diff --git a/.github/workflows/phpunit.yml b/.github/workflows/phpunit.yml index 3569bed..2e1764d 100644 --- a/.github/workflows/phpunit.yml +++ b/.github/workflows/phpunit.yml @@ -1,5 +1,5 @@ name: Unit Testing -on: +on: push: pull_request: jobs: @@ -15,7 +15,7 @@ jobs: options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=10s --health-retries=10 strategy: matrix: - php-versions: ['5.6', '7.2', '7.3', '7.4', '8.0'] + php-versions: ['7.0', '7.2', '7.3', '7.4', '8.0'] steps: - name: Checkout uses: actions/checkout@v3 diff --git a/docker-compose.yml b/docker-compose.yml index 45e731d..0ab7068 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -18,11 +18,12 @@ services: links: - db ports: - - "8099:80" + - "8077:80" volumes: - .:/var/www/html/wp-content/plugins/indieauth restart: always environment: WORDPRESS_DB_HOST: db:3306 + WORDPRESS_DB_USER: wordpress WORDPRESS_DB_PASSWORD: wordpress WORDPRESS_DEBUG: 1 diff --git a/includes/class-external-token-page.php b/includes/class-external-token-page.php index 15e31ba..69910b9 100644 --- a/includes/class-external-token-page.php +++ b/includes/class-external-token-page.php @@ -60,8 +60,6 @@ public function options_form() { items[] = $value; } - } public function column_default( $item, $column_name ) { diff --git a/includes/class-indieauth-admin.php b/includes/class-indieauth-admin.php index 99a7245..b95aac9 100644 --- a/includes/class-indieauth-admin.php +++ b/includes/class-indieauth-admin.php @@ -269,4 +269,3 @@ public function add_help_tab() { ); } } - diff --git a/includes/class-indieauth-authorization-endpoint.php b/includes/class-indieauth-authorization-endpoint.php index d138dbb..2767bbb 100644 --- a/includes/class-indieauth-authorization-endpoint.php +++ b/includes/class-indieauth-authorization-endpoint.php @@ -226,7 +226,6 @@ public function get( $request ) { } return new WP_OAuth_Response( 'unsupported_response_type', __( 'Unsupported Response Type', 'indieauth' ), 400 ); - } /* @@ -474,4 +473,3 @@ public function confirmed() { wp_redirect( $url ); // phpcs:ignore } } - diff --git a/includes/class-indieauth-authorize.php b/includes/class-indieauth-authorize.php index 248057a..1bd595a 100644 --- a/includes/class-indieauth-authorize.php +++ b/includes/class-indieauth-authorize.php @@ -27,7 +27,6 @@ public function load() { add_filter( 'indieauth_response', array( $this, 'get_indieauth_response' ), 9 ); add_filter( 'wp_rest_server_class', array( $this, 'wp_rest_server_class' ) ); add_filter( 'rest_request_after_callbacks', array( $this, 'return_oauth_error' ), 10, 3 ); - } @@ -189,7 +188,6 @@ public function determine_current_user( $user_id ) { ) ); return $user_id; - } /** diff --git a/includes/class-indieauth-client-discovery.php b/includes/class-indieauth-client-discovery.php index 0ce4249..153a607 100644 --- a/includes/class-indieauth-client-discovery.php +++ b/includes/class-indieauth-client-discovery.php @@ -105,13 +105,10 @@ private function determine_icon() { } if ( is_array( $icons ) && ! wp_is_numeric_array( $icons ) && isset( $icons['url'] ) ) { return $icons['url']; + } elseif ( isset( $icons[0]['url'] ) ) { + return $icons[0]['url']; } else { - // Return the first icon - if ( isset( $icons[0]['url'] ) ) { - return $icons[0]['url']; - } else { - return ''; - } + return ''; } } @@ -177,5 +174,4 @@ public static function extract_client_data_from_html( $contents, $url ) { return $return; } - } diff --git a/includes/class-indieauth-client-taxonomy.php b/includes/class-indieauth-client-taxonomy.php index 65c60d9..0838e71 100755 --- a/includes/class-indieauth-client-taxonomy.php +++ b/includes/class-indieauth-client-taxonomy.php @@ -17,7 +17,6 @@ public static function init() { self::register(); add_filter( 'terms_clauses', array( __CLASS__, 'terms_clauses' ), 11, 3 ); - } public static function terms_clauses( $clauses, $taxonomies, $args ) { @@ -105,7 +104,6 @@ public static function