14395326604

Committed 01 Mar 2025 12:23AM UTC coverage: 83.59% (-0.03%) from 83.617%

Build # 14395326604

Build Type

push

github

Committed by

web-flow

Commit Message

chore: READMEs and CHANGELOG updated (#926)

Run Details

12424 of 14863 relevant lines covered (83.59%)

72.08 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

36.07

/includes/utils/class-protected-router.php

<?php
/**
 * Sets up the auth endpoint
 *
 * @package WPGraphQL\WooCommerce\Utils
 * @since   0.12.5
 */

namespace WPGraphQL\WooCommerce\Utils;

use WPGraphQL\WooCommerce\WooCommerce_Filters;

/**
 * Class Protected_Router
 */
class Protected_Router {
        /**
         * Stores the instance of the Protected_Router class
         *
         * @var null|\WPGraphQL\WooCommerce\Utils\Protected_Router
         */
        private static $instance = null;

        /**
         * The default route
         *
         * @var string
         */
        public static $default_route = 'transfer-session';

        /**
         * Sets the route to use as the endpoint
         *
         * @var string
         */
        public static $route = null;

        /**
         * Set the default status code to 200.
         *
         * @var int
         */
        public static $http_status_code = 200;

        /**
         * Protected_Router constructor
         */
        private function __construct() {
                self::$route = woographql_setting( 'authorizing_url_endpoint', apply_filters( 'woographql_authorizing_url_endpoint', self::$default_route ) );

                $this->init();
        }

        /**
         * Initialize the Protected_Router class
         *
         * @return void
         */
        private function init() {
                /**
                 * Create the rewrite rule for the route
                 */
                add_action( 'init', [ $this, 'add_rewrite_rule' ], 10 );

                /**
                 * Add the query var for the route
                 */
                add_filter( 'query_vars', [ $this, 'add_query_var' ], 1, 1 );

                /**
                 * Redirects the route to the graphql processor
                 */
                add_action( 'pre_get_posts', [ $this, 'resolve_request' ], 1 );
        }

        /**
         * Returns the Protected_Router singleton instance.
         *
         * @return \WPGraphQL\WooCommerce\Utils\Protected_Router
         */
        public static function instance() {
                if ( is_null( self::$instance ) ) {
                        self::$instance = new self();
                }

                // Return the Protected_Router Instance.
                return self::$instance;
        }

        /**
         * Initializes the Protected_Router singleton.
         *
         * @return void
         */
        public static function initialize() {
                self::instance();
        }

        /**
         * Throw error on object clone.
         * The whole idea of the singleton design pattern is that there is a single object
         * therefore, we don't want the object to be cloned.
         *
         * @return void
         */
        public function __clone() {
                // Cloning instances of the class is forbidden.
                _doing_it_wrong( __FUNCTION__, esc_html__( 'Protected_Router class should not be cloned.', 'wp-graphql-woocommerce' ), esc_html( WPGRAPHQL_WOOCOMMERCE_VERSION ) );
        }

        /**
         * Disable unserializing of the class.
         *
         * @return void
         */
        public function __wakeup() {
                // De-serializing instances of the class is forbidden.
                _doing_it_wrong( __FUNCTION__, esc_html__( 'De-serializing instances of the Protected_Router class is not allowed', 'wp-graphql-woocommerce' ), esc_html( WPGRAPHQL_WOOCOMMERCE_VERSION ) );
        }

        /**
         * Adds rewrite rule for the route endpoint
         *
         * @return void
         */
        public function add_rewrite_rule() {
                add_rewrite_rule(
                        self::$route . '/?$',
                        'index.php?' . self::$route . '=true',
                        'top'
                );
        }

        /**
         * Adds the query_var for the route
         *
         * @param array $query_vars The array of whitelisted query variables.
         *
         * @return array
         */
        public function add_query_var( $query_vars ) {
                $query_vars[] = self::$route;

                return $query_vars;
        }

        /**
         * Returns true when the current request is a request to download the plugin.
         *
         * @return boolean
         */
        public static function is_auth_request() {
                $is_auth_request = false;
                if ( isset( $_GET[ self::$route ] ) ) { // phpcs:ignore WordPress.Security.NonceVerification
                        $is_auth_request = true;
                } elseif ( isset( $_SERVER['HTTP_HOST'] ) && isset( $_SERVER['REQUEST_URI'] ) ) {
                        // Check the server to determine if the auth endpoint is being requested.
                        $host = wp_unslash( $_SERVER['HTTP_HOST'] ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
                        $uri  = wp_unslash( $_SERVER['REQUEST_URI'] ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

                        if ( ! is_string( $host ) ) {
                                return false;
                        }

                        if ( ! is_string( $uri ) ) {
                                return false;
                        }

                        $parsed_site_url    = wp_parse_url( site_url( self::$route ), PHP_URL_PATH );
                        $auth_url           = ! empty( $parsed_site_url ) ? wp_unslash( $parsed_site_url ) : self::$route;
                        $parsed_request_url = wp_parse_url( $uri, PHP_URL_PATH );
                        $request_url        = ! empty( $parsed_request_url ) ? wp_unslash( $parsed_request_url ) : '';

                        // Determine if the route is indeed a download request.
                        $is_auth_request = false !== strpos( $request_url, $auth_url );
                }//end if

