diff --git a/src/Modules/Login.php b/src/Modules/Login.php
index f62e5c4c..7f2ff1e0 100644
--- a/src/Modules/Login.php
+++ b/src/Modules/Login.php
@@ -118,13 +118,13 @@ public function authenticate( $user = null ) {
return $user;
}
- $code = Helper::filter_input( INPUT_GET, 'code', FILTER_SANITIZE_STRING );
+ $code = Helper::filter_input( INPUT_GET, 'code' );
if ( ! $code ) {
return $user;
}
- $state = Helper::filter_input( INPUT_GET, 'state', FILTER_SANITIZE_STRING );
+ $state = Helper::filter_input( INPUT_GET, 'state' );
$decoded_state = $state ? (array) ( json_decode( base64_decode( $state ) ) ) : null;
if ( ! is_array( $decoded_state ) || empty( $decoded_state['provider'] ) || 'google' !== $decoded_state['provider'] ) {
@@ -188,7 +188,7 @@ public function redirect_url( string $url ): string {
* @return array
*/
public function state_redirect( array $state ): array {
- $redirect_to = Helper::filter_input( INPUT_GET, 'redirect_to', FILTER_SANITIZE_STRING );
+ $redirect_to = Helper::filter_input( INPUT_GET, 'redirect_to' );
/**
* Filter the default redirect URL in case redirect_to param is not available.
* Default to admin URL.
@@ -206,7 +206,7 @@ public function state_redirect( array $state ): array {
* @return void
*/
public function login_redirect(): void {
- $state = Helper::filter_input( INPUT_GET, 'state', FILTER_SANITIZE_STRING );
+ $state = Helper::filter_input( INPUT_GET, 'state' );
if ( ! $state || ! $this->authenticated ) {
return;
diff --git a/src/Modules/OneTapLogin.php b/src/Modules/OneTapLogin.php
index a17fe428..222de5c3 100644
--- a/src/Modules/OneTapLogin.php
+++ b/src/Modules/OneTapLogin.php
@@ -94,11 +94,11 @@ public function init(): void {
'init',
function () {
if ( ! is_user_logged_in() ) {
- $hook_prefix = ( 'sitewide' === $this->settings->one_tap_login_screen ) ? 'wp' : 'login';
+ $hook_prefix = ( 'sitewide' === $this->settings->one_tap_login_screen ) ? 'wp' : 'login';
add_action( $hook_prefix . '_enqueue_scripts', [ $this, 'one_tap_scripts' ] );
add_action( $hook_prefix . '_footer', [ $this, 'one_tap_prompt' ], 10000 );
}
- }
+ }
);
}
}
@@ -109,11 +109,7 @@ function () {
* @return void
*/
public function one_tap_prompt(): void { ?>
-
+
* @return void
*/
public function one_tap_scripts(): void {
- $filename = ( defined( 'WP_SCRIPT_DEBUG' ) && true === WP_SCRIPT_DEBUG ) ? 'onetap.min.js' : 'onetap.js';
+ $filename = ( defined( 'WP_SCRIPT_DEBUG' ) && true === WP_SCRIPT_DEBUG ) ? 'onetap.min.js' : 'onetap.js';
wp_enqueue_script(
'login-with-google-one-tap',
@@ -136,15 +132,15 @@ public function one_tap_scripts(): void {
$data = [
'ajaxurl' => admin_url( 'admin-ajax.php' ),
'state' => $this->google_client->state(),
- 'homeurl' => get_option( 'home', '' ),
+ 'homeurl' => get_option( 'home', '' ),
];
wp_register_script(
'login-with-google-one-tap-js',
trailingslashit( plugin()->url ) . 'assets/build/js/' . $filename,
[
- 'wp-i18n',
- ],
+ 'wp-i18n',
+ ],
filemtime( trailingslashit( plugin()->path ) . 'assets/build/js/onetap.js' ),
true
);
@@ -166,7 +162,7 @@ public function one_tap_scripts(): void {
*/
public function validate_token(): void {
try {
- $token = Helper::filter_input( INPUT_POST, 'token', FILTER_SANITIZE_STRING );
+ $token = Helper::filter_input( INPUT_POST, 'token', '' );
$verified = $this->token_verifier->verify_token( $token );
if ( ! $verified ) {
@@ -183,7 +179,7 @@ public function validate_token(): void {
do_action( 'rtcamp.id_token_verified' );
$redirect_to = apply_filters( 'rtcamp.google_default_redirect', admin_url() );
- $state = Helper::filter_input( INPUT_POST, 'state', FILTER_SANITIZE_STRING );
+ $state = Helper::filter_input( INPUT_POST, 'state' );
$decoded_state = $state ? (array) ( json_decode( base64_decode( $state ) ) ) : null;
if ( is_array( $decoded_state ) && ! empty( $decoded_state['provider'] ) && 'google' === $decoded_state['provider'] ) {
diff --git a/src/Utils/Helper.php b/src/Utils/Helper.php
index 3961660b..4dbfd45f 100644
--- a/src/Utils/Helper.php
+++ b/src/Utils/Helper.php
@@ -87,7 +87,7 @@ public static function filter_input( $type, $variable_name, $filter = FILTER_DEF
* Use the PHP method and bail out.
