Revert Login with GitHub state fix.

rtCamp · May 26, 2021 · 13f8c1a · 13f8c1a
1 parent ca64851
commit 13f8c1a
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 53 deletions.
diff --git a/inc/classes/class-google-auth.php b/inc/classes/class-google-auth.php
@@ -79,53 +79,37 @@ protected function _get_client() {
  return;
  }
 
+ /**
+ * See vendor/google/apiclient/src/Google/Client.php::__construct() for filter arguments.
+ */
  $client = new \Google_Client(
- /**
- * See vendor/google/apiclient/src/Google/Client.php::__construct() for arguments.
- */
  apply_filters( 'login_with_google/client_arguments', [] )
  );
  $client->setApplicationName( 'WP Google Login' );
 
  $client->setClientId( $client_id );
  $client->setClientSecret( $client_secret );
 
- $client->setState( $this->_get_state() );
-
- $login_url = $this->_get_login_url();
-
- $client->setRedirectUri( $login_url );
-
- return $client;
-
- }
-
- /**
- * Get the state to pass in OAuth.
- *
- * This state will be re-verified while authenticating the user.
- * Any modifications or tampering would result in no authentication.
- *
- * @return string
- */
- protected function _get_state(): string {
  $redirect_to = filter_input( INPUT_GET, 'redirect_to', FILTER_SANITIZE_URL );
  $redirect_to = ( ! empty( $redirect_to ) ) ? $redirect_to : admin_url();
 
  // If redirect_to url don't have host name then add that.
  $redirect_to = ( ! wp_parse_url( $redirect_to, PHP_URL_HOST ) ) ? home_url( $redirect_to ) : $redirect_to;
 
- $state = apply_filters(
- 'login_with_google/client_state',
- [
- 'redirect_to' => $redirect_to,
- 'blog_id' => get_current_blog_id(),
- ]
- );
+ $state = [
+ 'redirect_to' => $redirect_to,
+ 'blog_id' => get_current_blog_id(),
+ ];
+ $state = urlencode_deep( implode( '|', $state ) );
 
- $state['provider'] = 'google';
+ $client->setState( $state );
+
+ $login_url = $this->_get_login_url();
+
+ $client->setRedirectUri( $login_url );
+
+ return $client;
 
- return urlencode_deep( implode( '|', $state ) );
  }
 
  /**
@@ -371,29 +355,17 @@ public function authenticate_user( $user = null ) {
  $is_mu_site = is_multisite();
 
  $token = Helper::filter_input( INPUT_GET, 'code', FILTER_SANITIZE_STRING );
+ $state = Helper::filter_input( INPUT_GET, 'state', FILTER_SANITIZE_STRING );
+ $state = urldecode( $state );
+ $state = explode( '|', $state );
 
- if ( empty( $token ) ) {
- return $user;
- }
-
- $state = Helper::filter_input( INPUT_GET, 'state', FILTER_SANITIZE_STRING );
- $received_state = $state;
- $state = urldecode( $state );
- $state = explode( '|', $state );
+ $redirect_to = ( ! empty( $state[0] ) ) ? esc_url_raw( $state[0] ) : '';
+ $blog_id = ( ! empty( $state[1] ) && 0 < intval( $state[1] ) ) ? intval( $state[1] ) : 0;
 
- /**
- * 1. Ensure that provider is google. This is to avoid conflict between this and any other plugins
- * providing OAuth.
- *
- * 2. Ensure that returned state is similar to passed one.
- */
- if ( empty( $state['provider'] ) || 'google' !== $state['provider'] || $this->_get_state() !== $received_state ) {
+ if ( empty( $token ) ) {
  return $user;
  }
 
- $redirect_to = ( ! empty( $state[0] ) ) ? esc_url_raw( $state[0] ) : '';
- $blog_id = ( ! empty( $state[1] ) && 0 < intval( $state[1] ) ) ? intval( $state[1] ) : 0;
-
  // Set redirect URL. so we can redirect after login.
  $this->_redirect_to = $redirect_to;
 

diff --git a/login-with-google.php b/login-with-google.php
@@ -3,7 +3,7 @@
  * Plugin Name: Log in with Google
  * Plugin URI: https://github.com/rtCamp/login-with-google
  * Description: Allow users to log in with Google on the WordPress login screen.
- * Version: 1.0.13
+ * Version: 1.0.14
  * Author: rtCamp
  * Author URI: https://rtcamp.com
  * License: GPL2
@@ -16,7 +16,7 @@
 define( 'WP_GOOGLE_LOGIN_PATH', untrailingslashit( plugin_dir_path( __FILE__ ) ) );
 define( 'WP_GOOGLE_LOGIN_URL', untrailingslashit( plugin_dir_url( __FILE__ ) ) );
 define( 'WP_GOOGLE_LOGIN_PLUGIN_NAME', plugin_basename( __FILE__ ) );
-define( 'WP_GOOGLE_LOGIN_VERSION', '1.0.13' );
+define( 'WP_GOOGLE_LOGIN_VERSION', '1.0.14' );
 
 $vendor_autoload = sprintf( '%s/vendor/autoload.php', WP_GOOGLE_LOGIN_PATH );
 

diff --git a/readme.txt b/readme.txt
@@ -5,7 +5,7 @@ Tags: Google login, sign in, sso, oauth, authentication, sign-in, single sign-on
 Requires at least: 5.0
 Tested up to: 5.7
 Requires PHP: 7.0
-Stable tag: 1.0.13
+Stable tag: 1.0.14
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
 
@@ -124,6 +124,9 @@ Once you're ready to send a pull request, please run through the following check
 
 == Changelog ==
 
+= 1.0.14 =
+* Revert Login with GitHub state fix.
+
 = 1.0.13 =
 * Fix login issue related to oAuth state.
 
@@ -134,7 +137,7 @@ Once you're ready to send a pull request, please run through the following check
 * Add 'login_with_google/client_arguments' filter for Google_Client arguments.
 
 = 1.0.10 =
-* Fix issue where JS/CSS were not loding.
+* Fix issue where JS/CSS were not loading.
 
 = 1.0.9 =
 * Initial release.