Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

#69 - Backward Compatibility fixes for playing nice with WPGraphQL for WooCommerce #75

Merged
merged 1 commit into from
Feb 14, 2020
Merged

#69 - Backward Compatibility fixes for playing nice with WPGraphQL for WooCommerce #75

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 14 additions & 4 deletions src/Auth.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,8 +68,8 @@ public static function login_and_get_token( $username, $password ) {
* The token is signed, now create the object with basic user data to send to the client
*/
$response = [
'authToken' => self::get_signed_token( $user ),
'refreshToken' => self::get_refresh_token( $user ),
'authToken' => self::get_signed_token( wp_get_current_user() ),
'refreshToken' => self::get_refresh_token( wp_get_current_user() ),
'user' => DataSource::resolve_user( $user->data->ID, \WPGraphQL::get_app_context() ),
'id' => $user->data->ID,
];
Expand Down Expand Up @@ -124,6 +124,7 @@ public static function get_token_expiration() {
* Retrieves validates user and retrieve signed token
*
* @param \WP_User $user Owner of the token.
* @param bool $cap_check Whether to check capabilities when getting the token
*
* @return null|string
*/
Expand Down Expand Up @@ -221,7 +222,7 @@ public static function get_user_jwt_secret( $user_id ) {
* If the request is not from the current_user or the current_user doesn't have the proper capabilities, don't return the secret
*/
$is_current_user = ( $user_id === get_current_user_id() ) ? true : false;
if ( ! $is_current_user || ! current_user_can( $capability ) ) {
if ( ! $is_current_user && ! current_user_can( $capability ) ) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder why you put && here @jasonbahl . Shouldn't it make sure to return null if either of those conditions is true?

return null;
}

Expand All @@ -234,7 +235,7 @@ public static function get_user_jwt_secret( $user_id ) {
* If there is no stored secret, or it's not a string
*/
if ( empty( $secret ) || ! is_string( $secret ) ) {
Auth::issue_new_user_secret( $user_id );
$secret = Auth::issue_new_user_secret( $user_id );
}

/**
Expand Down Expand Up @@ -293,13 +294,21 @@ public static function is_jwt_secret_revoked( $user_id ) {
* Public method for getting an Auth token for a given user
*
* @param \WP_USer $user The user to get the token for
* @param boolean $cap_check Whether to check capabilities. Default is true.
*
* @return null|string
*/
public static function get_token( $user, $cap_check = true ) {
return self::get_signed_token( $user, $cap_check );
}

/**
* Given a WP_User, this returns a refresh token for the user
* @param \WP_User $user A WP_User object
* @param bool $cap_check
*
* @return null|string
*/
public static function get_refresh_token( $user, $cap_check = true ) {

self::$is_refresh_token = true;
Expand All @@ -311,6 +320,7 @@ public static function get_refresh_token( $user, $cap_check = true ) {
*/
add_filter( 'graphql_jwt_auth_token_before_sign', function( $token, \WP_User $user ) {
$secret = Auth::get_user_jwt_secret( $user->ID );

if ( ! empty( $secret ) && ! is_wp_error( $secret ) && true === self::is_refresh_token() ) {

/**
Expand Down
26 changes: 20 additions & 6 deletions src/ManageTokens.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,8 +77,15 @@ public static function register_jwt_fields_to( $type ) {
'description' => __( 'A JWT token that can be used in future requests for authentication/authorization', 'wp-graphql-jwt-authentication' ),
'resolve' => function ( $user ) {

if ( $user instanceof User ) {
$user = get_user_by( 'id', $user->userId );
$user_id = 0;
if ( isset( $user->userId ) ) {
$user_id = $user->userId;
} else if ( isset( $user->ID ) ) {
$user_id = $user->ID;
}

if ( ! $user instanceof \WP_User && ! empty( $user_id ) ) {
$user = get_user_by( 'id', $user_id );
}

// Get the token for the user.
Expand All @@ -101,8 +108,15 @@ public static function register_jwt_fields_to( $type ) {
'description' => __( 'A JWT token that can be used in future requests to get a refreshed jwtAuthToken. If the refresh token used in a request is revoked or otherwise invalid, a valid Auth token will NOT be issued in the response headers.', 'wp-graphql-jwt-authentication' ),
'resolve' => function ( $user ) {

if ( $user instanceof User ) {
$user = get_user_by( 'id', $user->userId );
$user_id = 0;
if ( isset( $user->userId ) ) {
$user_id = $user->userId;
} else if ( isset( $user->ID ) ) {
$user_id = $user->ID;
}

if ( ! $user instanceof \WP_User && ! empty( $user_id ) ) {
$user = get_user_by( 'id', $user_id );
}

// Get the token for the user.
Expand All @@ -127,9 +141,9 @@ public static function register_jwt_fields_to( $type ) {

$user_id = 0;

if ( $user instanceof User ) {
if ( isset( $user->userId ) ) {
$user_id = $user->userId;
} else if ( $user instanceof \WP_User ) {
} else if ( isset( $user->ID ) ) {
$user_id = $user->ID;
}

Expand Down