WC_Auth::auth_endpoint() │ protected │ WC 2.4.0
Auth endpoint.
{} Это метод класса: WC_Auth{}
Хуков нет.
Возвращает
null. Ничего.
Использование
// protected - в коде основоного (родительского) или дочернего класса $result = $this->auth_endpoint( $route );
- $route(строка) (обязательный)
- Route.
Список изменений
| С версии 2.4.0 | Введена. |
Код WC_Auth::auth_endpoint() WC Auth::auth endpoint WC 6.9.1
protected function auth_endpoint( $route ) {
ob_start();
$consumer_data = array();
try {
$route = strtolower( wc_clean( $route ) );
$this->make_validation();
$data = wp_unslash( $_REQUEST ); // WPCS: input var ok, CSRF ok.
// Login endpoint.
if ( 'login' === $route && ! is_user_logged_in() ) {
/**
* If a merchant is using the WordPress SSO (handled through Jetpack)
* to manage their authorisation then it is likely they'll find that
* their username and password do not work through this form. We
* instead need to redirect them to the WordPress login so that they
* can then be redirected back here with a valid token.
*/
// Check if Jetpack is installed and activated.
if ( class_exists( 'Jetpack' ) && Jetpack::connection()->is_active() ) {
// Check if the user is using the WordPress.com SSO.
if ( Jetpack::is_module_active( 'sso' ) ) {
$redirect_url = $this->build_url( $data, 'authorize' );
// Build the SSO URL.
$login_url = Jetpack_SSO::get_instance()->build_sso_button_url(
array(
'redirect_to' => rawurlencode( esc_url_raw( $redirect_url ) ),
'action' => 'login',
)
);
// Perform the redirect.
wp_safe_redirect( $login_url );
exit;
}
}
wc_get_template(
'auth/form-login.php',
array(
'app_name' => wc_clean( $data['app_name'] ),
'return_url' => add_query_arg(
array(
'success' => 0,
'user_id' => wc_clean( $data['user_id'] ),
),
$this->get_formatted_url( $data['return_url'] )
),
'redirect_url' => $this->build_url( $data, 'authorize' ),
)
);
exit;
} elseif ( 'login' === $route && is_user_logged_in() ) {
// Redirect with user is logged in.
wp_redirect( esc_url_raw( $this->build_url( $data, 'authorize' ) ) );
exit;
} elseif ( 'authorize' === $route && ! is_user_logged_in() ) {
// Redirect with user is not logged in and trying to access the authorize endpoint.
wp_redirect( esc_url_raw( $this->build_url( $data, 'login' ) ) );
exit;
} elseif ( 'authorize' === $route && current_user_can( 'manage_woocommerce' ) ) {
// Authorize endpoint.
wc_get_template(
'auth/form-grant-access.php',
array(
'app_name' => wc_clean( $data['app_name'] ),
'return_url' => add_query_arg(
array(
'success' => 0,
'user_id' => wc_clean( $data['user_id'] ),
),
$this->get_formatted_url( $data['return_url'] )
),
'scope' => $this->get_i18n_scope( wc_clean( $data['scope'] ) ),
'permissions' => $this->get_permissions_in_scope( wc_clean( $data['scope'] ) ),
'granted_url' => wp_nonce_url( $this->build_url( $data, 'access_granted' ), 'wc_auth_grant_access', 'wc_auth_nonce' ),
'logout_url' => wp_logout_url( $this->build_url( $data, 'login' ) ),
'user' => wp_get_current_user(),
)
);
exit;
} elseif ( 'access_granted' === $route && current_user_can( 'manage_woocommerce' ) ) {
// Granted access endpoint.
if ( ! isset( $_GET['wc_auth_nonce'] ) || ! wp_verify_nonce( sanitize_key( wp_unslash( $_GET['wc_auth_nonce'] ) ), 'wc_auth_grant_access' ) ) { // WPCS: input var ok.
throw new Exception( __( 'Invalid nonce verification', 'woocommerce' ) );
}
$consumer_data = $this->create_keys( $data['app_name'], $data['user_id'], $data['scope'] );
$response = $this->post_consumer_data( $consumer_data, $this->get_formatted_url( $data['callback_url'] ) );
if ( $response ) {
wp_redirect(
esc_url_raw(
add_query_arg(
array(
'success' => 1,
'user_id' => wc_clean( $data['user_id'] ),
),
$this->get_formatted_url( $data['return_url'] )
)
)
);
exit;
}
} else {
throw new Exception( __( 'You do not have permission to access this page', 'woocommerce' ) );
}
} catch ( Exception $e ) {
$this->maybe_delete_key( $consumer_data );
/* translators: %s: error message */
wp_die( sprintf( esc_html__( 'Error: %s.', 'woocommerce' ), esc_html( $e->getMessage() ) ), esc_html__( 'Access denied', 'woocommerce' ), array( 'response' => 401 ) );
}
}