WordPress.org
Get WordPress

Making WordPress.org

Changeset 6739


Ignore:
Timestamp:
02/25/2018 05:56:27 AM (7 years ago)
Author:
tellyworth
Message:

2FA: use late static binding in our copy of Two_Factor_Core so we can extend and override static functions in Two_Factor_Wporg.

Location:
sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor
Files:
1 added
1 edited

Legend:

Unmodified
Added
Removed

  • sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/class.two-factor-core.php

    r6738 r6739  
    126126        }
    127127
    128         $providers         = self::get_providers();
    129         $enabled_providers = get_user_meta( $user->ID, self::ENABLED_PROVIDERS_USER_META_KEY, true );
     128        $providers         = static::get_providers();
     129        $enabled_providers = get_user_meta( $user->ID, static::ENABLED_PROVIDERS_USER_META_KEY, true );
    130130        if ( empty( $enabled_providers ) ) {
    131131            $enabled_providers = array();
     
    147147        }
    148148
    149         $providers            = self::get_providers();
    150         $enabled_providers    = self::get_enabled_providers_for_user( $user );
     149        $providers            = static::get_providers();
     150        $enabled_providers    = static::get_enabled_providers_for_user( $user );
    151151        $configured_providers = array();
    152152
     
    173173        }
    174174
    175         $providers           = self::get_providers();
    176         $available_providers = self::get_available_providers_for_user( get_userdata( $user_id ) );
     175        $providers           = static::get_providers();
     176        $available_providers = static::get_available_providers_for_user( get_userdata( $user_id ) );
    177177
    178178        // If there's only one available provider, force that to be the primary.
     
    182182            $provider = key( $available_providers );
    183183        } else {
    184             $provider = get_user_meta( $user_id, self::PROVIDER_USER_META_KEY, true );
     184            $provider = get_user_meta( $user_id, static::PROVIDER_USER_META_KEY, true );
    185185
    186186            // If the provider specified isn't enabled, just grab the first one that is.
     
    213213     */
    214214    public static function is_user_using_two_factor( $user_id = null ) {
    215         $provider = self::get_primary_provider_for_user( $user_id );
     215        $provider = static::get_primary_provider_for_user( $user_id );
    216216        return ! empty( $provider );
    217217    }
     
    226226     */
    227227    public static function wp_login( $user_login, $user ) {
    228         if ( ! self::is_user_using_two_factor( $user->ID ) ) {
     228        if ( ! static::is_user_using_two_factor( $user->ID ) ) {
    229229            return;
    230230        }
     
    232232        wp_clear_auth_cookie();
    233233
    234         self::show_two_factor_login( $user );
     234        static::show_two_factor_login( $user );
    235235        exit;
    236236    }
     
    248248        }
    249249
    250         $login_nonce = self::create_login_nonce( $user->ID );
     250        $login_nonce = static::create_login_nonce( $user->ID );
    251251        if ( ! $login_nonce ) {
    252252            wp_die( esc_html__( 'Failed to create a login nonce.', 'two-factor' ) );
     
    255255        $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : $_SERVER['REQUEST_URI'];
    256256
    257         self::login_html( $user, $login_nonce['key'], $redirect_to );
     257        static::login_html( $user, $login_nonce['key'], $redirect_to );
    258258    }
    259259
     
    274274
    275275        $nonce = $_GET['wp-auth-nonce'];
    276         if ( true !== self::verify_login_nonce( $user->ID, $nonce ) ) {
     276        if ( true !== static::verify_login_nonce( $user->ID, $nonce ) ) {
    277277            wp_safe_redirect( get_bloginfo( 'url' ) );
    278278            exit;
    279279        }
    280280
    281         $providers = self::get_available_providers_for_user( $user );
     281        $providers = static::get_available_providers_for_user( $user );
    282282        if ( isset( $providers[ $_GET['provider'] ] ) ) {
    283283            $provider = $providers[ $_GET['provider'] ];
     
    286286        }
    287287
    288         self::login_html( $user, $_GET['wp-auth-nonce'], $_GET['redirect_to'], '', $provider );
     288        static::login_html( $user, $_GET['wp-auth-nonce'], $_GET['redirect_to'], '', $provider );
    289289
    290290        exit;
     
    304304    public static function login_html( $user, $login_nonce, $redirect_to, $error_msg = '', $provider = null ) {
    305305        if ( empty( $provider ) ) {
    306             $provider = self::get_primary_provider_for_user( $user->ID );
     306            $provider = static::get_primary_provider_for_user( $user->ID );
    307307        } elseif ( is_string( $provider ) && method_exists( $provider, 'get_instance' ) ) {
    308308            $provider = call_user_func( array( $provider, 'get_instance' ) );
     
    311311        $provider_class = get_class( $provider );
    312312
    313         $available_providers = self::get_available_providers_for_user( $user );
     313        $available_providers = static::get_available_providers_for_user( $user );
    314314        $backup_providers = array_diff_key( $available_providers, array( $provider_class => null ) );
    315315        $interim_login = isset( $_REQUEST['interim-login'] ); // WPCS: override ok.
     
