JWT Authentication for WP REST API - Version 1.3.1

Version Description

  • Updating the minimum version of PHP to 7.4
  • Validate the signing algorithm against the supported algorithms @see https://www.rfc-editor.org/rfc/rfc7518#section-3
  • Sanitize the REQUEST_URI and HTTP_AUTHORIZATION values before to use them
  • Use get_header() instead of $_SERVER to get the Authorization header when possible
  • Added typed properties to the JWT_Auth class where possible
  • Along with this release, I release a new simple JWT Client App for testing purposes @see https://github.com/Tmeister/jwt-client
Download this release

Release Info

Developer Tmeister
Plugin Icon JWT Authentication for WP REST API
Version 1.3.1
Comparing to
See all releases

Code changes from version 1.3.0 to 1.3.1

Files changed (15) hide show
  1. README.md +4 -1
  2. composer.json +17 -11
  3. composer.lock +186 -3
  4. includes/class-jwt-auth-i18n.php +32 -34
  5. includes/class-jwt-auth-loader.php +93 -98
  6. includes/class-jwt-auth.php +160 -168
  7. includes/vendor/composer/autoload_classmap.php +109 -0
  8. includes/vendor/composer/autoload_static.php +109 -0
  9. includes/vendor/composer/installed.json +1 -1
  10. includes/vendor/composer/installed.php +3 -3
  11. includes/vendor/composer/platform_check.php +2 -2
  12. jwt-auth.php +8 -8
  13. public/class-jwt-auth-public.php +383 -317
  14. readme.txt +13 -2
  15. tests/GeneralTest.php +0 -155
README.md CHANGED
@@ -340,7 +340,10 @@ $token = JWT::decode(
340
  );
341
  ```
342
 
343
- ##Credits
 
 
 
344
  [WP REST API V2](http://v2.wp-api.org/)
345
 
346
  [PHP-JWT from firebase](https://github.com/firebase/php-jwt)
340
  );
341
  ```
342
 
343
+ ## Testing
344
+ I've created a small app to test the basic functionality of the plugin; you can get the app and read all the details on the [JWT-Client Repo](https://github.com/Tmeister/jwt-client)
345
+
346
+ ## Credits
347
  [WP REST API V2](http://v2.wp-api.org/)
348
 
349
  [PHP-JWT from firebase](https://github.com/firebase/php-jwt)
composer.json CHANGED
@@ -5,24 +5,30 @@
5
  "type": "wordpress-plugin",
6
  "license": "GPL-2.0+",
7
  "authors": [
8
- {
9
- "name": "Enrique Chavez",
10
- "homepage": "https://enriquechavez.co"
11
- }
12
  ],
13
  "support": {
14
- "issues": "https://github.com/Tmeister/wp-api-jwt-auth/issues",
15
- "source": "https://github.com/Tmeister/wp-api-jwt-auth/"
16
  },
17
  "config": {
18
- "vendor-dir": "includes/vendor",
19
  "allow-plugins": {
20
- "composer/installers": true
 
21
  }
22
  },
23
  "require": {
24
- "php": ">=5.3",
25
- "composer/installers": "~1.0",
26
- "firebase/php-jwt": "^6.3"
 
 
 
 
 
27
  }
28
  }
5
  "type": "wordpress-plugin",
6
  "license": "GPL-2.0+",
7
  "authors": [
8
+ {
9
+ "name": "Enrique Chavez",
10
+ "homepage": "https://enriquechavez.co"
11
+ }
12
  ],
13
  "support": {
14
+ "issues": "https://github.com/Tmeister/wp-api-jwt-auth/issues",
15
+ "source": "https://github.com/Tmeister/wp-api-jwt-auth/"
16
  },
17
  "config": {
18
+ "vendor-dir": "includes/vendor",
19
  "allow-plugins": {
20
+ "composer/installers": true,
21
+ "dealerdirect/phpcodesniffer-composer-installer": true
22
  }
23
  },
24
  "require": {
25
+ "php": ">=7.4",
26
+ "composer/installers": "~1.0",
27
+ "firebase/php-jwt": "^6.3"
28
+ },
29
+ "require-dev": {
30
+ "dealerdirect/phpcodesniffer-composer-installer": "*",
31
+ "squizlabs/php_codesniffer": "3.*",
32
+ "wp-coding-standards/wpcs": "*"
33
  }
34
  }
composer.lock CHANGED
@@ -4,7 +4,7 @@
4
  "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
5
  "This file is @generated automatically"
6
  ],
7
- "content-hash": "2664848c237e209d59c46d6374795bfd",
8
  "packages": [
9
  {
10
  "name": "composer/installers",
@@ -220,14 +220,197 @@
220
  "time": "2022-07-15T16:48:45+00:00"
221
  }
222
  ],
223
- "packages-dev": [],
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
224
  "aliases": [],
225
  "minimum-stability": "stable",
226
  "stability-flags": [],
227
  "prefer-stable": false,
228
  "prefer-lowest": false,
229
  "platform": {
230
- "php": ">=5.3"
231
  },
232
  "platform-dev": [],
233
  "plugin-api-version": "2.3.0"
4
  "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
5
  "This file is @generated automatically"
6
  ],
7
+ "content-hash": "d38d1c9b0671fe28649b26de42452788",
8
  "packages": [
9
  {
10
  "name": "composer/installers",
220
  "time": "2022-07-15T16:48:45+00:00"
221
  }
222
  ],
223
+ "packages-dev": [
224
+ {
225
+ "name": "dealerdirect/phpcodesniffer-composer-installer",
226
+ "version": "v0.7.2",
227
+ "source": {
228
+ "type": "git",
229
+ "url": "https://github.com/Dealerdirect/phpcodesniffer-composer-installer.git",
230
+ "reference": "1c968e542d8843d7cd71de3c5c9c3ff3ad71a1db"
231
+ },
232
+ "dist": {
233
+ "type": "zip",
234
+ "url": "https://api.github.com/repos/Dealerdirect/phpcodesniffer-composer-installer/zipball/1c968e542d8843d7cd71de3c5c9c3ff3ad71a1db",
235
+ "reference": "1c968e542d8843d7cd71de3c5c9c3ff3ad71a1db",
236
+ "shasum": ""
237
+ },
238
+ "require": {
239
+ "composer-plugin-api": "^1.0 || ^2.0",
240
+ "php": ">=5.3",
241
+ "squizlabs/php_codesniffer": "^2.0 || ^3.1.0 || ^4.0"
242
+ },
243
+ "require-dev": {
244
+ "composer/composer": "*",
245
+ "php-parallel-lint/php-parallel-lint": "^1.3.1",
246
+ "phpcompatibility/php-compatibility": "^9.0"
247
+ },
248
+ "type": "composer-plugin",
249
+ "extra": {
250
+ "class": "Dealerdirect\\Composer\\Plugin\\Installers\\PHPCodeSniffer\\Plugin"
251
+ },
252
+ "autoload": {
253
+ "psr-4": {
254
+ "Dealerdirect\\Composer\\Plugin\\Installers\\PHPCodeSniffer\\": "src/"
255
+ }
256
+ },
257
+ "notification-url": "https://packagist.org/downloads/",
258
+ "license": [
259
+ "MIT"
260
+ ],
261
+ "authors": [
262
+ {
263
+ "name": "Franck Nijhof",
264
+ "email": "franck.nijhof@dealerdirect.com",
265
+ "homepage": "http://www.frenck.nl",
266
+ "role": "Developer / IT Manager"
267
+ },
268
+ {
269
+ "name": "Contributors",
270
+ "homepage": "https://github.com/Dealerdirect/phpcodesniffer-composer-installer/graphs/contributors"
271
+ }
272
+ ],
273
+ "description": "PHP_CodeSniffer Standards Composer Installer Plugin",
274
+ "homepage": "http://www.dealerdirect.com",
275
+ "keywords": [
276
+ "PHPCodeSniffer",
277
+ "PHP_CodeSniffer",
278
+ "code quality",
279
+ "codesniffer",
280
+ "composer",
281
+ "installer",
282
+ "phpcbf",
283
+ "phpcs",
284
+ "plugin",
285
+ "qa",
286
+ "quality",
287
+ "standard",
288
+ "standards",
289
+ "style guide",
290
+ "stylecheck",
291
+ "tests"
292
+ ],
293
+ "support": {
294
+ "issues": "https://github.com/dealerdirect/phpcodesniffer-composer-installer/issues",
295
+ "source": "https://github.com/dealerdirect/phpcodesniffer-composer-installer"
296
+ },
297
+ "time": "2022-02-04T12:51:07+00:00"
298
+ },
299
+ {
300
+ "name": "squizlabs/php_codesniffer",
301
+ "version": "3.7.1",
302
+ "source": {
303
+ "type": "git",
304
+ "url": "https://github.com/squizlabs/PHP_CodeSniffer.git",
305
+ "reference": "1359e176e9307e906dc3d890bcc9603ff6d90619"
306
+ },
307
+ "dist": {
308
+ "type": "zip",
309
+ "url": "https://api.github.com/repos/squizlabs/PHP_CodeSniffer/zipball/1359e176e9307e906dc3d890bcc9603ff6d90619",
310
+ "reference": "1359e176e9307e906dc3d890bcc9603ff6d90619",
311
+ "shasum": ""
312
+ },
313
+ "require": {
314
+ "ext-simplexml": "*",
315
+ "ext-tokenizer": "*",
316
+ "ext-xmlwriter": "*",
317
+ "php": ">=5.4.0"
318
+ },
319
+ "require-dev": {
320
+ "phpunit/phpunit": "^4.0 || ^5.0 || ^6.0 || ^7.0"
321
+ },
322
+ "bin": [
323
+ "bin/phpcs",
324
+ "bin/phpcbf"
325
+ ],
326
+ "type": "library",
327
+ "extra": {
328
+ "branch-alias": {
329
+ "dev-master": "3.x-dev"
330
+ }
331
+ },
332
+ "notification-url": "https://packagist.org/downloads/",
333
+ "license": [
334
+ "BSD-3-Clause"
335
+ ],
336
+ "authors": [
337
+ {
338
+ "name": "Greg Sherwood",
339
+ "role": "lead"
340
+ }
341
+ ],
342
+ "description": "PHP_CodeSniffer tokenizes PHP, JavaScript and CSS files and detects violations of a defined set of coding standards.",
343
+ "homepage": "https://github.com/squizlabs/PHP_CodeSniffer",
344
+ "keywords": [
345
+ "phpcs",
346
+ "standards"
347
+ ],
348
+ "support": {
349
+ "issues": "https://github.com/squizlabs/PHP_CodeSniffer/issues",
350
+ "source": "https://github.com/squizlabs/PHP_CodeSniffer",
351
+ "wiki": "https://github.com/squizlabs/PHP_CodeSniffer/wiki"
352
+ },
353
+ "time": "2022-06-18T07:21:10+00:00"
354
+ },
355
+ {
356
+ "name": "wp-coding-standards/wpcs",
357
+ "version": "2.3.0",
358
+ "source": {
359
+ "type": "git",
360
+ "url": "https://github.com/WordPress/WordPress-Coding-Standards.git",
361
+ "reference": "7da1894633f168fe244afc6de00d141f27517b62"
362
+ },
363
+ "dist": {
364
+ "type": "zip",
365
+ "url": "https://api.github.com/repos/WordPress/WordPress-Coding-Standards/zipball/7da1894633f168fe244afc6de00d141f27517b62",
366
+ "reference": "7da1894633f168fe244afc6de00d141f27517b62",
367
+ "shasum": ""
368
+ },
369
+ "require": {
370
+ "php": ">=5.4",
371
+ "squizlabs/php_codesniffer": "^3.3.1"
372
+ },
373
+ "require-dev": {
374
+ "dealerdirect/phpcodesniffer-composer-installer": "^0.5 || ^0.6",
375
+ "phpcompatibility/php-compatibility": "^9.0",
376
+ "phpcsstandards/phpcsdevtools": "^1.0",
377
+ "phpunit/phpunit": "^4.0 || ^5.0 || ^6.0 || ^7.0"
378
+ },
379
+ "suggest": {
380
+ "dealerdirect/phpcodesniffer-composer-installer": "^0.6 || This Composer plugin will sort out the PHPCS 'installed_paths' automatically."
381
+ },
382
+ "type": "phpcodesniffer-standard",
383
+ "notification-url": "https://packagist.org/downloads/",
384
+ "license": [
385
+ "MIT"
386
+ ],
387
+ "authors": [
388
+ {
389
+ "name": "Contributors",
390
+ "homepage": "https://github.com/WordPress/WordPress-Coding-Standards/graphs/contributors"
391
+ }
392
+ ],
393
+ "description": "PHP_CodeSniffer rules (sniffs) to enforce WordPress coding conventions",
394
+ "keywords": [
395
+ "phpcs",
396
+ "standards",
397
+ "wordpress"
398
+ ],
399
+ "support": {
400
+ "issues": "https://github.com/WordPress/WordPress-Coding-Standards/issues",
401
+ "source": "https://github.com/WordPress/WordPress-Coding-Standards",
402
+ "wiki": "https://github.com/WordPress/WordPress-Coding-Standards/wiki"
403
+ },
404
+ "time": "2020-05-13T23:57:56+00:00"
405
+ }
406
+ ],
407
  "aliases": [],
408
  "minimum-stability": "stable",
409
  "stability-flags": [],
410
  "prefer-stable": false,
411
  "prefer-lowest": false,
412
  "platform": {
413
+ "php": ">=7.4"
414
  },
415
  "platform-dev": [],
416
  "plugin-api-version": "2.3.0"
includes/class-jwt-auth-i18n.php CHANGED
@@ -20,40 +20,38 @@
20
  *
21
  * @author Enrique Chavez <noone@tmeister.net>
22
  */
23
- class Jwt_Auth_i18n
24
- {
25
- /**
26
- * The domain specified for this plugin.
27
- *
28
- * @since 1.0.0
29
- *
30
- * @var string The domain identifier for this plugin.
31
- */
32
- private $domain;
33
 
