Make the wp-login page work with ?action=oauth2

Author: almirbi

inc/endpoints/class-authorization.php

@@ -42,4 +42,8 @@ public function handle_request() {
 			wp_die( $result->get_error_message() );
 		}
 	}
+
+	public function render_page_fields() {
+		wp_nonce_field( 'json_oauth2_authorize' );
+	}
 }

inc/types/class-authorization-code.php

@@ -5,7 +5,7 @@
 use WP_Http;
 use WP\OAuth2\Client;
 
-class Authorization_Code extends Base {
+class AuthorizationCode extends Base {
 	protected function handle_authorization_submission( $submit, Client $client, $data ) {
 		$redirect_uri = $data['redirect_uri'];
 

inc/types/class-base.php

@@ -10,6 +10,7 @@ abstract class Base implements Type {
 	 * Handle authorisation page.
 	 */
 	public function handle_authorisation() {
+
 		if ( empty( $_GET['client_id'] ) ) {
 			return new WP_Error(
 				'oauth2.types.authorization_code.handle_authorisation.missing_client_id',
@@ -45,6 +46,7 @@ public function handle_authorisation() {
 			return $this->render_form( $client );
 		}
 
+
 		// Check nonce.
 		$nonce = wp_unslash( $_POST['_wpnonce'] );
 		if ( ! wp_verify_nonce( $nonce, $this->get_nonce_action( $client ) ) ) {
@@ -54,6 +56,8 @@ public function handle_authorisation() {
 			);
 		}
 
+
+
 		$submit = wp_unslash( $_POST['wp-submit'] );
 		if ( empty( $submit ) ) {
 			return new WP_Error();
@@ -99,10 +103,10 @@ protected function validate_redirect_uri( Client $client, $redirect_uri = null )
 	 *
 	 * @param Client $client Client being authorised.
 	 */
-	protected function render_form( Client $client ) {
-		$file = locate_template( 'oauth1-authorize.php' );
+	public function render_form( Client $client ) {
+		$file = locate_template( 'oauth2-authorize.php' );
 		if ( empty( $file ) ) {
-			$file = dirname( dirname( __DIR__ ) ) . '/theme/oauth1-authorize.php';
+			$file = dirname( dirname( __DIR__ ) ) . '/theme/oauth2-authorize.php';
 		}
 
 		include $file;
@@ -114,6 +118,6 @@ protected function render_form( Client $client ) {
 	 * @param Client $client Client to generate nonce for.
 	 */
 	protected function get_nonce_action( Client $client ) {
-		return sprintf( 'oauth2_authorize:%s', $client->get_key() );
+		return sprintf( 'oauth2_authorize:%s', $client->get_post_id() );
 	}
 }

lib/class-wp-rest-oauth2-ui.php

@@ -43,10 +43,9 @@ public function handle_request() {
 			exit;
 		}
 
-		$response = $this->render_page();
-		if ( is_wp_error( $response ) ) {
-			$this->display_error( $response );
-		}
+		$auth_code = new \WP\OAuth2\Types\AuthorizationCode();
+
+		$auth_code->handle_authorisation();
 		exit;
 	}
 
