Skip to content

Commit

Permalink
Merge branch 'trunk' into epic/ras-acc
Browse files Browse the repository at this point in the history
  • Loading branch information
@chickenn00dle
chickenn00dle committed Apr 25, 2024
2 parents 1570790 + a4aaf10 commit 0a4f253
Show file tree
Hide file tree
Showing 5 changed files with 47 additions and 18 deletions.
7 changes: 7 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,10 @@
# [3.8.0](https://github.com/Automattic/newspack-plugin/compare/v3.7.0...v3.8.0) (2024-04-25)


### Features

* **google-login:** add action for reporting issues; increase transient time ([#3084](https://github.com/Automattic/newspack-plugin/issues/3084)) ([4875040](https://github.com/Automattic/newspack-plugin/commit/487504053ba44ab91b8624bd11e9bc9c71f7e56a))

# [3.7.0](https://github.com/Automattic/newspack-plugin/compare/v3.6.13...v3.7.0) (2024-04-24)


Expand Down
48 changes: 35 additions & 13 deletions includes/oauth/class-google-login.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,10 +74,10 @@ public static function register_api_endpoints() {
*/
public static function api_check_if_oauth_configured() {
if ( ! Google_OAuth::is_oauth_configured() ) {
Logger::log( 'OAuth not configured.' );
self::handle_error( __( 'Google OAuth is not configured.', 'newspack-plugin' ) );
return new \WP_Error(
'newspack_rest_forbidden',
esc_html__( 'You cannot use this resource.', 'newspack' ),
esc_html__( 'You cannot use this resource.', 'newspack-plugin' ),
[
'status' => 403,
]
Expand All @@ -100,6 +100,8 @@ public static function api_google_auth_get_url() {
]
);
if ( is_wp_error( $url ) ) {
/* translators: %s is the error message */
self::handle_error( sprintf( __( 'Failed to get Google OAuth URL: %s', 'newspack-plugin' ), $url->get_error_message() ) );
return $url;
}
return rest_ensure_response( $url );
Expand All @@ -114,32 +116,41 @@ public static function oauth_callback() {
}

if ( ! wp_verify_nonce( sanitize_text_field( $_GET[ self::AUTH_CALLBACK ] ), self::AUTH_CALLBACK ) ) {
wp_die( esc_html__( 'Invalid nonce.', 'newspack' ) );
self::handle_error( __( 'Nonce verification failed.', 'newspack-plugin' ) );
wp_die( esc_html__( 'Invalid nonce.', 'newspack-plugin' ) );
return;
}

if ( ! isset( $_REQUEST['csrf_token'] ) || ! isset( $_REQUEST['access_token'] ) ) {
wp_die( esc_html__( 'Invalid request', 'newspack' ) );
self::handle_error( __( 'CSRF token or access token missing.', 'newspack-plugin' ) );
wp_die( esc_html__( 'Invalid request', 'newspack-plugin' ) );
return;
}

$saved_csrf_token = OAuth::retrieve_csrf_token( self::CSRF_TOKEN_NAMESPACE );

if ( $_REQUEST['csrf_token'] !== $saved_csrf_token ) {
Logger::error( 'Failed saving email - CSRF token mismatch.' );
\wp_die( \esc_html__( 'Authentication failed.', 'newspack' ) );
self::handle_error( __( 'CSRF token verification failed.', 'newspack-plugin' ) );
\wp_die( \esc_html__( 'Authentication failed.', 'newspack-plugin' ) );
}

$user_email = Google_OAuth::validate_token_and_get_email_address( sanitize_text_field( $_REQUEST['access_token'] ), self::REQUIRED_SCOPES );
if ( is_wp_error( $user_email ) ) {
Logger::error( 'Failed validating user: ' . $user_email->get_error_message() );
\wp_die( \esc_html__( 'Authentication failed.', 'newspack' ) );
/* translators: %s is the error message */
self::handle_error( sprintf( __( 'Failed validating user: %s', 'newspack-plugin' ), $user_email->get_error_message() ) );
\wp_die( \esc_html__( 'Authentication failed.', 'newspack-plugin' ) );
}