34
- /**
35
- * Load the plugin text domain for translation.
36
- *
37
- * @since 1.0.0
38
- */
39
- public function load_plugin_textdomain()
40
- {
41
- load_plugin_textdomain(
42
- $this->domain,
43
- false,
44
- dirname(dirname(plugin_basename(__FILE__))).'/languages/'
45
- );
46
- }
47
 
48
- /**
49
- * Set the domain equal to that of the specified domain.
50
- *
51
- * @since 1.0.0
52
- *
53
- * @param string $domain The domain that represents the locale of this plugin.
54
- */
55
- public function set_domain($domain)
56
- {
57
- $this->domain = $domain;
58
- }
59
  }
20
  *
21
  * @author Enrique Chavez <noone@tmeister.net>
22
  */
23
+ class Jwt_Auth_i18n {
24
+ /**
25
+ * The domain specified for this plugin.
26
+ *
27
+ * @since 1.0.0
28
+ *
29
+ * @var string The domain identifier for this plugin.
30
+ */
31
+ private string $domain;
 
32
 
33
+ /**
34
+ * Load the plugin text domain for translation.
35
+ *
36
+ * @since 1.0.0
37
+ */
38
+ public function load_plugin_textdomain() {
39
+ load_plugin_textdomain(
40
+ $this->domain,
41
+ false,
42
+ dirname( plugin_basename( __FILE__ ), 2 ) . '/languages/'
43
+ );
44
+ }
 
45
 
46
+ /**
47
+ * Set the domain equal to that of the specified domain.
48
+ *
49
+ * @param string $domain The domain that represents the locale of this plugin.
50
+ *
51
+ * @since 1.0.0
52
+ *
53
+ */
54
+ public function set_domain( string $domain ) {
55
+ $this->domain = $domain;
56
+ }
57
  }
includes/class-jwt-auth-loader.php CHANGED
@@ -16,110 +16,105 @@
16
  *
17
  * @author Enrique Chavez <noone@tmeister.net>
18
  */
19
- class Jwt_Auth_Loader
20
- {
21
- /**
22
- * The array of actions registered with WordPress.
23
- *
24
- * @since 1.0.0
25
- *
26
- * @var array The actions registered with WordPress to fire when the plugin loads.
27
- */
28
- protected $actions;
29
 
30
- /**
31
- * The array of filters registered with WordPress.
32
- *
33
- * @since 1.0.0
34
- *
35
- * @var array The filters registered with WordPress to fire when the plugin loads.
36
- */
37
- protected $filters;
38
 
39
- /**
40
- * Initialize the collections used to maintain the actions and filters.
41
- *
42
- * @since 1.0.0
43
- */
44
- public function __construct()
45
- {
46
- $this->actions = array();
47
- $this->filters = array();
48
- }
49
 
50
- /**
51
- * Add a new action to the collection to be registered with WordPress.
52
- *
53
- * @since 1.0.0
54
- *
55
- * @param string $hook The name of the WordPress action that is being registered.
56
- * @param object $component A reference to the instance of the object on which the action is defined.
57
- * @param string $callback The name of the function definition on the $component.
58
- * @param int Optional $priority The priority at which the function should be fired.
59
- * @param int Optional $accepted_args The number of arguments that should be passed to the $callback.
60
- */
61
- public function add_action($hook, $component, $callback, $priority = 10, $accepted_args = 1)
62
- {
63
- $this->actions = $this->add($this->actions, $hook, $component, $callback, $priority, $accepted_args);
64
- }
65
 
66
- /**
67
- * Add a new filter to the collection to be registered with WordPress.
68
- *
69
- * @since 1.0.0
70
- *
71
- * @param string $hook The name of the WordPress filter that is being registered.
72
- * @param object $component A reference to the instance of the object on which the filter is defined.
73
- * @param string $callback The name of the function definition on the $component.
74
- * @param int Optional $priority The priority at which the function should be fired.
75
- * @param int Optional $accepted_args The number of arguments that should be passed to the $callback.
76
- */
77
- public function add_filter($hook, $component, $callback, $priority = 10, $accepted_args = 1)
78
- {
79
- $this->filters = $this->add($this->filters, $hook, $component, $callback, $priority, $accepted_args);
80
- }
81
 
82
- /**
83
- * A utility function that is used to register the actions and hooks into a single
84
- * collection.
85
- *
86
- * @since 1.0.0
87
- *
88
- * @param array $hooks The collection of hooks that is being registered (that is, actions or filters).
89
- * @param string $hook The name of the WordPress filter that is being registered.
90
- * @param object $component A reference to the instance of the object on which the filter is defined.
91
- * @param string $callback The name of the function definition on the $component.
92
- * @param int Optional $priority The priority at which the function should be fired.
93
- * @param int Optional $accepted_args The number of arguments that should be passed to the $callback.
94
- *
95
- * @return type The collection of actions and filters registered with WordPress.
96
- */
97
- private function add($hooks, $hook, $component, $callback, $priority, $accepted_args)
98
- {
99
- $hooks[] = array(
100
- 'hook' => $hook,
101
- 'component' => $component,
102
- 'callback' => $callback,
103
- 'priority' => $priority,
104
- 'accepted_args' => $accepted_args,
105
- );
106
 
107
- return $hooks;
108
- }
109
 
110
- /**
111
- * Register the filters and actions with WordPress.
112
- *
113
- * @since 1.0.0
114
- */
115
- public function run()
116
- {
117
- foreach ($this->filters as $hook) {
118
- add_filter($hook['hook'], array($hook['component'], $hook['callback']), $hook['priority'], $hook['accepted_args']);
119
- }
120
 
121
- foreach ($this->actions as $hook) {
122
- add_action($hook['hook'], array($hook['component'], $hook['callback']), $hook['priority'], $hook['accepted_args']);
123
- }
124
- }
125
  }
16
  *
17
  * @author Enrique Chavez <noone@tmeister.net>
18
  */
19
+ class Jwt_Auth_Loader {
20
+ /**
21
+ * The array of actions registered with WordPress.
22
+ *
23
+ * @since 1.0.0
24
+ *
25
+ * @var array The actions registered with WordPress to fire when the plugin loads.
26
+ */
27
+ protected array $actions;
 
28
 
29
+ /**
30
+ * The array of filters registered with WordPress.
31
+ *
32
+ * @since 1.0.0
33
+ *
34
+ * @var array The filters registered with WordPress to fire when the plugin loads.
35
+ */
36
+ protected array $filters;
37
 
38
+ /**
39
+ * Initialize the collections used to maintain the actions and filters.
40
+ *
41
+ * @since 1.0.0
42
+ */
43
+ public function __construct() {
44
+ $this->actions = [];
45
+ $this->filters = [];
46
+ }
 
47
 
48
+ /**
49
+ * Add a new action to the collection to be registered with WordPress.
50
+ *
51
+ * @param string $hook The name of the WordPress action that is being registered.
52
+ * @param object $component A reference to the instance of the object on which the action is defined.
53
+ * @param string $callback The name of the function definition on the $component.
54
+ * @param int $priority Optional $priority The priority at which the function should be fired.
55
+ * @param int $accepted_args Optional $accepted_args The number of arguments that should be passed to the $callback.
56
+ *
57
+ * @since 1.0.0
58
+ *
59
+ */
60
+ public function add_action( $hook, $component, $callback, $priority = 10, $accepted_args = 1 ) {
61
+ $this->actions = $this->add( $this->actions, $hook, $component, $callback, $priority, $accepted_args );
62
+ }
63
 
64
+ /**
65
+ * Add a new filter to the collection to be registered with WordPress.
66
+ *
67
+ * @param string $hook The name of the WordPress filter that is being registered.
68
+ * @param object $component A reference to the instance of the object on which the filter is defined.
69
+ * @param string $callback The name of the function definition on the $component.
70
+ * @param int $priority Optional $priority The priority at which the function should be fired.
71
+ * @param int $accepted_args Optional $accepted_args The number of arguments that should be passed to the $callback.
72
+ *
73
+ * @since 1.0.0
74
+ *
75
+ */
76
+ public function add_filter( $hook, $component, $callback, $priority = 10, $accepted_args = 1 ) {
77
+ $this->filters = $this->add( $this->filters, $hook, $component, $callback, $priority, $accepted_args );
78
+ }
79
 
80
+ /**
81
+ * A utility function that is used to register the actions and hooks into a single
82
+ * collection.
83
+ *
84
+ * @param array $hooks The collection of hooks that is being registered (that is, actions or filters).
85
+ * @param string $hook The name of the WordPress filter that is being registered.
86
+ * @param object $component A reference to the instance of the object on which the filter is defined.
87
+ * @param string $callback The name of the function definition on the $component.
88
+ * @param int $priority Optional $priority The priority at which the function should be fired.
89
+ * @param int $accepted_args Optional $accepted_args The number of arguments that should be passed to the $callback.
90
+ *
91
+ * @since 1.0.0
92
+ *
93
+ */
94
+ private function add( $hooks, $hook, $component, $callback, $priority, $accepted_args ): array {
95
+ $hooks[] = [
96
+ 'hook' => $hook,
97
+ 'component' => $component,
98
+ 'callback' => $callback,
99
+ 'priority' => $priority,
100
+ 'accepted_args' => $accepted_args,
101
+ ];
 
 
102
 
103
+ return $hooks;
104
+ }
105
 
106
+ /**
107
+ * Register the filters and actions with WordPress.
108
+ *
109
+ * @since 1.0.0
110
+ */
111
+ public function run() {
112
+ foreach ( $this->filters as $hook ) {
113
+ add_filter( $hook['hook'], [ $hook['component'], $hook['callback'] ], $hook['priority'], $hook['accepted_args'] );
114
+ }
 
