firebase-authentication
Last commit date
admin
6 years ago
includes
6 years ago
js
6 years ago
languages
6 years ago
public
6 years ago
views
6 years ago
README.txt
6 years ago
class-contact-us.php
6 years ago
class-mo-firebase-config.php
6 years ago
firebase-authentication.php
6 years ago
index.php
6 years ago
uninstall.php
6 years ago
firebase-authentication.php
281 lines
| 1 | <?php |
| 2 | |
| 3 | |
| 4 | /** |
| 5 | * |
| 6 | * @link https://miniorange.com |
| 7 | * @since 1.0.0 |
| 8 | * @package Firebase_Authentication |
| 9 | * |
| 10 | * @wordpress-plugin |
| 11 | * Plugin Name: Firebase Authentication |
| 12 | * Plugin URI: firebase-authentication |
| 13 | * Description: This plugin allows login into Wordpress using Firebase as Identity provider. |
| 14 | * Version: 1.1.4 |
| 15 | * Author: miniOrange |
| 16 | * Author URI: https://miniorange.com |
| 17 | * License: MIT/Expat |
| 18 | */ |
| 19 | |
| 20 | |
| 21 | // If this file is called directly, abort. |
| 22 | if ( ! defined( 'WPINC' ) ) { |
| 23 | die; |
| 24 | } |
| 25 | |
| 26 | /** |
| 27 | * Currently plugin version. |
| 28 | * Start at version 1.0.0 and use SemVer - https://semver.org |
| 29 | * Rename this for your plugin and update it as you release new versions. |
| 30 | */ |
| 31 | define( 'MO_FIREBASE_AUTHENTICATION_VERSION', '1.1.1' ); |
| 32 | |
| 33 | /** |
| 34 | * The code that runs during plugin activation. |
| 35 | * This action is documented in includes/class-firebase-authentication-activator.php |
| 36 | */ |
| 37 | function mo_firebase_activate_firebase_authentication() { |
| 38 | require_once plugin_dir_path( __FILE__ ) . 'includes/class-firebase-authentication-activator.php'; |
| 39 | MO_Firebase_Authentication_Activator::activate(); |
| 40 | } |
| 41 | |
| 42 | /** |
| 43 | * The code that runs during plugin deactivation. |
| 44 | * This action is documented in includes/class-firebase-authentication-deactivator.php |
| 45 | */ |
| 46 | function mo_firebase_deactivate_firebase_authentication() { |
| 47 | require_once plugin_dir_path( __FILE__ ) . 'includes/class-firebase-authentication-deactivator.php'; |
| 48 | MO_Firebase_Authentication_Deactivator::deactivate(); |
| 49 | } |
| 50 | |
| 51 | register_activation_hook( __FILE__, 'mo_firebase_activate_firebase_authentication' ); |
| 52 | register_deactivation_hook( __FILE__, 'mo_firebase_deactivate_firebase_authentication' ); |
| 53 | |
| 54 | /** |
| 55 | * The core plugin class that is used to define internationalization, |
| 56 | * admin-specific hooks, and public-facing site hooks. |
| 57 | */ |
| 58 | require plugin_dir_path( __FILE__ ) . 'includes/class-firebase-authentication.php'; |
| 59 | require_once 'class-mo-firebase-config.php'; |
| 60 | require('views/feedback_form.php'); |
| 61 | require('class-contact-us.php'); |
| 62 | |
| 63 | |
| 64 | /** |
| 65 | * Begins execution of the plugin. |
| 66 | * |
| 67 | * Since everything within the plugin is registered via hooks, |
| 68 | * then kicking off the plugin from this point in the file does |
| 69 | * not affect the page life cycle. |
| 70 | * |
| 71 | * @since 1.0.0 |
| 72 | */ |
| 73 | function mo_firebase_run_firebase_authentication() { |
| 74 | |
| 75 | $plugin = new MO_Firebase_Authentication(); |
| 76 | $plugin->run(); |
| 77 | |
| 78 | } |
| 79 | mo_firebase_run_firebase_authentication(); |
| 80 | |
| 81 | class mo_firebase_authentication_login { |
