File "functions.php"
Full Path: /home/vantageo/public_html/cache/cache/cache/cache/cache/cache/.wp-cli/wp-content/plugins/mojo-marketplace-wp-plugin/vendor/bluehost/endurance-wp-module-sso/functions.php
File size: 3.28 KB
MIME-type: text/x-php
Charset: utf-8
<?php
if ( ! function_exists( 'eig_sso_handler' ) ) {
/**
* Run SSO check and login if request is valid.
*/
function eig_sso_handler() {
$nonce = filter_input( INPUT_GET, 'nonce', FILTER_SANITIZE_STRING );
$salt = filter_input( INPUT_GET, 'salt', FILTER_SANITIZE_STRING );
// Not doing SSO
if ( ! $nonce || ! $salt ) {
wp_safe_redirect( wp_login_url() );
exit;
}
// Too many failed SSO attempts
$attempts = eig_sso_failed_attempts();
if ( $attempts > 4 ) {
do_action( 'eig_sso_fail' );
wp_safe_redirect( wp_login_url() );
exit;
}
// Unable to get user
$user = eig_sso_get_user();
if ( ! $user ) {
do_action( 'eig_sso_fail' );
wp_safe_redirect( wp_login_url() );
exit;
}
// Invalid SSO token
$hash = substr( base64_encode( hash( 'sha256', $nonce . $salt, false ) ), 0, 64 );
if ( get_transient( 'sso_token' ) !== $hash ) {
eig_sso_failed_attempts( 1 );
do_action( 'eig_sso_fail' );
wp_safe_redirect( wp_login_url() );
exit;
}
// Log user in
eig_sso_login_user( $user );
// Handle redirect
$redirect = eig_sso_get_redirect_url();
do_action( 'eig_sso_success', $user, $redirect );
wp_safe_redirect( $redirect );
exit;
}
}
if ( ! function_exists( 'eig_sso_failed_attempts' ) ) {
/**
* Get and/or increment failed SSO attempts.
*
* @param int $increment
*
* @return int
*/
function eig_sso_failed_attempts( $increment = 0 ) {
static $attempts;
$key = 'sso_failures';
if ( ! isset( $attempts ) ) {
$attempts = absint( get_transient( $key ) );
}
if ( $increment ) {
$attempts += $increment;
set_transient( $key, $attempts, MINUTE_IN_SECONDS * 5 );
}
return $attempts;
}
}
if ( ! function_exists( 'eig_sso_get_user' ) ) {
/**
* Get the user for SSO.
*
* @return WP_User|false
*/
function eig_sso_get_user() {
$user = false;
$user_reference = filter_input( INPUT_GET, 'user' );
if ( $user_reference ) {
if ( is_email( $user_reference ) ) {
$user = get_user_by( 'email', sanitize_email( $user_reference ) );
} else {
$user_id = absint( $user_reference );
if ( $user_id ) {
$user = get_user_by( 'id', $user_id );
}
}
}
// If user wasn't found, find first admin user
if ( ! $user ) {
$users = get_users( array( 'role' => 'administrator', 'number' => 1 ) );
if ( isset( $users[0] ) && is_a( $users[0], 'WP_User' ) ) {
$user = $users[0];
}
}
return $user;
}
}
if ( ! function_exists( 'eig_sso_login_user' ) ) {
/**
* Log a user into WordPress.
*
* @param WP_User $user
*/
function eig_sso_login_user( WP_User $user ) {
wp_set_current_user( $user->ID, $user->user_login );
wp_set_auth_cookie( $user->ID );
do_action( 'wp_login', $user->user_login, $user );
}
}
if ( ! function_exists( 'eig_sso_get_redirect_url' ) ) {
/**
* Get the SSO redirect URL.
*
* @return string
*/
function eig_sso_get_redirect_url() {
$url = '';
$params = array( 'bounce', 'redirect' );
foreach ( $params as $param ) {
if ( ! $url ) {
$relative_path = esc_url_raw( filter_input( INPUT_GET, $param ) );
if ( $relative_path ) {
$url = admin_url( $relative_path );
}
}
}
if ( ! $url ) {
$url = admin_url( '/admin.php?page=bluehost' );
}
return (string) apply_filters( 'eig_sso_redirect', $url );
}
}