115
 
116
+ foreach ( $this->actions as $hook ) {
117
+ add_action( $hook['hook'], [ $hook['component'], $hook['callback'] ], $hook['priority'], $hook['accepted_args'] );
118
+ }
119
+ }
120
  }
includes/class-jwt-auth.php CHANGED
@@ -23,172 +23,164 @@
23
  *
24
  * @author Enrique Chavez <noone@tmeister.net>
25
  */
26
- class Jwt_Auth
27
- {
28
- /**
29
- * The loader that's responsible for maintaining and registering all hooks that power
30
- * the plugin.
31
- *
32
- * @since 1.0.0
33
- *
34
- * @var Jwt_Auth_Loader Maintains and registers all hooks for the plugin.
35
- */
36
- protected $loader;
37
-
38
- /**
39
- * The unique identifier of this plugin.
40
- *
41
- * @since 1.0.0
42
- *
43
- * @var string The string used to uniquely identify this plugin.
44
- */
45
- protected $plugin_name;
46
-
47
- /**
48
- * The current version of the plugin.
49
- *
50
- * @since 1.0.0
51
- *
52
- * @var string The current version of the plugin.
53
- */
54
- protected $version;
55
-
56
- /**
57
- * Define the core functionality of the plugin.
58
- *
59
- * Set the plugin name and the plugin version that can be used throughout the plugin.
60
- * Load the dependencies, define the locale, and set the hooks for the admin area and
61
- * the public-facing side of the site.
62
- *
63
- * @since 1.0.0
64
- */
65
- public function __construct()
66
- {
67
- $this->plugin_name = 'jwt-auth';
68
- $this->version = '1.1.0';
69
-
70
- $this->load_dependencies();
71
- $this->set_locale();
72
- $this->define_public_hooks();
73
- }
74
-
75
- /**
76
- * Load the required dependencies for this plugin.
77
- *
78
- * Include the following files that make up the plugin:
79
- *
80
- * - Jwt_Auth_Loader. Orchestrates the hooks of the plugin.
81
- * - Jwt_Auth_i18n. Defines internationalization functionality.
82
- * - Jwt_Auth_Admin. Defines all hooks for the admin area.
83
- * - Jwt_Auth_Public. Defines all hooks for the public side of the site.
84
- *
85
- * Create an instance of the loader which will be used to register the hooks
86
- * with WordPress.
87
- *
88
- * @since 1.0.0
89
- */
90
- private function load_dependencies()
91
- {
92
-
93
- /**
94
- * Load dependecies managed by composer.
95
- */
96
- require_once plugin_dir_path(dirname(__FILE__)) . 'includes/vendor/autoload.php';
97
-
98
- /**
99
- * The class responsible for orchestrating the actions and filters of the
100
- * core plugin.
101
- */
102
- require_once plugin_dir_path(dirname(__FILE__)) . 'includes/class-jwt-auth-loader.php';
103
-
104
- /**
105
- * The class responsible for defining internationalization functionality
106
- * of the plugin.
107
- */
108
- require_once plugin_dir_path(dirname(__FILE__)) . 'includes/class-jwt-auth-i18n.php';
109
-
110
- /**
111
- * The class responsible for defining all actions that occur in the public-facing
112
- * side of the site.
113
- */
114
- require_once plugin_dir_path(dirname(__FILE__)) . 'public/class-jwt-auth-public.php';
115
-
116
- $this->loader = new Jwt_Auth_Loader();
117
- }
118
-
119
- /**
120
- * Define the locale for this plugin for internationalization.
121
- *
122
- * Uses the Jwt_Auth_i18n class in order to set the domain and to register the hook
123
- * with WordPress.
124
- *
125
- * @since 1.0.0
126
- */
127
- private function set_locale()
128
- {
129
- $plugin_i18n = new Jwt_Auth_i18n();
130
- $plugin_i18n->set_domain($this->get_plugin_name());
131
- $this->loader->add_action('plugins_loaded', $plugin_i18n, 'load_plugin_textdomain');
132
- }
133
- /**
134
- * Register all of the hooks related to the public-facing functionality
135
- * of the plugin.
136
- *
137
- * @since 1.0.0
138
- */
139
- private function define_public_hooks()
140
- {
141
- $plugin_public = new Jwt_Auth_Public($this->get_plugin_name(), $this->get_version());
142
- $this->loader->add_action('rest_api_init', $plugin_public, 'add_api_routes');
143
- $this->loader->add_filter('rest_api_init', $plugin_public, 'add_cors_support');
144
- $this->loader->add_filter('rest_pre_dispatch', $plugin_public, 'rest_pre_dispatch', 10, 2);
145
- $this->loader->add_filter('determine_current_user', $plugin_public, 'determine_current_user', 10);
146
- }
147
-
148
- /**
149
- * Run the loader to execute all of the hooks with WordPress.
150
- *
151
- * @since 1.0.0
152
- */
153
- public function run()
154
- {
155
- $this->loader->run();
156
- }
157
-
158
- /**
159
- * The name of the plugin used to uniquely identify it within the context of
160
- * WordPress and to define internationalization functionality.
161
- *
162
- * @since 1.0.0
163
- *
164
- * @return string The name of the plugin.
165
- */
166
- public function get_plugin_name()
167
- {
168
- return $this->plugin_name;
169
- }
170
-
171
- /**
172
- * The reference to the class that orchestrates the hooks with the plugin.
173
- *
174
- * @since 1.0.0
175
- *
176
- * @return Jwt_Auth_Loader Orchestrates the hooks of the plugin.
177
- */
178
- public function get_loader()
179
- {
180
- return $this->loader;
181
- }
182
-
183
- /**
184
- * Retrieve the version number of the plugin.
185
- *
186
- * @since 1.0.0
187
- *
188
- * @return string The version number of the plugin.
189
- */
190
- public function get_version()
191
- {
192
- return $this->version;
193
- }
194
  }
23
  *
24
  * @author Enrique Chavez <noone@tmeister.net>
25
  */
26
+ class Jwt_Auth {
27
+ /**
28
+ * The loader that's responsible for maintaining and registering all hooks that power
29
+ * the plugin.
30
+ *
31
+ * @since 1.0.0
32
+ *
33
+ * @var Jwt_Auth_Loader Maintains and registers all hooks for the plugin.
34
+ */
35
+ protected Jwt_Auth_Loader $loader;
36
+
37
+ /**
38
+ * The unique identifier of this plugin.
39
+ *
40
+ * @since 1.0.0
41
+ *
42
+ * @var string The string used to uniquely identify this plugin.
43
+ */
44
+ protected string $plugin_name;
45
+
46
+ /**
47
+ * The current version of the plugin.
48
+ *
49
+ * @since 1.0.0
50
+ *
51
+ * @var string The current version of the plugin.
52
+ */
53
+ protected string $version;
54
+
55
+ /**
56
+ * Define the core functionality of the plugin.
57
+ *
58
+ * Set the plugin name and the plugin version that can be used throughout the plugin.
59
+ * Load the dependencies, define the locale, and set the hooks for the admin area and
60
+ * the public-facing side of the site.
61
+ *
62
+ * @since 1.0.0
63
+ */
64
+ public function __construct() {
65
+ $this->plugin_name = 'jwt-auth';
66
+ $this->version = '1.1.0';
67
+
68
+ $this->load_dependencies();
69
+ $this->set_locale();
70
+ $this->define_public_hooks();
71
+ }
72
+
73
+ /**
74
+ * Load the required dependencies for this plugin.
75
+ *
76
+ * Include the following files that make up the plugin:
77
+ *
78
+ * - Jwt_Auth_Loader. Orchestrates the hooks of the plugin.
79
+ * - Jwt_Auth_i18n. Defines internationalization functionality.
80
+ * - Jwt_Auth_Admin. Defines all hooks for the admin area.
81
+ * - Jwt_Auth_Public. Defines all hooks for the public side of the site.
82
+ *
83
+ * Create an instance of the loader which will be used to register the hooks
84
+ * with WordPress.
85
+ *
86
+ * @since 1.0.0
87
+ */
88
+ private function load_dependencies() {
89
+
90
+ /**
91
+ * Load dependencies managed by composer.
92
+ */
93
+ require_once plugin_dir_path( dirname( __FILE__ ) ) . 'includes/vendor/autoload.php';
94
+
95
+ /**
96
+ * The class responsible for orchestrating the actions and filters of the
97
+ * core plugin.
98
+ */
99
+ require_once plugin_dir_path( dirname( __FILE__ ) ) . 'includes/class-jwt-auth-loader.php';
100
+
101
+ /**
102
+ * The class responsible for defining internationalization functionality
103
+ * of the plugin.
104
+ */
105
+ require_once plugin_dir_path( dirname( __FILE__ ) ) . 'includes/class-jwt-auth-i18n.php';
106
+
107
+ /**
108
+ * The class responsible for defining all actions that occur in the public-facing
109
+ * side of the site.
110
+ */
111
+ require_once plugin_dir_path( dirname( __FILE__ ) ) . 'public/class-jwt-auth-public.php';
112
+
113
+ $this->loader = new Jwt_Auth_Loader();
114
+ }
115
+
116
+ /**
117
+ * Define the locale for this plugin for internationalization.
118
+ *
119
+ * Uses the Jwt_Auth_i18n class in order to set the domain and to register the hook
120
+ * with WordPress.
121
+ *
122
+ * @since 1.0.0
123
+ */
124
+ private function set_locale() {
125
+ $plugin_i18n = new Jwt_Auth_i18n();
126
+ $plugin_i18n->set_domain( $this->get_plugin_name() );
127
+ $this->loader->add_action( 'plugins_loaded', $plugin_i18n, 'load_plugin_textdomain' );
128
+ }
129
+
130
+ /**
131
+ * Register all the hooks related to the public-facing functionality
132
+ * of the plugin.
133
+ *
134
+ * @since 1.0.0
135
+ */
136
+ private function define_public_hooks() {
137
+ $plugin_public = new Jwt_Auth_Public( $this->get_plugin_name(), $this->get_version() );
138
+ $this->loader->add_action( 'rest_api_init', $plugin_public, 'add_api_routes' );
139
+ $this->loader->add_filter( 'rest_api_init', $plugin_public, 'add_cors_support' );
140
+ $this->loader->add_filter( 'rest_pre_dispatch', $plugin_public, 'rest_pre_dispatch', 10, 2 );
141
+ $this->loader->add_filter( 'determine_current_user', $plugin_public, 'determine_current_user' );
142
+ }
143
+
144
+ /**
145
+ * Run the loader to execute all the hooks with WordPress.
146
+ *
147
+ * @since 1.0.0
148
+ */
149
+ public function run() {
150
+ $this->loader->run();
151
+ }
152
+
153
+ /**
154
+ * The name of the plugin used to uniquely identify it within the context of
155
+ * WordPress and to define internationalization functionality.
156
+ *
157
+ * @return string The name of the plugin.
158
+ * @since 1.0.0
159
+ *
160
+ */
161
+ public function get_plugin_name(): string {
162
+ return $this->plugin_name;
163
+ }
164
+
165
+ /**
166
+ * The reference to the class that orchestrates the hooks with the plugin.
167
+ *
168
+ * @return Jwt_Auth_Loader Orchestrates the hooks of the plugin.
169
+ * @since 1.0.0
170
+ *
171
+ */
172
+ public function get_loader(): Jwt_Auth_Loader {
173
+ return $this->loader;
174
+ }
175
+
176
+ /**
177
+ * Retrieve the version number of the plugin.
178
+ *
179
+ * @return string The version number of the plugin.
180
+ * @since 1.0.0
181
+ *
182
+ */
183
+ public function get_version(): string {
184
+ return $this->version;
185
+ }
 
 
 
 
 
 
 
 
186
  }
includes/vendor/composer/autoload_classmap.php CHANGED
@@ -7,4 +7,113 @@ $baseDir = dirname(dirname($vendorDir));
7
 
8
  return array(
9
  'Composer\\InstalledVersions' => $vendorDir . '/composer/InstalledVersions.php',
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
10
  );
7
 
