PluginProbe ʕ •ᴥ•ʔ
Firebase Authentication / 1.2.0
Firebase Authentication v1.2.0
trunk 1.0.0 1.1.1 1.1.2 1.1.3 1.1.4 1.2.0 1.3.0 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.8 1.5.0 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.5.9 1.6.0 1.6.1 1.6.2 1.6.3 1.6.4 1.6.5 1.6.6 1.6.7 1.6.8 1.6.9
firebase-authentication / firebase-authentication.php
firebase-authentication Last commit date
admin 6 years ago includes 6 years ago js 6 years ago languages 6 years ago public 6 years ago views 6 years ago README.txt 6 years ago class-contact-us.php 6 years ago class-mo-firebase-config.php 6 years ago firebase-authentication.php 6 years ago index.php 6 years ago uninstall.php 6 years ago
firebase-authentication.php
302 lines
1 <?php
2
3
4 /**
5 *
6 * @link https://miniorange.com
7 * @since 1.0.0
8 * @package Firebase_Authentication
9 *
10 * @wordpress-plugin
11 * Plugin Name: Firebase Authentication
12 * Plugin URI: firebase-authentication
13 * Description: This plugin allows login into Wordpress using Firebase as Identity provider.
14 * Version: 1.2.0
15 * Author: miniOrange
16 * Author URI: https://miniorange.com
17 * License: MIT/Expat
18 */
19
20
21 // If this file is called directly, abort.
22 if ( ! defined( 'WPINC' ) ) {
23 die;
24 }
25
26 /**
27 * Currently plugin version.
28 * Start at version 1.0.0 and use SemVer - https://semver.org
29 * Rename this for your plugin and update it as you release new versions.
30 */
31 define( 'MO_FIREBASE_AUTHENTICATION_VERSION', '1.2.0' );
32
33 /**
34 * The code that runs during plugin activation.
35 * This action is documented in includes/class-firebase-authentication-activator.php
36 */
37 function mo_firebase_activate_firebase_authentication() {
38 require_once plugin_dir_path( __FILE__ ) . 'includes/class-firebase-authentication-activator.php';
39 MO_Firebase_Authentication_Activator::activate();
40 }
41
42 /**
43 * The code that runs during plugin deactivation.
44 * This action is documented in includes/class-firebase-authentication-deactivator.php
45 */
46 function mo_firebase_deactivate_firebase_authentication() {
47 require_once plugin_dir_path( __FILE__ ) . 'includes/class-firebase-authentication-deactivator.php';
48 MO_Firebase_Authentication_Deactivator::deactivate();
49 }
50
51 register_activation_hook( __FILE__, 'mo_firebase_activate_firebase_authentication' );
52 register_deactivation_hook( __FILE__, 'mo_firebase_deactivate_firebase_authentication' );
53
54 /**
55 * The core plugin class that is used to define internationalization,
56 * admin-specific hooks, and public-facing site hooks.
57 */
58 require plugin_dir_path( __FILE__ ) . 'includes/class-firebase-authentication.php';
59 require_once 'class-mo-firebase-config.php';
60 require('views/feedback_form.php');
61 require('class-contact-us.php');
62
63
64 /**
65 * Begins execution of the plugin.
66 *
67 * Since everything within the plugin is registered via hooks,
68 * then kicking off the plugin from this point in the file does
69 * not affect the page life cycle.
70 *
71 * @since 1.0.0
72 */
73 function mo_firebase_run_firebase_authentication() {
74
75 $plugin = new MO_Firebase_Authentication();
76 $plugin->run();
77
78 }
79 mo_firebase_run_firebase_authentication();
80
81 class mo_firebase_authentication_login {
82 function __construct() {
83 add_action( 'init', array( $this, 'postResgiter' ) );
84 add_action( 'admin_init', array( $this, 'mo_firebase_auth_deactivate' ) );
85 if ( get_option( 'mo_enable_firebase_auth' ) == 1 ) {
86 remove_filter( 'authenticate', 'wp_authenticate_username_password', 20, 3 );
87 remove_filter( 'authenticate', 'wp_authenticate_email_password', 20, 3 );
