Server : Apache System : Linux server2.corals.io 4.18.0-348.2.1.el8_5.x86_64 #1 SMP Mon Nov 15 09:17:08 EST 2021 x86_64 User : corals ( 1002) PHP Version : 7.4.33 Disable Function : exec,passthru,shell_exec,system Directory : /home/corals/www/wp-content/plugins/image-optimization/modules/connect/components/ |
<?php
namespace ImageOptimization\Modules\Connect\Components;
use ImageOptimization\Modules\Connect\Classes\{
Config,
Data,
GrantTypes,
Service,
Utils,
};
use ImageOptimization\Classes\Services\Client;
if ( ! defined( 'ABSPATH' ) ) {
exit; // Exit if accessed directly
}
/**
* Class Handler
*/
class Handler {
private function should_handle_auth_code(): bool {
global $plugin_page;
$page_slug = explode( 'page=', Config::ADMIN_PAGE );
$is_connect_admin_page = false;
if ( ! empty( $page_slug[1] ) && $page_slug[1] === $plugin_page ) {
$is_connect_admin_page = true;
}
if ( ! $is_connect_admin_page && Config::ADMIN_PAGE === $plugin_page ) {
$is_connect_admin_page = true;
}
if ( ! $is_connect_admin_page ) {
return false;
}
$code = $_GET['code'] ?? null;
$state = $_GET['state'] ?? null;
if ( empty( $code ) || empty( $state ) ) {
return false;
}
return true;
}
private function validate_nonce( $state ) {
if ( ! wp_verify_nonce( $state, Config::STATE_NONCE ) ) {
wp_die( 'Invalid state' );
}
}
public function handle_auth_code() {
if ( ! $this->should_handle_auth_code() ) {
return;
}
$code = sanitize_text_field( $_GET['code'] );
$state = sanitize_text_field( $_GET['state'] );
// Check if the state is valid
$this->validate_nonce( $state );
// Exchange the code for an access token and store it
Service::get_token( GrantTypes::AUTHORIZATION_CODE, $code );
// Makes sure we won't stick in the mismatch limbo
Data::set_home_url();
// Redirect to the redirect URI
wp_redirect( Utils::get_redirect_uri() );
exit;
}
/**
* Handler constructor.
*/
public function __construct() {
add_action( 'admin_init', [ $this, 'handle_auth_code' ] );
}
}