8
  return array(
9
  'Composer\\InstalledVersions' => $vendorDir . '/composer/InstalledVersions.php',
10
+ 'Composer\\Installers\\AglInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/AglInstaller.php',
11
+ 'Composer\\Installers\\AimeosInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/AimeosInstaller.php',
12
+ 'Composer\\Installers\\AnnotateCmsInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/AnnotateCmsInstaller.php',
13
+ 'Composer\\Installers\\AsgardInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/AsgardInstaller.php',
14
+ 'Composer\\Installers\\AttogramInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/AttogramInstaller.php',
15
+ 'Composer\\Installers\\BaseInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/BaseInstaller.php',
16
+ 'Composer\\Installers\\BitrixInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/BitrixInstaller.php',
17
+ 'Composer\\Installers\\BonefishInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/BonefishInstaller.php',
18
+ 'Composer\\Installers\\CakePHPInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/CakePHPInstaller.php',
19
+ 'Composer\\Installers\\ChefInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/ChefInstaller.php',
20
+ 'Composer\\Installers\\CiviCrmInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/CiviCrmInstaller.php',
21
+ 'Composer\\Installers\\ClanCatsFrameworkInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/ClanCatsFrameworkInstaller.php',
22
+ 'Composer\\Installers\\CockpitInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/CockpitInstaller.php',
23
+ 'Composer\\Installers\\CodeIgniterInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/CodeIgniterInstaller.php',
24
+ 'Composer\\Installers\\Concrete5Installer' => $vendorDir . '/composer/installers/src/Composer/Installers/Concrete5Installer.php',
25
+ 'Composer\\Installers\\CraftInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/CraftInstaller.php',
26
+ 'Composer\\Installers\\CroogoInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/CroogoInstaller.php',
27
+ 'Composer\\Installers\\DecibelInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/DecibelInstaller.php',
28
+ 'Composer\\Installers\\DframeInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/DframeInstaller.php',
29
+ 'Composer\\Installers\\DokuWikiInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/DokuWikiInstaller.php',
30
+ 'Composer\\Installers\\DolibarrInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/DolibarrInstaller.php',
31
+ 'Composer\\Installers\\DrupalInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/DrupalInstaller.php',
32
+ 'Composer\\Installers\\ElggInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/ElggInstaller.php',
33
+ 'Composer\\Installers\\EliasisInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/EliasisInstaller.php',
34
+ 'Composer\\Installers\\ExpressionEngineInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/ExpressionEngineInstaller.php',
35
+ 'Composer\\Installers\\EzPlatformInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/EzPlatformInstaller.php',
36
+ 'Composer\\Installers\\FuelInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/FuelInstaller.php',
37
+ 'Composer\\Installers\\FuelphpInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/FuelphpInstaller.php',
38
+ 'Composer\\Installers\\GravInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/GravInstaller.php',
39
+ 'Composer\\Installers\\HuradInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/HuradInstaller.php',
40
+ 'Composer\\Installers\\ImageCMSInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/ImageCMSInstaller.php',
41
+ 'Composer\\Installers\\Installer' => $vendorDir . '/composer/installers/src/Composer/Installers/Installer.php',
42
+ 'Composer\\Installers\\ItopInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/ItopInstaller.php',
43
+ 'Composer\\Installers\\JoomlaInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/JoomlaInstaller.php',
44
+ 'Composer\\Installers\\KanboardInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/KanboardInstaller.php',
45
+ 'Composer\\Installers\\KirbyInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/KirbyInstaller.php',
46
+ 'Composer\\Installers\\KnownInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/KnownInstaller.php',
47
+ 'Composer\\Installers\\KodiCMSInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/KodiCMSInstaller.php',
48
+ 'Composer\\Installers\\KohanaInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/KohanaInstaller.php',
49
+ 'Composer\\Installers\\LanManagementSystemInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/LanManagementSystemInstaller.php',
50
+ 'Composer\\Installers\\LaravelInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/LaravelInstaller.php',
51
+ 'Composer\\Installers\\LavaLiteInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/LavaLiteInstaller.php',
52
+ 'Composer\\Installers\\LithiumInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/LithiumInstaller.php',
53
+ 'Composer\\Installers\\MODULEWorkInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/MODULEWorkInstaller.php',
54
+ 'Composer\\Installers\\MODXEvoInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/MODXEvoInstaller.php',
55
+ 'Composer\\Installers\\MagentoInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/MagentoInstaller.php',
56
+ 'Composer\\Installers\\MajimaInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/MajimaInstaller.php',
57
+ 'Composer\\Installers\\MakoInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/MakoInstaller.php',
58
+ 'Composer\\Installers\\MantisBTInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/MantisBTInstaller.php',
59
+ 'Composer\\Installers\\MauticInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/MauticInstaller.php',
60
+ 'Composer\\Installers\\MayaInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/MayaInstaller.php',
61
+ 'Composer\\Installers\\MediaWikiInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/MediaWikiInstaller.php',
62
+ 'Composer\\Installers\\MiaoxingInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/MiaoxingInstaller.php',
63
+ 'Composer\\Installers\\MicroweberInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/MicroweberInstaller.php',
64
+ 'Composer\\Installers\\ModxInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/ModxInstaller.php',
65
+ 'Composer\\Installers\\MoodleInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/MoodleInstaller.php',
66
+ 'Composer\\Installers\\OctoberInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/OctoberInstaller.php',
67
+ 'Composer\\Installers\\OntoWikiInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/OntoWikiInstaller.php',
68
+ 'Composer\\Installers\\OsclassInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/OsclassInstaller.php',
69
+ 'Composer\\Installers\\OxidInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/OxidInstaller.php',
70
+ 'Composer\\Installers\\PPIInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/PPIInstaller.php',
71
+ 'Composer\\Installers\\PantheonInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/PantheonInstaller.php',
72
+ 'Composer\\Installers\\PhiftyInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/PhiftyInstaller.php',
73
+ 'Composer\\Installers\\PhpBBInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/PhpBBInstaller.php',
74
+ 'Composer\\Installers\\PimcoreInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/PimcoreInstaller.php',
75
+ 'Composer\\Installers\\PiwikInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/PiwikInstaller.php',
76
+ 'Composer\\Installers\\PlentymarketsInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/PlentymarketsInstaller.php',
77
+ 'Composer\\Installers\\Plugin' => $vendorDir . '/composer/installers/src/Composer/Installers/Plugin.php',
78
+ 'Composer\\Installers\\PortoInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/PortoInstaller.php',
79
+ 'Composer\\Installers\\PrestashopInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/PrestashopInstaller.php',
80
+ 'Composer\\Installers\\ProcessWireInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/ProcessWireInstaller.php',
81
+ 'Composer\\Installers\\PuppetInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/PuppetInstaller.php',
82
+ 'Composer\\Installers\\PxcmsInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/PxcmsInstaller.php',
83
+ 'Composer\\Installers\\RadPHPInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/RadPHPInstaller.php',
84
+ 'Composer\\Installers\\ReIndexInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/ReIndexInstaller.php',
85
+ 'Composer\\Installers\\Redaxo5Installer' => $vendorDir . '/composer/installers/src/Composer/Installers/Redaxo5Installer.php',
86
+ 'Composer\\Installers\\RedaxoInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/RedaxoInstaller.php',
87
+ 'Composer\\Installers\\RoundcubeInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/RoundcubeInstaller.php',
88
+ 'Composer\\Installers\\SMFInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/SMFInstaller.php',
89
+ 'Composer\\Installers\\ShopwareInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/ShopwareInstaller.php',
90
+ 'Composer\\Installers\\SilverStripeInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/SilverStripeInstaller.php',
91
+ 'Composer\\Installers\\SiteDirectInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/SiteDirectInstaller.php',
92
+ 'Composer\\Installers\\StarbugInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/StarbugInstaller.php',
93
+ 'Composer\\Installers\\SyDESInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/SyDESInstaller.php',
94
+ 'Composer\\Installers\\SyliusInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/SyliusInstaller.php',
95
+ 'Composer\\Installers\\Symfony1Installer' => $vendorDir . '/composer/installers/src/Composer/Installers/Symfony1Installer.php',
96
+ 'Composer\\Installers\\TYPO3CmsInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/TYPO3CmsInstaller.php',
97
+ 'Composer\\Installers\\TYPO3FlowInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/TYPO3FlowInstaller.php',
98
+ 'Composer\\Installers\\TaoInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/TaoInstaller.php',
99
+ 'Composer\\Installers\\TastyIgniterInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/TastyIgniterInstaller.php',
100
+ 'Composer\\Installers\\TheliaInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/TheliaInstaller.php',
101
+ 'Composer\\Installers\\TuskInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/TuskInstaller.php',
102
+ 'Composer\\Installers\\UserFrostingInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/UserFrostingInstaller.php',
103
+ 'Composer\\Installers\\VanillaInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/VanillaInstaller.php',
104
+ 'Composer\\Installers\\VgmcpInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/VgmcpInstaller.php',
105
+ 'Composer\\Installers\\WHMCSInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/WHMCSInstaller.php',
106
+ 'Composer\\Installers\\WinterInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/WinterInstaller.php',
107
+ 'Composer\\Installers\\WolfCMSInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/WolfCMSInstaller.php',
108
+ 'Composer\\Installers\\WordPressInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/WordPressInstaller.php',
109
+ 'Composer\\Installers\\YawikInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/YawikInstaller.php',
110
+ 'Composer\\Installers\\ZendInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/ZendInstaller.php',
111
+ 'Composer\\Installers\\ZikulaInstaller' => $vendorDir . '/composer/installers/src/Composer/Installers/ZikulaInstaller.php',
112
+ 'Firebase\\JWT\\BeforeValidException' => $vendorDir . '/firebase/php-jwt/src/BeforeValidException.php',
113
+ 'Firebase\\JWT\\CachedKeySet' => $vendorDir . '/firebase/php-jwt/src/CachedKeySet.php',
114
+ 'Firebase\\JWT\\ExpiredException' => $vendorDir . '/firebase/php-jwt/src/ExpiredException.php',
115
+ 'Firebase\\JWT\\JWK' => $vendorDir . '/firebase/php-jwt/src/JWK.php',
116
+ 'Firebase\\JWT\\JWT' => $vendorDir . '/firebase/php-jwt/src/JWT.php',
117
+ 'Firebase\\JWT\\Key' => $vendorDir . '/firebase/php-jwt/src/Key.php',
118
+ 'Firebase\\JWT\\SignatureInvalidException' => $vendorDir . '/firebase/php-jwt/src/SignatureInvalidException.php',
119
  );
includes/vendor/composer/autoload_static.php CHANGED
@@ -30,6 +30,115 @@ class ComposerStaticInit6ba6ee55693d165c056f65e51c5383a5
30
 
31
  public static $classMap = array (
32
  'Composer\\InstalledVersions' => __DIR__ . '/..' . '/composer/InstalledVersions.php',
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
33
  );
34
 
