PluginProbe ʕ •ᴥ•ʔ
Firebase Authentication / 1.5.6
Firebase Authentication v1.5.6
1.7.0 trunk 1.0.0 1.1.1 1.1.2 1.1.3 1.1.4 1.2.0 1.3.0 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.8 1.5.0 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.5.9 1.6.0 1.6.1 1.6.2 1.6.3 1.6.4 1.6.5 1.6.6 1.6.7 1.6.8 1.6.9
firebase-authentication / class-mo-firebase-config.php
firebase-authentication Last commit date
admin 4 years ago includes 4 years ago languages 4 years ago public 4 years ago views 4 years ago README.txt 4 years ago class-contact-us.php 4 years ago class-mo-firebase-config.php 4 years ago firebase-authentication.php 4 years ago index.php 4 years ago uninstall.php 4 years ago
class-mo-firebase-config.php
269 lines
1 <?php
2
3 class Mo_Firebase_Config {
4 function __construct() {
5 add_action('init', array( $this, 'testconfig' ));
6 }
7 function testconfig() {
8 if( isset( $_REQUEST['mo_action'] ) && 'firebaselogin' === sanitize_text_field( wp_unslash( $_REQUEST['mo_action'] ) ) && isset( $_REQUEST['test'] ) && 'true' === wp_unslash( $_REQUEST['test'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['mo_firebase_auth_test_config_field'] ) ), 'mo_firebase_auth_test_config_form' ) ) {
9
10 $project_id = get_option('mo_firebase_auth_project_id');
11 $api_key = get_option('mo_firebase_auth_api_key');
12
13 $test_username = isset( $_POST['test_username'] ) ? sanitize_text_field( $_POST['test_username'] ) : '';
14 $test_password = isset( $_POST['test_password'] ) ? sanitize_text_field( $_POST['test_password'] ) : '';
15
16 $response = $this->mo_firebase_authenticate_call($test_username, $test_password);
17 $response = json_decode($response, true);
18
19 if(isset($response['error'])){
20 $fb_error = $response['error']['message'];
21 if($fb_error == 'INVALID_PASSWORD'){
22 $fb_error = 'The password is invalid or the user does not have a password.';
23 }elseif ($fb_error == 'EMAIL_NOT_FOUND') {
24 $fb_error = 'There is no user record corresponding to this identifier. The user may have been deleted.';
25 }elseif ($fb_error == 'INVALID_EMAIL'){
26 $fb_error = 'The email address is badly formatted.';
27 }
28 echo '<div style="font-family:Calibri;padding: 0 30%;">';
29 echo '<h1 style="color:#d9534f;text-align:center;">test failed</h1>';
30 echo '<h4 style="text-align:center;"><b>ERROR :</b>'.$fb_error.'</h4>';
31 echo '</div>';
32 echo '<div style="padding: 10px;"></div><div style="position:absolute;padding:0 46%;"><input style="padding:1%;width:100px;height:30px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Close" onClick="self.close();"></div>';
33 exit();
34 }else{
35 $idToken = $response['idToken'];
36 $payload = $this->decode_jwt( $idToken );
37 echo '<div style="font-family:Calibri;margin: auto;padding:5%;">';
38 echo '<h1 style="color:#00C851;text-align:center;">Test Successful !</h1>';
39 echo '<style>table{border-collapse:collapse;}th {background-color: #eee; text-align: center; padding: 8px; border-width:1px; border-style:solid; border-color:#212121;}tr:nth-child(odd) {background-color: #f2f2f2;} td{padding:8px;border-width:1px; border-style:solid; border-color:#212121;}</style>';
40 echo '<h3 style="text-align:center;">Test Configuration</h3><table style="margin: auto;"><tr><th>Attribute Name</th><th>Attribute Value</th></tr>';
41 $this->testattrmappingconfig( "", $payload );
42 echo '</table></div>';
43 echo '<div style="margin: auto;position:absolute;padding:0 40%;"><input style="margin: auto;position:absolute; padding:8px;width:12%;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>';
44 exit();
45 }
46 }
47 }
48
49 function testattrmappingconfig( $nestedprefix, $payload ) {
50 foreach ( $payload as $key => $value ){
51 if ( is_array( $value ) || is_object( $value ) ) {
52 if ( ! empty( $nestedprefix ) ) {
53 $nestedprefix .= ".";
54 }
55 $this->testattrmappingconfig( $nestedprefix.$key, $value );
56 } else {
57 echo '<tr><td>';
58 if ( ! empty( $nestedprefix ) )
59 echo $nestedprefix.".";
60 echo $key.'</td><td>'.$value.'</td></tr>';
61 }
62 }
63 }
64
65 function decode_jwt( $jwt_token ) {
66 $flag = 0;
67 $pieces = explode( ".", $jwt_token );
68 $jwt_data = $pieces[0].".".$pieces[1];
69 $jwt_signature = str_replace( ['-','_'], ['+','/'], $pieces[2] );
70 $jwt_signature = base64_decode( $jwt_signature );
71 $jwt_header = json_decode( base64_decode( str_replace( ['-','_'], ['+','/'], $pieces[0] ) ), true );
72
73 $alg = $jwt_header['alg'];
74 $kid = $jwt_header['kid'];
75
76 if ( strpos( $alg, "RS" ) !== false ) {
77 $algorithm = "RSA";
78 $sha = explode( "RS", $alg )[1];
79 }
80
81 $jwt_raw_certificate = $this->mo_firebase_auth_get_cert_from_kid($kid);
