Version Description
Download this release
Release Info
| Developer | flixos90 |
| Plugin |  Site Kit by Google |
| Version | 1.0.3 |
| Comparing to | |
| See all releases | |
Code changes from version 1.0.2 to 1.0.3
google-site-kit.php
CHANGED
|
@@ -11,7 +11,7 @@
|
|
| 11 |
* Plugin Name: Site Kit by Google
|
| 12 |
* Plugin URI: https://sitekit.withgoogle.com
|
| 13 |
* Description: Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.
|
| 14 |
-
* Version: 1.0.
|
| 15 |
* Author: Google
|
| 16 |
* Author URI: https://opensource.google.com
|
| 17 |
* License: Apache License 2.0
|
|
@@ -24,7 +24,7 @@ if ( ! defined( 'ABSPATH' ) ) {
|
|
| 24 |
}
|
| 25 |
|
| 26 |
// Define most essential constants.
|
| 27 |
-
define( 'GOOGLESITEKIT_VERSION', '1.0.
|
| 28 |
define( 'GOOGLESITEKIT_PLUGIN_MAIN_FILE', __FILE__ );
|
| 29 |
|
| 30 |
/**
|
| 11 |
* Plugin Name: Site Kit by Google
|
| 12 |
* Plugin URI: https://sitekit.withgoogle.com
|
| 13 |
* Description: Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.
|
| 14 |
+
* Version: 1.0.3
|
| 15 |
* Author: Google
|
| 16 |
* Author URI: https://opensource.google.com
|
| 17 |
* License: Apache License 2.0
|
| 24 |
}
|
| 25 |
|
| 26 |
// Define most essential constants.
|
| 27 |
+
define( 'GOOGLESITEKIT_VERSION', '1.0.3' );
|
| 28 |
define( 'GOOGLESITEKIT_PLUGIN_MAIN_FILE', __FILE__ );
|
| 29 |
|
| 30 |
/**
|
includes/Core/Authentication/Authentication.php
CHANGED
|
@@ -279,14 +279,7 @@ final class Authentication {
|
|
| 279 |
public function disconnect() {
|
| 280 |
$this->get_oauth_client()->revoke_token();
|
| 281 |
|
| 282 |
-
|
| 283 |
-
$this->user_options->delete( Clients\OAuth_Client::OPTION_ACCESS_TOKEN_EXPIRES_IN );
|
| 284 |
-
$this->user_options->delete( Clients\OAuth_Client::OPTION_ACCESS_TOKEN_CREATED );
|
| 285 |
-
$this->user_options->delete( Clients\OAuth_Client::OPTION_REFRESH_TOKEN );
|
| 286 |
-
$this->user_options->delete( Clients\OAuth_Client::OPTION_REDIRECT_URL );
|
| 287 |
-
$this->user_options->delete( Clients\OAuth_Client::OPTION_AUTH_SCOPES );
|
| 288 |
-
$this->user_options->delete( Clients\OAuth_Client::OPTION_ERROR_CODE );
|
| 289 |
-
$this->user_options->delete( Clients\OAuth_Client::OPTION_PROXY_ACCESS_CODE );
|
| 290 |
$this->user_options->delete( Verification::OPTION );
|
| 291 |
$this->user_options->delete( Verification_Tag::OPTION );
|
| 292 |
$this->user_options->delete( Profile::OPTION );
|
|
@@ -456,18 +449,10 @@ final class Authentication {
|
|
| 456 |
|
| 457 |
$auth_client = $this->get_oauth_client();
|
| 458 |
|
| 459 |
-
//
|
| 460 |
-
$auth_client->get_client();
|
| 461 |
-
|
| 462 |
-
|
| 463 |
-
$auth_client->refresh_token();
|
| 464 |
-
|
| 465 |
-
// If 'invalid_grant' error, disconnect the account.
|
| 466 |
-
if ( 'invalid_grant' === $this->user_options->get( Clients\OAuth_Client::OPTION_ERROR_CODE ) ) {
|
| 467 |
-
$this->disconnect();
|
| 468 |
-
|
| 469 |
-
// We need to re-set this error so that it is displayed to the user.
|
| 470 |
-
$this->user_options->set( Clients\OAuth_Client::OPTION_ERROR_CODE, 'invalid_grant' );
|
| 471 |
}
|
| 472 |
}
|
| 473 |
|
| 279 |
public function disconnect() {
|
| 280 |
$this->get_oauth_client()->revoke_token();
|
| 281 |
|
| 282 |
+
// Delete additional user data.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 283 |
$this->user_options->delete( Verification::OPTION );
|
| 284 |
$this->user_options->delete( Verification_Tag::OPTION );
|
| 285 |
$this->user_options->delete( Profile::OPTION );
|
| 449 |
|
| 450 |
$auth_client = $this->get_oauth_client();
|
| 451 |
|
| 452 |
+
// Make sure to refresh the access token if necessary.
