Initial commit
This commit is contained in:
commit
00f842d9bf
68
.gitignore
vendored
Normal file
68
.gitignore
vendored
Normal file
@ -0,0 +1,68 @@
|
|||||||
|
*.log
|
||||||
|
*.swp
|
||||||
|
*.back
|
||||||
|
*.bak
|
||||||
|
*.sql
|
||||||
|
*.sql.gz
|
||||||
|
~*
|
||||||
|
|
||||||
|
.htaccess
|
||||||
|
.maintenance
|
||||||
|
|
||||||
|
wp-config.php
|
||||||
|
sitemap.xml
|
||||||
|
sitemap.xml.gz
|
||||||
|
wp-content/uploads/
|
||||||
|
wp-content/blogs.dir/
|
||||||
|
wp-content/upgrade/
|
||||||
|
wp-content/backup-db/
|
||||||
|
wp-content/cache/
|
||||||
|
wp-content/backups/
|
||||||
|
|
||||||
|
wp-content/advanced-cache.php
|
||||||
|
wp-content/object-cache.php
|
||||||
|
wp-content/wp-cache-config.php
|
||||||
|
wp-content/db.php
|
||||||
|
|
||||||
|
wp-admin/
|
||||||
|
wp-includes/
|
||||||
|
/index.php
|
||||||
|
/license.txt
|
||||||
|
/readme.html
|
||||||
|
|
||||||
|
# de_DE
|
||||||
|
/liesmich.html
|
||||||
|
|
||||||
|
# it_IT
|
||||||
|
/LEGGIMI.txt
|
||||||
|
/licenza.html
|
||||||
|
|
||||||
|
# da_DK
|
||||||
|
/licens.html
|
||||||
|
|
||||||
|
# es_ES, es_PE
|
||||||
|
/licencia.txt
|
||||||
|
|
||||||
|
# hu_HU
|
||||||
|
/licenc.txt
|
||||||
|
/olvasdel.html
|
||||||
|
|
||||||
|
# sk_SK
|
||||||
|
/licencia-sk_SK.txt
|
||||||
|
|
||||||
|
# sv_SE
|
||||||
|
/licens-sv_SE.txt
|
||||||
|
|
||||||
|
/wp-activate.php
|
||||||
|
/wp-blog-header.php
|
||||||
|
/wp-comments-post.php
|
||||||
|
/wp-config-sample.php
|
||||||
|
/wp-cron.php
|
||||||
|
/wp-links-opml.php
|
||||||
|
/wp-load.php
|
||||||
|
/wp-login.php
|
||||||
|
/wp-mail.php
|
||||||
|
/wp-settings.php
|
||||||
|
/wp-signup.php
|
||||||
|
/wp-trackback.php
|
||||||
|
/xmlrpc.php
|
2
wp-content/index.php
Normal file
2
wp-content/index.php
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
<?php
|
||||||
|
// Silence is golden.
|
7
wp-content/mu-plugins/LICENSE.md
Normal file
7
wp-content/mu-plugins/LICENSE.md
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
Copyright <YEAR> <COPYRIGHT HOLDER>
|
||||||
|
|
||||||
|
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
|
||||||
|
|
||||||
|
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
|
||||||
|
|
||||||
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
95
wp-content/mu-plugins/README.md
Normal file
95
wp-content/mu-plugins/README.md
Normal file
@ -0,0 +1,95 @@
|
|||||||
|
# authLDAP
|
||||||
|
|
||||||
|
[![Join the chat at https://gitter.im/heiglandreas/authLdap](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/heiglandreas/authLdap?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
|
||||||
|
|
||||||
|
Use your existing LDAP as authentication-backend for your wordpress!
|
||||||
|
|
||||||
|
[![Build Status](https://travis-ci.org/heiglandreas/authLdap.svg?branch=master)](https://travis-ci.org/heiglandreas/authLdap)
|
||||||
|
[![WordPress Stats](https://img.shields.io/wordpress/plugin/dt/authldap.svg)](https://wordpress.org/plugins/authldap/stats/)
|
||||||
|
[![WordPress Version](https://img.shields.io/wordpress/plugin/v/authldap.svg)](https://wordpress.org/plugins/authldap/)
|
||||||
|
[![WordPress testet](https://img.shields.io/wordpress/v/authldap.svg)](https://wordpress.org/plugins/authldap/)
|
||||||
|
[![Code Climate](https://codeclimate.com/github/heiglandreas/authLdap/badges/gpa.svg)](https://codeclimate.com/github/heiglandreas/authLdap)
|
||||||
|
[![Test Coverage](https://codeclimate.com/github/heiglandreas/authLdap/badges/coverage.svg)](https://codeclimate.com/github/heiglandreas/authLdap)
|
||||||
|
|
||||||
|
So what are the differences to other Wordpress-LDAP-Authentication-Plugins?
|
||||||
|
|
||||||
|
* **Flexible**: You are totaly free in which LDAP-backend to use. Due to the extensive configuration you can
|
||||||
|
freely decide how to do the authentication of your users. It simply depends on your
|
||||||
|
filters
|
||||||
|
* **Independent**: As soon as a user logs in, it is added/updated to the Wordpress' user-database
|
||||||
|
to allow wordpress to always use the correct data. You only have to administer your users once.
|
||||||
|
* **Failsafe**: Due to the users being created in Wordpress' User-database they can
|
||||||
|
also log in when the LDAP-backend currently is gone.
|
||||||
|
* **Role-Aware**: You can map Wordpress' roles to values of an existing LDAP-attribute.
|
||||||
|
|
||||||
|
## How does the plugin work?
|
||||||
|
|
||||||
|
Well, as a matter of fact it is rather simple. The plugin verifies, that the user
|
||||||
|
seeking authentification can bind to the LDAP using the provided password.
|
||||||
|
|
||||||
|
If that is so, the user is either created or updated in the wordpress-user-database.
|
||||||
|
This update includes the provided password (so the wordpress can authenticate users
|
||||||
|
even without the LDAP), the users name according to the authLDAP-preferences and
|
||||||
|
the status of the user depending on the groups-settings of the authLDAP-preferences
|
||||||
|
|
||||||
|
Writing this plugin would not have been as easy as it has been, without the
|
||||||
|
wonderfull plugin of Alistair Young from http://www.weblogs.uhi.ac.uk/sm00ay/?p=45
|
||||||
|
|
||||||
|
## Configuration
|
||||||
|
|
||||||
|
### Usage Settings
|
||||||
|
|
||||||
|
* **Enable Authentication via LDAP** Whether you want to enable authLdap for login or not
|
||||||
|
* **debug authLdap** When you have problems with authentication via LDAP you can enable a debugging mode here.
|
||||||
|
* **Save entered Password** Decide whether passwords will be cached in your wordpress-installation. **Attention:** Without the cache your users will not be able to log into your site when your LDAP is down!
|
||||||
|
|
||||||
|
### Server Settings
|
||||||
|
|
||||||
|
* **LDAP Uri** This is the URI where your ldap-backend can be reached. More information are actually on the Configuration page
|
||||||
|
* **Filter** This is the real McCoy! The filter you define here specifies how a user will be found. Before applying the filter a %s will be replaced with the given username. This means, when a user logs in using ‘foobar’ as username the following happens:
|
||||||
|
|
||||||
|
* **uid=%1$s** check for any LDAP-Entry that has an attribute ‘uid’ with value ‘foobar’
|
||||||
|
* **(&(objectclass=posixAccount)(|(uid=%1$s)(mail=%1$s)))** check for any LDAP-Entry that has an attribute ‘objectclass’ with value ‘posixAccout’ and either a UID- or a mail-attribute with value ‘foobar’
|
||||||
|
|
||||||
|
This filter is rather powerfull if used wisely.
|
||||||
|
|
||||||
|
### Creating Users
|
||||||
|
|
||||||
|
* **Name-Attribute** Which Attribute from the LDAP contains the Full or the First name of the user trying to log in. This defaults to name
|
||||||
|
* **Second Name Attribute** If the above Name-Attribute only contains the First Name of the user you can here specify an Attribute that contains the second name. This field is empty by default
|
||||||
|
* **User-ID Attribute** This field will be used as login-name for wordpress. Please give the Attribute, that is used to identify the user. This should be the same as you used in the above Filter-Option. This field defaults to uid
|
||||||
|
* **Mail Attribute** Which Attribute holds the eMail-Address of the user? If more than one eMail-Address are stored in the LDAP, only the first given is used. This field defaults to mail
|
||||||
|
* **Web-Attribute** If your users have a personal page (URI) stored in the LDAP, it can be provided here. This field is empty by default
|
||||||
|
|
||||||
|
### User-Groups for Roles
|
||||||
|
|
||||||
|
* **Group-Attribute** This is the attribute that defines the Group-ID that can be matched against the Groups defined further down This field defaults to gidNumber.
|
||||||
|
* **Group-Filter** Here you can add the filter for selecting groups for the currentlly logged in user The Filter should contain the string %s which will be replaced by the login-name of the currently logged in
|
||||||
|
|
||||||
|
|
||||||
|
## FAQ
|
||||||
|
|
||||||
|
<dl>
|
||||||
|
<dt>Can I change a users password with this plugin?</dt>
|
||||||
|
<dd>Short Answer: <strong>No</strong>!<br>Long Answer: As the users credentials are not
|
||||||
|
only used for a wordpress-site when you authenticate against an LDAP but for
|
||||||
|
many other services also chances are great that there is a centralized place
|
||||||
|
where password-changes shall be made. We'll later allow inclusion of a link
|
||||||
|
to such a place but currently it's not available. And as password-hashing and
|
||||||
|
where to store it requires deeper insight into the LDAP-Server then most users
|
||||||
|
have and admins are willing to give, password changes are out of scope of this
|
||||||
|
plugin. If you know exactyl what you do, you might want to have a look at
|
||||||
|
<a href="https://github.com/heiglandreas/authLdap/issues/54#issuecomment-125851029">
|
||||||
|
issue 54</a>
|
||||||
|
wherer a way of adding it is described!
|
||||||
|
</dd>
|
||||||
|
<dt>Can I add a user to the LDAP when she creates a user-account on wordpress?</dt>
|
||||||
|
<dd>Short Answer: <strong>No</strong>!<br>Long Answer: Even though that is technically possible
|
||||||
|
it's not in the scope of this plugin. As creating a user in an LDAP often involves
|
||||||
|
an administrative process that has already been implemented in your departments
|
||||||
|
administration it doesn't make sense to rebuild that - in most cases highly
|
||||||
|
individual - process in this plugin. If you know exactly what you do, have a look at
|
||||||
|
<a href="https://github.com/heiglandreas/authLdap/issues/65">issue 65</a>
|
||||||
|
where <a href="https://github.com/wtfiwtz">wtfiwtz</a> shows how to implement that feature.
|
||||||
|
</dd>
|
||||||
|
</dl>
|
1
wp-content/mu-plugins/VERSION
Normal file
1
wp-content/mu-plugins/VERSION
Normal file
@ -0,0 +1 @@
|
|||||||
|
2.3.1
|
28
wp-content/mu-plugins/Vagrantfile
vendored
Normal file
28
wp-content/mu-plugins/Vagrantfile
vendored
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
# -*- mode: ruby -*-
|
||||||
|
# vi: set ft=ruby :
|
||||||
|
|
||||||
|
$install_ldap = <<SCRIPT
|
||||||
|
export DEBIAN_FRONTEND=noninteractive
|
||||||
|
apt-get -yq update
|
||||||
|
apt-get -yq --no-install-suggests --no-install-recommends --force-yes install slapd ldap-utils apparmor-utils
|
||||||
|
sudo aa-complain /usr/sbin/slapd
|
||||||
|
SCRIPT
|
||||||
|
|
||||||
|
$setup_vagrant_user_environment = <<SCRIPT
|
||||||
|
if ! grep "cd /vagrant" /home/vagrant/.profile > /dev/null; then
|
||||||
|
echo "cd /vagrant" >> /home/vagrant/.profile
|
||||||
|
fi
|
||||||
|
SCRIPT
|
||||||
|
|
||||||
|
Vagrant.configure(2) do |config|
|
||||||
|
config.vm.box = 'bento/ubuntu-14.04'
|
||||||
|
config.vm.box_check_update = false
|
||||||
|
|
||||||
|
# LDAP port
|
||||||
|
config.vm.network 'forwarded_port', guest: 3890, host: 3890
|
||||||
|
|
||||||
|
config.vm.provision 'shell', inline: $install_ldap
|
||||||
|
config.vm.provision 'shell', privileged: false, inline: '/vagrant/.ci/OpenLDAP_run.sh', :run => 'always'
|
||||||
|
config.vm.provision 'shell', privileged: false, inline: '/vagrant/.ci/load_fixtures.sh', :run => 'always'
|
||||||
|
config.vm.provision 'shell', inline: $setup_vagrant_user_environment
|
||||||
|
end
|
95
wp-content/mu-plugins/build.xml
Normal file
95
wp-content/mu-plugins/build.xml
Normal file
@ -0,0 +1,95 @@
|
|||||||
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
|
<project name="ajaxComments" default="build" basedir=".">
|
||||||
|
<php expression="include('vendor/autoload.php')"/>
|
||||||
|
<loadfile property = "version" file = "VERSION">
|
||||||
|
<filterchain>
|
||||||
|
<striplinebreaks/>
|
||||||
|
</filterchain>
|
||||||
|
</loadfile>
|
||||||
|
<target name="bumpversion">
|
||||||
|
<echo>Bumping version to ${version}</echo>
|
||||||
|
<reflexive>
|
||||||
|
<fileset dir=".">
|
||||||
|
<include name="index.php"/>
|
||||||
|
<include name="authLdap.php"/>
|
||||||
|
</fileset>
|
||||||
|
<filterchain>
|
||||||
|
<replaceregexp>
|
||||||
|
<regexp pattern="Version:.*" replace="Version: ${version}"/>
|
||||||
|
</replaceregexp>
|
||||||
|
</filterchain>
|
||||||
|
</reflexive>
|
||||||
|
</target>
|
||||||
|
<target name="build" depends="bumpversion,deploy.git,deploy.svn"/>
|
||||||
|
<target name="sync.svn">
|
||||||
|
<filesync
|
||||||
|
rsyncPath="rsync"
|
||||||
|
destinationDir="${project.basedir}/svn/trunk"
|
||||||
|
sourceDir="${project.basedir}/"
|
||||||
|
verbose="true"
|
||||||
|
excludeFile="${project.basedir}/.rsyncIgnore"
|
||||||
|
/>
|
||||||
|
</target>
|
||||||
|
<target name="deploy.svn" depends="sync.svn">
|
||||||
|
<property override="true" file="${project.basedir}/.svnAccess" prefix="svnaccess" />
|
||||||
|
<foreach param="dirname" target="svn.addFile">
|
||||||
|
<fileset dir="${project.basedir}/svn/trunk">
|
||||||
|
<include name="**/*"/>
|
||||||
|
</fileset>
|
||||||
|
</foreach>
|
||||||
|
<echo message="${svnaccess.username}"/>
|
||||||
|
<exec outputProperty="committedrevision" executable="svn" dir="${project.basedir}/svn/trunk">
|
||||||
|
<arg value="commit"/>
|
||||||
|
<arg value="--username"/>
|
||||||
|
<arg value="${svnaccess.username}"/>
|
||||||
|
<arg value="--password"/>
|
||||||
|
<arg value="${svnaccess.password}"/>
|
||||||
|
<arg value="--message"/>
|
||||||
|
<arg value="Bumps version to ${version}"/>
|
||||||
|
<arg value="--no-auth-cache"/>
|
||||||
|
<arg value="--quiet"/>
|
||||||
|
</exec>
|
||||||
|
<!--svncommit
|
||||||
|
username="${svnaccess.username}"
|
||||||
|
password="${svnaccess.password}"
|
||||||
|
workingcopy="${project.basedir}/svn"
|
||||||
|
message="Bumps version to ${version}"
|
||||||
|
nocache="true"
|
||||||
|
/-->
|
||||||
|
<echo message="Committed revision: ${committedrevision}"/>
|
||||||
|
</target>
|
||||||
|
|
||||||
|
<target name="svn.addFile">
|
||||||
|
<trycatch>
|
||||||
|
<try>
|
||||||
|
<svninfo workingcopy="${project.basedir}/svn/trunk/${dirname}"/>
|
||||||
|
</try>
|
||||||
|
<catch>
|
||||||
|
<exec command="svn add ${project.basedir}/svn/trunk/${dirname}"/>
|
||||||
|
<echo>${dirname}</echo>
|
||||||
|
</catch>
|
||||||
|
<finally>
|
||||||
|
|
||||||
|
</finally>
|
||||||
|
</trycatch>
|
||||||
|
<echo>${svn.info}</echo>
|
||||||
|
</target>
|
||||||
|
<target name="deploy.git">
|
||||||
|
<exec executable="git" dir=".">
|
||||||
|
<arg value="-m"/>
|
||||||
|
<arg value="Bumps version to ${version}"/>
|
||||||
|
</exec>
|
||||||
|
<exec executable="git" dir=".">
|
||||||
|
<arg value="tag"/>
|
||||||
|
<arg value="-s"/>
|
||||||
|
<arg value="-m"/>
|
||||||
|
<arg value="Version ${version}"/>
|
||||||
|
<arg value="${version}"/>
|
||||||
|
</exec>
|
||||||
|
<exec executable="git" dir=".">
|
||||||
|
<arg value="push"/>
|
||||||
|
<arg value="--tags"/>
|
||||||
|
<arg value="origin"/>
|
||||||
|
</exec>
|
||||||
|
</target>
|
||||||
|
</project>
|
41
wp-content/mu-plugins/composer.json
Normal file
41
wp-content/mu-plugins/composer.json
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
{
|
||||||
|
"name" : "org_heigl/authLdap",
|
||||||
|
"type" : "library",
|
||||||
|
"description": "Enables wordpress-authentication via LDAP",
|
||||||
|
"keywords": ["ldap","authenticate", "auth", "wordpress"],
|
||||||
|
"homepage": "http://github.com/heiglandreas/authLdap",
|
||||||
|
"license": "MIT",
|
||||||
|
"authors": [{
|
||||||
|
"name": "Andreas Heigl",
|
||||||
|
"email": "andreas@heigl.org",
|
||||||
|
"homepage": "http://andreas.heigl.org",
|
||||||
|
"role": "Developer"
|
||||||
|
}],
|
||||||
|
"require" : {
|
||||||
|
"php": ">=5.4",
|
||||||
|
"phing/phing": "^2.16"
|
||||||
|
},
|
||||||
|
"require-dev": {
|
||||||
|
"php-mock/php-mock": "^1.0",
|
||||||
|
"phpunit/phpunit": "~4.5",
|
||||||
|
"mockery/mockery": "0.9.*",
|
||||||
|
"codeclimate/php-test-reporter": "0.1.*",
|
||||||
|
"squizlabs/php_codesniffer": "~2.3",
|
||||||
|
"pear/versioncontrol_svn": "^0.5.2",
|
||||||
|
"pear/pear": "dev-master"
|
||||||
|
},
|
||||||
|
"autoload" : {
|
||||||
|
"classmap" : [
|
||||||
|
"ldap.php",
|
||||||
|
"authLdap.php"
|
||||||
|
],
|
||||||
|
"psr-4" : {
|
||||||
|
"Org_Heigl\\AuthLdap\\" : "src/"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"autoload-dev" : {
|
||||||
|
"psr-4" : {
|
||||||
|
"Org_Heigl\\AuthLdapTest\\" : "tests/"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
67
wp-content/mu-plugins/docker-compose.yml
Normal file
67
wp-content/mu-plugins/docker-compose.yml
Normal file
@ -0,0 +1,67 @@
|
|||||||
|
version: "3.5"
|
||||||
|
|
||||||
|
services:
|
||||||
|
wp:
|
||||||
|
# image: authldap:latest
|
||||||
|
build:
|
||||||
|
context: dockersetup
|
||||||
|
dockerfile: Dockerfile_wordpress
|
||||||
|
ports:
|
||||||
|
- 80:80 # change ip if required
|
||||||
|
volumes:
|
||||||
|
- ./config/php.conf.ini:/usr/local/etc/php/conf.d/conf.ini
|
||||||
|
- ./wp-app:/var/www/html # Full wordpress project
|
||||||
|
- .:/var/www/html/wp-content/plugins/authldap # Plugin development
|
||||||
|
#- ./theme-name/trunk/:/var/www/html/wp-content/themes/theme-name # Theme development
|
||||||
|
environment:
|
||||||
|
WORDPRESS_DB_HOST: db
|
||||||
|
WORDPRESS_DB_NAME: "wordpress"
|
||||||
|
WORDPRESS_DB_USER: root
|
||||||
|
WORDPRESS_DB_PASSWORD: "wppasswd"
|
||||||
|
depends_on:
|
||||||
|
- db
|
||||||
|
links:
|
||||||
|
- db
|
||||||
|
|
||||||
|
wpcli:
|
||||||
|
image: wordpress:cli
|
||||||
|
volumes:
|
||||||
|
- ./config/php.conf.ini:/usr/local/etc/php/conf.d/conf.ini
|
||||||
|
- ./wp-app:/var/www/html
|
||||||
|
depends_on:
|
||||||
|
- db
|
||||||
|
- wp
|
||||||
|
|
||||||
|
db:
|
||||||
|
image: mysql:latest # https://hub.docker.com/_/mysql/ - or mariadb https://hub.docker.com/_/mariadb
|
||||||
|
ports:
|
||||||
|
- 3306:3306 # change ip if required
|
||||||
|
command: [
|
||||||
|
'--default_authentication_plugin=mysql_native_password',
|
||||||
|
'--character-set-server=utf8mb4',
|
||||||
|
'--collation-server=utf8mb4_unicode_ci'
|
||||||
|
]
|
||||||
|
volumes:
|
||||||
|
- ./wp-data:/docker-entrypoint-initdb.d
|
||||||
|
- db_data:/var/lib/mysql
|
||||||
|
environment:
|
||||||
|
MYSQL_DATABASE: "wordpress"
|
||||||
|
MYSQL_ROOT_PASSWORD: "wppasswd"
|
||||||
|
|
||||||
|
openldap:
|
||||||
|
image: osixia/openldap:latest
|
||||||
|
# build:
|
||||||
|
# context: dockersetup
|
||||||
|
# dockerfile: Dockerfile_ldap
|
||||||
|
ports:
|
||||||
|
- 389:389
|
||||||
|
volumes:
|
||||||
|
- ./.ci/50-init.ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom/50-bootstrap.ldif
|
||||||
|
command: "--copy-service --loglevel debug"
|
||||||
|
restart: always
|
||||||
|
environment:
|
||||||
|
LDAP_LOG_LEVEL: "0"
|
||||||
|
LDAP_TLS: "false"
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
db_data:
|
9
wp-content/mu-plugins/dockersetup/Dockerfile_wordpress
Normal file
9
wp-content/mu-plugins/dockersetup/Dockerfile_wordpress
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
FROM wordpress:latest
|
||||||
|
|
||||||
|
RUN set -x \
|
||||||
|
&& apt-get update \
|
||||||
|
&& apt-get install -y libldap2-dev \
|
||||||
|
&& rm -rf /var/lib/apt/lists/* \
|
||||||
|
&& docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ \
|
||||||
|
&& docker-php-ext-install ldap \
|
||||||
|
&& apt-get purge -y --auto-remove libldap2-dev
|
0
wp-content/mu-plugins/dockersetup/ldap/environment
Normal file
0
wp-content/mu-plugins/dockersetup/ldap/environment
Normal file
BIN
wp-content/mu-plugins/langs/wp_mail_smtp-he_IL.mo
Normal file
BIN
wp-content/mu-plugins/langs/wp_mail_smtp-he_IL.mo
Normal file
Binary file not shown.
BIN
wp-content/mu-plugins/langs/wp_mail_smtp-ja.mo
Normal file
BIN
wp-content/mu-plugins/langs/wp_mail_smtp-ja.mo
Normal file
Binary file not shown.
28
wp-content/mu-plugins/phpunit.travis.xml
Normal file
28
wp-content/mu-plugins/phpunit.travis.xml
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<phpunit bootstrap="vendor/autoload.php">
|
||||||
|
<testsuite name="authLdap Test-Suite">
|
||||||
|
<directory>tests</directory>
|
||||||
|
</testsuite>
|
||||||
|
|
||||||
|
<groups>
|
||||||
|
<exclude>
|
||||||
|
<group>disable</group>
|
||||||
|
</exclude>
|
||||||
|
</groups>
|
||||||
|
<listeners>
|
||||||
|
<listener class="\Mockery\Adapter\Phpunit\TestListener"></listener>
|
||||||
|
</listeners>
|
||||||
|
<filter>
|
||||||
|
<whitelist>
|
||||||
|
<directory suffix=".php">src</directory>
|
||||||
|
</whitelist>
|
||||||
|
</filter>
|
||||||
|
|
||||||
|
<logging>
|
||||||
|
<!--
|
||||||
|
Adapt these paths to your special needs
|
||||||
|
-->
|
||||||
|
<log type="coverage-text" target="php://stdout" showUncoveredFiles="false"/>
|
||||||
|
<log type="coverage-clover" target="build/logs/clover.xml" />
|
||||||
|
</logging>
|
||||||
|
</phpunit>
|
42
wp-content/mu-plugins/phpunit.xml.dist
Normal file
42
wp-content/mu-plugins/phpunit.xml.dist
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
|
||||||
|
<!--
|
||||||
|
Document : phpunit.xml
|
||||||
|
Created on : 21.09.2010
|
||||||
|
Author : heiglandreas
|
||||||
|
-->
|
||||||
|
|
||||||
|
<phpunit bootstrap="vendor/autoload.php">
|
||||||
|
<testsuite name="authLdap Test-Suite">
|
||||||
|
<directory>tests</directory>
|
||||||
|
</testsuite>
|
||||||
|
|
||||||
|
<groups>
|
||||||
|
<exclude>
|
||||||
|
<group>disable</group>
|
||||||
|
</exclude>
|
||||||
|
</groups>
|
||||||
|
<listeners>
|
||||||
|
<!--listener class="\Mockery\Adapter\Phpunit\TestListener"></listener-->
|
||||||
|
</listeners>
|
||||||
|
<filter>
|
||||||
|
<whitelist>
|
||||||
|
<directory suffix=".php">src</directory>
|
||||||
|
</whitelist>
|
||||||
|
</filter>
|
||||||
|
<logging>
|
||||||
|
<log type="coverage-html" target="build/coverage" charset="UTF-8"
|
||||||
|
yui="true" highlight="false"
|
||||||
|
lowUpperBound="35" highLowerBound="70" />
|
||||||
|
<!--log type="coverage-xml" target="../report/coverage.xml"/-->
|
||||||
|
<!--log type="graphviz" target="../report/logfile.dot"/-->
|
||||||
|
<!--log type="json" target="../report/logfile.json"/-->
|
||||||
|
<!--log type="metrics-xml" target="../report/metrics.xml"/-->
|
||||||
|
<!--log type="plain" target="../report/logfile.txt"/-->
|
||||||
|
<!--log type="pmd-xml" target="../report/pmd.xml" cpdMinLines="5" cpdMinMatches="70"/-->
|
||||||
|
<!--log type="tap" target="../report/logfile.tap"/-->
|
||||||
|
<!--log type="test-xml" target="../report/logfile.xml" logIncompleteSkipped="false"/-->
|
||||||
|
<!--log type="testdox-html" target="../report/testdox.html"/-->
|
||||||
|
<!--log type="testdox-text" target="../report/testdox.txt"/-->
|
||||||
|
</logging>
|
||||||
|
</phpunit>
|
111
wp-content/mu-plugins/readme.txt
Normal file
111
wp-content/mu-plugins/readme.txt
Normal file
@ -0,0 +1,111 @@
|
|||||||
|
=== authLdap ===
|
||||||
|
Contributors: heiglandreas
|
||||||
|
Tags: ldap, auth, authentication, active directory, AD, openLDAP, Open Directory
|
||||||
|
Requires at least: 2.5.0
|
||||||
|
Tested up to: 5.2.0
|
||||||
|
Requires PHP: 5.6
|
||||||
|
Stable tag: trunk
|
||||||
|
License: MIT
|
||||||
|
License URI: https://opensource.org/licenses/MIT
|
||||||
|
|
||||||
|
Use your existing LDAP flexible as authentication backend for WordPress
|
||||||
|
|
||||||
|
== Description ==
|
||||||
|
|
||||||
|
Use your existing LDAP as authentication-backend for your wordpress!
|
||||||
|
|
||||||
|
So what are the differences to other Wordpress-LDAP-Authentication-Plugins?
|
||||||
|
|
||||||
|
* Flexible: You are totaly free in which LDAP-backend to use. Due to the extensive configuration you can freely decide how to do the authentication of your users. It simply depends on your filters
|
||||||
|
* Independent: As soon as a user logs in, it is added/updated to the Wordpress' user-database to allow wordpress to always use the correct data. You only have to administer your users once.
|
||||||
|
* Failsafe: Due to the users being created in Wordpress' User-database they can also log in when the LDAP-backend currently is gone.
|
||||||
|
* Role-Aware: You can map Wordpress' roles to values of an existing LDAP-attribute.
|
||||||
|
|
||||||
|
For more Information on the configuration have a look at https://github.com/heiglandreas/authLdap
|
||||||
|
|
||||||
|
== Installation ==
|
||||||
|
|
||||||
|
1. Upload the extracted folder `authLdap` to the `/wp-content/plugins/` directory
|
||||||
|
2. Activate the plugin through the 'Plugins' menu in WordPress
|
||||||
|
3. Configure the Plugin via the 'authLdap'-Configuration-Page.
|
||||||
|
|
||||||
|
== Frequently Asked Questions ==
|
||||||
|
|
||||||
|
= Where can I find more Informations about the plugin? =
|
||||||
|
|
||||||
|
Go to https://github.com/heiglandreas/authLdap
|
||||||
|
|
||||||
|
= Where can I report issues with the plugin? =
|
||||||
|
|
||||||
|
Please use the issuetracker at https://github.com/heiglandreas/authLdap/issues
|
||||||
|
|
||||||
|
== Changelog ==
|
||||||
|
= 2.3.0 =
|
||||||
|
* Allow to not overwrite existing WordPress-Users with LDAP-Users as that can be a security issue.
|
||||||
|
|
||||||
|
= 2.1.0 =
|
||||||
|
* Add search-base for groups. This might come in handy for multisite-instances
|
||||||
|
|
||||||
|
= 2.0.0 =
|
||||||
|
* This new release adds Multi-Site support. It will no longer be possible to use this plugin just in one subsite of a multisite installation!
|
||||||
|
* Adds a warning screen to the config-section when no LDAPextension could be found
|
||||||
|
* Fixes an issue with the max-length of the username
|
||||||
|
|
||||||
|
= 1.5.1 =
|
||||||
|
* Fixes an issue with escaped backslashes and quotes
|
||||||
|
|
||||||
|
= 1.5.0 =
|
||||||
|
* Allows parts of the LDAP-URI to be URLEncoded
|
||||||
|
* Drops support for PHP 5.4
|
||||||
|
|
||||||
|
= 1.4.20 =
|
||||||
|
* Allows multiple LDAP-servers to be queried (given that they use the same attributes)
|
||||||
|
* Fixes issue with URL-Encoded informations (see https://github.com/heiglandreas/authLdap/issues/108)
|
||||||
|
|
||||||
|
= 1.4.19 =
|
||||||
|
* Adds support for TLS
|
||||||
|
|
||||||
|
= 1.4.14 =
|
||||||
|
* Update to showing password-fields check (thanks to @chaplina)
|
||||||
|
|
||||||
|
= 1.4.13 =
|
||||||
|
* Removed generation of default email-address (thanks to @henryk)
|
||||||
|
* Fixes password-hashing when caching passwords (thanks to @litinoveweedle)
|
||||||
|
* Removes the possibility to reset a password for LDAP-based users (thanks to @chaplina)
|
||||||
|
* Removes the password-change-Email from 4.3 on (thanks to @litinoveweedle)
|
||||||
|
* Fixes double authentication-attempt (that resulted in failed authentication) (thanks to @litinoveweedle)
|
||||||
|
|
||||||
|
= 1.4.10 =
|
||||||
|
* Cleanup by removing deprecated code
|
||||||
|
* Fixes issues with undefined variables
|
||||||
|
* Enables internal option-versioning
|
||||||
|
* Setting users nickname initially to the realname instead of the uid
|
||||||
|
* Fixes display of password-change possibility in users profile-page
|
||||||
|
= 1.4.9 =
|
||||||
|
* Fixed an issue with changing display name on every login
|
||||||
|
* Use proper way of looking up user-roles in setups w/o DB-prefix
|
||||||
|
= 1.4.8 =
|
||||||
|
* Updated version string
|
||||||
|
= 1.4.7 =
|
||||||
|
* Use default user to retrieve group menberships and not logging in user.
|
||||||
|
* return the UID from the LDAP instead of the value given by the user
|
||||||
|
* remove unnecessary checkbox
|
||||||
|
* Adds a testsuite
|
||||||
|
* Fixes PSR2 violations
|
||||||
|
|
||||||
|
[…]
|
||||||
|
|
||||||
|
= 1.2.1 =
|
||||||
|
* Fixed an issue with group-ids
|
||||||
|
* Moved the code to GitHub (https://github.com/heiglandreas/authLdap)
|
||||||
|
= 1.1.0 =
|
||||||
|
* Changed the login-process. Now users that are not allowed to login due to
|
||||||
|
missing group-memberships are not created within your blog as was the standard
|
||||||
|
until Version 1.0.3 - Thanks to alex@tayts.com
|
||||||
|
* Changed the default mail-address that is created when no mail-address can be
|
||||||
|
retrieved from the LDAP from me@example.com to $username@example.com so that
|
||||||
|
a new user can be created even though the mail address already exists in your
|
||||||
|
blog - Also thanks to alex@tayts.com
|
||||||
|
* Added support for WordPress-Table-prefixes as the capabilities of a user
|
||||||
|
are interlany stored in a field that is named "$tablePrefix_capabilities" -
|
||||||
|
again thanks to alex@tayts.com and also to sim0n of silicium.mine.nu
|
BIN
wp-content/mu-plugins/screenshot-1.png
Normal file
BIN
wp-content/mu-plugins/screenshot-1.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 219 KiB |
BIN
wp-content/mu-plugins/screenshot-2.png
Normal file
BIN
wp-content/mu-plugins/screenshot-2.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 201 KiB |
BIN
wp-content/mu-plugins/screenshot-3.png
Normal file
BIN
wp-content/mu-plugins/screenshot-3.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 124 KiB |
BIN
wp-content/mu-plugins/screenshot-4.png
Normal file
BIN
wp-content/mu-plugins/screenshot-4.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 50 KiB |
87
wp-content/mu-plugins/src/LdapList.php
Normal file
87
wp-content/mu-plugins/src/LdapList.php
Normal file
@ -0,0 +1,87 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* Copyright (c) Andreas Heigl<andreas@heigl.org>
|
||||||
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
|
* of this software and associated documentation files (the "Software"), to deal
|
||||||
|
* in the Software without restriction, including without limitation the rights
|
||||||
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
|
* copies of the Software, and to permit persons to whom the Software is
|
||||||
|
* furnished to do so, subject to the following conditions:
|
||||||
|
* The above copyright notice and this permission notice shall be included in
|
||||||
|
* all copies or substantial portions of the Software.
|
||||||
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||||
|
* THE SOFTWARE.
|
||||||
|
*
|
||||||
|
* @author Andreas Heigl<andreas@heigl.org>
|
||||||
|
* @copyright Andreas Heigl
|
||||||
|
* @license http://www.opensource.org/licenses/mit-license.php MIT-License
|
||||||
|
* @since 07.07.2016
|
||||||
|
* @link http://github.com/heiglandreas/authLDAP
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace Org_Heigl\AuthLdap;
|
||||||
|
|
||||||
|
class LdapList
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @var \LDAP[]
|
||||||
|
*/
|
||||||
|
protected $items = [];
|
||||||
|
|
||||||
|
public function addLdap(LDAP $ldap)
|
||||||
|
{
|
||||||
|
$this->items[] = $ldap;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function authenticate($username, $password, $filter = '(uid=%s)')
|
||||||
|
{
|
||||||
|
foreach ($this->items as $key => $item) {
|
||||||
|
if (! $item->authenticate($username, $password, $filter)) {
|
||||||
|
unset ($this->items[$key]);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function bind()
|
||||||
|
{
|
||||||
|
$allFailed = true;
|
||||||
|
foreach ($this->items as $key => $item) {
|
||||||
|
try {
|
||||||
|
$item->bind();
|
||||||
|
} catch (\Exception $e) {
|
||||||
|
unset($this->items[$key]);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
$allFailed = false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($allFailed) {
|
||||||
|
throw new AuthLDAP_Exception('No bind successfull');
|
||||||
|
}
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function search($filter, $attributes = array('uid'), $base = '')
|
||||||
|
{
|
||||||
|
foreach ($this->items as $item) {
|
||||||
|
try {
|
||||||
|
$result = $item->search($filter, $attributes, $base);
|
||||||
|
return $result;
|
||||||
|
} catch (Exception $e) {
|
||||||
|
throw $e;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
throw new \AuthLDAP_Exception('No Results found');
|
||||||
|
}
|
||||||
|
}
|
134
wp-content/mu-plugins/tests/LDAPBaseTest.php
Normal file
134
wp-content/mu-plugins/tests/LDAPBaseTest.php
Normal file
@ -0,0 +1,134 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Copyright (c) 2016-2016} Andreas Heigl<andreas@heigl.org>
|
||||||
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
|
* of this software and associated documentation files (the "Software"), to deal
|
||||||
|
* in the Software without restriction, including without limitation the rights
|
||||||
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
|
* copies of the Software, and to permit persons to whom the Software is
|
||||||
|
* furnished to do so, subject to the following conditions:
|
||||||
|
* The above copyright notice and this permission notice shall be included in
|
||||||
|
* all copies or substantial portions of the Software.
|
||||||
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||||
|
* THE SOFTWARE.
|
||||||
|
*
|
||||||
|
* @author Andreas Heigl<andreas@heigl.org>
|
||||||
|
* @copyright 2016-2016 Andreas Heigl
|
||||||
|
* @license http://www.opensource.org/licenses/mit-license.php MIT-License
|
||||||
|
* @version 0.0
|
||||||
|
* @since 07.06.2016
|
||||||
|
* @link http://github.com/heiglandreas/authLDAP
|
||||||
|
*/
|
||||||
|
namespace Org_Heigl\AuthLdapTest;
|
||||||
|
|
||||||
|
use Org_Heigl\AuthLdap\LDAP;
|
||||||
|
use Org_Heigl\AuthLdap\LdapList;
|
||||||
|
use phpmock\spy\Spy;
|
||||||
|
use PHPUnit_Framework_TestCase;
|
||||||
|
|
||||||
|
class LDAPBaseTest extends PHPUnit_Framework_TestCase
|
||||||
|
{
|
||||||
|
public function setUp()
|
||||||
|
{
|
||||||
|
$this->ldap_connect_spy = new Spy('Org_Heigl\AuthLdap', 'ldap_connect');
|
||||||
|
$this->ldap_connect_spy->enable();
|
||||||
|
}
|
||||||
|
|
||||||
|
public function tearDown()
|
||||||
|
{
|
||||||
|
$this->ldap_connect_spy->disable();
|
||||||
|
}
|
||||||
|
/** @dataProvider bindingWithPasswordProvider */
|
||||||
|
public function testThatBindingWithPasswordWorks($user, $password, $filter, $uri)
|
||||||
|
{
|
||||||
|
$ldap = new LDAP($uri);
|
||||||
|
$this->assertTrue($ldap->authenticate($user, $password, $filter));
|
||||||
|
}
|
||||||
|
|
||||||
|
public function bindingWithPasswordProvider()
|
||||||
|
{
|
||||||
|
return [
|
||||||
|
['user3', 'user!"', 'uid=%s', 'ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com'],
|
||||||
|
['Manager', 'insecure', 'cn=%s', 'ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com'],
|
||||||
|
['user1', 'user1', 'uid=%s', 'ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com'],
|
||||||
|
['user 4', 'user!"', 'uid=%s', 'ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com'],
|
||||||
|
['user 5', 'user!"', 'uid=%s', 'ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=test%20space,dc=example,dc=com'],
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param $uri
|
||||||
|
* @dataProvider initialBindingToLdapServerWorksProvider
|
||||||
|
*/
|
||||||
|
public function testThatInitialBindingWorks($uri)
|
||||||
|
{
|
||||||
|
$ldap = new LDAP($uri);
|
||||||
|
$this->assertInstanceof(LDAP::class, $ldap->bind());
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param $uri
|
||||||
|
* @dataProvider initialBindingToLdapServerWorksProvider
|
||||||
|
*/
|
||||||
|
public function testThatInitialBindingToMultipleLdapsWorks($uri)
|
||||||
|
{
|
||||||
|
$list = new LdapList();
|
||||||
|
$list->addLDAP(new LDAP($uri));
|
||||||
|
$this->assertTrue($list->bind());
|
||||||
|
}
|
||||||
|
|
||||||
|
public function initialBindingToLdapServerWorksProvider()
|
||||||
|
{
|
||||||
|
return [
|
||||||
|
['ldap://uid=user%205,dc=test%20space,dc=example,dc=com:user!"@localhost:3890/dc=test%20space,dc=example,dc=com'],
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
/** @dataProvider bindingWithPasswordProvider */
|
||||||
|
public function testThatBindingWithAddedSlashesFailsWorks($user, $password, $filter)
|
||||||
|
{
|
||||||
|
$newpassword = addslashes($password);
|
||||||
|
$ldap = new LDAP('ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com');
|
||||||
|
if ($newpassword === $password) {
|
||||||
|
$this->assertTrue($ldap->authenticate($user, $password, $filter));
|
||||||
|
} else {
|
||||||
|
$this->assertFalse($ldap->authenticate($user, $newpassword, $filter));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/** @dataProvider serchingForGroupsProvider */
|
||||||
|
public function testThatSearchingForGoupsWorks($filter, $user, $groups)
|
||||||
|
{
|
||||||
|
// (&(objectCategory=group)(member=<USER_DN>))
|
||||||
|
$ldap = new LDAP('ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com');
|
||||||
|
$ldap->bind();
|
||||||
|
$this->assertContains($groups, $ldap->search(sprintf($filter, $user), ['cn'])[0]);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
public function serchingForGroupsProvider()
|
||||||
|
{
|
||||||
|
return [
|
||||||
|
[
|
||||||
|
'(&(objectclass=groupOfUniqueNames)(uniqueMember=%s))',
|
||||||
|
'uid=user 4,dc=example,dc=com',
|
||||||
|
['count' => 1, 0 => 'group4'],
|
||||||
|
],
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testThatSettingLDAPSActuallyGivesTheCorrectPort()
|
||||||
|
{
|
||||||
|
|
||||||
|
$ldap = new LDAP('ldaps://cn=Manager,dc=example,dc=com:insecure@127.0.0.1/dc=example,dc=com');
|
||||||
|
$ldap->connect();
|
||||||
|
|
||||||
|
$this->assertEquals('ldaps://127.0.0.1:636', $this->ldap_connect_spy->getInvocations()[0]->getArguments()[0]);
|
||||||
|
}
|
||||||
|
}
|
66
wp-content/mu-plugins/tests/LDAPListBaseTest.php
Normal file
66
wp-content/mu-plugins/tests/LDAPListBaseTest.php
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Copyright (c) 2016-2016} Andreas Heigl<andreas@heigl.org>
|
||||||
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
|
* of this software and associated documentation files (the "Software"), to deal
|
||||||
|
* in the Software without restriction, including without limitation the rights
|
||||||
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
|
* copies of the Software, and to permit persons to whom the Software is
|
||||||
|
* furnished to do so, subject to the following conditions:
|
||||||
|
* The above copyright notice and this permission notice shall be included in
|
||||||
|
* all copies or substantial portions of the Software.
|
||||||
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||||
|
* THE SOFTWARE.
|
||||||
|
*
|
||||||
|
* @author Andreas Heigl<andreas@heigl.org>
|
||||||
|
* @copyright 2016-2016 Andreas Heigl
|
||||||
|
* @license http://www.opensource.org/licenses/mit-license.php MIT-License
|
||||||
|
* @version 0.0
|
||||||
|
* @since 07.06.2016
|
||||||
|
* @link http://github.com/heiglandreas/authLDAP
|
||||||
|
*/
|
||||||
|
namespace Org_Heigl\AuthLdapTest;
|
||||||
|
|
||||||
|
use Org_Heigl\AuthLdap\LDAP;
|
||||||
|
use PHPUnit_Framework_TestCase;
|
||||||
|
|
||||||
|
class LDAPListBaseTest extends PHPUnit_Framework_TestCase
|
||||||
|
{
|
||||||
|
/** @dataProvider bindingWithPasswordProvider */
|
||||||
|
public function testThatBindingWithPasswordWorks($user, $password, $filter)
|
||||||
|
{
|
||||||
|
require_once __DIR__ . '/../src/LdapList.php';
|
||||||
|
$ldaplist = new \Org_Heigl\AuthLdap\LdapList();
|
||||||
|
$ldaplist->addLdap(new LDAP('ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com'));
|
||||||
|
$this->assertTrue($ldaplist->authenticate($user, $password, $filter));
|
||||||
|
}
|
||||||
|
|
||||||
|
public function bindingWithPasswordProvider()
|
||||||
|
{
|
||||||
|
return [
|
||||||
|
['user3', 'user!"', 'uid=%s'],
|
||||||
|
['Manager', 'insecure', 'cn=%s'],
|
||||||
|
['user1', 'user1', 'uid=%s'],
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
/** @dataProvider bindingWithPasswordProvider */
|
||||||
|
public function testThatBindingWithAddedSlashesFailsWorks($user, $password, $filter)
|
||||||
|
{
|
||||||
|
$newpassword = addslashes($password);
|
||||||
|
require_once __DIR__ . '/../src/LdapList.php';
|
||||||
|
$ldaplist = new \Org_Heigl\AuthLdap\LdapList();
|
||||||
|
$ldaplist->addLdap(new LDAP('ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com'));
|
||||||
|
if ($newpassword === $password) {
|
||||||
|
$this->assertTrue($ldaplist->authenticate($user, $password, $filter));
|
||||||
|
} else {
|
||||||
|
$this->assertFalse($ldaplist->authenticate($user, $newpassword, $filter));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
183
wp-content/mu-plugins/tests/LdapTest.php
Normal file
183
wp-content/mu-plugins/tests/LdapTest.php
Normal file
@ -0,0 +1,183 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* $Id: LdapTest.php 292156 2010-09-21 19:32:01Z heiglandreas $
|
||||||
|
*
|
||||||
|
* authLdap - Authenticate Wordpress against an LDAP-Backend.