88 add_filter( 'authenticate', array( $this, 'mo_firebase_auth' ), 0, 3 );
89 }
90 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message') );
91 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message') );
92 add_action( 'admin_footer', array( $this, 'mo_firebase_auth_feedback_request' ) );
93 update_option( 'host_name', 'https://login.xecurify.com' );
94 }
95
96 function postResgiter() {
97 if ( isset( $_POST['verify_user'] ) && isset( $_REQUEST['page'] ) && sanitize_text_field( wp_unslash( $_REQUEST['page'] ) ) == 'mo_firebase_authentication' && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['mo_firebase_auth_config_field'] ) ), 'mo_firebase_auth_config_form' ) ) {
98
99 if( current_user_can( 'administrator' ) ) {
100 update_option( 'mo_firebase_auth_disable_wordpress_login', isset( $_POST['disable_wordpress_login'] ) ? (int)filter_var( $_POST['disable_wordpress_login'], FILTER_SANITIZE_NUMBER_INT ) : 0 );
101
102 update_option('mo_firebase_auth_enable_admin_wp_login', isset($_POST['mo_firebase_auth_enable_admin_wp_login']) ? $_POST['mo_firebase_auth_enable_admin_wp_login'] : 0);
103
104 $project_id = isset( $_POST['projectid'] ) ? sanitize_text_field( $_POST['projectid'] ) : '';
105 update_option( 'mo_firebase_auth_project_id', $project_id );
106
107 $api_key = isset( $_POST['apikey'] ) ? sanitize_text_field( $_POST['apikey'] ) : '';
108 update_option( 'mo_firebase_auth_api_key', $api_key );
109
110 $response = wp_remote_get( 'https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com' );
111 if ( is_array( $response ) ) {
112 $header = $response['headers']; // array of http header lines
113 $body = $response['body']; // use the content
114
115 $split_result = explode( ":", $body );
116 $count = count( $split_result );
117 $kid1 = substr( $split_result[0], 5, 40 );
118 $s = explode( ",", $split_result[1] );
119 $c1 = substr( $s[0], 2, 1158 );
120 $c1 = str_replace( '\n', '', $c1 );
121 update_option( 'mo_firebase_auth_kid1', $kid1 );
122 update_option( 'mo_firebase_auth_cert1', $c1 );
123 if( $count == 3 ) {
124 $kid2 = substr( $s[1], 4, 40 );
125 $c2 = explode( "}", $split_result[2] );
126 $c2[0] = substr( $c2[0], 2, 1158 );
127 $c2[0] = str_replace( '\n', '', $c2[0] );
128 update_option( 'mo_firebase_auth_kid2', $kid2 );
129 update_option( 'mo_firebase_auth_cert2', $c2[0] );
130 } else if ( $count > 3) {
131 $kid2 = substr( $s[1], 4, 40 );
132 $s2 = explode( ",", $split_result[2] );
133 $c2 = substr( $s2[0], 2, 1158 );
134 $kid3 = substr( $s2[1], 4, 40 );
135 $c3 = explode( "}", $split_result[3] );
136 $c3[0] = substr( $c3[0], 2, 1158 );
137 $c2 = str_replace( '\n', '', $c2 );
138 update_option( 'mo_firebase_auth_kid2', $kid2 );
139 update_option( 'mo_firebase_auth_cert2', $c2 );
140 $c3[0] = str_replace( '\n', '', $c3[0] );
141 update_option( 'mo_firebase_auth_kid3', $kid3 );
142 update_option( 'mo_firebase_auth_cert3', $c3[0] );
143 }
144 }
145 }
146 }
147 }
148
149
150 function mo_firebase_auth( $user, $username, $password ) {
151
152 if( "POST" !== sanitize_text_field( wp_unslash( $_SERVER['REQUEST_METHOD'] ) ) ) {
153 return $user;
154 }
155
156 if ( empty( $username ) || empty ( $password ) ) {
157
158 $error = new WP_Error();
159
160 if( isset( $_POST['fb_error_msg'] ) ) {
161 $error_msg = esc_html( wp_unslash( $_POST['fb_error_msg'] ) );
162 if (strpos($error_msg, 'API key not valid. Please pass a valid API key.') !== false) {
163 $error_msg = "API key not valid. Please pass a valid API key.";
164 }
165 $error->add( 'firebase_error_msg', __( '<strong>ERROR</strong>: '.$error_msg ) );
166 }
167
168 //create new error object and add errors to it.
