Discourse/wp-discourse
2
0
Fork 0
mirror of https://github.com/discourse/wp-discourse.git synced 2025-10-03 08:59:21 +08:00
Code Packages Activity Actions

Only parse query_string if it exists (#522)

Browse source
This commit is contained in:
Angus McLeod 2024-06-21 17:42:36 +02:00 committed by GitHub
parent deacab2662
commit 6b2ba54c8e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 18 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

32
lib/sso-provider/discourse-sso.php
View file

@ -51,16 +51,20 @@ class DiscourseSSO extends DiscourseBase {
$bypass_sync = apply_filters( 'wpdc_bypass_sync_sso', false, $user->ID, $user );

if ( ! $bypass_sync ) {
// Make sure the login hasn't been initiated by clicking on a SSO login link.
$query_string = wp_parse_url( wp_get_referer(), PHP_URL_QUERY );
$query_params = array();
parse_str( $query_string, $query_params );
$sso_referer = ! empty( $query_params['redirect_to'] ) && preg_match( '/^\/\?sso/', $query_params['redirect_to'] );
if ( ! $sso_referer ) {
$params = $this->get_sso_params( $user );
// Make sure the login hasn't been initiated by clicking on a SSO login link.
$query_string = wp_parse_url( wp_get_referer(), PHP_URL_QUERY );
$query_params = array();
$sso_referer = null;

$this->sync_sso( $params, $user->ID );
}
if ( ! empty( $query_string ) ) {
parse_str( $query_string, $query_params );
$sso_referer = ! empty( $query_params['redirect_to'] ) && preg_match( '/^\/\?sso/', $query_params['redirect_to'] );
}

if ( ! $sso_referer ) {
$params = $this->get_sso_params( $user );
$this->sync_sso( $params, $user->ID );
}
}

return null;
@ -257,11 +261,11 @@ class DiscourseSSO extends DiscourseBase {
return new \WP_Error( $type, isset( $args['message'] ) ? $args['message'] : 'SSO error' );
}

/**
* Handle redirects
*
* @param string $url Url to redirect to.
*/
/**
* Handle redirects
*
* @param string $url Url to redirect to.
*/
public function redirect_to( $url ) {
wp_safe_redirect( esc_url_raw( $url ) );
exit;