Skip to content

Commit 05dc19b

Browse files
rmccuermccue
committed
Merge pull request #7 from WP-API/determine-user
Actually yse determine_current_user
2 parents 3b5ba2a + 8d98db2 commit 05dc19b

File tree

2 files changed

+41
-5
lines changed

2 files changed

+41
-5
lines changed

lib/class-wp-json-authentication-oauth1.php

Lines changed: 26 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,12 @@ class WP_JSON_Authentication_OAuth1 extends WP_JSON_Authentication {
2121
*/
2222
protected $type = 'oauth1';
2323

24+
/**
25+
* Errors that occurred during authentication
26+
* @var WP_Error|null|boolean True if succeeded, WP_Error if errored, null if not OAuth
27+
*/
28+
protected $auth_status = null;
29+
2430
/**
2531
* Parse the Authorization header into parameters
2632
*
@@ -134,35 +140,50 @@ public function authenticate( $user ) {
134140

135141
$params = $this->get_parameters();
136142
if ( ! is_array( $params ) ) {
137-
return $params;
143+
$this->auth_status = $params;
144+
return null;
138145
}
139146

140147
// Fetch user by token key
141148
$token = $this->get_access_token( $params['oauth_token'] );
142149
if ( is_wp_error( $token ) ) {
143-
return $token;
150+
$this->auth_status = $token;
151+
return null;
144152
}
145153

146154
$result = $this->check_token( $token, $params['oauth_consumer_key'] );
147155
if ( is_wp_error( $result ) ) {
148-
return $result;
156+
$this->auth_status = $result;
157+
return null;
149158
}
150159
list( $consumer, $user ) = $result;
151160

152161
// Perform OAuth validation
153162
$error = $this->check_oauth_signature( $user, $params, $token );
154163
if ( is_wp_error( $error ) ) {
155-
return $error;
164+
$this->auth_status = $error;
165+
return null;
156166
}
157167

158168
$error = $this->check_oauth_timestamp_and_nonce( $user, $params['oauth_timestamp'], $params['oauth_nonce'] );
159169
if ( is_wp_error( $error ) ) {
160-
return $error;
170+
$this->auth_status = $error;
171+
return null;
161172
}
162173

174+
$this->auth_status = true;
163175
return $user;
164176
}
165177

178+
/**
179+
* Report authentication errors to the JSON API
180+
*
181+
* @return WP_Error|boolean|null {@see WP_JSON_Server::check_authentication}
182+
*/
183+
public function get_authentication_errors() {
184+
return $this->auth_status;
185+
}
186+
166187
/**
167188
* Serve an OAuth request
168189
*

oauth-server.php

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,21 @@ function json_oauth_server_setup_authentication() {
4040
}
4141
add_action( 'init', 'json_oauth_server_setup_authentication' );
4242

43+
/**
44+
* Register the authorization page
45+
*
46+
* Alas, login_init is too late to register pages, as the action is already
47+
* sanitized before this.
48+
*/
49+
function json_oauth_load() {
50+
global $wp_json_authentication_oauth1;
51+
52+
$wp_json_authentication_oauth1 = new WP_JSON_Authentication_OAuth1();
53+
add_filter( 'determine_current_user', array( $wp_json_authentication_oauth1, 'authenticate' ) );
54+
add_filter( 'json_authentication_errors', array( $wp_json_authentication_oauth1, 'get_authentication_errors' ) );
55+
}
56+
add_action( 'plugins_loaded', 'json_oauth_load' );
57+
4358
/**
4459
* Load the JSON API
4560
*/

0 commit comments

Comments
 (0)