|
||||||
|
* Copyright (c) 2008 Andreas Heigl<andreas@heigl.org>
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU General Public License
|
||||||
|
* as published by the Free Software Foundation; either version 2
|
||||||
|
* of the License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program; if not, write to the Free Software
|
||||||
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
||||||
|
*
|
||||||
|
* This file tests the basic LDAP-Tasks
|
||||||
|
*
|
||||||
|
* @category authLdap
|
||||||
|
* @package authLdap
|
||||||
|
* @subpackage UnitTests
|
||||||
|
* @author Andreas Heigl<andreas@heigl.org>
|
||||||
|
* @copyright 2010 Andreas Heigl<andreas@heigl.org>
|
||||||
|
* @license GPL
|
||||||
|
* @since 21.09.2010
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace Org_Heigl\AuthLdapTest;
|
||||||
|
|
||||||
|
use PHPUnit_Framework_TestCase;
|
||||||
|
use Org_Heigl\AuthLdap\LDAP;
|
||||||
|
|
||||||
|
class LdapTest extends PHPUnit_Framework_TestCase
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* @dataProvider dpInstantiateLdapClass
|
||||||
|
* @param array $expected
|
||||||
|
* @param array $given
|
||||||
|
*/
|
||||||
|
public function testInstantiateLdapClass($expected, $given)
|
||||||
|
{
|
||||||
|
$ldap = new LDAP($expected[0], $expected[1]);
|
||||||
|
foreach ($given as $key => $value) {
|
||||||
|
$this -> assertAttributeEquals($value, '_' . $key, $ldap);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @dataProvider dpExceptionsWhenInstantiatingLdapClass
|
||||||
|
* @expectedException Exception
|
||||||
|
* @param array $expected
|
||||||
|
*/
|
||||||
|
public function testExceptionsWhenInstantiatingLdapClass($expected)
|
||||||
|
{
|
||||||
|
new LDAP($expected);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function dpInstantiateLdapClass()
|
||||||
|
{
|
||||||
|
return array (
|
||||||
|
array (
|
||||||
|
array ('ldap://uid=jondoe,cn=users,cn=example,c=org:secret@ldap.example.org/cn=example,c=org', true),
|
||||||
|
array (
|
||||||
|
'username' => 'uid=jondoe,cn=users,cn=example,c=org',
|
||||||
|
'password' => 'secret',
|
||||||
|
'server' => 'ldap.example.org',
|
||||||
|
'baseDn' => 'cn=example,c=org',
|
||||||
|
'debug' => true
|
||||||
|
)
|
||||||
|
),
|
||||||
|
array (
|
||||||
|
array ('ldap://uid=jondoe,cn=users,cn=example,c=org@ldap.example.org/cn=example,c=org', true),
|
||||||
|
array (
|
||||||
|
'username' => 'uid=jondoe,cn=users,cn=example,c=org',
|
||||||
|
'password' => '',
|
||||||
|
'server' => 'ldap.example.org',
|
||||||
|
'baseDn' => 'cn=example,c=org',
|
||||||
|
'debug' => true
|
||||||
|
)
|
||||||
|
),
|
||||||
|
array(
|
||||||
|
array ('ldap://ldap.example.org/cn=example,c=org', true),
|
||||||
|
array (
|
||||||
|
'username' => 'anonymous',
|
||||||
|
'password' => '',
|
||||||
|
'server' => 'ldap.example.org',
|
||||||
|
'baseDn' => 'cn=example,c=org',
|
||||||
|
'debug' => true
|
||||||
|
)
|
||||||
|
),
|
||||||
|
// array(
|
||||||
|
// array ('ldap://ldap.example.org', true),
|
||||||
|
// array (
|
||||||
|
// 'username' => 'anonymous',
|
||||||
|
// 'password' => '',
|
||||||
|
// 'server' => 'ldap.example.org',
|
||||||
|
// 'baseDn' => '',
|
||||||
|
// 'debug' => true
|
||||||
|
// )
|
||||||
|
// ),
|
||||||
|
array(
|
||||||
|
array ('ldap://uid=jondoe,cn=users,cn=example,c=org:secret@ldap.example.org/cn=example,c=org', false),
|
||||||
|
array (
|
||||||
|
'username' => 'uid=jondoe,cn=users,cn=example,c=org',
|
||||||
|
'password' => 'secret',
|
||||||
|
'server' => 'ldap.example.org',
|
||||||
|
'baseDn' => 'cn=example,c=org',
|
||||||
|
'debug' => false
|
||||||
|
)
|
||||||
|
),
|
||||||
|
array(
|
||||||
|
array ('ldap://ldap.example.org/cn=test%20example,c=org', false),
|
||||||
|
array (
|
||||||
|
'username' => 'anonymous',
|
||||||
|
'password' => '',
|
||||||
|
'server' => 'ldap.example.org',
|
||||||
|
'baseDn' => 'cn=test example,c=org',
|
||||||
|
'debug' => false
|
||||||
|
)
|
||||||
|
),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function dpExceptionsWhenInstantiatingLdapClass()
|
||||||
|
{
|
||||||
|
return array (
|
||||||
|
array('ldap://ldap.example.org'),
|
||||||
|
array('ldap://foo:bar@/cn=example,c=org'),
|
||||||
|
array('http://ldap.example.org'),
|
||||||
|
array('fooBar'),
|
||||||
|
array('ldap://ldap.example.org/'),
|
||||||
|
array('()123üäö'),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testThatGroupMappingWorks()
|
||||||
|
{
|
||||||
|
$groups = [
|
||||||
|
'count' => 1,
|
||||||
|
0 => [
|
||||||
|
'dn' => 'dn-1',
|
||||||
|
'count' => 1,
|
||||||
|
0 => 'group',
|
||||||
|
'group' => [
|
||||||
|
'count' => 2,
|
||||||
|
0 => '7310T270:Překladatelství:čeština - angličtina@ff.cuni.cz',
|
||||||
|
1 => '7310T033:Český jazyk a literatura@ff.cuni.cz',
|
||||||
|
]
|
||||||
|
]
|
||||||
|
];
|
||||||
|
|
||||||
|
$grp = array();
|
||||||
|
for ($i = 0; $i < $groups ['count']; $i++) {
|
||||||
|
for ($k = 0; $k < $groups[$i][strtolower('group')]['count']; $k++) {
|
||||||
|
$grp[] = $groups[$i][strtolower('group')][$k];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->assertEquals([
|
||||||
|
'7310T270:Překladatelství:čeština - angličtina@ff.cuni.cz',
|
||||||
|
'7310T033:Český jazyk a literatura@ff.cuni.cz',
|
||||||
|
], $grp);
|
||||||
|
|
||||||
|
$role = '';
|
||||||
|
foreach (['testrole' => '7310T031:Český jazyk a literatura@ff.cuni.cz,7310T033:Český jazyk a literatura@ff.cuni.cz'] as $key => $val) {
|
||||||
|
$currentGroup = explode(',', $val);
|
||||||
|
// Remove whitespaces around the group-ID
|
||||||
|
$currentGroup = array_map('trim', $currentGroup);
|
||||||
|
if (0 < count(array_intersect($currentGroup, $grp))) {
|
||||||
|
$role = $key;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->assertEquals('testrole', $role);
|
||||||
|
}
|
||||||
|
}
|
420
wp-content/mu-plugins/view/admin.phtml
Normal file
420
wp-content/mu-plugins/view/admin.phtml
Normal file
@ -0,0 +1,420 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* Copyright (c)2014-2014 heiglandreas
|
||||||
|
*
|
||||||
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
|
* of this software and associated documentation files (the "Software"), to deal
|
||||||
|
* in the Software without restriction, including without limitation the rights
|
||||||
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
|
* copies of the Software, and to permit persons to whom the Software is
|
||||||
|
* furnished to do so, subject to the following conditions:
|
||||||
|
*
|
||||||
|
* The above copyright notice and this permission notice shall be included in
|
||||||
|
* all copies or substantial portions of the Software.
|
||||||
|
*
|
||||||
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
* LIBILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||||
|
* THE SOFTWARE.
|
||||||
|
*
|
||||||
|
* @category
|
||||||
|
* @author Andreas Heigl<andreas@heigl.org>
|
||||||
|
* @copyright ©2014-2014 Andreas Heigl
|
||||||
|
* @license http://www.opesource.org/licenses/mit-license.php MIT-License
|
||||||
|
* @version 0.0
|
||||||
|
* @since 19.12.14
|
||||||
|
* @link https://github.com/heiglandreas/authLdap
|
||||||
|
*/
|
||||||
|
?><div class="wrap">
|
||||||
|
<?php if (! extension_loaded('ldap')) : ?>
|
||||||
|
<div class="error"><strong>Caveat:</strong> The LDAP-extension is not loaded!
|
||||||
|
Without that extension it is not possible to query an LDAP-Server! Please have a look
|
||||||
|
at <a href="http://php.net/manual/install.php">the PHP-Installation page</a>
|
||||||
|
</div>
|
||||||
|
<?php endif ?>
|
||||||
|
<h2>AuthLDAP Options</h2>
|
||||||
|
<form method="post" id="authLDAP_options" action="<?php echo $action;?>">
|
||||||
|
<h3 class="title">General Usage of authLDAP</h3>
|
||||||
|
<fieldset class="options">
|
||||||
|
<table class="form-table">
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
<label for="authLDAPAuth">Enable Authentication via LDAP?</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="checkbox" name="authLDAPAuth" id="authLDAPAuth" value="1"<?php echo $tChecked; ?>/>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
<label for="authLDAPDebug">Debug AuthLDAP?</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="checkbox" name="authLDAPDebug" id="authLDAPDebug" value="1"<?php echo $tDebugChecked; ?>/>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
<label for="authLDAPDoNotOverwriteNonLdapUsers">Do not authenticate existing WordPress-Users</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="checkbox" name="authLDAPDoNotOverwriteNonLdapUsers" id="authLDAPDoNotOverwriteNonLdapUsers" value="1"<?php echo $tDoNotOverwriteNonLdapUsers; ?>/>
|
||||||
|
<p class="description">
|
||||||
|
Shall we prohibit authenticating already in WordPress created users using LDAP? If you enable this, LDAP-Users with the same user-ID
|
||||||
|
as existing WordPress-Users can no longer take over the WordPress-Users account. This also means that LDAP-Users with the same User-ID as existing
|
||||||
|
WordPress-Users will <strong>not</strong> be able to authenticate anymore! Accounts that have been taken over already will not be affected by this setting.
|
||||||
|
</p>
|
||||||
|
<p class="description">This should only be checked if you know what you are doing!</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
<label for="authLDAPCachePW">Save entered passwords in the wordpress user table?</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="checkbox" name="authLDAPCachePW" id="authLDAPCachePW" value="1"<?php echo $tPWChecked; ?>/>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
<label for="authLDAPGroupEnable">Map LDAP Groups to wordpress Roles?</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="checkbox" name="authLDAPGroupEnable" id="authLDAPGroupEnable" value="1"<?php echo $tGroupChecked; ?>/>
|
||||||
|
<p class="description">
|
||||||
|
Search LDAP for user's groups and map to Wordpress Roles.
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
</fieldset>
|
||||||
|
<h3 class="title">General Server Settings</h3>
|
||||||
|
<fieldset class="options">
|
||||||
|
<table class="form-table">
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
<label for="authLDAPURI">LDAP URI</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPURI" id="authLDAPURI" placeholder="LDAP-URI"
|
||||||
|
class="regular-text" value="<?php echo $authLDAPURI; ?>"/>
|
||||||
|
<p class="description">
|
||||||
|
The <abbr title="Uniform Ressource Identifier">URI</abbr>
|
||||||
|
for connecting to the LDAP-Server. This usualy takes the form
|
||||||
|
<var><scheme>://<user>:<password>@<server>/<path></var>
|
||||||
|
according to RFC 1738.</p>
|
||||||
|
<p class="description">
|
||||||
|
In this case it schould be something like
|
||||||
|
<var>ldap://uid=adminuser,dc=example,c=com:secret@ldap.example.com/dc=basePath,dc=example,c=com</var>.
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
If your LDAP accepts anonymous login, you can ommit the user and
|
||||||
|
password-Part of the URI
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
<label for="authLDAPURISeparator">LDAP URI-Separator</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPURISeparator" id="authLDAPURISeparator" placeholder="LDAP-URI Separator"
|
||||||
|
class="regular-text" value="<?php echo $authLDAPURISeparator; ?>"/>
|
||||||
|
<p class="description">
|
||||||
|
A separator that separates multiple LDAP-URIs from one another.
|
||||||
|
You can use that feature to try to authenticate against multiple LDAP-Servers
|
||||||
|
as long as they all have the same attribute-settings. The first LDAP-Server the user can
|
||||||
|
authenticate against will be used to handle the user.
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
<label for="authLDAPStartTLS" class="description">StartTLS</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="checkbox" name="authLDAPStartTLS" id="authLDAPStartTLS" value="1"<?php echo $tStartTLSChecked; ?>/>
|
||||||
|
<p class="description">
|
||||||
|
Use StartTLS for encryption of ldap connections. This setting is not to be used in combination with ldaps connections (ldap:// only).
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPFilter" class="description">Filter</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPFilter" id="authLDAPFilter" placeholder="(uid=%s)"
|
||||||
|
class="regular-text" value="<?php echo $authLDAPFilter; ?>"/>
|
||||||
|
<p class="description">
|
||||||
|
Please provide a valid filter that can be used for querying the
|
||||||
|
<abbr title="Lightweight Directory Access Protocol">LDAP</abbr>
|
||||||
|
for the correct user. For more information on this
|
||||||
|
feature have a look at <a href="http://andreas.heigl.org/cat/dev/wp/authldap">http://andreas.heigl.org/cat/dev/wp/authldap</a>
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
This field <strong>should</strong> include the string <code>%s</code>
|
||||||
|
that will be replaced with the username provided during log-in
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
If you leave this field empty it defaults to <strong>(uid=%s)</strong>
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
</fieldset>
|
||||||
|
|
||||||
|
<h3 class="title">Settings for creating new Users</h3>
|
||||||
|
<fieldset class="options">
|
||||||
|
<table class="form-table">
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPNameAttr">Name-Attribute</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPNameAttr" id="authLDAPNameAttr" placeholder="name"
|
||||||
|
class="regular-text" value="<?php echo $authLDAPNameAttr; ?>"/><br />
|
||||||
|
<p class="description">
|
||||||
|
Which Attribute from the LDAP contains the Full or the First name
|
||||||
|
of the user trying to log in.
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
This defaults to <strong>name</strong>
|
||||||
|
</p>
|
||||||
|
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPSecName">Second Name Attribute</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPSecName" id="authLDAPSecName" placeholder=""
|
||||||
|
class="regular-text" value="<?php echo $authLDAPSecName; ?>" />
|
||||||
|
<p class="description">
|
||||||
|
If the above Name-Attribute only contains the First Name of the
|
||||||
|
user you can here specify an Attribute that contains the second name.
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
This field is empty by default
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPUidAttr">User-ID Attribute</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPUidAttr" id="authLDAPUidAttr" placeholder="uid"
|
||||||
|
class="regular-text" value="<?php echo $authLDAPUidAttr; ?>" />
|
||||||
|
<p class="description">
|
||||||
|
Please give the Attribute, that is used to identify the user. This
|
||||||
|
should be the same as you used in the above <em>Filter</em>-Option
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
This field defaults to <strong>uid</strong>
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPMailAttr">Mail Attribute</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPMailAttr" id="authLDAPMailAttr" placeholder="mail"
|
||||||
|
class="regular-text" value="<?php echo $authLDAPMailAttr; ?>" />
|
||||||
|
<p class="description">
|
||||||
|
Which Attribute holds the eMail-Address of the user?
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
If more than one eMail-Address are stored in the LDAP, only the first given is used
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
This field defaults to <strong>mail</strong>
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPWebAttr">Web-Attribute</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPWebAttr" id="authLDAPWebAttr" placeholder=""
|
||||||
|
class="regular-text" value="<?php echo $authLDAPWebAttr; ?>" />
|
||||||
|
<p class="description">
|
||||||
|
If your users have a personal page (URI) stored in the LDAP, it can
|
||||||
|
be provided here.
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
This field is empty by default
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPDefaultRole">Default Role</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<select name="authLDAPDefaultRole" id="authLDAPDefaultRole">
|
||||||
|
<option value="" <?php echo ( $authLDAPDefaultRole == '' ? 'selected="selected"' : '' ); ?>>
|
||||||
|
None (deny access)
|
||||||
|
</option>
|
||||||
|
<?php foreach ($roles->get_names() as $group => $vals) : ?>
|
||||||
|
<option value="<?php echo $group; ?>" <?php echo ( $authLDAPDefaultRole == $group ? 'selected="selected"' : '' ); ?>>
|
||||||
|
<?php echo $vals; ?>
|
||||||
|
</option>
|
||||||
|
<?php endforeach; ?>
|
||||||
|
</select>
|
||||||
|
<p class="description">
|
||||||
|
Here you can select the default role for users.
|
||||||
|
If you enable LDAP Groups below, they will take precedence over the Default Role.
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
Existing users will retain their roles unless overriden by LDAP Groups below.
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
</fieldset>
|
||||||
|
|
||||||
|
|
||||||
|
<div id="authldaprolemapping">
|
||||||
|
<h3 class="title">Groups for Roles</h3>
|
||||||
|
<fieldset class="options">
|
||||||
|
<table class="form-table">
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
<label for="authLDAPGroupOverUser">LDAP Groups override role of existing users?</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="checkbox" name="authLDAPGroupOverUser" id="authLDAPGroupOverUser" value="1"<?php echo $tGroupOverUserChecked; ?>/>
|
||||||
|
<p class="description">
|
||||||
|
If role determined by LDAP Group differs from existing Wordpress User's role, use LDAP Group.
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPGroupBase">Group-Base</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPGroupBase" id="authLDAPGroupBase" placeholder=""
|
||||||
|
class="regular-text" value="<?php echo $authLDAPGroupBase; ?>" />
|
||||||
|
<p class="description">
|
||||||
|
This is the base dn to lookup groups.
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
If empty the base dn of the LDAP URI will be used
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPGroupAttr">Group-Attribute</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPGroupAttr" id="authLDAPGroupAttr" placeholder="gidNumber"
|
||||||
|
class="regular-text" value="<?php echo $authLDAPGroupAttr; ?>" />
|
||||||
|
<p class="description">
|
||||||
|
This is the attribute that defines the Group-ID that can be matched
|
||||||
|
against the Groups defined further down
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
This field defaults to <strong>gidNumber</strong>
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPGroupSeparator">Group-Separator</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPGroupSeparator" id="authLDAPGroupSeparator" placeholder=","
|
||||||
|
class="regular-text" value="<?php echo $authLDAPGroupSeparator; ?>" />
|
||||||
|
<p class="description">
|
||||||
|
This attribute defines the separator used for the Group-IDs listed in the
|
||||||
|
Groups defined further down. This is useful if the value of Group-Attribute
|
||||||
|
listed above can contain a comma (for example, when using the memberof attribute)
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
This field defaults to <strong>, (comma)</strong>
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPGroupFilter">Group-Filter</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPGroupFilter" id="authLDAPGroupFilter"
|
||||||
|
placeholder="(&(objectClass=posixGroup)(memberUid=%s))"
|
||||||
|
class="regular-text" value="<?php echo $authLDAPGroupFilter; ?>" />
|
||||||
|
<p class="description">
|
||||||
|
Here you can add the filter for selecting groups for ther
|
||||||
|
currentlly logged in user
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
The Filter should contain the string <code>%s</code> which will be replaced by
|
||||||
|
the login-name of the currently logged in user
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
Alternatively the string <code>%dn%</code> will be replaced by the
|
||||||
|
DN of the currently logged in user. This can be helpfull if
|
||||||
|
group-memberships are defined with DNs rather than UIDs
|
||||||
|
</p>
|
||||||
|
<p class="description">This field defaults to
|
||||||
|
<strong>(&(objectClass=posixGroup)(memberUid=%s))</strong>
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
</fieldset>
|
||||||
|
|
||||||
|
<h3 class="title">Role - group mapping</h3>
|
||||||
|
<fieldset class="options">
|
||||||
|
<table class="form-table">
|
||||||
|
<?php
|
||||||
|
foreach ($roles->get_names() as $group => $vals) :
|
||||||
|
$aGroup=$authLDAPGroups[$group]; ?>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPGroups[<?php echo $group; ?>]">
|
||||||
|
<?php echo $vals; ?>
|
||||||
|
</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPGroups[<?php echo $group; ?>]" id="authLDAPGroups[<?php echo $group; ?>]"
|
||||||
|
value="<?php echo $aGroup; ?>" />
|
||||||
|
<p class="description">What LDAP-Groups shall be matched to the <?php echo $vals; ?>-Role?</p>
|
||||||
|
<p class="description">Please provide a coma-separated list of values</p>
|
||||||
|
<p class="description">This field is empty by default</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<?php endforeach; ?>
|
||||||
|
</table>
|
||||||
|
</fieldset>
|
||||||
|
</div>
|
||||||
|
<fieldset class="buttons">
|
||||||
|
<p class="submit">
|
||||||
|
<input type="submit" name="ldapOptionsSave" class="button button-primary" value="Save Changes" />
|
||||||
|
</p>
|
||||||
|
</fieldset>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<script type="text/javascript">
|
||||||
|
elem = document.getElementById('authLDAPGroupEnable');
|
||||||
|
if(! elem.checked) {
|
||||||
|
document.getElementById('authldaprolemapping').setAttribute('style', 'display:none;');
|
||||||
|
}
|
||||||
|
|
||||||
|
elem.addEventListener('change', function(e){
|
||||||
|
if(! e.target.checked) {
|
||||||
|
document.getElementById('authldaprolemapping').setAttribute('style', 'display:none;');
|
||||||
|
} else {
|
||||||
|
document.getElementById('authldaprolemapping').removeAttribute('style');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
</script>
|
21
wp-content/plugins/activitypub/LICENSE
Normal file
21
wp-content/plugins/activitypub/LICENSE
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
MIT License
|
||||||
|
|
||||||
|
Copyright (c) 2019 Matthias Pfefferle
|
||||||
|
|
||||||
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
|
of this software and associated documentation files (the "Software"), to deal
|
||||||
|
in the Software without restriction, including without limitation the rights
|
||||||
|
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
|
copies of the Software, and to permit persons to whom the Software is
|
||||||
|
furnished to do so, subject to the following conditions:
|
||||||
|
|
||||||
|
The above copyright notice and this permission notice shall be included in all
|
||||||
|
copies or substantial portions of the Software.
|
||||||
|
|
||||||
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
|
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
|
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||||
|
SOFTWARE.
|
100
wp-content/plugins/activitypub/activitypub.php
Normal file
100
wp-content/plugins/activitypub/activitypub.php
Normal file
@ -0,0 +1,100 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* Plugin Name: ActivityPub
|
||||||
|
* Plugin URI: https://github.com/pfefferle/wordpress-activitypub/
|
||||||
|
* Description: The ActivityPub protocol is a decentralized social networking protocol based upon the ActivityStreams 2.0 data format.
|
||||||
|
* Version: 0.10.0
|
||||||
|
* Author: Matthias Pfefferle
|
||||||
|
* Author URI: https://notiz.blog/
|
||||||
|
* License: MIT
|
||||||
|
* License URI: http://opensource.org/licenses/MIT
|
||||||
|
* Requires PHP: 5.6
|
||||||
|
* Text Domain: activitypub
|
||||||
|
* Domain Path: /languages
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace Activitypub;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Initialize plugin
|
||||||
|
*/
|
||||||
|
function init() {
|
||||||
|
\defined( 'ACTIVITYPUB_HASHTAGS_REGEXP' ) || \define( 'ACTIVITYPUB_HASHTAGS_REGEXP', '(?:(?<=\s)|^)#(\w*[A-Za-z_]+\w*)' );
|
||||||
|
|
||||||
|
require_once \dirname( __FILE__ ) . '/includes/table/followers-list.php';
|
||||||
|
require_once \dirname( __FILE__ ) . '/includes/class-signature.php';
|
||||||
|
require_once \dirname( __FILE__ ) . '/includes/peer/class-followers.php';
|
||||||
|
require_once \dirname( __FILE__ ) . '/includes/functions.php';
|
||||||
|
|
||||||
|
require_once \dirname( __FILE__ ) . '/includes/class-activity-dispatcher.php';
|
||||||
|
\Activitypub\Activity_Dispatcher::init();
|
||||||
|
|
||||||
|
require_once \dirname( __FILE__ ) . '/includes/model/class-activity.php';
|
||||||
|
require_once \dirname( __FILE__ ) . '/includes/model/class-post.php';
|
||||||
|
\Activitypub\Model\Post::init();
|
||||||
|
|
||||||
|
require_once \dirname( __FILE__ ) . '/includes/class-activitypub.php';
|
||||||
|
\Activitypub\Activitypub::init();
|
||||||
|
|
||||||
|
// Configure the REST API route
|
||||||
|
require_once \dirname( __FILE__ ) . '/includes/rest/class-outbox.php';
|
||||||
|
\Activitypub\Rest\Outbox::init();
|
||||||
|
|
||||||
|
require_once \dirname( __FILE__ ) . '/includes/rest/class-inbox.php';
|
||||||
|
\Activitypub\Rest\Inbox::init();
|
||||||
|
|
||||||
|
require_once \dirname( __FILE__ ) . '/includes/rest/class-followers.php';
|
||||||
|
\Activitypub\Rest\Followers::init();
|
||||||
|
|
||||||
|
require_once \dirname( __FILE__ ) . '/includes/rest/class-following.php';
|
||||||
|
\Activitypub\Rest\Following::init();
|
||||||
|
|
||||||
|
require_once \dirname( __FILE__ ) . '/includes/rest/class-webfinger.php';
|
||||||
|
\Activitypub\Rest\Webfinger::init();
|
||||||
|
|
||||||
|
require_once \dirname( __FILE__ ) . '/includes/rest/class-nodeinfo.php';
|
||||||
|
\Activitypub\Rest\NodeInfo::init();
|
||||||
|
|
||||||
|
require_once \dirname( __FILE__ ) . '/includes/class-admin.php';
|
||||||
|
\Activitypub\Admin::init();
|
||||||
|
|
||||||
|
require_once \dirname( __FILE__ ) . '/includes/class-hashtag.php';
|
||||||
|
\Activitypub\Hashtag::init();
|
||||||
|
|
||||||
|
require_once \dirname( __FILE__ ) . '/includes/class-debug.php';
|
||||||
|
\Activitypub\Debug::init();
|
||||||
|
|
||||||
|
require_once \dirname( __FILE__ ) . '/includes/class-health-check.php';
|
||||||
|
\Activitypub\Health_Check::init();
|
||||||
|
|
||||||
|
require_once \dirname( __FILE__ ) . '/includes/rest/class-server.php';
|
||||||
|
\add_filter( 'wp_rest_server_class', function() {
|
||||||
|
return '\Activitypub\Rest\Server';
|
||||||
|
} );
|
||||||
|
}
|
||||||
|
add_action( 'plugins_loaded', '\Activitypub\init' );
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Add rewrite rules
|
||||||
|
*/
|
||||||
|
function add_rewrite_rules() {
|
||||||
|
if ( ! \class_exists( 'Webfinger' ) ) {
|
||||||
|
\add_rewrite_rule( '^.well-known/webfinger', 'index.php?rest_route=/activitypub/1.0/webfinger', 'top' );
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( ! \class_exists( 'Nodeinfo' ) ) {
|
||||||
|
\add_rewrite_rule( '^.well-known/nodeinfo', 'index.php?rest_route=/activitypub/1.0/nodeinfo/discovery', 'top' );
|
||||||
|
\add_rewrite_rule( '^.well-known/x-nodeinfo2', 'index.php?rest_route=/activitypub/1.0/nodeinfo2', 'top' );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
\add_action( 'init', '\Activitypub\add_rewrite_rules', 1 );
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Flush rewrite rules;
|
||||||
|
*/
|
||||||
|
function flush_rewrite_rules() {
|
||||||
|
\Activitypub\add_rewrite_rules();
|
||||||
|
\flush_rewrite_rules();
|
||||||
|
}
|
||||||
|
\register_activation_hook( __FILE__, '\Activitypub\flush_rewrite_rules' );
|
||||||
|
\register_deactivation_hook( __FILE__, '\flush_rewrite_rules' );
|
@ -0,0 +1,83 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ActivityPub Activity_Dispatcher Class
|
||||||
|
*
|
||||||
|
* @author Matthias Pfefferle
|
||||||
|
*
|
||||||
|
* @see https://www.w3.org/TR/activitypub/
|
||||||
|
*/
|
||||||
|
class Activity_Dispatcher {
|
||||||
|
/**
|
||||||
|
* Initialize the class, registering WordPress hooks
|
||||||
|
*/
|
||||||
|
public static function init() {
|
||||||
|
\add_action( 'activitypub_send_post_activity', array( '\Activitypub\Activity_Dispatcher', 'send_post_activity' ) );
|
||||||
|
\add_action( 'activitypub_send_update_activity', array( '\Activitypub\Activity_Dispatcher', 'send_update_activity' ) );
|
||||||
|
// \add_action( 'activitypub_send_delete_activity', array( '\Activitypub\Activity_Dispatcher', 'send_delete_activity' ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Send "create" activities
|
||||||
|
*
|
||||||
|
* @param int $post_id
|
||||||
|
*/
|
||||||
|
public static function send_post_activity( $post_id ) {
|
||||||
|
$post = \get_post( $post_id );
|
||||||
|
$user_id = $post->post_author;
|
||||||
|
|
||||||
|
$activitypub_post = new \Activitypub\Model\Post( $post );
|
||||||
|
$activitypub_activity = new \Activitypub\Model\Activity( 'Create', \Activitypub\Model\Activity::TYPE_FULL );
|
||||||
|
$activitypub_activity->from_post( $activitypub_post->to_array() );
|
||||||
|
|
||||||
|
foreach ( \Activitypub\get_follower_inboxes( $user_id ) as $inbox => $to ) {
|
||||||
|
$activitypub_activity->set_to( $to );
|
||||||
|
$activity = $activitypub_activity->to_json(); // phpcs:ignore
|
||||||
|
|
||||||
|
\Activitypub\safe_remote_post( $inbox, $activity, $user_id );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Send "update" activities
|
||||||
|
*
|
||||||
|
* @param int $post_id
|
||||||
|
*/
|
||||||
|
public static function send_update_activity( $post_id ) {
|
||||||
|
$post = \get_post( $post_id );
|
||||||
|
$user_id = $post->post_author;
|
||||||
|
|
||||||
|
$activitypub_post = new \Activitypub\Model\Post( $post );
|
||||||
|
$activitypub_activity = new \Activitypub\Model\Activity( 'Update', \Activitypub\Model\Activity::TYPE_FULL );
|
||||||
|
$activitypub_activity->from_post( $activitypub_post->to_array() );
|
||||||
|
|
||||||
|
foreach ( \Activitypub\get_follower_inboxes( $user_id ) as $inbox => $to ) {
|
||||||
|
$activitypub_activity->set_to( $to );
|
||||||
|
$activity = $activitypub_activity->to_json(); // phpcs:ignore
|
||||||
|
|
||||||
|
\Activitypub\safe_remote_post( $inbox, $activity, $user_id );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Send "delete" activities
|
||||||
|
*
|
||||||
|
* @param int $post_id
|
||||||
|
*/
|
||||||
|
public static function send_delete_activity( $post_id ) {
|
||||||
|
$post = \get_post( $post_id );
|
||||||
|
$user_id = $post->post_author;
|
||||||
|
|
||||||
|
$activitypub_post = new \Activitypub\Model\Post( $post );
|
||||||
|
$activitypub_activity = new \Activitypub\Model\Activity( 'Delete', \Activitypub\Model\Activity::TYPE_FULL );
|
||||||
|
$activitypub_activity->from_post( $activitypub_post->to_array() );
|
||||||
|
|
||||||
|
foreach ( \Activitypub\get_follower_inboxes( $user_id ) as $inbox => $to ) {
|
||||||
|
$activitypub_activity->set_to( $to );
|
||||||
|
$activity = $activitypub_activity->to_json(); // phpcs:ignore
|
||||||
|
|
||||||
|
\Activitypub\safe_remote_post( $inbox, $activity, $user_id );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
179
wp-content/plugins/activitypub/includes/class-activitypub.php
Normal file
179
wp-content/plugins/activitypub/includes/class-activitypub.php
Normal file
@ -0,0 +1,179 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ActivityPub Class
|
||||||
|
*
|
||||||
|
* @author Matthias Pfefferle
|
||||||
|
*/
|
||||||
|
class Activitypub {
|
||||||
|
/**
|
||||||
|
* Initialize the class, registering WordPress hooks
|
||||||
|
*/
|
||||||
|
public static function init() {
|
||||||
|
\add_filter( 'template_include', array( '\Activitypub\Activitypub', 'render_json_template' ), 99 );
|
||||||
|
\add_filter( 'query_vars', array( '\Activitypub\Activitypub', 'add_query_vars' ) );
|
||||||
|
\add_action( 'init', array( '\Activitypub\Activitypub', 'add_rewrite_endpoint' ) );
|
||||||
|
\add_filter( 'pre_get_avatar_data', array( '\Activitypub\Activitypub', 'pre_get_avatar_data' ), 11, 2 );
|
||||||
|
|
||||||
|
// Add support for ActivityPub to custom post types
|
||||||
|
$post_types = \get_option( 'activitypub_support_post_types', array( 'post', 'page' ) ) ? \get_option( 'activitypub_support_post_types', array( 'post', 'page' ) ) : array();
|
||||||
|
|
||||||
|
foreach ( $post_types as $post_type ) {
|
||||||
|
\add_post_type_support( $post_type, 'activitypub' );
|
||||||
|
}
|
||||||
|
|
||||||
|
\add_action( 'transition_post_status', array( '\Activitypub\Activitypub', 'schedule_post_activity' ), 10, 3 );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return a AS2 JSON version of an author, post or page
|
||||||
|
*
|
||||||
|
* @param string $template the path to the template object
|
||||||
|
*
|
||||||
|
* @return string the new path to the JSON template
|
||||||
|
*/
|
||||||
|
public static function render_json_template( $template ) {
|
||||||
|
if ( ! \is_author() && ! \is_singular() ) {
|
||||||
|
return $template;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( \is_author() ) {
|
||||||
|
$json_template = \dirname( __FILE__ ) . '/../templates/json-author.php';
|
||||||
|
} elseif ( \is_singular() ) {
|
||||||
|
$json_template = \dirname( __FILE__ ) . '/../templates/json-post.php';
|
||||||
|
}
|
||||||
|
|
||||||
|
global $wp_query;
|
||||||
|
|
||||||
|
if ( isset( $wp_query->query_vars['activitypub'] ) ) {
|
||||||
|
return $json_template;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( ! isset( $_SERVER['HTTP_ACCEPT'] ) ) {
|
||||||
|
return $template;
|
||||||
|
}
|
||||||
|
|
||||||
|
$accept_header = $_SERVER['HTTP_ACCEPT'];
|
||||||
|
|
||||||
|
if (
|
||||||
|
\stristr( $accept_header, 'application/activity+json' ) ||
|
||||||
|
\stristr( $accept_header, 'application/ld+json' )
|
||||||
|
) {
|
||||||
|
return $json_template;
|
||||||
|
}
|
||||||
|
|
||||||
|
// accept header as an array
|
||||||
|
$accept = \explode( ',', \trim( $accept_header ) );
|
||||||
|
|
||||||
|
if (
|
||||||
|
\in_array( 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"', $accept, true ) ||
|
||||||
|
\in_array( 'application/activity+json', $accept, true ) ||
|
||||||
|
\in_array( 'application/ld+json', $accept, true ) ||
|
||||||
|
\in_array( 'application/json', $accept, true )
|
||||||
|
) {
|
||||||
|
return $json_template;
|
||||||
|
}
|
||||||
|
|
||||||
|
return $template;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Add the 'photos' query variable so WordPress
|
||||||
|
* won't mangle it.
|
||||||
|
*/
|
||||||
|
public static function add_query_vars( $vars ) {
|
||||||
|
$vars[] = 'activitypub';
|
||||||
|
|
||||||
|
return $vars;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Add our rewrite endpoint to permalinks and pages.
|
||||||
|
*/
|
||||||
|
public static function add_rewrite_endpoint() {
|
||||||
|
\add_rewrite_endpoint( 'activitypub', EP_AUTHORS | EP_PERMALINK | EP_PAGES );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Schedule Activities
|
||||||
|
*
|
||||||
|
* @param int $post_id
|
||||||
|
*/
|
||||||
|
public static function schedule_post_activity( $new_status, $old_status, $post ) {
|
||||||
|
// do not send activities if post is password protected
|
||||||
|
if ( \post_password_required( $post ) ) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// check if post-type supports ActivityPub
|
||||||
|
$post_types = \get_post_types_by_support( 'activitypub' );
|
||||||
|
if ( ! \in_array( $post->post_type, $post_types, true ) ) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( 'publish' === $new_status && 'publish' !== $old_status ) {
|
||||||
|
\wp_schedule_single_event( \time(), 'activitypub_send_post_activity', array( $post->ID ) );
|
||||||
|
} elseif ( 'publish' === $new_status ) {
|
||||||
|
\wp_schedule_single_event( \time(), 'activitypub_send_update_activity', array( $post->ID ) );
|
||||||
|
} elseif ( 'trash' === $new_status ) {
|
||||||
|
\wp_schedule_single_event( \time(), 'activitypub_send_delete_activity', array( get_permalink( $post ) ) );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Replaces the default avatar
|
||||||
|
*
|
||||||
|
* @param array $args Arguments passed to get_avatar_data(), after processing.
|
||||||
|
* @param int|string|object $id_or_email A user ID, email address, or comment object
|
||||||
|
*
|
||||||
|
* @return array $args
|
||||||
|
*/
|
||||||
|
public static function pre_get_avatar_data( $args, $id_or_email ) {
|
||||||
|
if (
|
||||||
|
! $id_or_email instanceof \WP_Comment ||
|
||||||
|
! isset( $id_or_email->comment_type ) ||
|
||||||
|
$id_or_email->user_id
|
||||||
|
) {
|
||||||
|
return $args;
|
||||||
|
}
|
||||||
|
|
||||||
|
$allowed_comment_types = \apply_filters( 'get_avatar_comment_types', array( 'comment' ) );
|
||||||
|
if ( ! empty( $id_or_email->comment_type ) && ! \in_array( $id_or_email->comment_type, (array) $allowed_comment_types, true ) ) {
|
||||||
|
$args['url'] = false;
|
||||||
|
/** This filter is documented in wp-includes/link-template.php */
|
||||||
|
return \apply_filters( 'get_avatar_data', $args, $id_or_email );
|
||||||
|
}
|
||||||
|
|
||||||
|
// check if comment has an avatar
|
||||||
|
$avatar = self::get_avatar_url( $id_or_email->comment_ID );
|
||||||
|
|
||||||
|
if ( $avatar ) {
|
||||||
|
if ( ! isset( $args['class'] ) || ! \is_array( $args['class'] ) ) {
|
||||||
|
$args['class'] = array( 'u-photo' );
|
||||||
|
} else {
|
||||||
|
$args['class'][] = 'u-photo';
|
||||||
|
$args['class'] = \array_unique( $args['class'] );
|
||||||
|
}
|
||||||
|
$args['url'] = $avatar;
|
||||||
|
$args['class'][] = 'avatar-activitypub';
|
||||||
|
}
|
||||||
|
|
||||||
|
return $args;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Function to retrieve Avatar URL if stored in meta
|
||||||
|
*
|
||||||
|
*
|
||||||
|
* @param int|WP_Comment $comment
|
||||||
|
*
|
||||||
|
* @return string $url
|
||||||
|
*/
|
||||||
|
public static function get_avatar_url( $comment ) {
|
||||||
|
if ( \is_numeric( $comment ) ) {
|
||||||
|
$comment = \get_comment( $comment );
|
||||||
|
}
|
||||||
|
return \get_comment_meta( $comment->comment_ID, 'avatar_url', true );
|
||||||
|
}
|
||||||
|
}
|
149
wp-content/plugins/activitypub/includes/class-admin.php
Normal file
149
wp-content/plugins/activitypub/includes/class-admin.php
Normal file
@ -0,0 +1,149 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ActivityPub Admin Class
|
||||||
|
*
|
||||||
|
* @author Matthias Pfefferle
|
||||||
|
*/
|
||||||
|
class Admin {
|
||||||
|
/**
|
||||||
|
* Initialize the class, registering WordPress hooks
|
||||||
|
*/
|
||||||
|
public static function init() {
|
||||||
|
\add_action( 'admin_menu', array( '\Activitypub\Admin', 'admin_menu' ) );
|
||||||
|
\add_action( 'admin_init', array( '\Activitypub\Admin', 'register_settings' ) );
|
||||||
|
\add_action( 'show_user_profile', array( '\Activitypub\Admin', 'add_fediverse_profile' ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Add admin menu entry
|
||||||
|
*/
|
||||||
|
public static function admin_menu() {
|
||||||
|
$settings_page = \add_options_page(
|
||||||
|
'ActivityPub',
|
||||||
|
'ActivityPub',
|
||||||
|
'manage_options',
|
||||||
|
'activitypub',
|
||||||
|
array( '\Activitypub\Admin', 'settings_page' )
|
||||||
|
);
|
||||||
|
|
||||||
|
\add_action( 'load-' . $settings_page, array( '\Activitypub\Admin', 'add_settings_help_tab' ) );
|
||||||
|
|
||||||
|
$followers_list_page = \add_users_page( \__( 'Followers', 'activitypub' ), __( 'Followers (Fediverse)', 'activitypub' ), 'read', 'activitypub-followers-list', array( '\Activitypub\Admin', 'followers_list_page' ) );
|
||||||
|
|
||||||
|
\add_action( 'load-' . $followers_list_page, array( '\Activitypub\Admin', 'add_followers_list_help_tab' ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Load settings page
|
||||||
|
*/
|
||||||
|
public static function settings_page() {
|
||||||
|
\load_template( \dirname( __FILE__ ) . '/../templates/settings.php' );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Load user settings page
|
||||||
|
*/
|
||||||
|
public static function followers_list_page() {
|
||||||
|
\load_template( \dirname( __FILE__ ) . '/../templates/followers-list.php' );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Register PubSubHubbub settings
|
||||||
|
*/
|
||||||
|
public static function register_settings() {
|
||||||
|
\register_setting(
|
||||||
|
'activitypub', 'activitypub_post_content_type', array(
|
||||||
|
'type' => 'string',
|
||||||
|
'description' => \__( 'Use title and link, summary or full content', 'activitypub' ),
|
||||||
|
'show_in_rest' => array(
|
||||||
|
'schema' => array(
|
||||||
|
'enum' => array( 'title', 'excerpt', 'content' ),
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'default' => 'content',
|
||||||
|
)
|
||||||
|
);
|
||||||
|
\register_setting(
|
||||||
|
'activitypub', 'activitypub_object_type', array(
|
||||||
|
'type' => 'string',
|
||||||
|
'description' => \__( 'The Activity-Object-Type', 'activitypub' ),
|
||||||
|
'show_in_rest' => array(
|
||||||
|
'schema' => array(
|
||||||
|
'enum' => array( 'note', 'article', 'wordpress-post-format' ),
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'default' => 'note',
|
||||||
|
)
|
||||||
|
);
|
||||||
|
\register_setting(
|
||||||
|
'activitypub', 'activitypub_use_shortlink', array(
|
||||||
|
'type' => 'boolean',
|
||||||
|
'description' => \__( 'Use the Shortlink instead of the permalink', 'activitypub' ),
|
||||||
|
'default' => 0,
|
||||||
|
)
|
||||||
|
);
|
||||||
|
\register_setting(
|
||||||
|
'activitypub', 'activitypub_use_hashtags', array(
|
||||||
|
'type' => 'boolean',
|
||||||
|
'description' => \__( 'Add hashtags in the content as native tags and replace the #tag with the tag-link', 'activitypub' ),
|
||||||
|
'default' => 0,
|
||||||
|
)
|
||||||
|
);
|
||||||
|
\register_setting(
|
||||||
|
'activitypub', 'activitypub_add_tags_as_hashtags', array(
|
||||||
|
'type' => 'boolean',
|
||||||
|
'description' => \__( 'Add all tags as hashtags at the end of each activity', 'activitypub' ),
|
||||||
|
'default' => 0,
|
||||||
|
)
|
||||||
|
);
|
||||||
|
\register_setting(
|
||||||
|
'activitypub', 'activitypub_support_post_types', array(
|
||||||
|
'type' => 'string',
|
||||||
|
'description' => \esc_html__( 'Enable ActivityPub support for post types', 'activitypub' ),
|
||||||
|
'show_in_rest' => true,
|
||||||
|
'default' => array( 'post', 'pages' ),
|
||||||
|
)
|
||||||
|
);
|
||||||
|
\register_setting(
|
||||||
|
'activitypub', 'activitypub_blacklist', array(
|
||||||
|
'type' => 'string',
|
||||||
|
'description' => \esc_html__( 'Block fediverse instances', 'activitypub' ),
|
||||||
|
'show_in_rest' => true,
|
||||||
|
'default' => 'gab.com',
|
||||||
|
)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static function add_settings_help_tab() {
|
||||||
|
\get_current_screen()->add_help_tab(
|
||||||
|
array(
|
||||||
|
'id' => 'overview',
|
||||||
|
'title' => \__( 'Overview', 'activitypub' ),
|
||||||
|
'content' =>
|
||||||
|
'<p>' . \__( 'ActivityPub is a decentralized social networking protocol based on the ActivityStreams 2.0 data format. ActivityPub is an official W3C recommended standard published by the W3C Social Web Working Group. It provides a client to server API for creating, updating and deleting content, as well as a federated server to server API for delivering notifications and subscribing to content.', 'activitypub' ) . '</p>',
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
\get_current_screen()->set_help_sidebar(
|
||||||
|
'<p><strong>' . \__( 'For more information:', 'activitypub' ) . '</strong></p>' .
|
||||||
|
'<p>' . \__( '<a href="https://activitypub.rocks/">Test Suite</a>', 'activitypub' ) . '</p>' .
|
||||||
|
'<p>' . \__( '<a href="https://www.w3.org/TR/activitypub/">W3C Spec</a>', 'activitypub' ) . '</p>' .
|
||||||
|
'<p>' . \__( '<a href="https://github.com/pfefferle/wordpress-activitypub/issues">Give us feedback</a>', 'activitypub' ) . '</p>' .
|
||||||
|
'<hr />' .