    429429        $login_nonce['expiration'] = time() + HOUR_IN_SECONDS;
    430430
    431         if ( ! update_user_meta( $user_id, self::USER_META_NONCE_KEY, $login_nonce ) ) {
     431        if ( ! update_user_meta( $user_id, static::USER_META_NONCE_KEY, $login_nonce ) ) {
    432432            return false;
    433433        }
     
    444444     */
    445445    public static function delete_login_nonce( $user_id ) {
    446         return delete_user_meta( $user_id, self::USER_META_NONCE_KEY );
     446        return delete_user_meta( $user_id, static::USER_META_NONCE_KEY );
    447447    }
    448448
     
    456456     */
    457457    public static function verify_login_nonce( $user_id, $nonce ) {
    458         $login_nonce = get_user_meta( $user_id, self::USER_META_NONCE_KEY, true );
     458        $login_nonce = get_user_meta( $user_id, static::USER_META_NONCE_KEY, true );
    459459        if ( ! $login_nonce ) {
    460460            return false;
     
    462462
    463463        if ( $nonce !== $login_nonce['key'] || time() > $login_nonce['expiration'] ) {
    464             self::delete_login_nonce( $user_id );
     464            static::delete_login_nonce( $user_id );
    465465            return false;
    466466        }
     
    485485
    486486        $nonce = $_POST['wp-auth-nonce'];
    487         if ( true !== self::verify_login_nonce( $user->ID, $nonce ) ) {
     487        if ( true !== static::verify_login_nonce( $user->ID, $nonce ) ) {
    488488            wp_safe_redirect( get_bloginfo( 'url' ) );
    489489            exit;
     
    491491
    492492        if ( isset( $_POST['provider'] ) ) {
    493             $providers = self::get_available_providers_for_user( $user );
     493            $providers = static::get_available_providers_for_user( $user );
    494494            if ( isset( $providers[ $_POST['provider'] ] ) ) {
    495495                $provider = $providers[ $_POST['provider'] ];
     
    498498            }
    499499        } else {
    500             $provider = self::get_primary_provider_for_user( $user->ID );
     500            $provider = static::get_primary_provider_for_user( $user->ID );
    501501        }
    502502
    503503        // Allow the provider to re-send codes, etc.
    504504        if ( true === $provider->pre_process_authentication( $user ) ) {
    505             $login_nonce = self::create_login_nonce( $user->ID );
     505            $login_nonce = static::create_login_nonce( $user->ID );
    506506            if ( ! $login_nonce ) {
    507507                wp_die( esc_html__( 'Failed to create a login nonce.', 'two-factor' ) );
    508508            }
    509509
    510             self::login_html( $user, $login_nonce['key'], $_REQUEST['redirect_to'], '', $provider );
     510            static::login_html( $user, $login_nonce['key'], $_REQUEST['redirect_to'], '', $provider );
    511511            exit;
    512512        }
     
    516516            do_action( 'wp_login_failed', $user->user_login );
    517517
    518             $login_nonce = self::create_login_nonce( $user->ID );
     518            $login_nonce = static::create_login_nonce( $user->ID );
    519519            if ( ! $login_nonce ) {
    520520                wp_die( esc_html__( 'Failed to create a login nonce.', 'two-factor' ) );
    521521            }
    522522
    523             self::login_html( $user, $login_nonce['key'], $_REQUEST['redirect_to'], esc_html__( 'ERROR: Invalid verification code.', 'two-factor' ), $provider );
     523            static::login_html( $user, $login_nonce['key'], $_REQUEST['redirect_to'], esc_html__( 'ERROR: Invalid verification code.', 'two-factor' ), $provider );
    524524            exit;
    525525        }
    526526
    527         self::delete_login_nonce( $user->ID );
     527        static::delete_login_nonce( $user->ID );
    528528
    529529        $rememberme = false;
     
    588588        }
    589589
    590         if ( ! self::is_user_using_two_factor( $user_id ) ) {
     590        if ( ! static::is_user_using_two_factor( $user_id ) ) {
    591591            return sprintf( '<span class="dashicons-before dashicons-no-alt">%s</span>', esc_html__( 'Disabled' ) );
    592592        } else {
    593             $provider = self::get_primary_provider_for_user( $user_id );
     593            $provider = static::get_primary_provider_for_user( $user_id );
    594594            return esc_html( $provider->get_label() );
    595595        }
     
