PluginProbe ʕ •ᴥ•ʔ
Firebase Authentication / 1.1.4
Firebase Authentication v1.1.4
trunk 1.0.0 1.1.1 1.1.2 1.1.3 1.1.4 1.2.0 1.3.0 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.8 1.5.0 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.5.9 1.6.0 1.6.1 1.6.2 1.6.3 1.6.4 1.6.5 1.6.6 1.6.7 1.6.8 1.6.9
firebase-authentication / firebase-authentication.php
firebase-authentication Last commit date
admin 6 years ago includes 6 years ago js 6 years ago languages 6 years ago public 6 years ago views 6 years ago README.txt 6 years ago class-contact-us.php 6 years ago class-mo-firebase-config.php 6 years ago firebase-authentication.php 6 years ago index.php 6 years ago uninstall.php 6 years ago
firebase-authentication.php
281 lines
1 <?php
2
3
4 /**
5 *
6 * @link https://miniorange.com
7 * @since 1.0.0
8 * @package Firebase_Authentication
9 *
10 * @wordpress-plugin
11 * Plugin Name: Firebase Authentication
12 * Plugin URI: firebase-authentication
13 * Description: This plugin allows login into Wordpress using Firebase as Identity provider.
14 * Version: 1.1.4
15 * Author: miniOrange
16 * Author URI: https://miniorange.com
17 * License: MIT/Expat
18 */
19
20
21 // If this file is called directly, abort.
22 if ( ! defined( 'WPINC' ) ) {
23 die;
24 }
25
26 /**
27 * Currently plugin version.
28 * Start at version 1.0.0 and use SemVer - https://semver.org
29 * Rename this for your plugin and update it as you release new versions.
30 */
31 define( 'MO_FIREBASE_AUTHENTICATION_VERSION', '1.1.1' );
32
33 /**
34 * The code that runs during plugin activation.
35 * This action is documented in includes/class-firebase-authentication-activator.php
36 */
37 function mo_firebase_activate_firebase_authentication() {
38 require_once plugin_dir_path( __FILE__ ) . 'includes/class-firebase-authentication-activator.php';
39 MO_Firebase_Authentication_Activator::activate();
40 }
41
42 /**
43 * The code that runs during plugin deactivation.
44 * This action is documented in includes/class-firebase-authentication-deactivator.php
45 */
46 function mo_firebase_deactivate_firebase_authentication() {
47 require_once plugin_dir_path( __FILE__ ) . 'includes/class-firebase-authentication-deactivator.php';
48 MO_Firebase_Authentication_Deactivator::deactivate();
49 }
50
51 register_activation_hook( __FILE__, 'mo_firebase_activate_firebase_authentication' );
52 register_deactivation_hook( __FILE__, 'mo_firebase_deactivate_firebase_authentication' );
53
54 /**
55 * The core plugin class that is used to define internationalization,
56 * admin-specific hooks, and public-facing site hooks.
57 */
58 require plugin_dir_path( __FILE__ ) . 'includes/class-firebase-authentication.php';
59 require_once 'class-mo-firebase-config.php';
60 require('views/feedback_form.php');
61 require('class-contact-us.php');
62
63
64 /**
65 * Begins execution of the plugin.
66 *
67 * Since everything within the plugin is registered via hooks,
68 * then kicking off the plugin from this point in the file does
69 * not affect the page life cycle.
