From d4ba4ebd098117cc27da7f219137d47c5609d8f8 Mon Sep 17 00:00:00 2001 From: Jason Bahl Date: Tue, 16 Jul 2019 15:29:02 -0600 Subject: [PATCH 1/6] DO NOT MERGE - This is an initial attempt at addressing the conflict. This is not ready for merge, but wanted to test to see if the general approach fixes the conflict for @mhinton --- src/Auth.php | 1 + wp-graphql-jwt-authentication.php | 50 ++++++++++++++++++++++++++++--- 2 files changed, 47 insertions(+), 4 deletions(-) diff --git a/src/Auth.php b/src/Auth.php index bbc03dc..a576d27 100644 --- a/src/Auth.php +++ b/src/Auth.php @@ -364,6 +364,7 @@ protected static function authenticate_user( $username, $password ) { * @param (int|bool) $user Logged User ID * * @return mixed|false|\WP_User + * @throws \Exception */ public static function filter_determine_current_user( $user ) { diff --git a/wp-graphql-jwt-authentication.php b/wp-graphql-jwt-authentication.php index 73cd6e2..bcf0b8a 100644 --- a/wp-graphql-jwt-authentication.php +++ b/wp-graphql-jwt-authentication.php @@ -17,9 +17,12 @@ * @package WPGraphQL_JWT_Authentication */ -namespace WPGraphQL\JWT_Authentication; +namespace WPGraphQL\JWT_Auth; // If this file is called directly, abort. +use WPGraphQL\JWT_Authentication\Auth; +use WPGraphQL\JWT_Authentication\ManageTokens; + if ( ! defined( 'WPINC' ) ) { die; } @@ -33,7 +36,7 @@ require_once( 'c3.php' ); } -if ( ! class_exists( '\WPGraphQL\JWT_Authentication' ) ) : +if ( ! class_exists( '\WPGraphQL\JWT_Auth' ) ) : final class JWT_Authentication { @@ -175,7 +178,7 @@ private static function init() { add_filter( 'determine_current_user', [ '\WPGraphQL\JWT_Authentication\Auth', 'filter_determine_current_user' - ], 10, 1 ); + ], 1, 1 ); /** * Filter the rootMutation fields @@ -202,4 +205,43 @@ function init() { return JWT_Authentication::instance(); } -add_action( 'plugins_loaded', '\WPGraphQL\JWT_Authentication\init' ); +add_action( 'plugins_loaded', '\WPGraphQL\JWT_Auth\init', 1 ); + +add_filter( 'determine_current_user', function( $user ) { + + /** + * Validate the token, which will check the Headers to see if Authentication headers were sent + * + * @since 0.0.1 + */ + $token = Auth::validate_token(); + + /** + * If no token was generated, return the existing value for the $user + */ + if ( empty( $token ) ) { + + /** + * Return the user that was passed in to the filter + */ + return $user; + + /** + * If there is a token + */ + } else { + + /** + * Get the current user from the token + */ + $user = ! empty( $token ) && ! empty( $token->data->user->id ) ? $token->data->user->id : $user; + + + } + + + /** + * Everything is ok, return the user ID stored in the token + */ + return absint( $user ); +} ); From 045344416b2f7bd41841b5243aa46a85a60eae56 Mon Sep 17 00:00:00 2001 From: Jason Bahl Date: Tue, 16 Jul 2019 16:17:37 -0600 Subject: [PATCH 2/6] DO NOT MERGE - This is an initial attempt at addressing the conflict. This is not ready for merge, but wanted to test to see if the general approach fixes the conflict for @mhinton --- src/Auth.php | 2 +- wp-graphql-jwt-authentication.php | 9 --------- 2 files changed, 1 insertion(+), 10 deletions(-) diff --git a/src/Auth.php b/src/Auth.php index a576d27..52c2b65 100644 --- a/src/Auth.php +++ b/src/Auth.php @@ -561,7 +561,7 @@ public static function validate_token( $token = null, $refresh = false ) { /** * The Token is decoded now validate the iss */ - if ( get_bloginfo( 'url' ) !== $token->iss ) { + if ( ! isset( $token->iss ) || get_bloginfo( 'url' ) !