Update README.md

instance-id · web-flow · commit 33efb314a5db · 2021-09-17T19:58:19.000-05:00
diff --git a/README.md b/README.md
@@ -110,16 +110,6 @@ We will start by filling out config.json
 4. From there the "Click to Reveal Token" text will be displayed. Once you click that it will give you a text string. This will be pasted into the first property of the config.json.  
 ![https://i.imgur.com/12RIZuV.png](https://i.imgur.com/12RIZuV.png)
 
-**features - wordpress**
-* This property indicates whether you will be wanting to connect Verifier to your [WordPress](#wordpress) site. If so, make sure "Yes" is typed into the field, otherwise leave it at no.  
-If you would like to connect to WordPress, please see the [WordPress](#wordpress) section of the documentation.
-
-**features - connection**
-* Currently Oauth2 is the only available authentication type supported. It is secure and fairly universal so there may not be any need to add any other types, if there is, additional options and instructions will be added. Until that time, leave the default of "Oauth2".
-
-**miscsettings - webaddress**
-* If you are going to be connecting Verifier to [WordPress](#wordpress) you will need to fill in the address of your [WordPress](#wordpress) site. Note that if your actual [WordPress](#wordpress) site is located in a subdirectory (ex. http://mysite.com/wordpress) you will need to put in the full path to your install including the subdirectory.
-
 **miscsettings - requireemail**
 *(This setting is required when using the [WordPress](#wordpress) integration, as it is how it will locate the users account but can also be used without the integration)* 
 
@@ -206,31 +196,6 @@ The other options below only need to be changed / filled out if you are going to
    ex. If you type "verifier_" into the prefix the table names in the database will come out as `verifier_table_name` as opposed to just `table_name` )  
   * **charset** Chances are you will not need to modify the character set, but if you do, you can. If you don't know what it is or you are in doubt, just leave it as is.
 
-----
- <a name="wpconfig"></a>
-## wordpress.json
-  Please see the WordPress section under the Explanations heading for details on how to create an Oauth2 WordPress connection and obtain the following information.
-  
-  (It is advised that you create a new WordPress account on your site which will be used only as a "service account" that Verifier will use to be able to adjust permissions of your users when they verify. Please see the "User Role Editor" Plugin section for more information.)  
-  
-  These settings allow you to connect Verifier to your WordPress site in order to give your users access to protected pages or download sections you may have.  
-  
-  Please note that an active account and email address from the user is required in order for Verifier to locate the user and apply the permissions.
-  
-   
-  **siteaddress**: "https://example.com/", (Make sure the site address is https:// and has a trailing '/' at the end.)  
-  **client_id**: "exampleclientid123123ABCabC",  
-  **client_secret**: "exampleclientid123123ABCabC123123123123",  
-  **redirect**: "https://example.com/?_wpoauth_callback=standards",  
-  **appname**: "Verifier", (Change this to whatever you named the application you created within the WP-Oauth Server plugin in order to create the above keys.)  
-
-  
-  The below addresses should stay the default unless you manually change them within the WP-Oauth plugin.  
-  Make sure these addresses (if changed) do *not* have a leading or trailing '/' at the beginning.  
-  **accessurl**: "oauth/token",  
-  **authorizeurl**: "oauth/authorize",  
-  **granttype**: "authorization_code",  
-
 ----
  <a name="explanations"></a>
 # Explanations
@@ -341,229 +306,8 @@ Below is an example of how config.json and wordpress.json might look to show mat
   
   
 ```
-    
- <a name="wordpress"></a>
-# WordPress
-If using the WordPress integration you will need the following plugins.  
-
-* [User Role Editor](https://wordpress.org/plugins/user-role-editor/) - Used to easily create additional user permission roles in WordPress to allow much finer control of what the role has access to.
-* [WP Oauth Server](https://wordpress.org/plugins/oauth2-provider/) - Used to create and maintain the Oauth2 secure connection between Verifier and your WordPress site.
-* [PHP Code Snippets](https://wordpress.org/plugins/insert-php/) - This allows you to place the necessary PHP code required to retrieve back the users email address into your admin panel. Alternatively you can paste the code directly into your themes functions.php file.