| 82 | function __construct() { |
| 83 | add_action( 'init', array( $this, 'postResgiter' ) ); |
| 84 | add_action( 'admin_init', array( $this, 'mo_firebase_auth_deactivate' ) ); |
| 85 | if ( get_option( 'mo_enable_firebase_auth' ) == 1 ) { |
| 86 | remove_filter( 'authenticate', 'wp_authenticate_username_password', 20, 3 ); |
| 87 | remove_filter( 'authenticate', 'wp_authenticate_email_password', 20, 3 ); |
| 88 | add_filter( 'authenticate', array( $this, 'mo_firebase_auth' ), 0, 3 ); |
| 89 | } |
| 90 | remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message') ); |
| 91 | remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message') ); |
| 92 | add_action( 'admin_footer', array( $this, 'mo_firebase_auth_feedback_request' ) ); |
| 93 | update_option( 'host_name', 'https://login.xecurify.com' ); |
| 94 | } |
| 95 | |
| 96 | function postResgiter() { |
| 97 | if ( isset( $_POST['verify_user'] ) && isset( $_REQUEST['page'] ) && sanitize_text_field( wp_unslash( $_REQUEST['page'] ) ) == 'mo_firebase_configuration' && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['mo_firebase_auth_config_field'] ) ), 'mo_firebase_auth_config_form' ) ) { |
| 98 | |
| 99 | if( current_user_can( 'administrator' ) ) { |
| 100 | update_option( 'mo_firebase_auth_disable_wordpress_login', isset( $_POST['disable_wordpress_login'] ) ? (int)filter_var( $_POST['disable_wordpress_login'], FILTER_SANITIZE_NUMBER_INT ) : 0 ); |
| 101 | |
| 102 | update_option('mo_firebase_auth_enable_admin_wp_login', isset($_POST['mo_firebase_auth_enable_admin_wp_login']) ? $_POST['mo_firebase_auth_enable_admin_wp_login'] : 0); |
| 103 | |
| 104 | $project_id = isset( $_POST['projectid'] ) ? sanitize_text_field( $_POST['projectid'] ) : ''; |
| 105 | update_option( 'mo_firebase_auth_project_id', $project_id ); |
| 106 | |
| 107 | $api_key = isset( $_POST['apikey'] ) ? sanitize_text_field( $_POST['apikey'] ) : ''; |
| 108 | update_option( 'mo_firebase_auth_api_key', $api_key ); |
| 109 | |
| 110 | $response = wp_remote_get( 'https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com' ); |
| 111 | if ( is_array( $response ) ) { |
| 112 | $header = $response['headers']; // array of http header lines |
| 113 | $body = $response['body']; // use the content |
| 114 | |
| 115 | $split_result = explode( ":", $body ); |
| 116 | |
| 117 | $kid1 = substr( $split_result[0], 5, 40 ); |
| 118 | $s = explode( ",", $split_result[1] ); |
| 119 | $c1 = substr( $s[0], 2, 1158 ); |
| 120 | $kid2 = substr( $s[1], 4, 40 ); |
| 121 | $c2 = explode( "}", $split_result[2] ); |
| 122 | $c2[0] = substr( $c2[0], 2, 1158 ); |
| 123 | $c1 = str_replace( '\n', '', $c1 ); |
| 124 | update_option( 'mo_firebase_auth_kid1', $kid1 ); |
| 125 | update_option( 'mo_firebase_auth_cert1', $c1 ); |
| 126 | $c2[0] = str_replace( '\n', '', $c2[0] ); |
| 127 | update_option( 'mo_firebase_auth_kid2', $kid2 ); |
| 128 | update_option( 'mo_firebase_auth_cert2', $c2[0] ); |
| 129 | } |
| 130 | } |
| 131 | } |
| 132 | } |
| 133 | |
| 134 | |
| 135 | function mo_firebase_auth( $user, $username, $password ) { |
| 136 | |
| 137 | if( "POST" !== sanitize_text_field( wp_unslash( $_SERVER['REQUEST_METHOD'] ) ) ) { |
| 138 | return $user; |
| 139 | } |
| 140 | |
| 141 | if ( empty( $username ) || empty ( $password ) ) { |
| 142 | |
| 143 | $error = new WP_Error(); |
| 144 | |
| 145 | if( isset( $_POST['fb_error_msg'] ) ) { |