|
||||||
|
'<p>' . \__( '<a href="https://notiz.blog/donate">Donate</a>', 'activitypub' ) . '</p>'
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static function add_followers_list_help_tab() {
|
||||||
|
// todo
|
||||||
|
}
|
||||||
|
|
||||||
|
public static function add_fediverse_profile( $user ) {
|
||||||
|
?>
|
||||||
|
<h2><?php \esc_html_e( 'Fediverse', 'activitypub' ); ?></h2>
|
||||||
|
<?php
|
||||||
|
\Activitypub\get_identifier_settings( $user->ID );
|
||||||
|
}
|
||||||
|
}
|
30
wp-content/plugins/activitypub/includes/class-debug.php
Normal file
30
wp-content/plugins/activitypub/includes/class-debug.php
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ActivityPub Debug Class
|
||||||
|
*
|
||||||
|
* @author Matthias Pfefferle
|
||||||
|
*/
|
||||||
|
class Debug {
|
||||||
|
/**
|
||||||
|
* Initialize the class, registering WordPress hooks
|
||||||
|
*/
|
||||||
|
public static function init() {
|
||||||
|
if ( WP_DEBUG_LOG ) {
|
||||||
|
\add_action( 'activitypub_safe_remote_post_response', array( '\Activitypub\Debug', 'log_remote_post_responses' ), 10, 4 );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public static function log_remote_post_responses( $response, $url, $body, $user_id ) {
|
||||||
|
\error_log( "Request to: {$url} with response: " . \print_r( $response, true ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
public static function write_log( $log ) {
|
||||||
|
if ( \is_array( $log ) || \is_object( $log ) ) {
|
||||||
|
\error_log( \print_r( $log, true ) );
|
||||||
|
} else {
|
||||||
|
\error_log( $log );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
96
wp-content/plugins/activitypub/includes/class-hashtag.php
Normal file
96
wp-content/plugins/activitypub/includes/class-hashtag.php
Normal file
@ -0,0 +1,96 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ActivityPub Hashtag Class
|
||||||
|
*
|
||||||
|
* @author Matthias Pfefferle
|
||||||
|
*/
|
||||||
|
class Hashtag {
|
||||||
|
/**
|
||||||
|
* Initialize the class, registering WordPress hooks
|
||||||
|
*/
|
||||||
|
public static function init() {
|
||||||
|
if ( '1' === \get_option( 'activitypub_use_hashtags', '1' ) ) {
|
||||||
|
\add_filter( 'wp_insert_post', array( '\Activitypub\Hashtag', 'insert_post' ), 99, 2 );
|
||||||
|
\add_filter( 'the_content', array( '\Activitypub\Hashtag', 'the_content' ), 99, 2 );
|
||||||
|
}
|
||||||
|
if ( '1' === \get_option( 'activitypub_add_tags_as_hashtags', '0' ) ) {
|
||||||
|
\add_filter( 'activitypub_the_summary', array( '\Activitypub\Hashtag', 'add_hashtags_to_content' ), 10, 2 );
|
||||||
|
\add_filter( 'activitypub_the_content', array( '\Activitypub\Hashtag', 'add_hashtags_to_content' ), 10, 2 );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Filter to save #tags as real WordPress tags
|
||||||
|
*
|
||||||
|
* @param int $id the rev-id
|
||||||
|
* @param array $data the post-data as array
|
||||||
|
*
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
public static function insert_post( $id, $data ) {
|
||||||
|
if ( \preg_match_all( '/' . ACTIVITYPUB_HASHTAGS_REGEXP . '/i', $data->post_content, $match ) ) {
|
||||||
|
$tags = \implode( ', ', $match[1] );
|
||||||
|
|
||||||
|
\wp_add_post_tags( $data->post_parent, $tags );
|
||||||
|
}
|
||||||
|
|
||||||
|
return $id;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Filter to replace the #tags in the content with links
|
||||||
|
*
|
||||||
|
* @param string $the_content the post-content
|
||||||
|
*
|
||||||
|
* @return string the filtered post-content
|
||||||
|
*/
|
||||||
|
public static function the_content( $the_content ) {
|
||||||
|
$the_content = \preg_replace_callback( '/' . ACTIVITYPUB_HASHTAGS_REGEXP . '/i', array( '\Activitypub\Hashtag', 'replace_with_links' ), $the_content );
|
||||||
|
|
||||||
|
return $the_content;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* A callback for preg_replace to build the term links
|
||||||
|
*
|
||||||
|
* @param array $result the preg_match results
|
||||||
|
* @return string the final string
|
||||||
|
*/
|
||||||
|
public static function replace_with_links( $result ) {
|
||||||
|
$tag = $result[1];
|
||||||
|
$tag_object = \get_term_by( 'name', $tag, 'post_tag' );
|
||||||
|
|
||||||
|
if ( $tag_object ) {
|
||||||
|
$link = \get_term_link( $tag_object, 'post_tag' );
|
||||||
|
return \sprintf( '<a rel="tag" class="u-tag u-category" href="%s">#%s</a>', $link, $tag );
|
||||||
|
}
|
||||||
|
|
||||||
|
return '#' . $tag;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Adds all tags as hashtags to the post/summary content
|
||||||
|
*
|
||||||
|
* @param string $content
|
||||||
|
* @param WP_Post $post
|
||||||
|
*
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
public static function add_hashtags_to_content( $content, $post ) {
|
||||||
|
$tags = \get_the_tags( $post->ID );
|
||||||
|
|
||||||
|
if ( ! $tags ) {
|
||||||
|
return $content;
|
||||||
|
}
|
||||||
|
|
||||||
|
$hash_tags = array();
|
||||||
|
|
||||||
|
foreach ( $tags as $tag ) {
|
||||||
|
$hash_tags[] = \sprintf( '<a rel="tag" class="u-tag u-category" href="%s">#%s</a>', \get_tag_link( $tag ), $tag->slug );
|
||||||
|
}
|
||||||
|
|
||||||
|
return $content . '<p>' . \implode( ' ', $hash_tags ) . '</p>';
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,12 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ActivityPub Health_Check Class
|
||||||
|
*
|
||||||
|
* @author Matthias Pfefferle
|
||||||
|
*/
|
||||||
|
class Health_Check {
|
||||||
|
public static function init() {
|
||||||
|
}
|
||||||
|
}
|
105
wp-content/plugins/activitypub/includes/class-signature.php
Normal file
105
wp-content/plugins/activitypub/includes/class-signature.php
Normal file
@ -0,0 +1,105 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ActivityPub Signature Class
|
||||||
|
*
|
||||||
|
* @author Matthias Pfefferle
|
||||||
|
*/
|
||||||
|
class Signature {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param int $user_id
|
||||||
|
*
|
||||||
|
* @return mixed
|
||||||
|
*/
|
||||||
|
public static function get_public_key( $user_id, $force = false ) {
|
||||||
|
$key = \get_user_meta( $user_id, 'magic_sig_public_key' );
|
||||||
|
|
||||||
|
if ( $key && ! $force ) {
|
||||||
|
return $key[0];
|
||||||
|
}
|
||||||
|
|
||||||
|
self::generate_key_pair( $user_id );
|
||||||
|
$key = \get_user_meta( $user_id, 'magic_sig_public_key' );
|
||||||
|
|
||||||
|
return $key[0];
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param int $user_id
|
||||||
|
*
|
||||||
|
* @return mixed
|
||||||
|
*/
|
||||||
|
public static function get_private_key( $user_id, $force = false ) {
|
||||||
|
$key = \get_user_meta( $user_id, 'magic_sig_private_key' );
|
||||||
|
|
||||||
|
if ( $key && ! $force ) {
|
||||||
|
return $key[0];
|
||||||
|
}
|
||||||
|
|
||||||
|
self::generate_key_pair( $user_id );
|
||||||
|
$key = \get_user_meta( $user_id, 'magic_sig_private_key' );
|
||||||
|
|
||||||
|
return $key[0];
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Generates the pair keys
|
||||||
|
*
|
||||||
|
* @param int $user_id
|
||||||
|
*/
|
||||||
|
public static function generate_key_pair( $user_id ) {
|
||||||
|
$config = array(
|
||||||
|
'digest_alg' => 'sha512',
|
||||||
|
'private_key_bits' => 2048,
|
||||||
|
'private_key_type' => OPENSSL_KEYTYPE_RSA,
|
||||||
|
);
|
||||||
|
|
||||||
|
$key = \openssl_pkey_new( $config );
|
||||||
|
$priv_key = null;
|
||||||
|
|
||||||
|
\openssl_pkey_export( $key, $priv_key );
|
||||||
|
|
||||||
|
// private key
|
||||||
|
\update_user_meta( $user_id, 'magic_sig_private_key', $priv_key );
|
||||||
|
|
||||||
|
$detail = \openssl_pkey_get_details( $key );
|
||||||
|
|
||||||
|
// public key
|
||||||
|
\update_user_meta( $user_id, 'magic_sig_public_key', $detail['key'] );
|
||||||
|
}
|
||||||
|
|
||||||
|
public static function generate_signature( $user_id, $url, $date ) {
|
||||||
|
$key = self::get_private_key( $user_id );
|
||||||
|
|
||||||
|
$url_parts = \wp_parse_url( $url );
|
||||||
|
|
||||||
|
$host = $url_parts['host'];
|
||||||
|
$path = '/';
|
||||||
|
|
||||||
|
// add path
|
||||||
|
if ( ! empty( $url_parts['path'] ) ) {
|
||||||
|
$path = $url_parts['path'];
|
||||||
|
}
|
||||||
|
|
||||||
|
// add query
|
||||||
|
if ( ! empty( $url_parts['query'] ) ) {
|
||||||
|
$path .= '?' . $url_parts['query'];
|
||||||
|
}
|
||||||
|
|
||||||
|
$signed_string = "(request-target): post $path\nhost: $host\ndate: $date";
|
||||||
|
|
||||||
|
$signature = null;
|
||||||
|
\openssl_sign( $signed_string, $signature, $key, OPENSSL_ALGO_SHA256 );
|
||||||
|
$signature = \base64_encode( $signature ); // phpcs:ignore
|
||||||
|
|
||||||
|
$key_id = \get_author_posts_url( $user_id ) . '#main-key';
|
||||||
|
|
||||||
|
return \sprintf( 'keyId="%s",algorithm="rsa-sha256",headers="(request-target) host date",signature="%s"', $key_id, $signature );
|
||||||
|
}
|
||||||
|
|
||||||
|
public static function verify_signature( $headers, $signature ) {
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
336
wp-content/plugins/activitypub/includes/functions.php
Normal file
336
wp-content/plugins/activitypub/includes/functions.php
Normal file
@ -0,0 +1,336 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the ActivityPub default JSON-context
|
||||||
|
*
|
||||||
|
* @return array the activitypub context
|
||||||
|
*/
|
||||||
|
function get_context() {
|
||||||
|
$context = array(
|
||||||
|
'https://www.w3.org/ns/activitystreams',
|
||||||
|
'https://w3id.org/security/v1',
|
||||||
|
array(
|
||||||
|
'manuallyApprovesFollowers' => 'as:manuallyApprovesFollowers',
|
||||||
|
'PropertyValue' => 'schema:PropertyValue',
|
||||||
|
'schema' => 'http://schema.org#',
|
||||||
|
'value' => 'schema:value',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
return \apply_filters( 'activitypub_json_context', $context );
|
||||||
|
}
|
||||||
|
|
||||||
|
function safe_remote_post( $url, $body, $user_id ) {
|
||||||
|
$date = \gmdate( 'D, d M Y H:i:s T' );
|
||||||
|
$signature = \Activitypub\Signature::generate_signature( $user_id, $url, $date );
|
||||||
|
|
||||||
|
$wp_version = \get_bloginfo( 'version' );
|
||||||
|
$user_agent = \apply_filters( 'http_headers_useragent', 'WordPress/' . $wp_version . '; ' . \get_bloginfo( 'url' ) );
|
||||||
|
$args = array(
|
||||||
|
'timeout' => 100,
|
||||||
|
'limit_response_size' => 1048576,
|
||||||
|
'redirection' => 3,
|
||||||
|
'user-agent' => "$user_agent; ActivityPub",
|
||||||
|
'headers' => array(
|
||||||
|
'Accept' => 'application/activity+json',
|
||||||
|
'Content-Type' => 'application/activity+json',
|
||||||
|
'Signature' => $signature,
|
||||||
|
'Date' => $date,
|
||||||
|
),
|
||||||
|
'body' => $body,
|
||||||
|
);
|
||||||
|
|
||||||
|
$response = \wp_safe_remote_post( $url, $args );
|
||||||
|
|
||||||
|
\do_action( 'activitypub_safe_remote_post_response', $response, $url, $body, $user_id );
|
||||||
|
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
function safe_remote_get( $url, $user_id ) {
|
||||||
|
$date = \gmdate( 'D, d M Y H:i:s T' );
|
||||||
|
$signature = \Activitypub\Signature::generate_signature( $user_id, $url, $date );
|
||||||
|
|
||||||
|
$wp_version = \get_bloginfo( 'version' );
|
||||||
|
$user_agent = \apply_filters( 'http_headers_useragent', 'WordPress/' . $wp_version . '; ' . \get_bloginfo( 'url' ) );
|
||||||
|
$args = array(
|
||||||
|
'timeout' => 100,
|
||||||
|
'limit_response_size' => 1048576,
|
||||||
|
'redirection' => 3,
|
||||||
|
'user-agent' => "$user_agent; ActivityPub",
|
||||||
|
'headers' => array(
|
||||||
|
'Accept' => 'application/activity+json',
|
||||||
|
'Content-Type' => 'application/activity+json',
|
||||||
|
'Signature' => $signature,
|
||||||
|
'Date' => $date,
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
$response = \wp_safe_remote_get( $url, $args );
|
||||||
|
|
||||||
|
\do_action( 'activitypub_safe_remote_get_response', $response, $url, $user_id );
|
||||||
|
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns a users WebFinger "resource"
|
||||||
|
*
|
||||||
|
* @param int $user_id
|
||||||
|
*
|
||||||
|
* @return string The user-resource
|
||||||
|
*/
|
||||||
|
function get_webfinger_resource( $user_id ) {
|
||||||
|
// use WebFinger plugin if installed
|
||||||
|
if ( \function_exists( '\get_webfinger_resource' ) ) {
|
||||||
|
return \get_webfinger_resource( $user_id, false );
|
||||||
|
}
|
||||||
|
|
||||||
|
$user = \get_user_by( 'id', $user_id );
|
||||||
|
|
||||||
|
return $user->user_login . '@' . \wp_parse_url( \home_url(), PHP_URL_HOST );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* [get_metadata_by_actor description]
|
||||||
|
*
|
||||||
|
* @param sting $actor
|
||||||
|
*
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
|
function get_remote_metadata_by_actor( $actor ) {
|
||||||
|
$metadata = \get_transient( 'activitypub_' . $actor );
|
||||||
|
|
||||||
|
if ( $metadata ) {
|
||||||
|
return $metadata;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( ! \wp_http_validate_url( $actor ) ) {
|
||||||
|
return new \WP_Error( 'activitypub_no_valid_actor_url', \__( 'The "actor" is no valid URL', 'activitypub' ), $actor );
|
||||||
|
}
|
||||||
|
|
||||||
|
$user = \get_users( array (
|
||||||
|
'number' => 1,
|
||||||
|
'who' => 'authors',
|
||||||
|
'fields' => 'ID',
|
||||||
|
) );
|
||||||
|
|
||||||
|
// we just need any user to generate a request signature
|
||||||
|
$user_id = \reset( $user );
|
||||||
|
|
||||||
|
$response = \Activitypub\safe_remote_get( $actor, $user_id );
|
||||||
|
|
||||||
|
if ( \is_wp_error( $response ) ) {
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
$metadata = \wp_remote_retrieve_body( $response );
|
||||||
|
$metadata = \json_decode( $metadata, true );
|
||||||
|
|
||||||
|
if ( ! $metadata ) {
|
||||||
|
return new \WP_Error( 'activitypub_invalid_json', \__( 'No valid JSON data', 'activitypub' ), $actor );
|
||||||
|
}
|
||||||
|
|
||||||
|
\set_transient( 'activitypub_' . $actor, $metadata, WEEK_IN_SECONDS );
|
||||||
|
|
||||||
|
return $metadata;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* [get_inbox_by_actor description]
|
||||||
|
* @param [type] $actor [description]
|
||||||
|
* @return [type] [description]
|
||||||
|
*/
|
||||||
|
function get_inbox_by_actor( $actor ) {
|
||||||
|
$metadata = \Activitypub\get_remote_metadata_by_actor( $actor );
|
||||||
|
|
||||||
|
if ( \is_wp_error( $metadata ) ) {
|
||||||
|
return $metadata;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( isset( $metadata['endpoints'] ) && isset( $metadata['endpoints']['sharedInbox'] ) ) {
|
||||||
|
return $metadata['endpoints']['sharedInbox'];
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( \array_key_exists( 'inbox', $metadata ) ) {
|
||||||
|
return $metadata['inbox'];
|
||||||
|
}
|
||||||
|
|
||||||
|
return new \WP_Error( 'activitypub_no_inbox', __( 'No "Inbox" found', 'activitypub' ), $metadata );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* [get_inbox_by_actor description]
|
||||||
|
* @param [type] $actor [description]
|
||||||
|
* @return [type] [description]
|
||||||
|
*/
|
||||||
|
function get_publickey_by_actor( $actor, $key_id ) {
|
||||||
|
$metadata = \Activitypub\get_remote_metadata_by_actor( $actor );
|
||||||
|
|
||||||
|
if ( \is_wp_error( $metadata ) ) {
|
||||||
|
return $metadata;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (
|
||||||
|
isset( $metadata['publicKey'] ) &&
|
||||||
|
isset( $metadata['publicKey']['id'] ) &&
|
||||||
|
isset( $metadata['publicKey']['owner'] ) &&
|
||||||
|
isset( $metadata['publicKey']['publicKeyPem'] ) &&
|
||||||
|
$key_id === $metadata['publicKey']['id'] &&
|
||||||
|
$actor === $metadata['publicKey']['owner']
|
||||||
|
) {
|
||||||
|
return $metadata['publicKey']['publicKeyPem'];
|
||||||
|
}
|
||||||
|
|
||||||
|
return new \WP_Error( 'activitypub_no_public_key', \__( 'No "Public-Key" found', 'activitypub' ), $metadata );
|
||||||
|
}
|
||||||
|
|
||||||
|
function get_follower_inboxes( $user_id ) {
|
||||||
|
$followers = \Activitypub\Peer\Followers::get_followers( $user_id );
|
||||||
|
$inboxes = array();
|
||||||
|
|
||||||
|
foreach ( $followers as $follower ) {
|
||||||
|
$inbox = \Activitypub\get_inbox_by_actor( $follower );
|
||||||
|
if ( ! $inbox || \is_wp_error( $inbox ) ) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
// init array if empty
|
||||||
|
if ( ! isset( $inboxes[ $inbox ] ) ) {
|
||||||
|
$inboxes[ $inbox ] = array();
|
||||||
|
}
|
||||||
|
$inboxes[ $inbox ][] = $follower;
|
||||||
|
}
|
||||||
|
|
||||||
|
return $inboxes;
|
||||||
|
}
|
||||||
|
|
||||||
|
function get_identifier_settings( $user_id ) {
|
||||||
|
?>
|
||||||
|
<table class="form-table">
|
||||||
|
<tbody>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label><?php \esc_html_e( 'Profile identifier', 'activitypub' ); ?></label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<p><code><?php echo \esc_html( \Activitypub\get_webfinger_resource( $user_id ) ); ?></code> or <code><?php echo \esc_url( \get_author_posts_url( $user_id ) ); ?></code></p>
|
||||||
|
<?php // translators: the webfinger resource ?>
|
||||||
|
<p class="description"><?php \printf( \esc_html__( 'Try to follow "@%s" in the Mastodon/Friendica search field.', 'activitypub' ), \esc_html( \Activitypub\get_webfinger_resource( $user_id ) ) ); ?></p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
<?php
|
||||||
|
}
|
||||||
|
|
||||||
|
function get_followers( $user_id ) {
|
||||||
|
$followers = \Activitypub\Peer\Followers::get_followers( $user_id );
|
||||||
|
|
||||||
|
if ( ! $followers ) {
|
||||||
|
return array();
|
||||||
|
}
|
||||||
|
|
||||||
|
return $followers;
|
||||||
|
}
|
||||||
|
|
||||||
|
function count_followers( $user_id ) {
|
||||||
|
$followers = \Activitypub\get_followers( $user_id );
|
||||||
|
|
||||||
|
return \count( $followers );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Examine a url and try to determine the author ID it represents.
|
||||||
|
*
|
||||||
|
* Checks are supposedly from the hosted site blog.
|
||||||
|
*
|
||||||
|
* @param string $url Permalink to check.
|
||||||
|
*
|
||||||
|
* @return int User ID, or 0 on failure.
|
||||||
|
*/
|
||||||
|
function url_to_authorid( $url ) {
|
||||||
|
global $wp_rewrite;
|
||||||
|
|
||||||
|
// check if url hase the same host
|
||||||
|
if ( wp_parse_url( site_url(), PHP_URL_HOST ) !== wp_parse_url( $url, PHP_URL_HOST ) ) {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
// first, check to see if there is a 'author=N' to match against
|
||||||
|
if ( \preg_match( '/[?&]author=(\d+)/i', $url, $values ) ) {
|
||||||
|
$id = absint( $values[1] );
|
||||||
|
if ( $id ) {
|
||||||
|
return $id;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// check to see if we are using rewrite rules
|
||||||
|
$rewrite = $wp_rewrite->wp_rewrite_rules();
|
||||||
|
|
||||||
|
// not using rewrite rules, and 'author=N' method failed, so we're out of options
|
||||||
|
if ( empty( $rewrite ) ) {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
// generate rewrite rule for the author url
|
||||||
|
$author_rewrite = $wp_rewrite->get_author_permastruct();
|
||||||
|
$author_regexp = \str_replace( '%author%', '', $author_rewrite );
|
||||||
|
|
||||||
|
// match the rewrite rule with the passed url
|
||||||
|
if ( \preg_match( '/https?:\/\/(.+)' . \preg_quote( $author_regexp, '/' ) . '([^\/]+)/i', $url, $match ) ) {
|
||||||
|
$user = get_user_by( 'slug', $match[2] );
|
||||||
|
if ( $user ) {
|
||||||
|
return $user->ID;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the blacklist from the WordPress options table
|
||||||
|
*
|
||||||
|
* @return array the list of blacklisted hosts
|
||||||
|
*
|
||||||
|
* @uses apply_filters() Calls 'activitypub_blacklist' filter
|
||||||
|
*/
|
||||||
|
function get_blacklist() {
|
||||||
|
$blacklist = \get_option( 'activitypub_blacklist' );
|
||||||
|
$blacklist_hosts = \explode( PHP_EOL, $blacklist );
|
||||||
|
|
||||||
|
// if no values have been set, revert to the defaults
|
||||||
|
if ( ! $blacklist || ! $blacklist_hosts || ! \is_array( $blacklist_hosts ) ) {
|
||||||
|
$blacklist_hosts = array(
|
||||||
|
'gab.com',
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
// clean out any blank values
|
||||||
|
foreach ( $blacklist_hosts as $key => $value ) {
|
||||||
|
if ( empty( $value ) ) {
|
||||||
|
unset( $blacklist_hosts[ $key ] );
|
||||||
|
} else {
|
||||||
|
$blacklist_hosts[ $key ] = \trim( $blacklist_hosts[ $key ] );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return \apply_filters( 'activitypub_blacklist', $blacklist_hosts );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check if an URL is blacklisted
|
||||||
|
*
|
||||||
|
* @param string $url an URL to check
|
||||||
|
*
|
||||||
|
* @return boolean
|
||||||
|
*/
|
||||||
|
function is_blacklisted( $url ) {
|
||||||
|
foreach ( \ActivityPub\get_blacklist() as $blacklisted_host ) {
|
||||||
|
if ( \strpos( $url, $blacklisted_host ) !== false ) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
@ -0,0 +1,95 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub\Model;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ActivityPub Post Class
|
||||||
|
*
|
||||||
|
* @author Matthias Pfefferle
|
||||||
|
*
|
||||||
|
* @see https://www.w3.org/TR/activitypub/
|
||||||
|
*/
|
||||||
|
class Activity {
|
||||||
|
private $context = array( 'https://www.w3.org/ns/activitystreams' );
|
||||||
|
private $published = '';
|
||||||
|
private $id = '';
|
||||||
|
private $type = 'Create';
|
||||||
|
private $actor = '';
|
||||||
|
private $to = array( 'https://www.w3.org/ns/activitystreams#Public' );
|
||||||
|
private $cc = array( 'https://www.w3.org/ns/activitystreams#Public' );
|
||||||
|
private $object = null;
|
||||||
|
|
||||||
|
const TYPE_SIMPLE = 'simple';
|
||||||
|
const TYPE_FULL = 'full';
|
||||||
|
const TYPE_NONE = 'none';
|
||||||
|
|
||||||
|
public function __construct( $type = 'Create', $context = self::TYPE_SIMPLE ) {
|
||||||
|
if ( 'none' === $context ) {
|
||||||
|
$this->context = null;
|
||||||
|
} elseif ( 'full' === $context ) {
|
||||||
|
$this->context = \Activitypub\get_context();
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->type = \ucfirst( $type );
|
||||||
|
$this->published = \date( 'Y-m-d\TH:i:s\Z', \strtotime( 'now' ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
public function __call( $method, $params ) {
|
||||||
|
$var = \strtolower( \substr( $method, 4 ) );
|
||||||
|
|
||||||
|
if ( \strncasecmp( $method, 'get', 3 ) === 0 ) {
|
||||||
|
return $this->$var;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( \strncasecmp( $method, 'set', 3 ) === 0 ) {
|
||||||
|
$this->$var = $params[0];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public function from_post( $object ) {
|
||||||
|
$this->object = $object;
|
||||||
|
$this->published = $object['published'];
|
||||||
|
$this->actor = $object['attributedTo'];
|
||||||
|
$this->id = $object['id'];
|
||||||
|
}
|
||||||
|
|
||||||
|
public function from_comment( $object ) {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
public function to_array() {
|
||||||
|
$array = \get_object_vars( $this );
|
||||||
|
|
||||||
|
if ( $this->context ) {
|
||||||
|
$array = array( '@context' => $this->context ) + $array;
|
||||||
|
}
|
||||||
|
|
||||||
|
unset( $array['context'] );
|
||||||
|
|
||||||
|
return $array;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function to_json() {
|
||||||
|
return \wp_json_encode( $this->to_array(), JSON_HEX_TAG | JSON_HEX_AMP | JSON_HEX_QUOT );
|
||||||
|
}
|
||||||
|
|
||||||
|
public function to_simple_array() {
|
||||||
|
$activity = array(
|
||||||
|
'@context' => $this->context,
|
||||||
|
'type' => $this->type,
|
||||||
|
'actor' => $this->actor,
|
||||||
|
'object' => $this->object,
|
||||||
|
'to' => $this->to,
|
||||||
|
'cc' => $this->cc,
|
||||||
|
);
|
||||||
|
|
||||||
|
if ( $this->id ) {
|
||||||
|
$activity['id'] = $this->id;
|
||||||
|
}
|
||||||
|
|
||||||
|
return $activity;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function to_simple_json() {
|
||||||
|
return \wp_json_encode( $this->to_simple_array(), JSON_HEX_TAG | JSON_HEX_AMP | JSON_HEX_QUOT );
|
||||||
|
}
|
||||||
|
}
|
320
wp-content/plugins/activitypub/includes/model/class-post.php
Normal file
320
wp-content/plugins/activitypub/includes/model/class-post.php
Normal file
@ -0,0 +1,320 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub\Model;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ActivityPub Post Class
|
||||||
|
*
|
||||||
|
* @author Matthias Pfefferle
|
||||||
|
*/
|
||||||
|
class Post {
|
||||||
|
private $post;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Initialize the class, registering WordPress hooks
|
||||||
|
*/
|
||||||
|
public static function init() {
|
||||||
|
\add_filter( 'activitypub_the_summary', array( '\Activitypub\Model\Post', 'add_backlink_to_content' ), 15, 2 );
|
||||||
|
\add_filter( 'activitypub_the_content', array( '\Activitypub\Model\Post', 'add_backlink_to_content' ), 15, 2 );
|
||||||
|
}
|
||||||
|
|
||||||
|
public function __construct( $post = null ) {
|
||||||
|
$this->post = \get_post( $post );
|
||||||
|
}
|
||||||
|
|
||||||
|
public function get_post() {
|
||||||
|
return $this->post;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function get_post_author() {
|
||||||
|
return $this->post->post_author;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function to_array() {
|
||||||
|
$post = $this->post;
|
||||||
|
|
||||||
|
$array = array(
|
||||||
|
'id' => \get_permalink( $post ),
|
||||||
|
'type' => $this->get_object_type(),
|
||||||
|
'published' => \date( 'Y-m-d\TH:i:s\Z', \strtotime( $post->post_date ) ),
|
||||||
|
'attributedTo' => \get_author_posts_url( $post->post_author ),
|
||||||
|
'summary' => $this->get_the_title(),
|
||||||
|
'inReplyTo' => null,
|
||||||
|
'content' => $this->get_the_content(),
|
||||||
|
'contentMap' => array(
|
||||||
|
\strstr( \get_locale(), '_', true ) => $this->get_the_content(),
|
||||||
|
),
|
||||||
|
'to' => array( 'https://www.w3.org/ns/activitystreams#Public' ),
|
||||||
|
'cc' => array( 'https://www.w3.org/ns/activitystreams#Public' ),
|
||||||
|
'attachment' => $this->get_attachments(),
|
||||||
|
'tag' => $this->get_tags(),
|
||||||
|
);
|
||||||
|
|
||||||
|
return \apply_filters( 'activitypub_post', $array );
|
||||||
|
}
|
||||||
|
|
||||||
|
public function to_json() {
|
||||||
|
return \wp_json_encode( $this->to_array(), JSON_HEX_TAG | JSON_HEX_AMP | JSON_HEX_QUOT );
|
||||||
|
}
|
||||||
|
|
||||||
|
public function get_attachments() {
|
||||||
|
$max_images = \apply_filters( 'activitypub_max_images', 3 );
|
||||||
|
|
||||||
|
$images = array();
|
||||||
|
|
||||||
|
// max images can't be negative or zero
|
||||||
|
if ( $max_images <= 0 ) {
|
||||||
|
$max_images = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
$id = $this->post->ID;
|
||||||
|
|
||||||
|
$image_ids = array();
|
||||||
|
// list post thumbnail first if this post has one
|
||||||
|
if ( \function_exists( 'has_post_thumbnail' ) && \has_post_thumbnail( $id ) ) {
|
||||||
|
$image_ids[] = \get_post_thumbnail_id( $id );
|
||||||
|
$max_images--;
|
||||||
|
}
|
||||||
|
// then list any image attachments
|
||||||
|
$query = new \WP_Query(
|
||||||
|
array(
|
||||||
|
'post_parent' => $id,
|
||||||
|
'post_status' => 'inherit',
|
||||||
|
'post_type' => 'attachment',
|
||||||
|
'post_mime_type' => 'image',
|
||||||
|
'order' => 'ASC',
|
||||||
|
'orderby' => 'menu_order ID',
|
||||||
|
'posts_per_page' => $max_images,
|
||||||
|
)
|
||||||
|
);
|
||||||
|
foreach ( $query->get_posts() as $attachment ) {
|
||||||
|
if ( ! \in_array( $attachment->ID, $image_ids, true ) ) {
|
||||||
|
$image_ids[] = $attachment->ID;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$image_ids = \array_unique( $image_ids );
|
||||||
|
|
||||||
|
// get URLs for each image
|
||||||
|
foreach ( $image_ids as $id ) {
|
||||||
|
$alt = \get_post_meta( $id, '_wp_attachment_image_alt', true );
|
||||||
|
$thumbnail = \wp_get_attachment_image_src( $id, 'full' );
|
||||||
|
$mimetype = \get_post_mime_type( $id );
|
||||||
|
|
||||||
|
if ( $thumbnail ) {
|
||||||
|
$image = array(
|
||||||
|
'type' => 'Image',
|
||||||
|
'url' => $thumbnail[0],
|
||||||
|
'mediaType' => $mimetype
|
||||||
|
);
|
||||||
|
if ( $alt ) {
|
||||||
|
$image['name'] = $alt;
|
||||||
|
}
|
||||||
|
$images[] = $image;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return $images;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function get_tags() {
|
||||||
|
$tags = array();
|
||||||
|
|
||||||
|
$post_tags = \get_the_tags( $this->post->ID );
|
||||||
|
if ( $post_tags ) {
|
||||||
|
foreach ( $post_tags as $post_tag ) {
|
||||||
|
$tag = array(
|
||||||
|
'type' => 'Hashtag',
|
||||||
|
'href' => \get_tag_link( $post_tag->term_id ),
|
||||||
|
'name' => '#' . $post_tag->slug,
|
||||||
|
);
|
||||||
|
$tags[] = $tag;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return $tags;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the as2 object-type for a given post
|
||||||
|
*
|
||||||
|
* @param string $type the object-type
|
||||||
|
* @param Object $post the post-object
|
||||||
|
*
|
||||||
|
* @return string the object-type
|
||||||
|
*/
|
||||||
|
public function get_object_type() {
|
||||||
|
if ( 'wordpress-post-format' !== \get_option( 'activitypub_object_type', 'note' ) ) {
|
||||||
|
return \ucfirst( \get_option( 'activitypub_object_type', 'note' ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
$post_type = \get_post_type( $this->post );
|
||||||
|
switch ( $post_type ) {
|
||||||
|
case 'post':
|
||||||
|
$post_format = \get_post_format( $this->post );
|
||||||
|
switch ( $post_format ) {
|
||||||
|
case 'aside':
|
||||||
|
case 'status':
|
||||||
|
case 'quote':
|
||||||
|
case 'note':
|
||||||
|
$object_type = 'Note';
|
||||||
|
break;
|
||||||
|
case 'gallery':
|
||||||
|
case 'image':
|
||||||
|
$object_type = 'Image';
|
||||||
|
break;
|
||||||
|
case 'video':
|
||||||
|
$object_type = 'Video';
|
||||||
|
break;
|
||||||
|
case 'audio':
|
||||||
|
$object_type = 'Audio';
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
$object_type = 'Article';
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
case 'page':
|
||||||
|
$object_type = 'Page';
|
||||||
|
break;
|
||||||
|
case 'attachment':
|
||||||
|
$mime_type = \get_post_mime_type();
|
||||||
|
$media_type = \preg_replace( '/(\/[a-zA-Z]+)/i', '', $mime_type );
|
||||||
|
switch ( $media_type ) {
|
||||||
|
case 'audio':
|
||||||
|
$object_type = 'Audio';
|
||||||
|
break;
|
||||||
|
case 'video':
|
||||||
|
$object_type = 'Video';
|
||||||
|
break;
|
||||||
|
case 'image':
|
||||||
|
$object_type = 'Image';
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
$object_type = 'Article';
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
return $object_type;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function get_the_content() {
|
||||||
|
if ( 'excerpt' === \get_option( 'activitypub_post_content_type', 'content' ) ) {
|
||||||
|
return $this->get_the_post_summary();
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( 'title' === \get_option( 'activitypub_post_content_type', 'content' ) ) {
|
||||||
|
return $this->get_the_title();
|
||||||
|
}
|
||||||
|
|
||||||
|
return $this->get_the_post_content();
|
||||||
|
}
|
||||||
|
|
||||||
|
public function get_the_title() {
|
||||||
|
if ( 'Article' === $this->get_object_type() ) {
|
||||||
|
$title = \get_the_title( $this->post );
|
||||||
|
|
||||||
|
return \html_entity_decode( $title, ENT_QUOTES, 'UTF-8' );
|
||||||
|
}
|
||||||
|
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the excerpt for a post for use outside of the loop.
|
||||||
|
*
|
||||||
|
* @param int Optional excerpt length.
|
||||||
|
*
|
||||||
|
* @return string The excerpt.
|
||||||
|
*/
|
||||||
|
public function get_the_post_excerpt( $excerpt_length = 400 ) {
|
||||||
|
$post = $this->post;
|
||||||
|
|
||||||
|
$excerpt = \get_post_field( 'post_excerpt', $post );
|
||||||
|
|
||||||
|
if ( '' === $excerpt ) {
|
||||||
|
|
||||||
|
$content = \get_post_field( 'post_content', $post );
|
||||||
|
|
||||||
|
// An empty string will make wp_trim_excerpt do stuff we do not want.
|
||||||
|
if ( '' !== $content ) {
|
||||||
|
|
||||||
|
$excerpt = \strip_shortcodes( $content );
|
||||||
|
|
||||||
|
/** This filter is documented in wp-includes/post-template.php */
|
||||||
|
$excerpt = \apply_filters( 'the_content', $excerpt );
|
||||||
|
$excerpt = \str_replace( ']]>', ']]>', $excerpt );
|
||||||
|
|
||||||
|
$excerpt_length = \apply_filters( 'excerpt_length', $excerpt_length );
|
||||||
|
|
||||||
|
/** This filter is documented in wp-includes/formatting.php */
|
||||||
|
$excerpt_more = \apply_filters( 'excerpt_more', ' [...]' );
|
||||||
|
|
||||||
|
$excerpt = \wp_trim_words( $excerpt, $excerpt_length, $excerpt_more );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return $excerpt;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the content for a post for use outside of the loop.
|
||||||
|
*
|
||||||
|
* @return string The content.
|
||||||
|
*/
|
||||||
|
public function get_the_post_content() {
|
||||||
|
$post = $this->post;
|
||||||
|
|
||||||
|
$content = \get_post_field( 'post_content', $post );
|
||||||
|
|
||||||
|
$filtered_content = \apply_filters( 'the_content', $content );
|
||||||
|
$filtered_content = \apply_filters( 'activitypub_the_content', $filtered_content, $this->post );
|
||||||
|
|
||||||
|
$decoded_content = \html_entity_decode( $filtered_content, ENT_QUOTES, 'UTF-8' );
|
||||||
|
|
||||||
|
$allowed_html = \apply_filters( 'activitypub_allowed_html', '<a><p><ul><ol><li><code><blockquote><pre>' );
|
||||||
|
|
||||||
|
return \trim( \preg_replace( '/[\r\n]{2,}/', '', \strip_tags( $decoded_content, $allowed_html ) ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the excerpt for a post for use outside of the loop.
|
||||||
|
*
|
||||||
|
* @param int Optional excerpt length.
|
||||||
|
*
|
||||||
|
* @return string The excerpt.
|
||||||
|
*/
|
||||||
|
public function get_the_post_summary( $summary_length = 400 ) {
|
||||||
|
$summary = $this->get_the_post_excerpt( $summary_length );
|
||||||
|
|
||||||
|
$filtered_summary = \apply_filters( 'the_excerpt', $summary );
|
||||||
|
$filtered_summary = \apply_filters( 'activitypub_the_summary', $filtered_summary, $this->post );
|
||||||
|
|
||||||
|
$decoded_summary = \html_entity_decode( $filtered_summary, ENT_QUOTES, 'UTF-8' );
|
||||||
|
|
||||||
|
$allowed_html = \apply_filters( 'activitypub_allowed_html', '<a><p>' );
|
||||||
|
|
||||||
|
return \trim( \preg_replace( '/[\r\n]{2,}/', '', \strip_tags( $decoded_summary, $allowed_html ) ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Adds a backlink to the post/summary content
|
||||||
|
*
|
||||||
|
* @param string $content
|
||||||
|
* @param WP_Post $post
|
||||||
|
*
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
public static function add_backlink_to_content( $content, $post ) {
|
||||||
|
$link = '';
|
||||||
|
|
||||||
|
if ( \get_option( 'activitypub_use_shortlink', 0 ) ) {
|
||||||
|
$link = \esc_url( \wp_get_shortlink( $post->ID ) );
|
||||||
|
} else {
|
||||||
|
$link = \esc_url( \get_permalink( $post->ID ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
return $content . '<p><a href="' . $link . '">' . $link . '</a></p>';
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,80 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub\Peer;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ActivityPub Followers DB-Class
|
||||||
|
*
|
||||||
|
* @author Matthias Pfefferle
|
||||||
|
*/
|
||||||
|
class Followers {
|
||||||
|
|
||||||
|
public static function get_followers( $author_id ) {
|
||||||
|
$followers = \get_user_option( 'activitypub_followers', $author_id );
|
||||||
|
|
||||||
|
if ( ! $followers ) {
|
||||||
|
return array();
|
||||||
|
}
|
||||||
|
|
||||||
|
foreach ( $followers as $key => $follower ) {
|
||||||
|
if (
|
||||||
|
\is_array( $follower ) &&
|
||||||
|
isset( $follower['type'] ) &&
|
||||||
|
'Person' === $follower['type'] &&
|
||||||
|
isset( $follower['id'] ) &&
|
||||||
|
false !== \filter_var( $follower['id'], FILTER_VALIDATE_URL )
|
||||||
|
) {
|
||||||
|
$followers[ $key ] = $follower['id'];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return $followers;
|
||||||
|
}
|
||||||
|
|
||||||
|
public static function count_followers( $author_id ) {
|
||||||
|
$followers = self::get_followers( $author_id );
|
||||||
|
|
||||||
|
return \count( $followers );
|
||||||
|
}
|
||||||
|
|
||||||
|
public static function add_follower( $actor, $author_id ) {
|
||||||
|
$followers = \get_user_option( 'activitypub_followers', $author_id );
|
||||||
|
|
||||||
|
if ( ! \is_string( $actor ) ) {
|
||||||
|
if (
|
||||||
|
\is_array( $actor ) &&
|
||||||
|
isset( $actor['type'] ) &&
|
||||||
|
'Person' === $actor['type'] &&
|
||||||
|
isset( $actor['id'] ) &&
|
||||||
|
false !== \filter_var( $actor['id'], FILTER_VALIDATE_URL )
|
||||||
|
) {
|
||||||
|
$actor = $actor['id'];
|
||||||
|
}
|
||||||
|
|
||||||
|
return new \WP_Error( 'invalid_actor_object', \__( 'Unknown Actor schema', 'activitypub' ), array(
|
||||||
|
'status' => 404,
|
||||||
|
) );
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( ! \is_array( $followers ) ) {
|
||||||
|
$followers = array( $actor );
|
||||||
|
} else {
|
||||||
|
$followers[] = $actor;
|
||||||
|
}
|
||||||
|
|
||||||
|
$followers = \array_unique( $followers );
|
||||||
|
|
||||||
|
\update_user_meta( $author_id, 'activitypub_followers', $followers );
|
||||||
|
}
|
||||||
|
|
||||||
|
public static function remove_follower( $actor, $author_id ) {
|
||||||
|
$followers = \get_user_option( 'activitypub_followers', $author_id );
|
||||||
|
|
||||||
|
foreach ( $followers as $key => $value ) {
|
||||||
|
if ( $value === $actor ) {
|
||||||
|
unset( $followers[ $key ] );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
\update_user_meta( $author_id, 'activitypub_followers', $followers );
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,96 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub\Rest;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ActivityPub Followers REST-Class
|
||||||
|
*
|
||||||
|
* @author Matthias Pfefferle
|
||||||
|
*
|
||||||
|
* @see https://www.w3.org/TR/activitypub/#followers
|
||||||
|
*/
|
||||||
|
class Followers {
|
||||||
|
/**
|
||||||
|
* Initialize the class, registering WordPress hooks
|
||||||
|
*/
|
||||||
|
public static function init() {
|
||||||
|
\add_action( 'rest_api_init', array( '\Activitypub\Rest\Followers', 'register_routes' ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Register routes
|
||||||
|
*/
|
||||||
|
public static function register_routes() {
|
||||||
|
\register_rest_route(
|
||||||
|
'activitypub/1.0', '/users/(?P<id>\d+)/followers', array(
|
||||||
|
array(
|
||||||
|
'methods' => \WP_REST_Server::READABLE,
|
||||||
|
'callback' => array( '\Activitypub\Rest\Followers', 'get' ),
|
||||||
|
'args' => self::request_parameters(),
|
||||||
|
),
|
||||||
|
)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Handle GET request
|
||||||
|
*
|
||||||
|
* @param WP_REST_Request $request
|
||||||
|
*
|
||||||
|
* @return WP_REST_Response
|
||||||
|
*/
|
||||||
|
public static function get( $request ) {
|
||||||
|
$user_id = $request->get_param( 'id' );
|
||||||
|
$user = \get_user_by( 'ID', $user_id );
|
||||||
|
|
||||||
|
if ( ! $user ) {
|
||||||
|
return new \WP_Error( 'rest_invalid_param', \__( 'User not found', 'activitypub' ), array(
|
||||||
|
'status' => 404,
|
||||||
|
'params' => array(
|
||||||
|
'user_id' => \__( 'User not found', 'activitypub' ),
|
||||||
|
),
|
||||||
|
) );
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Action triggerd prior to the ActivityPub profile being created and sent to the client
|
||||||
|
*/
|
||||||
|
\do_action( 'activitypub_outbox_pre' );
|
||||||
|
|
||||||
|
$json = new \stdClass();
|
||||||
|
|
||||||
|
$json->{'@context'} = \Activitypub\get_context();
|
||||||
|
|
||||||
|
$json->partOf = \get_rest_url( null, "/activitypub/1.0/users/$user_id/followers" ); // phpcs:ignore
|
||||||
|
$json->totalItems = \Activitypub\count_followers( $user_id ); // phpcs:ignore
|
||||||
|
$json->orderedItems = \Activitypub\Peer\Followers::get_followers( $user_id ); // phpcs:ignore
|
||||||
|
|
||||||
|
$json->first = $json->partOf; // phpcs:ignore
|
||||||
|
|
||||||
|
$json->first = \get_rest_url( null, "/activitypub/1.0/users/$user_id/followers" );
|
||||||
|
|
||||||
|
$response = new \WP_REST_Response( $json, 200 );
|
||||||
|
$response->header( 'Content-Type', 'application/activity+json' );
|
||||||
|
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The supported parameters
|
||||||
|
*
|
||||||
|
* @return array list of parameters
|
||||||
|
*/
|
||||||
|
public static function request_parameters() {
|
||||||
|
$params = array();
|
||||||
|
|
||||||
|
$params['page'] = array(
|
||||||
|
'type' => 'integer',
|
||||||
|
);
|
||||||
|
|
||||||
|
$params['id'] = array(
|
||||||
|
'required' => true,
|
||||||
|
'type' => 'integer',
|
||||||
|
);
|
||||||
|
|
||||||
|
return $params;
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,96 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub\Rest;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ActivityPub Following REST-Class
|
||||||
|
*
|
||||||
|
* @author Matthias Pfefferle
|
||||||
|
*
|
||||||
|
* @see https://www.w3.org/TR/activitypub/#following
|
||||||
|
*/
|
||||||
|
class Following {
|
||||||
|
/**
|
||||||
|
* Initialize the class, registering WordPress hooks
|
||||||
|
*/
|
||||||
|
public static function init() {
|
||||||
|
\add_action( 'rest_api_init', array( '\Activitypub\Rest\Following', 'register_routes' ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Register routes
|
||||||
|
*/
|
||||||
|
public static function register_routes() {
|
||||||
|
\register_rest_route(
|
||||||
|
'activitypub/1.0', '/users/(?P<id>\d+)/following', array(
|
||||||
|
array(
|
||||||
|
'methods' => \WP_REST_Server::READABLE,
|
||||||
|
'callback' => array( '\Activitypub\Rest\Following', 'get' ),
|
||||||
|
'args' => self::request_parameters(),
|
||||||
|
),
|
||||||
|
)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Handle GET request
|
||||||
|
*
|
||||||
|
* @param WP_REST_Request $request
|
||||||
|
*
|
||||||
|
* @return WP_REST_Response
|
||||||
|
*/
|
||||||
|
public static function get( $request ) {
|
||||||
|
$user_id = $request->get_param( 'id' );
|
||||||
|
$user = \get_user_by( 'ID', $user_id );
|
||||||
|
|
||||||
|
if ( ! $user ) {
|
||||||
|
return new \WP_Error( 'rest_invalid_param', \__( 'User not found', 'activitypub' ), array(
|
||||||
|
'status' => 404,
|
||||||
|
'params' => array(
|
||||||
|
'user_id' => \__( 'User not found', 'activitypub' ),
|
||||||
|
),
|
||||||
|
) );
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Action triggerd prior to the ActivityPub profile being created and sent to the client
|
||||||
|
*/
|
||||||
|
\do_action( 'activitypub_outbox_pre' );
|
||||||
|
|
||||||
|
$json = new \stdClass();
|
||||||
|
|
||||||
|
$json->{'@context'} = \Activitypub\get_context();
|
||||||
|
|
||||||
|
$json->partOf = \get_rest_url( null, "/activitypub/1.0/users/$user_id/following" ); // phpcs:ignore
|
||||||
|
$json->totalItems = 0; // phpcs:ignore
|
||||||
|
$json->orderedItems = array(); // phpcs:ignore
|
||||||
|
|
||||||
|
$json->first = $json->partOf; // phpcs:ignore
|
||||||
|
|
||||||
|
$json->first = \get_rest_url( null, "/activitypub/1.0/users/$user_id/following" );
|
||||||
|
|
||||||
|
$response = new \WP_REST_Response( $json, 200 );
|
||||||
|
$response->header( 'Content-Type', 'application/activity+json' );
|
||||||
|
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The supported parameters
|
||||||
|
*
|
||||||
|
* @return array list of parameters
|
||||||
|
*/
|
||||||
|
public static function request_parameters() {
|
||||||
|
$params = array();
|
||||||
|
|
||||||
|
$params['page'] = array(
|
||||||
|
'type' => 'integer',
|
||||||
|
);
|
||||||
|
|
||||||
|
$params['id'] = array(
|
||||||
|
'required' => true,
|
||||||
|
'type' => 'integer',
|
||||||
|
);
|
||||||
|
|
||||||
|
return $params;
|
||||||
|
}
|
||||||
|
}
|
271
wp-content/plugins/activitypub/includes/rest/class-inbox.php
Normal file
271
wp-content/plugins/activitypub/includes/rest/class-inbox.php
Normal file
@ -0,0 +1,271 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub\Rest;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ActivityPub Inbox REST-Class
|
||||||
|
*
|
||||||
|
* @author Matthias Pfefferle
|
||||||
|
*
|
||||||
|
* @see https://www.w3.org/TR/activitypub/#inbox
|
||||||
|
*/
|
||||||
|
class Inbox {
|
||||||
|
/**
|
||||||
|
* Initialize the class, registering WordPress hooks
|
||||||
|
*/
|
||||||
|
public static function init() {
|
||||||
|
\add_action( 'rest_api_init', array( '\Activitypub\Rest\Inbox', 'register_routes' ) );
|
||||||
|
\add_filter( 'rest_pre_serve_request', array( '\Activitypub\Rest\Inbox', 'serve_request' ), 11, 4 );
|
||||||
|
\add_action( 'activitypub_inbox_follow', array( '\Activitypub\Rest\Inbox', 'handle_follow' ), 10, 2 );
|
||||||
|
\add_action( 'activitypub_inbox_unfollow', array( '\Activitypub\Rest\Inbox', 'handle_unfollow' ), 10, 2 );
|
||||||
|
//\add_action( 'activitypub_inbox_like', array( '\Activitypub\Rest\Inbox', 'handle_reaction' ), 10, 2 );
|
||||||
|
//\add_action( 'activitypub_inbox_announce', array( '\Activitypub\Rest\Inbox', 'handle_reaction' ), 10, 2 );
|
||||||
|
\add_action( 'activitypub_inbox_create', array( '\Activitypub\Rest\Inbox', 'handle_create' ), 10, 2 );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Register routes
|
||||||
|
*/
|
||||||
|
public static function register_routes() {
|
||||||
|
\register_rest_route(
|
||||||
|
'activitypub/1.0', '/inbox', array(
|
||||||
|
array(
|
||||||
|
'methods' => \WP_REST_Server::EDITABLE,
|
||||||
|
'callback' => array( '\Activitypub\Rest\Inbox', 'shared_inbox' ),
|
||||||
|
),
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
\register_rest_route(
|
||||||
|
'activitypub/1.0', '/users/(?P<user_id>\d+)/inbox', array(
|
||||||
|
array(
|
||||||
|
'methods' => \WP_REST_Server::EDITABLE,
|
||||||
|
'callback' => array( '\Activitypub\Rest\Inbox', 'user_inbox' ),
|
||||||
|
'args' => self::request_parameters(),
|
||||||
|
),
|
||||||
|
)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Hooks into the REST API request to verify the signature.
|
||||||
|
*
|
||||||
|
* @param bool $served Whether the request has already been served.
|
||||||
|
* @param WP_HTTP_ResponseInterface $result Result to send to the client. Usually a WP_REST_Response.
|
||||||
|
* @param WP_REST_Request $request Request used to generate the response.
|
||||||
|
* @param WP_REST_Server $server Server instance.