-
-(Only needed if you have trouble connecting)
 
-* [Advanced Access Manager](https://wordpress.org/plugins/advanced-access-manager/) - If you find you are unable to communicate with your WordPress site once everything is configured, you may need this to make sure the REST API is enabled.
-
- <a name="plugins"></a>
-## Plugins
- <a name="roleeditor"></a>
-###  User Role Editor
-
-  Note: It is advised that you create a new WordPress account on your site which will be used only as a "service account" that Verifier will use to be 
-  able to adjust permissions of your users when they verify. Please see the bottom of this section for instructions on creating a new role for your "service account" user.
- 
-1. Once you install [User Role Editor](https://wordpress.org/plugins/user-role-editor/) make sure it is enabled. On the plugins page under "User Role Editor" There is a 
-settings page in which you can make adjustments as you see fit. Under "Default Roles" you can select one or more roles that you would like to be applied to new users of your site
-but typically the default settings are fine.  
-![https://i.imgur.com/G496YLg.png](https://i.imgur.com/G496YLg.png)
-
-2. Under the "Users" main menu on the side bar you will find the "User Role Editor" configuration menu.  
-![https://i.imgur.com/0o1K8WW.png](https://i.imgur.com/0o1K8WW.png)
-
-3. On the right hand side of this menu screen you will see options to add/rename/delete roles.  
-![https://i.imgur.com/Erufbpb.png](https://i.imgur.com/Erufbpb.png) 
-
-4. You can create new roles that you would like Verifier to be able to change your users to using the "Add Role" button. 
-The "Role name (ID)" is what you will need to put into Verifiers wordpress.json config under "Wordpress Settings" and then "assets".  
-![https://i.imgur.com/MYRTHsy.png](https://i.imgur.com/MYRTHsy.png)
-
-5. Once a new role is created you will have to use the menu to assign what permissions you would like that role to have access to.  
-    * These will be specific to your site and setup.  
-        * You might have a plugin to handle downloads on your site that require permission to be able to download them.  
-        * You might have a WordPress forum plugin that restricts or allows access based on role.  
-        You can configure it to allow the roles you created for your assets to be granted access to those. These decisions are up to you. 
-        
-        
-**Creating a new role for service account.**  
- Once you have a new account to be used, if you have finished the steps above for setting 
-  up the "User Role Editor" plugin, from the "User Role Editor menu select "Add Role", you can leave the "Make copy of:" box blank so that the role has no permission at first.
-  You can name it whatever you like, such as "Verifier" or similar so you know what it is for.
-  1. Once the role is created in "User Role Editor", in the permission window make sure the new role you created is selected from the top drop down box:  
-  ![https://i.imgur.com/4kP8XMK.png](https://i.imgur.com/4kP8XMK.png)
-  
-  2. Then scroll down in the list until you locate the permission named "promote_users". Check this box and hit the "Update" button to the right to apply this permission to the new role.    
-  ![https://i.imgur.com/N9ovmuv.png](https://i.imgur.com/N9ovmuv.png)
-  
-  
-  3. Then go to the "All Users" menu in the main left hand menu.  
-  ![https://i.imgur.com/hfm9Iz1.png](https://i.imgur.com/hfm9Iz1.png)
-  
-  4. Click on your service account user to open the settings menu for that user and scroll down until you find the "Additional Capabilities" section. 
-  Under the drop down titled "Other Roles" place a check mark next to the new role you just created and then hit "Update User" at the bottom. 
-  Your service account now has the ability to edit user permissions.
-  
 ----------------------------------------------------------------------------------------------------------------------------------------
- <a name="oauth"></a>
-### WP Oauth Server
-* Install the following plugin into your WordPress site and activate it. **[WP Oauth Server](https://wordpress.org/plugins/oauth2-provider/)**
-
-1. Once WP Oauth Server is installed you will be able to locate it's settings in your admin panel under the tab "Oauth Server".  
-![https://i.imgur.com/vk6wVTo.png](https://i.imgur.com/vk6wVTo.png)
-  
-  
-2. First click on the "Settings" tab under the "Oauth Server" menu tab.  
-![https://i.imgur.com/ew1j0I2.png](https://i.imgur.com/ew1j0I2.png)
-  
-  
-3. Select the checkbox for "Oauth Server Enabled" to turn the Oauth2 communication on and press the "Save Changes" button.   