| 146 | $error->add( 'firebase_error_msg', __( '<strong>ERROR</strong>: '.esc_html( wp_unslash( $_POST['fb_error_msg'] ) ) ) ); |
| 147 | } |
| 148 | |
| 149 | //create new error object and add errors to it. |
| 150 | else if ( empty( $username ) ) { //No email |
| 151 | $error->add( 'empty_username', __( '<strong>ERROR</strong>: Email field is empty.' ) ); |
| 152 | } |
| 153 | |
| 154 | else if ( empty( $password ) ) { //No password |
| 155 | $error->add( 'empty_password', __( '<strong>ERROR</strong>: Password field is empty.' ) ); |
| 156 | } |
| 157 | return $error; |
| 158 | } |
| 159 | if ( get_option( 'mo_firebase_auth_disable_wordpress_login' ) == false ) { |
| 160 | $user = get_user_by( "login", $username ); |
| 161 | if ( !$user ) { |
| 162 | $user = get_user_by( "email", $username ); |
| 163 | } |
| 164 | if ( $user && wp_check_password( $password, $user->data->user_pass, $user->ID ) ) { |
| 165 | return $user; |
| 166 | } |
| 167 | } |
| 168 | else if ( get_option( 'mo_firebase_auth_enable_admin_wp_login' ) ) { |
| 169 | $user = get_user_by( "login", $username ); |
| 170 | if ( !$user ) { |
| 171 | $user = get_user_by( "email", $username ); |
| 172 | } |
| 173 | if ( $user && $this->is_administrator_user( $user ) ) { |
| 174 | if ( wp_check_password( $password, $user->data->user_pass, $user->ID ) ) { |
| 175 | return $user; |
| 176 | } |
| 177 | } |
| 178 | } |
| 179 | } |
| 180 | |
| 181 | function mo_firebase_auth_success_message() { |
| 182 | $class = "error"; |
| 183 | $message = get_option('message'); |
| 184 | echo "<div class='" . $class . "'> <p>" . $message . "</p></div>"; |
| 185 | } |
| 186 | |
| 187 | function mo_firebase_auth_error_message() { |
| 188 | $class = "updated"; |
| 189 | $message = get_option('message'); |
| 190 | echo "<div class='" . $class . "'><p>" . $message . "</p></div>"; |
| 191 | } |
| 192 | |
| 193 | function is_administrator_user( $user ) { |
| 194 | $userRole = ( $user->roles ); |
| 195 | if ( ! is_null( $userRole ) && in_array( 'administrator' , $userRole ) ) { |
| 196 | return true; |
| 197 | } |
| 198 | else { |
| 199 | return false; |
| 200 | } |
| 201 | } |
| 202 | |
| 203 | private function mo_firebase_auth_show_success_message() { |
| 204 | remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message') ); |
| 205 | add_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message') ); |
| 206 | } |
| 207 | |
| 208 | private function mo_firebase_auth_show_error_message() { |
| 209 | remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message') ); |
| 210 | add_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message') ); |
| 211 | } |
| 212 | |
| 213 | function mo_firebase_auth_feedback_request() { |
| 214 | mo_firebase_auth_display_feedback_form(); |
| 215 | } |
| 216 | |
| 217 | private function mo_firebase_auth_check_empty_or_null( $value ) { |
| 218 | if( ! isset( $value ) || empty( $value ) ) { |
| 219 | return true; |
| 220 | } |
| 221 | return false; |
| 222 | } |
| 223 | |
| 224 | function mo_firebase_auth_deactivate(){ |
| 225 | |
| 226 | if ( isset( $_POST['option'] ) ) { |
| 227 | |
| 228 | if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) == 'mo_enable_firebase_auth' && wp_verify_nonce( $_REQUEST['mo_firebase_auth_enable_field'], 'mo_firebase_auth_enable_form' ) ){ |
| 229 | update_option( 'mo_enable_firebase_auth', isset( $_POST['mo_enable_firebase_auth'] ) ? (int)filter_var( $_POST['mo_enable_firebase_auth'], FILTER_SANITIZE_NUMBER_INT ) : 0 ); |
