WC_Auth::auth_endpoint PHP Method

WC_Auth Class Documentation Datei anzeigen Open project: woocommerce/woocommerce

auth_endpoint() protected method

Auth endpoint.

Since: 2.4.0

protected auth_endpoint ( string $route )
$route	string

        protected function auth_endpoint($route)
        {
            ob_start();
            $consumer_data = array();
            try {
                if ('yes' !== get_option('woocommerce_api_enabled')) {
                    throw new Exception(__('API disabled!', 'woocommerce'));
                }
                $route = strtolower(wc_clean($route));
                $this->make_validation();
                // Login endpoint
                if ('login' == $route && !is_user_logged_in()) {
                    wc_get_template('auth/form-login.php', array('app_name' => $_REQUEST['app_name'], 'return_url' => add_query_arg(array('success' => 0, 'user_id' => wc_clean($_REQUEST['user_id'])), $this->get_formatted_url($_REQUEST['return_url'])), 'redirect_url' => $this->build_url($_REQUEST, 'authorize')));
                    exit;
                    // Redirect with user is logged in
                } elseif ('login' == $route && is_user_logged_in()) {
                    wp_redirect(esc_url_raw($this->build_url($_REQUEST, 'authorize')));
                    exit;
                    // Redirect with user is not logged in and trying to access the authorize endpoint
                } elseif ('authorize' == $route && !is_user_logged_in()) {
                    wp_redirect(esc_url_raw($this->build_url($_REQUEST, 'login')));
                    exit;
                    // Authorize endpoint
                } elseif ('authorize' == $route && current_user_can('manage_woocommerce')) {
                    wc_get_template('auth/form-grant-access.php', array('app_name' => $_REQUEST['app_name'], 'return_url' => add_query_arg(array('success' => 0, 'user_id' => wc_clean($_REQUEST['user_id'])), $this->get_formatted_url($_REQUEST['return_url'])), 'scope' => $this->get_i18n_scope(wc_clean($_REQUEST['scope'])), 'permissions' => $this->get_permissions_in_scope(wc_clean($_REQUEST['scope'])), 'granted_url' => wp_nonce_url($this->build_url($_REQUEST, 'access_granted'), 'wc_auth_grant_access', 'wc_auth_nonce'), 'logout_url' => wp_logout_url($this->build_url($_REQUEST, 'login')), 'user' => wp_get_current_user()));
                    exit;
                    // Granted access endpoint
                } elseif ('access_granted' == $route && current_user_can('manage_woocommerce')) {
                    if (!isset($_GET['wc_auth_nonce']) || !wp_verify_nonce($_GET['wc_auth_nonce'], 'wc_auth_grant_access')) {
                        throw new Exception(__('Invalid nonce verification', 'woocommerce'));
                    }
                    $consumer_data = $this->create_keys($_REQUEST['app_name'], $_REQUEST['user_id'], $_REQUEST['scope']);
                    $response = $this->post_consumer_data($consumer_data, $this->get_formatted_url($_REQUEST['callback_url']));
                    if ($response) {
                        wp_redirect(esc_url_raw(add_query_arg(array('success' => 1, 'user_id' => wc_clean($_REQUEST['user_id'])), $this->get_formatted_url($_REQUEST['return_url']))));
                        exit;
                    }
                } else {
                    throw new Exception(__('You do not have permissions to access this page!', 'woocommerce'));
                }
            } catch (Exception $e) {
                $this->maybe_delete_key($consumer_data);
                /* translators: %s: error messase */
                wp_die(sprintf(__('Error: %s.', 'woocommerce'), $e->getMessage()), __('Access denied', 'woocommerce'), array('response' => 401));
            }
        }

WC_Auth

__construct

add_endpoint

add_query_vars

auth_endpoint

build_url

create_keys

get_formatted_url

get_i18n_scope

get_permissions_in_scope

handle_auth_requests

make_validation

maybe_delete_key

post_consumer_data