|
||||||
|
*
|
||||||
|
* @return true
|
||||||
|
*/
|
||||||
|
public static function serve_request( $served, $result, $request, $server ) {
|
||||||
|
if ( '/activitypub' !== \substr( $request->get_route(), 0, 12 ) ) {
|
||||||
|
return $served;
|
||||||
|
}
|
||||||
|
|
||||||
|
$signature = $request->get_header( 'signature' );
|
||||||
|
|
||||||
|
if ( ! $signature ) {
|
||||||
|
return $served;
|
||||||
|
}
|
||||||
|
|
||||||
|
$headers = $request->get_headers();
|
||||||
|
|
||||||
|
// verify signature
|
||||||
|
//\Activitypub\Signature::verify_signature( $headers, $key );
|
||||||
|
|
||||||
|
return $served;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Renders the user-inbox
|
||||||
|
*
|
||||||
|
* @param WP_REST_Request $request
|
||||||
|
*
|
||||||
|
* @return WP_REST_Response
|
||||||
|
*/
|
||||||
|
public static function user_inbox( $request ) {
|
||||||
|
$user_id = $request->get_param( 'user_id' );
|
||||||
|
|
||||||
|
$data = $request->get_params();
|
||||||
|
$type = $request->get_param( 'type' );
|
||||||
|
|
||||||
|
\do_action( 'activitypub_inbox', $data, $user_id, $type );
|
||||||
|
\do_action( "activitypub_inbox_{$type}", $data, $user_id );
|
||||||
|
|
||||||
|
return new \WP_REST_Response( array(), 202 );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The shared inbox
|
||||||
|
*
|
||||||
|
* @param [type] $request [description]
|
||||||
|
*
|
||||||
|
* @return WP_Error not yet implemented
|
||||||
|
*/
|
||||||
|
public static function shared_inbox( $request ) {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The supported parameters
|
||||||
|
*
|
||||||
|
* @return array list of parameters
|
||||||
|
*/
|
||||||
|
public static function request_parameters() {
|
||||||
|
$params = array();
|
||||||
|
|
||||||
|
$params['page'] = array(
|
||||||
|
'type' => 'integer',
|
||||||
|
);
|
||||||
|
|
||||||
|
$params['user_id'] = array(
|
||||||
|
'required' => true,
|
||||||
|
'type' => 'integer',
|
||||||
|
);
|
||||||
|
|
||||||
|
$params['id'] = array(
|
||||||
|
'required' => true,
|
||||||
|
'type' => 'string',
|
||||||
|
'validate_callback' => function( $param, $request, $key ) {
|
||||||
|
if ( ! \is_string( $param ) ) {
|
||||||
|
$param = $param['id'];
|
||||||
|
}
|
||||||
|
return ! \Activitypub\is_blacklisted( $param );
|
||||||
|
},
|
||||||
|
'sanitize_callback' => 'esc_url_raw',
|
||||||
|
);
|
||||||
|
|
||||||
|
$params['actor'] = array(
|
||||||
|
'required' => true,
|
||||||
|
'type' => array( 'object', 'string' ),
|
||||||
|
'validate_callback' => function( $param, $request, $key ) {
|
||||||
|
if ( ! \is_string( $param ) ) {
|
||||||
|
$param = $param['id'];
|
||||||
|
}
|
||||||
|
return ! \Activitypub\is_blacklisted( $param );
|
||||||
|
},
|
||||||
|
'sanitize_callback' => function( $param, $request, $key ) {
|
||||||
|
if ( ! \is_string( $param ) ) {
|
||||||
|
$param = $param['id'];
|
||||||
|
}
|
||||||
|
return \esc_url_raw( $param );
|
||||||
|
},
|
||||||
|
);
|
||||||
|
|
||||||
|
$params['type'] = array(
|
||||||
|
'required' => true,
|
||||||
|
'type' => 'enum',
|
||||||
|
'enum' => array( 'Create' ),
|
||||||
|
'sanitize_callback' => function( $param, $request, $key ) {
|
||||||
|
return \strtolower( $param );
|
||||||
|
},
|
||||||
|
);
|
||||||
|
|
||||||
|
$params['object'] = array(
|
||||||
|
'required' => true,
|
||||||
|
'type' => 'object',
|
||||||
|
);
|
||||||
|
|
||||||
|
return $params;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Handles "Follow" requests
|
||||||
|
*
|
||||||
|
* @param array $object The activity-object
|
||||||
|
* @param int $user_id The id of the local blog-user
|
||||||
|
*/
|
||||||
|
public static function handle_follow( $object, $user_id ) {
|
||||||
|
// save follower
|
||||||
|
\Activitypub\Peer\Followers::add_follower( $object['actor'], $user_id );
|
||||||
|
|
||||||
|
// get inbox
|
||||||
|
$inbox = \Activitypub\get_inbox_by_actor( $object['actor'] );
|
||||||
|
|
||||||
|
// send "Accept" activity
|
||||||
|
$activity = new \Activitypub\Model\Activity( 'Accept', \Activitypub\Model\Activity::TYPE_SIMPLE );
|
||||||
|
$activity->set_object( $object );
|
||||||
|
$activity->set_actor( \get_author_posts_url( $user_id ) );
|
||||||
|
$activity->set_to( $object['actor'] );
|
||||||
|
$activity->set_id( \get_author_posts_url( $user_id ) . '#follow' . \preg_replace( '~^https?://~', '', $object['actor'] ) );
|
||||||
|
|
||||||
|
$activity = $activity->to_simple_json();
|
||||||
|
|
||||||
|
$response = \Activitypub\safe_remote_post( $inbox, $activity, $user_id );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Handles "Unfollow" requests
|
||||||
|
*
|
||||||
|
* @param array $object The activity-object
|
||||||
|
* @param int $user_id The id of the local blog-user
|
||||||
|
*/
|
||||||
|
public static function handle_unfollow( $object, $user_id ) {
|
||||||
|
\Activitypub\Peer\Followers::remove_follower( $object['actor'], $user_id );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Handles "Reaction" requests
|
||||||
|
*
|
||||||
|
* @param array $object The activity-object
|
||||||
|
* @param int $user_id The id of the local blog-user
|
||||||
|
*/
|
||||||
|
public static function handle_reaction( $object, $user_id ) {
|
||||||
|
$meta = \Activitypub\get_remote_metadata_by_actor( $object['actor'] );
|
||||||
|
|
||||||
|
$commentdata = array(
|
||||||
|
'comment_post_ID' => \url_to_postid( $object['object'] ),
|
||||||
|
'comment_author' => \esc_attr( $meta['name'] ),
|
||||||
|
'comment_author_email' => '',
|
||||||
|
'comment_author_url' => \esc_url_raw( $object['actor'] ),
|
||||||
|
'comment_content' => \esc_url_raw( $object['actor'] ),
|
||||||
|
'comment_type' => \esc_attr( \strtolower( $object['type'] ) ),
|
||||||
|
'comment_parent' => 0,
|
||||||
|
'comment_meta' => array(
|
||||||
|
'source_url' => \esc_url_raw( $object['id'] ),
|
||||||
|
'avatar_url' => \esc_url_raw( $meta['icon']['url'] ),
|
||||||
|
'protocol' => 'activitypub',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
// disable flood control
|
||||||
|
\remove_action( 'check_comment_flood', 'check_comment_flood_db', 10 );
|
||||||
|
|
||||||
|
$state = \wp_new_comment( $commentdata, true );
|
||||||
|
|
||||||
|
// re-add flood control
|
||||||
|
\add_action( 'check_comment_flood', 'check_comment_flood_db', 10, 4 );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Handles "Create" requests
|
||||||
|
*
|
||||||
|
* @param array $object The activity-object
|
||||||
|
* @param int $user_id The id of the local blog-user
|
||||||
|
*/
|
||||||
|
public static function handle_create( $object, $user_id ) {
|
||||||
|
$meta = \Activitypub\get_remote_metadata_by_actor( $object['actor'] );
|
||||||
|
|
||||||
|
$commentdata = array(
|
||||||
|
'comment_post_ID' => \url_to_postid( $object['object']['inReplyTo'] ),
|
||||||
|
'comment_author' => \esc_attr( $meta['name'] ),
|
||||||
|
'comment_author_url' => \esc_url_raw( $object['actor'] ),
|
||||||
|
'comment_content' => \wp_filter_kses( $object['object']['content'] ),
|
||||||
|
'comment_type' => '',
|
||||||
|
'comment_author_email' => '',
|
||||||
|
'comment_parent' => 0,
|
||||||
|
'comment_meta' => array(
|
||||||
|
'source_url' => \esc_url_raw( $object['object']['url'] ),
|
||||||
|
'avatar_url' => \esc_url_raw( $meta['icon']['url'] ),
|
||||||
|
'protocol' => 'activitypub',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
// disable flood control
|
||||||
|
\remove_action( 'check_comment_flood', 'check_comment_flood_db', 10 );
|
||||||
|
|
||||||
|
$state = \wp_new_comment( $commentdata, true );
|
||||||
|
|
||||||
|
// re-add flood control
|
||||||
|
\add_action( 'check_comment_flood', 'check_comment_flood_db', 10, 4 );
|
||||||
|
}
|
||||||
|
}
|
191
wp-content/plugins/activitypub/includes/rest/class-nodeinfo.php
Normal file
191
wp-content/plugins/activitypub/includes/rest/class-nodeinfo.php
Normal file
@ -0,0 +1,191 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub\Rest;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ActivityPub NodeInfo REST-Class
|
||||||
|
*
|
||||||
|
* @author Matthias Pfefferle
|
||||||
|
*
|
||||||
|
* @see http://nodeinfo.diaspora.software/
|
||||||
|
*/
|
||||||
|
class Nodeinfo {
|
||||||
|
/**
|
||||||
|
* Initialize the class, registering WordPress hooks
|
||||||
|
*/
|
||||||
|
public static function init() {
|
||||||
|
\add_action( 'rest_api_init', array( '\Activitypub\Rest\Nodeinfo', 'register_routes' ) );
|
||||||
|
\add_filter( 'nodeinfo_data', array( '\Activitypub\Rest\Nodeinfo', 'add_nodeinfo_discovery' ), 10, 2 );
|
||||||
|
\add_filter( 'nodeinfo2_data', array( '\Activitypub\Rest\Nodeinfo', 'add_nodeinfo2_discovery' ), 10 );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Register routes
|
||||||
|
*/
|
||||||
|
public static function register_routes() {
|
||||||
|
\register_rest_route(
|
||||||
|
'activitypub/1.0', '/nodeinfo/discovery', array(
|
||||||
|
array(
|
||||||
|
'methods' => \WP_REST_Server::READABLE,
|
||||||
|
'callback' => array( '\Activitypub\Rest\Nodeinfo', 'discovery' ),
|
||||||
|
),
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
\register_rest_route(
|
||||||
|
'activitypub/1.0', '/nodeinfo', array(
|
||||||
|
array(
|
||||||
|
'methods' => \WP_REST_Server::READABLE,
|
||||||
|
'callback' => array( '\Activitypub\Rest\Nodeinfo', 'nodeinfo' ),
|
||||||
|
),
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
\register_rest_route(
|
||||||
|
'activitypub/1.0', '/nodeinfo2', array(
|
||||||
|
array(
|
||||||
|
'methods' => \WP_REST_Server::READABLE,
|
||||||
|
'callback' => array( '\Activitypub\Rest\Nodeinfo', 'nodeinfo2' ),
|
||||||
|
),
|
||||||
|
)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Render NodeInfo file
|
||||||
|
*
|
||||||
|
* @param WP_REST_Request $request
|
||||||
|
*
|
||||||
|
* @return WP_REST_Response
|
||||||
|
*/
|
||||||
|
public static function nodeinfo( $request ) {
|
||||||
|
$nodeinfo = array();
|
||||||
|
|
||||||
|
$nodeinfo['version'] = '2.0';
|
||||||
|
$nodeinfo['software'] = array(
|
||||||
|
'name' => 'wordpress',
|
||||||
|
'version' => \get_bloginfo( 'version' ),
|
||||||
|
);
|
||||||
|
|
||||||
|
$users = \count_users();
|
||||||
|
$posts = \wp_count_posts();
|
||||||
|
$comments = \wp_count_comments();
|
||||||
|
|
||||||
|
$nodeinfo['usage'] = array(
|
||||||
|
'users' => array(
|
||||||
|
'total' => (int) $users['total_users'],
|
||||||
|
),
|
||||||
|
'localPosts' => (int) $posts->publish,
|
||||||
|
'localComments' => (int) $comments->approved,
|
||||||
|
);
|
||||||
|
|
||||||
|
$nodeinfo['openRegistrations'] = false;
|
||||||
|
$nodeinfo['protocols'] = array( 'activitypub' );
|
||||||
|
|
||||||
|
$nodeinfo['services'] = array(
|
||||||
|
'inbound' => array(),
|
||||||
|
'outbound' => array(),
|
||||||
|
);
|
||||||
|
|
||||||
|
$nodeinfo['metadata'] = array(
|
||||||
|
'email' => \get_option( 'admin_email' ),
|
||||||
|
);
|
||||||
|
|
||||||
|
return new \WP_REST_Response( $nodeinfo, 200 );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Render NodeInfo file
|
||||||
|
*
|
||||||
|
* @param WP_REST_Request $request
|
||||||
|
*
|
||||||
|
* @return WP_REST_Response
|
||||||
|
*/
|
||||||
|
public static function nodeinfo2( $request ) {
|
||||||
|
$nodeinfo = array();
|
||||||
|
|
||||||
|
$nodeinfo['version'] = '1.0';
|
||||||
|
$nodeinfo['server'] = array(
|
||||||
|
'baseUrl' => home_url( '/' ),
|
||||||
|
'name' => \get_bloginfo( 'name' ),
|
||||||
|
'software' => 'wordpress',
|
||||||
|
'version' => \get_bloginfo( 'version' ),
|
||||||
|
);
|
||||||
|
|
||||||
|
$users = \count_users();
|
||||||
|
$posts = \wp_count_posts();
|
||||||
|
$comments = \wp_count_comments();
|
||||||
|
|
||||||
|
$nodeinfo['usage'] = array(
|
||||||
|
'users' => array(
|
||||||
|
'total' => (int) $users['total_users'],
|
||||||
|
),
|
||||||
|
'localPosts' => (int) $posts->publish,
|
||||||
|
'localComments' => (int) $comments->approved,
|
||||||
|
);
|
||||||
|
|
||||||
|
$nodeinfo['openRegistrations'] = false;
|
||||||
|
$nodeinfo['protocols'] = array( 'activitypub' );
|
||||||
|
|
||||||
|
$nodeinfo['services'] = array(
|
||||||
|
'inbound' => array(),
|
||||||
|
'outbound' => array(),
|
||||||
|
);
|
||||||
|
|
||||||
|
$nodeinfo['metadata'] = array(
|
||||||
|
'email' => \get_option( 'admin_email' ),
|
||||||
|
);
|
||||||
|
|
||||||
|
return new \WP_REST_Response( $nodeinfo, 200 );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Render NodeInfo discovery file
|
||||||
|
*
|
||||||
|
* @param WP_REST_Request $request
|
||||||
|
*
|
||||||
|
* @return WP_REST_Response
|
||||||
|
*/
|
||||||
|
public static function discovery( $request ) {
|
||||||
|
$discovery = array();
|
||||||
|
$discovery['links'] = array(
|
||||||
|
array(
|
||||||
|
'rel' => 'http://nodeinfo.diaspora.software/ns/schema/2.0',
|
||||||
|
'href' => \get_rest_url( null, 'activitypub/1.0/nodeinfo' ),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
return new \WP_REST_Response( $discovery, 200 );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Extend NodeInfo data
|
||||||
|
*
|
||||||
|
* @param array $nodeinfo NodeInfo data
|
||||||
|
* @param string The NodeInfo Version
|
||||||
|
*
|
||||||
|
* @return array The extended array
|
||||||
|
*/
|
||||||
|
public static function add_nodeinfo_discovery( $nodeinfo, $version ) {
|
||||||
|
if ( '2.0' === $version ) {
|
||||||
|
$nodeinfo['protocols'][] = 'activitypub';
|
||||||
|
} else {
|
||||||
|
$nodeinfo['protocols']['inbound'][] = 'activitypub';
|
||||||
|
$nodeinfo['protocols']['outbound'][] = 'activitypub';
|
||||||
|
}
|
||||||
|
|
||||||
|
return $nodeinfo;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Extend NodeInfo2 data
|
||||||
|
*
|
||||||
|
* @param array $nodeinfo NodeInfo2 data
|
||||||
|
*
|
||||||
|
* @return array The extended array
|
||||||
|
*/
|
||||||
|
public static function add_nodeinfo2_discovery( $nodeinfo ) {
|
||||||
|
$nodeinfo['protocols'][] = 'activitypub';
|
||||||
|
|
||||||
|
return $nodeinfo;
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,30 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub\Rest;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ActivityPub OStatus REST-Class
|
||||||
|
*
|
||||||
|
* @author Matthias Pfefferle
|
||||||
|
*
|
||||||
|
* @see https://www.w3.org/community/ostatus/
|
||||||
|
*/
|
||||||
|
class Ostatus {
|
||||||
|
/**
|
||||||
|
* Register routes
|
||||||
|
*/
|
||||||
|
public static function register_routes() {
|
||||||
|
\register_rest_route(
|
||||||
|
'activitypub/1.0', '/ostatus/remote-follow', array(
|
||||||
|
array(
|
||||||
|
'methods' => \WP_REST_Server::READABLE,
|
||||||
|
'callback' => array( '\Activitypub\Rest\Ostatus', 'get' ),
|
||||||
|
// 'args' => self::request_parameters(),
|
||||||
|
),
|
||||||
|
)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static function get() {
|
||||||
|
// @todo implement
|
||||||
|
}
|
||||||
|
}
|
126
wp-content/plugins/activitypub/includes/rest/class-outbox.php
Normal file
126
wp-content/plugins/activitypub/includes/rest/class-outbox.php
Normal file
@ -0,0 +1,126 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub\Rest;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ActivityPub Outbox REST-Class
|
||||||
|
*
|
||||||
|
* @author Matthias Pfefferle
|
||||||
|
*
|
||||||
|
* @see https://www.w3.org/TR/activitypub/#outbox
|
||||||
|
*/
|
||||||
|
class Outbox {
|
||||||
|
/**
|
||||||
|
* Initialize the class, registering WordPress hooks
|
||||||
|
*/
|
||||||
|
public static function init() {
|
||||||
|
\add_action( 'rest_api_init', array( '\Activitypub\Rest\Outbox', 'register_routes' ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Register routes
|
||||||
|
*/
|
||||||
|
public static function register_routes() {
|
||||||
|
\register_rest_route(
|
||||||
|
'activitypub/1.0', '/users/(?P<id>\d+)/outbox', array(
|
||||||
|
array(
|
||||||
|
'methods' => \WP_REST_Server::READABLE,
|
||||||
|
'callback' => array( '\Activitypub\Rest\Outbox', 'user_outbox' ),
|
||||||
|
'args' => self::request_parameters(),
|
||||||
|
),
|
||||||
|
)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Renders the user-outbox
|
||||||
|
*
|
||||||
|
* @param WP_REST_Request $request
|
||||||
|
* @return WP_REST_Response
|
||||||
|
*/
|
||||||
|
public static function user_outbox( $request ) {
|
||||||
|
$user_id = $request->get_param( 'id' );
|
||||||
|
$author = \get_user_by( 'ID', $user_id );
|
||||||
|
|
||||||
|
if ( ! $author ) {
|
||||||
|
return new \WP_Error( 'rest_invalid_param', __( 'User not found', 'activitypub' ), array(
|
||||||
|
'status' => 404,
|
||||||
|
'params' => array(
|
||||||
|
'user_id' => \__( 'User not found', 'activitypub' ),
|
||||||
|
),
|
||||||
|
) );
|
||||||
|
}
|
||||||
|
|
||||||
|
$page = $request->get_param( 'page', 0 );
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Action triggerd prior to the ActivityPub profile being created and sent to the client
|
||||||
|
*/
|
||||||
|
\do_action( 'activitypub_outbox_pre' );
|
||||||
|
|
||||||
|
$json = new \stdClass();
|
||||||
|
|
||||||
|
$json->{'@context'} = \Activitypub\get_context();
|
||||||
|
$json->id = \home_url( \add_query_arg( null, null ) );
|
||||||
|
$json->generator = 'http://wordpress.org/?v=' . \get_bloginfo_rss( 'version' );
|
||||||
|
$json->actor = \get_author_posts_url( $user_id );
|
||||||
|
$json->type = 'OrderedCollectionPage';
|
||||||
|
$json->partOf = \get_rest_url( null, "/activitypub/1.0/users/$user_id/outbox" ); // phpcs:ignore
|
||||||
|
|
||||||
|
$count_posts = \wp_count_posts();
|
||||||
|
$json->totalItems = \intval( $count_posts->publish ); // phpcs:ignore
|
||||||
|
|
||||||
|
$posts = \get_posts( array(
|
||||||
|
'posts_per_page' => 10,
|
||||||
|
'author' => $user_id,
|
||||||
|
'offset' => $page * 10,
|
||||||
|
) );
|
||||||
|
|
||||||
|
$json->first = \add_query_arg( 'page', 0, $json->partOf ); // phpcs:ignore
|
||||||
|
$json->last = \add_query_arg( 'page', ( \ceil ( $json->totalItems / 10 ) ) - 1, $json->partOf ); // phpcs:ignore
|
||||||
|
|
||||||
|
if ( ( \ceil ( $json->totalItems / 10 ) ) - 1 > $page ) { // phpcs:ignore
|
||||||
|
$json->next = \add_query_arg( 'page', ++$page, $json->partOf ); // phpcs:ignore
|
||||||
|
}
|
||||||
|
|
||||||
|
foreach ( $posts as $post ) {
|
||||||
|
$activitypub_post = new \Activitypub\Model\Post( $post );
|
||||||
|
$activitypub_activity = new \Activitypub\Model\Activity( 'Create', \Activitypub\Model\Activity::TYPE_NONE );
|
||||||
|
$activitypub_activity->from_post( $activitypub_post->to_array() );
|
||||||
|
$json->orderedItems[] = $activitypub_activity->to_array(); // phpcs:ignore
|
||||||
|
}
|
||||||
|
|
||||||
|
// filter output
|
||||||
|
$json = \apply_filters( 'activitypub_outbox_array', $json );
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Action triggerd after the ActivityPub profile has been created and sent to the client
|
||||||
|
*/
|
||||||
|
\do_action( 'activitypub_outbox_post' );
|
||||||
|
|
||||||
|
$response = new \WP_REST_Response( $json, 200 );
|
||||||
|
|
||||||
|
$response->header( 'Content-Type', 'application/activity+json' );
|
||||||
|
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The supported parameters
|
||||||
|
*
|
||||||
|
* @return array list of parameters
|
||||||
|
*/
|
||||||
|
public static function request_parameters() {
|
||||||
|
$params = array();
|
||||||
|
|
||||||
|
$params['page'] = array(
|
||||||
|
'type' => 'integer',
|
||||||
|
);
|
||||||
|
|
||||||
|
$params['id'] = array(
|
||||||
|
'required' => true,
|
||||||
|
'type' => 'integer',
|
||||||
|
);
|
||||||
|
|
||||||
|
return $params;
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,31 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub\Rest;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Custom (hopefully temporary) ActivityPub Rest Server
|
||||||
|
*
|
||||||
|
* @author Matthias Pfefferle
|
||||||
|
*/
|
||||||
|
class Server extends \WP_REST_Server {
|
||||||
|
/**
|
||||||
|
* Overwrite dispatch function to quick fix missing subtype featur
|
||||||
|
*
|
||||||
|
* @see https://core.trac.wordpress.org/ticket/49404
|
||||||
|
*
|
||||||
|
* @param WP_REST_Request $request Request to attempt dispatching.
|
||||||
|
* @return WP_REST_Response Response returned by the callback.
|
||||||
|
*/
|
||||||
|
public function dispatch( $request ) {
|
||||||
|
$content_type = $request->get_content_type();
|
||||||
|
|
||||||
|
// check for content-sub-types like 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'
|
||||||
|
if ( \preg_match( '/application\/([a-zA-Z+_-]+\+)json/', $content_type['value'] ) ) {
|
||||||
|
$request->set_header( 'Content-Type', 'application/json' );
|
||||||
|
}
|
||||||
|
|
||||||
|
// make request filterable
|
||||||
|
$request = apply_filters( 'activitypub_pre_dispatch_request', $request );
|
||||||
|
|
||||||
|
return parent::dispatch( $request );
|
||||||
|
}
|
||||||
|
}
|
119
wp-content/plugins/activitypub/includes/rest/class-webfinger.php
Normal file
119
wp-content/plugins/activitypub/includes/rest/class-webfinger.php
Normal file
@ -0,0 +1,119 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub\Rest;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ActivityPub WebFinger REST-Class
|
||||||
|
*
|
||||||
|
* @author Matthias Pfefferle
|
||||||
|
*
|
||||||
|
* @see https://webfinger.net/
|
||||||
|
*/
|
||||||
|
class Webfinger {
|
||||||
|
/**
|
||||||
|
* Initialize the class, registering WordPress hooks
|
||||||
|
*/
|
||||||
|
public static function init() {
|
||||||
|
\add_action( 'rest_api_init', array( '\Activitypub\Rest\Webfinger', 'register_routes' ) );
|
||||||
|
\add_action( 'webfinger_user_data', array( '\Activitypub\Rest\Webfinger', 'add_webfinger_discovery' ), 10, 3 );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Register routes
|
||||||
|
*/
|
||||||
|
public static function register_routes() {
|
||||||
|
\register_rest_route(
|
||||||
|
'activitypub/1.0', '/webfinger', array(
|
||||||
|
array(
|
||||||
|
'methods' => \WP_REST_Server::READABLE,
|
||||||
|
'callback' => array( '\Activitypub\Rest\Webfinger', 'webfinger' ),
|
||||||
|
'args' => self::request_parameters(),
|
||||||
|
),
|
||||||
|
)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Render JRD file
|
||||||
|
*
|
||||||
|
* @param WP_REST_Request $request
|
||||||
|
* @return WP_REST_Response
|
||||||
|
*/
|
||||||
|
public static function webfinger( $request ) {
|
||||||
|
$resource = $request->get_param( 'resource' );
|
||||||
|
|
||||||
|
$matches = array();
|
||||||
|
$matched = \preg_match( '/^acct:([^@]+)@(.+)$/', $resource, $matches );
|
||||||
|
|
||||||
|
if ( ! $matched ) {
|
||||||
|
return new \WP_Error( 'activitypub_unsupported_resource', \__( 'Resource is invalid', 'activitypub' ), array( 'status' => 400 ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
$resource_identifier = $matches[1];
|
||||||
|
$resource_host = $matches[2];
|
||||||
|
|
||||||
|
if ( \wp_parse_url( \home_url( '/' ), PHP_URL_HOST ) !== $resource_host ) {
|
||||||
|
return new \WP_Error( 'activitypub_wrong_host', \__( 'Resource host does not match blog host', 'activitypub' ), array( 'status' => 404 ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
$user = \get_user_by( 'login', \esc_sql( $resource_identifier ) );
|
||||||
|
|
||||||
|
if ( ! $user ) {
|
||||||
|
return new \WP_Error( 'activitypub_user_not_found', \__( 'User not found', 'activitypub' ), array( 'status' => 404 ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
$json = array(
|
||||||
|
'subject' => $resource,
|
||||||
|
'aliases' => array(
|
||||||
|
\get_author_posts_url( $user->ID ),
|
||||||
|
),
|
||||||
|
'links' => array(
|
||||||
|
array(
|
||||||
|
'rel' => 'self',
|
||||||
|
'type' => 'application/activity+json',
|
||||||
|
'href' => \get_author_posts_url( $user->ID ),
|
||||||
|
),
|
||||||
|
array(
|
||||||
|
'rel' => 'http://webfinger.net/rel/profile-page',
|
||||||
|
'type' => 'text/html',
|
||||||
|
'href' => \get_author_posts_url( $user->ID ),
|
||||||
|
),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
return new \WP_REST_Response( $json, 200 );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The supported parameters
|
||||||
|
*
|
||||||
|
* @return array list of parameters
|
||||||
|
*/
|
||||||
|
public static function request_parameters() {
|
||||||
|
$params = array();
|
||||||
|
|
||||||
|
$params['resource'] = array(
|
||||||
|
'required' => true,
|
||||||
|
'type' => 'string',
|
||||||
|
'pattern' => '^acct:([^@]+)@(.+)$',
|
||||||
|
);
|
||||||
|
|
||||||
|
return $params;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Add WebFinger discovery links
|
||||||
|
*
|
||||||
|
* @param array $array the jrd array
|
||||||
|
* @param string $resource the WebFinger resource
|
||||||
|
* @param WP_User $user the WordPress user
|
||||||
|
*/
|
||||||
|
public static function add_webfinger_discovery( $array, $resource, $user ) {
|
||||||
|
$array['links'][] = array(
|
||||||
|
'rel' => 'self',
|
||||||
|
'type' => 'application/activity+json',
|
||||||
|
'href' => \get_author_posts_url( $user->ID ),
|
||||||
|
);
|
||||||
|
|
||||||
|
return $array;
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,36 @@
|
|||||||
|
<?php
|
||||||
|
namespace Activitypub\Table;
|
||||||
|
|
||||||
|
if ( ! \class_exists( '\WP_List_Table' ) ) {
|
||||||
|
require_once ABSPATH . 'wp-admin/includes/class-wp-list-table.php';
|
||||||
|
}
|
||||||
|
|
||||||
|
class Followers_List extends \WP_List_Table {
|
||||||
|
public function get_columns() {
|
||||||
|
return array(
|
||||||
|
'identifier' => \__( 'Identifier', 'activitypub' ),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function get_sortable_columns() {
|
||||||
|
return array();
|
||||||
|
}
|
||||||
|
|
||||||
|
public function prepare_items() {
|
||||||
|
$columns = $this->get_columns();
|
||||||
|
$hidden = array();
|
||||||
|
|
||||||
|
$this->process_action();
|
||||||
|
$this->_column_headers = array( $columns, $hidden, $this->get_sortable_columns() );
|
||||||
|
|
||||||
|
$this->items = array();
|
||||||
|
|
||||||
|
foreach ( \Activitypub\Peer\Followers::get_followers( \get_current_user_id() ) as $follower ) {
|
||||||
|
$this->items[]['identifier'] = \esc_attr( $follower );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public function column_default( $item, $column_name ) {
|
||||||
|
return $item[ $column_name ];
|
||||||
|
}
|
||||||
|
}
|
307
wp-content/plugins/activitypub/languages/activitypub.pot
Normal file
307
wp-content/plugins/activitypub/languages/activitypub.pot
Normal file
@ -0,0 +1,307 @@
|
|||||||
|
# Copyright (C) 2020 Matthias Pfefferle
|
||||||
|
# This file is distributed under the MIT.
|
||||||
|
msgid ""
|
||||||
|
msgstr ""
|
||||||
|
"Project-Id-Version: ActivityPub 0.10.0\n"
|
||||||
|
"Report-Msgid-Bugs-To: "
|
||||||
|
"https://wordpress.org/support/plugin/wordpress-activitypub\n"
|
||||||
|
"POT-Creation-Date: 2020-03-15 19:34:14+00:00\n"
|
||||||
|
"MIME-Version: 1.0\n"
|
||||||
|
"Content-Type: text/plain; charset=utf-8\n"
|
||||||
|
"Content-Transfer-Encoding: 8bit\n"
|
||||||
|
"PO-Revision-Date: 2020-MO-DA HO:MI+ZONE\n"
|
||||||
|
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||||
|
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||||
|
"X-Generator: grunt-wp-i18n 1.0.3\n"
|
||||||
|
|
||||||
|
#: includes/class-admin.php:33
|
||||||
|
msgid "Followers"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/class-admin.php:33 templates/followers-list.php:2
|
||||||
|
msgid "Followers (Fediverse)"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/class-admin.php:59
|
||||||
|
msgid "Use title and link, summary or full content"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/class-admin.php:71
|
||||||
|
msgid "The Activity-Object-Type"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/class-admin.php:83 templates/settings.php:36
|
||||||
|
msgid "Use the Shortlink instead of the permalink"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/class-admin.php:90
|
||||||
|
msgid ""
|
||||||
|
"Add hashtags in the content as native tags and replace the #tag with the "
|
||||||
|
"tag-link"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/class-admin.php:97
|
||||||
|
msgid "Add all tags as hashtags at the end of each activity"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/class-admin.php:104
|
||||||
|
msgid "Enable ActivityPub support for post types"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/class-admin.php:112
|
||||||
|
msgid "Block fediverse instances"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/class-admin.php:123
|
||||||
|
msgid "Overview"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/class-admin.php:125
|
||||||
|
msgid ""
|
||||||
|
"ActivityPub is a decentralized social networking protocol based on the "
|
||||||
|
"ActivityStreams 2.0 data format. ActivityPub is an official W3C recommended "
|
||||||
|
"standard published by the W3C Social Web Working Group. It provides a "
|
||||||
|
"client to server API for creating, updating and deleting content, as well "
|
||||||
|
"as a federated server to server API for delivering notifications and "
|
||||||
|
"subscribing to content."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/class-admin.php:130
|
||||||
|
msgid "For more information:"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/class-admin.php:131
|
||||||
|
msgid "<a href=\"https://activitypub.rocks/\">Test Suite</a>"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/class-admin.php:132
|
||||||
|
msgid "<a href=\"https://www.w3.org/TR/activitypub/\">W3C Spec</a>"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/class-admin.php:133
|
||||||
|
msgid ""
|
||||||
|
"<a href=\"https://github.com/pfefferle/wordpress-activitypub/issues\">Give "
|
||||||
|
"us feedback</a>"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/class-admin.php:135
|
||||||
|
msgid "<a href=\"https://notiz.blog/donate\">Donate</a>"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/class-admin.php:145
|
||||||
|
msgid "Fediverse"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/functions.php:110
|
||||||
|
msgid "The \"actor\" is no valid URL"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/functions.php:132
|
||||||
|
msgid "No valid JSON data"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/functions.php:160
|
||||||
|
msgid "No \"Inbox\" found"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/functions.php:186
|
||||||
|
msgid "No \"Public-Key\" found"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/functions.php:214
|
||||||
|
msgid "Profile identifier"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/functions.php:219
|
||||||
|
#. translators: the webfinger resource
|
||||||
|
msgid "Try to follow \"@%s\" in the Mastodon/Friendica search field."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/peer/class-followers.php:53
|
||||||
|
msgid "Unknown Actor schema"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/rest/class-followers.php:46 includes/rest/class-followers.php:49
|
||||||
|
#: includes/rest/class-following.php:46 includes/rest/class-following.php:49
|
||||||
|
#: includes/rest/class-outbox.php:45 includes/rest/class-outbox.php:48
|
||||||
|
#: includes/rest/class-webfinger.php:61
|
||||||
|
msgid "User not found"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/rest/class-webfinger.php:48
|
||||||
|
msgid "Resource is invalid"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/rest/class-webfinger.php:55
|
||||||
|
msgid "Resource host does not match blog host"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: includes/table/followers-list.php:11
|
||||||
|
msgid "Identifier"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/followers-list.php:4
|
||||||
|
msgid "You currently have %s followers."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/json-author.php:48
|
||||||
|
msgid "Blog"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/json-author.php:58
|
||||||
|
msgid "Profile"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/json-author.php:69
|
||||||
|
msgid "Website"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:2
|
||||||
|
msgid "ActivityPub Settings"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:4
|
||||||
|
msgid ""
|
||||||
|
"ActivityPub turns your blog into a federated social network. This means you "
|
||||||
|
"can share and talk to everyone using the ActivityPub protocol, including "
|
||||||
|
"users of Friendica, Pleroma and Mastodon."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:9
|
||||||
|
msgid "Activities"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:11
|
||||||
|
msgid "All activity related settings."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:17
|
||||||
|
msgid "Post-Content"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:21
|
||||||
|
msgid "Title and link"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:21
|
||||||
|
msgid "Only the title and a link."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:24
|
||||||
|
msgid "Excerpt"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:24
|
||||||
|
msgid "A content summary, shortened to 400 characters and without markup."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:27
|
||||||
|
msgid "Content (default)"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:27
|
||||||
|
msgid "The full content."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:33
|
||||||
|
msgid "Backlink"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:42
|
||||||
|
msgid "Activity-Object-Type"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:46
|
||||||
|
msgid "Note (default)"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:46
|
||||||
|
msgid "Should work with most platforms."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:49
|
||||||
|
msgid "Article"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:49
|
||||||
|
msgid ""
|
||||||
|
"The presentation of the \"Article\" might change on different platforms. "
|
||||||
|
"Mastodon for example shows the \"Article\" type as a simple link."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:52
|
||||||
|
msgid "WordPress Post-Format"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:52
|
||||||
|
msgid "Maps the WordPress Post-Format to the ActivityPub Object Type."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:57
|
||||||
|
msgid "Supported post types"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:60
|
||||||
|
msgid "Enable ActivityPub support for the following post types:"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:77
|
||||||
|
msgid "Hashtags"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:81
|
||||||
|
msgid ""
|
||||||
|
"Add hashtags in the content as native tags and replace the "
|
||||||
|
"<code>#tag</code> with the tag-link."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:84
|
||||||
|
msgid "Add all tags as hashtags to the end of each activity."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:93
|
||||||
|
msgid "Server"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:95
|
||||||
|
msgid "Server related settings."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:106
|
||||||
|
msgid "Blacklist"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:110
|
||||||
|
msgid ""
|
||||||
|
"A list of hosts, you want to block, one host per line. Please use only the "
|
||||||
|
"host/domain of the server you want to block, without <code>http://</code> "
|
||||||
|
"and without <code>www.</code>. For example <code>example.com</code>."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: templates/settings.php:124
|
||||||
|
msgid ""
|
||||||
|
"If you like this plugin, what about a small <a "
|
||||||
|
"href=\"https://notiz.blog/donate\">donation</a>?"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#. Plugin Name of the plugin/theme
|
||||||
|
msgid "ActivityPub"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#. Plugin URI of the plugin/theme
|
||||||
|
msgid "https://github.com/pfefferle/wordpress-activitypub/"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#. Description of the plugin/theme
|
||||||
|
msgid ""
|
||||||
|
"The ActivityPub protocol is a decentralized social networking protocol "
|
||||||
|
"based upon the ActivityStreams 2.0 data format."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#. Author of the plugin/theme
|
||||||
|
msgid "Matthias Pfefferle"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#. Author URI of the plugin/theme
|
||||||
|
msgid "https://notiz.blog/"
|
||||||
|
msgstr ""
|
276
wp-content/plugins/activitypub/readme.txt
Normal file
276
wp-content/plugins/activitypub/readme.txt
Normal file
@ -0,0 +1,276 @@
|
|||||||
|
=== ActivityPub ===
|
||||||
|
Contributors: pfefferle
|
||||||
|
Donate link: https://notiz.blog/donate/
|
||||||
|
Tags: OStatus, fediverse, activitypub, activitystream
|
||||||
|
Requires at least: 4.7
|
||||||
|
Tested up to: 5.3
|
||||||
|
Stable tag: 0.10.0
|
||||||
|
Requires PHP: 5.6
|
||||||
|
License: MIT
|
||||||
|
License URI: http://opensource.org/licenses/MIT
|
||||||
|
|
||||||
|
The ActivityPub protocol is a decentralized social networking protocol based upon the ActivityStreams 2.0 data format.
|
||||||
|
|
||||||
|
== Description ==
|
||||||
|
|
||||||
|
This is **BETA** software, see the FAQ to see the current feature set or rather what is still planned.
|
||||||
|
|
||||||
|
The plugin implements the ActivityPub protocol for your blog. Your readers will be able to follow your blogposts on Mastodon and other federated platforms that support ActivityPub.
|
||||||
|
|
||||||
|
The plugin works with the following federated platforms:
|
||||||
|
|
||||||
|
* [Mastodon](https://joinmastodon.org/)
|
||||||
|
* [Pleroma](https://pleroma.social/)
|
||||||
|
* [Friendica](https://friendi.ca/)
|
||||||
|
* [HubZilla](https://hubzilla.org/)
|
||||||
|
* [Pixelfed](https://pixelfed.org/)
|
||||||
|
* [SocialHome](https://socialhome.network/)
|
||||||
|
* [Misskey](https://join.misskey.page/)
|
||||||
|
|
||||||
|
== Frequently Asked Questions ==
|
||||||
|
|
||||||
|
= What is the status of this plugin? =
|
||||||
|
|
||||||
|
Implemented:
|
||||||
|
|
||||||
|
* profile pages (JSON representation)
|
||||||
|
* custom links
|
||||||
|
* functional inbox/outbox
|
||||||
|
* follow (accept follows)
|
||||||
|
* share posts
|
||||||
|
* receive comments/reactions
|
||||||
|
|
||||||
|
To implement:
|
||||||
|
|
||||||
|
* signature verification
|
||||||
|
* better WordPress integration
|
||||||
|
* better configuration possibilities
|
||||||
|
* threaded comments support
|
||||||
|
|
||||||
|
= What is "ActivityPub for WordPress" =
|
||||||
|
|
||||||
|
*ActivityPub for WordPress* extends WordPress with some Fediverse features, but it does not compete with platforms like Friendica or Mastodon. If you want to run a **decentralized social network**, please use [Mastodon](https://joinmastodon.org/) or [GNU social](https://gnu.io/social/).
|
||||||
|
|
||||||
|
= What are the differences between this plugin and Pterotype? =
|
||||||
|
|
||||||
|
**Compatibility**
|
||||||
|
|
||||||
|
*ActivityPub for WordPress* is compatible with OStatus and IndieWeb plugin suites. *Pterotype* is incompatible with the standalone [WebFinger plugin](https://wordpress.org/plugins/webfinger/), so it can't be run together with OStatus.
|
||||||
|
|
||||||
|
**Custom tables**
|
||||||
|
|
||||||
|
*Pterotype* creates/uses a bunch of custom tables, *ActivityPub for WordPress* only uses the native tables and adds as little meta data as possible.
|
||||||
|
|
||||||
|
= What if you are running your blog in a subdirectory? =
|
||||||
|
|
||||||
|
In order for webfinger to work, it must be mapped to the root directory of the URL on which your blog resides.
|
||||||
|
|
||||||
|
**Apache**
|
||||||
|
|
||||||
|
Add the following to the .htaccess file in the root directory:
|
||||||
|
|
||||||
|
RedirectMatch "^\/\.well-known(.*)$" "\/blog\/\.well-known$1"
|
||||||
|
|
||||||
|
Where 'blog' is the path to the subdirectory at which your blog resides.
|
||||||
|
|
||||||
|
**Nginx**
|
||||||
|
|
||||||
|
Add the following to the site.conf in sites-available:
|
||||||
|
|
||||||
|
location ~* /.well-known {
|
||||||
|
allow all;
|
||||||
|
try_files $uri $uri/ /blog/?$args;
|
||||||
|
}
|
||||||
|
|
||||||
|
Where 'blog' is the path to the subdirectory at which your blog resides.
|
||||||
|
|
||||||
|
== Changelog ==
|
||||||
|
|
||||||
|
Project maintained on GitHub at [pfefferle/wordpress-activitypub](https://github.com/pfefferle/wordpress-activitypub).
|
||||||
|
|
||||||
|
= 0.10.0 =
|
||||||
|
|
||||||
|
* add image alt text to the ActivityStreams attachment property in a format that Mastodon can read. props [@BenLubar](https://github.com/BenLubar)
|
||||||
|
* use the "summary" property for a title as Mastodon does. props [@BenLubar](https://github.com/BenLubar)
|
||||||
|
* support authorized fetch to avoid having comments from "Anonymous". props [@BenLubar](https://github.com/BenLubar)
|
||||||
|
* add new post type: "title and link only". props [@bgcarlisle](https://github.com/bgcarlisle)
|
||||||
|
|
||||||
|
= 0.9.1 =
|
||||||
|
|
||||||
|
* disable shared inbox
|
||||||
|
* disable delete activity
|
||||||
|
|
||||||
|
= 0.9.0 =
|
||||||
|
|
||||||
|
* some code refactorings
|
||||||
|
* fix #73
|
||||||
|
|
||||||
|
= 0.8.3 =
|
||||||
|
|
||||||
|
* fixed accept header bug
|
||||||
|
|
||||||
|
= 0.8.2 =
|
||||||
|
|
||||||
|
* add all required accept header
|
||||||
|
* better/simpler accept-header handling
|
||||||
|
* add debugging mechanism
|
||||||
|
* Add setting to enable AP for different (public) Post-Types
|
||||||
|
* explicit use of global functions
|
||||||
|
|
||||||
|
= 0.8.1 =
|
||||||
|
|
||||||
|
* fixed PHP warnings
|
||||||
|
|
||||||
|
= 0.8.0 =
|
||||||
|
|
||||||
|
* Moved followers list to user-menu
|
||||||
|
|
||||||
|
= 0.7.4 =
|
||||||
|
|
||||||
|
* added admin_email to metadata, to be able to "Manage your instance" on https://fediverse.network/manage/
|
||||||
|
|
||||||
|
= 0.7.3 =
|
||||||
|
|
||||||
|
* refactorings
|
||||||
|
* fixed PHP warnings
|
||||||
|
* better hashtag regex
|
||||||
|
|
||||||
|
= 0.7.2 =
|
||||||
|
|
||||||
|
* fixed JSON representation of posts https://merveilles.town/@xuv/101907542498716956
|
||||||
|
|
||||||
|
= 0.7.1 =
|
||||||
|
|
||||||
|
* fixed inbox problems with pleroma
|
||||||
|
|
||||||
|
= 0.7.0 =
|
||||||
|
|
||||||
|
* finally fixed pleroma compatibility
|
||||||
|
* added "following" endpoint
|
||||||
|
* simplified "followers" endpoint
|
||||||
|
* fixed default value problem
|
||||||
|
|
||||||
|
= 0.6.0 =
|
||||||
|
|
||||||
|
* add tags as hashtags to the end of each activity
|
||||||
|
* fixed pleroma following issue
|
||||||
|
* followers-list improvements
|
||||||
|
|
||||||
|
= 0.5.1 =
|
||||||
|
|
||||||
|
* fixed name-collision that caused an infinite loop
|
||||||
|
|
||||||
|
= 0.5.0 =
|
||||||
|
|
||||||
|
* complete refactoring
|
||||||
|
* fixed bug #30: Password-protected posts are federated
|
||||||
|
* only send Activites when ActivityPub is enabled for this post-type
|
||||||
|
|
||||||
|
= 0.4.4 =
|
||||||
|
|
||||||
|
* show avatars
|
||||||
|
|
||||||
|
= 0.4.3 =
|
||||||
|
|
||||||
|
* finally fixed backlink in excerpt/summary posts
|
||||||
|
|
||||||
|
= 0.4.2 =
|
||||||
|
|
||||||
|
* fixed backlink in excerpt/summary posts (thanks @depone)
|
||||||
|
|
||||||
|
= 0.4.1 =
|
||||||
|
|
||||||
|
* finally fixed contact list
|
||||||
|
|
||||||
|
= 0.4.0 =
|
||||||
|
|
||||||
|
* added settings to enable/disable hashtag support
|
||||||
|
* fixed follower list
|
||||||
|
* send activities only for new posts, otherwise send updates
|
||||||
|
|
||||||
|
= 0.3.2 =
|
||||||
|
|
||||||
|
* added "followers" endpoint
|
||||||
|
* change activity content from blog 'excerpt' to blog 'content'
|
||||||
|
|
||||||
|
= 0.3.1 =
|
||||||
|
|
||||||
|
* better json encoding
|
||||||
|
|
||||||
|
= 0.3.0 =
|
||||||
|
|
||||||
|
* basic hashtag support
|
||||||
|
* temporarily deactivated likes and boosts
|
||||||
|
* added support for actor objects
|
||||||
|
* fixed encoding issue
|
||||||
|
|
||||||
|
= 0.2.1 =
|
||||||
|
|
||||||
|
* customizable backlink (permalink or shorturl)
|
||||||
|
* show profile-identifiers also on profile settings
|
||||||
|
|
||||||
|
= 0.2.0 =
|
||||||
|
|
||||||
|
* added option to switch between content and excerpt
|
||||||
|
* removed html and duplicate new-lines
|
||||||
|
|
||||||
|
= 0.1.1 =
|
||||||
|
|
||||||
|
* fixed "excerpt" in AS JSON
|
||||||
|
* added settings for the activity-summary and for the activity-object-type
|
||||||
|
|
||||||
|
= 0.1.0 =
|
||||||
|
|
||||||
|
* added basic WebFinger support
|
||||||
|
* added basic NodeInfo support
|
||||||
|
* fully functional "follow" activity
|
||||||
|
* send new posts to your followers
|
||||||
|
* receive comments from your followers
|
||||||
|
|
||||||
|
= 0.0.2 =
|
||||||
|
|
||||||
|
* refactoring
|
||||||
|
* functional inbox
|
||||||
|
* nicer profile views
|
||||||
|
|
||||||
|
= 0.0.1 =
|
||||||
|
|
||||||
|
* initial
|
||||||
|
|
||||||
|
== Installation ==
|
||||||
|
|
||||||
|
Follow the normal instructions for [installing WordPress plugins](https://wordpress.org/support/article/managing-plugins/).
|
||||||
|
|
||||||
|
= Automatic Plugin Installation =
|
||||||
|
|
||||||
|
To add a WordPress Plugin using the [built-in plugin installer](https://codex.wordpress.org/Administration_Screens#Add_New_Plugins):
|
||||||
|
|
||||||
|
1. Go to [Plugins](https://codex.wordpress.org/Administration_Screens#Plugins) > [Add New](https://codex.wordpress.org/Plugins_Add_New_Screen).
|
||||||
|
1. Type "`activitypub`" into the **Search Plugins** box.
|
||||||
|
1. Find the WordPress Plugin you wish to install.
|
||||||
|
1. Click **Details** for more information about the Plugin and instructions you may wish to print or save to help setup the Plugin.
|
||||||
|
1. Click **Install Now** to install the WordPress Plugin.
|
||||||
|
1. The resulting installation screen will list the installation as successful or note any problems during the install.
|
||||||
|
1. If successful, click **Activate Plugin** to activate it, or **Return to Plugin Installer** for further actions.
|
||||||
|
|
||||||
|
= Manual Plugin Installation =
|
||||||
|
|
||||||
|
There are a few cases when manually installing a WordPress Plugin is appropriate.
|
||||||
|
|
||||||
|
* If you wish to control the placement and the process of installing a WordPress Plugin.
|
||||||
|
* If your server does not permit automatic installation of a WordPress Plugin.
|
||||||
|
* If you want to try the [latest development version](https://github.com/pfefferle/wordpress-activitypub).
|
||||||
|
|
||||||
|
Installation of a WordPress Plugin manually requires FTP familiarity and the awareness that you may put your site at risk if you install a WordPress Plugin incompatible with the current version or from an unreliable source.
|
||||||
|
|
||||||
|
Backup your site completely before proceeding.
|
||||||
|
|
||||||
|
To install a WordPress Plugin manually:
|
||||||
|
|
||||||
|
* Download your WordPress Plugin to your desktop.
|
||||||
|
* Download from [the WordPress directory](https://wordpress.org/plugins/activitypub/)
|
||||||
|
* Download from [GitHub](https://github.com/pfefferle/wordpress-activitypub/releases)
|
||||||
|
* If downloaded as a zip archive, extract the Plugin folder to your desktop.
|
||||||
|
* With your FTP program, upload the Plugin folder to the `wp-content/plugins` folder in your WordPress directory online.
|
||||||
|
* Go to [Plugins screen](https://codex.wordpress.org/Administration_Screens#Plugins) and find the newly uploaded Plugin in the list.
|
||||||
|
* Click **Activate** to activate it.