35
  public static function getInitializer(ClassLoader $loader)
30
 
31
  public static $classMap = array (
32
  'Composer\\InstalledVersions' => __DIR__ . '/..' . '/composer/InstalledVersions.php',
33
+ 'Composer\\Installers\\AglInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/AglInstaller.php',
34
+ 'Composer\\Installers\\AimeosInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/AimeosInstaller.php',
35
+ 'Composer\\Installers\\AnnotateCmsInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/AnnotateCmsInstaller.php',
36
+ 'Composer\\Installers\\AsgardInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/AsgardInstaller.php',
37
+ 'Composer\\Installers\\AttogramInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/AttogramInstaller.php',
38
+ 'Composer\\Installers\\BaseInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/BaseInstaller.php',
39
+ 'Composer\\Installers\\BitrixInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/BitrixInstaller.php',
40
+ 'Composer\\Installers\\BonefishInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/BonefishInstaller.php',
41
+ 'Composer\\Installers\\CakePHPInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/CakePHPInstaller.php',
42
+ 'Composer\\Installers\\ChefInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/ChefInstaller.php',
43
+ 'Composer\\Installers\\CiviCrmInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/CiviCrmInstaller.php',
44
+ 'Composer\\Installers\\ClanCatsFrameworkInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/ClanCatsFrameworkInstaller.php',
45
+ 'Composer\\Installers\\CockpitInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/CockpitInstaller.php',
46
+ 'Composer\\Installers\\CodeIgniterInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/CodeIgniterInstaller.php',
47
+ 'Composer\\Installers\\Concrete5Installer' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/Concrete5Installer.php',
48
+ 'Composer\\Installers\\CraftInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/CraftInstaller.php',
49
+ 'Composer\\Installers\\CroogoInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/CroogoInstaller.php',
50
+ 'Composer\\Installers\\DecibelInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/DecibelInstaller.php',
51
+ 'Composer\\Installers\\DframeInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/DframeInstaller.php',
52
+ 'Composer\\Installers\\DokuWikiInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/DokuWikiInstaller.php',
53
+ 'Composer\\Installers\\DolibarrInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/DolibarrInstaller.php',
54
+ 'Composer\\Installers\\DrupalInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/DrupalInstaller.php',
55
+ 'Composer\\Installers\\ElggInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/ElggInstaller.php',
56
+ 'Composer\\Installers\\EliasisInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/EliasisInstaller.php',
57
+ 'Composer\\Installers\\ExpressionEngineInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/ExpressionEngineInstaller.php',
58
+ 'Composer\\Installers\\EzPlatformInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/EzPlatformInstaller.php',
59
+ 'Composer\\Installers\\FuelInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/FuelInstaller.php',
60
+ 'Composer\\Installers\\FuelphpInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/FuelphpInstaller.php',
61
+ 'Composer\\Installers\\GravInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/GravInstaller.php',
62
+ 'Composer\\Installers\\HuradInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/HuradInstaller.php',
63
+ 'Composer\\Installers\\ImageCMSInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/ImageCMSInstaller.php',
64
+ 'Composer\\Installers\\Installer' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/Installer.php',
65
+ 'Composer\\Installers\\ItopInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/ItopInstaller.php',
66
+ 'Composer\\Installers\\JoomlaInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/JoomlaInstaller.php',
67
+ 'Composer\\Installers\\KanboardInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/KanboardInstaller.php',
68
+ 'Composer\\Installers\\KirbyInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/KirbyInstaller.php',
69
+ 'Composer\\Installers\\KnownInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/KnownInstaller.php',
70
+ 'Composer\\Installers\\KodiCMSInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/KodiCMSInstaller.php',
71
+ 'Composer\\Installers\\KohanaInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/KohanaInstaller.php',
72
+ 'Composer\\Installers\\LanManagementSystemInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/LanManagementSystemInstaller.php',
73
+ 'Composer\\Installers\\LaravelInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/LaravelInstaller.php',
74
+ 'Composer\\Installers\\LavaLiteInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/LavaLiteInstaller.php',
75
+ 'Composer\\Installers\\LithiumInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/LithiumInstaller.php',
76
+ 'Composer\\Installers\\MODULEWorkInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/MODULEWorkInstaller.php',
77
+ 'Composer\\Installers\\MODXEvoInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/MODXEvoInstaller.php',
78
+ 'Composer\\Installers\\MagentoInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/MagentoInstaller.php',
79
+ 'Composer\\Installers\\MajimaInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/MajimaInstaller.php',
80
+ 'Composer\\Installers\\MakoInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/MakoInstaller.php',
81
+ 'Composer\\Installers\\MantisBTInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/MantisBTInstaller.php',
82
+ 'Composer\\Installers\\MauticInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/MauticInstaller.php',
83
+ 'Composer\\Installers\\MayaInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/MayaInstaller.php',
84
+ 'Composer\\Installers\\MediaWikiInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/MediaWikiInstaller.php',
85
+ 'Composer\\Installers\\MiaoxingInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/MiaoxingInstaller.php',
86
+ 'Composer\\Installers\\MicroweberInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/MicroweberInstaller.php',
87
+ 'Composer\\Installers\\ModxInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/ModxInstaller.php',
88
+ 'Composer\\Installers\\MoodleInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/MoodleInstaller.php',
89
+ 'Composer\\Installers\\OctoberInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/OctoberInstaller.php',
90
+ 'Composer\\Installers\\OntoWikiInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/OntoWikiInstaller.php',
91
+ 'Composer\\Installers\\OsclassInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/OsclassInstaller.php',
92
+ 'Composer\\Installers\\OxidInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/OxidInstaller.php',
93
+ 'Composer\\Installers\\PPIInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/PPIInstaller.php',
94
+ 'Composer\\Installers\\PantheonInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/PantheonInstaller.php',
95
+ 'Composer\\Installers\\PhiftyInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/PhiftyInstaller.php',
96
+ 'Composer\\Installers\\PhpBBInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/PhpBBInstaller.php',
97
+ 'Composer\\Installers\\PimcoreInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/PimcoreInstaller.php',
98
+ 'Composer\\Installers\\PiwikInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/PiwikInstaller.php',
99
+ 'Composer\\Installers\\PlentymarketsInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/PlentymarketsInstaller.php',
100
+ 'Composer\\Installers\\Plugin' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/Plugin.php',
101
+ 'Composer\\Installers\\PortoInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/PortoInstaller.php',
102
+ 'Composer\\Installers\\PrestashopInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/PrestashopInstaller.php',
103
+ 'Composer\\Installers\\ProcessWireInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/ProcessWireInstaller.php',
104
+ 'Composer\\Installers\\PuppetInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/PuppetInstaller.php',
105
+ 'Composer\\Installers\\PxcmsInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/PxcmsInstaller.php',
106
+ 'Composer\\Installers\\RadPHPInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/RadPHPInstaller.php',
107
+ 'Composer\\Installers\\ReIndexInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/ReIndexInstaller.php',
108
+ 'Composer\\Installers\\Redaxo5Installer' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/Redaxo5Installer.php',
109
+ 'Composer\\Installers\\RedaxoInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/RedaxoInstaller.php',
110
+ 'Composer\\Installers\\RoundcubeInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/RoundcubeInstaller.php',
111
+ 'Composer\\Installers\\SMFInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/SMFInstaller.php',
112
+ 'Composer\\Installers\\ShopwareInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/ShopwareInstaller.php',
113
+ 'Composer\\Installers\\SilverStripeInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/SilverStripeInstaller.php',
114
+ 'Composer\\Installers\\SiteDirectInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/SiteDirectInstaller.php',
115
+ 'Composer\\Installers\\StarbugInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/StarbugInstaller.php',
116
+ 'Composer\\Installers\\SyDESInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/SyDESInstaller.php',
117
+ 'Composer\\Installers\\SyliusInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/SyliusInstaller.php',
118
+ 'Composer\\Installers\\Symfony1Installer' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/Symfony1Installer.php',
119
+ 'Composer\\Installers\\TYPO3CmsInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/TYPO3CmsInstaller.php',
120
+ 'Composer\\Installers\\TYPO3FlowInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/TYPO3FlowInstaller.php',
121
+ 'Composer\\Installers\\TaoInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/TaoInstaller.php',
122
+ 'Composer\\Installers\\TastyIgniterInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/TastyIgniterInstaller.php',
123
+ 'Composer\\Installers\\TheliaInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/TheliaInstaller.php',
124
+ 'Composer\\Installers\\TuskInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/TuskInstaller.php',
125
+ 'Composer\\Installers\\UserFrostingInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/UserFrostingInstaller.php',
126
+ 'Composer\\Installers\\VanillaInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/VanillaInstaller.php',
127
+ 'Composer\\Installers\\VgmcpInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/VgmcpInstaller.php',
128
+ 'Composer\\Installers\\WHMCSInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/WHMCSInstaller.php',
129
+ 'Composer\\Installers\\WinterInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/WinterInstaller.php',
130
+ 'Composer\\Installers\\WolfCMSInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/WolfCMSInstaller.php',
131
+ 'Composer\\Installers\\WordPressInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/WordPressInstaller.php',
132
+ 'Composer\\Installers\\YawikInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/YawikInstaller.php',
133
+ 'Composer\\Installers\\ZendInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/ZendInstaller.php',
134
+ 'Composer\\Installers\\ZikulaInstaller' => __DIR__ . '/..' . '/composer/installers/src/Composer/Installers/ZikulaInstaller.php',
135
+ 'Firebase\\JWT\\BeforeValidException' => __DIR__ . '/..' . '/firebase/php-jwt/src/BeforeValidException.php',
136
+ 'Firebase\\JWT\\CachedKeySet' => __DIR__ . '/..' . '/firebase/php-jwt/src/CachedKeySet.php',
137
+ 'Firebase\\JWT\\ExpiredException' => __DIR__ . '/..' . '/firebase/php-jwt/src/ExpiredException.php',
138
+ 'Firebase\\JWT\\JWK' => __DIR__ . '/..' . '/firebase/php-jwt/src/JWK.php',
139
+ 'Firebase\\JWT\\JWT' => __DIR__ . '/..' . '/firebase/php-jwt/src/JWT.php',
140
+ 'Firebase\\JWT\\Key' => __DIR__ . '/..' . '/firebase/php-jwt/src/Key.php',
141
+ 'Firebase\\JWT\\SignatureInvalidException' => __DIR__ . '/..' . '/firebase/php-jwt/src/SignatureInvalidException.php',
142
  );
143
 
144
  public static function getInitializer(ClassLoader $loader)
includes/vendor/composer/installed.json CHANGED
@@ -220,6 +220,6 @@
220
  "install-path": "../firebase/php-jwt"
221
  }
222
  ],
223
- "dev": true,
224
  "dev-package-names": []
225
  }
220
  "install-path": "../firebase/php-jwt"
221
  }
222
  ],
223
+ "dev": false,
224
  "dev-package-names": []
225
  }
includes/vendor/composer/installed.php CHANGED
@@ -3,11 +3,11 @@
3
  'name' => 'tmeister/wp-api-jwt-auth',
4
  'pretty_version' => 'dev-develop',
5
  'version' => 'dev-develop',
6
- 'reference' => 'a295379a9c93180daff228ce2050a376dc17acab',
7
  'type' => 'wordpress-plugin',
8
  'install_path' => __DIR__ . '/../../../',
9
  'aliases' => array(),
10
- 'dev' => true,
11
  ),
12
  'versions' => array(
13
  'composer/installers' => array(
@@ -43,7 +43,7 @@
43
  'tmeister/wp-api-jwt-auth' => array(
44
  'pretty_version' => 'dev-develop',
45
  'version' => 'dev-develop',
46
- 'reference' => 'a295379a9c93180daff228ce2050a376dc17acab',
47
  'type' => 'wordpress-plugin',
48
  'install_path' => __DIR__ . '/../../../',
49
  'aliases' => array(),
3
  'name' => 'tmeister/wp-api-jwt-auth',
4
  'pretty_version' => 'dev-develop',
5
  'version' => 'dev-develop',
6
+ 'reference' => 'd5181b702e0481f26073987932f99dc3ef4a6c08',
7
  'type' => 'wordpress-plugin',
8
  'install_path' => __DIR__ . '/../../../',
9
  'aliases' => array(),
10
+ 'dev' => false,
11
  ),
12
  'versions' => array(
13
  'composer/installers' => array(
43
  'tmeister/wp-api-jwt-auth' => array(
44
  'pretty_version' => 'dev-develop',
45
  'version' => 'dev-develop',
46
+ 'reference' => 'd5181b702e0481f26073987932f99dc3ef4a6c08',
47
  'type' => 'wordpress-plugin',
48
  'install_path' => __DIR__ . '/../../../',
49
  'aliases' => array(),
includes/vendor/composer/platform_check.php CHANGED
@@ -4,8 +4,8 @@
4
 
5
  $issues = array();
6
 
7
- if (!(PHP_VERSION_ID >= 70100)) {
8
- $issues[] = 'Your Composer dependencies require a PHP version ">= 7.1.0". You are running ' . PHP_VERSION . '.';
9
  }
10
 
