WC_Auth::auth_endpoint() protected WC 2.4.0

Auth endpoint.

{} Это метод класса: WC_Auth{}

Хуков нет.

Возвращает

null. Ничего.

Использование

// protected - в коде основоного (родительского) или дочернего класса
$result = $this->auth_endpoint( $route );

$route(строка) (обязательный)

Route.

Список изменений

Код WC_Auth::auth_endpoint() WC Auth::auth endpoint ^{WC 5.9.0}

protected function auth_endpoint( $route ) {
	ob_start();

	$consumer_data = array();

	try {
		$route = strtolower( wc_clean( $route ) );
		$this->make_validation();

		$data = wp_unslash( $_REQUEST ); // WPCS: input var ok, CSRF ok.

		// Login endpoint.
		if ( 'login' === $route && ! is_user_logged_in() ) {
			wc_get_template(
				'auth/form-login.php', array(
					'app_name'     => wc_clean( $data['app_name'] ),
					'return_url'   => add_query_arg(
						array(
							'success' => 0,
							'user_id' => wc_clean( $data['user_id'] ),
						), $this->get_formatted_url( $data['return_url'] )
					),
					'redirect_url' => $this->build_url( $data, 'authorize' ),
				)
			);
			exit;

		} elseif ( 'login' === $route && is_user_logged_in() ) {
			// Redirect with user is logged in.
			wp_redirect( esc_url_raw( $this->build_url( $data, 'authorize' ) ) );
			exit;

		} elseif ( 'authorize' === $route && ! is_user_logged_in() ) {
			// Redirect with user is not logged in and trying to access the authorize endpoint.
			wp_redirect( esc_url_raw( $this->build_url( $data, 'login' ) ) );
			exit;

		} elseif ( 'authorize' === $route && current_user_can( 'manage_woocommerce' ) ) {
			// Authorize endpoint.
			wc_get_template(
				'auth/form-grant-access.php', array(
					'app_name'    => wc_clean( $data['app_name'] ),
					'return_url'  => add_query_arg(
						array(
							'success' => 0,
							'user_id' => wc_clean( $data['user_id'] ),
						), $this->get_formatted_url( $data['return_url'] )
					),
					'scope'       => $this->get_i18n_scope( wc_clean( $data['scope'] ) ),
					'permissions' => $this->get_permissions_in_scope( wc_clean( $data['scope'] ) ),
					'granted_url' => wp_nonce_url( $this->build_url( $data, 'access_granted' ), 'wc_auth_grant_access', 'wc_auth_nonce' ),
					'logout_url'  => wp_logout_url( $this->build_url( $data, 'login' ) ),
					'user'        => wp_get_current_user(),
				)
			);
			exit;

		} elseif ( 'access_granted' === $route && current_user_can( 'manage_woocommerce' ) ) {
			// Granted access endpoint.
			if ( ! isset( $_GET['wc_auth_nonce'] ) || ! wp_verify_nonce( sanitize_key( wp_unslash( $_GET['wc_auth_nonce'] ) ), 'wc_auth_grant_access' ) ) { // WPCS: input var ok.
				throw new Exception( __( 'Invalid nonce verification', 'woocommerce' ) );
			}

			$consumer_data = $this->create_keys( $data['app_name'], $data['user_id'], $data['scope'] );
			$response      = $this->post_consumer_data( $consumer_data, $this->get_formatted_url( $data['callback_url'] ) );

			if ( $response ) {
				wp_redirect(
					esc_url_raw(
						add_query_arg(
							array(
								'success' => 1,
								'user_id' => wc_clean( $data['user_id'] ),
							), $this->get_formatted_url( $data['return_url'] )
						)
					)
				);
				exit;
			}
		} else {
			throw new Exception( __( 'You do not have permission to access this page', 'woocommerce' ) );
		}
	} catch ( Exception $e ) {
		$this->maybe_delete_key( $consumer_data );

		/* translators: %s: error message */
		wp_die( sprintf( esc_html__( 'Error: %s.', 'woocommerce' ), esc_html( $e->getMessage() ) ), esc_html__( 'Access denied', 'woocommerce' ), array( 'response' => 401 ) );
	}
}