    609609        wp_enqueue_style( 'user-edit-2fa', plugins_url( 'user-edit.css', __FILE__ ) );
    610610
    611         $enabled_providers = array_keys( self::get_available_providers_for_user( $user->ID ) );
    612         $primary_provider = self::get_primary_provider_for_user( $user->ID );
     611        $enabled_providers = array_keys( static::get_available_providers_for_user( $user->ID ) );
     612        $primary_provider = static::get_primary_provider_for_user( $user->ID );
    613613
    614614        if ( ! empty( $primary_provider ) && is_object( $primary_provider ) ) {
     
    621621
    622622        ?>
    623         <input type="hidden" name="<?php echo esc_attr( self::ENABLED_PROVIDERS_USER_META_KEY ); ?>[]" value="<?php /* Dummy input so $_POST value is passed when no providers are enabled. */ ?>" />
     623        <input type="hidden" name="<?php echo esc_attr( static::ENABLED_PROVIDERS_USER_META_KEY ); ?>[]" value="<?php /* Dummy input so $_POST value is passed when no providers are enabled. */ ?>" />
    624624        <table class="form-table">
    625625            <tr>
     
    637637                        </thead>
    638638                        <tbody>
    639                         <?php foreach ( self::get_providers() as $class => $object ) : ?>
     639                        <?php foreach ( static::get_providers() as $class => $object ) : ?>
    640640                            <tr>
    641                                 <th scope="row"><input type="checkbox" name="<?php echo esc_attr( self::ENABLED_PROVIDERS_USER_META_KEY ); ?>[]" value="<?php echo esc_attr( $class ); ?>" <?php checked( in_array( $class, $enabled_providers ) ); ?> /></th>
    642                                 <th scope="row"><input type="radio" name="<?php echo esc_attr( self::PROVIDER_USER_META_KEY ); ?>" value="<?php echo esc_attr( $class ); ?>" <?php checked( $class, $primary_provider_key ); ?> /></th>
     641                                <th scope="row"><input type="checkbox" name="<?php echo esc_attr( static::ENABLED_PROVIDERS_USER_META_KEY ); ?>[]" value="<?php echo esc_attr( $class ); ?>" <?php checked( in_array( $class, $enabled_providers ) ); ?> /></th>
     642                                <th scope="row"><input type="radio" name="<?php echo esc_attr( static::PROVIDER_USER_META_KEY ); ?>" value="<?php echo esc_attr( $class ); ?>" <?php checked( $class, $primary_provider_key ); ?> /></th>
    643643                                <td>
    644644                                    <?php $object->print_label(); ?>
     
    676676            check_admin_referer( 'user_two_factor_options', '_nonce_user_two_factor_options' );
    677677
    678             if ( ! isset( $_POST[ self::ENABLED_PROVIDERS_USER_META_KEY ] ) ||
    679                     ! is_array( $_POST[ self::ENABLED_PROVIDERS_USER_META_KEY ] ) ) {
     678            if ( ! isset( $_POST[ static::ENABLED_PROVIDERS_USER_META_KEY ] ) ||
     679                    ! is_array( $_POST[ static::ENABLED_PROVIDERS_USER_META_KEY ] ) ) {
    680680                return;
    681681            }
    682682
    683             $providers = self::get_providers();
    684 
    685             $enabled_providers = $_POST[ self::ENABLED_PROVIDERS_USER_META_KEY ];
     683            $providers = static::get_providers();
     684
     685            $enabled_providers = $_POST[ static::ENABLED_PROVIDERS_USER_META_KEY ];
    686686
    687687            // Enable only the available providers.
    688688            $enabled_providers = array_intersect( $enabled_providers, array_keys( $providers ) );
    689             update_user_meta( $user_id, self::ENABLED_PROVIDERS_USER_META_KEY, $enabled_providers );
     689            update_user_meta( $user_id, static::ENABLED_PROVIDERS_USER_META_KEY, $enabled_providers );
    690690
    691691            // Primary provider must be enabled.
    692             $new_provider = isset( $_POST[ self::PROVIDER_USER_META_KEY ] ) ? $_POST[ self::PROVIDER_USER_META_KEY ] : '';
     692            $new_provider = isset( $_POST[ static::PROVIDER_USER_META_KEY ] ) ? $_POST[ static::PROVIDER_USER_META_KEY ] : '';
    693693            if ( ! empty( $new_provider ) && in_array( $new_provider, $enabled_providers, true ) ) {
    694                 update_user_meta( $user_id, self::PROVIDER_USER_META_KEY, $new_provider );
     694                update_user_meta( $user_id, static::PROVIDER_USER_META_KEY, $new_provider );
    695695            }
    696696        }
Note: See TracChangeset for help on using the changeset viewer.