-![https://i.imgur.com/K4Sdq81.png](https://i.imgur.com/K4Sdq81.png)
-
-
-4. Select the "Advanced Configuration" tab at the top.  
-![https://i.imgur.com/HZs0UxN.png](https://i.imgur.com/HZs0UxN.png)
-
-
-5. Enable the checkboxes for "Authorization Code" and "Allow Implicit" if they are not both already enabled.  
-![https://i.imgur.com/GfuJp50.png](https://i.imgur.com/GfuJp50.png)
-
-
-6. Under "Misc Settings" enable the "Require Exact Redirect URI" option.  
-![https://i.imgur.com/dmI3lpY.png](https://i.imgur.com/dmI3lpY.png)
-
-
-7. **(Important)** Under the "Token Lifetimes (Global)" section set the value of "Access Token Lifetime" to a value very high. I have tested and recommend a value of around 599999999. 
-This value is the amount of time in seconds that the secured connection between Verifier and your WordPress site will be allowed. The value of 599999999 is 19 years. 
-You can adjust it as you wish but know that if the connection times out due to too short of a duration you will have to go through the Oauth2 authentication process again in order for 
-Verifier to communicate with your WordPress site again and functionality fill be lost between them until you do.  
-![https://i.imgur.com/YxrC6pb.png](https://i.imgur.com/YxrC6pb.png)
-
-
-8. Once those options and values are set press the "Save Changes" button and then select the "Clients" menu tab.  
-![https://i.imgur.com/R8NoFkM.png](https://i.imgur.com/R8NoFkM.png)
-
-
-9. Select the "Add New Client" option at the top of the Clients page.  
-![https://i.imgur.com/8OfLxq8.png](https://i.imgur.com/8OfLxq8.png)
-
-10. Select the "Authorization Code" and "Implicit" checkboxes if they are not selected already. Then create a name for this application. 
-It is recommended to use the name "Verifier" so that if you ever need to remember or identify what it is, you will easily be able to. Not that whatever name you choose will have to be put into the wordpress.json config, so do not include any spaces or special characters.  
-![https://i.imgur.com/UsN6kxv.png](https://i.imgur.com/UsN6kxv.png)
-
-11. For Redirect URI you will want to use the following value but you must put your sites URL in front of it. (Site URL must be using a SSL certificate to allow https:// connections. Please see the "SSL" section of the Explanations heading for assistance obtaining a free SSL certificate for your site.)
-    *   `?_wpoauth_callback=standards`
-    * ex. If your site is https://example.com/ you will enter the following into the box:  
-    `https://example.com/?_wpoauth_callback=standards`
-
-12. Under "Advanced Options" you will need to select the user you created specifically for Verifier to use to be able to change your users permissions. 
-This user must have "promote_users" capability in order to be able to make changes to user roles. This can be applied to a user using the above "User Role Editor" plugin.  
-
-13. Once these have been filled out select the "Create Client" button at the bottom left. The page will refresh and you should then see additional fields that look like the below:  
-![https://i.imgur.com/UnBwRFB.png](https://i.imgur.com/UnBwRFB.png)
-
-14. You will then take the following values from the page and copy - paste then into the wordpress.json file in their corresponding location.
-    * Client Name -> appname
-    * Redirect URI -> redirect
-    * Client ID -> client_id
-    * Client Secret -> client_secret
-
-Based on the example image above the "WordPress Connection" section of wordpress.json would look like this: 
-
-```
-  oauth2:{
-      siteaddress: "https://example.com/",
-      client_id: "XraP4ejzqzwxgDr8xpzFQDAp6sNP8lh6NrVRGer6",
-      client_secret: "OXE5A6d8wMNmqoLwQymZUD5H51zLg0S4XwaxDnF9",
-      redirect: "https://example.com/?_wpoauth_callback=standards",
-      appname: "Verifier",
-      accessurl: "oauth/token",
-      authorizeurl: "oauth/authorize",
-      granttype: "authorization_code",
-  },
-
-```
-----------------------------------------------------------------------------------------------------------------------------------------
- <a name="snippets"></a>
-### PHP Code Snippets
-Note that if you prefer to add the code manually instead of following this route, you certainly can. There area number of plugins to accomplish this, 
-and a number of ways to go about it. 