update_client_icon_from_discovery( $url ) { } return self::sideload_icon( $client->get_icon(), $url ); - } @@ -155,9 +153,9 @@ public static function add_client( $url, $name = null, $icon = null ) { ); } - /** - * Get Client - */ + /** + * Get Client + */ public static function get_client( $url = null ) { // If url is null retrieve all clients. if ( is_null( $url ) ) { @@ -209,9 +207,9 @@ public static function get_client( $url = null ) { ); } - /** - * Delete a client - */ + /** + * Delete a client + */ public static function delete_client( $url ) { $client = self::get_client( $url ); if ( ! $client ) { @@ -318,9 +316,4 @@ public static function sideload_icon( $url, $client_id ) { return self::upload_directory( $filehandle, true ); } - - - } // End Class - - diff --git a/includes/class-indieauth-debug.php b/includes/class-indieauth-debug.php index e2f8a7a..f433291 100644 --- a/includes/class-indieauth-debug.php +++ b/includes/class-indieauth-debug.php @@ -119,4 +119,3 @@ public function test( $request ) { return indieauth_get_response(); } } - diff --git a/includes/class-indieauth-endpoint.php b/includes/class-indieauth-endpoint.php index 4221d77..53011ab 100644 --- a/includes/class-indieauth-endpoint.php +++ b/includes/class-indieauth-endpoint.php @@ -106,6 +106,4 @@ public function delete_refresh_token( $id, $user_id = null ) { $this->refresh_tokens->set_user( $user_id ); return $this->refresh_tokens->destroy( $id ); } - } - diff --git a/includes/class-indieauth-introspection-endpoint.php b/includes/class-indieauth-introspection-endpoint.php index 6976ebd..d3f2d49 100644 --- a/includes/class-indieauth-introspection-endpoint.php +++ b/includes/class-indieauth-introspection-endpoint.php @@ -52,5 +52,4 @@ public function introspection( $request ) { return rest_ensure_response( $token ); } - } diff --git a/includes/class-indieauth-local-authorize.php b/includes/class-indieauth-local-authorize.php index 67fffbc..293b5c0 100644 --- a/includes/class-indieauth-local-authorize.php +++ b/includes/class-indieauth-local-authorize.php @@ -122,6 +122,4 @@ public static function verify_authorization_code( $code ) { $tokens->destroy( $code ); return $return; } - } - diff --git a/includes/class-indieauth-metadata-endpoint.php b/includes/class-indieauth-metadata-endpoint.php index 594f92b..02159e4 100644 --- a/includes/class-indieauth-metadata-endpoint.php +++ b/includes/class-indieauth-metadata-endpoint.php @@ -121,5 +121,4 @@ public function metadata( $request ) { ) ); } - } diff --git a/includes/class-indieauth-remote-authorize.php b/includes/class-indieauth-remote-authorize.php index a3bda59..49f632e 100755 --- a/includes/class-indieauth-remote-authorize.php +++ b/includes/class-indieauth-remote-authorize.php @@ -38,7 +38,6 @@ public function register_settings() { 'show_in_rest' => true, ) ); - } public static function admin_init() { diff --git a/includes/class-indieauth-revocation-endpoint.php b/includes/class-indieauth-revocation-endpoint.php index a25a64e..82dddc8 100644 --- a/includes/class-indieauth-revocation-endpoint.php +++ b/includes/class-indieauth-revocation-endpoint.php @@ -48,6 +48,4 @@ public function revoke( $request ) { 200 ); } - - } diff --git a/includes/class-indieauth-scope.php b/includes/class-indieauth-scope.php index 5581ec6..1bf6d9d 100644 --- a/includes/class-indieauth-scope.php +++ b/includes/class-indieauth-scope.php @@ -57,4 +57,3 @@ public function has_cap( $cap ) { return in_array( $cap, $capabilities, true ); } } - diff --git a/includes/class-indieauth-scopes.php b/includes/class-indieauth-scopes.php index b00067c..0dc725b 100644 --- a/includes/class-indieauth-scopes.php +++ b/includes/class-indieauth-scopes.php @@ -270,4 +270,3 @@ public function has_cap( $cap, $scopes ) { return false; } } - diff --git a/includes/class-indieauth-ticket-endpoint.php b/includes/class-indieauth-ticket-endpoint.php index e4a9d50..b58c5be 100644 --- a/includes/class-indieauth-ticket-endpoint.php +++ b/includes/class-indieauth-ticket-endpoint.php @@ -114,7 +114,6 @@ public function post( $request ) { // If nothing works, return an error. return new WP_OAuth_Response( 'invalid_request', __( 'Invalid Request', 'indieauth' ), 400 ); - } public function save_token( $token ) { @@ -176,4 +175,3 @@ public function request_token( $url, $params ) { ); } } - diff --git a/includes/class-indieauth-token-endpoint.php b/includes/class-indieauth-token-endpoint.php index dce7eb1..ac2d44d 100644 --- a/includes/class-indieauth-token-endpoint.php +++ b/includes/class-indieauth-token-endpoint.php @@ -164,7 +164,6 @@ public function refresh_token( $params ) { $this->refresh_tokens->destroy( $params['refresh_token'] ); return $this->generate_token_response( $refresh ); - } // Authorization Code Grant Type. @@ -189,7 +188,6 @@ public function authorization_code( $params ) { } return $this->generate_token_response( $response ); - } public function generate_token_response( $response ) { @@ -273,6 +271,4 @@ public function generate_token_response( $response ) { } return new WP_OAuth_Response( 'server_error', __( 'There was an error in response.', 'indieauth' ), 500 ); } - } - diff --git a/includes/class-indieauth-token-ui.php b/includes/class-indieauth-token-ui.php index 21ed793..3cb6940 100644 --- a/includes/class-indieauth-token-ui.php +++ b/includes/class-indieauth-token-ui.php @@ -153,7 +153,6 @@ public function scopes() { public static function str_prefix( $source, $prefix ) { return strncmp( $source, $prefix, strlen( $prefix ) ) === 0; } - } // End Class new IndieAuth_Token_UI(); diff --git a/includes/class-indieauth-userinfo-endpoint.php b/includes/class-indieauth-userinfo-endpoint.php index c146775..5499759 100644 --- a/includes/class-indieauth-userinfo-endpoint.php +++ b/includes/class-indieauth-userinfo-endpoint.php @@ -70,5 +70,4 @@ public function userinfo( $request ) { return indieauth_get_user( $token['user'], in_array( 'email', $scopes, true ) ); } - } diff --git a/includes/class-oauth-response.php b/includes/class-oauth-response.php index 9344d63..ceaa1e3 100644 --- a/includes/class-oauth-response.php +++ b/includes/class-oauth-response.php @@ -1,5 +1,5 @@ get_status(); return sprintf( 'IndieAuth Error: %1$s %2$s - %3$s %4$s', $status, $data['error'], $data['error_description'], wp_json_encode( $data ) ); } - } +//phpcs:ignore function get_oauth_error( $obj ) { if ( is_array( $obj ) ) { // When checking the result of wp_remote_post @@ -70,11 +70,12 @@ function get_oauth_error( $obj ) { return false; } +//phpcs:ignore function is_oauth_error( $obj ) { return ( $obj instanceof WP_OAuth_Response ); } - +//phpcs:ignore function wp_error_to_oauth_response( $error ) { if ( is_wp_error( $error ) ) { $data = $error->get_error_data(); diff --git a/includes/class-token-list-table.php b/includes/class-token-list-table.php index b88c782..52eb391 100644 --- a/includes/class-token-list-table.php +++ b/includes/class-token-list-table.php @@ -51,7 +51,6 @@ public function prepare_items() { $value['token'] = $key; $this->items[] = $value; } - } public function column_default( $item, $column_name ) { @@ -157,7 +156,6 @@ public function column_client_name( $item ) { } } return sprintf( '%1$s %2$s', $item['client_name'], $this->row_actions( $actions ) ); - } public function column_client_icon( $item ) { diff --git a/includes/class-token-transient.php b/includes/class-token-transient.php index 065e18b..c87ea73 100644 --- a/includes/class-token-transient.php +++ b/includes/class-token-transient.php @@ -34,7 +34,6 @@ public function set( $info, $expiration = 120 ) { return $key; } return false; - } public function set_with_cookie( $info, $expiration = 120 ) { diff --git a/includes/class-token-user.php b/includes/class-token-user.php index d0618f6..2769550 100644 --- a/includes/class-token-user.php +++ b/includes/class-token-user.php @@ -57,7 +57,6 @@ public