*/
switch ( $filter ) {
- case FILTER_SANITIZE_STRING:
+ case FILTER_DEFAULT:
$sanitized_variable = filter_input( $type, $variable_name, $filter );
break;
default:
diff --git a/tests/php/Unit/Modules/LoginTest.php b/tests/php/Unit/Modules/LoginTest.php
index 86c7abda..ea706f20 100644
--- a/tests/php/Unit/Modules/LoginTest.php
+++ b/tests/php/Unit/Modules/LoginTest.php
@@ -145,8 +145,7 @@ public function testAuthenticationForNoCode() {
$helperMock->expects( 'filter_input' )->once()->withArgs(
[
INPUT_GET,
- 'code',
- FILTER_SANITIZE_STRING
+ 'code'
]
)->andReturn( null );
@@ -167,8 +166,7 @@ public function testAuthenticationForAlreadyAuthenticatedUser() {
$helperMock->expects( 'filter_input' )->never()->withArgs(
[
INPUT_GET,
- 'code',
- FILTER_SANITIZE_STRING
+ 'code'
]
)->andReturn( null );
@@ -193,16 +191,14 @@ public function testAuthenticationForDifferentProvider() {
$helperMock->expects( 'filter_input' )->once()->withArgs(
[
INPUT_GET,
- 'code',
- FILTER_SANITIZE_STRING
+ 'code'
]
)->andReturn( 'test_code' );
$helperMock->expects( 'filter_input' )->once()->withArgs(
[
INPUT_GET,
- 'state',
- FILTER_SANITIZE_STRING
+ 'state'
]
)->andReturn( $state );
@@ -223,16 +219,14 @@ public function testAuthenticationWithForgedState() {
$helperMock->expects( 'filter_input' )->once()->withArgs(
[
INPUT_GET,
- 'code',
- FILTER_SANITIZE_STRING
+ 'code'
]
)->andReturn( 'abc' );
$helperMock->expects( 'filter_input' )->once()->withArgs(
[
INPUT_GET,
- 'state',
- FILTER_SANITIZE_STRING
+ 'state'
]
)->andReturn( 'eyJwcm92aWRlciI6ImdpdGh1YiJ9' );
@@ -250,16 +244,14 @@ public function testAuthenticationWhenUserExists() {
$helperMock->expects( 'filter_input' )->once()->withArgs(
[
INPUT_GET,
- 'code',
- FILTER_SANITIZE_STRING
+ 'code'
]
)->andReturn( 'abc' );
$helperMock->expects( 'filter_input' )->once()->withArgs(
[
INPUT_GET,
- 'state',
- FILTER_SANITIZE_STRING
+ 'state'
]
)->andReturn( 'eyJwcm92aWRlciI6Imdvb2dsZSIsIm5vbmNlIjoidGVzdG5vbmNlIn0=' );
@@ -309,16 +301,14 @@ public function testAuthenticationCapturesExceptions() {
$helperMock->expects( 'filter_input' )->once()->withArgs(
[
INPUT_GET,
- 'code',
- FILTER_SANITIZE_STRING
+ 'code'
]
)->andReturn( 'abc' );
$helperMock->expects( 'filter_input' )->once()->withArgs(
[
INPUT_GET,
- 'state',
- FILTER_SANITIZE_STRING
+ 'state'
]
)->andReturn( 'eyJwcm92aWRlciI6Imdvb2dsZSIsIm5vbmNlIjoidGVzdG5vbmNlIn0=' );
@@ -411,8 +401,7 @@ public function testStateRedirectWithRedirectTo() {
$helperMock->expects( 'filter_input' )->once()->withArgs(
[
INPUT_GET,
- 'redirect_to',
- FILTER_SANITIZE_STRING
+ 'redirect_to'
]
)->andReturn( 'https://example.com/state-page' );
@@ -430,8 +419,7 @@ public function testStateRedirectWithoutRedirectTo() {
$helperMock->expects( 'filter_input' )->once()->withArgs(
[
INPUT_GET,
- 'redirect_to',
- FILTER_SANITIZE_STRING
+ 'redirect_to'
]
)->andReturn( null );
@@ -456,8 +444,7 @@ public function testLoginRedirectWithNotStateAuthenticated() {
$helperMock->expects( 'filter_input' )->once()->withArgs(
[
INPUT_GET,
- 'state',
- FILTER_SANITIZE_STRING
+ 'state'
]
)->andReturn( [] );
diff --git a/vendor/autoload.php b/vendor/autoload.php
index 2a197b7d..1ef78b5c 100644
--- a/vendor/autoload.php
+++ b/vendor/autoload.php
@@ -4,4 +4,4 @@