- * This method has been tested as well as the following method.
- * You can locate the file "functions.php" in your current themes folder and you can paste the code from step 3 below in there manually.
- 
- 
-----
-If using PHP Code Snippets follow the below steps: 
-
-
-1. Once [PHP Code Snippets](https://wordpress.org/plugins/insert-php/) is installed you will find it in the left menu of your admin panel.  
-![https://i.imgur.com/u3SHNtt.png](https://i.imgur.com/u3SHNtt.png)
-
-
-2. You will need to select "+ Add snippet" from the top of the PHP Code Snippets menu page.  
-![https://i.imgur.com/o2vDOAS.png](https://i.imgur.com/o2vDOAS.png)
-
-
-
-3. Create a name for the snippet (can be whatever you like, such as "Custom API Endpoint") and then paste in the following code block in the box titled "Enter the code for your snippet".  
-What the following code block does is adds a new REST API endpoint that Verifier will be able to call during the invoice verification process to get the user ID of
-the user based on their email address. It also will tell Verifier what roles the user already has so that it can add the additional new role while retaining the current role 
-instead of replacing it with the new role. This means that if you have other plugins or permissions and settings already in place on that user, they will remain intact.  
-
-```
-    add_action( 'rest_api_init', function () {
-        register_rest_route( 'instance/v1', 'email/(?P<stringvar>[^/]+)', array(
-            'methods'             => 'GET',
-            'callback'            => 'user_email',
-            'permission_callback' => function () {
-                return current_user_can( 'promote_users' );
-            },
-        ) );
-    });
-    
-    function user_email( $data ) {
-    
-        // Get user by their email address
-        $user = get_user_by( 'email', $data[ 'stringvar' ] );
-        $userId = $user->ID;
-        $userroles = $user->roles;
-        $user_data = array('id' => $userId, 'roles' => $userroles, 'email' => $data['stringvar']);
-        wp_reset_postdata();
-    
-        return rest_ensure_response($user_data);
-    }
-```    
-
-4. After pasting the code into the "Enter the code for your snippet" box, select the "Run everywhere" option below that under "Where to execute the code?" section.  
-![https://i.imgur.com/6OKpBcI.png](https://i.imgur.com/6OKpBcI.png)
-
-5. When completed, select the "Publish" button in the top right section of the page to activate the functionality.  
-![https://i.imgur.com/mzSajRn.png](https://i.imgur.com/mzSajRn.png)
-
-
-
-----------------------------------------------------------------------------------------------------------------------------------------
- <a name="finalsteps"></a>
-## WordPress integration and Oauth2 setup - Final Step
-To use the WordPress integration you will need to enable 4 settings in the config files as seen below:
-* config.json -    wordpress: "Yes",
-* config.json -    webaddress: "https://example.com/", (You will need to put in your website address. Include a trailing "/" at the end.)
-* config.json -    requireemail: "Yes",
-* wordpress.json - applyrole: "Yes",
-
-Once those are enabled, you have configured the dbconfig.json and ran the database creation command, and you have setup 
-the prerequisite WordPress plugins you are ready to finalize the WordPress connection.
-
-1. If Verifier is up and running send a private message to the Verifier bot containing the following command:
-     * `!cmdwpsetup`
-2. You will be prompted to click on a link to your site which will establish access between Verifier and your site. If you are not logged in already, you will be prompted to login to approve this.
-
-3. Once the connection has been approved you will be redirected to your sites main page but in the URL bar of your browser you will see at the end of your sites URL it will have the text `code=` as seen below:
-Copy and paste the code that comes after the `code=` (as seen highlighted below) back into the Discord private message with your Verifier bot and hit enter. This will complete the connection between Verifier and WordPress. 
-If you receive a reply back from Verifier stating "Connection successfully created." then everything worked as it should.  
-![https://i.imgur.com/T3XmBFz.png](https://i.imgur.com/T3XmBFz.png)
-
-    Note that there is a 30 second time limit from the time you click the link in Discord, approve the connection, and copy and paste the code back into Discord. If you do not make it in time and you get the message "Connection not established." you simply have to try again.
-
-4. Finally, restart the Verifier application in order for the newly created connection to be re-established using the new authentication token and you should be good to go!
 
 ----
  <a name="commands"></a>