function set( $info, $expiration = null ) { return $key; } return false; - } /** @@ -192,7 +191,6 @@ public function get( $key, $hash = true ) { $value['user'] = $user_id; return $value; - } /** diff --git a/indieauth.php b/indieauth.php index fca29aa..bb010f1 100644 --- a/indieauth.php +++ b/indieauth.php @@ -170,7 +170,6 @@ public static function plugins_loaded() { self::load( $ticket_load ); new IndieAuth_Ticket_Endpoint(); } - } // Check that a file exists before loading it and if it does not print to the error log @@ -194,7 +193,6 @@ public static function load( $files, $dir = 'includes/' ) { } } } - } add_action( 'plugins_loaded', array( 'IndieAuth_Plugin', 'plugins_loaded' ), 2 ); diff --git a/languages/indieauth.pot b/languages/indieauth.pot index 924766b..571e0ab 100644 --- a/languages/indieauth.pot +++ b/languages/indieauth.pot @@ -1,15 +1,15 @@ -# Copyright (C) 2022 IndieWebCamp WordPress Outreach Club +# Copyright (C) 2023 IndieWebCamp WordPress Outreach Club # This file is distributed under the MIT. msgid "" msgstr "" "Project-Id-Version: IndieAuth 4.3.0\n" "Report-Msgid-Bugs-To: " "https://wordpress.org/support/plugin/wordpress-indieauth\n" -"POT-Creation-Date: 2021-12-25 19:54:42+00:00\n" +"POT-Creation-Date: 2023-09-01 12:15:10+00:00\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" -"PO-Revision-Date: 2022-MO-DA HO:MI+ZONE\n" +"PO-Revision-Date: 2023-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" "X-Generator: grunt-wp-i18n 1.0.3\n" @@ -346,7 +346,7 @@ msgid "" "client_id and redirect_uri match the original request." msgstr "" -#: includes/class-indieauth-authorize.php:178 +#: includes/class-indieauth-authorize.php:185 msgid "User Not Found on this Site" msgstr "" @@ -362,11 +362,11 @@ msgstr "" msgid "IndieAuth Client Application Icon" msgstr "" -#: includes/class-indieauth-client-taxonomy.php:190 +#: includes/class-indieauth-client-taxonomy.php:195 msgid "No Term Found" msgstr "" -#: includes/class-indieauth-client-taxonomy.php:194 +#: includes/class-indieauth-client-taxonomy.php:199 msgid "Multiple Terms Found" msgstr "" @@ -546,7 +546,7 @@ msgstr "" msgid "Invalid Token" msgstr "" -#: includes/class-indieauth-token-endpoint.php:271 +#: includes/class-indieauth-token-endpoint.php:274 msgid "There was an error in response." msgstr "" diff --git a/package.json b/package.json index 2c889bf..f910da5 100644 --- a/package.json +++ b/package.json @@ -11,7 +11,7 @@ "web": "http://notizblog.org" }, "devDependencies": { - "grunt": "^1.0.4", + "grunt": "^1.6.1", "grunt-wp-i18n": "^1.0.3", "grunt-wp-readme-to-markdown": "^2.1.0" }, diff --git a/readme.md b/readme.md index c990c44..3ebb5da 100644 --- a/readme.md +++ b/readme.md @@ -1,9 +1,9 @@ # IndieAuth # -**Contributors:** [indieweb](https://profiles.wordpress.org/indieweb), [pfefferle](https://profiles.wordpress.org/pfefferle), [dshanske](https://profiles.wordpress.org/dshanske) +**Contributors:** [indieweb](https://profiles.wordpress.org/indieweb/), [pfefferle](https://profiles.wordpress.org/pfefferle/), [dshanske](https://profiles.wordpress.org/dshanske/) **Tags:** IndieAuth, IndieWeb, IndieWebCamp, login **Requires at least:** 4.9.9 **Requires PHP:** 5.6 -**Tested up to:** 6.1 +**Tested up to:** 6.3 **Stable tag:** 4.3.0 **License:** MIT **License URI:** http://opensource.org/licenses/MIT @@ -131,13 +131,13 @@ Some hosting providers filter this out using mod_security. For one user, they ne ### What is Ticket Auth and how do I enable it? ### [Ticket Auth](https://indieweb.org/IndieAuth_Ticket_Auth) is a developing extension to OAuth2/IndieAuth. It creates a ticket endpoint on your site where other sites can send you a ticket, which can be redeemed -for a token to access private resources on that other site. You can enable the experimental endpoint functionality by adding the below to your wp-config.php. If this becomes more established, it will be added +for a token to access private