|
15
wp-content/plugins/activitypub/templates/followers-list.php
Normal file
15
wp-content/plugins/activitypub/templates/followers-list.php
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
<div class="wrap">
|
||||||
|
<h1><?php \esc_html_e( 'Followers (Fediverse)', 'activitypub' ); ?></h1>
|
||||||
|
|
||||||
|
<p><?php \printf( \__( 'You currently have %s followers.', 'activitypub' ), \esc_attr( \Activitypub\Peer\Followers::count_followers( \get_current_user_id() ) ) ); ?></p>
|
||||||
|
|
||||||
|
<?php $token_table = new \Activitypub\Table\Followers_List(); ?>
|
||||||
|
|
||||||
|
<form method="get">
|
||||||
|
<input type="hidden" name="page" value="indieauth_user_token" />
|
||||||
|
<?php
|
||||||
|
$token_table->prepare_items();
|
||||||
|
$token_table->display();
|
||||||
|
?>
|
||||||
|
</form>
|
||||||
|
</div>
|
113
wp-content/plugins/activitypub/templates/json-author.php
Normal file
113
wp-content/plugins/activitypub/templates/json-author.php
Normal file
@ -0,0 +1,113 @@
|
|||||||
|
<?php
|
||||||
|
$author_id = \get_the_author_meta( 'ID' );
|
||||||
|
|
||||||
|
$json = new \stdClass();
|
||||||
|
|
||||||
|
$json->{'@context'} = \Activitypub\get_context();
|
||||||
|
$json->id = \get_author_posts_url( $author_id );
|
||||||
|
$json->type = 'Person';
|
||||||
|
$json->name = \get_the_author_meta( 'display_name', $author_id );
|
||||||
|
$json->summary = \html_entity_decode(
|
||||||
|
\get_the_author_meta( 'description', $author_id ),
|
||||||
|
ENT_QUOTES,
|
||||||
|
'UTF-8'
|
||||||
|
);
|
||||||
|
$json->preferredUsername = \get_the_author_meta( 'login', $author_id ); // phpcs:ignore
|
||||||
|
$json->url = \get_author_posts_url( $author_id );
|
||||||
|
$json->icon = array(
|
||||||
|
'type' => 'Image',
|
||||||
|
'url' => \get_avatar_url( $author_id, array( 'size' => 120 ) ),
|
||||||
|
);
|
||||||
|
|
||||||
|
if ( \has_header_image() ) {
|
||||||
|
$json->image = array(
|
||||||
|
'type' => 'Image',
|
||||||
|
'url' => \get_header_image(),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
$json->inbox = \get_rest_url( null, "/activitypub/1.0/users/$author_id/inbox" );
|
||||||
|
$json->outbox = \get_rest_url( null, "/activitypub/1.0/users/$author_id/outbox" );
|
||||||
|
$json->followers = \get_rest_url( null, "/activitypub/1.0/users/$author_id/followers" );
|
||||||
|
$json->following = \get_rest_url( null, "/activitypub/1.0/users/$author_id/following" );
|
||||||
|
|
||||||
|
$json->manuallyApprovesFollowers = \apply_filters( 'activitypub_json_manually_approves_followers', __return_false() ); // phpcs:ignore
|
||||||
|
|
||||||
|
// phpcs:ignore
|
||||||
|
$json->publicKey = array(
|
||||||
|
'id' => \get_author_posts_url( $author_id ) . '#main-key',
|
||||||
|
'owner' => \get_author_posts_url( $author_id ),
|
||||||
|
'publicKeyPem' => \trim( \Activitypub\Signature::get_public_key( $author_id ) ),
|
||||||
|
);
|
||||||
|
|
||||||
|
$json->tag = array();
|
||||||
|
$json->attachment = array();
|
||||||
|
|
||||||
|
$json->attachment[] = array(
|
||||||
|
'type' => 'PropertyValue',
|
||||||
|
'name' => __( 'Blog', 'activitypub' ),
|
||||||
|
'value' => \html_entity_decode(
|
||||||
|
'<a rel="me" title="' . \esc_attr( \home_url( '/' ) ) . '" target="_blank" href="' . \home_url( '/' ) . '">' . \wp_parse_url( \home_url( '/' ), PHP_URL_HOST ) . '</a>',
|
||||||
|
ENT_QUOTES,
|
||||||
|
'UTF-8'
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
$json->attachment[] = array(
|
||||||
|
'type' => 'PropertyValue',
|
||||||
|
'name' => __( 'Profile', 'activitypub' ),
|
||||||
|
'value' => \html_entity_decode(
|
||||||
|
'<a rel="me" title="' . \esc_attr( \get_author_posts_url( $author_id ) ) . '" target="_blank" href="' . \get_author_posts_url( $author_id ) . '">' . \wp_parse_url( \get_author_posts_url( $author_id ), PHP_URL_HOST ) . '</a>',
|
||||||
|
ENT_QUOTES,
|
||||||
|
'UTF-8'
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
if ( \get_the_author_meta( 'user_url', $author_id ) ) {
|
||||||
|
$json->attachment[] = array(
|
||||||
|
'type' => 'PropertyValue',
|
||||||
|
'name' => __( 'Website', 'activitypub' ),
|
||||||
|
'value' => \html_entity_decode(
|
||||||
|
'<a rel="me" title="' . \esc_attr( \get_the_author_meta( 'user_url', $author_id ) ) . '" target="_blank" href="' . \get_the_author_meta( 'user_url', $author_id ) . '">' . \wp_parse_url( \get_the_author_meta( 'user_url', $author_id ), PHP_URL_HOST ) . '</a>',
|
||||||
|
ENT_QUOTES,
|
||||||
|
'UTF-8'
|
||||||
|
),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
$json->endpoints = array(
|
||||||
|
'sharedInbox' => \get_rest_url( null, '/activitypub/1.0/inbox' ),
|
||||||
|
);
|
||||||
|
*/
|
||||||
|
|
||||||
|
// filter output
|
||||||
|
$json = \apply_filters( 'activitypub_json_author_array', $json );
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Action triggerd prior to the ActivityPub profile being created and sent to the client
|
||||||
|
*/
|
||||||
|
\do_action( 'activitypub_json_author_pre' );
|
||||||
|
|
||||||
|
$options = 0;
|
||||||
|
// JSON_PRETTY_PRINT added in PHP 5.4
|
||||||
|
if ( \get_query_var( 'pretty' ) ) {
|
||||||
|
$options |= JSON_PRETTY_PRINT; // phpcs:ignore
|
||||||
|
}
|
||||||
|
|
||||||
|
$options |= JSON_HEX_TAG | JSON_HEX_AMP | JSON_HEX_QUOT;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Options to be passed to json_encode()
|
||||||
|
*
|
||||||
|
* @param int $options The current options flags
|
||||||
|
*/
|
||||||
|
$options = \apply_filters( 'activitypub_json_author_options', $options );
|
||||||
|
|
||||||
|
\header( 'Content-Type: application/activity+json' );
|
||||||
|
echo \wp_json_encode( $json, $options );
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Action triggerd after the ActivityPub profile has been created and sent to the client
|
||||||
|
*/
|
||||||
|
\do_action( 'activitypub_json_author_post' );
|
36
wp-content/plugins/activitypub/templates/json-post.php
Normal file
36
wp-content/plugins/activitypub/templates/json-post.php
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
<?php
|
||||||
|
$post = \get_post();
|
||||||
|
|
||||||
|
$activitypub_post = new \Activitypub\Model\Post( $post );
|
||||||
|
$json = \array_merge( array( '@context' => \Activitypub\get_context() ), $activitypub_post->to_array() );
|
||||||
|
|
||||||
|
// filter output
|
||||||
|
$json = \apply_filters( 'activitypub_json_post_array', $json );
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Action triggerd prior to the ActivityPub profile being created and sent to the client
|
||||||
|
*/
|
||||||
|
\do_action( 'activitypub_json_post_pre' );
|
||||||
|
|
||||||
|
$options = 0;
|
||||||
|
// JSON_PRETTY_PRINT added in PHP 5.4
|
||||||
|
if ( \get_query_var( 'pretty' ) ) {
|
||||||
|
$options |= JSON_PRETTY_PRINT; // phpcs:ignore
|
||||||
|
}
|
||||||
|
|
||||||
|
$options |= JSON_HEX_TAG | JSON_HEX_AMP | JSON_HEX_QUOT;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Options to be passed to json_encode()
|
||||||
|
*
|
||||||
|
* @param int $options The current options flags
|
||||||
|
*/
|
||||||
|
$options = \apply_filters( 'activitypub_json_post_options', $options );
|
||||||
|
|
||||||
|
\header( 'Content-Type: application/activity+json' );
|
||||||
|
echo \wp_json_encode( $json, $options );
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Action triggerd after the ActivityPub profile has been created and sent to the client
|
||||||
|
*/
|
||||||
|
\do_action( 'activitypub_json_post_post' );
|
126
wp-content/plugins/activitypub/templates/settings.php
Normal file
126
wp-content/plugins/activitypub/templates/settings.php
Normal file
@ -0,0 +1,126 @@
|
|||||||
|
<div class="wrap">
|
||||||
|
<h1><?php \esc_html_e( 'ActivityPub Settings', 'activitypub' ); ?></h1>
|
||||||
|
|
||||||
|
<p><?php \esc_html_e( 'ActivityPub turns your blog into a federated social network. This means you can share and talk to everyone using the ActivityPub protocol, including users of Friendica, Pleroma and Mastodon.', 'activitypub' ); ?></p>
|
||||||
|
|
||||||
|
<form method="post" action="options.php">
|
||||||
|
<?php \settings_fields( 'activitypub' ); ?>
|
||||||
|
|
||||||
|
<h2><?php \esc_html_e( 'Activities', 'activitypub' ); ?></h2>
|
||||||
|
|
||||||
|
<p><?php \esc_html_e( 'All activity related settings.', 'activitypub' ); ?></p>
|
||||||
|
|
||||||
|
<table class="form-table">
|
||||||
|
<tbody>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<?php esc_html_e( 'Post-Content', 'activitypub' ); ?>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<p>
|
||||||
|
<label><input type="radio" name="activitypub_post_content_type" id="activitypub_post_content_type_title_link" value="title" <?php echo \checked( 'title', \get_option( 'activitypub_post_content_type', 'content' ) ); ?> /> <?php \esc_html_e( 'Title and link', 'activitypub' ); ?></label> - <span class="description"><?php \esc_html_e( 'Only the title and a link.', 'activitypub' ); ?></span>
|
||||||
|
</p>
|
||||||
|
<p>
|
||||||
|
<label><input type="radio" name="activitypub_post_content_type" id="activitypub_post_content_type_excerpt" value="excerpt" <?php echo \checked( 'excerpt', \get_option( 'activitypub_post_content_type', 'content' ) ); ?> /> <?php \esc_html_e( 'Excerpt', 'activitypub' ); ?></label> - <span class="description"><?php \esc_html_e( 'A content summary, shortened to 400 characters and without markup.', 'activitypub' ); ?></span>
|
||||||
|
</p>
|
||||||
|
<p>
|
||||||
|
<label><input type="radio" name="activitypub_post_content_type" id="activitypub_post_content_type_content" value="content" <?php echo \checked( 'content', \get_option( 'activitypub_post_content_type', 'content' ) ); ?> /> <?php \esc_html_e( 'Content (default)', 'activitypub' ); ?></label> - <span class="description"><?php \esc_html_e( 'The full content.', 'activitypub' ); ?></span>
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<?php \esc_html_e( 'Backlink', 'activitypub' ); ?>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<p><label><input type="checkbox" name="activitypub_use_shortlink" id="activitypub_use_shortlink" value="1" <?php echo \checked( '1', \get_option( 'activitypub_use_shortlink', '0' ) ); ?> /> <?php \esc_html_e( 'Use the Shortlink instead of the permalink', 'activitypub' ); ?></label></p>
|
||||||
|
<p class="description"><?php \printf( esc_html( 'I can recommend %sHum%s, to prettify the Shortlinks', 'activitypub' ), '<a href="https://wordpress.org/plugins/hum/" target="_blank">', '</a>' ); ?></p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<?php \esc_html_e( 'Activity-Object-Type', 'activitypub' ); ?>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<p>
|
||||||
|
<label><input type="radio" name="activitypub_object_type" id="activitypub_object_type_note" value="note" <?php echo \checked( 'note', \get_option( 'activitypub_object_type', 'note' ) ); ?> /> <?php \esc_html_e( 'Note (default)', 'activitypub' ); ?></label> - <span class="description"><?php \esc_html_e( 'Should work with most platforms.', 'activitypub' ); ?></span>
|
||||||
|
</p>
|
||||||
|
<p>
|
||||||
|
<label><input type="radio" name="activitypub_object_type" id="activitypub_object_type_article" value="article" <?php echo \checked( 'article', \get_option( 'activitypub_object_type', 'note' ) ); ?> /> <?php \esc_html_e( 'Article', 'activitypub' ); ?></label> - <span class="description"><?php \esc_html_e( 'The presentation of the "Article" might change on different platforms. Mastodon for example shows the "Article" type as a simple link.', 'activitypub' ); ?></span>
|
||||||
|
</p>
|
||||||
|
<p>
|
||||||
|
<label><input type="radio" name="activitypub_object_type" id="activitypub_object_type" value="wordpress-post-format" <?php echo \checked( 'wordpress-post-format', \get_option( 'activitypub_object_type', 'note' ) ); ?> /> <?php \esc_html_e( 'WordPress Post-Format', 'activitypub' ); ?></label> - <span class="description"><?php \esc_html_e( 'Maps the WordPress Post-Format to the ActivityPub Object Type.', 'activitypub' ); ?></span>
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row"><?php \esc_html_e( 'Supported post types', 'activitypub' ); ?></th>
|
||||||
|
<td>
|
||||||
|
<fieldset>
|
||||||
|
<?php \esc_html_e( 'Enable ActivityPub support for the following post types:', 'activitypub' ); ?>
|
||||||
|
|
||||||
|
<?php $post_types = \get_post_types( array( 'public' => true ), 'objects' ); ?>
|
||||||
|
<?php $support_post_types = \get_option( 'activitypub_support_post_types', array( 'post', 'page' ) ) ? \get_option( 'activitypub_support_post_types', array( 'post', 'page' ) ) : array(); ?>
|
||||||
|
<ul>
|
||||||
|
<?php foreach ( $post_types as $post_type ) { ?>
|
||||||
|
<li>
|
||||||
|
<input type="checkbox" id="activitypub_support_post_types" name="activitypub_support_post_types[]" value="<?php echo \esc_attr( $post_type->name ); ?>" <?php echo \checked( true, \in_array( $post_type->name, $support_post_types, true ) ); ?> />
|
||||||
|
<label for="<?php echo \esc_attr( $post_type->name ); ?>"><?php echo \esc_html( $post_type->label ); ?></label>
|
||||||
|
</li>
|
||||||
|
<?php } ?>
|
||||||
|
</ul>
|
||||||
|
</fieldset>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<?php \esc_html_e( 'Hashtags', 'activitypub' ); ?>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<p>
|
||||||
|
<label><input type="checkbox" name="activitypub_use_hashtags" id="activitypub_use_hashtags" value="1" <?php echo \checked( '1', \get_option( 'activitypub_use_hashtags', '1' ) ); ?> /> <?php \_e( 'Add hashtags in the content as native tags and replace the <code>#tag</code> with the tag-link.', 'activitypub' ); ?></label>
|
||||||
|
</p>
|
||||||
|
<p>
|
||||||
|
<label><input type="checkbox" name="activitypub_add_tags_as_hashtags" id="activitypub_add_tags_as_hashtags" value="1" <?php echo \checked( '1', \get_option( 'activitypub_add_tags_as_hashtags', '0' ) ); ?> /> <?php \_e( 'Add all tags as hashtags to the end of each activity.', 'activitypub' ); ?></label>
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
<?php \do_settings_fields( 'activitypub', 'activity' ); ?>
|
||||||
|
|
||||||
|
<h2><?php \esc_html_e( 'Server', 'activitypub' ); ?></h2>
|
||||||
|
|
||||||
|
<p><?php \esc_html_e( 'Server related settings.', 'activitypub' ); ?></p>
|
||||||
|
|
||||||
|
<?php
|
||||||
|
// load the existing blacklist from the WordPress options table
|
||||||
|
$activitypub_blacklist = \trim( \implode( PHP_EOL, \ActivityPub\get_blacklist() ), PHP_EOL );
|
||||||
|
?>
|
||||||
|
|
||||||
|
<table class="form-table">
|
||||||
|
<tbody>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<?php \esc_html_e( 'Blacklist', 'activitypub' ); ?>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<textarea name="activitypub_blacklist" id="activitypub_blacklist" rows="10" cols="50" class="large-text"><?php echo $activitypub_blacklist; ?></textarea>
|
||||||
|
<p class="description"><?php \_e( 'A list of hosts, you want to block, one host per line. Please use only the host/domain of the server you want to block, without <code>http://</code> and without <code>www.</code>. For example <code>example.com</code>.', 'activitypub' ); ?></p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
<?php \do_settings_fields( 'activitypub', 'server' ); ?>
|
||||||
|
|
||||||
|
<?php \do_settings_sections( 'activitypub' ); ?>
|
||||||
|
|
||||||
|
<?php \submit_button(); ?>
|
||||||
|
</form>
|
||||||
|
|
||||||
|
<p>
|
||||||
|
<small><?php _e( 'If you like this plugin, what about a small <a href="https://notiz.blog/donate">donation</a>?', 'activitypub' ); ?></small>
|
||||||
|
</p>
|
||||||
|
</div>
|
83
wp-content/plugins/authLdap-2.3.1/.ci/50-init.ldif
Normal file
83
wp-content/plugins/authLdap-2.3.1/.ci/50-init.ldif
Normal file
@ -0,0 +1,83 @@
|
|||||||
|
dn: dc=test space,{{ LDAP_BASE_DN }}
|
||||||
|
changetype: add
|
||||||
|
dc: test space
|
||||||
|
description: LDAP Example with space
|
||||||
|
objectClass: dcObject
|
||||||
|
objectClass: organization
|
||||||
|
o: test space
|
||||||
|
|
||||||
|
dn: cn=Manager,{{ LDAP_BASE_DN }}
|
||||||
|
changetype: add
|
||||||
|
cn: Manager
|
||||||
|
objectClass: organizationalRole
|
||||||
|
|
||||||
|
dn: ou=test,{{ LDAP_BASE_DN }}
|
||||||
|
changetype: add
|
||||||
|
objectClass: organizationalUnit
|
||||||
|
ou: test
|
||||||
|
|
||||||
|
dn: uid=user1,{{ LDAP_BASE_DN }}
|
||||||
|
changetype: add
|
||||||
|
objectClass: account
|
||||||
|
objectClass: simpleSecurityObject
|
||||||
|
uid: user1
|
||||||
|
userPassword: user1
|
||||||
|
|
||||||
|
dn: cn=group1,{{ LDAP_BASE_DN }}
|
||||||
|
changetype: add
|
||||||
|
objectclass: groupOfUniqueNames
|
||||||
|
cn: group1
|
||||||
|
uniqueMember: uid=user1,{{ LDAP_BASE_DN }}
|
||||||
|
|
||||||
|
dn: uid=user2,{{ LDAP_BASE_DN }}
|
||||||
|
changetype: add
|
||||||
|
objectClass: account
|
||||||
|
objectClass: simpleSecurityObject
|
||||||
|
uid: user2
|
||||||
|
userPassword: user2
|
||||||
|
|
||||||
|
dn: cn=group2,{{ LDAP_BASE_DN }}
|
||||||
|
changetype: add
|
||||||
|
objectclass: groupOfUniqueNames
|
||||||
|
cn: group2
|
||||||
|
uniqueMember: uid=user2,{{ LDAP_BASE_DN }}
|
||||||
|
|
||||||
|
dn: uid=user3,{{ LDAP_BASE_DN }}
|
||||||
|
changetype: add
|
||||||
|
objectClass: account
|
||||||
|
objectClass: simpleSecurityObject
|
||||||
|
uid: user3
|
||||||
|
userPassword: user!"
|
||||||
|
|
||||||
|
dn: cn=group3,{{ LDAP_BASE_DN }}
|
||||||
|
changetype: add
|
||||||
|
objectclass: groupOfUniqueNames
|
||||||
|
cn: group3
|
||||||
|
uniqueMember: uid=user2,{{ LDAP_BASE_DN }}
|
||||||
|
uniqueMember: uid=user3,{{ LDAP_BASE_DN }}
|
||||||
|
|
||||||
|
dn: uid=user 4,{{ LDAP_BASE_DN }}
|
||||||
|
changetype: add
|
||||||
|
objectClass: account
|
||||||
|
objectClass: simpleSecurityObject
|
||||||
|
uid: user 4
|
||||||
|
userPassword: user!"
|
||||||
|
|
||||||
|
dn: cn=group4,{{ LDAP_BASE_DN }}
|
||||||
|
changetype: add
|
||||||
|
objectclass: groupOfUniqueNames
|
||||||
|
cn: group4
|
||||||
|
uniqueMember: uid=user 4,{{ LDAP_BASE_DN }}
|
||||||
|
|
||||||
|
dn: uid=user 5,dc=test space,{{ LDAP_BASE_DN }}
|
||||||
|
changetype: add
|
||||||
|
objectClass: account
|
||||||
|
objectClass: simpleSecurityObject
|
||||||
|
uid: user 5
|
||||||
|
userPassword: user!"
|
||||||
|
|
||||||
|
dn: cn=group5,{{ LDAP_BASE_DN }}
|
||||||
|
changetype: add
|
||||||
|
objectclass: groupOfUniqueNames
|
||||||
|
cn: group5
|
||||||
|
uniqueMember: uid=user 5,dc=test space,{{ LDAP_BASE_DN }}
|
42
wp-content/plugins/authLdap-2.3.1/.ci/OpenLDAP/slapd.conf
Normal file
42
wp-content/plugins/authLdap-2.3.1/.ci/OpenLDAP/slapd.conf
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
##
|
||||||
|
# Global Directives
|
||||||
|
##
|
||||||
|
|
||||||
|
# Schema and objectClass definitions
|
||||||
|
include /etc/ldap/schema/core.schema
|
||||||
|
include /etc/ldap/schema/cosine.schema
|
||||||
|
include /etc/ldap/schema/nis.schema
|
||||||
|
include /etc/ldap/schema/inetorgperson.schema
|
||||||
|
|
||||||
|
moduleload back_hdb
|
||||||
|
|
||||||
|
disallow bind_anon
|
||||||
|
|
||||||
|
##
|
||||||
|
# Test DB
|
||||||
|
##
|
||||||
|
|
||||||
|
database hdb
|
||||||
|
|
||||||
|
suffix "dc=example,dc=com"
|
||||||
|
|
||||||
|
rootdn "cn=Manager,dc=example,dc=com"
|
||||||
|
rootpw insecure
|
||||||
|
|
||||||
|
# The database directory MUST exist prior to running slapd AND
|
||||||
|
# change path as necessary
|
||||||
|
directory /tmp/ldap_db/
|
||||||
|
|
||||||
|
##
|
||||||
|
# ACL
|
||||||
|
##
|
||||||
|
|
||||||
|
# The userPassword by default can be changed
|
||||||
|
# by the entry owning it if they are authenticated.
|
||||||
|
# Others should not be able to see it, except the
|
||||||
|
# admin entry below
|
||||||
|
# These access lines apply to database #1 only
|
||||||
|
access to attrs=userPassword,shadowLastChange
|
||||||
|
by anonymous auth
|
||||||
|
by self write
|
||||||
|
by * none
|
16
wp-content/plugins/authLdap-2.3.1/.ci/OpenLDAP_run.sh
Normal file
16
wp-content/plugins/authLdap-2.3.1/.ci/OpenLDAP_run.sh
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
|
||||||
|
LDAP_DB=/tmp/ldap_db
|
||||||
|
|
||||||
|
echo "Creating database directory"
|
||||||
|
|
||||||
|
rm -rf ${LDAP_DB} && mkdir ${LDAP_DB} && cp /usr/share/doc/slapd/examples/DB_CONFIG ${LDAP_DB}
|
||||||
|
|
||||||
|
echo "Launching OpenLDAP ..."
|
||||||
|
|
||||||
|
# Start slapd with non root privileges
|
||||||
|
slapd -h "ldap://0.0.0.0:3890/" -f ${DIR}/OpenLDAP/slapd.conf
|
||||||
|
|
||||||
|
# Wait for LDAP to start
|
||||||
|
sleep 1
|
@ -0,0 +1,6 @@
|
|||||||
|
dn: dc=example,dc=com
|
||||||
|
dc: example
|
||||||
|
description: LDAP Example
|
||||||
|
objectClass: dcObject
|
||||||
|
objectClass: organization
|
||||||
|
o: example
|
@ -0,0 +1,6 @@
|
|||||||
|
dn: dc=test space,dc=example,dc=com
|
||||||
|
dc: test space
|
||||||
|
description: LDAP Example with space
|
||||||
|
objectClass: dcObject
|
||||||
|
objectClass: organization
|
||||||
|
o: test space
|
@ -0,0 +1,3 @@
|
|||||||
|
dn: cn=Manager,dc=example,dc=com
|
||||||
|
cn: Manager
|
||||||
|
objectClass: organizationalRole
|
@ -0,0 +1,3 @@
|
|||||||
|
dn: ou=test,dc=example,dc=com
|
||||||
|
objectClass: organizationalUnit
|
||||||
|
ou: test
|
@ -0,0 +1,5 @@
|
|||||||
|
dn: uid=user1,dc=example,dc=com
|
||||||
|
objectClass: account
|
||||||
|
objectClass: simpleSecurityObject
|
||||||
|
uid: user1
|
||||||
|
userPassword: user1
|
@ -0,0 +1,16 @@
|
|||||||
|
dn: cn=group1,dc=example,dc=com
|
||||||
|
objectclass: groupOfUniqueNames
|
||||||
|
cn: group1
|
||||||
|
uniqueMember: uid=user1,dc=example,dc=com
|
||||||
|
|
||||||
|
dn: uid=user2,dc=example,dc=com
|
||||||
|
objectClass: account
|
||||||
|
objectClass: simpleSecurityObject
|
||||||
|
uid: user2
|
||||||
|
userPassword: user2
|
||||||
|
|
||||||
|
dn: cn=group2,dc=example,dc=com
|
||||||
|
objectclass: groupOfUniqueNames
|
||||||
|
cn: group2
|
||||||
|
uniqueMember: uid=user2,dc=example,dc=com
|
||||||
|
|
@ -0,0 +1,14 @@
|
|||||||
|
dn: cn=group3,dc=example,dc=com
|
||||||
|
objectclass: groupOfUniqueNames
|
||||||
|
cn: group3
|
||||||
|
uniqueMember: uid=user2,dc=example,dc=com
|
||||||
|
uniqueMember: uid=user3,dc=example,dc=com
|
||||||
|
|
||||||
|
dn: uid=user3,dc=example,dc=com
|
||||||
|
objectClass: account
|
||||||
|
objectClass: simpleSecurityObject
|
||||||
|
uid: user3
|
||||||
|
userPassword: user!"
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -0,0 +1,13 @@
|
|||||||
|
dn: cn=group4,dc=example,dc=com
|
||||||
|
objectclass: groupOfUniqueNames
|
||||||
|
cn: group4
|
||||||
|
uniqueMember: uid=user 4,dc=example,dc=com
|
||||||
|
|
||||||
|
dn: uid=user 4,dc=example,dc=com
|
||||||
|
objectClass: account
|
||||||
|
objectClass: simpleSecurityObject
|
||||||
|
uid: user 4
|
||||||
|
userPassword: user!"
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -0,0 +1,13 @@
|
|||||||
|
dn: cn=group5,dc=example,dc=com
|
||||||
|
objectclass: groupOfUniqueNames
|
||||||
|
cn: group5
|
||||||
|
uniqueMember: uid=user 5,dc=test space,dc=example,dc=com
|
||||||
|
|
||||||
|
dn: uid=user 5,dc=test space,dc=example,dc=com
|
||||||
|
objectClass: account
|
||||||
|
objectClass: simpleSecurityObject
|
||||||
|
uid: user 5
|
||||||
|
userPassword: user!"
|
||||||
|
|
||||||
|
|
||||||
|
|
13
wp-content/plugins/authLdap-2.3.1/.ci/load_fixtures.sh
Normal file
13
wp-content/plugins/authLdap-2.3.1/.ci/load_fixtures.sh
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
|
||||||
|
FIXTURES_DIR="$DIR/ldif"
|
||||||
|
|
||||||
|
load_fixture () {
|
||||||
|
ldapadd -x -H ldap://127.0.0.1:3890/ -D "cn=Manager,dc=example,dc=com" -w insecure -f $1
|
||||||
|
}
|
||||||
|
|
||||||
|
for FIXTURE in `ls ${FIXTURES_DIR}`
|
||||||
|
do
|
||||||
|
load_fixture "${FIXTURES_DIR}/${FIXTURE}"
|
||||||
|
done;
|
1
wp-content/plugins/authLdap-2.3.1/.ci/php.ini
Normal file
1
wp-content/plugins/authLdap-2.3.1/.ci/php.ini
Normal file
@ -0,0 +1 @@
|
|||||||
|
extension=ldap.so
|
3
wp-content/plugins/authLdap-2.3.1/.gitignore
vendored
Normal file
3
wp-content/plugins/authLdap-2.3.1/.gitignore
vendored
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
vendor
|
||||||
|
composer.lock
|
||||||
|
.svnAccess
|
26
wp-content/plugins/authLdap-2.3.1/.rsyncIgnore
Normal file
26
wp-content/plugins/authLdap-2.3.1/.rsyncIgnore
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
svn
|
||||||
|
build.xml
|
||||||
|
tests
|
||||||
|
VERSION
|
||||||
|
Vagrantfile
|
||||||
|
phpunit.*
|
||||||
|
composer.*
|
||||||
|
vendor
|
||||||
|
tests
|
||||||
|
report*
|
||||||
|
build
|
||||||
|
bin
|
||||||
|
*~
|
||||||
|
.*
|
||||||
|
.gitignore
|
||||||
|
.travis*
|
||||||
|
composer.json
|
||||||
|
docker-compose-mu.yml
|
||||||
|
patchcoverage
|
||||||
|
phpunit*
|
||||||
|
tests
|
||||||
|
wp-app
|
||||||
|
wp-data
|
||||||
|
dockersetup
|
||||||
|
config
|
||||||
|
docker-compose.yml
|
2
wp-content/plugins/authLdap-2.3.1/.svnAccess.dist
Normal file
2
wp-content/plugins/authLdap-2.3.1/.svnAccess.dist
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
username = svnUsername
|
||||||
|
password = svnPassword
|
6
wp-content/plugins/authLdap-2.3.1/.travis.after.sh
Normal file
6
wp-content/plugins/authLdap-2.3.1/.travis.after.sh
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
set -x
|
||||||
|
if [ "$TRAVIS_PHP_VERSION" = '5.6' ] ; then
|
||||||
|
./vendor/bin/test-reporter --stdout > codeclimate.json
|
||||||
|
curl -X POST -d @codeclimate.json -H "Content-Type: application/json" -H "User-Agent: Code Climate (PHP Test Reporter v1.0.1-dev)" https://codeclimate.com/test_reports
|
||||||
|
php vendor/bin/coveralls
|
||||||
|
fi
|
9
wp-content/plugins/authLdap-2.3.1/.travis.install.sh
Normal file
9
wp-content/plugins/authLdap-2.3.1/.travis.install.sh
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
set -x
|
||||||
|
if [ "$TRAVIS_PHP_VERSION" = 'hhvm' ] || [ "$TRAVIS_PHP_VERSION" = 'hhvm-nightly' ] ; then
|
||||||
|
curl -sS https://getcomposer.org/installer > composer-installer.php
|
||||||
|
hhvm composer-installer.php
|
||||||
|
hhvm -v ResourceLimit.SocketDefaultTimeout=30 -v Http.SlowQueryThreshold=30000 composer.phar update --prefer-source
|
||||||
|
else
|
||||||
|
composer self-update
|
||||||
|
composer update --prefer-source
|
||||||
|
fi
|
42
wp-content/plugins/authLdap-2.3.1/.travis.yml
Normal file
42
wp-content/plugins/authLdap-2.3.1/.travis.yml
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
# Travic-CI-Config file for authLdap
|
||||||
|
#
|
||||||
|
language: php
|
||||||
|
|
||||||
|
addons:
|
||||||
|
apt:
|
||||||
|
packages:
|
||||||
|
- slapd
|
||||||
|
- ldap-utils
|
||||||
|
|
||||||
|
matrix:
|
||||||
|
fast_finish: true
|
||||||
|
include:
|
||||||
|
- php: 5.4
|
||||||
|
- php: 5.5
|
||||||
|
- php: 5.6
|
||||||
|
- php: 7.0
|
||||||
|
- php: 7.1
|
||||||
|
- php: 7.2
|
||||||
|
- php: 7.3
|
||||||
|
- php: hhvm
|
||||||
|
- php: nightly
|
||||||
|
allow_failures:
|
||||||
|
- php: 5.4
|
||||||
|
- php: 5.5
|
||||||
|
- php: nightly
|
||||||
|
- php: hhvm
|
||||||
|
|
||||||
|
before_script:
|
||||||
|
- ./.travis.install.sh
|
||||||
|
- phpenv config-add .ci/php.ini || return 0
|
||||||
|
- .ci/OpenLDAP_run.sh
|
||||||
|
- .ci/load_fixtures.sh
|
||||||
|
- composer dumpautoload
|
||||||
|
|
||||||
|
script:
|
||||||
|
# - ./vendor/bin/phpcs --standard=PSR2 ldap.php authLdap.php tests/
|
||||||
|
- ./vendor/bin/phpunit --configuration=phpunit.travis.xml
|
||||||
|
|
||||||
|
after_script:
|
||||||
|
- ./.travis.after.sh
|
||||||
|
|
7
wp-content/plugins/authLdap-2.3.1/LICENSE.md
Normal file
7
wp-content/plugins/authLdap-2.3.1/LICENSE.md
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
Copyright <YEAR> <COPYRIGHT HOLDER>
|
||||||
|
|
||||||
|
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
|
||||||
|
|
||||||
|
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
|
||||||
|
|
||||||
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
95
wp-content/plugins/authLdap-2.3.1/README.md
Normal file
95
wp-content/plugins/authLdap-2.3.1/README.md
Normal file
@ -0,0 +1,95 @@
|
|||||||
|
# authLDAP
|
||||||
|
|
||||||
|
[![Join the chat at https://gitter.im/heiglandreas/authLdap](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/heiglandreas/authLdap?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
|
||||||
|
|
||||||
|
Use your existing LDAP as authentication-backend for your wordpress!
|
||||||
|
|
||||||
|
[![Build Status](https://travis-ci.org/heiglandreas/authLdap.svg?branch=master)](https://travis-ci.org/heiglandreas/authLdap)
|
||||||
|
[![WordPress Stats](https://img.shields.io/wordpress/plugin/dt/authldap.svg)](https://wordpress.org/plugins/authldap/stats/)
|
||||||
|
[![WordPress Version](https://img.shields.io/wordpress/plugin/v/authldap.svg)](https://wordpress.org/plugins/authldap/)
|
||||||
|
[![WordPress testet](https://img.shields.io/wordpress/v/authldap.svg)](https://wordpress.org/plugins/authldap/)
|
||||||
|
[![Code Climate](https://codeclimate.com/github/heiglandreas/authLdap/badges/gpa.svg)](https://codeclimate.com/github/heiglandreas/authLdap)
|
||||||
|
[![Test Coverage](https://codeclimate.com/github/heiglandreas/authLdap/badges/coverage.svg)](https://codeclimate.com/github/heiglandreas/authLdap)
|
||||||
|
|
||||||
|
So what are the differences to other Wordpress-LDAP-Authentication-Plugins?
|
||||||
|
|
||||||
|
* **Flexible**: You are totaly free in which LDAP-backend to use. Due to the extensive configuration you can
|
||||||
|
freely decide how to do the authentication of your users. It simply depends on your
|
||||||
|
filters
|
||||||
|
* **Independent**: As soon as a user logs in, it is added/updated to the Wordpress' user-database
|
||||||
|
to allow wordpress to always use the correct data. You only have to administer your users once.
|
||||||
|
* **Failsafe**: Due to the users being created in Wordpress' User-database they can
|
||||||
|
also log in when the LDAP-backend currently is gone.
|
||||||
|
* **Role-Aware**: You can map Wordpress' roles to values of an existing LDAP-attribute.
|
||||||
|
|
||||||
|
## How does the plugin work?
|
||||||
|
|
||||||
|
Well, as a matter of fact it is rather simple. The plugin verifies, that the user
|
||||||
|
seeking authentification can bind to the LDAP using the provided password.
|
||||||
|
|
||||||
|
If that is so, the user is either created or updated in the wordpress-user-database.
|
||||||
|
This update includes the provided password (so the wordpress can authenticate users
|
||||||
|
even without the LDAP), the users name according to the authLDAP-preferences and
|
||||||
|
the status of the user depending on the groups-settings of the authLDAP-preferences
|
||||||
|
|
||||||
|
Writing this plugin would not have been as easy as it has been, without the
|
||||||
|
wonderfull plugin of Alistair Young from http://www.weblogs.uhi.ac.uk/sm00ay/?p=45
|
||||||
|
|
||||||
|
## Configuration
|
||||||
|
|
||||||
|
### Usage Settings
|
||||||
|
|
||||||
|
* **Enable Authentication via LDAP** Whether you want to enable authLdap for login or not
|
||||||
|
* **debug authLdap** When you have problems with authentication via LDAP you can enable a debugging mode here.
|
||||||
|
* **Save entered Password** Decide whether passwords will be cached in your wordpress-installation. **Attention:** Without the cache your users will not be able to log into your site when your LDAP is down!
|
||||||
|
|
||||||
|
### Server Settings
|
||||||
|
|
||||||
|
* **LDAP Uri** This is the URI where your ldap-backend can be reached. More information are actually on the Configuration page
|
||||||
|
* **Filter** This is the real McCoy! The filter you define here specifies how a user will be found. Before applying the filter a %s will be replaced with the given username. This means, when a user logs in using ‘foobar’ as username the following happens:
|
||||||
|
|
||||||
|
* **uid=%1$s** check for any LDAP-Entry that has an attribute ‘uid’ with value ‘foobar’
|
||||||
|
* **(&(objectclass=posixAccount)(|(uid=%1$s)(mail=%1$s)))** check for any LDAP-Entry that has an attribute ‘objectclass’ with value ‘posixAccout’ and either a UID- or a mail-attribute with value ‘foobar’
|
||||||
|
|
||||||
|
This filter is rather powerfull if used wisely.
|
||||||
|
|
||||||
|
### Creating Users
|
||||||
|
|
||||||
|
* **Name-Attribute** Which Attribute from the LDAP contains the Full or the First name of the user trying to log in. This defaults to name
|
||||||
|
* **Second Name Attribute** If the above Name-Attribute only contains the First Name of the user you can here specify an Attribute that contains the second name. This field is empty by default
|
||||||
|
* **User-ID Attribute** This field will be used as login-name for wordpress. Please give the Attribute, that is used to identify the user. This should be the same as you used in the above Filter-Option. This field defaults to uid
|
||||||
|
* **Mail Attribute** Which Attribute holds the eMail-Address of the user? If more than one eMail-Address are stored in the LDAP, only the first given is used. This field defaults to mail
|
||||||
|
* **Web-Attribute** If your users have a personal page (URI) stored in the LDAP, it can be provided here. This field is empty by default
|
||||||
|
|
||||||
|
### User-Groups for Roles
|
||||||
|
|
||||||
|
* **Group-Attribute** This is the attribute that defines the Group-ID that can be matched against the Groups defined further down This field defaults to gidNumber.
|
||||||
|
* **Group-Filter** Here you can add the filter for selecting groups for the currentlly logged in user The Filter should contain the string %s which will be replaced by the login-name of the currently logged in
|
||||||
|
|
||||||
|
|
||||||
|
## FAQ
|
||||||
|
|
||||||
|
<dl>
|
||||||
|
<dt>Can I change a users password with this plugin?</dt>
|
||||||
|
<dd>Short Answer: <strong>No</strong>!<br>Long Answer: As the users credentials are not
|
||||||
|
only used for a wordpress-site when you authenticate against an LDAP but for
|
||||||
|
many other services also chances are great that there is a centralized place
|
||||||
|
where password-changes shall be made. We'll later allow inclusion of a link
|
||||||
|
to such a place but currently it's not available. And as password-hashing and
|
||||||
|
where to store it requires deeper insight into the LDAP-Server then most users
|
||||||
|
have and admins are willing to give, password changes are out of scope of this
|
||||||
|
plugin. If you know exactyl what you do, you might want to have a look at
|
||||||
|
<a href="https://github.com/heiglandreas/authLdap/issues/54#issuecomment-125851029">
|
||||||
|
issue 54</a>
|
||||||
|
wherer a way of adding it is described!
|
||||||
|
</dd>
|
||||||
|
<dt>Can I add a user to the LDAP when she creates a user-account on wordpress?</dt>
|
||||||
|
<dd>Short Answer: <strong>No</strong>!<br>Long Answer: Even though that is technically possible
|
||||||
|
it's not in the scope of this plugin. As creating a user in an LDAP often involves
|
||||||
|
an administrative process that has already been implemented in your departments
|
||||||
|
administration it doesn't make sense to rebuild that - in most cases highly
|
||||||
|
individual - process in this plugin. If you know exactly what you do, have a look at
|
||||||
|
<a href="https://github.com/heiglandreas/authLdap/issues/65">issue 65</a>
|
||||||
|
where <a href="https://github.com/wtfiwtz">wtfiwtz</a> shows how to implement that feature.
