getRegisterData( $security_keys ); list( $req,$sigs ) = $data; update_user_meta( $user_id, self::REGISTER_DATA_USER_META_KEY, $req ); } catch ( Exception $e ) { return false; } wp_enqueue_style( 'fido-u2f-admin', plugins_url( 'css/fido-u2f-admin.css', __FILE__ ), null, self::asset_version() ); wp_enqueue_script( 'fido-u2f-admin', plugins_url( 'js/fido-u2f-admin.js', __FILE__ ), array( 'jquery', 'fido-u2f-api' ), self::asset_version(), true ); /** * Pass a U2F challenge and user data to our scripts */ $translation_array = array( 'user_id' => $user_id, 'register' => array( 'request' => $req, 'sigs' => $sigs, ), 'text' => array( 'insert' => esc_html__( 'Now insert (and tap) your Security Key.', 'two-factor' ), 'error' => esc_html__( 'U2F request failed.', 'two-factor' ), 'error_codes' => array( // Map u2f.ErrorCodes to error messages. 0 => esc_html__( 'Request OK.', 'two-factor' ), 1 => esc_html__( 'Other U2F error.', 'two-factor' ), 2 => esc_html__( 'Bad U2F request.', 'two-factor' ), 3 => esc_html__( 'Unsupported U2F configuration.', 'two-factor' ), 4 => esc_html__( 'U2F device ineligible.', 'two-factor' ), 5 => esc_html__( 'U2F request timeout reached.', 'two-factor' ), ), 'u2f_not_supported' => esc_html__( 'FIDO U2F appears to be not supported by your web browser. Try using Google Chrome or Firefox.', 'two-factor' ), ), ); wp_localize_script( 'fido-u2f-admin', 'u2fL10n', $translation_array ); /** * Script for admin UI */ wp_enqueue_script( 'inline-edit-key', plugins_url( 'js/fido-u2f-admin-inline-edit.js', __FILE__ ), array( 'jquery' ), self::asset_version(), true ); wp_localize_script( 'inline-edit-key', 'inlineEditL10n', array( 'error' => esc_html__( 'Error while saving the changes.', 'two-factor' ), ) ); } /** * Return the current asset version number. * * Added as own helper to allow swapping the implementation once we inject * it as a dependency. * * @return string */ protected static function asset_version() { return Two_Factor_FIDO_U2F::asset_version(); } /** * Display the security key section in a users profile. * * This executes during the `show_user_security_settings` action. * * @since 0.1-dev * * @access public * @static * * @param WP_User $user WP_User object of the logged-in user. */ public static function show_user_profile( $user ) { wp_nonce_field( "user_security_keys-{$user->ID}", '_nonce_user_security_keys' ); $new_key = false; $security_keys = Two_Factor_FIDO_U2F::get_security_keys( $user->ID ); if ( $security_keys ) { foreach ( $security_keys as &$security_key ) { if ( property_exists( $security_key, 'new' ) ) { $new_key = true; unset( $security_key->new ); // If we've got a new one, update the db record to not save it there any longer. Two_Factor_FIDO_U2F::update_security_key( $user->ID, $security_key ); } } unset( $security_key ); } ?>
doRegister( get_user_meta( $user_id, self::REGISTER_DATA_USER_META_KEY, true ), $response ); $reg->new = true; Two_Factor_FIDO_U2F::add_security_key( $user_id, $reg ); } catch ( Exception $e ) { return false; } delete_user_meta( $user_id, self::REGISTER_DATA_USER_META_KEY ); wp_safe_redirect( add_query_arg( array( 'new_app_pass' => 1, ), wp_get_referer() ) . '#security-keys-section' ); exit; } } /** * Catch the delete security key request. * * This executes during the `load-profile.php` & `load-user-edit.php` actions. * * @since 0.1-dev * * @access public * @static */ public static function catch_delete_security_key() { $user_id = Two_Factor_Core::current_user_being_edited(); if ( ! empty( $user_id ) && ! empty( $_REQUEST['delete_security_key'] ) ) { $slug = $_REQUEST['delete_security_key']; check_admin_referer( "delete_security_key-{$slug}", '_nonce_delete_security_key' ); Two_Factor_FIDO_U2F::delete_security_key( $user_id, $slug ); wp_safe_redirect( remove_query_arg( 'new_app_pass', wp_get_referer() ) . '#security-keys-section' ); exit; } } /** * Generate a link to rename a specified security key. * * @since 0.1-dev * * @access public * @static * * @param array $item The current item. * @return string */ public static function rename_link( $item ) { return sprintf( '%s', esc_html__( 'Rename', 'two-factor' ) ); } /** * Generate a link to delete a specified security key. * * @since 0.1-dev * * @access public * @static * * @param array $item The current item. * @return string */ public static function delete_link( $item ) { $delete_link = add_query_arg( 'delete_security_key', $item->keyHandle ); // phpcs:ignore WordPress.NamingConventions.ValidVariableName.UsedPropertyNotSnakeCase $delete_link = wp_nonce_url( $delete_link, "delete_security_key-{$item->keyHandle}", '_nonce_delete_security_key' ); return sprintf( '%2$s', esc_url( $delete_link ), esc_html__( 'Delete', 'two-factor' ) ); } /** * Ajax handler for quick edit saving for a security key. * * @since 0.1-dev * * @access public * @static */ public static function wp_ajax_inline_save() { check_ajax_referer( 'keyinlineeditnonce', '_inline_edit' ); require_once TWO_FACTOR_DIR . 'providers/class-two-factor-fido-u2f-admin-list-table.php'; $wp_list_table = new Two_Factor_FIDO_U2F_Admin_List_Table(); if ( ! isset( $_POST['keyHandle'] ) ) { wp_die(); } $user_id = Two_Factor_Core::current_user_being_edited(); $security_keys = Two_Factor_FIDO_U2F::get_security_keys( $user_id ); if ( ! $security_keys ) { wp_die(); } foreach ( $security_keys as &$key ) { if ( $key->keyHandle === $_POST['keyHandle'] ) { // phpcs:ignore WordPress.NamingConventions.ValidVariableName.UsedPropertyNotSnakeCase break; } } $key->name = $_POST['name']; $updated = Two_Factor_FIDO_U2F::update_security_key( $user_id, $key ); if ( ! $updated ) { wp_die( esc_html__( 'Item not updated.', 'two-factor' ) ); } $wp_list_table->single_row( $key ); wp_die(); } }