Merge pull request #234 from newfold-labs/login-sso-redirect

Split out redirect filters into separate methods
newfold-labs · May 4, 2023 · c9a53da · c9a53da
2 parents c1c2b5e + 1222152
commit c9a53da
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 8 deletions.
diff --git a/includes/Application.php b/includes/Application.php
@@ -55,8 +55,8 @@ public function __construct( Container $container ) {
 		// Reset the stored Compatibility Status every time WP Core is updated.
 		\add_action( '_core_updated_successfully', array( Status::class, 'reset' ) );
 
-		\add_filter( 'login_redirect', array( LoginRedirect::class, 'handle_redirect' ), 10 );
-		\add_filter( 'newfold_sso_success_url', array( LoginRedirect::class, 'handle_redirect' ), 10 );
+		\add_filter( 'login_redirect', array( LoginRedirect::class, 'wplogin' ), 10, 3 );
+		\add_filter( 'newfold_sso_success_url', array( LoginRedirect::class, 'sso' ), 10 );
 		\add_filter(
 			Options::get_option_name( 'redirect' ) . '_disable',
 			array( LoginRedirect::class, 'remove_handle_redirect_action' )

diff --git a/includes/LoginRedirect.php b/includes/LoginRedirect.php
@@ -9,20 +9,40 @@
  */
 class LoginRedirect {
 	/**
-	 * Handles the redirect to onboarding
+	 * Redirect hook for SSO Logins
 	 *
 	 * @param string $original_redirect The requested redirect URL
 	 * @return string The filtered url to redirect to
 	 */
-	public static function handle_redirect( $original_redirect ) {
-		// Current user not always available from wp_get_current_user(), so must reference out of the global
-		global $user;
-		// Loading the login screen, or login failures set $user as a WP_Error object.
-		// We should only override the redirect param if we have a valid logged in user
+	public static function sso( $original_redirect ) {
+		return self::filter_redirect( $original_redirect, wp_get_current_user() );
+	}
+
+	/**
+	 * Redirect hook for direct WP Logins
+	 *
+	 * @param string           $original_redirect           The requested redirect URL
+	 * @param string           $requested_original_redirect The requested redirect URL from parameter
+	 * @param WP_User|WP_Error $user                        The current logged in user or WP_Error on login failure
+	 * @return string The filtered URL to redirect to
+	 */
+	public static function wplogin( $original_redirect, $requested_original_redirect, $user ) {
+		// wp-login.php runs this filter on load and login failures
+		// We should only do a redirect with a succesful user login
 		if ( ! ( $user instanceof \WP_User ) ) {
 			return $original_redirect;
 		}
+		return self::filter_redirect( $original_redirect, $user );
+	}
 
+	/**
+	 * Evaluate whether the redirect should point to onboarding
+	 *
+	 * @param string  $original_redirect The requested redirect URL
+	 * @param WP_User $user              The logged in user
+	 * @return string The filtered url to redirect to
+	 */
+	public static function filter_redirect( $original_redirect, $user ) {
 		// Only admins should get the onboarding redirect
 		if ( ! user_can( $user, 'manage_options' ) ) {
 			return $original_redirect;