resources on that other site. You can enable the experimental endpoint functionality by adding the below to your wp-config.php. If this becomes more established, it will be added in the settings page. define( 'INDIEAUTH_TICKET_ENDPOINT', true ); At this time, the functionality is limited to the receiving of tickets, not the sending of same. It enables a new tab under the User called Manage External Tokens, which allows you to see which external tokens -are stored. Tokens are stored per user. +are stored. Tokens are stored per user. Since the extension is developing, there is currently not a specified way to transfer this token to a client to be used. @@ -166,7 +166,7 @@ Until such a time as more IndieAuth clients adopt the changes, some elements of ### 3.4.0 ### -Due to the possibility of someone setting the url in their user profile to the same as another account, you will no longer be able to save the exact same url into two accounts. If you already set two accounts to the +Due to the possibility of someone setting the url in their user profile to the same as another account, you will no longer be able to save the exact same url into two accounts. If you already set two accounts to the same URL one will be wiped the next time you save a conflicting user profile. ### 3.3.2 ### @@ -233,7 +233,7 @@ Project and support maintained on github at [indieweb/wordpress-indieauth](https * Adopt changes to the living spec as of the November 26, 2020 version. * Drop explicit support for response_type=id. Endpoint will convert to type code for backcompat until further notice. * Change experimental profile return behavior to match newly documented behavior in spec. -* Support profile and email scopes, to be handled within this plugin. +* Support profile and email scopes, to be handled within this plugin. * Add additional code comments * Remove unique URL code as looking for user URLs is no longer supported * Add UUID to tokens as used in the WP5.6 Application Password feature. @@ -260,7 +260,7 @@ Project and support maintained on github at [indieweb/wordpress-indieauth](https ### 3.4.0 ### * Enforce unique URLs for user accounts * Add user url to user table -* Redo association for URL to user account. At this time, only the root path and the author archive URLs are allowed as a return. Hoping to add more options in future +* Redo association for URL to user account. At this time, only the root path and the author archive URLs are allowed as a return. Hoping to add more options in future * Add Site Health Check * Improve text and links for authorization failure @@ -271,7 +271,7 @@ Project and support maintained on github at [indieweb/wordpress-indieauth](https * Add header check to settings page * Add option to generate tokens on the backend with any scope * Add option to bulk expire tokens -* Add cleanup option +* Add cleanup option ### 3.3.1 ### diff --git a/readme.txt b/readme.txt index 9988c7f..397a56a 100644 --- a/readme.txt +++ b/readme.txt @@ -3,7 +3,7 @@ Contributors: indieweb, pfefferle, dshanske Tags: IndieAuth, IndieWeb, IndieWebCamp, login Requires at least: 4.9.9 Requires PHP: 5.6 -Tested up to: 6.1 +Tested up to: 6.3 Stable tag: 4.3.0 License: MIT License URI: http://opensource.org/licenses/MIT @@ -131,19 +131,19 @@ Some hosting providers filter this out using mod_security. For one user, they ne = What is Ticket Auth and how do I enable it? = [Ticket Auth](https://indieweb.org/IndieAuth_Ticket_Auth) is a developing extension to OAuth2/IndieAuth. It creates a ticket endpoint on your site where other sites can send you a ticket, which can be redeemed -for a token to access private resources on that other site. You can enable the experimental endpoint functionality by adding the below to your wp-config.php. If this becomes more established, it will be added +for a token to access private resources on that other site. You can enable the experimental endpoint functionality