70 *
71 * @since 1.0.0
72 */
73 function mo_firebase_run_firebase_authentication() {
74
75 $plugin = new MO_Firebase_Authentication();
76 $plugin->run();
77
78 }
79 mo_firebase_run_firebase_authentication();
80
81 class mo_firebase_authentication_login {
82 function __construct() {
83 add_action( 'init', array( $this, 'postResgiter' ) );
84 add_action( 'admin_init', array( $this, 'mo_firebase_auth_deactivate' ) );
85 if ( get_option( 'mo_enable_firebase_auth' ) == 1 ) {
86 remove_filter( 'authenticate', 'wp_authenticate_username_password', 20, 3 );
87 remove_filter( 'authenticate', 'wp_authenticate_email_password', 20, 3 );
88 add_filter( 'authenticate', array( $this, 'mo_firebase_auth' ), 0, 3 );
89 }
90 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message') );
91 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message') );
92 add_action( 'admin_footer', array( $this, 'mo_firebase_auth_feedback_request' ) );
93 update_option( 'host_name', 'https://login.xecurify.com' );
94 }
95
96 function postResgiter() {
97 if ( isset( $_POST['verify_user'] ) && isset( $_REQUEST['page'] ) && sanitize_text_field( wp_unslash( $_REQUEST['page'] ) ) == 'mo_firebase_configuration' && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['mo_firebase_auth_config_field'] ) ), 'mo_firebase_auth_config_form' ) ) {
98
99 if( current_user_can( 'administrator' ) ) {
100 update_option( 'mo_firebase_auth_disable_wordpress_login', isset( $_POST['disable_wordpress_login'] ) ? (int)filter_var( $_POST['disable_wordpress_login'], FILTER_SANITIZE_NUMBER_INT ) : 0 );
101
102 update_option('mo_firebase_auth_enable_admin_wp_login', isset($_POST['mo_firebase_auth_enable_admin_wp_login']) ? $_POST['mo_firebase_auth_enable_admin_wp_login'] : 0);
103
104 $project_id = isset( $_POST['projectid'] ) ? sanitize_text_field( $_POST['projectid'] ) : '';
105 update_option( 'mo_firebase_auth_project_id', $project_id );
106
107 $api_key = isset( $_POST['apikey'] ) ? sanitize_text_field( $_POST['apikey'] ) : '';
108 update_option( 'mo_firebase_auth_api_key', $api_key );
109
110 $response = wp_remote_get( 'https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com' );
111 if ( is_array( $response ) ) {
112 $header = $response['headers']; // array of http header lines
113 $body = $response['body']; // use the content
114
115 $split_result = explode( ":", $body );
116
117 $kid1 = substr( $split_result[0], 5, 40 );
118 $s = explode( ",", $split_result[1] );
119 $c1 = substr( $s[0], 2, 1158 );
120 $kid2 = substr( $s[1], 4, 40 );
121 $c2 = explode( "}", $split_result[2] );
122 $c2[0] = substr( $c2[0], 2, 1158 );
123 $c1 = str_replace( '\n', '', $c1 );
124 update_option( 'mo_firebase_auth_kid1', $kid1 );
125 update_option( 'mo_firebase_auth_cert1', $c1 );
126 $c2[0] = str_replace( '\n', '', $c2[0] );
127 update_option( 'mo_firebase_auth_kid2', $kid2 );
128 update_option( 'mo_firebase_auth_cert2', $c2[0] );
129 }
130 }
131 }
132 }
133
134
135 function mo_firebase_auth( $user, $username, $password ) {
136
137 if( "POST" !== sanitize_text_field( wp_unslash( $_SERVER['REQUEST_METHOD'] ) ) ) {
138 return $user;
139 }
140
141 if ( empty( $username ) || empty ( $password ) ) {
142
143 $error = new WP_Error();
144
145 if( isset( $_POST['fb_error_msg'] ) ) {
146 $error->add( 'firebase_error_msg', __( '<strong>ERROR</strong>: '.esc_html( wp_unslash( $_POST['fb_error_msg'] ) ) ) );
147 }
148
149 //create new error object and add errors to it.
150 else if ( empty( $username ) ) { //No email
151 $error->add( 'empty_username', __( '<strong>ERROR</strong>: Email field is empty.' ) );
152 }
153
154 else if ( empty( $password ) ) { //No password
155 $error->add( 'empty_password', __( '<strong>ERROR</strong>: Password field is empty.' ) );
156 }
157 return $error;
158 }
159 if ( get_option( 'mo_firebase_auth_disable_wordpress_login' ) == false ) {
160 $user = get_user_by( "login", $username );
161 if ( !$user ) {
162 $user = get_user_by( "email", $username );
163 }
164 if ( $user && wp_check_password( $password, $user->data->user_pass, $user->ID ) ) {
165 return $user;
166 }
167 }
168 else if ( get_option( 'mo_firebase_auth_enable_admin_wp_login' ) ) {
169 $user = get_user_by( "login", $username );
170 if ( !$user ) {
171 $user = get_user_by( "email", $username );
172 }
173 if ( $user && $this->is_administrator_user( $user ) ) {
174 if ( wp_check_password( $password, $user->data->user_pass, $user->ID ) ) {
175 return $user;
176 }
177 }
178 }
179 }
180
181 function mo_firebase_auth_success_message() {
182 $class = "error";
183 $message = get_option('message');
184 echo "<div class='" . $class . "'> <p>" . $message . "</p></div>";