|
| 453 |
+
$google_client = $auth_client->get_client();
|
| 454 |
+
if ( $auth_client->get_access_token() && $google_client->isAccessTokenExpired() ) {
|
| 455 |
+
$auth_client->refresh_token();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 456 |
}
|
| 457 |
}
|
| 458 |
|
includes/Core/Authentication/Clients/Google_Proxy_Client.php
CHANGED
|
@@ -16,6 +16,7 @@ use Google\Site_Kit_Dependencies\Google\Auth\HttpHandler\HttpHandlerFactory;
|
|
| 16 |
use Google\Site_Kit_Dependencies\Google\Auth\HttpHandler\HttpClientCache;
|
| 17 |
use Google\Site_Kit_Dependencies\GuzzleHttp\Psr7;
|
| 18 |
use Google\Site_Kit_Dependencies\GuzzleHttp\Psr7\Request;
|
|
|
|
| 19 |
use Exception;
|
| 20 |
use InvalidArgumentException;
|
| 21 |
use LogicException;
|
|
@@ -140,6 +141,37 @@ final class Google_Proxy_Client extends Google_Client {
|
|
| 140 |
return 200 === (int) $response->getStatusCode();
|
| 141 |
}
|
| 142 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 143 |
/**
|
| 144 |
* Creates a Google auth object for the authentication proxy.
|
| 145 |
*
|
| 16 |
use Google\Site_Kit_Dependencies\Google\Auth\HttpHandler\HttpClientCache;
|
| 17 |
use Google\Site_Kit_Dependencies\GuzzleHttp\Psr7;
|
| 18 |
use Google\Site_Kit_Dependencies\GuzzleHttp\Psr7\Request;
|
| 19 |
+
use Google\Site_Kit_Dependencies\GuzzleHttp\ClientInterface;
|
| 20 |
use Exception;
|
| 21 |
use InvalidArgumentException;
|
| 22 |
use LogicException;
|
| 141 |
return 200 === (int) $response->getStatusCode();
|
| 142 |
}
|
| 143 |
|
| 144 |
+
/**
|
| 145 |
+
* Adds auth listeners to the HTTP client based on the credentials set in the Google API Client object.
|
| 146 |
+
*
|
| 147 |
+
* @since 1.0.3
|
| 148 |
+
*
|
| 149 |
+
* @param ClientInterface $http The HTTP client object.
|
| 150 |
+
* @return ClientInterface The HTTP client object
|
| 151 |
+
*/
|
| 152 |
+
public function authorize( ClientInterface $http = null ) {
|
| 153 |
+
if ( $this->isUsingApplicationDefaultCredentials() ) {
|
| 154 |
+
return parent::authorize( $http );
|
| 155 |
+
}
|
| 156 |
+
|
| 157 |
+
$token = $this->getAccessToken();
|
| 158 |
+
if ( isset( $token['refresh_token'] ) && $this->isAccessTokenExpired() ) {
|
| 159 |
+
$callback = $this->config['token_callback'];
|
| 160 |
+
|
| 161 |
+
try {
|
| 162 |
+
$creds = $this->fetchAccessTokenWithRefreshToken( $token['refresh_token'] );
|
| 163 |
+
if ( $callback ) {
|
| 164 |
+
// Due to original callback signature this can only accept the token itself.
|
| 165 |
+
call_user_func( $callback, '', $creds['access_token'] );
|
| 166 |
+
}
|
| 167 |
+
} catch ( \Exception $e ) { // phpcs:ignore Generic.CodeAnalysis.EmptyStatement
|
| 168 |
+
// Ignore exceptions.
|
| 169 |
+
}
|
| 170 |
+
}
|
| 171 |
+
|
| 172 |
+
return parent::authorize( $http );
|
| 173 |
+
}
|
| 174 |
+
|
| 175 |
/**
|
| 176 |
* Creates a Google auth object for the authentication proxy.
|
| 177 |
*
|
includes/Core/Authentication/Clients/OAuth_Client.php
CHANGED
|
@@ -205,16 +205,22 @@ final class OAuth_Client {
|
|
| 205 |
}
|
| 206 |
|
| 207 |
$token = array(
|
| 208 |
-
'access_token'
|
| 209 |
-
'expires_in'
|
| 210 |
-
'created'
|
|
|
|
| 211 |
);
|
| 212 |
-
if ( ! $this->using_proxy() ) {
|
| 213 |
-
$token['refresh_token'] = $this->get_refresh_token();
|
| 214 |
-
}
|
| 215 |
|
| 216 |
$this->google_client->setAccessToken( $token );
|
| 217 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 218 |
// If the token expired or is going to expire in the next 30 seconds.
