw_certificate );
124
125 if ( preg_match( '/\r\n|\r|\n/', $parts[2] ) ) {
126 $public_key = $jwt_raw_certificate;
127 } else {
128 $encoding = "-----".$parts[1]."-----\n";
129 $offset = 0;
130 while ( $segment = substr( $parts[2], $offset, 64 ) ) {
131 $encoding .= $segment."\n";
132 $offset += 64;
133 }
134 $encoding .= "-----".$parts[3]."-----\n";
135 $public_key = $encoding;
136 }
137
138 switch ( $sha ) {
139 case '256':
140 $verified = openssl_verify( $jwt_data, $jwt_signature, $public_key, OPENSSL_ALGO_SHA256 );
141 break;
142 case '384':
143 $verified = openssl_verify( $jwt_data, $jwt_signature, $public_key, OPENSSL_ALGO_SHA384 );
144 break;
145 case '512':
146 $verified = openssl_verify( $jwt_data, $jwt_signature, $public_key, OPENSSL_ALGO_SHA512 );
147 break;
148 default:
149 $verified = false;
150 break;
151 }
152
153 if ( ! $verified ) {
154 echo "Invalid Token";
155 exit();
156 }
157
158 $jwt_payload = json_decode( base64_decode( $pieces[1] ), true );
159 return $jwt_payload;
160
161 }
162
163 function getUser( $jwt_payload )
164 {
165 if ( isset( $jwt_payload['email'] ) ){
166 $email = $jwt_payload['email'];
167 $user = get_user_by( "email", $email );
168 if ( ! $user ) {
169 $user = get_user_by( 'login', $user_email );
170 if ( $user ) {
171 return $user;
172 } else {
173 $user_password = wp_generate_password( 10, false );
174
175 $userdata = array(
176 'user_login' => $email,
177 'user_pass' => $user_password,
178 'user_email' => $email,
179 );
180
181 $user_id = wp_insert_user( $userdata );
182
183 if ( ! is_wp_error( $user_id ) )
184 {
185 //Store disting
186 // shedName in User Meta
187 update_user_meta( $user_id, 'mo_firebase_user_dn', false );
188 }
189
190 $user = get_user_by( 'email', $email );
191 return $user;
192 }
193 } else if( $user ) {
194 return $user;
195 }
196 }
197 }
198 }
199
200 $mo_firebase_config_obj = new Mo_Firebase_Config();