Skip to content

Commit 99aa1b9

Browse files
kilbotkilbot
committed
(WIP): add state variable
1 parent c19c73b commit 99aa1b9

File tree

1 file changed

+44
-7
lines changed

1 file changed

+44
-7
lines changed

includes/Templates/Auth.php

Lines changed: 44 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,13 @@ class Auth {
1919
*/
2020
private $redirect_uri;
2121

22+
/**
23+
* The state parameter.
24+
*
25+
* @var string
26+
*/
27+
private $state;
28+
2229
/**
2330
* Error message.
2431
*
@@ -35,8 +42,22 @@ public function __construct() {
3542

3643
// Initialize properties
3744
$this->redirect_uri = esc_url( $_REQUEST['redirect_uri'] ?? '', array( 'https', 'http', 'wcpos' ) );
45+
$this->state = sanitize_text_field( $_REQUEST['state'] ?? '' );
3846
$this->error = '';
3947

48+
// Validate required parameters
49+
if ( empty( $this->redirect_uri ) ) {
50+
$this->error = 'Missing or invalid redirect_uri parameter.';
51+
52+
return;
53+
}
54+
55+
if ( empty( $this->state ) ) {
56+
$this->error = 'Missing state parameter.';
57+
58+
return;
59+
}
60+
4061
// Handle form submission
4162
$this->handle_form_submission();
4263
}
@@ -50,6 +71,15 @@ public function get_redirect_uri(): string {
5071
return $this->redirect_uri;
5172
}
5273

74+
/**
75+
* Get the state parameter.
76+
*
77+
* @return string
78+
*/
79+
public function get_state(): string {
80+
return $this->state;
81+
}
82+
5383
/**
5484
* Get the error message.
5585
*
@@ -121,14 +151,21 @@ private function handle_form_submission(): void {
121151
}
122152

123153
// On success, redirect back to app (or fallback to dashboard)
154+
$redirect_params = array(
155+
'access_token' => rawurlencode( $redirect_data['access_token'] ),
156+
'refresh_token' => rawurlencode( $redirect_data['refresh_token'] ),
157+
'token_type' => rawurlencode( $redirect_data['token_type'] ),
158+
'expires_in' => \intval( $redirect_data['expires_in'] ),
159+
'user_id' => \intval( $redirect_data['user_id'] ),
160+
);
161+
162+
// Include state parameter if it was provided
163+
if ( ! empty( $this->state ) ) {
164+
$redirect_params['state'] = rawurlencode( $this->state );
165+
}
166+
124167
$target = $this->redirect_uri
125-
? add_query_arg( array(
126-
'access_token' => rawurlencode( $redirect_data['access_token'] ),
127-
'refresh_token' => rawurlencode( $redirect_data['refresh_token'] ),
128-
'token_type' => rawurlencode( $redirect_data['token_type'] ),
129-
'expires_in' => \intval( $redirect_data['expires_in'] ),
130-
'user_id' => \intval( $redirect_data['user_id'] ),
131-
), $this->redirect_uri )
168+
? add_query_arg( $redirect_params, $this->redirect_uri )
132169
: admin_url();
133170

134171
wp_redirect( $target );

0 commit comments

Comments
 (0)