|
||||||
|
</dd>
|
||||||
|
</dl>
|
1
wp-content/plugins/authLdap-2.3.1/VERSION
Normal file
1
wp-content/plugins/authLdap-2.3.1/VERSION
Normal file
@ -0,0 +1 @@
|
|||||||
|
2.3.1
|
28
wp-content/plugins/authLdap-2.3.1/Vagrantfile
vendored
Normal file
28
wp-content/plugins/authLdap-2.3.1/Vagrantfile
vendored
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
# -*- mode: ruby -*-
|
||||||
|
# vi: set ft=ruby :
|
||||||
|
|
||||||
|
$install_ldap = <<SCRIPT
|
||||||
|
export DEBIAN_FRONTEND=noninteractive
|
||||||
|
apt-get -yq update
|
||||||
|
apt-get -yq --no-install-suggests --no-install-recommends --force-yes install slapd ldap-utils apparmor-utils
|
||||||
|
sudo aa-complain /usr/sbin/slapd
|
||||||
|
SCRIPT
|
||||||
|
|
||||||
|
$setup_vagrant_user_environment = <<SCRIPT
|
||||||
|
if ! grep "cd /vagrant" /home/vagrant/.profile > /dev/null; then
|
||||||
|
echo "cd /vagrant" >> /home/vagrant/.profile
|
||||||
|
fi
|
||||||
|
SCRIPT
|
||||||
|
|
||||||
|
Vagrant.configure(2) do |config|
|
||||||
|
config.vm.box = 'bento/ubuntu-14.04'
|
||||||
|
config.vm.box_check_update = false
|
||||||
|
|
||||||
|
# LDAP port
|
||||||
|
config.vm.network 'forwarded_port', guest: 3890, host: 3890
|
||||||
|
|
||||||
|
config.vm.provision 'shell', inline: $install_ldap
|
||||||
|
config.vm.provision 'shell', privileged: false, inline: '/vagrant/.ci/OpenLDAP_run.sh', :run => 'always'
|
||||||
|
config.vm.provision 'shell', privileged: false, inline: '/vagrant/.ci/load_fixtures.sh', :run => 'always'
|
||||||
|
config.vm.provision 'shell', inline: $setup_vagrant_user_environment
|
||||||
|
end
|
9
wp-content/plugins/authLdap-2.3.1/authLdap.css
Normal file
9
wp-content/plugins/authLdap-2.3.1/authLdap.css
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
.row {
|
||||||
|
overflow: hidden;
|
||||||
|
padding-top: 10px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.element {
|
||||||
|
float: right;
|
||||||
|
text-align: left;
|
||||||
|
}
|
835
wp-content/plugins/authLdap-2.3.1/authLdap.php
Normal file
835
wp-content/plugins/authLdap-2.3.1/authLdap.php
Normal file
@ -0,0 +1,835 @@
|
|||||||
|
<?php
|
||||||
|
/*
|
||||||
|
Plugin Name: AuthLDAP
|
||||||
|
Plugin URI: https://github.com/heiglandreas/authLdap
|
||||||
|
Description: This plugin allows you to use your existing LDAP as authentication base for WordPress
|
||||||
|
Version: 2.3.1
|
||||||
|
Author: Andreas Heigl <andreas@heigl.org>
|
||||||
|
Author URI: http://andreas.heigl.org
|
||||||
|
License: MIT
|
||||||
|
License URI: https://opensource.org/licenses/MIT
|
||||||
|
*/
|
||||||
|
|
||||||
|
require_once dirname(__FILE__) . '/ldap.php';
|
||||||
|
|
||||||
|
function authLdap_debug($message)
|
||||||
|
{
|
||||||
|
if (authLdap_get_option('Debug')) {
|
||||||
|
error_log('[AuthLDAP] ' . $message, 0);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
function authLdap_addmenu()
|
||||||
|
{
|
||||||
|
if (! is_multisite()) {
|
||||||
|
add_options_page('AuthLDAP', 'AuthLDAP', 'manage_options', basename(__FILE__), 'authLdap_options_panel');
|
||||||
|
} else {
|
||||||
|
add_submenu_page('settings.php', 'AuthLDAP', 'AuthLDAP', 'manage_options', 'authldap', 'authLdap_options_panel');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function authLdap_get_post($name, $default = '')
|
||||||
|
{
|
||||||
|
return isset($_POST[$name]) ? $_POST[$name] : $default;
|
||||||
|
}
|
||||||
|
|
||||||
|
function authLdap_options_panel()
|
||||||
|
{
|
||||||
|
// inclusde style sheet
|
||||||
|
wp_enqueue_style('authLdap-style', plugin_dir_url(__FILE__) . 'authLdap.css');
|
||||||
|
|
||||||
|
if (($_SERVER['REQUEST_METHOD'] == 'POST') && array_key_exists('ldapOptionsSave', $_POST)) {
|
||||||
|
$new_options = array(
|
||||||
|
'Enabled' => authLdap_get_post('authLDAPAuth', false),
|
||||||
|
'CachePW' => authLdap_get_post('authLDAPCachePW', false),
|
||||||
|
'URI' => authLdap_get_post('authLDAPURI'),
|
||||||
|
'URISeparator' => authLdap_get_post('authLDAPURISeparator'),
|
||||||
|
'StartTLS' => authLdap_get_post('authLDAPStartTLS', false),
|
||||||
|
'Filter' => authLdap_get_post('authLDAPFilter'),
|
||||||
|
'NameAttr' => authLdap_get_post('authLDAPNameAttr'),
|
||||||
|
'SecName' => authLdap_get_post('authLDAPSecName'),
|
||||||
|
'UidAttr' => authLdap_get_post('authLDAPUidAttr'),
|
||||||
|
'MailAttr' => authLdap_get_post('authLDAPMailAttr'),
|
||||||
|
'WebAttr' => authLdap_get_post('authLDAPWebAttr'),
|
||||||
|
'Groups' => authLdap_get_post('authLDAPGroups', array()),
|
||||||
|
'GroupSeparator'=> authLdap_get_post('authLDAPGroupSeparator', ','),
|
||||||
|
'Debug' => authLdap_get_post('authLDAPDebug', false),
|
||||||
|
'GroupBase' => authLdap_get_post('authLDAPGroupBase'),
|
||||||
|
'GroupAttr' => authLdap_get_post('authLDAPGroupAttr'),
|
||||||
|
'GroupFilter' => authLdap_get_post('authLDAPGroupFilter'),
|
||||||
|
'DefaultRole' => authLdap_get_post('authLDAPDefaultRole'),
|
||||||
|
'GroupEnable' => authLdap_get_post('authLDAPGroupEnable', false),
|
||||||
|
'GroupOverUser' => authLdap_get_post('authLDAPGroupOverUser', false),
|
||||||
|
'DoNotOverwriteNonLdapUsers' => authLdap_get_post('authLDAPDoNotOverwriteNonLdapUsers', false),
|
||||||
|
);
|
||||||
|
if (authLdap_set_options($new_options)) {
|
||||||
|
echo "<div class='updated'><p>Saved Options!</p></div>";
|
||||||
|
} else {
|
||||||
|
echo "<div class='error'><p>Could not save Options!</p></div>";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Do some initialization for the admin-view
|
||||||
|
$authLDAP = authLdap_get_option('Enabled');
|
||||||
|
$authLDAPCachePW = authLdap_get_option('CachePW');
|
||||||
|
$authLDAPURI = authLdap_get_option('URI');
|
||||||
|
$authLDAPURISeparator = authLdap_get_option('URISeparator');
|
||||||
|
$authLDAPStartTLS = authLdap_get_option('StartTLS');
|
||||||
|
$authLDAPFilter = authLdap_get_option('Filter');
|
||||||
|
$authLDAPNameAttr = authLdap_get_option('NameAttr');
|
||||||
|
$authLDAPSecName = authLdap_get_option('SecName');
|
||||||
|
$authLDAPMailAttr = authLdap_get_option('MailAttr');
|
||||||
|
$authLDAPUidAttr = authLdap_get_option('UidAttr');
|
||||||
|
$authLDAPWebAttr = authLdap_get_option('WebAttr');
|
||||||
|
$authLDAPGroups = authLdap_get_option('Groups');
|
||||||
|
$authLDAPGroupSeparator= authLdap_get_option('GroupSeparator');
|
||||||
|
$authLDAPDebug = authLdap_get_option('Debug');
|
||||||
|
$authLDAPGroupBase = authLdap_get_option('GroupBase');
|
||||||
|
$authLDAPGroupAttr = authLdap_get_option('GroupAttr');
|
||||||
|
$authLDAPGroupFilter = authLdap_get_option('GroupFilter');
|
||||||
|
$authLDAPDefaultRole = authLdap_get_option('DefaultRole');
|
||||||
|
$authLDAPGroupEnable = authLdap_get_option('GroupEnable');
|
||||||
|
$authLDAPGroupOverUser = authLdap_get_option('GroupOverUser');
|
||||||
|
$authLDAPDoNotOverwriteNonLdapUsers = authLdap_get_option('DoNotOverwriteNonLdapUsers');
|
||||||
|
|
||||||
|
$tChecked = ($authLDAP) ? ' checked="checked"' : '';
|
||||||
|
$tDebugChecked = ($authLDAPDebug) ? ' checked="checked"' : '';
|
||||||
|
$tPWChecked = ($authLDAPCachePW) ? ' checked="checked"' : '';
|
||||||
|
$tGroupChecked = ($authLDAPGroupEnable) ? ' checked="checked"' : '';
|
||||||
|
$tGroupOverUserChecked = ($authLDAPGroupOverUser) ? ' checked="checked"' : '';
|
||||||
|
$tStartTLSChecked = ($authLDAPStartTLS) ? ' checked="checked"' : '';
|
||||||
|
$tDoNotOverwriteNonLdapUsers = ($authLDAPDoNotOverwriteNonLdapUsers) ? ' checked="checked"' : '';
|
||||||
|
|
||||||
|
$roles = new WP_Roles();
|
||||||
|
|
||||||
|
$action = $_SERVER['REQUEST_URI'];
|
||||||
|
if (! extension_loaded('ldap')) {
|
||||||
|
echo '<div class="warning">The LDAP-Extension is not available on your '
|
||||||
|
. 'WebServer. Therefore Everything you can alter here does not '
|
||||||
|
. 'make any sense!</div>';
|
||||||
|
}
|
||||||
|
|
||||||
|
include dirname(__FILE__) . '/view/admin.phtml';
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* get a LDAP server object
|
||||||
|
*
|
||||||
|
* throws exception if there is a problem connecting
|
||||||
|
*
|
||||||
|
* @conf boolean authLDAPDebug true, if debugging should be turned on
|
||||||
|
* @conf string authLDAPURI LDAP server URI
|
||||||
|
*
|
||||||
|
* @return Org_Heigl\AuthLdap\LDAP LDAP server object
|
||||||
|
*/
|
||||||
|
function authLdap_get_server()
|
||||||
|
{
|
||||||
|
static $_ldapserver = null;
|
||||||
|
if (is_null($_ldapserver)) {
|
||||||
|
$authLDAPDebug = authLdap_get_option('Debug');
|
||||||
|
$authLDAPURI = explode(
|
||||||
|
authLdap_get_option('URISeparator', ' '),
|
||||||
|
authLdap_get_option('URI')
|
||||||
|
);
|
||||||
|
$authLDAPStartTLS = authLdap_get_option('StartTLS');
|
||||||
|
|
||||||
|
//$authLDAPURI = 'ldap:/foo:bar@server/trallala';
|
||||||
|
authLdap_debug('connect to LDAP server');
|
||||||
|
require_once dirname(__FILE__) . '/src/LdapList.php';
|
||||||
|
$_ldapserver = new \Org_Heigl\AuthLdap\LdapList();
|
||||||
|
foreach ($authLDAPURI as $uri) {
|
||||||
|
$_ldapserver->addLdap(new \Org_Heigl\AuthLdap\LDAP($uri, $authLDAPDebug, $authLDAPStartTLS));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $_ldapserver;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This method authenticates a user using either the LDAP or, if LDAP is not
|
||||||
|
* available, the local database
|
||||||
|
*
|
||||||
|
* For this we store the hashed passwords in the WP_Database to ensure working
|
||||||
|
* conditions even without an LDAP-Connection
|
||||||
|
*
|
||||||
|
* @param null|WP_User|WP_Error
|
||||||
|
* @param string $username
|
||||||
|
* @param string $password
|
||||||
|
* @param boolean $already_md5
|
||||||
|
* @return boolean true, if login was successfull or false, if it wasn't
|
||||||
|
* @conf boolean authLDAP true, if authLDAP should be used, false if not. Defaults to false
|
||||||
|
* @conf string authLDAPFilter LDAP filter to use to find correct user, defaults to '(uid=%s)'
|
||||||
|
* @conf string authLDAPNameAttr LDAP attribute containing user (display) name, defaults to 'name'
|
||||||
|
* @conf string authLDAPSecName LDAP attribute containing second name, defaults to ''
|
||||||
|
* @conf string authLDAPMailAttr LDAP attribute containing user e-mail, defaults to 'mail'
|
||||||
|
* @conf string authLDAPUidAttr LDAP attribute containing user id (the username we log on with), defaults to 'uid'
|
||||||
|
* @conf string authLDAPWebAttr LDAP attribute containing user website, defaults to ''
|
||||||
|
* @conf string authLDAPDefaultRole default role for authenticated user, defaults to ''
|
||||||
|
* @conf boolean authLDAPGroupEnable true, if we try to map LDAP groups to Wordpress roles
|
||||||
|
* @conf boolean authLDAPGroupOverUser true, if LDAP Groups have precedence over existing user roles
|
||||||
|
*/
|
||||||
|
function authLdap_login($user, $username, $password, $already_md5 = false)
|
||||||
|
{
|
||||||
|
// don't do anything when authLDAP is disabled
|
||||||
|
if (! authLdap_get_option('Enabled')) {
|
||||||
|
authLdap_debug('LDAP disabled in AuthLDAP plugin options (use the first option in the AuthLDAP options to enable it)');
|
||||||
|
return $user;
|
||||||
|
}
|
||||||
|
|
||||||
|
// If the user has already been authenticated (only in that case we get a
|
||||||
|
// WP_User-Object as $user) we skip LDAP-authentication and simply return
|
||||||
|
// the existing user-object
|
||||||
|
if ($user instanceof WP_User) {
|
||||||
|
authLdap_debug(sprintf(
|
||||||
|
'User %s has already been authenticated - skipping LDAP-Authentication',
|
||||||
|
$user->get('nickname')));
|
||||||
|
return $user;
|
||||||
|
}
|
||||||
|
|
||||||
|
authLdap_debug("User '$username' logging in");
|
||||||
|
|
||||||
|
if ($username == 'admin') {
|
||||||
|
authLdap_debug('Doing nothing for possible local user admin');
|
||||||
|
return $user;
|
||||||
|
}
|
||||||
|
|
||||||
|
global $wpdb, $error;
|
||||||
|
try {
|
||||||
|
$authLDAP = authLdap_get_option('Enabled');
|
||||||
|
$authLDAPFilter = authLdap_get_option('Filter');
|
||||||
|
$authLDAPNameAttr = authLdap_get_option('NameAttr');
|
||||||
|
$authLDAPSecName = authLdap_get_option('SecName');
|
||||||
|
$authLDAPMailAttr = authLdap_get_option('MailAttr');
|
||||||
|
$authLDAPUidAttr = authLdap_get_option('UidAttr');
|
||||||
|
$authLDAPWebAttr = authLdap_get_option('WebAttr');
|
||||||
|
$authLDAPDefaultRole = authLdap_get_option('DefaultRole');
|
||||||
|
$authLDAPGroupEnable = authLdap_get_option('GroupEnable');
|
||||||
|
$authLDAPGroupOverUser = authLdap_get_option('GroupOverUser');
|
||||||
|
|
||||||
|
if (! $username) {
|
||||||
|
authLdap_debug('Username not supplied: return false');
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (! $password) {
|
||||||
|
authLdap_debug('Password not supplied: return false');
|
||||||
|
$error = __('<strong>Error</strong>: The password field is empty.');
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
// First check for valid values and set appropriate defaults
|
||||||
|
if (! $authLDAPFilter) {
|
||||||
|
$authLDAPFilter = '(uid=%s)';
|
||||||
|
}
|
||||||
|
if (! $authLDAPNameAttr) {
|
||||||
|
$authLDAPNameAttr = 'name';
|
||||||
|
}
|
||||||
|
if (! $authLDAPMailAttr) {
|
||||||
|
$authLDAPMailAttr = 'mail';
|
||||||
|
}
|
||||||
|
if (! $authLDAPUidAttr) {
|
||||||
|
$authLDAPUidAttr = 'uid';
|
||||||
|
}
|
||||||
|
|
||||||
|
// If already_md5 is TRUE, then we're getting the user/password from the cookie. As we don't want to store LDAP passwords in any
|
||||||
|
// form, we've already replaced the password with the hashed username and LDAP_COOKIE_MARKER
|
||||||
|
if ($already_md5) {
|
||||||
|
if ($password == md5($username).md5($ldapCookieMarker)) {
|
||||||
|
authLdap_debug('cookie authentication');
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Remove slashes as noted on https://github.com/heiglandreas/authLdap/issues/108
|
||||||
|
$password = stripslashes_deep($password);
|
||||||
|
|
||||||
|
// No cookie, so have to authenticate them via LDAP
|
||||||
|
$result = false;
|
||||||
|
try {
|
||||||
|
authLdap_debug('about to do LDAP authentication');
|
||||||
|
$result = authLdap_get_server()->Authenticate($username, $password, $authLDAPFilter);
|
||||||
|
} catch (Exception $e) {
|
||||||
|
authLdap_debug('LDAP authentication failed with exception: ' . $e->getMessage());
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Rebind with the default credentials after the user has been loged in
|
||||||
|
// Otherwise the credentials of the user trying to login will be used
|
||||||
|
// This fixes #55
|
||||||
|
authLdap_get_server()->bind();
|
||||||
|
|
||||||
|
if (true !== $result) {
|
||||||
|
authLdap_debug('LDAP authentication failed');
|
||||||
|
// TODO what to return? WP_User object, true, false, even an WP_Error object... all seem to fall back to normal wp user authentication
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
authLdap_debug('LDAP authentication successfull');
|
||||||
|
$attributes = array_values(
|
||||||
|
array_filter(
|
||||||
|
array(
|
||||||
|
$authLDAPNameAttr,
|
||||||
|
$authLDAPSecName,
|
||||||
|
$authLDAPMailAttr,
|
||||||
|
$authLDAPWebAttr,
|
||||||
|
$authLDAPUidAttr
|
||||||
|
)
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
try {
|
||||||
|
$attribs = authLdap_get_server()->search(
|
||||||
|
sprintf($authLDAPFilter, $username),
|
||||||
|
$attributes
|
||||||
|
);
|
||||||
|
// First get all the relevant group informations so we can see if
|
||||||
|
// whether have been changes in group association of the user
|
||||||
|
if (! isset($attribs[0]['dn'])) {
|
||||||
|
authLdap_debug('could not get user attributes from LDAP');
|
||||||
|
throw new UnexpectedValueException('dn has not been returned');
|
||||||
|
}
|
||||||
|
if (! isset($attribs[0][strtolower($authLDAPUidAttr)][0])) {
|
||||||
|
authLdap_debug('could not get user attributes from LDAP');
|
||||||
|
throw new UnexpectedValueException('The user-ID attribute has not been returned');
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
$dn = $attribs[0]['dn'];
|
||||||
|
$realuid = $attribs[0][strtolower($authLDAPUidAttr)][0];
|
||||||
|
} catch (Exception $e) {
|
||||||
|
authLdap_debug('Exception getting LDAP user: ' . $e->getMessage());
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$uid = authLdap_get_uid($realuid);
|
||||||
|
|
||||||
|
// This fixes #172
|
||||||
|
if (true == authLdap_get_option('DoNotOverwriteNonLdapUsers', false)) {
|
||||||
|
if (! get_user_meta($uid, 'authLDAP')) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$role = '';
|
||||||
|
|
||||||
|
// we only need this if either LDAP groups are disabled or
|
||||||
|
// if the WordPress role of the user overrides LDAP groups
|
||||||
|
if (!$authLDAPGroupEnable || !$authLDAPGroupOverUser) {
|
||||||
|
$role = authLdap_user_role($uid);
|
||||||
|
}
|
||||||
|
|
||||||
|
// do LDAP group mapping if needed
|
||||||
|
// (if LDAP groups override worpress user role, $role is still empty)
|
||||||
|
if (empty($role) && $authLDAPGroupEnable) {
|
||||||
|
$role = authLdap_groupmap($realuid, $dn);
|
||||||
|
authLdap_debug('role from group mapping: ' . $role);
|
||||||
|
}
|
||||||
|
|
||||||
|
// if we don't have a role yet, use default role
|
||||||
|
if (empty($role) && !empty($authLDAPDefaultRole)) {
|
||||||
|
authLdap_debug('no role yet, set default role');
|
||||||
|
$role = $authLDAPDefaultRole;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (empty($role)) {
|
||||||
|
// Sorry, but you are not in any group that is allowed access
|
||||||
|
trigger_error('no group found');
|
||||||
|
authLdap_debug('user is not in any group that is allowed access');
|
||||||
|
return false;
|
||||||
|
} else {
|
||||||
|
$roles = new WP_Roles();
|
||||||
|
// not sure if this is needed, but it can't hurt
|
||||||
|
if (!$roles->is_role($role)) {
|
||||||
|
trigger_error('no group found');
|
||||||
|
authLdap_debug('role is invalid');
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// from here on, the user has access!
|
||||||
|
// now, lets update some user details
|
||||||
|
$user_info = array();
|
||||||
|
$user_info['user_login'] = $realuid;
|
||||||
|
$user_info['role'] = $role;
|
||||||
|
$user_info['user_email'] = '';
|
||||||
|
|
||||||
|
// first name
|
||||||
|
if (isset($attribs[0][strtolower($authLDAPNameAttr)][0])) {
|
||||||
|
$user_info['first_name'] = $attribs[0][strtolower($authLDAPNameAttr)][0];
|
||||||
|
}
|
||||||
|
|
||||||
|
// last name
|
||||||
|
if (isset($attribs[0][strtolower($authLDAPSecName)][0])) {
|
||||||
|
$user_info['last_name'] = $attribs[0][strtolower($authLDAPSecName)][0];
|
||||||
|
}
|
||||||
|
|
||||||
|
// mail address
|
||||||
|
if (isset($attribs[0][strtolower($authLDAPMailAttr)][0])) {
|
||||||
|
$user_info['user_email'] = $attribs[0][strtolower($authLDAPMailAttr)][0];
|
||||||
|
}
|
||||||
|
|
||||||
|
// website
|
||||||
|
if (isset($attribs[0][strtolower($authLDAPWebAttr)][0])) {
|
||||||
|
$user_info['user_url'] = $attribs[0][strtolower($authLDAPWebAttr)][0];
|
||||||
|
}
|
||||||
|
// display name, nickname, nicename
|
||||||
|
if (array_key_exists('first_name', $user_info)) {
|
||||||
|
$user_info['display_name'] = $user_info['first_name'];
|
||||||
|
$user_info['nickname'] = $user_info['first_name'];
|
||||||
|
$user_info['user_nicename'] = sanitize_title_with_dashes($user_info['first_name']);
|
||||||
|
if (array_key_exists('last_name', $user_info)) {
|
||||||
|
$user_info['display_name'] .= ' ' . $user_info['last_name'];
|
||||||
|
$user_info['nickname'] .= ' ' . $user_info['last_name'];
|
||||||
|
$user_info['user_nicename'] .= '_' . sanitize_title_with_dashes($user_info['last_name']);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$user_info['user_nicename'] = substr($user_info['user_nicename'], 0, 50);
|
||||||
|
|
||||||
|
// optionally store the password into the wordpress database
|
||||||
|
if (authLdap_get_option('CachePW')) {
|
||||||
|
// Password will be hashed inside wp_update_user or wp_insert_user
|
||||||
|
$user_info['user_pass'] = $password;
|
||||||
|
} else {
|
||||||
|
// clear the password
|
||||||
|
$user_info['user_pass'] = '';
|
||||||
|
}
|
||||||
|
|
||||||
|
// add uid if user exists
|
||||||
|
if ($uid) {
|
||||||
|
// found user in the database
|
||||||
|
authLdap_debug('The LDAP user has an entry in the WP-Database');
|
||||||
|
$user_info['ID'] = $uid;
|
||||||
|
unset ($user_info['display_name'], $user_info['nickname']);
|
||||||
|
$userid = wp_update_user($user_info);
|
||||||
|
} else {
|
||||||
|
// new wordpress account will be created
|
||||||
|
authLdap_debug('The LDAP user does not have an entry in the WP-Database, a new WP account will be created');
|
||||||
|
|
||||||
|
$userid = wp_insert_user($user_info);
|
||||||
|
}
|
||||||
|
|
||||||
|
// if the user exists, wp_insert_user will update the existing user record
|
||||||
|
if (is_wp_error($userid)) {
|
||||||
|
authLdap_debug('Error creating user : ' . $userid->get_error_message());
|
||||||
|
trigger_error('Error creating user: ' . $userid->get_error_message());
|
||||||
|
return $userid;
|
||||||
|
}
|
||||||
|
|
||||||
|
authLdap_debug('user id = ' . $userid);
|
||||||
|
|
||||||
|
// flag the user as an ldap user so we can hide the password fields in the user profile
|
||||||
|
update_user_meta($userid, 'authLDAP', true);
|
||||||
|
|
||||||
|
// return a user object upon positive authorization
|
||||||
|
return new WP_User($userid);
|
||||||
|
} catch (Exception $e) {
|
||||||
|
authLdap_debug($e->getMessage() . '. Exception thrown in line ' . $e->getLine());
|
||||||
|
trigger_error($e->getMessage() . '. Exception thrown in line ' . $e->getLine());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get user's user id
|
||||||
|
*
|
||||||
|
* Returns null if username not found
|
||||||
|
*
|
||||||
|
* @param string $username username
|
||||||
|
* @param string user id, null if not found
|
||||||
|
*/
|
||||||
|
function authLdap_get_uid($username)
|
||||||
|
{
|
||||||
|
global $wpdb;
|
||||||
|
|
||||||
|
// find out whether the user is already present in the database
|
||||||
|
$uid = $wpdb->get_var(
|
||||||
|
$wpdb->prepare(
|
||||||
|
"SELECT ID FROM {$wpdb->users} WHERE user_login = %s",
|
||||||
|
$username
|
||||||
|
)
|
||||||
|
);
|
||||||
|
if ($uid) {
|
||||||
|
authLdap_debug("Existing user, uid = {$uid}");
|
||||||
|
return $uid;
|
||||||
|
} else {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the user's current role
|
||||||
|
*
|
||||||
|
* Returns empty string if not found.
|
||||||
|
*
|
||||||
|
* @param int $uid wordpress user id
|
||||||
|
* @return string role, empty if none found
|
||||||
|
*/
|
||||||
|
function authLdap_user_role($uid)
|
||||||
|
{
|
||||||
|
global $wpdb;
|
||||||
|
|
||||||
|
if (!$uid) {
|
||||||
|
return '';
|
||||||
|
}
|
||||||
|
|
||||||
|
$meta_value = $wpdb->get_var("SELECT meta_value FROM {$wpdb->usermeta} WHERE meta_key = '{$wpdb->prefix}capabilities' AND user_id = {$uid}");
|
||||||
|
|
||||||
|
if (!$meta_value) {
|
||||||
|
return '';
|
||||||
|
}
|
||||||
|
|
||||||
|
$capabilities = unserialize($meta_value);
|
||||||
|
$roles = is_array($capabilities) ? array_keys($capabilities) : array('');
|
||||||
|
$role = $roles[0];
|
||||||
|
|
||||||
|
authLdap_debug("Existing user's role: {$role}");
|
||||||
|
return $role;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get LDAP groups for user and map to role
|
||||||
|
*
|
||||||
|
* @param string $username
|
||||||
|
* @param string $dn
|
||||||
|
* @return string role, empty string if no mapping found, first found role otherwise
|
||||||
|
* @conf array authLDAPGroups, associative array, role => ldap_group
|
||||||
|
* @conf string authLDAPGroupBase, base dn to look up groups
|
||||||
|
* @conf string authLDAPGroupAttr, ldap attribute that holds name of group
|
||||||
|
* @conf string authLDAPGroupFilter, LDAP filter to find groups. can contain %s and %dn% placeholders
|
||||||
|
*/
|
||||||
|
function authLdap_groupmap($username, $dn)
|
||||||
|
{
|
||||||
|
$authLDAPGroups = authLdap_sort_roles_by_capabilities(
|
||||||
|
authLdap_get_option('Groups')
|
||||||
|
);
|
||||||
|
$authLDAPGroupBase = authLdap_get_option('GroupBase');
|
||||||
|
$authLDAPGroupAttr = authLdap_get_option('GroupAttr');
|
||||||
|
$authLDAPGroupFilter = authLdap_get_option('GroupFilter');
|
||||||
|
$authLDAPGroupSeparator = authLdap_get_option('GroupSeparator');
|
||||||
|
if (! $authLDAPGroupAttr) {
|
||||||
|
$authLDAPGroupAttr = 'gidNumber';
|
||||||
|
}
|
||||||
|
if (! $authLDAPGroupFilter) {
|
||||||
|
$authLDAPGroupFilter = '(&(objectClass=posixGroup)(memberUid=%s))';
|
||||||
|
}
|
||||||
|
if (! $authLDAPGroupSeparator) {
|
||||||
|
$authLDAPGroupSeparator = ',';
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!is_array($authLDAPGroups) || count(array_filter(array_values($authLDAPGroups))) == 0) {
|
||||||
|
authLdap_debug('No group names defined');
|
||||||
|
return '';
|
||||||
|
}
|
||||||
|
|
||||||
|
try {
|
||||||
|
// To allow searches based on the DN instead of the uid, we replace the
|
||||||
|
// string %dn% with the users DN.
|
||||||
|
$authLDAPGroupFilter = str_replace(
|
||||||
|
'%dn%',
|
||||||
|
ldap_escape($dn, '', LDAP_ESCAPE_FILTER),
|
||||||
|
$authLDAPGroupFilter
|
||||||
|
);
|
||||||
|
authLdap_debug('Group Filter: ' . json_encode($authLDAPGroupFilter));
|
||||||
|
authLdap_debug('Group Base: ' . $authLDAPGroupBase);
|
||||||
|
$groups = authLdap_get_server()->search(
|
||||||
|
sprintf($authLDAPGroupFilter, ldap_escape($username, '', LDAP_ESCAPE_FILTER)),
|
||||||
|
array($authLDAPGroupAttr),
|
||||||
|
$authLDAPGroupBase
|
||||||
|
);
|
||||||
|
} catch (Exception $e) {
|
||||||
|
authLdap_debug('Exception getting LDAP group attributes: ' . $e->getMessage());
|
||||||
|
return '';
|
||||||
|
}
|
||||||
|
|
||||||
|
$grp = array();
|
||||||
|
for ($i = 0; $i < $groups ['count']; $i++) {
|
||||||
|
for ($k = 0; $k < $groups[$i][strtolower($authLDAPGroupAttr)]['count']; $k++) {
|
||||||
|
$grp[] = $groups[$i][strtolower($authLDAPGroupAttr)][$k];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
authLdap_debug('LDAP groups: ' . json_encode($grp));
|
||||||
|
|
||||||
|
// Check whether the user is member of one of the groups that are
|
||||||
|
// allowed acces to the blog. If the user is not member of one of
|
||||||
|
// The groups throw her out! ;-)
|
||||||
|
// If the user is member of more than one group only the first one
|
||||||
|
// will be taken into account!
|
||||||
|
|
||||||
|
$role = '';
|
||||||
|
foreach ($authLDAPGroups as $key => $val) {
|
||||||
|
$currentGroup = explode($authLDAPGroupSeparator, $val);
|
||||||
|
// Remove whitespaces around the group-ID
|
||||||
|
$currentGroup = array_map('trim', $currentGroup);
|
||||||
|
if (0 < count(array_intersect($currentGroup, $grp))) {
|
||||||
|
$role = $key;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
authLdap_debug("Role from LDAP group: {$role}");
|
||||||
|
return $role;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This function disables the password-change fields in the users preferences.
|
||||||
|
*
|
||||||
|
* It does not make sense to authenticate via LDAP and then allow the user to
|
||||||
|
* change the password only in the wordpress database. And changing the password
|
||||||
|
* LDAP-wide can not be the scope of Wordpress!
|
||||||
|
*
|
||||||
|
* Whether the user is an LDAP-User or not is determined using the authLDAP-Flag
|
||||||
|
* of the users meta-informations
|
||||||
|
*
|
||||||
|
* @return false, if the user whose prefs are viewed is an LDAP-User, true if
|
||||||
|
* he isn't
|
||||||
|
* @conf boolean authLDAP
|
||||||
|
*/
|
||||||
|
function authLdap_show_password_fields($return, $user)
|
||||||
|
{
|
||||||
|
if (! $user) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (get_user_meta($user->ID, 'authLDAP')) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
return $return;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This function disables the password reset for a user.
|
||||||
|
*
|
||||||
|
* It does not make sense to authenticate via LDAP and then allow the user to
|
||||||
|
* reset the password only in the wordpress database. And changing the password
|
||||||
|
* LDAP-wide can not be the scope of Wordpress!
|
||||||
|
*
|
||||||
|
* Whether the user is an LDAP-User or not is determined using the authLDAP-Flag
|
||||||
|
* of the users meta-informations
|
||||||
|
*
|
||||||
|
* @author chaplina (https://github.com/chaplina)
|
||||||
|
* @conf boolean authLDAP
|
||||||
|
* @return false, if the user is an LDAP-User, true if he isn't
|
||||||
|
*/
|
||||||
|
function authLdap_allow_password_reset($return, $userid)
|
||||||
|
{
|
||||||
|
if (!(isset($userid))) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (get_user_meta($userid, 'authLDAP')) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return $return;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Sort the given roles by number of capabilities
|
||||||
|
*
|
||||||
|
* @param array $roles
|
||||||
|
*
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
|
function authLdap_sort_roles_by_capabilities($roles)
|
||||||
|
{
|
||||||
|
global $wpdb;
|
||||||
|
$myRoles = get_option($wpdb->get_blog_prefix() . 'user_roles');
|
||||||
|
|
||||||
|
authLdap_debug(print_r($roles, true));
|
||||||
|
uasort($myRoles, 'authLdap_sortByCapabilitycount');
|
||||||
|
|
||||||
|
$return = array();
|
||||||
|
|
||||||
|
foreach ($myRoles as $key => $role) {
|
||||||
|
if (isset($roles[$key])) {
|
||||||
|
$return[$key] = $roles[$key];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
authLdap_debug(print_r($return, true));
|
||||||
|
return $return;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Sort according to the number of capabilities
|
||||||
|
*
|
||||||
|
* @param $a
|
||||||
|
* @param $b
|
||||||
|
*/
|
||||||
|
function authLdap_sortByCapabilitycount($a, $b)
|
||||||
|
{
|
||||||
|
if (count($a['capabilities']) > count($b['capabilities'])) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
if (count($a['capabilities']) < count($b['capabilities'])) {
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Load AuthLDAP Options
|
||||||
|
*
|
||||||
|
* Sets and stores defaults if options are not up to date
|
||||||
|
*/
|
||||||
|
function authLdap_load_options($reload = false)
|
||||||
|
{
|
||||||
|
static $options = null;
|
||||||
|
|
||||||
|
// the current version for options
|
||||||
|
$option_version_plugin = 1;
|
||||||
|
|
||||||
|
$optionFunction = 'get_option';
|
||||||
|
if (is_multisite()) {
|
||||||
|
$optionFunction = 'get_site_option';
|
||||||
|
}
|
||||||
|
if (is_null($options) || $reload) {
|
||||||
|
$options = $optionFunction('authLDAPOptions', array());
|
||||||
|
}
|
||||||
|
|
||||||
|
// check if option version has changed (or if it's there at all)
|
||||||
|
if (!isset($options['Version']) || ($options['Version'] != $option_version_plugin)) {
|
||||||
|
// defaults for all options
|
||||||
|
$options_default = array(
|
||||||
|
'Enabled' => false,
|
||||||
|
'CachePW' => false,
|
||||||
|
'URI' => '',
|
||||||
|
'URISeparator' => ' ',
|
||||||
|
'Filter' => '', // '(uid=%s)'
|
||||||
|
'NameAttr' => '', // 'name'
|
||||||
|
'SecName' => '',
|
||||||
|
'UidAttr' => '', // 'uid'
|
||||||
|
'MailAttr' => '', // 'mail'
|
||||||
|
'WebAttr' => '',
|
||||||
|
'Groups' => array(),
|
||||||
|
'Debug' => false,
|
||||||
|
'GroupAttr' => '', // 'gidNumber'
|
||||||
|
'GroupFilter' => '', // '(&(objectClass=posixGroup)(memberUid=%s))'
|
||||||
|
'DefaultRole' => '',
|
||||||
|
'GroupEnable' => true,
|
||||||
|
'GroupOverUser' => true,
|
||||||
|
'Version' => $option_version_plugin,
|
||||||
|
'DoNotOverwriteNonLdapUsers' => false,
|
||||||
|
);
|
||||||
|
|
||||||
|
// check if we got a version
|
||||||
|
if (!isset($options['Version'])) {
|
||||||
|
// we just changed to the new option format
|
||||||
|
// read old options, then delete them
|
||||||
|
$old_option_new_option = array(
|
||||||
|
'authLDAP' => 'Enabled',
|
||||||
|
'authLDAPCachePW' => 'CachePW',
|
||||||
|
'authLDAPURI' => 'URI',
|
||||||
|
'authLDAPFilter' => 'Filter',
|
||||||
|
'authLDAPNameAttr' => 'NameAttr',
|
||||||
|
'authLDAPSecName' => 'SecName',
|
||||||
|
'authLDAPUidAttr' => 'UidAttr',
|
||||||
|
'authLDAPMailAttr' => 'MailAttr',
|
||||||
|
'authLDAPWebAttr' => 'WebAttr',
|
||||||
|
'authLDAPGroups' => 'Groups',
|
||||||
|
'authLDAPDebug' => 'Debug',
|
||||||
|
'authLDAPGroupAttr' => 'GroupAttr',
|
||||||
|
'authLDAPGroupFilter' => 'GroupFilter',
|
||||||
|
'authLDAPDefaultRole' => 'DefaultRole',
|
||||||
|
'authLDAPGroupEnable' => 'GroupEnable',
|
||||||
|
'authLDAPGroupOverUser' => 'GroupOverUser',
|
||||||
|
);
|
||||||
|
foreach ($old_option_new_option as $old_option => $new_option) {
|
||||||
|
$value = get_option($old_option, null);
|
||||||
|
if (!is_null($value)) {
|
||||||
|
$options[$new_option] = $value;
|
||||||
|
}
|
||||||
|
delete_option($old_option);
|
||||||
|
}
|
||||||
|
delete_option('authLDAPCookieMarker');
|
||||||
|
delete_option('authLDAPCookierMarker');
|
||||||
|
}
|
||||||
|
|
||||||
|
// set default for all options that are missing
|
||||||
|
foreach ($options_default as $key => $default) {
|
||||||
|
if (!isset($options[$key])) {
|
||||||
|
$options[$key] = $default;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// set new version and save
|
||||||
|
$options['Version'] = $option_version_plugin;
|
||||||
|
update_option('authLDAPOptions', $options);
|
||||||
|
}
|
||||||
|
return $options;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get an individual option
|
||||||
|
*/
|
||||||
|
function authLdap_get_option($optionname, $default = null)
|
||||||
|
{
|
||||||
|
$options = authLdap_load_options();
|
||||||
|
if (isset($options[$optionname]) && $options[$optionname]) {
|
||||||
|
return $options[$optionname];
|
||||||
|
}
|
||||||
|
|
||||||
|
if (null !== $default) {
|
||||||
|
return $default;
|
||||||
|
}
|
||||||
|
|
||||||
|
//authLdap_debug('option name invalid: ' . $optionname);
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Set new options
|
||||||
|
*/
|
||||||
|
function authLdap_set_options($new_options = array())
|
||||||
|
{
|
||||||
|
// initialize the options with what we currently have
|
||||||
|
$options = authLdap_load_options();
|
||||||
|
|
||||||
|
// set the new options supplied
|
||||||
|
foreach ($new_options as $key => $value) {
|
||||||
|
$options[$key] = $value;
|
||||||
|
}
|
||||||
|
|
||||||
|
// store options
|
||||||
|
$optionFunction = 'update_option';
|
||||||
|
if (is_multisite()) {
|
||||||
|
$optionFunction = 'update_site_option';
|
||||||
|
}
|
||||||
|
if ($optionFunction('authLDAPOptions', $options)) {
|
||||||
|
// reload the option cache
|
||||||
|
authLdap_load_options(true);
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
// could not set options
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Do not send an email after changing the password or the email of the user!
|
||||||
|
*
|
||||||
|
* @param boolean $result The initial resturn value
|
||||||
|
* @param array $user The old userdata
|
||||||
|
* @param array $newUserData The changed userdata
|
||||||
|
*
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
|
function authLdap_send_change_email($result, $user, $newUserData)
|
||||||
|
{
|
||||||
|
if (get_usermeta($user['ID'], 'authLDAP')) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
return $result;
|
||||||
|
}
|
||||||
|
|
||||||
|
$hook = is_multisite() ? 'network_' : '';
|
||||||
|
add_action($hook . 'admin_menu', 'authLdap_addmenu');
|
||||||
|
add_filter('show_password_fields', 'authLdap_show_password_fields', 10, 2);
|
||||||
|
add_filter('allow_password_reset', 'authLdap_allow_password_reset', 10, 2);
|
||||||
|
add_filter('authenticate', 'authLdap_login', 10, 3);
|
||||||
|
/** This only works from WP 4.3.0 on */
|
||||||
|
add_filter('send_password_change_email', 'authLdap_send_change_email', 10, 3);
|
||||||
|
add_filter('send_email_change_email', 'authLdap_send_change_email', 10, 3);
|
95
wp-content/plugins/authLdap-2.3.1/build.xml
Normal file
95
wp-content/plugins/authLdap-2.3.1/build.xml
Normal file
@ -0,0 +1,95 @@
|
|||||||
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
|
<project name="ajaxComments" default="build" basedir=".">
|
||||||
|
<php expression="include('vendor/autoload.php')"/>
|
||||||
|
<loadfile property = "version" file = "VERSION">
|
||||||
|
<filterchain>
|
||||||
|
<striplinebreaks/>
|
||||||
|
</filterchain>
|
||||||
|
</loadfile>
|
||||||
|
<target name="bumpversion">
|
||||||
|
<echo>Bumping version to ${version}</echo>
|
||||||
|
<reflexive>
|
||||||
|
<fileset dir=".">
|
||||||
|
<include name="index.php"/>
|
||||||
|
<include name="authLdap.php"/>
|
||||||
|
</fileset>
|
||||||
|
<filterchain>
|
||||||
|
<replaceregexp>
|
||||||
|
<regexp pattern="Version:.*" replace="Version: ${version}"/>
|
||||||
|
</replaceregexp>
|
||||||
|
</filterchain>
|
||||||
|
</reflexive>
|
||||||
|
</target>
|
||||||
|
<target name="build" depends="bumpversion,deploy.git,deploy.svn"/>
|
||||||
|
<target name="sync.svn">
|
||||||
|
<filesync
|
||||||
|
rsyncPath="rsync"
|
||||||
|
destinationDir="${project.basedir}/svn/trunk"
|
||||||
|
sourceDir="${project.basedir}/"
|
||||||
|
verbose="true"
|
||||||
|
excludeFile="${project.basedir}/.rsyncIgnore"
|
||||||
|
/>
|
||||||
|
</target>
|
||||||
|
<target name="deploy.svn" depends="sync.svn">
|
||||||
|
<property override="true" file="${project.basedir}/.svnAccess" prefix="svnaccess" />
|
||||||
|
<foreach param="dirname" target="svn.addFile">
|
||||||
|
<fileset dir="${project.basedir}/svn/trunk">
|
||||||
|
<include name="**/*"/>
|
||||||
|
</fileset>
|
||||||
|
</foreach>
|
||||||
|
<echo message="${svnaccess.username}"/>
|
||||||
|
<exec outputProperty="committedrevision" executable="svn" dir="${project.basedir}/svn/trunk">
|
||||||
|
<arg value="commit"/>
|
||||||
|
<arg value="--username"/>
|
||||||
|
<arg value="${svnaccess.username}"/>
|
||||||
|
<arg value="--password"/>
|
||||||
|
<arg value="${svnaccess.password}"/>
|
||||||
|
<arg value="--message"/>
|
||||||
|
<arg value="Bumps version to ${version}"/>
|
||||||
|
<arg value="--no-auth-cache"/>
|
||||||
|
<arg value="--quiet"/>
|
||||||
|
</exec>
|
||||||
|
<!--svncommit
|
||||||
|
username="${svnaccess.username}"
|
||||||
|
password="${svnaccess.password}"
|
||||||
|
workingcopy="${project.basedir}/svn"
|
||||||
|
message="Bumps version to ${version}"
|
||||||
|
nocache="true"
|
||||||
|
/-->
|
||||||
|
<echo message="Committed revision: ${committedrevision}"/>
|
||||||
|
</target>
|
||||||
|
|
||||||
|
<target name="svn.addFile">
|
||||||
|
<trycatch>
|
||||||
|
<try>
|
||||||
|
<svninfo workingcopy="${project.basedir}/svn/trunk/${dirname}"/>
|
||||||
|
</try>
|
||||||
|
<catch>
|
||||||
|
<exec command="svn add ${project.basedir}/svn/trunk/${dirname}"/>
|
||||||
|
<echo>${dirname}</echo>
|
||||||
|
</catch>
|
||||||
|
<finally>
|
||||||
|
|
||||||
|
</finally>
|
||||||
|
</trycatch>
|
||||||
|
<echo>${svn.info}</echo>
|
||||||
|
</target>
|
||||||
|
<target name="deploy.git">
|
||||||
|
<exec executable="git" dir=".">
|
||||||
|
<arg value="-m"/>
|
||||||
|
<arg value="Bumps version to ${version}"/>
|
||||||
|
</exec>
|
||||||
|
<exec executable="git" dir=".">
|
||||||
|
<arg value="tag"/>
|
||||||
|
<arg value="-s"/>
|
||||||
|
<arg value="-m"/>
|
||||||
|
<arg value="Version ${version}"/>
|
||||||
|
<arg value="${version}"/>
|
||||||
|
</exec>
|
||||||
|
<exec executable="git" dir=".">
|
||||||
|
<arg value="push"/>
|
||||||
|
<arg value="--tags"/>
|
||||||
|
<arg value="origin"/>
|
||||||
|
</exec>
|
||||||
|
</target>
|
||||||
|
</project>
|
41
wp-content/plugins/authLdap-2.3.1/composer.json
Normal file
41
wp-content/plugins/authLdap-2.3.1/composer.json
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
{
|
||||||
|
"name" : "org_heigl/authLdap",
|
||||||
|
"type" : "library",
|
||||||
|
"description": "Enables wordpress-authentication via LDAP",
|
||||||
|
"keywords": ["ldap","authenticate", "auth", "wordpress"],
|
||||||
|
"homepage": "http://github.com/heiglandreas/authLdap",
|
||||||
|
"license": "MIT",
|
||||||
|
"authors": [{
|
||||||
|
"name": "Andreas Heigl",
|
||||||
|
"email": "andreas@heigl.org",
|
||||||
|
"homepage": "http://andreas.heigl.org",
|
||||||
|
"role": "Developer"
|
||||||
|
}],
|
||||||
|
"require" : {
|
||||||
|
"php": ">=5.4",
|
||||||
|
"phing/phing": "^2.16"
|
||||||
|
},
|
||||||
|
"require-dev": {
|
||||||
|
"php-mock/php-mock": "^1.0",
|
||||||
|
"phpunit/phpunit": "~4.5",
|
||||||
|
"mockery/mockery": "0.9.*",
|
||||||
|
"codeclimate/php-test-reporter": "0.1.*",
|
||||||
|
"squizlabs/php_codesniffer": "~2.3",
|
||||||
|
"pear/versioncontrol_svn": "^0.5.2",
|
||||||
|
"pear/pear": "dev-master"
|
||||||
|
},
|
||||||
|
"autoload" : {
|
||||||
|
"classmap" : [
|
||||||
|
"ldap.php",
|
||||||
|
"authLdap.php"
|
||||||
|
],
|
||||||
|
"psr-4" : {
|
||||||
|
"Org_Heigl\\AuthLdap\\" : "src/"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"autoload-dev" : {
|
||||||
|
"psr-4" : {
|
||||||
|
"Org_Heigl\\AuthLdapTest\\" : "tests/"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
67
wp-content/plugins/authLdap-2.3.1/docker-compose.yml
Normal file
67
wp-content/plugins/authLdap-2.3.1/docker-compose.yml
Normal file
@ -0,0 +1,67 @@
|
|||||||
|
version: "3.5"
|
||||||
|
|
||||||
|
services:
|
||||||
|
wp:
|
||||||
|
# image: authldap:latest
|
||||||
|
build:
|
||||||
|
context: dockersetup
|
||||||
|
dockerfile: Dockerfile_wordpress
|
||||||
|
ports:
|
||||||
|
- 80:80 # change ip if required
|
||||||
|
volumes:
|
||||||
|
- ./config/php.conf.ini:/usr/local/etc/php/conf.d/conf.ini
|
||||||
|
- ./wp-app:/var/www/html # Full wordpress project
|
||||||
|
- .:/var/www/html/wp-content/plugins/authldap # Plugin development
|
||||||
|
#- ./theme-name/trunk/:/var/www/html/wp-content/themes/theme-name # Theme development
|
||||||
|
environment:
|
||||||
|
WORDPRESS_DB_HOST: db
|
||||||
|
WORDPRESS_DB_NAME: "wordpress"
|
||||||
|
WORDPRESS_DB_USER: root
|
||||||
|
WORDPRESS_DB_PASSWORD: "wppasswd"
|
||||||
|
depends_on:
|
||||||
|
- db
|
||||||
|
links:
|
||||||
|
- db
|
||||||
|
|
||||||
|
wpcli:
|
||||||
|
image: wordpress:cli
|
||||||
|
volumes:
|
||||||
|
- ./config/php.conf.ini:/usr/local/etc/php/conf.d/conf.ini
|
||||||
|
- ./wp-app:/var/www/html
|
||||||
|
depends_on:
|
||||||
|
- db
|
||||||
|
- wp
|
||||||
|
|
||||||
|
db:
|
||||||
|
image: mysql:latest # https://hub.docker.com/_/mysql/ - or mariadb https://hub.docker.com/_/mariadb
|
||||||
|
ports:
|
||||||
|
- 3306:3306 # change ip if required
|
||||||
|
command: [
|
||||||
|
'--default_authentication_plugin=mysql_native_password',
|
||||||
|
'--character-set-server=utf8mb4',
|
||||||
|
'--collation-server=utf8mb4_unicode_ci'
|
||||||
|
]
|
||||||
|
volumes:
|
||||||
|
- ./wp-data:/docker-entrypoint-initdb.d
|
||||||
|
- db_data:/var/lib/mysql
|
||||||
|
environment:
|
||||||
|
MYSQL_DATABASE: "wordpress"
|
||||||
|
MYSQL_ROOT_PASSWORD: "wppasswd"
|
||||||
|
|
||||||
|
openldap:
|
||||||
|
image: osixia/openldap:latest
|
||||||
|
# build:
|
||||||
|
# context: dockersetup
|
||||||
|
# dockerfile: Dockerfile_ldap
|
||||||
|
ports:
|
||||||
|
- 389:389
|
||||||
|
volumes:
|
||||||
|
- ./.ci/50-init.ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom/50-bootstrap.ldif
|
||||||
|
command: "--copy-service --loglevel debug"
|
||||||
|
restart: always
|
||||||
|
environment:
|
||||||
|
LDAP_LOG_LEVEL: "0"
|
||||||
|
LDAP_TLS: "false"
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
db_data:
|
@ -0,0 +1,9 @@
|
|||||||
|
FROM wordpress:latest
|
||||||
|
|
||||||
|
RUN set -x \
|
||||||
|
&& apt-get update \
|
||||||
|
&& apt-get install -y libldap2-dev \
|
||||||
|
&& rm -rf /var/lib/apt/lists/* \
|
||||||
|
&& docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ \
|
||||||
|
&& docker-php-ext-install ldap \
|
||||||
|
&& apt-get purge -y --auto-remove libldap2-dev
|
280
wp-content/plugins/authLdap-2.3.1/ldap.php
Normal file
280
wp-content/plugins/authLdap-2.3.1/ldap.php
Normal file
@ -0,0 +1,280 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* $Id: ldap.php 381646 2011-05-06 09:37:31Z heiglandreas $
|
||||||
|
*
|
||||||
|
* authLdap - Authenticate Wordpress against an LDAP-Backend.
|
||||||
|
* Copyright (c) 2008 Andreas Heigl<andreas@heigl.org>
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU General Public License
|
||||||
|
* as published by the Free Software Foundation; either version 2
|
||||||
|
* of the License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program; if not, write to the Free Software
|
||||||
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
||||||
|
*
|
||||||
|
* This file handles the basic LDAP-Tasks
|
||||||
|
*
|
||||||
|
* @author Andreas Heigl<andreas@heigl.org>
|
||||||
|
* @package authLdap
|
||||||
|
* @category authLdap
|
||||||
|
* @since 2008
|
||||||
|
*/
|
||||||
|
namespace Org_Heigl\AuthLdap;
|
||||||
|
|
||||||
|
use Exception;
|
||||||
|
|
||||||
|
class LDAP
|
||||||
|
{
|
||||||
|
private $_server = '';
|
||||||
|
|
||||||
|
private $_scheme = 'ldap';
|
||||||
|
|
||||||
|
private $_port = 389;
|
||||||
|
|
||||||
|
private $_baseDn = '';
|
||||||
|
|
||||||
|
private $_debug = false;
|
||||||
|
/**
|
||||||
|
* This property contains the connection handle to the ldap-server
|
||||||
|
*
|
||||||
|
* @var Ressource
|
||||||
|
*/
|
||||||
|
private $_ch = null;
|
||||||
|
|
||||||
|
private $_username = '';
|
||||||
|
|
||||||
|
private $_password = '';
|
||||||
|
|
||||||
|
private $_starttls = false;
|
||||||
|
|
||||||
|
public function __construct($URI, $debug = false, $starttls = false)
|
||||||
|
{
|
||||||
|
$this->_debug=$debug;
|
||||||
|
$array = parse_url($URI);
|
||||||
|
if (! is_array($array)) {
|
||||||
|
throw new Exception($URI . ' seems not to be a valid URI');
|
||||||
|
}
|
||||||
|
$url = array_map(function ($item) {
|
||||||
|
return urldecode($item);
|
||||||
|
}, $array);
|
||||||
|
|
||||||
|
if (false === $url) {
|
||||||
|
throw new Exception($URI . ' is an invalid URL');
|
||||||
|
}
|
||||||
|
if (! isset ( $url['scheme'] )) {
|
||||||
|
throw new Exception($URI . ' does not provide a scheme');
|
||||||
|
}
|
||||||
|
if (0 !== strpos($url['scheme'], 'ldap')) {
|
||||||
|
throw new Exception($URI . ' is an invalid LDAP-URI');
|
||||||
|
}
|
||||||
|
if (! isset ( $url['host'] )) {
|
||||||
|
throw new Exception($URI . ' does not provide a server');
|
||||||
|
}
|
||||||
|
if (! isset ( $url['path'] )) {
|
||||||
|
throw new Exception($URI . ' does not provide a search-base');
|
||||||
|
}
|
||||||
|
if (1 == strlen($url['path'])) {
|
||||||
|
throw new Exception($URI . ' does not provide a valid search-base');
|
||||||
|
}
|
||||||
|
$this -> _server = $url['host'];
|
||||||
|
$this -> _scheme = $url['scheme'];
|
||||||
|
$this -> _baseDn = substr($url['path'], 1);
|
||||||
|
if (isset ( $url['user'] )) {
|
||||||
|
$this -> _username = $url['user'];
|
||||||
|
}
|
||||||
|
if ('' == trim($this -> _username)) {
|
||||||
|
$this -> _username = 'anonymous';
|
||||||
|
}
|
||||||
|
if (isset ( $url['pass'] )) {
|
||||||
|
$this -> _password = $url['pass'];
|
||||||
|
}
|
||||||
|
if (isset ( $url['port'] )) {
|
||||||
|
$this -> _port = $url['port'];
|
||||||
|
}
|
||||||
|
$this->_starttls = $starttls;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Connect to the given LDAP-Server
|
||||||
|
*
|
||||||
|
* @return LDAP
|
||||||
|
* @throws AuthLdap_Exception
|
||||||
|
*/
|
||||||
|
public function connect()
|
||||||
|
{
|
||||||
|
$this -> disconnect();
|
||||||
|
if ('ldaps' == $this->_scheme && 389 == $this->_port) {
|
||||||
|
$this->_port = 636;
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->_ch = @ldap_connect($this->_scheme . '://' . $this->_server . ':' . $this -> _port);
|
||||||
|
if (! $this->_ch) {
|
||||||
|
throw new AuthLDAP_Exception('Could not connect to the server');
|
||||||
|
}
|
||||||
|
ldap_set_option($this->_ch, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||||
|
ldap_set_option($this->_ch, LDAP_OPT_REFERRALS, 0);
|
||||||
|
//if configured try to upgrade encryption to tls for ldap connections
|
||||||
|
if ($this->_starttls) {
|
||||||
|
ldap_start_tls($this->_ch);
|
||||||
|
}
|
||||||
|
return $this;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Disconnect from a resource if one is available
|
||||||
|
*
|
||||||
|
* @return LDAP
|
||||||
|
*/
|
||||||
|
public function disconnect()
|
||||||
|
{
|
||||||
|
if (is_resource($this->_ch)) {
|
||||||
|
@ldap_unbind($this->_ch);
|
||||||
|
}
|
||||||
|
$this->_ch = null;
|
||||||
|
return $this;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Bind to an LDAP-Server with the given credentials
|
||||||
|
*
|
||||||
|
* @return LDAP
|
||||||
|
* @throw AuthLdap_Exception
|
||||||
|
*/
|
||||||
|
public function bind()
|
||||||
|
{
|
||||||
|
if (! $this->_ch) {
|
||||||
|
$this->connect();
|
||||||
|
}
|
||||||
|
if (! is_resource($this->_ch)) {
|
||||||
|
throw new AuthLDAP_Exception('No Resource-handle given');
|
||||||
|
}
|
||||||
|
$bind = false;
|
||||||
|
if (( ( $this->_username )
|
||||||
|
&& ( $this->_username != 'anonymous') )
|
||||||
|
&& ( $this->_password != '' ) ) {
|
||||||
|
$bind = @ldap_bind($this->_ch, $this->_username, $this->_password);
|
||||||
|
} else {
|
||||||
|
$bind = @ldap_bind($this->_ch);
|
||||||
|
}
|
||||||
|
if (! $bind) {
|
||||||
|
throw new AuthLDAP_Exception('bind was not successfull: ' . ldap_error($this->_ch));
|
||||||
|
}
|
||||||
|
return $this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getErrorNumber()
|
||||||
|
{
|
||||||
|
return @ldap_errno($this->_ch);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getErrorText()
|
||||||
|
{
|
||||||
|
return @ldap_error($this->_ch);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This method does the actual ldap-serch.