185 }
186
187 function mo_firebase_auth_error_message() {
188 $class = "updated";
189 $message = get_option('message');
190 echo "<div class='" . $class . "'><p>" . $message . "</p></div>";
191 }
192
193 function is_administrator_user( $user ) {
194 $userRole = ( $user->roles );
195 if ( ! is_null( $userRole ) && in_array( 'administrator' , $userRole ) ) {
196 return true;
197 }
198 else {
199 return false;
200 }
201 }
202
203 private function mo_firebase_auth_show_success_message() {
204 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message') );
205 add_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message') );
206 }
207
208 private function mo_firebase_auth_show_error_message() {
209 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message') );
210 add_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message') );
211 }
212
213 function mo_firebase_auth_feedback_request() {
214 mo_firebase_auth_display_feedback_form();
215 }
216
217 private function mo_firebase_auth_check_empty_or_null( $value ) {
218 if( ! isset( $value ) || empty( $value ) ) {
219 return true;
220 }
221 return false;
222 }
223
224 function mo_firebase_auth_deactivate(){
225
226 if ( isset( $_POST['option'] ) ) {
227
228 if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) == 'mo_enable_firebase_auth' && wp_verify_nonce( $_REQUEST['mo_firebase_auth_enable_field'], 'mo_firebase_auth_enable_form' ) ){
229 update_option( 'mo_enable_firebase_auth', isset( $_POST['mo_enable_firebase_auth'] ) ? (int)filter_var( $_POST['mo_enable_firebase_auth'], FILTER_SANITIZE_NUMBER_INT ) : 0 );
230
231 } else if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) == 'mo_firebase_auth_contact_us' && isset($_REQUEST['mo_firebase_auth_contact_us_field']) && wp_verify_nonce( $_REQUEST['mo_firebase_auth_contact_us_field'], 'mo_firebase_auth_contact_us_form' ) ) {
232 $email = isset( $_POST['mo_firebase_auth_contact_us_email'] ) ? sanitize_email( $_POST['mo_firebase_auth_contact_us_email'] ) : "";
233 $phone = "+ ".preg_replace( '/[^0-9]/', '', $_POST['mo_firebase_auth_contact_us_phone'] );
234 //$phone = sanitize_textarea_field($_POST['mo_firebase_auth_contact_us_phone']);
235 $query = isset( $_POST['mo_firebase_auth_contact_us_query'] ) ? sanitize_textarea_field( $_POST['mo_firebase_auth_contact_us_query'] ) : "";
236 if ( $this->mo_firebase_auth_check_empty_or_null( $email ) || $this->mo_firebase_auth_check_empty_or_null( $query ) ) {
237 echo '<br><b style=color:red>Please fill up Email and Query fields to submit your query.</b>';
238 } else {
239 $contact_us = new MO_Firebase_contact_us();
240 $submited = $contact_us->mo_firebase_auth_contact_us( $email, $phone, $query );
241 if ( $submited == false ) {
242 echo '<br><b style=color:red>Your query could not be submitted. Please try again.</b>';
243 } else {
244 echo '<br><b style=color:green>Thanks for getting in touch! We shall get back to you shortly.</b>';
245 }
246 }
247
248 } else if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) == 'mo_firebase_auth_skip_feedback' ) {
249 deactivate_plugins( __FILE__ );
250 update_option( 'message', 'Plugin deactivated successfully' );
251 $this->mo_firebase_auth_show_success_message();
252
253 } else if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) == 'mo_firebase_auth_feedback' && isset($_REQUEST['mo_firebase_auth_feedback_field']) && wp_verify_nonce( $_REQUEST['mo_firebase_auth_feedback_field'], 'mo_firebase_auth_feedback_form' ) ) {
254 $user = wp_get_current_user();
255 $message = 'Plugin Deactivated:';
256 $deactivate_reason = array_key_exists( 'deactivate_reason_radio', $_POST ) ? $_POST['deactivate_reason_radio'] : false;
257 $deactivate_reason_message = array_key_exists( 'query_feedback', $_POST ) ? $_POST['query_feedback'] : false;
258 if ( $deactivate_reason ) {
259 $message .= $deactivate_reason;
260 if ( isset( $deactivate_reason_message ) ) {
261 $message .= ':' . $deactivate_reason_message;
262 }
263
264 $email = $user->user_email;
265 $contact_us = new MO_Firebase_contact_us();
266 $submited = json_decode( $contact_us->mo_firebase_auth_send_email_alert( $email, $message, "Feedback: WordPress Firebase Authentication" ), true );
267 deactivate_plugins( __FILE__ );
268 update_option( 'message', 'Thank you for the feedback.' );
269 $this->mo_firebase_auth_show_success_message();
270
271 } else {
272 update_option( 'message', 'Please Select one of the reasons ,if your reason is not mentioned please select Other Reasons' );
273 $this->mo_firebase_auth_show_error_message();
274 }
275 }
276 }
277 }
278
279 }
280
281 $mo_firebase_authentication_obj = new mo_firebase_authentication_login();