11
  if ($issues) {
4
 
5
  $issues = array();
6
 
7
+ if (!(PHP_VERSION_ID >= 70400)) {
8
+ $issues[] = 'Your Composer dependencies require a PHP version ">= 7.4.0". You are running ' . PHP_VERSION . '.';
9
  }
10
 
11
  if ($issues) {
jwt-auth.php CHANGED
@@ -15,7 +15,7 @@
15
  * Plugin Name: JWT Authentication for WP-API
16
  * Plugin URI: https://enriquechavez.co
17
  * Description: Extends the WP REST API using JSON Web Tokens Authentication as an authentication method.
18
- * Version: 1.3.0
19
  * Author: Enrique Chavez
20
  * Author URI: https://enriquechavez.co
21
  * License: GPL-2.0+
@@ -25,15 +25,15 @@
25
  */
26
 
27
  // If this file is called directly, abort.
28
- if (!defined('WPINC')) {
29
- die;
30
  }
31
 
32
  /**
33
  * The core plugin class that is used to define internationalization,
34
  * admin-specific hooks, and public-facing site hooks.
35
  */
36
- require plugin_dir_path(__FILE__) . 'includes/class-jwt-auth.php';
37
 
38
  /**
39
  * Begins execution of the plugin.
@@ -44,9 +44,9 @@ require plugin_dir_path(__FILE__) . 'includes/class-jwt-auth.php';
44
  *
45
  * @since 1.0.0
46
  */
47
- function run_jwt_auth()
48
- {
49
- $plugin = new Jwt_Auth();
50
- $plugin->run();
51
  }
 
52
  run_jwt_auth();
15
  * Plugin Name: JWT Authentication for WP-API
16
  * Plugin URI: https://enriquechavez.co
17
  * Description: Extends the WP REST API using JSON Web Tokens Authentication as an authentication method.
18
+ * Version: 1.3.1
19
  * Author: Enrique Chavez
20
  * Author URI: https://enriquechavez.co
21
  * License: GPL-2.0+
25
  */
26
 
27
  // If this file is called directly, abort.
28
+ if ( ! defined( 'WPINC' ) ) {
29
+ die;
30
  }
31
 
32
  /**
33
  * The core plugin class that is used to define internationalization,
34
  * admin-specific hooks, and public-facing site hooks.
35
  */
36
+ require plugin_dir_path( __FILE__ ) . 'includes/class-jwt-auth.php';
37
 
38
  /**
39
  * Begins execution of the plugin.
44
  *
45
  * @since 1.0.0
46
  */
47
+ function run_jwt_auth() {
48
+ $plugin = new Jwt_Auth();
49
+ $plugin->run();
 
50
  }
51
+
52
  run_jwt_auth();
public/class-jwt-auth-public.php CHANGED
@@ -4,13 +4,6 @@
4
  use Firebase\JWT\JWT;
5
  use Firebase\JWT\Key;
6
 
7
- /**
8
- * The public-facing functionality of the plugin.
9
- *
10
- * @link https://enriquechavez.co
11
- * @since 1.0.0
12
- */
13
-
14
  /**
15
  * The public-facing functionality of the plugin.
16
  *
@@ -18,316 +11,374 @@ use Firebase\JWT\Key;
18
  * enqueue the admin-specific stylesheet and JavaScript.
19
  *
20
  * @author Enrique Chavez <noone@tmeister.net>
 
21
  */
22
- class Jwt_Auth_Public
23
- {
24
- /**
25
- * The ID of this plugin.
26
- *
27
- * @since 1.0.0
28
- *
29
- * @var string The ID of this plugin.
30
- */
31
- private $plugin_name;
32
-
33
- /**
34
- * The version of this plugin.
35
- *
36
- * @since 1.0.0
37
- *
38
- * @var string The current version of this plugin.
39
- */
40
- private $version;
41
-
42
- /**
43
- * The namespace to add to the api calls.
44
- *
45
- * @var string The namespace to add to the api call
46
- */
47
- private $namespace;
48
-
49
- /**
50
- * Store errors to display if the JWT is wrong
51
- *
52
- * @var WP_Error
53
- */
54
- private $jwt_error = null;
55
-
56
- /**
57
- * Initialize the class and set its properties.
58
- *
59
- * @since 1.0.0
60
- *
61
- * @param string $plugin_name The name of the plugin.
62
- * @param string $version The version of this plugin.
63
- */
64
- public function __construct($plugin_name, $version)
65
- {
66
- $this->plugin_name = $plugin_name;
67
- $this->version = $version;
68
- $this->namespace = $this->plugin_name . '/v' . intval($this->version);
69
- }
70
-
71
- /**
72
- * Add the endpoints to the API
73
- */
74
- public function add_api_routes()
75
- {
76
- register_rest_route($this->namespace, 'token', array(
77
- 'methods' => 'POST',
78
- 'callback' => array($this, 'generate_token'),
79
- 'permission_callback' => '__return_true',
80
- ));
81
-
82
- register_rest_route($this->namespace, 'token/validate', array(
83
- 'methods' => 'POST',
84
- 'callback' => array($this, 'validate_token'),
85
- 'permission_callback' => '__return_true',
86
- ));
87
- }
88
-
89
- /**
90
- * Add CORs support to the request.
91
- */
92
- public function add_cors_support()
93
- {
94
- $enable_cors = defined('JWT_AUTH_CORS_ENABLE') ? JWT_AUTH_CORS_ENABLE : false;
95
- if ($enable_cors) {
96
- $headers = apply_filters('jwt_auth_cors_allow_headers', 'Access-Control-Allow-Headers, Content-Type, Authorization');
97
- header(sprintf('Access-Control-Allow-Headers: %s', $headers));
98
- }
99
- }
 
 
 
 
 
 
100
 
101
  /**
102
  * Get the user and password in the request body and generate a JWT
103
  *
104
- * @param [type] $request [description]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
105
  *
106
- * @return mixed|WP_Error|null [type] [description]
 
 
 
 
 
107
  */
108
- public function generate_token($request)
109
- {
110
- $secret_key = defined('JWT_AUTH_SECRET_KEY') ? JWT_AUTH_SECRET_KEY : false;
111
- $username = $request->get_param('username');
112
- $password = $request->get_param('password');
113
-
114
- /** First thing, check the secret key if not exist return a error*/
115
- if (!$secret_key) {
116
- return new WP_Error(
117
- 'jwt_auth_bad_config',
118
- __('JWT is not configured properly, please contact the admin', 'wp-api-jwt-auth'),
119
- array(
120
- 'status' => 403,
121
- )
122
- );
123
- }
124
- /** Try to authenticate the user with the passed credentials*/
125
- $user = wp_authenticate($username, $password);
126
-
127
- /** If the authentication fails return an error*/
128
- if (is_wp_error($user)) {
129
- $error_code = $user->get_error_code();
130
- return new WP_Error(
131
- '[jwt_auth] ' . $error_code,
132
- $user->get_error_message($error_code),
133
- array(
134
- 'status' => 403,
135
- )
136
- );
137
- }
138
-
139
- /** Valid credentials, the user exists create the according Token */
140
- $issuedAt = time();
141
- $notBefore = apply_filters('jwt_auth_not_before', $issuedAt, $issuedAt);
142
- $expire = apply_filters('jwt_auth_expire', $issuedAt + (DAY_IN_SECONDS * 7), $issuedAt);
143
-
144
- $token = array(
145
- 'iss' => get_bloginfo('url'),
146
- 'iat' => $issuedAt,
147
- 'nbf' => $notBefore,
148
- 'exp' => $expire,
149
- 'data' => array(
150
- 'user' => array(
151
- 'id' => $user->data->ID,
152
- ),
153
- ),
154
- );
155
-
156
- /** Let the user modify the token data before the sign. */
157
- $token = JWT::encode(
158
- apply_filters('jwt_auth_token_before_sign', $token, $user),
159
- $secret_key,
160
- apply_filters('jwt_auth_algorithm', 'HS256')
161
- );
162
-
163
- /** The token is signed, now create the object with no sensible user data to the client*/
164
- $data = array(
165
- 'token' => $token,
166
- 'user_email' => $user->data->user_email,
167
- 'user_nicename' => $user->data->user_nicename,
168
- 'user_display_name' => $user->data->display_name,
169
- );
170
-
171
- /** Let the user modify the data before send it back */
172
- return apply_filters('jwt_auth_token_before_dispatch', $data, $user);
173
- }
174
-
175
- /**
176
- * This is our Middleware to try to authenticate the user according to the
177
- * token send.
178
- *
179
- * @param (int|bool) $user Logged User ID
180
- *
181
- * @return (int|bool)
182
- */
183
- public function determine_current_user($user)
184
- {
185
- /**
186
- * This hook only should run on the REST API requests to determine
187
- * if the user in the Token (if any) is valid, for any other
188
- * normal call ex. wp-admin/.* return the user.
189
- *
190
- * @since 1.2.3
191
- **/
192
- $rest_api_slug = rest_get_url_prefix();
193
- $valid_api_uri = strpos($_SERVER['REQUEST_URI'], $rest_api_slug);
194
- // if already valid user or invalid url, don't attempt to validate token
195
- if ( !$valid_api_uri || $user ) {
196
- return $user;
197
- }
198
-
199
- /*
200
- * if the request URI is for validate the token don't do anything,
201
- * this avoids double calls to the validate_token function.
202
- */
203
- $validate_uri = strpos($_SERVER['REQUEST_URI'], 'token/validate');
204
- if ($validate_uri > 0) {
205
- return $user;
206
- }
207
-
208
- $token = $this->validate_token(false);
209
-
210
- if (is_wp_error($token)) {
211
- if ($token->get_error_code() != 'jwt_auth_no_auth_header') {
212
- /** If there is an error, store it to show it after see rest_pre_dispatch */
213
- $this->jwt_error = $token;
214
- return $user;
215
- } else {
216
- return $user;
217
- }
218
- }
219
- /** Everything is ok, return the user ID stored in the token*/
220
- return $token->data->user->id;
221
- }
222
-
223
- /**
224
- * Main validation function, this function try to get the Authentication
225
- * headers and decoded.
226
- *
227
- * @param bool $output
228
- *
229
- * @return WP_Error | Object | Array
230
- */
231
- public function validate_token($output = true)
232
- {
233
- /*
234
- * Looking for the HTTP_AUTHORIZATION header, if not present just
235
- * return the user.
236
- */
237
- $auth = isset($_SERVER['HTTP_AUTHORIZATION']) ? $_SERVER['HTTP_AUTHORIZATION'] : false;
238
-
239
- /* Double check for different auth header string (server dependent) */
240
- if (!$auth) {
241
- $auth = isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) ? $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] : false;
242
- }
243
-
244
- if (!$auth) {
245
- return new WP_Error(
246
- 'jwt_auth_no_auth_header',
247
- 'Authorization header not found.',
248
- array(
249
- 'status' => 403,
250
- )
251
- );
252
- }
253
-
254
- /*
255
- * The HTTP_AUTHORIZATION is present verify the format
256
- * if the format is wrong return the user.
257
- */
258
- list($token) = sscanf($auth, 'Bearer %s');
259
- if (!$token) {
260
- return new WP_Error(
261
- 'jwt_auth_bad_auth_header',
262
- 'Authorization header malformed.',
263
- array(
264
- 'status' => 403,
265
- )
266
- );
267
- }
268
-
269
- /** Get the Secret Key */
270
- $secret_key = defined('JWT_AUTH_SECRET_KEY') ? JWT_AUTH_SECRET_KEY : false;
271
- if (!$secret_key) {
272
- return new WP_Error(
273
- 'jwt_auth_bad_config',
274
- 'JWT is not configured properly, please contact the admin',
275
- array(
276
- 'status' => 403,
277
- )
278
- );
279
- }
280
-
281
- /** Try to decode the token */
282
- try {
283
- $token = JWT::decode(
284
- $token,
285
- new Key($secret_key, apply_filters('jwt_auth_algorithm', 'HS256'))
286
- );
287
- /** The Token is decoded now validate the iss */
288
- if ($token->iss != get_bloginfo('url')) {
289
- /** The iss do not match, return error */
290
- return new WP_Error(
291
- 'jwt_auth_bad_iss',
292
- 'The iss do not match with this server',
293
- array(
294
- 'status' => 403,
295
- )
296
- );
297
- }
298
- /** So far so good, validate the user id in the token */
299
- if (!isset($token->data->user->id)) {
300
- /** No user id in the token, abort!! */
301
- return new WP_Error(
302
- 'jwt_auth_bad_request',
303
- 'User ID not found in the token',
304
- array(
305
- 'status' => 403,
306
- )
307
- );
308
- }
309
- /** Everything looks good return the decoded token if the $output is false */
310
- if (!$output) {
311
- return $token;
312
- }
313
- /** If the output is true return an answer to the request to show it */
314
- return array(
315
- 'code' => 'jwt_auth_valid_token',
316
- 'data' => array(
317
- 'status' => 200,
318
- ),
319
- );
320
- } catch (Exception $e) {
321
- /** Something is wrong trying to decode the token, send back the error */
322
- return new WP_Error(
323
- 'jwt_auth_invalid_token',
324
- $e->getMessage(),
325
- array(
326
- 'status' => 403,
327
- )
328
- );
329
- }
330
- }
331
 