|
||||||
|
*
|
||||||
|
* This is using the filter <var>$filter</var> for retrieving the attributes
|
||||||
|
* <var>$attributes</var>
|
||||||
|
*
|
||||||
|
*
|
||||||
|
* @param string $filter
|
||||||
|
* @param array $attributes
|
||||||
|
* @param string $base
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
|
public function search($filter, $attributes = array('uid'), $base = '' )
|
||||||
|
{
|
||||||
|
if (! is_Resource($this->_ch)) {
|
||||||
|
throw new AuthLDAP_Exception('No resource handle avbailable');
|
||||||
|
}
|
||||||
|
if (! $base) {
|
||||||
|
$base = $this->_baseDn;
|
||||||
|
}
|
||||||
|
$result = ldap_search($this->_ch, $base, $filter, $attributes);
|
||||||
|
if ($result === false) {
|
||||||
|
throw new AuthLDAP_Exception('no result found');
|
||||||
|
}
|
||||||
|
$this->_info = @ldap_get_entries($this->_ch, $result);
|
||||||
|
if ($this->_info === false) {
|
||||||
|
throw new AuthLDAP_Exception('invalid results found');
|
||||||
|
}
|
||||||
|
return $this -> _info;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This method sets debugging to ON
|
||||||
|
*/
|
||||||
|
public function debugOn()
|
||||||
|
{
|
||||||
|
$this->_debug = true;
|
||||||
|
return $this;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This method sets debugging to OFF
|
||||||
|
*/
|
||||||
|
public function debugOff()
|
||||||
|
{
|
||||||
|
$this->_debug = false;
|
||||||
|
return $this;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This method authenticates the user <var>$username</var> using the
|
||||||
|
* password <var>$password</var>
|
||||||
|
*
|
||||||
|
* @param string $username
|
||||||
|
* @param string $password
|
||||||
|
* @param string $filter OPTIONAL This parameter defines the Filter to be used
|
||||||
|
* when searchin for the username. This MUST contain the string '%s' which
|
||||||
|
* will be replaced by the vaue given in <var>$username</var>
|
||||||
|
* @return boolean true or false depending on successfull authentication or not
|
||||||
|
*/
|
||||||
|
public function authenticate($username, $password, $filter = '(uid=%s)')
|
||||||
|
{
|
||||||
|
//return true;
|
||||||
|
$this->connect();
|
||||||
|
$this->bind();
|
||||||
|
$res = $this->search(sprintf($filter, $username));
|
||||||
|
if (! $res || ! is_array($res) || ( $res ['count'] != 1 )) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
$dn = $res[0]['dn'];
|
||||||
|
if ($username && $password) {
|
||||||
|
if (@ldap_bind($this->_ch, $dn, $password)) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* $this method loggs errors if debugging is set to ON
|
||||||
|
*/
|
||||||
|
public function logError()
|
||||||
|
{
|
||||||
|
if ($this->_debug) {
|
||||||
|
$_v = debug_backtrace();
|
||||||
|
throw new AuthLDAP_Exception('[LDAP_ERROR]' . ldap_errno($this->_ch) . ':' . ldap_error($this->_ch), $_v[0]['line']);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
class AuthLDAP_Exception extends Exception
|
||||||
|
{
|
||||||
|
public function __construct($message, $line = null)
|
||||||
|
{
|
||||||
|
parent :: __construct($message);
|
||||||
|
if ($line) {
|
||||||
|
$this -> line = $line;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
28
wp-content/plugins/authLdap-2.3.1/phpunit.travis.xml
Normal file
28
wp-content/plugins/authLdap-2.3.1/phpunit.travis.xml
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<phpunit bootstrap="vendor/autoload.php">
|
||||||
|
<testsuite name="authLdap Test-Suite">
|
||||||
|
<directory>tests</directory>
|
||||||
|
</testsuite>
|
||||||
|
|
||||||
|
<groups>
|
||||||
|
<exclude>
|
||||||
|
<group>disable</group>
|
||||||
|
</exclude>
|
||||||
|
</groups>
|
||||||
|
<listeners>
|
||||||
|
<listener class="\Mockery\Adapter\Phpunit\TestListener"></listener>
|
||||||
|
</listeners>
|
||||||
|
<filter>
|
||||||
|
<whitelist>
|
||||||
|
<directory suffix=".php">src</directory>
|
||||||
|
</whitelist>
|
||||||
|
</filter>
|
||||||
|
|
||||||
|
<logging>
|
||||||
|
<!--
|
||||||
|
Adapt these paths to your special needs
|
||||||
|
-->
|
||||||
|
<log type="coverage-text" target="php://stdout" showUncoveredFiles="false"/>
|
||||||
|
<log type="coverage-clover" target="build/logs/clover.xml" />
|
||||||
|
</logging>
|
||||||
|
</phpunit>
|
42
wp-content/plugins/authLdap-2.3.1/phpunit.xml.dist
Normal file
42
wp-content/plugins/authLdap-2.3.1/phpunit.xml.dist
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
|
||||||
|
<!--
|
||||||
|
Document : phpunit.xml
|
||||||
|
Created on : 21.09.2010
|
||||||
|
Author : heiglandreas
|
||||||
|
-->
|
||||||
|
|
||||||
|
<phpunit bootstrap="vendor/autoload.php">
|
||||||
|
<testsuite name="authLdap Test-Suite">
|
||||||
|
<directory>tests</directory>
|
||||||
|
</testsuite>
|
||||||
|
|
||||||
|
<groups>
|
||||||
|
<exclude>
|
||||||
|
<group>disable</group>
|
||||||
|
</exclude>
|
||||||
|
</groups>
|
||||||
|
<listeners>
|
||||||
|
<!--listener class="\Mockery\Adapter\Phpunit\TestListener"></listener-->
|
||||||
|
</listeners>
|
||||||
|
<filter>
|
||||||
|
<whitelist>
|
||||||
|
<directory suffix=".php">src</directory>
|
||||||
|
</whitelist>
|
||||||
|
</filter>
|
||||||
|
<logging>
|
||||||
|
<log type="coverage-html" target="build/coverage" charset="UTF-8"
|
||||||
|
yui="true" highlight="false"
|
||||||
|
lowUpperBound="35" highLowerBound="70" />
|
||||||
|
<!--log type="coverage-xml" target="../report/coverage.xml"/-->
|
||||||
|
<!--log type="graphviz" target="../report/logfile.dot"/-->
|
||||||
|
<!--log type="json" target="../report/logfile.json"/-->
|
||||||
|
<!--log type="metrics-xml" target="../report/metrics.xml"/-->
|
||||||
|
<!--log type="plain" target="../report/logfile.txt"/-->
|
||||||
|
<!--log type="pmd-xml" target="../report/pmd.xml" cpdMinLines="5" cpdMinMatches="70"/-->
|
||||||
|
<!--log type="tap" target="../report/logfile.tap"/-->
|
||||||
|
<!--log type="test-xml" target="../report/logfile.xml" logIncompleteSkipped="false"/-->
|
||||||
|
<!--log type="testdox-html" target="../report/testdox.html"/-->
|
||||||
|
<!--log type="testdox-text" target="../report/testdox.txt"/-->
|
||||||
|
</logging>
|
||||||
|
</phpunit>
|
111
wp-content/plugins/authLdap-2.3.1/readme.txt
Normal file
111
wp-content/plugins/authLdap-2.3.1/readme.txt
Normal file
@ -0,0 +1,111 @@
|
|||||||
|
=== authLdap ===
|
||||||
|
Contributors: heiglandreas
|
||||||
|
Tags: ldap, auth, authentication, active directory, AD, openLDAP, Open Directory
|
||||||
|
Requires at least: 2.5.0
|
||||||
|
Tested up to: 5.2.0
|
||||||
|
Requires PHP: 5.6
|
||||||
|
Stable tag: trunk
|
||||||
|
License: MIT
|
||||||
|
License URI: https://opensource.org/licenses/MIT
|
||||||
|
|
||||||
|
Use your existing LDAP flexible as authentication backend for WordPress
|
||||||
|
|
||||||
|
== Description ==
|
||||||
|
|
||||||
|
Use your existing LDAP as authentication-backend for your wordpress!
|
||||||
|
|
||||||
|
So what are the differences to other Wordpress-LDAP-Authentication-Plugins?
|
||||||
|
|
||||||
|
* Flexible: You are totaly free in which LDAP-backend to use. Due to the extensive configuration you can freely decide how to do the authentication of your users. It simply depends on your filters
|
||||||
|
* Independent: As soon as a user logs in, it is added/updated to the Wordpress' user-database to allow wordpress to always use the correct data. You only have to administer your users once.
|
||||||
|
* Failsafe: Due to the users being created in Wordpress' User-database they can also log in when the LDAP-backend currently is gone.
|
||||||
|
* Role-Aware: You can map Wordpress' roles to values of an existing LDAP-attribute.
|
||||||
|
|
||||||
|
For more Information on the configuration have a look at https://github.com/heiglandreas/authLdap
|
||||||
|
|
||||||
|
== Installation ==
|
||||||
|
|
||||||
|
1. Upload the extracted folder `authLdap` to the `/wp-content/plugins/` directory
|
||||||
|
2. Activate the plugin through the 'Plugins' menu in WordPress
|
||||||
|
3. Configure the Plugin via the 'authLdap'-Configuration-Page.
|
||||||
|
|
||||||
|
== Frequently Asked Questions ==
|
||||||
|
|
||||||
|
= Where can I find more Informations about the plugin? =
|
||||||
|
|
||||||
|
Go to https://github.com/heiglandreas/authLdap
|
||||||
|
|
||||||
|
= Where can I report issues with the plugin? =
|
||||||
|
|
||||||
|
Please use the issuetracker at https://github.com/heiglandreas/authLdap/issues
|
||||||
|
|
||||||
|
== Changelog ==
|
||||||
|
= 2.3.0 =
|
||||||
|
* Allow to not overwrite existing WordPress-Users with LDAP-Users as that can be a security issue.
|
||||||
|
|
||||||
|
= 2.1.0 =
|
||||||
|
* Add search-base for groups. This might come in handy for multisite-instances
|
||||||
|
|
||||||
|
= 2.0.0 =
|
||||||
|
* This new release adds Multi-Site support. It will no longer be possible to use this plugin just in one subsite of a multisite installation!
|
||||||
|
* Adds a warning screen to the config-section when no LDAPextension could be found
|
||||||
|
* Fixes an issue with the max-length of the username
|
||||||
|
|
||||||
|
= 1.5.1 =
|
||||||
|
* Fixes an issue with escaped backslashes and quotes
|
||||||
|
|
||||||
|
= 1.5.0 =
|
||||||
|
* Allows parts of the LDAP-URI to be URLEncoded
|
||||||
|
* Drops support for PHP 5.4
|
||||||
|
|
||||||
|
= 1.4.20 =
|
||||||
|
* Allows multiple LDAP-servers to be queried (given that they use the same attributes)
|
||||||
|
* Fixes issue with URL-Encoded informations (see https://github.com/heiglandreas/authLdap/issues/108)
|
||||||
|
|
||||||
|
= 1.4.19 =
|
||||||
|
* Adds support for TLS
|
||||||
|
|
||||||
|
= 1.4.14 =
|
||||||
|
* Update to showing password-fields check (thanks to @chaplina)
|
||||||
|
|
||||||
|
= 1.4.13 =
|
||||||
|
* Removed generation of default email-address (thanks to @henryk)
|
||||||
|
* Fixes password-hashing when caching passwords (thanks to @litinoveweedle)
|
||||||
|
* Removes the possibility to reset a password for LDAP-based users (thanks to @chaplina)
|
||||||
|
* Removes the password-change-Email from 4.3 on (thanks to @litinoveweedle)
|
||||||
|
* Fixes double authentication-attempt (that resulted in failed authentication) (thanks to @litinoveweedle)
|
||||||
|
|
||||||
|
= 1.4.10 =
|
||||||
|
* Cleanup by removing deprecated code
|
||||||
|
* Fixes issues with undefined variables
|
||||||
|
* Enables internal option-versioning
|
||||||
|
* Setting users nickname initially to the realname instead of the uid
|
||||||
|
* Fixes display of password-change possibility in users profile-page
|
||||||
|
= 1.4.9 =
|
||||||
|
* Fixed an issue with changing display name on every login
|
||||||
|
* Use proper way of looking up user-roles in setups w/o DB-prefix
|
||||||
|
= 1.4.8 =
|
||||||
|
* Updated version string
|
||||||
|
= 1.4.7 =
|
||||||
|
* Use default user to retrieve group menberships and not logging in user.
|
||||||
|
* return the UID from the LDAP instead of the value given by the user
|
||||||
|
* remove unnecessary checkbox
|
||||||
|
* Adds a testsuite
|
||||||
|
* Fixes PSR2 violations
|
||||||
|
|
||||||
|
[…]
|
||||||
|
|
||||||
|
= 1.2.1 =
|
||||||
|
* Fixed an issue with group-ids
|
||||||
|
* Moved the code to GitHub (https://github.com/heiglandreas/authLdap)
|
||||||
|
= 1.1.0 =
|
||||||
|
* Changed the login-process. Now users that are not allowed to login due to
|
||||||
|
missing group-memberships are not created within your blog as was the standard
|
||||||
|
until Version 1.0.3 - Thanks to alex@tayts.com
|
||||||
|
* Changed the default mail-address that is created when no mail-address can be
|
||||||
|
retrieved from the LDAP from me@example.com to $username@example.com so that
|
||||||
|
a new user can be created even though the mail address already exists in your
|
||||||
|
blog - Also thanks to alex@tayts.com
|
||||||
|
* Added support for WordPress-Table-prefixes as the capabilities of a user
|
||||||
|
are interlany stored in a field that is named "$tablePrefix_capabilities" -
|
||||||
|
again thanks to alex@tayts.com and also to sim0n of silicium.mine.nu
|
87
wp-content/plugins/authLdap-2.3.1/src/LdapList.php
Normal file
87
wp-content/plugins/authLdap-2.3.1/src/LdapList.php
Normal file
@ -0,0 +1,87 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* Copyright (c) Andreas Heigl<andreas@heigl.org>
|
||||||
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
|
* of this software and associated documentation files (the "Software"), to deal
|
||||||
|
* in the Software without restriction, including without limitation the rights
|
||||||
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
|
* copies of the Software, and to permit persons to whom the Software is
|
||||||
|
* furnished to do so, subject to the following conditions:
|
||||||
|
* The above copyright notice and this permission notice shall be included in
|
||||||
|
* all copies or substantial portions of the Software.
|
||||||
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||||
|
* THE SOFTWARE.
|
||||||
|
*
|
||||||
|
* @author Andreas Heigl<andreas@heigl.org>
|
||||||
|
* @copyright Andreas Heigl
|
||||||
|
* @license http://www.opensource.org/licenses/mit-license.php MIT-License
|
||||||
|
* @since 07.07.2016
|
||||||
|
* @link http://github.com/heiglandreas/authLDAP
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace Org_Heigl\AuthLdap;
|
||||||
|
|
||||||
|
class LdapList
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @var \LDAP[]
|
||||||
|
*/
|
||||||
|
protected $items = [];
|
||||||
|
|
||||||
|
public function addLdap(LDAP $ldap)
|
||||||
|
{
|
||||||
|
$this->items[] = $ldap;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function authenticate($username, $password, $filter = '(uid=%s)')
|
||||||
|
{
|
||||||
|
foreach ($this->items as $key => $item) {
|
||||||
|
if (! $item->authenticate($username, $password, $filter)) {
|
||||||
|
unset ($this->items[$key]);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function bind()
|
||||||
|
{
|
||||||
|
$allFailed = true;
|
||||||
|
foreach ($this->items as $key => $item) {
|
||||||
|
try {
|
||||||
|
$item->bind();
|
||||||
|
} catch (\Exception $e) {
|
||||||
|
unset($this->items[$key]);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
$allFailed = false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($allFailed) {
|
||||||
|
throw new AuthLDAP_Exception('No bind successfull');
|
||||||
|
}
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function search($filter, $attributes = array('uid'), $base = '')
|
||||||
|
{
|
||||||
|
foreach ($this->items as $item) {
|
||||||
|
try {
|
||||||
|
$result = $item->search($filter, $attributes, $base);
|
||||||
|
return $result;
|
||||||
|
} catch (Exception $e) {
|
||||||
|
throw $e;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
throw new \AuthLDAP_Exception('No Results found');
|
||||||
|
}
|
||||||
|
}
|
134
wp-content/plugins/authLdap-2.3.1/tests/LDAPBaseTest.php
Normal file
134
wp-content/plugins/authLdap-2.3.1/tests/LDAPBaseTest.php
Normal file
@ -0,0 +1,134 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Copyright (c) 2016-2016} Andreas Heigl<andreas@heigl.org>
|
||||||
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
|
* of this software and associated documentation files (the "Software"), to deal
|
||||||
|
* in the Software without restriction, including without limitation the rights
|
||||||
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
|
* copies of the Software, and to permit persons to whom the Software is
|
||||||
|
* furnished to do so, subject to the following conditions:
|
||||||
|
* The above copyright notice and this permission notice shall be included in
|
||||||
|
* all copies or substantial portions of the Software.
|
||||||
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||||
|
* THE SOFTWARE.
|
||||||
|
*
|
||||||
|
* @author Andreas Heigl<andreas@heigl.org>
|
||||||
|
* @copyright 2016-2016 Andreas Heigl
|
||||||
|
* @license http://www.opensource.org/licenses/mit-license.php MIT-License
|
||||||
|
* @version 0.0
|
||||||
|
* @since 07.06.2016
|
||||||
|
* @link http://github.com/heiglandreas/authLDAP
|
||||||
|
*/
|
||||||
|
namespace Org_Heigl\AuthLdapTest;
|
||||||
|
|
||||||
|
use Org_Heigl\AuthLdap\LDAP;
|
||||||
|
use Org_Heigl\AuthLdap\LdapList;
|
||||||
|
use phpmock\spy\Spy;
|
||||||
|
use PHPUnit_Framework_TestCase;
|
||||||
|
|
||||||
|
class LDAPBaseTest extends PHPUnit_Framework_TestCase
|
||||||
|
{
|
||||||
|
public function setUp()
|
||||||
|
{
|
||||||
|
$this->ldap_connect_spy = new Spy('Org_Heigl\AuthLdap', 'ldap_connect');
|
||||||
|
$this->ldap_connect_spy->enable();
|
||||||
|
}
|
||||||
|
|
||||||
|
public function tearDown()
|
||||||
|
{
|
||||||
|
$this->ldap_connect_spy->disable();
|
||||||
|
}
|
||||||
|
/** @dataProvider bindingWithPasswordProvider */
|
||||||
|
public function testThatBindingWithPasswordWorks($user, $password, $filter, $uri)
|
||||||
|
{
|
||||||
|
$ldap = new LDAP($uri);
|
||||||
|
$this->assertTrue($ldap->authenticate($user, $password, $filter));
|
||||||
|
}
|
||||||
|
|
||||||
|
public function bindingWithPasswordProvider()
|
||||||
|
{
|
||||||
|
return [
|
||||||
|
['user3', 'user!"', 'uid=%s', 'ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com'],
|
||||||
|
['Manager', 'insecure', 'cn=%s', 'ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com'],
|
||||||
|
['user1', 'user1', 'uid=%s', 'ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com'],
|
||||||
|
['user 4', 'user!"', 'uid=%s', 'ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com'],
|
||||||
|
['user 5', 'user!"', 'uid=%s', 'ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=test%20space,dc=example,dc=com'],
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param $uri
|
||||||
|
* @dataProvider initialBindingToLdapServerWorksProvider
|
||||||
|
*/
|
||||||
|
public function testThatInitialBindingWorks($uri)
|
||||||
|
{
|
||||||
|
$ldap = new LDAP($uri);
|
||||||
|
$this->assertInstanceof(LDAP::class, $ldap->bind());
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param $uri
|
||||||
|
* @dataProvider initialBindingToLdapServerWorksProvider
|
||||||
|
*/
|
||||||
|
public function testThatInitialBindingToMultipleLdapsWorks($uri)
|
||||||
|
{
|
||||||
|
$list = new LdapList();
|
||||||
|
$list->addLDAP(new LDAP($uri));
|
||||||
|
$this->assertTrue($list->bind());
|
||||||
|
}
|
||||||
|
|
||||||
|
public function initialBindingToLdapServerWorksProvider()
|
||||||
|
{
|
||||||
|
return [
|
||||||
|
['ldap://uid=user%205,dc=test%20space,dc=example,dc=com:user!"@localhost:3890/dc=test%20space,dc=example,dc=com'],
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
/** @dataProvider bindingWithPasswordProvider */
|
||||||
|
public function testThatBindingWithAddedSlashesFailsWorks($user, $password, $filter)
|
||||||
|
{
|
||||||
|
$newpassword = addslashes($password);
|
||||||
|
$ldap = new LDAP('ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com');
|
||||||
|
if ($newpassword === $password) {
|
||||||
|
$this->assertTrue($ldap->authenticate($user, $password, $filter));
|
||||||
|
} else {
|
||||||
|
$this->assertFalse($ldap->authenticate($user, $newpassword, $filter));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/** @dataProvider serchingForGroupsProvider */
|
||||||
|
public function testThatSearchingForGoupsWorks($filter, $user, $groups)
|
||||||
|
{
|
||||||
|
// (&(objectCategory=group)(member=<USER_DN>))
|
||||||
|
$ldap = new LDAP('ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com');
|
||||||
|
$ldap->bind();
|
||||||
|
$this->assertContains($groups, $ldap->search(sprintf($filter, $user), ['cn'])[0]);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
public function serchingForGroupsProvider()
|
||||||
|
{
|
||||||
|
return [
|
||||||
|
[
|
||||||
|
'(&(objectclass=groupOfUniqueNames)(uniqueMember=%s))',
|
||||||
|
'uid=user 4,dc=example,dc=com',
|
||||||
|
['count' => 1, 0 => 'group4'],
|
||||||
|
],
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testThatSettingLDAPSActuallyGivesTheCorrectPort()
|
||||||
|
{
|
||||||
|
|
||||||
|
$ldap = new LDAP('ldaps://cn=Manager,dc=example,dc=com:insecure@127.0.0.1/dc=example,dc=com');
|
||||||
|
$ldap->connect();
|
||||||
|
|
||||||
|
$this->assertEquals('ldaps://127.0.0.1:636', $this->ldap_connect_spy->getInvocations()[0]->getArguments()[0]);
|
||||||
|
}
|
||||||
|
}
|
66
wp-content/plugins/authLdap-2.3.1/tests/LDAPListBaseTest.php
Normal file
66
wp-content/plugins/authLdap-2.3.1/tests/LDAPListBaseTest.php
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Copyright (c) 2016-2016} Andreas Heigl<andreas@heigl.org>
|
||||||
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
|
* of this software and associated documentation files (the "Software"), to deal
|
||||||
|
* in the Software without restriction, including without limitation the rights
|
||||||
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
|
* copies of the Software, and to permit persons to whom the Software is
|
||||||
|
* furnished to do so, subject to the following conditions:
|
||||||
|
* The above copyright notice and this permission notice shall be included in
|
||||||
|
* all copies or substantial portions of the Software.
|
||||||
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||||
|
* THE SOFTWARE.
|
||||||
|
*
|
||||||
|
* @author Andreas Heigl<andreas@heigl.org>
|
||||||
|
* @copyright 2016-2016 Andreas Heigl
|
||||||
|
* @license http://www.opensource.org/licenses/mit-license.php MIT-License
|
||||||
|
* @version 0.0
|
||||||
|
* @since 07.06.2016
|
||||||
|
* @link http://github.com/heiglandreas/authLDAP
|
||||||
|
*/
|
||||||
|
namespace Org_Heigl\AuthLdapTest;
|
||||||
|
|
||||||
|
use Org_Heigl\AuthLdap\LDAP;
|
||||||
|
use PHPUnit_Framework_TestCase;
|
||||||
|
|
||||||
|
class LDAPListBaseTest extends PHPUnit_Framework_TestCase
|
||||||
|
{
|
||||||
|
/** @dataProvider bindingWithPasswordProvider */
|
||||||
|
public function testThatBindingWithPasswordWorks($user, $password, $filter)
|
||||||
|
{
|
||||||
|
require_once __DIR__ . '/../src/LdapList.php';
|
||||||
|
$ldaplist = new \Org_Heigl\AuthLdap\LdapList();
|
||||||
|
$ldaplist->addLdap(new LDAP('ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com'));
|
||||||
|
$this->assertTrue($ldaplist->authenticate($user, $password, $filter));
|
||||||
|
}
|
||||||
|
|
||||||
|
public function bindingWithPasswordProvider()
|
||||||
|
{
|
||||||
|
return [
|
||||||
|
['user3', 'user!"', 'uid=%s'],
|
||||||
|
['Manager', 'insecure', 'cn=%s'],
|
||||||
|
['user1', 'user1', 'uid=%s'],
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
/** @dataProvider bindingWithPasswordProvider */
|
||||||
|
public function testThatBindingWithAddedSlashesFailsWorks($user, $password, $filter)
|
||||||
|
{
|
||||||
|
$newpassword = addslashes($password);
|
||||||
|
require_once __DIR__ . '/../src/LdapList.php';
|
||||||
|
$ldaplist = new \Org_Heigl\AuthLdap\LdapList();
|
||||||
|
$ldaplist->addLdap(new LDAP('ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com'));
|
||||||
|
if ($newpassword === $password) {
|
||||||
|
$this->assertTrue($ldaplist->authenticate($user, $password, $filter));
|
||||||
|
} else {
|
||||||
|
$this->assertFalse($ldaplist->authenticate($user, $newpassword, $filter));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
183
wp-content/plugins/authLdap-2.3.1/tests/LdapTest.php
Normal file
183
wp-content/plugins/authLdap-2.3.1/tests/LdapTest.php
Normal file
@ -0,0 +1,183 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* $Id: LdapTest.php 292156 2010-09-21 19:32:01Z heiglandreas $
|
||||||
|
*
|
||||||
|
* authLdap - Authenticate Wordpress against an LDAP-Backend.
|
||||||
|
* Copyright (c) 2008 Andreas Heigl<andreas@heigl.org>
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU General Public License
|
||||||
|
* as published by the Free Software Foundation; either version 2
|
||||||
|
* of the License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program; if not, write to the Free Software
|
||||||
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
||||||
|
*
|
||||||
|
* This file tests the basic LDAP-Tasks
|
||||||
|
*
|
||||||
|
* @category authLdap
|
||||||
|
* @package authLdap
|
||||||
|
* @subpackage UnitTests
|
||||||
|
* @author Andreas Heigl<andreas@heigl.org>
|
||||||
|
* @copyright 2010 Andreas Heigl<andreas@heigl.org>
|
||||||
|
* @license GPL
|
||||||
|
* @since 21.09.2010
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace Org_Heigl\AuthLdapTest;
|
||||||
|
|
||||||
|
use PHPUnit_Framework_TestCase;
|
||||||
|
use Org_Heigl\AuthLdap\LDAP;
|
||||||
|
|
||||||
|
class LdapTest extends PHPUnit_Framework_TestCase
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* @dataProvider dpInstantiateLdapClass
|
||||||
|
* @param array $expected
|
||||||
|
* @param array $given
|
||||||
|
*/
|
||||||
|
public function testInstantiateLdapClass($expected, $given)
|
||||||
|
{
|
||||||
|
$ldap = new LDAP($expected[0], $expected[1]);
|
||||||
|
foreach ($given as $key => $value) {
|
||||||
|
$this -> assertAttributeEquals($value, '_' . $key, $ldap);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @dataProvider dpExceptionsWhenInstantiatingLdapClass
|
||||||
|
* @expectedException Exception
|
||||||
|
* @param array $expected
|
||||||
|
*/
|
||||||
|
public function testExceptionsWhenInstantiatingLdapClass($expected)
|
||||||
|
{
|
||||||
|
new LDAP($expected);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function dpInstantiateLdapClass()
|
||||||
|
{
|
||||||
|
return array (
|
||||||
|
array (
|
||||||
|
array ('ldap://uid=jondoe,cn=users,cn=example,c=org:secret@ldap.example.org/cn=example,c=org', true),
|
||||||
|
array (
|
||||||
|
'username' => 'uid=jondoe,cn=users,cn=example,c=org',
|
||||||
|
'password' => 'secret',
|
||||||
|
'server' => 'ldap.example.org',
|
||||||
|
'baseDn' => 'cn=example,c=org',
|
||||||
|
'debug' => true
|
||||||
|
)
|
||||||
|
),
|
||||||
|
array (
|
||||||
|
array ('ldap://uid=jondoe,cn=users,cn=example,c=org@ldap.example.org/cn=example,c=org', true),
|
||||||
|
array (
|
||||||
|
'username' => 'uid=jondoe,cn=users,cn=example,c=org',
|
||||||
|
'password' => '',
|
||||||
|
'server' => 'ldap.example.org',
|
||||||
|
'baseDn' => 'cn=example,c=org',
|
||||||
|
'debug' => true
|
||||||
|
)
|
||||||
|
),
|
||||||
|
array(
|
||||||
|
array ('ldap://ldap.example.org/cn=example,c=org', true),
|
||||||
|
array (
|
||||||
|
'username' => 'anonymous',
|
||||||
|
'password' => '',
|
||||||
|
'server' => 'ldap.example.org',
|
||||||
|
'baseDn' => 'cn=example,c=org',
|
||||||
|
'debug' => true
|
||||||
|
)
|
||||||
|
),
|
||||||
|
// array(
|
||||||
|
// array ('ldap://ldap.example.org', true),
|
||||||
|
// array (
|
||||||
|
// 'username' => 'anonymous',
|
||||||
|
// 'password' => '',
|
||||||
|
// 'server' => 'ldap.example.org',
|
||||||
|
// 'baseDn' => '',
|
||||||
|
// 'debug' => true
|
||||||
|
// )
|
||||||
|
// ),
|
||||||
|
array(
|
||||||
|
array ('ldap://uid=jondoe,cn=users,cn=example,c=org:secret@ldap.example.org/cn=example,c=org', false),
|
||||||
|
array (
|
||||||
|
'username' => 'uid=jondoe,cn=users,cn=example,c=org',
|
||||||
|
'password' => 'secret',
|
||||||
|
'server' => 'ldap.example.org',
|
||||||
|
'baseDn' => 'cn=example,c=org',
|
||||||
|
'debug' => false
|
||||||
|
)
|
||||||
|
),
|
||||||
|
array(
|
||||||
|
array ('ldap://ldap.example.org/cn=test%20example,c=org', false),
|
||||||
|
array (
|
||||||
|
'username' => 'anonymous',
|
||||||
|
'password' => '',
|
||||||
|
'server' => 'ldap.example.org',
|
||||||
|
'baseDn' => 'cn=test example,c=org',
|
||||||
|
'debug' => false
|
||||||
|
)
|
||||||
|
),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function dpExceptionsWhenInstantiatingLdapClass()
|
||||||
|
{
|
||||||
|
return array (
|
||||||
|
array('ldap://ldap.example.org'),
|
||||||
|
array('ldap://foo:bar@/cn=example,c=org'),
|
||||||
|
array('http://ldap.example.org'),
|
||||||
|
array('fooBar'),
|
||||||
|
array('ldap://ldap.example.org/'),
|
||||||
|
array('()123üäö'),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testThatGroupMappingWorks()
|
||||||
|
{
|
||||||
|
$groups = [
|
||||||
|
'count' => 1,
|
||||||
|
0 => [
|
||||||
|
'dn' => 'dn-1',
|
||||||
|
'count' => 1,
|
||||||
|
0 => 'group',
|
||||||
|
'group' => [
|
||||||
|
'count' => 2,
|
||||||
|
0 => '7310T270:Překladatelství:čeština - angličtina@ff.cuni.cz',
|
||||||
|
1 => '7310T033:Český jazyk a literatura@ff.cuni.cz',
|
||||||
|
]
|
||||||
|
]
|
||||||
|
];
|
||||||
|
|
||||||
|
$grp = array();
|
||||||
|
for ($i = 0; $i < $groups ['count']; $i++) {
|
||||||
|
for ($k = 0; $k < $groups[$i][strtolower('group')]['count']; $k++) {
|
||||||
|
$grp[] = $groups[$i][strtolower('group')][$k];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->assertEquals([
|
||||||
|
'7310T270:Překladatelství:čeština - angličtina@ff.cuni.cz',
|
||||||
|
'7310T033:Český jazyk a literatura@ff.cuni.cz',
|
||||||
|
], $grp);
|
||||||
|
|
||||||
|
$role = '';
|
||||||
|
foreach (['testrole' => '7310T031:Český jazyk a literatura@ff.cuni.cz,7310T033:Český jazyk a literatura@ff.cuni.cz'] as $key => $val) {
|
||||||
|
$currentGroup = explode(',', $val);
|
||||||
|
// Remove whitespaces around the group-ID
|
||||||
|
$currentGroup = array_map('trim', $currentGroup);
|
||||||
|
if (0 < count(array_intersect($currentGroup, $grp))) {
|
||||||
|
$role = $key;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->assertEquals('testrole', $role);
|
||||||
|
}
|
||||||
|
}
|
420
wp-content/plugins/authLdap-2.3.1/view/admin.phtml
Normal file
420
wp-content/plugins/authLdap-2.3.1/view/admin.phtml
Normal file
@ -0,0 +1,420 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* Copyright (c)2014-2014 heiglandreas
|
||||||
|
*
|
||||||
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
|
* of this software and associated documentation files (the "Software"), to deal
|
||||||
|
* in the Software without restriction, including without limitation the rights
|
||||||
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
|
* copies of the Software, and to permit persons to whom the Software is
|
||||||
|
* furnished to do so, subject to the following conditions:
|
||||||
|
*
|
||||||
|
* The above copyright notice and this permission notice shall be included in
|
||||||
|
* all copies or substantial portions of the Software.
|
||||||
|
*
|
||||||
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
* LIBILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||||
|
* THE SOFTWARE.
|
||||||
|
*
|
||||||
|
* @category
|
||||||
|
* @author Andreas Heigl<andreas@heigl.org>
|
||||||
|
* @copyright ©2014-2014 Andreas Heigl
|
||||||
|
* @license http://www.opesource.org/licenses/mit-license.php MIT-License
|
||||||
|
* @version 0.0
|
||||||
|
* @since 19.12.14
|
||||||
|
* @link https://github.com/heiglandreas/authLdap
|
||||||
|
*/
|
||||||
|
?><div class="wrap">
|
||||||
|
<?php if (! extension_loaded('ldap')) : ?>
|
||||||
|
<div class="error"><strong>Caveat:</strong> The LDAP-extension is not loaded!
|
||||||
|
Without that extension it is not possible to query an LDAP-Server! Please have a look
|
||||||
|
at <a href="http://php.net/manual/install.php">the PHP-Installation page</a>
|
||||||
|
</div>
|
||||||
|
<?php endif ?>
|
||||||
|
<h2>AuthLDAP Options</h2>
|
||||||
|
<form method="post" id="authLDAP_options" action="<?php echo $action;?>">
|
||||||
|
<h3 class="title">General Usage of authLDAP</h3>
|
||||||
|
<fieldset class="options">
|
||||||
|
<table class="form-table">
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
<label for="authLDAPAuth">Enable Authentication via LDAP?</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="checkbox" name="authLDAPAuth" id="authLDAPAuth" value="1"<?php echo $tChecked; ?>/>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
<label for="authLDAPDebug">Debug AuthLDAP?</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="checkbox" name="authLDAPDebug" id="authLDAPDebug" value="1"<?php echo $tDebugChecked; ?>/>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
<label for="authLDAPDoNotOverwriteNonLdapUsers">Do not authenticate existing WordPress-Users</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="checkbox" name="authLDAPDoNotOverwriteNonLdapUsers" id="authLDAPDoNotOverwriteNonLdapUsers" value="1"<?php echo $tDoNotOverwriteNonLdapUsers; ?>/>
|
||||||
|
<p class="description">
|
||||||
|
Shall we prohibit authenticating already in WordPress created users using LDAP? If you enable this, LDAP-Users with the same user-ID
|
||||||
|
as existing WordPress-Users can no longer take over the WordPress-Users account. This also means that LDAP-Users with the same User-ID as existing
|
||||||
|
WordPress-Users will <strong>not</strong> be able to authenticate anymore! Accounts that have been taken over already will not be affected by this setting.
|
||||||
|
</p>
|
||||||
|
<p class="description">This should only be checked if you know what you are doing!</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
<label for="authLDAPCachePW">Save entered passwords in the wordpress user table?</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="checkbox" name="authLDAPCachePW" id="authLDAPCachePW" value="1"<?php echo $tPWChecked; ?>/>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
<label for="authLDAPGroupEnable">Map LDAP Groups to wordpress Roles?</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="checkbox" name="authLDAPGroupEnable" id="authLDAPGroupEnable" value="1"<?php echo $tGroupChecked; ?>/>
|
||||||
|
<p class="description">
|
||||||
|
Search LDAP for user's groups and map to Wordpress Roles.
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
</fieldset>
|
||||||
|
<h3 class="title">General Server Settings</h3>
|
||||||
|
<fieldset class="options">
|
||||||
|
<table class="form-table">
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
<label for="authLDAPURI">LDAP URI</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPURI" id="authLDAPURI" placeholder="LDAP-URI"
|
||||||
|
class="regular-text" value="<?php echo $authLDAPURI; ?>"/>
|
||||||
|
<p class="description">
|
||||||
|
The <abbr title="Uniform Ressource Identifier">URI</abbr>
|
||||||
|
for connecting to the LDAP-Server. This usualy takes the form
|
||||||
|
<var><scheme>://<user>:<password>@<server>/<path></var>
|
||||||
|
according to RFC 1738.</p>
|
||||||
|
<p class="description">
|
||||||
|
In this case it schould be something like
|
||||||
|
<var>ldap://uid=adminuser,dc=example,c=com:secret@ldap.example.com/dc=basePath,dc=example,c=com</var>.
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
If your LDAP accepts anonymous login, you can ommit the user and
|
||||||
|
password-Part of the URI
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
<label for="authLDAPURISeparator">LDAP URI-Separator</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPURISeparator" id="authLDAPURISeparator" placeholder="LDAP-URI Separator"
|
||||||
|
class="regular-text" value="<?php echo $authLDAPURISeparator; ?>"/>
|
||||||
|
<p class="description">
|
||||||
|
A separator that separates multiple LDAP-URIs from one another.
|
||||||
|
You can use that feature to try to authenticate against multiple LDAP-Servers
|
||||||
|
as long as they all have the same attribute-settings. The first LDAP-Server the user can
|
||||||
|
authenticate against will be used to handle the user.
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
<label for="authLDAPStartTLS" class="description">StartTLS</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="checkbox" name="authLDAPStartTLS" id="authLDAPStartTLS" value="1"<?php echo $tStartTLSChecked; ?>/>
|
||||||
|
<p class="description">
|
||||||
|
Use StartTLS for encryption of ldap connections. This setting is not to be used in combination with ldaps connections (ldap:// only).
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPFilter" class="description">Filter</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPFilter" id="authLDAPFilter" placeholder="(uid=%s)"
|
||||||
|
class="regular-text" value="<?php echo $authLDAPFilter; ?>"/>
|
||||||
|
<p class="description">
|
||||||
|
Please provide a valid filter that can be used for querying the
|
||||||
|
<abbr title="Lightweight Directory Access Protocol">LDAP</abbr>
|
||||||
|
for the correct user. For more information on this
|
||||||
|
feature have a look at <a href="http://andreas.heigl.org/cat/dev/wp/authldap">http://andreas.heigl.org/cat/dev/wp/authldap</a>
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
This field <strong>should</strong> include the string <code>%s</code>
|
||||||
|
that will be replaced with the username provided during log-in
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
If you leave this field empty it defaults to <strong>(uid=%s)</strong>
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
</fieldset>
|
||||||
|
|
||||||
|
<h3 class="title">Settings for creating new Users</h3>
|
||||||
|
<fieldset class="options">
|
||||||
|
<table class="form-table">
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPNameAttr">Name-Attribute</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPNameAttr" id="authLDAPNameAttr" placeholder="name"
|
||||||
|
class="regular-text" value="<?php echo $authLDAPNameAttr; ?>"/><br />
|
||||||
|
<p class="description">
|
||||||
|
Which Attribute from the LDAP contains the Full or the First name
|
||||||
|
of the user trying to log in.
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
This defaults to <strong>name</strong>
|
||||||
|
</p>
|
||||||
|
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPSecName">Second Name Attribute</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPSecName" id="authLDAPSecName" placeholder=""
|
||||||
|
class="regular-text" value="<?php echo $authLDAPSecName; ?>" />
|
||||||
|
<p class="description">
|
||||||
|
If the above Name-Attribute only contains the First Name of the
|
||||||
|
user you can here specify an Attribute that contains the second name.
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
This field is empty by default
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPUidAttr">User-ID Attribute</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPUidAttr" id="authLDAPUidAttr" placeholder="uid"
|
||||||
|
class="regular-text" value="<?php echo $authLDAPUidAttr; ?>" />
|
||||||
|
<p class="description">
|
||||||
|
Please give the Attribute, that is used to identify the user. This
|
||||||
|
should be the same as you used in the above <em>Filter</em>-Option
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
This field defaults to <strong>uid</strong>
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPMailAttr">Mail Attribute</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPMailAttr" id="authLDAPMailAttr" placeholder="mail"
|
||||||
|
class="regular-text" value="<?php echo $authLDAPMailAttr; ?>" />
|
||||||
|
<p class="description">
|
||||||
|
Which Attribute holds the eMail-Address of the user?
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
If more than one eMail-Address are stored in the LDAP, only the first given is used
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
This field defaults to <strong>mail</strong>
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPWebAttr">Web-Attribute</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPWebAttr" id="authLDAPWebAttr" placeholder=""
|
||||||
|
class="regular-text" value="<?php echo $authLDAPWebAttr; ?>" />
|
||||||
|
<p class="description">
|
||||||
|
If your users have a personal page (URI) stored in the LDAP, it can
|
||||||
|
be provided here.
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
This field is empty by default
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPDefaultRole">Default Role</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<select name="authLDAPDefaultRole" id="authLDAPDefaultRole">
|
||||||
|
<option value="" <?php echo ( $authLDAPDefaultRole == '' ? 'selected="selected"' : '' ); ?>>
|
||||||
|
None (deny access)
|
||||||
|
</option>
|
||||||
|
<?php foreach ($roles->get_names() as $group => $vals) : ?>
|
||||||
|
<option value="<?php echo $group; ?>" <?php echo ( $authLDAPDefaultRole == $group ? 'selected="selected"' : '' ); ?>>
|
||||||
|
<?php echo $vals; ?>
|
||||||
|
</option>
|
||||||
|
<?php endforeach; ?>
|
||||||
|
</select>
|
||||||
|
<p class="description">
|
||||||
|
Here you can select the default role for users.
|
||||||
|
If you enable LDAP Groups below, they will take precedence over the Default Role.
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
Existing users will retain their roles unless overriden by LDAP Groups below.
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
</fieldset>
|
||||||
|
|
||||||
|
|
||||||
|
<div id="authldaprolemapping">
|
||||||
|
<h3 class="title">Groups for Roles</h3>
|
||||||
|
<fieldset class="options">
|
||||||
|
<table class="form-table">
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
<label for="authLDAPGroupOverUser">LDAP Groups override role of existing users?</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="checkbox" name="authLDAPGroupOverUser" id="authLDAPGroupOverUser" value="1"<?php echo $tGroupOverUserChecked; ?>/>
|
||||||
|
<p class="description">
|
||||||
|
If role determined by LDAP Group differs from existing Wordpress User's role, use LDAP Group.
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPGroupBase">Group-Base</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPGroupBase" id="authLDAPGroupBase" placeholder=""
|
||||||
|
class="regular-text" value="<?php echo $authLDAPGroupBase; ?>" />
|
||||||
|
<p class="description">
|
||||||
|
This is the base dn to lookup groups.