by adding the below to your wp-config.php. If this becomes more established, it will be added in the settings page. define( 'INDIEAUTH_TICKET_ENDPOINT', true ); At this time, the functionality is limited to the receiving of tickets, not the sending of same. It enables a new tab under the User called Manage External Tokens, which allows you to see which external tokens -are stored. Tokens are stored per user. +are stored. Tokens are stored per user. Since the extension is developing, there is currently not a specified way to transfer this token to a client to be used. == Upgrade Notice == -= 4.3.0 = += 4.3.0 = 4.3.0 changes the storage of client application data from being embedded in every token to being stored in a hidden taxonomy. Older tokens will not be automatically updated. It also sideloads the application icon @@ -166,7 +166,7 @@ Until such a time as more IndieAuth clients adopt the changes, some elements of = 3.4.0 = -Due to the possibility of someone setting the url in their user profile to the same as another account, you will no longer be able to save the exact same url into two accounts. If you already set two accounts to the +Due to the possibility of someone setting the url in their user profile to the same as another account, you will no longer be able to save the exact same url into two accounts. If you already set two accounts to the same URL one will be wiped the next time you save a conflicting user profile. = 3.3.2 = @@ -214,7 +214,7 @@ Project and support maintained on github at [indieweb/wordpress-indieauth](https * Introduce Refresh Token Functionality * Create was not pre-checked in new selections when offered as an option. -= 4.0.0 = += 4.0.0 = * Add default expiry time. * Ensure tokens expire at their proper time. @@ -229,11 +229,11 @@ Project and support maintained on github at [indieweb/wordpress-indieauth](https = 3.6.1 = * Clean up template pages in order to remove HTML from i18n strings. -= 3.6.0 = += 3.6.0 = * Adopt changes to the living spec as of the November 26, 2020 version. * Drop explicit support for response_type=id. Endpoint will convert to type code for backcompat until further notice. * Change experimental profile return behavior to match newly documented behavior in spec. -* Support profile and email scopes, to be handled within this plugin. +* Support profile and email scopes, to be handled within this plugin. * Add additional code comments * Remove unique URL code as looking for user URLs is no longer supported * Add UUID to tokens as used in the WP5.6 Application Password feature. @@ -260,7 +260,7 @@ Project and support maintained on github at [indieweb/wordpress-indieauth](https = 3.4.0 = * Enforce unique URLs for user accounts * Add user url to user table -* Redo association for URL to user account. At this time, only the root path and the author archive URLs are allowed as a return. Hoping to add more options in future +* Redo association for URL to user account. At this time, only the root path and the author archive URLs are allowed as a return. Hoping to add more options in future * Add Site Health Check * Improve text and links for authorization failure @@ -271,7 +271,7 @@ Project and support maintained on github at [indieweb/wordpress-indieauth](https * Add header check to settings page * Add option to generate tokens on the backend with any scope * Add option to bulk expire tokens -* Add cleanup option +* Add cleanup option = 3.3.1 = diff --git a/templates/authdiagtest.php b/templates/authdiagtest.php index 7430187..cdebe1c 100644 --- a/templates/authdiagtest.php +++ b/templates/authdiagtest.php @@ -19,4 +19,3 @@ if ( ! is_wp_error( $response ) ) { echo esc_html( $response['body'] ); } - diff --git a/templates/indieauth-settings.php b/templates/indieauth-settings.php index bd249a4..ed994ed 100644 --- a/templates/indieauth-settings.php +++ b/templates/indieauth-settings.php @@ -73,7 +73,7 @@ - /> + />