require_once __DIR__ . '/composer/autoload_real.php';
-return ComposerAutoloaderIniteae54bb1498c1e8cc3f4af6a43a932c6::getLoader();
+return ComposerAutoloaderInit9b5081d0b15124853b486828fe90b985::getLoader();
diff --git a/vendor/composer/LICENSE b/vendor/composer/LICENSE
index 62ecfd8d..f27399a0 100644
--- a/vendor/composer/LICENSE
+++ b/vendor/composer/LICENSE
@@ -1,3 +1,4 @@
+
Copyright (c) Nils Adermann, Jordi Boggiano
Permission is hereby granted, free of charge, to any person obtaining a copy
@@ -17,3 +18,4 @@ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
+
diff --git a/vendor/composer/autoload_real.php b/vendor/composer/autoload_real.php
index 721aff6d..485770b4 100644
--- a/vendor/composer/autoload_real.php
+++ b/vendor/composer/autoload_real.php
@@ -2,7 +2,7 @@
// autoload_real.php @generated by Composer
-class ComposerAutoloaderIniteae54bb1498c1e8cc3f4af6a43a932c6
+class ComposerAutoloaderInit9b5081d0b15124853b486828fe90b985
{
private static $loader;
@@ -22,15 +22,15 @@ public static function getLoader()
return self::$loader;
}
- spl_autoload_register(array('ComposerAutoloaderIniteae54bb1498c1e8cc3f4af6a43a932c6', 'loadClassLoader'), true, true);
+ spl_autoload_register(array('ComposerAutoloaderInit9b5081d0b15124853b486828fe90b985', 'loadClassLoader'), true, true);
self::$loader = $loader = new \Composer\Autoload\ClassLoader();
- spl_autoload_unregister(array('ComposerAutoloaderIniteae54bb1498c1e8cc3f4af6a43a932c6', 'loadClassLoader'));
+ spl_autoload_unregister(array('ComposerAutoloaderInit9b5081d0b15124853b486828fe90b985', 'loadClassLoader'));
$useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded());
if ($useStaticLoader) {
require_once __DIR__ . '/autoload_static.php';
- call_user_func(\Composer\Autoload\ComposerStaticIniteae54bb1498c1e8cc3f4af6a43a932c6::getInitializer($loader));
+ call_user_func(\Composer\Autoload\ComposerStaticInit9b5081d0b15124853b486828fe90b985::getInitializer($loader));
} else {
$map = require __DIR__ . '/autoload_namespaces.php';
foreach ($map as $namespace => $path) {
diff --git a/vendor/composer/autoload_static.php b/vendor/composer/autoload_static.php
index a36f2b1e..e6426bd8 100644
--- a/vendor/composer/autoload_static.php
+++ b/vendor/composer/autoload_static.php
@@ -4,7 +4,7 @@
namespace Composer\Autoload;
-class ComposerStaticIniteae54bb1498c1e8cc3f4af6a43a932c6
+class ComposerStaticInit9b5081d0b15124853b486828fe90b985
{
public static $prefixLengthsPsr4 = array (
'R' =>
@@ -41,9 +41,9 @@ class ComposerStaticIniteae54bb1498c1e8cc3f4af6a43a932c6
public static function getInitializer(ClassLoader $loader)
{
return \Closure::bind(function () use ($loader) {
- $loader->prefixLengthsPsr4 = ComposerStaticIniteae54bb1498c1e8cc3f4af6a43a932c6::$prefixLengthsPsr4;
- $loader->prefixDirsPsr4 = ComposerStaticIniteae54bb1498c1e8cc3f4af6a43a932c6::$prefixDirsPsr4;
- $loader->prefixesPsr0 = ComposerStaticIniteae54bb1498c1e8cc3f4af6a43a932c6::$prefixesPsr0;
+ $loader->prefixLengthsPsr4 = ComposerStaticInit9b5081d0b15124853b486828fe90b985::$prefixLengthsPsr4;
+ $loader->prefixDirsPsr4 = ComposerStaticInit9b5081d0b15124853b486828fe90b985::$prefixDirsPsr4;
+ $loader->prefixesPsr0 = ComposerStaticInit9b5081d0b15124853b486828fe90b985::$prefixesPsr0;
}, null, ClassLoader::class);
}