Logger::log( 'Got user email from Google: ' . $user_email );

// Associate the email address with the a unique ID for later retrieval.
set_transient( self::EMAIL_TRANSIENT_PREFIX . OAuth::get_unique_id(), $user_email, 20 );
$transient_expiration_time = 60 * 5; // 5 minutes.
$has_set_transient = set_transient( self::EMAIL_TRANSIENT_PREFIX . OAuth::get_unique_id(), $user_email, $transient_expiration_time );
// If transient setting failed, the email address will not be available for the registration endpoint.
if ( ! $has_set_transient ) {
self::handle_error( __( 'Failed setting transient.', 'newspack-plugin' ) );
\wp_die( \esc_html__( 'Authentication failed.', 'newspack-plugin' ) );
}

/** Close window if it's a popup. */
?>
Expand All @@ -149,6 +160,16 @@ public static function oauth_callback() {
<?php
}

/**
* Handle issue.
*
* @param string $message The message to log.
*/
private static function handle_error( $message ) {
Logger::error( $message );
do_action( 'newspack_google_login_error', new WP_Error( 'newspack_google_login', $message ) );
}

/**
* Get Google authentication status.
*
Expand All @@ -170,7 +191,7 @@ public static function api_google_login_register( $request ) {
$metadata['registration_method'] = 'google';
if ( $email ) {
$existing_user = \get_user_by( 'email', $email );
$message = __( 'Thank you for registering!', 'newspack' );
$message = __( 'Thank you for registering!', 'newspack-plugin' );
$data = [
'email' => $email,
'authenticated' => true,
Expand All @@ -181,7 +202,7 @@ public static function api_google_login_register( $request ) {
if ( $existing_user ) {
// Log the user in.
$result = Reader_Activation::set_current_reader( $existing_user->ID );
$message = __( 'Thank you for signing in!', 'newspack' );
$message = __( 'Thank you for signing in!', 'newspack-plugin' );
} else {
$result = Reader_Activation::register_reader( $email, '', true, $metadata );
// At this point the user will be logged in.
Expand All @@ -197,8 +218,9 @@ public static function api_google_login_register( $request ) {
]
);
} else {
Logger::error( 'Missing email for unique id ' . $uid );
return new \WP_Error( 'newspack_google_login', __( 'Failed to retrieve email address. Please try again.', 'newspack' ) );
/* translators: %s is a unique user id */
self::handle_error( sprintf( __( 'Missing email for unique id: %s', 'newspack-plugin' ), $uid ) );
return new \WP_Error( 'newspack_google_login', __( 'Failed to retrieve email address. Please try again.', 'newspack-plugin' ) );
}
}
}
Expand Down
4 changes: 2 additions & 2 deletions newspack.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
/**
* Plugin Name: Newspack
* Description: An advanced open-source publishing and revenue-generating platform for news organizations.
* Version: 3.7.0
* Version: 3.8.0
* Author: Automattic
* Author URI: https://newspack.com/
* License: GPL2
Expand All @@ -14,7 +14,7 @@

defined( 'ABSPATH' ) || exit;

define( 'NEWSPACK_PLUGIN_VERSION', '3.7.0' );
define( 'NEWSPACK_PLUGIN_VERSION', '3.8.0' );

// Load language files.
load_plugin_textdomain( 'newspack-plugin', false, dirname( plugin_basename( __FILE__ ) ) . '/languages' );
Expand Down
4 changes: 2 additions & 2 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "newspack",
"version": "3.7.0",
"version": "3.8.0",
"description": "The Newspack plugin. https://newspack.com",
"bugs": {
"url": "https://github.com/Automattic/newspack-plugin/issues"
Expand Down

0 comments on commit 0a4f253

Please sign in to comment.