332
  /**
333
  * Filter to hook the rest_pre_dispatch, if the is an error in the request
@@ -337,11 +388,26 @@ class Jwt_Auth_Public
337
  *
338
  * @return mixed|WP_Error|null
339
  */
340
- public function rest_pre_dispatch($request)
341
- {
342
- if (is_wp_error($this->jwt_error)) {
343
- return $this->jwt_error;
344
- }
345
- return $request;
346
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
347
  }
4
  use Firebase\JWT\JWT;
5
  use Firebase\JWT\Key;
6
 
 
 
 
 
 
 
 
7
  /**
8
  * The public-facing functionality of the plugin.
9
  *
11
  * enqueue the admin-specific stylesheet and JavaScript.
12
  *
13
  * @author Enrique Chavez <noone@tmeister.net>
14
+ * @since 1.0.0
15
  */
16
+ class Jwt_Auth_Public {
17
+ /**
18
+ * The ID of this plugin.
19
+ *
20
+ * @since 1.0.0
21
+ *
22
+ * @var string The ID of this plugin.
23
+ */
24
+ private string $plugin_name;
25
+
26
+ /**
27
+ * The version of this plugin.
28
+ *
29
+ * @since 1.0.0
30
+ *
31
+ * @var string The current version of this plugin.
32
+ */
33
+ private string $version;
34
+
35
+ /**
36
+ * The namespace to add to the api calls.
37
+ *
38
+ * @var string The namespace to add to the api call
39
+ */
40
+ private string $namespace;
41
+
42
+ /**
43
+ * Store errors to display if the JWT is wrong
44
+ *
45
+ * @var WP_Error|null
46
+ */
47
+ private ?WP_Error $jwt_error = null;
48
+
49
+ /**
50
+ * Supported algorithms to sign the token.
51
+ *
52
+ * @var array|string[]
53
+ * @since 1.3.1
54
+ * @see https://www.rfc-editor.org/rfc/rfc7518#section-3
55
+ */
56
+ private array $supported_algorithms = [ 'HS256', 'HS384', 'HS512', 'RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512', 'PS256', 'PS384', 'PS512' ];
57
+
58
+ /**
59
+ * Initialize the class and set its properties.
60
+ *
61
+ * @param string $plugin_name The name of the plugin.
62
+ * @param string $version The version of this plugin.
63
+ *
64
+ * @since 1.0.0
65
+ *
66
+ */
67
+ public function __construct( string $plugin_name, string $version ) {
68
+ $this->plugin_name = $plugin_name;
69
+ $this->version = $version;
70
+ $this->namespace = $this->plugin_name . '/v' . intval( $this->version );
71
+ }
72
+
73
+ /**
74
+ * Add the endpoints to the API
75
+ */
76
+ public function add_api_routes() {
77
+ register_rest_route( $this->namespace, 'token', [
78
+ 'methods' => 'POST',
79
+ 'callback' => [ $this, 'generate_token' ],
80
+ 'permission_callback' => '__return_true',
81
+ ] );
82
+
83
+ register_rest_route( $this->namespace, 'token/validate', [
84
+ 'methods' => 'POST',
85
+ 'callback' => [ $this, 'validate_token' ],
86
+ 'permission_callback' => '__return_true',
87
+ ] );
88
+ }
89
+
90
+ /**
91
+ * Add CORs support to the request.
92
+ */
93
+ public function add_cors_support() {
94
+ $enable_cors = defined( 'JWT_AUTH_CORS_ENABLE' ) && JWT_AUTH_CORS_ENABLE;
95
+ if ( $enable_cors ) {
96
+ $headers = apply_filters( 'jwt_auth_cors_allow_headers', 'Access-Control-Allow-Headers, Content-Type, Authorization' );
97
+ header( sprintf( 'Access-Control-Allow-Headers: %s', $headers ) );
98
+ }
99
+ }
100
 
101
  /**
102
  * Get the user and password in the request body and generate a JWT
103
  *
104
+ * @param WP_REST_Request $request
105
+ *
106
+ * @return mixed|WP_Error|null
107
+ */
108
+ public function generate_token( WP_REST_Request $request ) {
109
+ $secret_key = defined( 'JWT_AUTH_SECRET_KEY' ) ? JWT_AUTH_SECRET_KEY : false;
110
+ $username = $request->get_param( 'username' );
111
+ $password = $request->get_param( 'password' );
112
+
113
+ /** First thing, check the secret key if not exist return an error*/
114
+ if ( ! $secret_key ) {
115
+ return new WP_Error(
116
+ 'jwt_auth_bad_config',
117
+ __( 'JWT is not configured properly, please contact the admin', 'wp-api-jwt-auth' ),
118
+ [
119
+ 'status' => 403,
120
+ ]
121
+ );
122
+ }
123
+ /** Try to authenticate the user with the passed credentials*/
124
+ $user = wp_authenticate( $username, $password );
125
+
126
+ /** If the authentication fails return an error*/
127
+ if ( is_wp_error( $user ) ) {
128
+ $error_code = $user->get_error_code();
129
+
130
+ return new WP_Error(
131
+ '[jwt_auth] ' . $error_code,
132
+ $user->get_error_message( $error_code ),
133
+ [
134
+ 'status' => 403,
135
+ ]
136
+ );
137
+ }
138
+
139
+ /** Valid credentials, the user exists create the according Token */
140
+ $issuedAt = time();
141
+ $notBefore = apply_filters( 'jwt_auth_not_before', $issuedAt, $issuedAt );
142
+ $expire = apply_filters( 'jwt_auth_expire', $issuedAt + ( DAY_IN_SECONDS * 7 ), $issuedAt );
143
+
144
+ $token = [
145
+ 'iss' => get_bloginfo( 'url' ),
146
+ 'iat' => $issuedAt,
147
+ 'nbf' => $notBefore,
148
+ 'exp' => $expire,
149
+ 'data' => [
150
+ 'user' => [
151
+ 'id' => $user->data->ID,
152
+ ],
153
+ ],
154
+ ];
155
+
156
+ /** Let the user modify the token data before the sign. */
157
+ $algorithm = $this->get_algorithm();
158
+
159
+ if ( $algorithm === false ) {
160
+ return new WP_Error(
161
+ 'jwt_auth_unsupported_algorithm',
162
+ __( 'Algorithm not supported, see https://www.rfc-editor.org/rfc/rfc7518#section-3', 'wp-api-jwt-auth' ),
163
+ [
164
+ 'status' => 403,
165
+ ]
166
+ );
167
+ }
168
+
169
+ $token = JWT::encode(
170
+ apply_filters( 'jwt_auth_token_before_sign', $token, $user ),
171
+ $secret_key,
172
+ $algorithm
173
+ );
174
+
175
+ /** The token is signed, now create the object with no sensible user data to the client*/
176
+ $data = [
177
+ 'token' => $token,
178
+ 'user_email' => $user->data->user_email,
179
+ 'user_nicename' => $user->data->user_nicename,
180
+ 'user_display_name' => $user->data->display_name,
181
+ ];
182
+
183
+ /** Let the user modify the data before send it back */
184
+ return apply_filters( 'jwt_auth_token_before_dispatch', $data, $user );
185
+ }
186
+
187
+ /**
188
+ * This is our Middleware to try to authenticate the user according to the
189
+ * token send.
190
+ *
191
+ * @param (int|bool) $user Logged User ID
192
+ *
193
+ * @return (int|bool)
194
+ */
195
+ public function determine_current_user( $user ) {
196
+ /**
197
+ * This hook only should run on the REST API requests to determine
198
+ * if the user in the Token (if any) is valid, for any other
199
+ * normal call ex. wp-admin/.* return the user.
200
+ *
201
+ * @since 1.2.3
202
+ **/
203
+ $rest_api_slug = rest_get_url_prefix();
204
+ $requested_url = sanitize_url( $_SERVER['REQUEST_URI'] );
205
+ // if we already have a valid user, or we have an invalid url, don't attempt to validate token
206
+ if ( ! defined( 'REST_REQUEST' ) || ! REST_REQUEST || strpos( $requested_url, $rest_api_slug ) === false || $user ) {
207
+ return $user;
208
+ }
209
+
210
+ /*
211
+ * if the request URI is for validate the token don't do anything,
212
+ * this avoids double calls.
213
+ */
214
+ $validate_uri = strpos( $requested_url, 'token/validate' );
215
+ if ( $validate_uri > 0 ) {
216
+ return $user;
217
+ }
218
+
219
+ /**
220
+ * We still need to get the Authorization header and check for the token.
221
+ */
222
+ $auth_header = $_SERVER['HTTP_AUTHORIZATION'] ? sanitize_text_field( $_SERVER['HTTP_AUTHORIZATION'] ) : false;
223
+ /* Double check for different auth header string (server dependent) */
224
+ if ( ! $auth_header ) {
225
+ $auth_header = $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] ? sanitize_text_field( $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] ) : false;
226
+ }
227
+
228
+ if ( ! $auth_header ) {
229
+ return $user;
230
+ }
231
+
232
+ /*
233
+ * Check the token from the headers.
234
+ */
235
+ $token = $this->validate_token( new WP_REST_Request(), $auth_header );
236
+
237
+ if ( is_wp_error( $token ) ) {
238
+ if ( $token->get_error_code() != 'jwt_auth_no_auth_header' ) {
239
+ /** If there is an error, store it to show it after see rest_pre_dispatch */
240
+ $this->jwt_error = $token;
241
+ }
242
+
243
+ return $user;
244
+ }
245
+
246
+ /** Everything is ok, return the user ID stored in the token*/
247
+ return $token->data->user->id;
248
+ }
249
+
250
+ /**
251
+ * Main validation function
252
+ *
253
+ * This function is used by the /token/validate endpoint and
254
+ * by our middleware.
255
  *
256
+ * The function take the token and try to decode it and validated it.
257
+ *
258
+ * @param WP_REST_Request $request
259
+ * @param bool|string $custom_token
260
+ *
261
+ * @return WP_Error | Object | Array
262
  */
263
+ public function validate_token( WP_REST_Request $request, $custom_token = false ) {
264
+ /*
265
+ * Looking for the Authorization header
266
+ *
267
+ * There is two ways to get the authorization token
268
+ * 1. via WP_REST_Request
269
+ * 2. via custom_token, we get this for all the other API requests
270
+ *
271
+ * The get_header( 'Authorization' ) checks for the header in the following order:
272
+ * 1. HTTP_AUTHORIZATION
273
+ * 2. REDIRECT_HTTP_AUTHORIZATION
274
+ *
275
+ * @see https://core.trac.wordpress.org/ticket/47077
276
+ */
277
+
278
+ $auth_header = $custom_token ?: $request->get_header( 'Authorization' );
279
+
280
+ if ( ! $auth_header ) {
281
+ return new WP_Error(
282
+ 'jwt_auth_no_auth_header',
283
+ 'Authorization header not found.',
284
+ [
285
+ 'status' => 403,
286
+ ]
287
+ );
288
+ }
289
+
290
+ /*
291
+ * Extract the authorization header
292
+ */
293
+ [ $token ] = sscanf( $auth_header, 'Bearer %s' );
294
+
295
+ /**
296
+ * if the format is not valid return an error.
297
+ */
298
+ if ( ! $token ) {
299
+ return new WP_Error(
300
+ 'jwt_auth_bad_auth_header',
301
+ 'Authorization header malformed.',
302
+ [
303
+ 'status' => 403,
304
+ ]
305
+ );
306
+ }
307
+
308
+ /** Get the Secret Key */
309
+ $secret_key = defined( 'JWT_AUTH_SECRET_KEY' ) ? JWT_AUTH_SECRET_KEY : false;
310
+ if ( ! $secret_key ) {
311
+ return new WP_Error(
312
+ 'jwt_auth_bad_config',
313
+ 'JWT is not configured properly, please contact the admin',
314
+ [
315
+ 'status' => 403,
316
+ ]
317
+ );
318
+ }
319
+
320
+ /** Try to decode the token */
321
+ try {
322
+ $algorithm = $this->get_algorithm();
323
+ if ( $algorithm === false ) {
324
+ return new WP_Error(
325
+ 'jwt_auth_unsupported_algorithm',
326
+ __( 'Algorithm not supported, see https://www.rfc-editor.org/rfc/rfc7518#section-3', 'wp-api-jwt-auth' ),
327
+ [
328
+ 'status' => 403,
329
+ ]
330
+ );
331
+ }
332
+
333
+ $token = JWT::decode( $token, new Key( $secret_key, $algorithm ) );
334
+
335
+ /** The Token is decoded now validate the iss */
336
+ if ( $token->iss !== get_bloginfo( 'url' ) ) {
337
+ /** The iss do not match, return error */
338
+ return new WP_Error(
339
+ 'jwt_auth_bad_iss',
340
+ 'The iss do not match with this server',
341
+ [
342
+ 'status' => 403,
343
+ ]
344
+ );
345
+ }
346
+
347
+ /** So far so good, validate the user id in the token */
348
+ if ( ! isset( $token->data->user->id ) ) {
349
+ /** No user id in the token, abort!! */
350
+ return new WP_Error(
351
+ 'jwt_auth_bad_request',
352
+ 'User ID not found in the token',
353
+ [
354
+ 'status' => 403,
355
+ ]
356
+ );
357
+ }
358
+
359
+ /** Everything looks good return the decoded token if we are using the custom_token */
360
+ if ( $custom_token ) {
361
+ return $token;
362
+ }
363
+
364
+ /** This is for the /toke/validate endpoint*/
365
+ return [
366
+ 'code' => 'jwt_auth_valid_token',
367
+ 'data' => [
368
+ 'status' => 200,
369
+ ],
370
+ ];
371
+ } catch ( Exception $e ) {
372
+ /** Something were wrong trying to decode the token, send back the error */
373
+ return new WP_Error(
374
+ 'jwt_auth_invalid_token',
375
+ $e->getMessage(),
376
+ [
377
+ 'status' => 403,
378
+ ]
379
+ );
380
+ }
381
+ }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
382
 