|
| 219 |
if ( $this->google_client->isAccessTokenExpired() ) {
|
| 220 |
$this->refresh_token();
|
|
@@ -231,7 +237,9 @@ final class OAuth_Client {
|
|
| 231 |
public function refresh_token() {
|
| 232 |
$refresh_token = $this->get_refresh_token();
|
| 233 |
if ( empty( $refresh_token ) ) {
|
|
|
|
| 234 |
$this->user_options->set( self::OPTION_ERROR_CODE, 'refresh_token_not_exist' );
|
|
|
|
| 235 |
}
|
| 236 |
|
| 237 |
// Stop if google_client not initialized yet.
|
|
@@ -250,16 +258,14 @@ final class OAuth_Client {
|
|
| 250 |
if ( $this->using_proxy() ) { // Only the Google_Proxy_Client exposes the real error response.
|
| 251 |
$error_code = $e->getMessage();
|
| 252 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
| 253 |
$this->user_options->set( self::OPTION_ERROR_CODE, $error_code );
|
| 254 |
return;
|
| 255 |
}
|
| 256 |
|
| 257 |
-
// Refresh token is expired or revoked.
|
| 258 |
-
if ( ! empty( $authentication_token['error'] ) ) {
|
| 259 |
-
$this->user_options->set( self::OPTION_ERROR_CODE, $authentication_token['error'] );
|
| 260 |
-
return;
|
| 261 |
-
}
|
| 262 |
-
|
| 263 |
if ( ! isset( $authentication_token['access_token'] ) ) {
|
| 264 |
$this->user_options->set( self::OPTION_ERROR_CODE, 'access_token_not_received' );
|
| 265 |
return;
|
|
@@ -286,7 +292,13 @@ final class OAuth_Client {
|
|
| 286 |
return;
|
| 287 |
}
|
| 288 |
|
| 289 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 290 |
}
|
| 291 |
|
| 292 |
/**
|
|
@@ -504,12 +516,6 @@ final class OAuth_Client {
|
|
| 504 |
exit();
|
| 505 |
}
|
| 506 |
|
| 507 |
-
if ( ! empty( $authentication_token['error'] ) ) {
|
| 508 |
-
$this->user_options->set( self::OPTION_ERROR_CODE, $authentication_token['error'] );
|
| 509 |
-
wp_safe_redirect( admin_url() );
|
| 510 |
-
exit();
|
| 511 |
-
}
|
| 512 |
-
|
| 513 |
if ( ! isset( $authentication_token['access_token'] ) ) {
|
| 514 |
$this->user_options->set( self::OPTION_ERROR_CODE, 'access_token_not_received' );
|
| 515 |
wp_safe_redirect( admin_url() );
|
|
@@ -768,6 +774,22 @@ final class OAuth_Client {
|
|
| 768 |
return $message;
|
| 769 |
}
|
| 770 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 771 |
/**
|
| 772 |
* Gets the OAuth redirect URI that listens to the callback request.
|
| 773 |
*
|
| 205 |
}
|
| 206 |
|
| 207 |
$token = array(
|
| 208 |
+
'access_token' => $access_token,
|
| 209 |
+
'expires_in' => $this->user_options->get( self::OPTION_ACCESS_TOKEN_EXPIRES_IN ),
|
| 210 |
+
'created' => $this->user_options->get( self::OPTION_ACCESS_TOKEN_CREATED ),
|
| 211 |
+
'refresh_token' => $this->get_refresh_token(),
|
| 212 |
);
|
|
|
|
|
|
|
|
|
|
| 213 |
|
| 214 |
$this->google_client->setAccessToken( $token );
|
| 215 |
|
| 216 |
+
// This is called when the client refreshes the access token on-the-fly.
|
| 217 |
+
$this->google_client->setTokenCallback(
|
| 218 |
+
function( $cache_key, $access_token ) {
|
| 219 |
+
// All we can do here is assume an hour as it usually is.
|
| 220 |
+
$this->set_access_token( $access_token, HOUR_IN_SECONDS );
|
| 221 |
+
}
|
| 222 |
+
);
|
| 223 |
+
|
| 224 |
// If the token expired or is going to expire in the next 30 seconds.
