wp_is_authorize_application_password_request_valid()WP 5.6.0

Checks if the Authorize Application Password request is valid.

Хуки из функции

Возвращает

true|WP_Error. True if the request is valid, a WP_Error object contains errors if not.

Использование

wp_is_authorize_application_password_request_valid( $request, $user );
$request(массив) (обязательный)

The array of request data. All arguments are optional and may be empty.

  • app_name(строка)
    The suggested name of the application.

  • app_id(строка)
    A UUID provided by the application to uniquely identify it.

  • success_url(строка)
    The URL the user will be redirected to after approving the application.

  • reject_url(строка)
    The URL the user will be redirected to after rejecting the application.
$user(WP_User) (обязательный)
The user authorizing the application.

Список изменений

С версии 5.6.0 Введена.
С версии 6.2.0 Allow insecure HTTP connections for the local environment.

Код wp_is_authorize_application_password_request_valid() WP 6.3.1

wp-admin/includes/user.php 
function wp_is_authorize_application_password_request_valid( $request, $user ) {
	$error    = new WP_Error();
	$is_local = 'local' === wp_get_environment_type();

	if ( ! empty( $request['success_url'] ) ) {
		$scheme = wp_parse_url( $request['success_url'], PHP_URL_SCHEME );

		if ( 'http' === $scheme && ! $is_local ) {
			$error->add(
				'invalid_redirect_scheme',
				__( 'The success URL must be served over a secure connection.' )
			);
		}
	}

	if ( ! empty( $request['reject_url'] ) ) {
		$scheme = wp_parse_url( $request['reject_url'], PHP_URL_SCHEME );

		if ( 'http' === $scheme && ! $is_local ) {
			$error->add(
				'invalid_redirect_scheme',
				__( 'The rejection URL must be served over a secure connection.' )
			);
		}
	}

	if ( ! empty( $request['app_id'] ) && ! wp_is_uuid( $request['app_id'] ) ) {
		$error->add(
			'invalid_app_id',
			__( 'The application ID must be a UUID.' )
		);
	}

	/**
	 * Fires before application password errors are returned.
	 *
	 * @since 5.6.0
	 *
	 * @param WP_Error $error   The error object.
	 * @param array    $request The array of request data.
	 * @param WP_User  $user    The user authorizing the application.
	 */
	do_action( 'wp_authorize_application_password_request_errors', $error, $request, $user );

	if ( $error->has_errors() ) {
		return $error;
	}

	return true;
}