diff options
Diffstat (limited to 'plugins/jetpack/class.jetpack-client-server.php')
-rw-r--r-- | plugins/jetpack/class.jetpack-client-server.php | 113 |
1 files changed, 60 insertions, 53 deletions
diff --git a/plugins/jetpack/class.jetpack-client-server.php b/plugins/jetpack/class.jetpack-client-server.php index 63a678d8..16dad5d2 100644 --- a/plugins/jetpack/class.jetpack-client-server.php +++ b/plugins/jetpack/class.jetpack-client-server.php @@ -6,8 +6,33 @@ */ class Jetpack_Client_Server { - function authorize() { - $data = stripslashes_deep( $_GET ); + /** + * Authorizations + */ + function client_authorize() { + $data = stripslashes_deep( $_GET ); + $data['auth_type'] = 'client'; + $jetpack = $this->get_jetpack(); + $role = $jetpack->translate_current_user_to_role(); + $redirect = isset( $data['redirect'] ) ? esc_url_raw( (string) $data['redirect'] ) : ''; + + $this->check_admin_referer( "jetpack-authorize_{$role}_{$redirect}" ); + + $result = $this->authorize( $data ); + if ( is_wp_error( $result ) ) { + Jetpack::state( 'error', $result->get_error_code() ); + } + + if ( wp_validate_redirect( $redirect ) ) { + $this->wp_safe_redirect( $redirect ); + } else { + $this->wp_safe_redirect( Jetpack::admin_url() ); + } + + $this->do_exit(); + } + + function authorize( $data = array() ) { $redirect = isset( $data['redirect'] ) ? esc_url_raw( (string) $data['redirect'] ) : ''; $jetpack_unique_connection = Jetpack_Options::get_option( 'unique_connection' ); @@ -37,61 +62,48 @@ class Jetpack_Client_Server { $jetpack = $this->get_jetpack(); $role = $jetpack->translate_current_user_to_role(); - if ( !$role ) { - Jetpack::state( 'error', 'no_role' ); - break; + if ( ! $role ) { + return new Jetpack_Error( 'no_role', 'Invalid request.', 400 ); } $cap = $jetpack->translate_role_to_cap( $role ); if ( !$cap ) { - Jetpack::state( 'error', 'no_cap' ); - break; + return new Jetpack_Error( 'no_cap', 'Invalid request.', 400 ); } - $this->check_admin_referer( "jetpack-authorize_{$role}_{$redirect}" ); - - if ( !empty( $data['error'] ) ) { - Jetpack::state( 'error', $data['error'] ); - break; + if ( ! empty( $data['error'] ) ) { + return new Jetpack_Error( $data['error'], 'Error included in the request.', 400 ); } - if ( empty( $data['state'] ) ) { - Jetpack::state( 'error', 'no_state' ); - break; + if ( ! isset( $data['state'] ) ) { + return new Jetpack_Error( 'no_state', 'Request must include state.', 400 ); } - if ( !ctype_digit( $data['state'] ) ) { - Jetpack::state( 'error', 'invalid_state' ); - break; + if ( ! ctype_digit( $data['state'] ) ) { + return new Jetpack_Error( $data['error'], 'State must be an integer.', 400 ); } $current_user_id = get_current_user_id(); if ( $current_user_id != $data['state'] ) { - Jetpack::state( 'error', 'wrong_state' ); - break; + return new Jetpack_Error( 'wrong_state', 'State does not match current user.', 400 ); } if ( empty( $data['code'] ) ) { - Jetpack::state( 'error', 'no_code' ); - break; + return new Jetpack_Error( 'no_code', 'Request must include an authorization code.', 400 ); } $token = $this->get_token( $data ); if ( is_wp_error( $token ) ) { - if ( $error = $token->get_error_code() ) - Jetpack::state( 'error', $error ); - else - Jetpack::state( 'error', 'invalid_token' ); - - Jetpack::state( 'error_description', $token->get_error_message() ); - - break; + $code = $token->get_error_code(); + if ( empty( $code ) ) { + $code = 'invalid_token'; + } + return new Jetpack_Error( $code, $token->get_error_message(), 400 ); } - if ( !$token ) { - Jetpack::state( 'error', 'no_token' ); - break; + if ( ! $token ) { + return new Jetpack_Error( 'no_token', 'Error generating token.', 400 ); } $is_master_user = ! Jetpack::is_active(); @@ -99,20 +111,18 @@ class Jetpack_Client_Server { Jetpack::update_user_token( $current_user_id, sprintf( '%s.%d', $token, $current_user_id ), $is_master_user ); - if ( $is_master_user ) { - Jetpack::state( 'message', 'authorized' ); - } else { - Jetpack::state( 'message', 'linked' ); + if ( ! $is_master_user ) { // Don't activate anything since we are just connecting a user. - break; + return 'linked'; } + $redirect_on_activation_error = ( 'client' === $data['auth_type'] ) ? true : false; if ( $active_modules = Jetpack_Options::get_option( 'active_modules' ) ) { Jetpack_Options::delete_option( 'active_modules' ); - Jetpack::activate_default_modules( 999, 1, $active_modules ); + Jetpack::activate_default_modules( 999, 1, $active_modules, $redirect_on_activation_error ); } else { - Jetpack::activate_default_modules(); + Jetpack::activate_default_modules( false, false, array(), $redirect_on_activation_error ); } // Sync all registers options and constants @@ -124,13 +134,7 @@ class Jetpack_Client_Server { wp_schedule_event( time(), 'hourly', 'jetpack_clean_nonces' ); } while ( false ); - if ( wp_validate_redirect( $redirect ) ) { - $this->wp_safe_redirect( $redirect ); - } else { - $this->wp_safe_redirect( Jetpack::admin_url() ); - } - - $this->do_exit(); + return 'authorized'; } public static function deactivate_plugin( $probable_file, $probable_title ) { @@ -160,7 +164,7 @@ class Jetpack_Client_Server { $jetpack = $this->get_jetpack(); $role = $jetpack->translate_current_user_to_role(); - if ( !$role ) { + if ( ! $role ) { return new Jetpack_Error( 'role', __( 'An administrator for this blog must set up the Jetpack connection.', 'jetpack' ) ); } @@ -170,17 +174,20 @@ class Jetpack_Client_Server { } $redirect = isset( $data['redirect'] ) ? esc_url_raw( (string) $data['redirect'] ) : ''; + $redirect_uri = ( 'calypso' === $data['auth_type'] ) + ? $data['redirect_uri'] + : add_query_arg( array( + 'action' => 'authorize', + '_wpnonce' => wp_create_nonce( "jetpack-authorize_{$role}_{$redirect}" ), + 'redirect' => $redirect ? urlencode( $redirect ) : false, + ), menu_page_url( 'jetpack', false ) ); $body = array( 'client_id' => Jetpack_Options::get_option( 'id' ), 'client_secret' => $client_secret->secret, 'grant_type' => 'authorization_code', 'code' => $data['code'], - 'redirect_uri' => add_query_arg( array( - 'action' => 'authorize', - '_wpnonce' => wp_create_nonce( "jetpack-authorize_{$role}_{$redirect}" ), - 'redirect' => $redirect ? urlencode( $redirect ) : false, - ), menu_page_url( 'jetpack', false ) ), + 'redirect_uri' => $redirect_uri, ); $args = array( |