383
  /**
384
  * Filter to hook the rest_pre_dispatch, if the is an error in the request
388
  *
389
  * @return mixed|WP_Error|null
390
  */
391
+ public function rest_pre_dispatch( $request ) {
392
+ if ( is_wp_error( $this->jwt_error ) ) {
393
+ return $this->jwt_error;
394
+ }
395
+
396
+ return $request;
397
+ }
398
+
399
+ /**
400
+ * Get the algorithm used to sign the token via the filter jwt_auth_algorithm.
401
+ * and validate that the algorithm is in the supported list.
402
+ *
403
+ * @return false|mixed|null
404
+ */
405
+ private function get_algorithm() {
406
+ $algorithm = apply_filters( 'jwt_auth_algorithm', 'HS256' );
407
+ if ( ! in_array( $algorithm, $this->supported_algorithms ) ) {
408
+ return false;
409
+ }
410
+
411
+ return $algorithm;
412
+ }
413
  }
readme.txt CHANGED
@@ -5,8 +5,8 @@ Donate link: https://www.paypal.me/wpchavez
5
  Tags: wp-json, jwt, json web authentication, wp-api
6
  Requires at least: 4.2
7
  Tested up to: 6.0.2
8
- Requires PHP: 5.3.0
9
- Stable tag: 1.3.0
10
  License: GPLv2 or later
11
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
12
 
@@ -342,6 +342,9 @@ $token = JWT::decode(
342
  );
343
  `
344
 
 
 
 
345
  ==Installation==
346
 
347
  = Using The WordPress Dashboard =
@@ -362,6 +365,14 @@ $token = JWT::decode(
362
  ###Please read how to configured the plugin https://wordpress.org/plugins/jwt-authentication-for-wp-rest-api/
363
 
364
  == Changelog ==
 
 
 
 
 
 
 
 
365
  = 1.3.0 =
366
  * Update firebase/php-jwt to 6.3
367
  * Fix warning, register_rest_route was called incorrectly
5
  Tags: wp-json, jwt, json web authentication, wp-api
6
  Requires at least: 4.2
7
  Tested up to: 6.0.2
8
+ Requires PHP: 7.4.0
9
+ Stable tag: 1.3.1
10
  License: GPLv2 or later
11
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
12
 
342
  );
343
  `
344
 
345
+ ## Testing
346
+ I've created a small app to test the basic functionality of the plugin; you can get the app and read all the details on the [JWT-Client Repo](https://github.com/Tmeister/jwt-client)
347
+
348
  ==Installation==
349
 
350
  = Using The WordPress Dashboard =
365
  ###Please read how to configured the plugin https://wordpress.org/plugins/jwt-authentication-for-wp-rest-api/
366
 
367
  == Changelog ==
368
+ = 1.3.1 =
369
+ * Updating the minimum version of PHP to 7.4
370
+ * Validate the signing algorithm against the supported algorithms @see https://www.rfc-editor.org/rfc/rfc7518#section-3
371
+ * Sanitize the REQUEST_URI and HTTP_AUTHORIZATION values before to use them
372
+ * Use get_header() instead of $_SERVER to get the Authorization header when possible
373
+ * Added typed properties to the JWT_Auth class where possible
374
+ * Along with this release, I release a new simple JWT Client App for testing purposes @see https://github.com/Tmeister/jwt-client
375
+
376
  = 1.3.0 =
377
  * Update firebase/php-jwt to 6.3
378
  * Fix warning, register_rest_route was called incorrectly
tests/GeneralTest.php DELETED
@@ -1,155 +0,0 @@
1
- <?php
2
-
3
- class GeneralTest extends PHPUnit_Framework_TestCase
4
- {
5
- protected $baseUrl = 'http://jwt.dev/';
6
- protected $client;
7
-
8
- protected function setUp()
9
- {
10
- $this->client = new GuzzleHttp\Client([
11
- 'base_uri' => $this->baseUrl
12
- ]);
13
- }
14
-
15
- /**
16
- * Load the site and look for a Status Code Equal to 200
17
- */
18
- public function test_is_site_up()
19
- {
20
- $response = $this->client->get('/');
21
- $this->assertEquals(200, $response->getStatusCode());
22
- }
23
-
24
- /**
25
- * Look for the wp-json endpoint and look for basic data.
26
- */
27
- public function test_is_wp_api_installed()
28
- {
29
- $response = $this->client->get('wp-json/');
30
- $this->assertEquals(200, $response->getStatusCode());
31
- $data = json_decode($response->getBody(), true);
32
- $this->assertArrayHasKey('namespaces', $data);
33
- $this->assertArrayHasKey('authentication', $data);
34
- $this->assertArrayHasKey('routes', $data);
35
- }
36
-
37
- /**
38
- * Check for the jwt-auth/v1 endpoint and
39
- */
40
- public function test_is_jwt_installed()
41
- {
42
- $response = $this->client->get('wp-json/jwt-auth/v1/');
43
- $this->assertEquals(200, $response->getStatusCode());
44
- $data = json_decode($response->getBody(), true);
45
- $this->assertEquals('jwt-auth/v1', $data['namespace']);
46
- }
47
-
48
- /**
49
- * Get the user token
50
- */
51
- public function test_get_jwt_token()
52
- {
53
- $response = $this->client->post('wp-json/jwt-auth/v1/token', [
54
- 'json' => [
55
- 'username' => 'admin',
56
- 'password' => 'poipoipoi'
57
- ]
58
- ]);
59
- $this->assertEquals(200, $response->getStatusCode());
60
- $data = json_decode($response->getBody(), true);
61
- $this->assertArrayHasKey('token', $data);
62
- $this->assertArrayHasKey('token', $data);
63
- $this->assertArrayHasKey('user_email', $data);
64
- $this->assertNotEmpty($data['token']);
65
- $this->assertNotEmpty($data['user_email']);
66
- }
67
-
68
- /**
69
- * Get the Token and then validate...
70
- */
71
- public function test_validate_jwt_token()
72
- {
73
- $token = '';
74
- #first get a valid token.
75
- $response = $this->client->post('wp-json/jwt-auth/v1/token', [
76
- 'json' => [
77
- 'username' => 'admin',
78
- 'password' => 'poipoipoi'
79
- ]
80
- ]);
81
- $this->assertEquals(200, $response->getStatusCode());
82
- $data = json_decode($response->getBody(), true);
83
- $token = $data['token'];
84
-
85
- #With the token now validate it.
86
- $response = $this->client->post('wp-json/jwt-auth/v1/token/validate', [
87
- 'headers' => [
88
- 'Authorization' => 'Bearer ' . $token
89
- ]
90
- ]);
91
- $this->assertEquals(200, $response->getStatusCode());
92
- $data = json_decode($response->getBody(), true);
93
- $this->assertArrayHasKey('code', $data);
94
- $this->assertArrayHasKey('data', $data);
95
- $this->assertEquals(200, $data['data']['status']);
96
-
97
- #Finally get the me | Reading
98
- $response = $this->client->get('wp-json/wp/v2/users/me', [
99
- 'headers' => [
100
- 'Authorization' => 'Bearer ' . $token
101
- ]
102
- ]);
103
-
104
- $this->assertEquals(200, $response->getStatusCode());
105
- $data = json_decode($response->getBody(), true);
106
- $this->assertArrayHasKey('id', $data);
107
- $this->assertArrayHasKey('name', $data);
108
- }
109
-
110
- /**
111
- * Try to Write a Post | Write Permissions
112
- */
113
- public function test_jwt_write_access()
114
- {
115
- #first get a valid token.
116
- $response = $this->client->post('wp-json/jwt-auth/v1/token', [
117
- 'json' => [
118
- 'username' => 'admin',
119
- 'password' => 'poipoipoi'
120
- ]
121
- ]);
122
- $this->assertEquals(200, $response->getStatusCode());
123
- $data = json_decode($response->getBody(), true);
124
- $token = $data['token'];
125
-
126
- #Create the post | Writing
127
- $response = $this->client->post('wp-json/wp/v2/posts', [
128
- 'headers' => [
129
- 'Authorization' => 'Bearer ' . $token
130
- ],
131
- 'json' => [
132
- 'title' => 'Created from Tests'
133
- ]
134
- ]);
135
-
136
- $this->assertEquals(201, $response->getStatusCode());
137
- $data = json_decode($response->getBody(), true);
138
- #201 is created and now look and get the new post ID
139
- $this->assertArrayHasKey('id', $data);
140
- $post_id = $data['id'];
141
-
142
- #Delete the test post
143
- #Finally get the me | Reading
144
- $response = $this->client->delete('wp-json/wp/v2/posts/' . $post_id, [
145
- 'headers' => [
146
- 'Authorization' => 'Bearer ' . $token
147
- ]
148
- ]);
149
- $this->assertEquals(200, $response->getStatusCode());
150
- $data = json_decode($response->getBody(), true);
151
- $this->assertArrayHasKey('id', $data);
152
- //The post ID must to be the same as the created one.
153
- $this->assertEquals($post_id, $data['id']);
154
- }
155
- }