169 else if ( empty( $username ) ) { //No email
170 $error->add( 'empty_username', __( '<strong>ERROR</strong>: Email field is empty.' ) );
171 }
172
173 else if ( empty( $password ) ) { //No password
174 $error->add( 'empty_password', __( '<strong>ERROR</strong>: Password field is empty.' ) );
175 }
176 return $error;
177 }
178 if ( get_option( 'mo_firebase_auth_disable_wordpress_login' ) == false ) {
179 $user = get_user_by( "login", $username );
180 if ( !$user ) {
181 $user = get_user_by( "email", $username );
182 }
183 if ( $user && wp_check_password( $password, $user->data->user_pass, $user->ID ) ) {
184 return $user;
185 }
186 }
187 else if ( get_option( 'mo_firebase_auth_enable_admin_wp_login' ) ) {
188 $user = get_user_by( "login", $username );
189 if ( !$user ) {
190 $user = get_user_by( "email", $username );
191 }
192 if ( $user && $this->is_administrator_user( $user ) ) {
193 if ( wp_check_password( $password, $user->data->user_pass, $user->ID ) ) {
194 return $user;
195 }
196 }
197 }
198 }
199
200 function mo_firebase_auth_success_message() {
201 $class = "error";
202 $message = get_option('message');
203 echo "<div class='" . $class . "'> <p>" . $message . "</p></div>";
204 }
205
206 function mo_firebase_auth_error_message() {
207 $class = "updated";
208 $message = get_option('message');
209 echo "<div class='" . $class . "'><p>" . $message . "</p></div>";
210 }
211
212 function is_administrator_user( $user ) {
213 $userRole = ( $user->roles );
214 if ( ! is_null( $userRole ) && in_array( 'administrator' , $userRole ) ) {
215 return true;
216 }
217 else {
218 return false;
219 }
220 }
221
222 private function mo_firebase_auth_show_success_message() {
223 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message') );
224 add_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message') );
225 }
226
227 private function mo_firebase_auth_show_error_message() {
228 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message') );
229 add_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message') );
230 }
231
232 function mo_firebase_auth_feedback_request() {
233 mo_firebase_auth_display_feedback_form();
234 }
235
236 private function mo_firebase_auth_check_empty_or_null( $value ) {
237 if( ! isset( $value ) || empty( $value ) ) {
238 return true;
239 }
240 return false;
241 }
242
243 function mo_firebase_auth_deactivate(){
244
245 if ( isset( $_POST['option'] ) ) {
246
247 if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) == 'mo_enable_firebase_auth' && wp_verify_nonce( $_REQUEST['mo_firebase_auth_enable_field'], 'mo_firebase_auth_enable_form' ) ){
248 update_option( 'mo_enable_firebase_auth', isset( $_POST['mo_enable_firebase_auth'] ) ? (int)filter_var( $_POST['mo_enable_firebase_auth'], FILTER_SANITIZE_NUMBER_INT ) : 0 );
249
250 } else if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) == 'mo_firebase_auth_contact_us' && isset($_REQUEST['mo_firebase_auth_contact_us_field']) && wp_verify_nonce( $_REQUEST['mo_firebase_auth_contact_us_field'], 'mo_firebase_auth_contact_us_form' ) ) {
251 $email = isset( $_POST['mo_firebase_auth_contact_us_email'] ) ? sanitize_email( $_POST['mo_firebase_auth_contact_us_email'] ) : "";
252 $phone = "+ ".preg_replace( '/[^0-9]/', '', $_POST['mo_firebase_auth_contact_us_phone'] );
253 //$phone = sanitize_textarea_field($_POST['mo_firebase_auth_contact_us_phone']);
254 $query = isset( $_POST['mo_firebase_auth_contact_us_query'] ) ? sanitize_textarea_field( $_POST['mo_firebase_auth_contact_us_query'] ) : "";
255 if ( $this->mo_firebase_auth_check_empty_or_null( $email ) || $this->mo_firebase_auth_check_empty_or_null( $query ) ) {
256 echo '<br><b style=color:red>Please fill up Email and Query fields to submit your query.</b>';
257 } else {
258 $contact_us = new MO_Firebase_contact_us();
259 $submited = $contact_us->mo_firebase_auth_contact_us( $email, $phone, $query );
260 if ( $submited == false ) {
261 update_option( 'message', 'Your query could not be submitted. Please try again.' );
262 $this->mo_firebase_auth_show_error_message();
263 } else {
264 update_option( 'message', 'Thanks for getting in touch! We shall get back to you shortly.' );
265 $this->mo_firebase_auth_show_success_message();
266 }
267 }
268
269 } else if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) == 'mo_firebase_auth_skip_feedback' ) {
270 deactivate_plugins( __FILE__ );
271 update_option( 'message', 'Plugin deactivated successfully' );
272 $this->mo_firebase_auth_show_success_message();
273
274 } else if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) == 'mo_firebase_auth_feedback' && isset($_REQUEST['mo_firebase_auth_feedback_field']) && wp_verify_nonce( $_REQUEST['mo_firebase_auth_feedback_field'], 'mo_firebase_auth_feedback_form' ) ) {
275 $user = wp_get_current_user();
276 $message = 'Plugin Deactivated:';
277 $deactivate_reason = array_key_exists( 'deactivate_reason_radio', $_POST ) ? $_POST['deactivate_reason_radio'] : false;
278 $deactivate_reason_message = array_key_exists( 'query_feedback', $_POST ) ? $_POST['query_feedback'] : false;
279 if ( $deactivate_reason ) {
280 $message .= $deactivate_reason;
281 if ( isset( $deactivate_reason_message ) ) {
282 $message .= ':' . $deactivate_reason_message;
283 }
284
285 $email = $user->user_email;
286 $contact_us = new MO_Firebase_contact_us();
287 $submited = json_decode( $contact_us->mo_firebase_auth_send_email_alert( $email, $message, "Feedback: WordPress Firebase Authentication" ), true );
288 deactivate_plugins( __FILE__ );
289 update_option( 'message', 'Thank you for the feedback.' );
290 $this->mo_firebase_auth_show_success_message();
291
292 } else {
293 update_option( 'message', 'Please Select one of the reasons ,if your reason is not mentioned please select Other Reasons' );
294 $this->mo_firebase_auth_show_error_message();
295 }
296 }
297 }
298 }
299
300 }
301
302 $mo_firebase_authentication_obj = new mo_firebase_authentication_login();