== $token->iss ) { throw new \Exception( __( 'The iss do not match with this server', 'wp-graphql-jwt-authentication' ) ); } diff --git a/wp-graphql-jwt-authentication.php b/wp-graphql-jwt-authentication.php index bcf0b8a..a564dbf 100644 --- a/wp-graphql-jwt-authentication.php +++ b/wp-graphql-jwt-authentication.php @@ -166,20 +166,11 @@ private function includes() { */ private static function init() { - /** * Initialize the GraphQL fields for managing tokens */ ManageTokens::init(); - /** - * Filter how WordPress determines the current user - */ - add_filter( 'determine_current_user', [ - '\WPGraphQL\JWT_Authentication\Auth', - 'filter_determine_current_user' - ], 1, 1 ); - /** * Filter the rootMutation fields */ From e69b4b4e4cb0508f75bd29e4541a243215a86242 Mon Sep 17 00:00:00 2001 From: Jason Bahl Date: Wed, 17 Jul 2019 07:34:40 -0600 Subject: [PATCH 3/6] - Bail in determine_current_user filter if it's not a GraphQL HTTP Request --- wp-graphql-jwt-authentication.php | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/wp-graphql-jwt-authentication.php b/wp-graphql-jwt-authentication.php index a564dbf..065a08c 100644 --- a/wp-graphql-jwt-authentication.php +++ b/wp-graphql-jwt-authentication.php @@ -200,6 +200,15 @@ function init() { add_filter( 'determine_current_user', function( $user ) { + /** + * Bail if it's not a GraphQL HTTP Request + * + * @todo: consider supporting REST too? + */ + if ( ! defined( 'GRAPHQL_HTTP_REQUEST' ) || false === GRAPHQL_HTTP_REQUEST ) { + return $user; + } + /** * Validate the token, which will check the Headers to see if Authentication headers were sent * From 3bbf50bbdcad0653dbbf3cbe832b05c9c5cf3cc7 Mon Sep 17 00:00:00 2001 From: Jason Bahl Date: Wed, 17 Jul 2019 16:36:38 -0600 Subject: [PATCH 4/6] - More adjustments for the determine_current_user callback --- wp-graphql-jwt-authentication.php | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/wp-graphql-jwt-authentication.php b/wp-graphql-jwt-authentication.php index 065a08c..1aa3ada 100644 --- a/wp-graphql-jwt-authentication.php +++ b/wp-graphql-jwt-authentication.php @@ -198,16 +198,8 @@ function init() { add_action( 'plugins_loaded', '\WPGraphQL\JWT_Auth\init', 1 ); -add_filter( 'determine_current_user', function( $user ) { - /** - * Bail if it's not a GraphQL HTTP Request - * - * @todo: consider supporting REST too? - */ - if ( ! defined( 'GRAPHQL_HTTP_REQUEST' ) || false === GRAPHQL_HTTP_REQUEST ) { - return $user; - } +add_filter( 'determine_current_user', function( $user ) { /** * Validate the token, which will check the Headers to see if Authentication headers were sent @@ -219,7 +211,7 @@ function init() { /** * If no token was generated, return the existing value for the $user */ - if ( empty( $token ) ) { + if ( empty( $token ) || is_wp_error( $token ) ) { /** * Return the user that was passed in to the filter @@ -239,9 +231,8 @@ function init() { } - /** * Everything is ok, return the user ID stored in the token */ return absint( $user ); -} ); +}, 99, 1 ); From e1c903af0eb476871ca330958c0d8773f65cd333 Mon Sep 17 00:00:00 2001 From: Jason Bahl Date: Thu, 18 Jul 2019 12:01:43 -0600 Subject: [PATCH 5/6] #41 - JWT fields cannot be retrieved via viewer query - refactored a bit to keep things a bit cleaner --- src/Auth.php | 4 +-- wp-graphql-jwt-authentication.php | 47 ++++++------------------------- 2 files changed, 10 insertions(+), 41 deletions(-) diff --git a/src/Auth.php b/src/Auth.php index 52c2b65..5eec64f 100644 --- a/src/Auth.php +++ b/src/Auth.php @@ -378,7 +378,7 @@ public static function filter_determine_current_user( $user ) { /** * If no token was generated, return the existing value for the $user */ - if ( empty( $token ) ) { + if ( empty( $token ) || is_wp_error( $token ) ) { /** * Return the user that was passed in to the filter @@ -398,7 +398,6 @@ public static function filter_determine_current_user( $user ) { } - /** * Everything is ok, return the user ID stored in the token */ @@ -489,6 +488,7 @@ public static function unrevoke_user_secret( int $user_id ) { } + protected static function set_status( $status_code ) { add_filter( 'graphql_response_status_code', function() use ( $status_code ) { return $status_code; diff --git a/wp-graphql-jwt-authentication.php b/wp-graphql-jwt-authentication.php index 1aa3ada..716a083 100644 --- a/wp-graphql-jwt-authentication.php +++ b/wp-graphql-jwt-authentication.php @@ -171,6 +171,14 @@ private static function init() { */ ManageTokens::init(); + /** + * Filter how WordPress determines the current user + */ + add_filter( 'determine_current_user', [ + '\WPGraphQL\JWT_Authentication\Auth', + 'filter_determine_current_user' + ], 99, 1 ); + /** * Filter the rootMutation fields */ @@ -197,42 +205,3 @@ function init() { } add_action( 'plugins_loaded', '\WPGraphQL\JWT_Auth\init', 1 ); - - -add_filter( 'determine_current_user', function( $user ) { - - /** - * Validate the token, which will check the Headers to see if Authentication headers were sent - * - * @since 0.0.1 - */ - $token = Auth::validate_token(); - - /** - * If no token was generated, return the existing value for the $user - */ - if ( empty( $token ) || is_wp_error( $token ) ) { - - /** - * Return the user that was passed in to the filter - */ - return $user; - - /** - * If there is a token - */ - } else { - - /** - * Get the current user from the token - */ - $user = ! empty( $token ) && ! empty( $token->data->user->id ) ? $token->data->user->id : $user; - - - } - - /** - * Everything is ok, return the user ID stored in the token - */ - return absint( $user ); -}, 99, 1 ); From 42fff3a2a3b2d4546bab489b0a5caec09ba5417c Mon Sep 17 00:00:00 2001 From: Jason Bahl Date: Thu, 18 Jul 2019 12:07:37 -0600 Subject: [PATCH 6/6] #41 - JWT fields cannot be retrieved via viewer query - refactored a bit to keep things a bit cleaner --- vendor/composer/ClassLoader.php | 4 ++-- wp-graphql-jwt-authentication.php | 9 +++------ 2 files changed, 5 insertions(+), 8 deletions(-) diff --git a/vendor/composer/ClassLoader.php b/vendor/composer/ClassLoader.php index dc02dfb..fce8549 100644 --- a/vendor/composer/ClassLoader.php +++ b/vendor/composer/ClassLoader.php @@ -279,7 +279,7 @@ public function isClassMapAuthoritative() */ public function setApcuPrefix($apcuPrefix) { - $this->apcuPrefix = function_exists('apcu_fetch') && ini_get('apc.enabled') ? $apcuPrefix : null; + $this->apcuPrefix = function_exists('apcu_fetch') && filter_var(ini_get('apc.enabled'), FILTER_VALIDATE_BOOLEAN) ? $apcuPrefix : null; } /** @@ -377,7 +377,7 @@ private function findFileWithExtension($class, $ext) $subPath = $class; while (false !== $lastPos = strrpos($subPath, '\\')) { $subPath = substr($subPath, 0, $lastPos); - $search = $subPath.'\\'; + $search = $subPath . '\\'; if (isset($this->prefixDirsPsr4[$search])) { $pathEnd = DIRECTORY_SEPARATOR . substr($logicalPathPsr4, $lastPos + 1); foreach ($this->prefixDirsPsr4[$search] as $dir) { diff --git a/wp-graphql-jwt-authentication.php b/wp-graphql-jwt-authentication.php index 716a083..269dae7 100644 --- a/wp-graphql-jwt-authentication.php +++ b/wp-graphql-jwt-authentication.php @@ -17,12 +17,9 @@ * @package WPGraphQL_JWT_Authentication */ -namespace WPGraphQL\JWT_Auth; +namespace WPGraphQL\JWT_Authentication; // If this file is called directly, abort. -use WPGraphQL\JWT_Authentication\Auth; -use WPGraphQL\JWT_Authentication\ManageTokens; - if ( ! defined( 'WPINC' ) ) { die; } @@ -36,7 +33,7 @@ require_once( 'c3.php' ); } -if ( ! class_exists( '\WPGraphQL\JWT_Auth' ) ) : +if ( ! class_exists( '\WPGraphQL\JWT_Authentication' ) ) : final class JWT_Authentication { @@ -204,4 +201,4 @@ function init() { return JWT_Authentication::instance(); } -add_action( 'plugins_loaded', '\WPGraphQL\JWT_Auth\init', 1 ); +add_action( 'plugins_loaded', '\WPGraphQL\JWT_Authentication\init', 1 );