Merge pull request #245 from akirk/allow-other-auths

Allow other OAuth2 providers

Author: dshanske

includes/class-indieauth-authorize.php

@@ -155,15 +155,17 @@ public function determine_current_user( $user_id ) {
 
 		$params = $this->verify_access_token( $token );
 		if ( ! isset( $params ) ) {
-			return 0;
+			return $user_id;
 		}
 		if ( is_oauth_error( $params ) ) {
 			$this->error = $params;
-			return 0;
+			return $user_id;
 		}
 		if ( is_array( $params ) ) {
-			// If this is a token auth response, add this constant.
-			define( 'INDIEAUTH_TOKEN', true );
+			// If this is a token auth response and not a test run, add this constant.
+			if ( ! function_exists( 'tests_add_filter' ) ) {
+				define( 'INDIEAUTH_TOKEN', true );
+			}
 
 			$this->response = $params;
 			$this->scopes   = explode( ' ', $params['scope'] );
@@ -181,7 +183,7 @@ public function determine_current_user( $user_id ) {
 				'response' => $me,
 			)
 		);
-		return 0;
+		return $user_id;
 
 	}
 

tests/test-authorize.php

@@ -51,10 +51,69 @@ public function test_authorize() {
 		$_REQUEST['micropub']       = 'endpoint';
 		$_POST['access_token'] = $token;
 		$authorize = new Indieauth_Local_Authorize();
-		$user_id = $authorize->determine_current_user( 0 );
+		$user_id = $authorize->determine_current_user( false );
 		$this->assertEquals( $user_id, self::$author_id );
 	}
 
+	public function test_authorize_bearer() {
+		$token = self::set_token();
+		$_REQUEST['micropub']       = 'endpoint';
+		$_SERVER['HTTP_AUTHORIZATION'] = 'Bearer ' . $token;
+		$authorize = new Indieauth_Local_Authorize();
+		$authorize->load();
+		$user_id = apply_filters( 'determine_current_user', false );
+		$this->assertEquals( $user_id, self::$author_id );
+	}
+
+	public function test_authorize_bearer_other_non_matching_provider() {
+		$token = self::set_token();
+		$self_author_id = self::$author_id;
+		add_filter( 'determine_current_user', function( $user_id ) use ( $self_author_id ) {
+			if ( 'Bearer other-valid-token' === $_SERVER['HTTP_AUTHORIZATION'] ) {
+				return $self_author_id + 1;
+			}
+			return $user_id;
+		} );
+		$_REQUEST['micropub']       = 'endpoint';
+		$_SERVER['HTTP_AUTHORIZATION'] = 'Bearer ' . $token;
+		$authorize = new Indieauth_Local_Authorize();
+		$authorize->load();
+		$user_id = apply_filters( 'determine_current_user', false );
+		$this->assertEquals( $user_id, self::$author_id );
+	}
+
+	public function test_authorize_bearer_other_provider() {
+		$self_author_id = self::$author_id;
+		add_filter( 'determine_current_user', function( $user_id ) use ( $self_author_id ) {
+			if ( 'Bearer other-valid-token' === $_SERVER['HTTP_AUTHORIZATION'] ) {
+				return $self_author_id;
+			}
+			return $user_id;
+		} );
+		$_REQUEST['micropub']       = 'endpoint';
+		$_SERVER['HTTP_AUTHORIZATION'] = 'Bearer other-valid-token';
+		$authorize = new Indieauth_Local_Authorize();
+		$authorize->load();
+		$user_id = apply_filters( 'determine_current_user', false );
+		$this->assertEquals( $user_id, self::$author_id );
+	}
+
+	public function test_authorize_bearer_no_valid_token_other_provider() {
+		$self_author_id = self::$author_id;
+		add_filter( 'determine_current_user', function( $user_id ) use ( $self_author_id ) {
+			if ( 'Bearer other-valid-token' === $_SERVER['HTTP_AUTHORIZATION'] ) {
+				return $self_author_id;
+			}
+			return $user_id;
+		} );
+		$_REQUEST['micropub']       = 'endpoint';
+		$_SERVER['HTTP_AUTHORIZATION'] = 'Bearer other-invalid-token';
+		$authorize = new Indieauth_Local_Authorize();
+		$authorize->load();
+		$user_id = apply_filters( 'determine_current_user', false );
+		$this->assertFalse( $user_id );
+	}
+
 	// Tests map_meta_cap for standard permissions
 	public function test_publish_posts_with_scopes() {				
 		add_filter( 'indieauth_scopes',