|
| 225 |
if ( $this->google_client->isAccessTokenExpired() ) {
|
| 226 |
$this->refresh_token();
|
| 237 |
public function refresh_token() {
|
| 238 |
$refresh_token = $this->get_refresh_token();
|
| 239 |
if ( empty( $refresh_token ) ) {
|
| 240 |
+
$this->revoke_token();
|
| 241 |
$this->user_options->set( self::OPTION_ERROR_CODE, 'refresh_token_not_exist' );
|
| 242 |
+
return;
|
| 243 |
}
|
| 244 |
|
| 245 |
// Stop if google_client not initialized yet.
|
| 258 |
if ( $this->using_proxy() ) { // Only the Google_Proxy_Client exposes the real error response.
|
| 259 |
$error_code = $e->getMessage();
|
| 260 |
}
|
| 261 |
+
// Revoke and delete user connection data if the refresh token is invalid or expired.
|
| 262 |
+
if ( 'invalid_grant' === $error_code ) {
|
| 263 |
+
$this->revoke_token();
|
| 264 |
+
}
|
| 265 |
$this->user_options->set( self::OPTION_ERROR_CODE, $error_code );
|
| 266 |
return;
|
| 267 |
}
|
| 268 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 269 |
if ( ! isset( $authentication_token['access_token'] ) ) {
|
| 270 |
$this->user_options->set( self::OPTION_ERROR_CODE, 'access_token_not_received' );
|
| 271 |
return;
|
| 292 |
return;
|
| 293 |
}
|
| 294 |
|
| 295 |
+
try {
|
| 296 |
+
$this->google_client->revokeToken();
|
| 297 |
+
} catch ( \Exception $e ) { // phpcs:ignore Generic.CodeAnalysis.EmptyStatement
|
| 298 |
+
// No special handling, we just need to make sure this goes through.
|
| 299 |
+
}
|
| 300 |
+
|
| 301 |
+
$this->delete_token();
|
| 302 |
}
|
| 303 |
|
| 304 |
/**
|
| 516 |
exit();
|
| 517 |
}
|
| 518 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 519 |
if ( ! isset( $authentication_token['access_token'] ) ) {
|
| 520 |
$this->user_options->set( self::OPTION_ERROR_CODE, 'access_token_not_received' );
|
| 521 |
wp_safe_redirect( admin_url() );
|
| 774 |
return $message;
|
| 775 |
}
|
| 776 |
|
| 777 |
+
/**
|
| 778 |
+
* Deletes the current user's token and all associated data.
|
| 779 |
+
*
|
| 780 |
+
* @since 1.0.3
|
| 781 |
+
*/
|
| 782 |
+
private function delete_token() {
|
| 783 |
+
$this->user_options->delete( self::OPTION_ACCESS_TOKEN );
|
| 784 |
+
$this->user_options->delete( self::OPTION_ACCESS_TOKEN_EXPIRES_IN );
|
| 785 |
+
$this->user_options->delete( self::OPTION_ACCESS_TOKEN_CREATED );
|
| 786 |
+
$this->user_options->delete( self::OPTION_REFRESH_TOKEN );
|
| 787 |
+
$this->user_options->delete( self::OPTION_REDIRECT_URL );
|
| 788 |
+
$this->user_options->delete( self::OPTION_AUTH_SCOPES );
|
| 789 |
+
$this->user_options->delete( self::OPTION_ERROR_CODE );
|
| 790 |
+
$this->user_options->delete( self::OPTION_PROXY_ACCESS_CODE );
|
| 791 |
+
}
|
| 792 |
+
|
| 793 |
/**
|
| 794 |
* Gets the OAuth redirect URI that listens to the callback request.
|
| 795 |
*
|
readme.txt
CHANGED
|
@@ -4,7 +4,7 @@ Contributors: google
|
|
| 4 |
Requires at least: 4.7
|
| 5 |
Tested up to: 5.3
|
| 6 |
Requires PHP: 5.4
|
| 7 |
-
Stable tag: 1.0.
|
| 8 |
License: Apache License 2.0
|
| 9 |
License URI: https://www.apache.org/licenses/LICENSE-2.0
|
| 10 |
Tags: google, search-console, analytics, adsense, pagespeed-insights, optimize, tag-manager, site-kit
|
| 4 |
Requires at least: 4.7
|
| 5 |
Tested up to: 5.3
|
| 6 |
Requires PHP: 5.4
|
| 7 |
+
Stable tag: 1.0.3
|
| 8 |
License: Apache License 2.0
|
| 9 |
License URI: https://www.apache.org/licenses/LICENSE-2.0
|
| 10 |
Tags: google, search-console, analytics, adsense, pagespeed-insights, optimize, tag-manager, site-kit
|