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
If empty the base dn of the LDAP URI will be used
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPGroupAttr">Group-Attribute</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPGroupAttr" id="authLDAPGroupAttr" placeholder="gidNumber"
|
||||||
|
class="regular-text" value="<?php echo $authLDAPGroupAttr; ?>" />
|
||||||
|
<p class="description">
|
||||||
|
This is the attribute that defines the Group-ID that can be matched
|
||||||
|
against the Groups defined further down
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
This field defaults to <strong>gidNumber</strong>
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPGroupSeparator">Group-Separator</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPGroupSeparator" id="authLDAPGroupSeparator" placeholder=","
|
||||||
|
class="regular-text" value="<?php echo $authLDAPGroupSeparator; ?>" />
|
||||||
|
<p class="description">
|
||||||
|
This attribute defines the separator used for the Group-IDs listed in the
|
||||||
|
Groups defined further down. This is useful if the value of Group-Attribute
|
||||||
|
listed above can contain a comma (for example, when using the memberof attribute)
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
This field defaults to <strong>, (comma)</strong>
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPGroupFilter">Group-Filter</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPGroupFilter" id="authLDAPGroupFilter"
|
||||||
|
placeholder="(&(objectClass=posixGroup)(memberUid=%s))"
|
||||||
|
class="regular-text" value="<?php echo $authLDAPGroupFilter; ?>" />
|
||||||
|
<p class="description">
|
||||||
|
Here you can add the filter for selecting groups for ther
|
||||||
|
currentlly logged in user
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
The Filter should contain the string <code>%s</code> which will be replaced by
|
||||||
|
the login-name of the currently logged in user
|
||||||
|
</p>
|
||||||
|
<p class="description">
|
||||||
|
Alternatively the string <code>%dn%</code> will be replaced by the
|
||||||
|
DN of the currently logged in user. This can be helpfull if
|
||||||
|
group-memberships are defined with DNs rather than UIDs
|
||||||
|
</p>
|
||||||
|
<p class="description">This field defaults to
|
||||||
|
<strong>(&(objectClass=posixGroup)(memberUid=%s))</strong>
|
||||||
|
</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
</fieldset>
|
||||||
|
|
||||||
|
<h3 class="title">Role - group mapping</h3>
|
||||||
|
<fieldset class="options">
|
||||||
|
<table class="form-table">
|
||||||
|
<?php
|
||||||
|
foreach ($roles->get_names() as $group => $vals) :
|
||||||
|
$aGroup=$authLDAPGroups[$group]; ?>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">
|
||||||
|
<label for="authLDAPGroups[<?php echo $group; ?>]">
|
||||||
|
<?php echo $vals; ?>
|
||||||
|
</label>
|
||||||
|
</th>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="authLDAPGroups[<?php echo $group; ?>]" id="authLDAPGroups[<?php echo $group; ?>]"
|
||||||
|
value="<?php echo $aGroup; ?>" />
|
||||||
|
<p class="description">What LDAP-Groups shall be matched to the <?php echo $vals; ?>-Role?</p>
|
||||||
|
<p class="description">Please provide a coma-separated list of values</p>
|
||||||
|
<p class="description">This field is empty by default</p>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<?php endforeach; ?>
|
||||||
|
</table>
|
||||||
|
</fieldset>
|
||||||
|
</div>
|
||||||
|
<fieldset class="buttons">
|
||||||
|
<p class="submit">
|
||||||
|
<input type="submit" name="ldapOptionsSave" class="button button-primary" value="Save Changes" />
|
||||||
|
</p>
|
||||||
|
</fieldset>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<script type="text/javascript">
|
||||||
|
elem = document.getElementById('authLDAPGroupEnable');
|
||||||
|
if(! elem.checked) {
|
||||||
|
document.getElementById('authldaprolemapping').setAttribute('style', 'display:none;');
|
||||||
|
}
|
||||||
|
|
||||||
|
elem.addEventListener('change', function(e){
|
||||||
|
if(! e.target.checked) {
|
||||||
|
document.getElementById('authldaprolemapping').setAttribute('style', 'display:none;');
|
||||||
|
} else {
|
||||||
|
document.getElementById('authldaprolemapping').removeAttribute('style');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
</script>
|
@ -0,0 +1,36 @@
|
|||||||
|
<?php
|
||||||
|
/*
|
||||||
|
Plugin Name: Disable WordPress Core Updates
|
||||||
|
Description: Disables WordPress core update checks and notifications.
|
||||||
|
Plugin URI: https://lud.icro.us/disable-wordpress-core-update/
|
||||||
|
Version: 1.5
|
||||||
|
Author: John Blackbourn
|
||||||
|
Author URI: https://johnblackbourn.com/
|
||||||
|
License: GPL v2 or later
|
||||||
|
Network: true
|
||||||
|
|
||||||
|
Props: Matt Mullenweg, _ck_, miqrogroove
|
||||||
|
|
||||||
|
This program is free software; you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation; either version 2 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
*/
|
||||||
|
|
||||||
|
# 2.3 to 2.7:
|
||||||
|
add_action( 'init', create_function( '$a', "remove_action( 'init', 'wp_version_check' );" ), 2 );
|
||||||
|
add_filter( 'pre_option_update_core', create_function( '$a', "return null;" ) );
|
||||||
|
|
||||||
|
# 2.8+:
|
||||||
|
remove_action( 'wp_version_check', 'wp_version_check' );
|
||||||
|
remove_action( 'admin_init', '_maybe_update_core' );
|
||||||
|
add_filter( 'pre_transient_update_core', create_function( '$a', "return null;" ) );
|
||||||
|
|
||||||
|
# 3.0+:
|
||||||
|
add_filter( 'pre_site_transient_update_core', create_function( '$a', "return null;" ) );
|
58
wp-content/plugins/disable-wordpress-core-update/readme.txt
Normal file
58
wp-content/plugins/disable-wordpress-core-update/readme.txt
Normal file
@ -0,0 +1,58 @@
|
|||||||
|
=== Disable WordPress Core Updates ===
|
||||||
|
Contributors: johnbillion
|
||||||
|
Tags: disable, core update
|
||||||
|
Requires at least: 2.3
|
||||||
|
Tested up to: 3.7
|
||||||
|
Stable tag: trunk
|
||||||
|
|
||||||
|
Disables WordPress core update checks and notifications.
|
||||||
|
|
||||||
|
== Description ==
|
||||||
|
|
||||||
|
Completely disables the core update checking system in WordPress. This prevents WordPress from checking for core updates, and prevents any notifications from being displayed in the admin area. Ideal for administrators of multiple WordPress installations.
|
||||||
|
|
||||||
|
= Please note! =
|
||||||
|
|
||||||
|
It's *very* important that you keep your WordPress installation(s) up to date. If you don't, your blog or website could be susceptible to security vulnerabilities or performance issues. If you use this plugin, you must make sure you keep yourself informed of new WordPress releases and update your WordPress installation(s) as new versions are released.
|
||||||
|
|
||||||
|
See also: [Disable WordPress plugin updates](http://wordpress.org/plugins/disable-wordpress-plugin-updates/) and [Disable WordPress theme updates](http://wordpress.org/plugins/disable-wordpress-theme-updates/).
|
||||||
|
|
||||||
|
== Installation ==
|
||||||
|
|
||||||
|
1. Unzip the ZIP file and drop the folder straight into your `wp-content/plugins/` directory.
|
||||||
|
2. Activate the plugin through the 'Plugins' menu in WordPress.
|
||||||
|
|
||||||
|
== Frequently Asked Questions ==
|
||||||
|
|
||||||
|
= Why would I want to disable the core update system? =
|
||||||
|
|
||||||
|
Most people will not want to (and should not) disable this feature. It's a fantastic feature of WordPress and I'm fully in support of it. However, administrators who maintain multiple installations of WordPress on behalf of other people (eg. clients) may not want update notifications to be shown to the users of these installations. This plugin is for them.
|
||||||
|
|
||||||
|
= Does this plugin disable the automatic updates in WordPress 3.7 and higher? =
|
||||||
|
|
||||||
|
Yes, this plugin completely disables all core update checks, so the automatic update system will be disabled too.
|
||||||
|
|
||||||
|
= Can I disable the plugin update notifications too? =
|
||||||
|
|
||||||
|
Yes. See the [Disable WordPress Plugin Updates](http://wordpress.org/extend/plugins/disable-wordpress-plugin-updates/) plugin.
|
||||||
|
|
||||||
|
= Can I disable the theme update notifications too? =
|
||||||
|
|
||||||
|
Yes. See the [Disable WordPress Theme Updates](http://wordpress.org/extend/plugins/disable-wordpress-theme-updates/) plugin.
|
||||||
|
|
||||||
|
== Changelog ==
|
||||||
|
|
||||||
|
= 1.5 =
|
||||||
|
* Force the plugin to be network enabled.
|
||||||
|
|
||||||
|
= 1.4 =
|
||||||
|
* Support for WordPress 3.0.
|
||||||
|
|
||||||
|
= 1.3 =
|
||||||
|
* Support for WordPress 2.8.
|
||||||
|
|
||||||
|
= 1.2 =
|
||||||
|
* Bugfix to completely prevent any communication with api.wordpress.org.
|
||||||
|
|
||||||
|
= 1.1 =
|
||||||
|
* Initial release.
|
420
wp-content/plugins/gitium/functions.php
Normal file
420
wp-content/plugins/gitium/functions.php
Normal file
@ -0,0 +1,420 @@
|
|||||||
|
<?php
|
||||||
|
/* Copyright 2014-2016 Presslabs SRL <ping@presslabs.com>
|
||||||
|
|
||||||
|
This program is free software; you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License, version 2, as
|
||||||
|
published by the Free Software Foundation.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program; if not, write to the Free Software
|
||||||
|
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
||||||
|
*/
|
||||||
|
|
||||||
|
function gitium_error_log( $message ) {
|
||||||
|
if ( ! defined( 'WP_DEBUG' ) || ! WP_DEBUG ) { return; }
|
||||||
|
error_log( "gitium_error_log: $message" );
|
||||||
|
}
|
||||||
|
|
||||||
|
function wp_content_is_versioned() {
|
||||||
|
return file_exists( WP_CONTENT_DIR . '/.git' );
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( ! function_exists( 'gitium_enable_maintenance_mode' ) ) :
|
||||||
|
function gitium_enable_maintenance_mode() {
|
||||||
|
$file = ABSPATH . '/.maintenance';
|
||||||
|
|
||||||
|
if ( false === file_put_contents( $file, '<?php $upgrading = ' . time() .';' ) ) {
|
||||||
|
return false;
|
||||||
|
} else {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
endif;
|
||||||
|
|
||||||
|
if ( ! function_exists( 'gitium_disable_maintenance_mode' ) ) :
|
||||||
|
function gitium_disable_maintenance_mode() {
|
||||||
|
return unlink( ABSPATH . '/.maintenance' );
|
||||||
|
}
|
||||||
|
endif;
|
||||||
|
|
||||||
|
function gitium_get_versions() {
|
||||||
|
$versions = get_transient( 'gitium_versions' );
|
||||||
|
if ( empty( $versions ) ) {
|
||||||
|
$versions = gitium_update_versions();
|
||||||
|
}
|
||||||
|
return $versions;
|
||||||
|
}
|
||||||
|
|
||||||
|
function _gitium_commit_changes( $message, $dir = '.' ) {
|
||||||
|
global $git;
|
||||||
|
|
||||||
|
list( , $git_private_key ) = gitium_get_keypair();
|
||||||
|
if (!$git_private_key)
|
||||||
|
return false;
|
||||||
|
$git->set_key( $git_private_key );
|
||||||
|
|
||||||
|
$git->add( $dir );
|
||||||
|
gitium_update_versions();
|
||||||
|
$current_user = wp_get_current_user();
|
||||||
|
return $git->commit( $message, $current_user->display_name, $current_user->user_email );
|
||||||
|
}
|
||||||
|
|
||||||
|
function _gitium_format_message( $name, $version = false, $prefix = '' ) {
|
||||||
|
$commit_message = "`$name`";
|
||||||
|
if ( $version ) {
|
||||||
|
$commit_message .= " version $version";
|
||||||
|
}
|
||||||
|
if ( $prefix ) {
|
||||||
|
$commit_message = "$prefix $commit_message";
|
||||||
|
}
|
||||||
|
return $commit_message;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This function return the basic info about a path.
|
||||||
|
*
|
||||||
|
* base_path - means the path after wp-content dir (themes/plugins)
|
||||||
|
* type - can be file/theme/plugin
|
||||||
|
* name - the file name of the path, if it is a file, or the theme/plugin name
|
||||||
|
* version - the theme/plugin version, othewise null
|
||||||
|
*/
|
||||||
|
/* Some examples:
|
||||||
|
|
||||||
|
with 'wp-content/themes/twentyten/style.css' will return:
|
||||||
|
array(
|
||||||
|
'base_path' => 'wp-content/themes/twentyten'
|
||||||
|
'type' => 'theme'
|
||||||
|
'name' => 'TwentyTen'
|
||||||
|
'version' => '1.12'
|
||||||
|
)
|
||||||
|
|
||||||
|
with 'wp-content/themes/twentyten/img/foo.png' will return:
|
||||||
|
array(
|
||||||
|
'base_path' => 'wp-content/themes/twentyten'
|
||||||
|
'type' => 'theme'
|
||||||
|
'name' => 'TwentyTen'
|
||||||
|
'version' => '1.12'
|
||||||
|
)
|
||||||
|
|
||||||
|
with 'wp-content/plugins/foo.php' will return:
|
||||||
|
array(
|
||||||
|
'base_path' => 'wp-content/plugins/foo.php'
|
||||||
|
'type' => 'plugin'
|
||||||
|
'name' => 'Foo'
|
||||||
|
'varsion' => '2.0'
|
||||||
|
)
|
||||||
|
|
||||||
|
with 'wp-content/plugins/autover/autover.php' will return:
|
||||||
|
array(
|
||||||
|
'base_path' => 'wp-content/plugins/autover'
|
||||||
|
'type' => 'plugin'
|
||||||
|
'name' => 'autover'
|
||||||
|
'version' => '3.12'
|
||||||
|
)
|
||||||
|
|
||||||
|
with 'wp-content/plugins/autover/' will return:
|
||||||
|
array(
|
||||||
|
'base_path' => 'wp-content/plugins/autover'
|
||||||
|
'type' => 'plugin'
|
||||||
|
'name' => 'autover'
|
||||||
|
'version' => '3.12'
|
||||||
|
)
|
||||||
|
*/
|
||||||
|
function _gitium_module_by_path( $path ) {
|
||||||
|
$versions = gitium_get_versions();
|
||||||
|
|
||||||
|
// default values
|
||||||
|
$module = array(
|
||||||
|
'base_path' => $path,
|
||||||
|
'type' => 'file',
|
||||||
|
'name' => basename( $path ),
|
||||||
|
'version' => null,
|
||||||
|
);
|
||||||
|
|
||||||
|
// find the base_path
|
||||||
|
$split_path = explode( '/', $path );
|
||||||
|
if ( 2 < count( $split_path ) ) {
|
||||||
|
$module['base_path'] = "{$split_path[0]}/{$split_path[1]}/{$split_path[2]}";
|
||||||
|
}
|
||||||
|
|
||||||
|
// find other data for theme
|
||||||
|
if ( array_key_exists( 'themes', $versions ) && 0 === strpos( $path, 'wp-content/themes/' ) ) {
|
||||||
|
$module['type'] = 'theme';
|
||||||
|
foreach ( $versions['themes'] as $theme => $data ) {
|
||||||
|
if ( 0 === strpos( $path, "wp-content/themes/$theme" ) ) {
|
||||||
|
$module['name'] = $data['name'];
|
||||||
|
$module['version'] = $data['version'];
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// find other data for plugin
|
||||||
|
if ( array_key_exists( 'plugins', $versions ) && 0 === strpos( $path, 'wp-content/plugins/' ) ) {
|
||||||
|
$module['type'] = 'plugin';
|
||||||
|
foreach ( $versions['plugins'] as $plugin => $data ) {
|
||||||
|
if ( '.' === dirname( $plugin ) ) { // single file plugin
|
||||||
|
if ( "wp-content/plugins/$plugin" === $path ) {
|
||||||
|
$module['base_path'] = $path;
|
||||||
|
$module['name'] = $data['name'];
|
||||||
|
$module['version'] = $data['version'];
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
} else if ( 'wp-content/plugins/' . dirname( $plugin ) === $module['base_path'] ) {
|
||||||
|
$module['name'] = $data['name'];
|
||||||
|
$module['version'] = $data['version'];
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return $module;
|
||||||
|
}
|
||||||
|
|
||||||
|
function gitium_group_commit_modified_plugins_and_themes( $msg_append = '' ) {
|
||||||
|
global $git;
|
||||||
|
|
||||||
|
$uncommited_changes = $git->get_local_changes();
|
||||||
|
$commit_groups = array();
|
||||||
|
$commits = array();
|
||||||
|
|
||||||
|
if ( ! empty( $msg_append ) ) {
|
||||||
|
$msg_append = "($msg_append)";
|
||||||
|
}
|
||||||
|
foreach ( $uncommited_changes as $path => $action ) {
|
||||||
|
$change = _gitium_module_by_path( $path );
|
||||||
|
$change['action'] = $action;
|
||||||
|
$commit_groups[ $change['base_path'] ] = $change;
|
||||||
|
}
|
||||||
|
|
||||||
|
foreach ( $commit_groups as $base_path => $change ) {
|
||||||
|
$commit_message = _gitium_format_message( $change['name'], $change['version'], "${change['action']} ${change['type']}" );
|
||||||
|
$commit = _gitium_commit_changes( "$commit_message $msg_append", $base_path, false );
|
||||||
|
if ( $commit ) {
|
||||||
|
$commits[] = $commit;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return $commits;
|
||||||
|
}
|
||||||
|
|
||||||
|
function gitium_commit_and_push_gitignore_file( $path = '' ) {
|
||||||
|
global $git;
|
||||||
|
|
||||||
|
$current_user = wp_get_current_user();
|
||||||
|
if ( ! empty( $path ) ) { $git->rm_cached( $path ); }
|
||||||
|
$git->add( '.gitignore' );
|
||||||
|
$commit = $git->commit( 'Update the `.gitignore` file', $current_user->display_name, $current_user->user_email );
|
||||||
|
gitium_merge_and_push( $commit );
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( ! function_exists( 'gitium_acquire_merge_lock' ) ) :
|
||||||
|
function gitium_acquire_merge_lock() {
|
||||||
|
$gitium_lock_path = apply_filters( 'gitium_lock_path', '/tmp/.gitium-lock' );
|
||||||
|
$gitium_lock_handle = fopen( $gitium_lock_path, 'w+' );
|
||||||
|
|
||||||
|
$lock_timeout = intval( ini_get( 'max_execution_time' ) ) > 10 ? intval( ini_get( 'max_execution_time' ) ) - 5 : 10;
|
||||||
|
$lock_timeout_ms = 10;
|
||||||
|
$lock_retries = 0;
|
||||||
|
while ( ! flock( $gitium_lock_handle, LOCK_EX | LOCK_NB ) ) {
|
||||||
|
usleep( $lock_timeout_ms * 1000 );
|
||||||
|
$lock_retries++;
|
||||||
|
if ( $lock_retries * $lock_timeout_ms > $lock_timeout * 1000 ) {
|
||||||
|
return false; // timeout
|
||||||
|
}
|
||||||
|
}
|
||||||
|
gitium_error_log( __FUNCTION__ );
|
||||||
|
return array( $gitium_lock_path, $gitium_lock_handle );
|
||||||
|
}
|
||||||
|
endif;
|
||||||
|
|
||||||
|
if ( ! function_exists( 'gitium_release_merge_lock' ) ) :
|
||||||
|
function gitium_release_merge_lock( $lock ) {
|
||||||
|
list( $gitium_lock_path, $gitium_lock_handle ) = $lock;
|
||||||
|
gitium_error_log( __FUNCTION__ );
|
||||||
|
flock( $gitium_lock_handle, LOCK_UN );
|
||||||
|
fclose( $gitium_lock_handle );
|
||||||
|
}
|
||||||
|
endif;
|
||||||
|
|
||||||
|
// Merges the commits with remote and pushes them back
|
||||||
|
function gitium_merge_and_push( $commits ) {
|
||||||
|
global $git;
|
||||||
|
|
||||||
|
$lock = gitium_acquire_merge_lock()
|
||||||
|
or trigger_error( 'Timeout when gitium lock was acquired', E_USER_WARNING );
|
||||||
|
|
||||||
|
if ( ! $git->fetch_ref() ) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$merge_status = $git->merge_with_accept_mine( $commits );
|
||||||
|
|
||||||
|
gitium_release_merge_lock( $lock );
|
||||||
|
|
||||||
|
return $git->push() && $merge_status;
|
||||||
|
}
|
||||||
|
|
||||||
|
function gitium_check_after_event( $plugin, $event = 'activation' ) {
|
||||||
|
global $git;
|
||||||
|
|
||||||
|
if ( 'gitium/gitium.php' == $plugin ) { return; } // do not hook on activation of this plugin
|
||||||
|
|
||||||
|
if ( $git->is_dirty() ) {
|
||||||
|
$versions = gitium_update_versions();
|
||||||
|
if ( isset( $versions['plugins'][ $plugin ] ) ) {
|
||||||
|
$name = $versions['plugins'][ $plugin ]['name'];
|
||||||
|
$version = $versions['plugins'][ $plugin ]['version'];
|
||||||
|
} else {
|
||||||
|
$name = $plugin;
|
||||||
|
}
|
||||||
|
gitium_auto_push( _gitium_format_message( $name, $version, "after $event of" ) );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function gitium_update_remote_tracking_branch() {
|
||||||
|
global $git;
|
||||||
|
$remote_branch = $git->get_remote_tracking_branch();
|
||||||
|
set_transient( 'gitium_remote_tracking_branch', $remote_branch );
|
||||||
|
|
||||||
|
return $remote_branch;
|
||||||
|
}
|
||||||
|
|
||||||
|
function _gitium_get_remote_tracking_branch( $update_transient = false ) {
|
||||||
|
if ( ! $update_transient && ( false !== ( $remote_branch = get_transient( 'gitium_remote_tracking_branch' ) ) ) ) {
|
||||||
|
return $remote_branch;
|
||||||
|
} else {
|
||||||
|
return gitium_update_remote_tracking_branch();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function gitium_update_is_status_working() {
|
||||||
|
global $git;
|
||||||
|
$is_status_working = $git->is_status_working();
|
||||||
|
set_transient( 'gitium_is_status_working', $is_status_working );
|
||||||
|
return $is_status_working;
|
||||||
|
}
|
||||||
|
|
||||||
|
function _gitium_is_status_working( $update_transient = false ) {
|
||||||
|
if ( ! $update_transient && ( false !== ( $is_status_working = get_transient( 'gitium_is_status_working' ) ) ) ) {
|
||||||
|
return $is_status_working;
|
||||||
|
} else {
|
||||||
|
return gitium_update_is_status_working();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function _gitium_status( $update_transient = false ) {
|
||||||
|
global $git;
|
||||||
|
|
||||||
|
if ( ! $update_transient && ( false !== ( $changes = get_transient( 'gitium_uncommited_changes' ) ) ) ) {
|
||||||
|
return $changes;
|
||||||
|
}
|
||||||
|
|
||||||
|
$git_version = get_transient( 'gitium_git_version' );
|
||||||
|
if ( false === $git_version ) {
|
||||||
|
set_transient( 'gitium_git_version', $git->get_version() );
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( $git->is_status_working() && $git->get_remote_tracking_branch() ) {
|
||||||
|
if ( ! $git->fetch_ref() ) {
|
||||||
|
set_transient( 'gitium_remote_disconnected', $git->get_last_error() );
|
||||||
|
} else {
|
||||||
|
delete_transient( 'gitium_remote_disconnected' );
|
||||||
|
}
|
||||||
|
$changes = $git->status();
|
||||||
|
} else {
|
||||||
|
delete_transient( 'gitium_remote_disconnected' );
|
||||||
|
$changes = array();
|
||||||
|
}
|
||||||
|
|
||||||
|
set_transient( 'gitium_uncommited_changes', $changes, 12 * 60 * 60 ); // cache changes for half-a-day
|
||||||
|
return $changes;
|
||||||
|
}
|
||||||
|
|
||||||
|
function _gitium_ssh_encode_buffer( $buffer ) {
|
||||||
|
$len = strlen( $buffer );
|
||||||
|
if ( ord( $buffer[0] ) & 0x80 ) {
|
||||||
|
$len++;
|
||||||
|
$buffer = "\x00" . $buffer;
|
||||||
|
}
|
||||||
|
return pack( 'Na*', $len, $buffer );
|
||||||
|
}
|
||||||
|
|
||||||
|
function _gitium_generate_keypair() {
|
||||||
|
$rsa_key = openssl_pkey_new(
|
||||||
|
array(
|
||||||
|
'private_key_bits' => 2048,
|
||||||
|
'private_key_type' => OPENSSL_KEYTYPE_RSA,
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
try {
|
||||||
|
$private_key = openssl_pkey_get_private( $rsa_key );
|
||||||
|
$try = openssl_pkey_export( $private_key, $pem ); //Private Key
|
||||||
|
if (!$try)
|
||||||
|
return false;
|
||||||
|
} catch (Exception $e) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$key_info = openssl_pkey_get_details( $rsa_key );
|
||||||
|
$buffer = pack( 'N', 7 ) . 'ssh-rsa' .
|
||||||
|
_gitium_ssh_encode_buffer( $key_info['rsa']['e'] ) .
|
||||||
|
_gitium_ssh_encode_buffer( $key_info['rsa']['n'] );
|
||||||
|
$public_key = 'ssh-rsa ' . base64_encode( $buffer ) . ' gitium@' . parse_url( get_home_url(), PHP_URL_HOST );
|
||||||
|
|
||||||
|
return array( $public_key, $pem );
|
||||||
|
}
|
||||||
|
|
||||||
|
function gitium_get_keypair( $generate_new_keypair = false ) {
|
||||||
|
if ( $generate_new_keypair ) {
|
||||||
|
$keypair = _gitium_generate_keypair();
|
||||||
|
delete_option( 'gitium_keypair' );
|
||||||
|
add_option( 'gitium_keypair', $keypair, '', false );
|
||||||
|
}
|
||||||
|
if ( false === ( $keypair = get_option( 'gitium_keypair', false ) ) ) {
|
||||||
|
$keypair = _gitium_generate_keypair();
|
||||||
|
add_option( 'gitium_keypair', $keypair, '', false );
|
||||||
|
}
|
||||||
|
return $keypair;
|
||||||
|
}
|
||||||
|
|
||||||
|
function _gitium_generate_webhook_key() {
|
||||||
|
return md5( str_shuffle( 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789.()[]{}-_=+!@#%^&*~<>:;' ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
function gitium_get_webhook_key( $generate_new_webhook_key = false ) {
|
||||||
|
if ( $generate_new_webhook_key ) {
|
||||||
|
$key = _gitium_generate_webhook_key();
|
||||||
|
delete_option( 'gitium_webhook_key' );
|
||||||
|
add_option( 'gitium_webhook_key', $key, '', false );
|
||||||
|
return $key;
|
||||||
|
}
|
||||||
|
if ( false === ( $key = get_option( 'gitium_webhook_key', false ) ) ) {
|
||||||
|
$key = _gitium_generate_webhook_key();
|
||||||
|
add_option( 'gitium_webhook_key', $key, '', false );
|
||||||
|
}
|
||||||
|
return $key;
|
||||||
|
}
|
||||||
|
|
||||||
|
function gitium_get_webhook() {
|
||||||
|
if ( defined( 'GIT_WEBHOOK_URL' ) && GIT_WEBHOOK_URL ) { return GIT_WEBHOOK_URL; }
|
||||||
|
$key = gitium_get_webhook_key();
|
||||||
|
$url = add_query_arg( 'key', $key, plugins_url( 'gitium-webhook.php', __FILE__ ) );
|
||||||
|
return apply_filters( 'gitium_webhook_url', $url, $key );
|
||||||
|
}
|
||||||
|
|
||||||
|
function gitium_admin_init() {
|
||||||
|
global $git;
|
||||||
|
|
||||||
|
$git_version = get_transient( 'gitium_git_version' );
|
||||||
|
if ( false === $git_version ) {
|
||||||
|
set_transient( 'gitium_git_version', $git->get_version() );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
add_action( 'admin_init', 'gitium_admin_init' );
|
49
wp-content/plugins/gitium/gitium-webhook.php
Normal file
49
wp-content/plugins/gitium/gitium-webhook.php
Normal file
@ -0,0 +1,49 @@
|
|||||||
|
<?php
|
||||||
|
/* Copyright 2014-2016 Presslabs SRL <ping@presslabs.com>
|
||||||
|
|
||||||
|
This program is free software; you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License, version 2, as
|
||||||
|
published by the Free Software Foundation.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program; if not, write to the Free Software
|
||||||
|
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
||||||
|
*/
|
||||||
|
|
||||||
|
header( 'Content-Type: text/html' );
|
||||||
|
define( 'SHORTINIT', true );
|
||||||
|
//$wordpress_loader = $_SERVER['DOCUMENT_ROOT'] . '/wp-load.php';
|
||||||
|
$wordpress_loader = filter_input(INPUT_SERVER, 'DOCUMENT_ROOT', FILTER_SANITIZE_STRING) . '/wp-load.php';
|
||||||
|
|
||||||
|
require_once $wordpress_loader;
|
||||||
|
require_once __DIR__ . '/functions.php';
|
||||||
|
require_once __DIR__ . '/inc/class-git-wrapper.php';
|
||||||
|
|
||||||
|
$webhook_key = get_option( 'gitium_webhook_key', '' );
|
||||||
|
$get_key = filter_input(INPUT_GET, 'key', FILTER_SANITIZE_STRING);
|
||||||
|
if ( ! empty ( $webhook_key ) && isset( $get_key ) && $webhook_key == $get_key ) :
|
||||||
|
( '1.7' <= substr( $git->get_version(), 0, 3 ) ) or wp_die( 'Gitium plugin require minimum `git version 1.7`!' );
|
||||||
|
|
||||||
|
list( $git_public_key, $git_private_key ) = gitium_get_keypair();
|
||||||
|
if ( ! $git_public_key || ! $git_private_key )
|
||||||
|
wp_die('Not ready.', 'Not ready.', array( 'response' => 403 ));
|
||||||
|
else
|
||||||
|
$git->set_key( $git_private_key );
|
||||||
|
|
||||||
|
$commits = array();
|
||||||
|
$commitmsg = sprintf( 'Merged changes from %s on %s', $_SERVER['SERVER_NAME'], date( 'm.d.Y' ) );
|
||||||
|
|
||||||
|
if ( $git->is_dirty() && $git->add() > 0 ) {
|
||||||
|
$commits[] = $git->commit( $commitmsg ) or trigger_error( 'Could not commit local changes!', E_USER_ERROR );
|
||||||
|
}
|
||||||
|
gitium_merge_and_push( $commits ) or trigger_error( 'Failed merge & push: ' . serialize( $git->get_last_error() ), E_USER_ERROR );
|
||||||
|
|
||||||
|
wp_die( $commitmsg , 'Pull done!', array( 'response' => 200 ) );
|
||||||
|
else :
|
||||||
|
wp_die( 'Cheating uh?', 'Cheating uh?', array( 'response' => 403 ) );
|
||||||
|
endif;
|
374
wp-content/plugins/gitium/gitium.php
Normal file
374
wp-content/plugins/gitium/gitium.php
Normal file
@ -0,0 +1,374 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* Plugin Name: Gitium
|
||||||
|
* Version: 1.0.3
|
||||||
|
* Author: Presslabs
|
||||||
|
* Author URI: https://www.presslabs.com
|
||||||
|
* License: GPL2
|
||||||
|
* Description: Keep all your code on git version control system.
|
||||||
|
* Text Domain: gitium
|
||||||
|
* Domain Path: /languages/
|
||||||
|
*/
|
||||||
|
/* Copyright 2014-2016 Presslabs SRL <ping@presslabs.com>
|
||||||
|
|
||||||
|
This program is free software; you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License, version 2, as
|
||||||
|
published by the Free Software Foundation.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program; if not, write to the Free Software
|
||||||
|
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
||||||
|
*/
|
||||||
|
|
||||||
|
define( 'GITIUM_LAST_COMMITS', 20 );
|
||||||
|
define( 'GITIUM_MIN_GIT_VER', '1.7' );
|
||||||
|
define( 'GITIUM_MIN_PHP_VER', '5.6' );
|
||||||
|
|
||||||
|
if ( is_multisite() ) {
|
||||||
|
define( 'GITIUM_ADMIN_MENU_ACTION', 'network_admin_menu' );
|
||||||
|
define( 'GITIUM_ADMIN_NOTICES_ACTION', 'network_admin_notices' );
|
||||||
|
define( 'GITIUM_MANAGE_OPTIONS_CAPABILITY', 'manage_network_options' );
|
||||||
|
} else {
|
||||||
|
define( 'GITIUM_ADMIN_MENU_ACTION', 'admin_menu' );
|
||||||
|
define( 'GITIUM_ADMIN_NOTICES_ACTION', 'admin_notices' );
|
||||||
|
define( 'GITIUM_MANAGE_OPTIONS_CAPABILITY', 'manage_options' );
|
||||||
|
}
|
||||||
|
|
||||||
|
require_once __DIR__ . '/functions.php';
|
||||||
|
require_once __DIR__ . '/inc/class-git-wrapper.php';
|
||||||
|
require_once __DIR__ . '/inc/class-gitium-requirements.php';
|
||||||
|
require_once __DIR__ . '/inc/class-gitium-admin.php';
|
||||||
|
require_once __DIR__ . '/inc/class-gitium-help.php';
|
||||||
|
require_once __DIR__ . '/inc/class-gitium-menu.php';
|
||||||
|
require_once __DIR__ . '/inc/class-gitium-menu-bubble.php';
|
||||||
|
require_once __DIR__ . '/inc/class-gitium-submenu-configure.php';
|
||||||
|
require_once __DIR__ . '/inc/class-gitium-submenu-status.php';
|
||||||
|
require_once __DIR__ . '/inc/class-gitium-submenu-commits.php';
|
||||||
|
require_once __DIR__ . '/inc/class-gitium-submenu-settings.php';
|
||||||
|
|
||||||
|
function gitium_load_textdomain() {
|
||||||
|
load_plugin_textdomain( 'gitium', false, dirname( plugin_basename( __FILE__ ) ) . '/languages/' );
|
||||||
|
}
|
||||||
|
add_action( 'plugins_loaded', 'gitium_load_textdomain' );
|
||||||
|
|
||||||
|
function _gitium_make_ssh_git_file_exe() {
|
||||||
|
$ssh_wrapper = dirname( __FILE__ ) . '/inc/ssh-git';
|
||||||
|
$process = proc_open(
|
||||||
|
"chmod -f +x $ssh_wrapper",
|
||||||
|
array(
|
||||||
|
0 => array( 'pipe', 'r' ), // stdin
|
||||||
|
1 => array( 'pipe', 'w' ), // stdout
|
||||||
|
),
|
||||||
|
$pipes
|
||||||
|
);
|
||||||
|
if ( is_resource( $process ) ) {
|
||||||
|
fclose( $pipes[0] );
|
||||||
|
proc_close( $process );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
register_activation_hook( __FILE__, '_gitium_make_ssh_git_file_exe' );
|
||||||
|
|
||||||
|
function gitium_deactivation() {
|
||||||
|
delete_transient( 'gitium_git_version' );
|
||||||
|
}
|
||||||
|
register_deactivation_hook( __FILE__, 'gitium_deactivation' );
|
||||||
|
|
||||||
|
function gitium_uninstall_hook() {
|
||||||
|
delete_transient( 'gitium_remote_tracking_branch' );
|
||||||
|
delete_transient( 'gitium_remote_disconnected' );
|
||||||
|
delete_transient( 'gitium_uncommited_changes' );
|
||||||
|
delete_transient( 'gitium_git_version' );
|
||||||
|
delete_transient( 'gitium_versions' );
|
||||||
|
delete_transient( 'gitium_menu_bubble' );
|
||||||
|
delete_transient( 'gitium_is_status_working' );
|
||||||
|
|
||||||
|
delete_option( 'gitium_keypair' );
|
||||||
|
delete_option( 'gitium_webhook_key' );
|
||||||
|
}
|
||||||
|
register_uninstall_hook( __FILE__, 'gitium_uninstall_hook' );
|
||||||
|
|
||||||
|
/* Array
|
||||||
|
(
|
||||||
|
[themes] => Array
|
||||||
|
(
|
||||||
|
[twentytwelve] => `Twenty Twelve` version 1.3
|
||||||
|
)
|
||||||
|
[plugins] => Array
|
||||||
|
(
|
||||||
|
[cron-view/cron-gui.php] => `Cron GUI` version 1.03
|
||||||
|
[hello-dolly/hello.php] => `Hello Dolly` version 1.6
|
||||||
|
)
|
||||||
|
|
||||||
|
) */
|
||||||
|
function gitium_update_versions() {
|
||||||
|
$new_versions = [];
|
||||||
|
|
||||||
|
// get all themes from WP
|
||||||
|
$all_themes = wp_get_themes( array( 'allowed' => true ) );
|
||||||
|
foreach ( $all_themes as $theme_name => $theme ) :
|
||||||
|
$theme_versions[ $theme_name ] = array(
|
||||||
|
'name' => $theme->Name,
|
||||||
|
'version' => null,
|
||||||
|
'msg' => '',
|
||||||
|
);
|
||||||
|
$theme_versions[ $theme_name ]['msg'] = '`' . $theme->Name . '`';
|
||||||
|
$version = $theme->Version;
|
||||||
|
if ( ! empty( $version ) ) {
|
||||||
|
$theme_versions[ $theme_name ]['msg'] .= " version $version";
|
||||||
|
$theme_versions[ $theme_name ]['version'] .= $version;
|
||||||
|
}
|
||||||
|
endforeach;
|
||||||
|
|
||||||
|
if ( ! empty( $theme_versions ) ) {
|
||||||
|
$new_versions['themes'] = $theme_versions;
|
||||||
|
}
|
||||||
|
// get all plugins from WP
|
||||||
|
if ( ! function_exists( 'get_plugins' ) ) {
|
||||||
|
require_once ABSPATH . 'wp-admin/includes/plugin.php';
|
||||||
|
}
|
||||||
|
$all_plugins = get_plugins();
|
||||||
|
foreach ( $all_plugins as $name => $data ) :
|
||||||
|
$plugin_versions[ $name ] = array(
|
||||||
|
'name' => $data['Name'],
|
||||||
|
'version' => null,
|
||||||
|
'msg' => '',
|
||||||
|
);
|
||||||
|
$plugin_versions[ $name ]['msg'] = "`{$data['Name']}`";
|
||||||
|
if ( ! empty( $data['Version'] ) ) {
|
||||||
|
$plugin_versions[ $name ]['msg'] .= ' version ' . $data['Version'];
|
||||||
|
$plugin_versions[ $name ]['version'] .= $data['Version'];
|
||||||
|
}
|
||||||
|
endforeach;
|
||||||
|
|
||||||
|
if ( ! empty( $plugin_versions ) ) {
|
||||||
|
$new_versions['plugins'] = $plugin_versions;
|
||||||
|
}
|
||||||
|
|
||||||
|
set_transient( 'gitium_versions', $new_versions );
|
||||||
|
|
||||||
|
return $new_versions;
|
||||||
|
}
|
||||||
|
add_action( 'load-plugins.php', 'gitium_update_versions', 999 );
|
||||||
|
|
||||||
|
function gitium_upgrader_post_install( $res, $hook_extra, $result ) {
|
||||||
|
_gitium_make_ssh_git_file_exe();
|
||||||
|
|
||||||
|
$action = null;
|
||||||
|
$type = null;
|
||||||
|
|
||||||
|
// install logic
|
||||||
|
if ( isset( $hook_extra['type'] ) && ( 'plugin' === $hook_extra['type'] ) ) {
|
||||||
|
$action = 'installed';
|
||||||
|
$type = 'plugin';
|
||||||
|
} else if ( isset( $hook_extra['type'] ) && ( 'theme' === $hook_extra['type'] ) ) {
|
||||||
|
$action = 'installed';
|
||||||
|
$type = 'theme';
|
||||||
|
}
|
||||||
|
|
||||||
|
// update/upgrade logic
|
||||||
|
if ( isset( $hook_extra['plugin'] ) ) {
|
||||||
|
$action = 'updated';
|
||||||
|
$type = 'plugin';
|
||||||
|
} else if ( isset( $hook_extra['theme'] ) ) {
|
||||||
|
$action = 'updated';
|
||||||
|
$type = 'theme';
|
||||||
|
}
|
||||||
|
|
||||||
|
// get action if missed above
|
||||||
|
if ( isset( $hook_extra['action'] ) ) {
|
||||||
|
$action = $hook_extra['action'];
|
||||||
|
if ( 'install' === $action ) {
|
||||||
|
$action = 'installed';
|
||||||
|
}
|
||||||
|
if ( 'update' === $action ) {
|
||||||
|
$action = 'updated';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( WP_DEBUG ) {
|
||||||
|
error_log( __FUNCTION__ . ':hook_extra:' . serialize( $hook_extra ) );
|
||||||
|
error_log( __FUNCTION__ . ':action:type:' . $action . ':' . $type );
|
||||||
|
}
|
||||||
|
|
||||||
|
$git_dir = $result['destination'];
|
||||||
|
$version = '';
|
||||||
|
|
||||||
|
if ( ABSPATH == substr( $git_dir, 0, strlen( ABSPATH ) ) ) {
|
||||||
|
$git_dir = substr( $git_dir, strlen( ABSPATH ) );
|
||||||
|
}
|
||||||
|
switch ( $type ) {
|
||||||
|
case 'theme':
|
||||||
|
wp_clean_themes_cache();
|
||||||
|
$theme_data = wp_get_theme( $result['destination_name'] );
|
||||||
|
$name = $theme_data->get( 'Name' );
|
||||||
|
$version = $theme_data->get( 'Version' );
|
||||||
|
break;
|
||||||
|
case 'plugin':
|
||||||
|
foreach ( $result['source_files'] as $file ) :
|
||||||
|
if ( '.php' != substr( $file, -4 ) ) { continue; }
|
||||||
|
// every .php file is a possible plugin so we check if it's a plugin
|
||||||
|
$filepath = trailingslashit( $result['destination'] ) . $file;
|
||||||
|
$plugin_data = get_plugin_data( $filepath );
|
||||||
|
if ( $plugin_data['Name'] ) :
|
||||||
|
$name = $plugin_data['Name'];
|
||||||
|
$version = $plugin_data['Version'];
|
||||||
|
// We get info from the first plugin in the package
|
||||||
|
break;
|
||||||
|
endif;
|
||||||
|
endforeach;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
if ( empty( $name ) ) {
|
||||||
|
$name = $result['destination_name'];
|
||||||
|
}
|
||||||
|
$commit_message = _gitium_format_message( $name,$version,"$action $type" );
|
||||||
|
$commit = _gitium_commit_changes( $commit_message, $git_dir, false );
|
||||||
|
gitium_merge_and_push( $commit );
|
||||||
|
|
||||||
|
return $res;
|
||||||
|
}
|
||||||
|
add_filter( 'upgrader_post_install', 'gitium_upgrader_post_install', 10, 3 );
|
||||||
|
|
||||||
|
// Checks for local changes, tries to group them by plugin/theme and pushes the changes
|
||||||
|
function gitium_auto_push( $msg_prepend = '' ) {
|
||||||
|
global $git;
|
||||||
|
list( , $git_private_key ) = gitium_get_keypair();
|
||||||
|
if ( ! $git_private_key )
|
||||||
|
return;
|
||||||
|
$git->set_key( $git_private_key );
|
||||||
|
|
||||||
|
$commits = gitium_group_commit_modified_plugins_and_themes( $msg_prepend );
|
||||||
|
gitium_merge_and_push( $commits );
|
||||||
|
gitium_update_versions();
|
||||||
|
}
|
||||||
|
add_action( 'upgrader_process_complete', 'gitium_auto_push', 11, 0 );
|
||||||
|
|
||||||
|
function gitium_check_after_activate_modifications( $plugin ) {
|
||||||
|
gitium_check_after_event( $plugin );
|
||||||
|
}
|
||||||
|
add_action( 'activated_plugin', 'gitium_check_after_activate_modifications', 999 );
|
||||||
|
|
||||||
|
function gitium_check_after_deactivate_modifications( $plugin ) {
|
||||||
|
gitium_check_after_event( $plugin, 'deactivation' );
|
||||||
|
}
|
||||||
|
add_action( 'deactivated_plugin', 'gitium_check_after_deactivate_modifications', 999 );
|
||||||
|
|
||||||
|
function gitium_check_for_plugin_deletions() { // Handle plugin deletion
|
||||||
|
// $_GET['deleted'] used to resemble if a plugin has been deleted (true)
|
||||||
|
// ...meanwhile commit b28dd45f3dad19f0e06c546fdc89ed5b24bacd72 in github.com/WordPress/WordPress...
|
||||||
|
// Now it resembles the number of deleted plugins (a number). Thanks WP
|
||||||
|
if ( isset( $_GET['deleted'] ) && ( 1 <= (int) $_GET['deleted'] || 'true' == $_GET['deleted'] ) ) {
|
||||||
|
gitium_auto_push();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
add_action( 'load-plugins.php', 'gitium_check_for_plugin_deletions' );
|
||||||
|
|
||||||
|
add_action( 'wp_ajax_wp-plugin-delete-success', 'gitium_auto_push' );
|
||||||
|
add_action( 'wp_ajax_wp-theme-delete-success', 'gitium_auto_push' );
|
||||||
|
|
||||||
|
function gitium_wp_plugin_delete_success() {
|
||||||
|
?>
|
||||||
|
<script type='text/javascript'>
|
||||||
|
jQuery(document).ready(function() {
|
||||||
|
jQuery(document).on( 'wp-plugin-delete-success', function() {
|
||||||
|
jQuery.post(ajaxurl, data={'action': 'wp-plugin-delete-success'});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
</script>
|
||||||
|
<?php
|
||||||
|
}
|
||||||
|
add_action( 'admin_head', 'gitium_wp_plugin_delete_success' );
|
||||||
|
|
||||||
|
function gitium_wp_theme_delete_success() {
|
||||||
|
?>
|
||||||
|
<script type='text/javascript'>
|
||||||
|
jQuery(document).ready(function() {
|
||||||
|
jQuery(document).on( 'wp-theme-delete-success', function() {
|
||||||
|
jQuery.post(ajaxurl, data={'action': 'wp-theme-delete-success'});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
</script>
|
||||||
|
<?php
|
||||||
|
}
|
||||||
|
add_action( 'admin_head', 'gitium_wp_theme_delete_success' );
|
||||||
|
|
||||||
|
function gitium_check_for_themes_deletions() { // Handle theme deletion
|
||||||
|
if ( isset( $_GET['deleted'] ) && 'true' == $_GET['deleted'] ) {
|
||||||
|
gitium_auto_push();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
add_action( 'load-themes.php', 'gitium_check_for_themes_deletions' );
|
||||||
|
|
||||||
|
// Deprecated function - backward compatibility
|
||||||
|
function gitium_hook_plugin_and_theme_editor_page( $hook )
|
||||||
|
{
|
||||||
|
switch ($hook) {
|
||||||
|
case 'plugin-editor.php':
|
||||||
|
if (isset($_GET['a']) && 'te' == $_GET['a']) {
|
||||||
|
gitium_auto_push();
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'theme-editor.php':
|
||||||
|
if (isset($_GET['updated']) && 'true' == $_GET['updated']) {
|
||||||
|
gitium_auto_push();
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* We execute the "gitium_auto_push" on "wp_die_ajax_handler" filter to make sure we are
|
||||||
|
* at the end of our request and the latest file is saved on disk.
|
||||||
|
*/
|
||||||
|
function gitium_check_ajax_success_call($callback)
|
||||||
|
{
|
||||||
|
gitium_auto_push();
|
||||||
|
|
||||||
|
return $callback;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* We add this filer on "wp_die_ajax_handler" since our action executes before the actual file is saved on disk
|
||||||
|
* which results in a race condition that would commit only the previously saved data not the
|
||||||
|
* currently saved one.
|
||||||
|
*/
|
||||||
|
function add_filter_for_ajax_save()
|
||||||
|
{
|
||||||
|
add_filter('wp_die_ajax_handler', 'gitium_check_ajax_success_call', 1);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* We need to apply different filters while checking for WP version to maintain
|
||||||
|
* backworks compatibility since the Code Editor has changed drastically
|
||||||
|
* with the 4.9 WP update.
|
||||||
|
*/
|
||||||
|
if ( version_compare( $GLOBALS['wp_version'], '4.9', '>=' ) )
|
||||||
|
add_action( 'wp_ajax_edit-theme-plugin-file', 'add_filter_for_ajax_save', 1, 0 );
|
||||||
|
else
|
||||||
|
add_action( 'admin_enqueue_scripts', 'gitium_hook_plugin_and_theme_editor_page' );
|
||||||
|
|
||||||
|
function gitium_options_page_check() {
|
||||||
|
global $git;
|
||||||
|
if ( ! $git->can_exec_git() ) { wp_die( 'Cannot exec git' ); }
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
function gitium_remote_disconnected_notice() {
|
||||||
|
if ( current_user_can( GITIUM_MANAGE_OPTIONS_CAPABILITY ) && $message = get_transient( 'gitium_remote_disconnected' ) ) : ?>
|
||||||
|
<div class="error-nag error">
|
||||||
|
<p>
|
||||||
|
Could not connect to remote repository.
|
||||||
|
<pre><?php echo esc_html( $message ); ?></pre>
|
||||||
|
</p>
|
||||||
|
</div>
|
||||||
|
<?php endif;
|
||||||
|
}
|
||||||
|
add_action( 'admin_notices', 'gitium_remote_disconnected_notice' );
|
BIN
wp-content/plugins/gitium/img/gitium.png
Normal file
BIN
wp-content/plugins/gitium/img/gitium.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 540 B |
26
wp-content/plugins/gitium/img/gitium.svg
Normal file
26
wp-content/plugins/gitium/img/gitium.svg
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
<!-- Generator: Adobe Illustrator 18.0.0, SVG Export Plug-In -->
|
||||||
|
<svg version="1.1"
|
||||||
|
xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:a="http://ns.adobe.com/AdobeSVGViewerExtensions/3.0/"
|
||||||
|
x="0px" y="0px" width="233.9px" height="204.1px" viewBox="0 0 233.9 204.1" enable-background="new 0 0 233.9 204.1"
|
||||||
|
xml:space="preserve">
|
||||||
|
<defs>
|
||||||
|
</defs>
|
||||||
|
<path fill="#496567" d="M233.9,0v172.3c0,16.8-14.7,31.8-30,31.8H39c-25.4,0-39-13.2-39-45.4V35.1h37.9V0H233.9L233.9,0z"/>
|
||||||
|
<path fill="#FFFFFF" d="M37.9,46.8H12.4v113.8c0,17.5,6.5,25.8,12.6,25.8c7.4,0,12.8-8.2,12.8-25.8V46.8z M219.4,14H51.5v149.2
|
||||||
|
c0,12.1-2.2,20.8-5.6,27.6h156.9c6.7,0,17.7-9,16.5-22.1V14z"/>
|
||||||
|
<path fill="#496567" d="M192.4,46.4H79.5c-3.4,0-6.1-2.7-6.1-6.1c0-3.4,2.7-6.1,6.1-6.1h112.9c3.4,0,6.1,2.7,6.1,6.1
|
||||||
|
C198.5,43.7,195.8,46.4,192.4,46.4z M149.7,118.3c-1-1.4-2.2-2.3-3.8-2.7s-3.5-0.6-5.8-0.6h-18.5c-2.2,0-4,0.6-5.3,1.8
|
||||||
|
c-1.3,1.2-2,2.7-2,4.5c0,2.2,0.8,3.8,2.3,4.7s3.9,1.4,6.9,1.4h12.6v13.1c-3.4,1.8-6.8,3.2-10.1,4.2c-3.3,1-6.9,1.5-10.6,1.5
|
||||||
|
c-7.8,0-13.8-2.5-18.2-7.6c-4.3-5.1-6.5-12.4-6.5-21.8c0-4.4,0.6-8.3,1.7-11.9s2.7-6.6,4.8-9.1c2.1-2.5,4.6-4.4,7.6-5.7
|
||||||
|
c3-1.3,6.3-2,10.1-2c3.7,0,6.7,0.5,9,1.6s4.2,2.5,5.6,4.1s3.1,4,5.1,7.1c0.7,1,1.6,1.8,2.7,2.3s2.2,0.8,3.4,0.8
|
||||||
|
c2.1,0,3.9-0.7,5.5-2.2c1.5-1.4,2.3-3.2,2.3-5.3c0-1.9-0.7-4.1-2-6.5c-1.3-2.5-3.3-4.8-5.9-7c-2.6-2.2-6-4-10.2-5.5
|
||||||
|
c-4.2-1.4-9-2.2-14.4-2.2c-6.6,0-12.5,1-17.7,2.9c-5.2,1.9-9.6,4.7-13.3,8.3s-6.4,8-8.2,13.3s-2.8,10.9-2.8,17.2
|
||||||
|
c0,6.4,1,12.2,2.9,17.3c1.9,5.2,4.7,9.6,8.3,13.2s7.9,6.4,13,8.3c5.1,1.9,10.7,2.9,16.9,2.9c5.3,0,10.2-0.6,14.7-1.8
|
||||||
|
c4.5-1.2,9.2-3.1,14.1-5.8c1.7-0.9,3.1-1.9,4.2-2.9s1.8-2.1,2.2-3.3c0.4-1.2,0.6-2.9,0.6-4.9v-15.5
|
||||||
|
C151.1,121.8,150.7,119.7,149.7,118.3z M161.3,100.5c-1.2,1-1.8,2.3-1.8,3.9c0,1.6,0.6,2.9,1.7,3.9s2.8,1.5,4.9,1.5h2v28.8
|
||||||
|
c0,4.7,0.4,8.4,1.1,11.2s2.3,5,4.8,6.5c2.4,1.6,6,2.4,10.7,2.4c4.9,0,8.7-0.6,11.4-1.9c2.6-1.3,4-3.1,4-5.6c0-1.4-0.5-2.6-1.5-3.6
|
||||||
|
c-1-1-2.1-1.5-3.3-1.5c-0.8,0-2,0.2-3.5,0.5c-1.5,0.3-2.7,0.5-3.6,0.5c-1.6,0-2.8-0.4-3.5-1.2c-0.7-0.8-1.2-1.8-1.3-3.1
|
||||||
|
c-0.2-1.3-0.2-3.1-0.2-5.4v-27.6h2.8c3,0,5.3-0.4,6.8-1.2c1.6-0.8,2.4-2.2,2.4-4.2c0-1.6-0.6-2.9-1.7-3.9c-1.1-1-2.7-1.5-4.9-1.5
|
||||||
|
h-5.5V88.8c0-2.5-0.1-4.5-0.4-5.9c-0.3-1.4-0.9-2.5-2-3.5c-1.5-1.4-3.3-2.1-5.2-2.1c-1.4,0-2.6,0.3-3.7,1c-1.1,0.6-1.9,1.5-2.5,2.5
|
||||||
|
c-0.6,1-0.9,2.2-1.1,3.5c-0.1,1.4-0.2,3.3-0.2,5.7v9h-1.6C164.2,99,162.5,99.5,161.3,100.5z"/>
|
||||||
|
</svg>
|
After Width: | Height: | Size: 2.4 KiB |
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user