Skip to content

Commit

Permalink
Merge pull request #263 from akirk/prevent-rest-errors-for-other-auths
Browse files Browse the repository at this point in the history 
Prevent returning 401 for other successful OAuth2 plugins
  • Loading branch information
@pfefferle
pfefferle authored Jan 12, 2024
2 parents b9d63a9 + b1fdeb9 commit 816d7ff
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 0 deletions.
5 changes: 5 additions & 0 deletions includes/class-indieauth-authorize.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,11 @@ public function get_indieauth_response( $response ) {
* @return WP_Error|null Error if one is set, otherwise null.
*/
public function rest_authentication_errors( $error = null ) {
if ( is_user_logged_in() ) {
// Another OAuth2 plugin successfully authenticated.
return null;
}

if ( ! empty( $error ) ) {
return $error;
}
Expand Down
8 changes: 8 additions & 0 deletions tests/test-authorize.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,8 @@ public function test_authorize_bearer() {
$authorize->load();
$user_id = apply_filters( 'determine_current_user', false );
$this->assertEquals( $user_id, self::$author_id );
wp_set_current_user( $user_id );
$this->assertNull( $authorize->rest_authentication_errors() );
}

public function test_authorize_bearer_other_non_matching_provider() {
Expand All @@ -80,6 +82,8 @@ public function test_authorize_bearer_other_non_matching_provider() {
$authorize->load();
$user_id = apply_filters( 'determine_current_user', false );
$this->assertEquals( $user_id, self::$author_id );
wp_set_current_user( $user_id );
$this->assertNull( $authorize->rest_authentication_errors() );
}

public function test_authorize_bearer_other_provider() {
Expand All @@ -96,6 +100,8 @@ public function test_authorize_bearer_other_provider() {
$authorize->load();
$user_id = apply_filters( 'determine_current_user', false );
$this->assertEquals( $user_id, self::$author_id );
wp_set_current_user( $user_id );
$this->assertNull( $authorize->rest_authentication_errors() );
}

public function test_authorize_bearer_no_valid_token_other_provider() {
Expand All @@ -112,6 +118,8 @@ public function test_authorize_bearer_no_valid_token_other_provider() {
$authorize->load();
$user_id = apply_filters( 'determine_current_user', false );
$this->assertFalse( $user_id );
wp_set_current_user( $user_id );
$this->assertTrue( is_wp_error( $authorize->rest_authentication_errors() ) );
}

// Tests map_meta_cap for standard permissions
Expand Down

0 comments on commit 816d7ff

Please sign in to comment.