| 230 | |
| 231 | } else if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) == 'mo_firebase_auth_contact_us' && isset($_REQUEST['mo_firebase_auth_contact_us_field']) && wp_verify_nonce( $_REQUEST['mo_firebase_auth_contact_us_field'], 'mo_firebase_auth_contact_us_form' ) ) { |
| 232 | $email = isset( $_POST['mo_firebase_auth_contact_us_email'] ) ? sanitize_email( $_POST['mo_firebase_auth_contact_us_email'] ) : ""; |
| 233 | $phone = "+ ".preg_replace( '/[^0-9]/', '', $_POST['mo_firebase_auth_contact_us_phone'] ); |
| 234 | //$phone = sanitize_textarea_field($_POST['mo_firebase_auth_contact_us_phone']); |
| 235 | $query = isset( $_POST['mo_firebase_auth_contact_us_query'] ) ? sanitize_textarea_field( $_POST['mo_firebase_auth_contact_us_query'] ) : ""; |
| 236 | if ( $this->mo_firebase_auth_check_empty_or_null( $email ) || $this->mo_firebase_auth_check_empty_or_null( $query ) ) { |
| 237 | echo '<br><b style=color:red>Please fill up Email and Query fields to submit your query.</b>'; |
| 238 | } else { |
| 239 | $contact_us = new MO_Firebase_contact_us(); |
| 240 | $submited = $contact_us->mo_firebase_auth_contact_us( $email, $phone, $query ); |
| 241 | if ( $submited == false ) { |
| 242 | echo '<br><b style=color:red>Your query could not be submitted. Please try again.</b>'; |
| 243 | } else { |
| 244 | echo '<br><b style=color:green>Thanks for getting in touch! We shall get back to you shortly.</b>'; |
| 245 | } |
| 246 | } |
| 247 | |
| 248 | } else if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) == 'mo_firebase_auth_skip_feedback' ) { |
| 249 | deactivate_plugins( __FILE__ ); |
| 250 | update_option( 'message', 'Plugin deactivated successfully' ); |
| 251 | $this->mo_firebase_auth_show_success_message(); |
| 252 | |
| 253 | } else if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) == 'mo_firebase_auth_feedback' && isset($_REQUEST['mo_firebase_auth_feedback_field']) && wp_verify_nonce( $_REQUEST['mo_firebase_auth_feedback_field'], 'mo_firebase_auth_feedback_form' ) ) { |
| 254 | $user = wp_get_current_user(); |
| 255 | $message = 'Plugin Deactivated:'; |
| 256 | $deactivate_reason = array_key_exists( 'deactivate_reason_radio', $_POST ) ? $_POST['deactivate_reason_radio'] : false; |
| 257 | $deactivate_reason_message = array_key_exists( 'query_feedback', $_POST ) ? $_POST['query_feedback'] : false; |
| 258 | if ( $deactivate_reason ) { |
| 259 | $message .= $deactivate_reason; |
| 260 | if ( isset( $deactivate_reason_message ) ) { |
| 261 | $message .= ':' . $deactivate_reason_message; |
| 262 | } |
| 263 | |
| 264 | $email = $user->user_email; |
| 265 | $contact_us = new MO_Firebase_contact_us(); |
| 266 | $submited = json_decode( $contact_us->mo_firebase_auth_send_email_alert( $email, $message, "Feedback: WordPress Firebase Authentication" ), true ); |
| 267 | deactivate_plugins( __FILE__ ); |
| 268 | update_option( 'message', 'Thank you for the feedback.' ); |
| 269 | $this->mo_firebase_auth_show_success_message(); |
| 270 | |
| 271 | } else { |
| 272 | update_option( 'message', 'Please Select one of the reasons ,if your reason is not mentioned please select Other Reasons' ); |
| 273 | $this->mo_firebase_auth_show_error_message(); |
| 274 | } |
| 275 | } |
| 276 | } |
| 277 | } |
| 278 | |
| 279 | } |
| 280 | |
| 281 | $mo_firebase_authentication_obj = new mo_firebase_authentication_login(); |