@@ -56,69 +55,8 @@ public function handle_request() {
 	 * @return null|WP_Error Null on success, error otherwise
 	 */
 	public function render_page() {
-		// Check required fields
-		/*if ( empty( $_REQUEST['response_type'] ) ) {
-			return new WP_Error( 'json_oauth2_missing_param', sprintf( __( 'Missing parameter %s', 'rest_oauth2' ), 'response_type' ), array( 'status' => 400 ) );
-		}
-
-		if ( empty( $_REQUEST['client_id'] ) ) {
-			return new WP_Error( 'json_oauth2_missing_param', sprintf( __( 'Missing parameter %s', 'rest_oauth2' ), 'client_id' ), array( 'status' => 400 ) );
-		}*/
-
-		/*// Set up fields
-		$token_key = wp_unslash( $_REQUEST['oauth_token'] );
-		$scope = '*';
-		if ( ! empty( $_REQUEST['wp_scope'] ) ) {
-			$scope = wp_unslash( $_REQUEST['wp_scope'] );
-		}*/
-
-		// $authenticator = new WP_REST_OAuth1();
-		// $errors = array();
-		// $this->token = $authenticator->get_request_token( $token_key );
-		/*if ( is_wp_error( $this->token ) ) {
-			return $this->token;
-		}
-
-		if ( ! empty( $_REQUEST['oauth_callback'] ) ) {
-			$resp = $authenticator->set_request_token_callback( $this->token['key'], $_REQUEST['oauth_callback'] );
-			if ( is_wp_error( $resp ) ) {
-				return $resp;
-			}
-		}
-
-		if ( $this->token['authorized'] === true ) {
-			return $this->handle_callback_redirect( $this->token['verifier'] );
-		}
-
-		// Fetch consumer
-		$this->consumer = $consumer = get_post( $this->token['consumer'] );*/
-
-		/*if ( ! empty( $_POST['wp-submit'] ) ) {
-			check_admin_referer( 'json_oauth2_authorize' );
-
-			switch ( $_POST['wp-submit'] ) {
-				case 'authorize':
-					$verifier = $authenticator->authorize_request_token( $this->token['key'] );
-					if ( is_wp_error( $verifier ) ) {
-						return $verifier;
-					}
-
-					return $this->handle_callback_redirect( $verifier );
-
-				case 'cancel':
-					exit;
-
-				default:
-					return new WP_Error( 'json_oauth1_invalid_action', __( 'Invalid authorization action', 'rest_oauth1' ), array( 'status' => 400 ) );
-			}
-		}*/
-
-		$file = locate_template( 'oauth2-authorize.php' );
-		if ( empty( $file ) ) {
-			$file = dirname( dirname( __FILE__ ) ) . '/theme/oauth2-authorize.php';
-		}
-
-		include $file;
+		$auth_code = new \WP\OAuth2\Types\AuthorizationCode();
+		$auth_code->handle_authorisation();
 	}
 
 	/**
@@ -128,9 +66,7 @@ public function render_page() {
 	 * nonce field.
 	 */
 	public function page_fields() {
-		echo '<input type="hidden" name="consumer" value="' . absint( $this->consumer->ID ) . '" />';
-		echo '<input type="hidden" name="oauth_token" value="' . esc_attr( $this->token['key'] ) . '" />';
-		wp_nonce_field( 'json_oauth2_authorize' );
+		wp_nonce_field( sprintf( 'oauth2_authorize:%s', $this->client->get_post_id() ) );
 	}
 
 	/**

theme/oauth2-authorize.php

@@ -54,7 +54,7 @@
 
 <form name="oauth1_authorize_form" id="oauth1_authorize_form" action="<?php echo esc_url( $url ); ?>" method="post">
 
-	<h2 class="login-title"><?php echo esc_html( sprintf( __('Connect %1$s'), "Awesome Client" ) ) ?></h2>
+	<h2 class="login-title"><?php echo esc_html( sprintf( __('Connect %1$s'), $client->get_name() ) ) ?></h2>
 
 	<div class="login-info">
 
@@ -64,7 +64,7 @@
 			printf(
 				__( 'Howdy <strong>%1$s</strong>,<br/> "%2$s" would like to connect to %3$s.', 'oauth2' ),
 				$current_user->user_login,
-				"Awesome Client",
+		    $client->get_name(),
 				get_bloginfo( 'name' )
 			)
 		?></p>
@@ -76,7 +76,7 @@
 	 * Fires inside the lostpassword <form> tags.
 	 */
 	do_action( 'oauth2_authorize_form', $client );
-	wp_nonce_field( sprintf( 'oauth2_authorize:%s', "Aajaskdjalskdjkl" ) );
+	wp_nonce_field( 'oauth2_authorize' );
 	?>
 
 	<p class="submit">