82
83 $public_key = "";
84 $parts = explode( "-----", $jwt_raw_certificate );
85
86 if ( preg_match( '/\r\n|\r|\n/', $parts[2] ) ) {
87 $public_key = $jwt_raw_certificate;
88 } else {
89 $encoding = "-----".$parts[1]."-----\n";
90 $offset = 0;
91 while ( $segment = substr( $parts[2], $offset, 64 ) ) {
92 $encoding .= $segment."\n";
93 $offset += 64;
94 }
95 $encoding .= "-----".$parts[3]."-----\n";
96 $public_key = $encoding;
97 }
98
99 switch ( $sha ) {
100 case '256':
101 $verified = openssl_verify( $jwt_data, $jwt_signature, $public_key, OPENSSL_ALGO_SHA256 );
102 break;
103 case '384':
104 $verified = openssl_verify( $jwt_data, $jwt_signature, $public_key, OPENSSL_ALGO_SHA384 );
105 break;
106 case '512':
107 $verified = openssl_verify( $jwt_data, $jwt_signature, $public_key, OPENSSL_ALGO_SHA512 );
108 break;
109 default:
110 $verified = false;
111 break;
112 }
113
114 if ( ! $verified ) {
115 echo "Invalid Token";
116 exit();
117 }
118
119 $jwt_payload = json_decode( base64_decode( $pieces[1] ), true );
120 return $jwt_payload;
121
122 }
123
124 function mo_firebase_auth_get_cert_from_kid( $kid ) {
125 $flag = $this->mo_firebase_auth_get_kid( $kid );
126 if( $flag === 0 ) {
127 $firebaselogin = new mo_firebase_authentication_login();
128 $firebaselogin->mo_firebase_auth_store_certificates();
129 $flag = $this->mo_firebase_auth_get_kid( $kid );
130 }
131 if ( $flag !== 0 ) {
132 if ( $flag === 1 ) {
133 $jwt_raw_certificate = get_option( 'mo_firebase_auth_cert1' );
134 } else if( $flag === 2 ) {
135 $jwt_raw_certificate = get_option( 'mo_firebase_auth_cert2' );
136 } else if ( $flag === 3 ) {
137 $jwt_raw_certificate = get_option( 'mo_firebase_auth_cert3' );
138 }
139 } else {
140 echo "Please provide a valid certificate. Contact your administrator.";
141 exit;
142 }
143 return $jwt_raw_certificate;
144 }
145
146 function mo_firebase_auth_get_kid($kid) {
147 $flag = 0;
148 $kid_stored = get_option( 'mo_firebase_auth_kid1' );
149 if ( $kid_stored != $kid ) {
150 $flag = 2;
151 $kid_stored = get_option( 'mo_firebase_auth_kid2' );
152 if ( $kid_stored != $kid ) {
153 $flag = 3;
154 $kid_stored = get_option( 'mo_firebase_auth_kid3' );
155 if( $kid_stored != $kid ) {
156 $flag = 0;
157 }
158 }
159 } else {
160 $flag = 1;
161 }
162 return $flag;
163 }
164
165 function mo_fb_login_user($fb_idToken) {
166
167 $payload = $this->decode_jwt( $fb_idToken );
168
169 $user = $this->getUser( $payload );
170 if( is_wp_error($user) ){
171 return $user;
172 }
173 else {
174 $user_id = $user->ID;
175 wp_set_auth_cookie( $user_id, true );
176 wp_redirect( home_url() );
177 exit;
178 }
179
180 }
181
182 function getUser( $jwt_payload )
183 {
184 if ( isset( $jwt_payload['email'] ) ){
185 $email = $jwt_payload['email'];
186 $user = get_user_by( "email", $email );
187 if ( ! $user ) {
188 $user = get_user_by( 'login', $email );
189 if ( $user ) {
190 return $user;
191 } else {
192 $user_password = wp_generate_password( 10, false );
193
194 $userdata = array(
195 'user_login' => $email,
196 'user_pass' => $user_password,
197 'user_email' => $email,
198 );
199
200 $user_id = wp_insert_user( $userdata );
201
202 if ( ! is_wp_error( $user_id ) )
203 {
204 //Store disting
205 // shedName in User Meta
206 update_user_meta( $user_id, 'mo_firebase_user_dn', false );
207 }
208
209 $user = get_user_by( 'email', $email );
210 return $user;
211 }
212 } else if( $user ) {
213 return $user;
214 }
215 }
216 }
217
218 public function mo_fb_post_api($url, $headers, $body){
219
220 $args = array(
221 'method' =>'POST',
222 'body' => $body,
223 'timeout' => '5',
224 'redirection' => '5',
225 'httpversion' => '1.0',
226 'blocking' => true,
227 'headers' => $headers,
228
229 );
230
231 $response = wp_remote_post( $url, $args );
232
233 if ( is_wp_error( $response ) ) {
234 $error_message = $response->get_error_message();
235 echo "Something went wrong: $error_message";
236 exit();
237 }
238
239 return wp_remote_retrieve_body($response);
240 return $response;
241 }
242
243 public function mo_firebase_authenticate_call($email, $password){
244
245 $api_key = get_option('mo_firebase_auth_api_key');
246
247 $url = "https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword?key=".$api_key;
248
249 $params = array(
250 'email' => $email,
251 'password' => $password,
252 'returnSecureToken' => true
253 );
254
255 $body = json_encode($params);
256
257 $headers = array(
258 'Content-Type' => 'application/json',
259 'Content-Length' => strlen($body)
260 );
261
262 $response = $this->mo_fb_post_api($url, $headers, $body);
263
264 return $response;
265 }
266
267 }
268
269 $mo_firebase_config_obj = new Mo_Firebase_Config();