Skip to content

Commit

Permalink
wp-graphql#69 - Backward Compatibility fixes for playing nice with WP…
Browse files Browse the repository at this point in the history
…GraphQL for WooCommerce
  • Loading branch information
jasonbahl committed Feb 14, 2020
1 parent 04b6ab0 commit a2309b6
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 10 deletions.
18 changes: 14 additions & 4 deletions src/Auth.php
Original file line number Diff line number Diff line change
Expand Up @@ -68,8 +68,8 @@ public static function login_and_get_token( $username, $password ) {
* The token is signed, now create the object with basic user data to send to the client
*/
$response = [
'authToken' => self::get_signed_token( $user ),
'refreshToken' => self::get_refresh_token( $user ),
'authToken' => self::get_signed_token( wp_get_current_user() ),
'refreshToken' => self::get_refresh_token( wp_get_current_user() ),
'user' => DataSource::resolve_user( $user->data->ID, \WPGraphQL::get_app_context() ),
'id' => $user->data->ID,
];
Expand Down Expand Up @@ -124,6 +124,7 @@ public static function get_token_expiration() {
* Retrieves validates user and retrieve signed token
*
* @param \WP_User $user Owner of the token.
* @param bool $cap_check Whether to check capabilities when getting the token
*
* @return null|string
*/
Expand Down Expand Up @@ -221,7 +222,7 @@ public static function get_user_jwt_secret( $user_id ) {
* If the request is not from the current_user or the current_user doesn't have the proper capabilities, don't return the secret
*/
$is_current_user = ( $user_id === get_current_user_id() ) ? true : false;
if ( ! $is_current_user || ! current_user_can( $capability ) ) {
if ( ! $is_current_user && ! current_user_can( $capability ) ) {
return null;
}

Expand All @@ -234,7 +235,7 @@ public static function get_user_jwt_secret( $user_id ) {
* If there is no stored secret, or it's not a string
*/
if ( empty( $secret ) || ! is_string( $secret ) ) {
Auth::issue_new_user_secret( $user_id );
$secret = Auth::issue_new_user_secret( $user_id );
}

/**
Expand Down Expand Up @@ -293,13 +294,21 @@ public static function is_jwt_secret_revoked( $user_id ) {
* Public method for getting an Auth token for a given user
*
* @param \WP_USer $user The user to get the token for
* @param boolean $cap_check Whether to check capabilities. Default is true.
*
* @return null|string
*/
public static function get_token( $user, $cap_check = true ) {
return self::get_signed_token( $user, $cap_check );
}

/**
* Given a WP_User, this returns a refresh token for the user
* @param \WP_User $user A WP_User object
* @param bool $cap_check
*
* @return null|string
*/
public static function get_refresh_token( $user, $cap_check = true ) {

self::$is_refresh_token = true;
Expand All @@ -311,6 +320,7 @@ public static function get_refresh_token( $user, $cap_check = true ) {
*/
add_filter( 'graphql_jwt_auth_token_before_sign', function( $token, \WP_User $user ) {
$secret = Auth::get_user_jwt_secret( $user->ID );

if ( ! empty( $secret ) && ! is_wp_error( $secret ) && true === self::is_refresh_token() ) {

/**
Expand Down
26 changes: 20 additions & 6 deletions src/ManageTokens.php
Original file line number Diff line number Diff line change
Expand Up @@ -77,8 +77,15 @@ public static function register_jwt_fields_to( $type ) {
'description' => __( 'A JWT token that can be used in future requests for authentication/authorization', 'wp-graphql-jwt-authentication' ),
'resolve' => function ( $user ) {

if ( $user instanceof User ) {
$user = get_user_by( 'id', $user->userId );
$user_id = 0;
if ( isset( $user->userId ) ) {
$user_id = $user->userId;
} else if ( isset( $user->ID ) ) {
$user_id = $user->ID;
}

if ( ! $user instanceof \WP_User && ! empty( $user_id ) ) {
$user = get_user_by( 'id', $user_id );
}

// Get the token for the user.
Expand All @@ -101,8 +108,15 @@ public static function register_jwt_fields_to( $type ) {
'description' => __( 'A JWT token that can be used in future requests to get a refreshed jwtAuthToken. If the refresh token used in a request is revoked or otherwise invalid, a valid Auth token will NOT be issued in the response headers.', 'wp-graphql-jwt-authentication' ),
'resolve' => function ( $user ) {

if ( $user instanceof User ) {
$user = get_user_by( 'id', $user->userId );
$user_id = 0;
if ( isset( $user->userId ) ) {
$user_id = $user->userId;
} else if ( isset( $user->ID ) ) {
$user_id = $user->ID;
}

if ( ! $user instanceof \WP_User && ! empty( $user_id ) ) {
$user = get_user_by( 'id', $user_id );
}

// Get the token for the user.
Expand All @@ -127,9 +141,9 @@ public static function register_jwt_fields_to( $type ) {

$user_id = 0;

if ( $user instanceof User ) {
if ( isset( $user->userId ) ) {
$user_id = $user->userId;
} else if ( $user instanceof \WP_User ) {
} else if ( isset( $user->ID ) ) {
$user_id = $user->ID;
}

Expand Down

0 comments on commit a2309b6

Please sign in to comment.