                /**
                 * Filter whether the request is a download request. Default is false.
                 *
                 * @param boolean $is_download_request Whether the request is a request to download the plugin. Default false.
                 */
                return apply_filters( 'woographql_is_auth_request', $is_auth_request );
        }

        /**
         * This resolves the http request and ensures that WordPress can respond with the appropriate
         * response instead of responding with a template from the standard WordPress Template
         * Loading process
         *
         * @return void
         */
        public function resolve_request() {
                /**
                 * Remove the resolve_request function from the pre_get_posts action
                 * to prevent an infinite loop
                 */
                remove_action( 'pre_get_posts', [ $this, 'resolve_request' ], 1 );

                /**
                 * Access the $wp_query object
                 */
                global $wp_query;

                /**
                 * Ensure we're on the registered route for the transfer
                 */
                if ( ! $this->is_auth_request() ) {
                        return;
                }

                /**
                 * Set is_home to false
                 */
                $wp_query->is_home = false;

                /**
                 * Process the GraphQL query Request
                 */
                $this->process_auth_request();
        }

        /**
         * Returns the name of all the valid nonce names.
         *
         * @return array
         */
        public static function get_nonce_names() {
                $enabled_authorizing_url_fields = WooCommerce_Filters::enabled_authorizing_url_fields();
                if ( empty( $enabled_authorizing_url_fields ) ) {
                        return [];
                }
                $nonce_names = [];
                foreach ( array_keys( $enabled_authorizing_url_fields ) as $field ) {
                        $nonce_names[ $field ] = WooCommerce_Filters::get_authorizing_url_nonce_param_name( $field );
                }

                return array_filter( $nonce_names );
        }

        /**
         * Returns the nonce action prefix for the provided field.
         *
         * @param string $field  Field.
         * @return string|null
         */
        public function get_nonce_prefix( $field ) {
                switch ( $field ) {
                        case 'cart_url':
                                return 'load-cart_';
                        case 'checkout_url':
                                return 'load-checkout_';
                        case 'account_url':
                                return 'load-account_';
                        case 'add_payment_method_url':
                                return 'add-payment-method_';
                        default:
                                return apply_filters( 'woographql_auth_nonce_prefix', null, $field, $this );
                }
        }

        /**
         * Returns the target endpoint url for the provided field.
         *
         * @todo Add error logging here when WC Page needs to be created.
         *
         * @param string $field  Field.
         * @return string|null
         */
        public function get_target_endpoint( $field ) {
                switch ( $field ) {
                        case 'cart_url':
                                $cart_page_id  = wc_get_page_id( 'cart' );
                                $cart_page_url = get_permalink( $cart_page_id );
                                return $cart_page_url ? $cart_page_url : null;
                        case 'checkout_url':
                                return wc_get_endpoint_url( 'checkout' );
                        case 'account_url':
                                $account_page_id  = get_option( 'woocommerce_myaccount_page_id' );
                                $account_page_url = get_permalink( $account_page_id );
                                return $account_page_url ? $account_page_url : null;
                        case 'add_payment_method_url':
                                return wc_get_account_endpoint_url( 'add-payment-method' );
                        default:
                                return apply_filters( 'woographql_auth_target_endpoint', null, $field, $this );
                }
        }

        /**
         * Redirects to homepage.
         *
         * @return void
         */
        private function redirect_to_home() {
                status_header( 404 );
                wp_safe_redirect( home_url() );
                exit;
        }

        /**
         * Send stable version of plugin to download.
         *
         * @throws \Exception Session not found.
         *
         * @return void
         */
        private function process_auth_request() {
                // Bail early if session ID or nonce not found.
                $nonce_names = $this->get_nonce_names();
                if ( empty( $nonce_names ) ) {
                        $this->redirect_to_home();
                        return;
                }

                /**
                 * Nonce prefix
                 *
                 * @var string $nonce_prefix
                 */
                $nonce_prefix = null;

                /**
                 * Session ID
                 *
                 * @var string $session_id
                 */
                $session_id = null;

                /**
                 * Nonce
                 *
                 * @var string $nonce
                 */
                $nonce = null;

                /**
                 * Field
                 *
                 * @var string $field
                 */
                $field = null;
                foreach ( $nonce_names as $possible_field => $nonce_param ) {
                        if ( in_array( $nonce_param, array_keys( $_REQUEST ), true ) ) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended
                                $field        = $possible_field;
                                $nonce_prefix = $this->get_nonce_prefix( $field );
                                $session_id   = isset( $_REQUEST['session_id'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['session_id'] ) ) : null; // phpcs:ignore WordPress.Security.NonceVerification.Recommended
                                $nonce        = isset( $_REQUEST[ $nonce_param ] ) ? sanitize_text_field( wp_unslash( $_REQUEST[ $nonce_param ] ) ) : null; // phpcs:ignore WordPress.Security.NonceVerification.Recommended
                                break;
                        }
                }

                if ( empty( $field ) || empty( $nonce_prefix ) || empty( $session_id ) || empty( $nonce ) ) {
                        $this->redirect_to_home();
                        return;
                }

                // Bail early if session user already authenticated.
                if ( 0 !== get_current_user_id() && get_current_user_id() === absint( $session_id ) ) {
                        $redirect_url = $this->get_target_endpoint( (string) $field );
                        if ( empty( $redirect_url ) ) {
                                $this->redirect_to_home();
                                return;
                        }
                        wp_safe_redirect( $redirect_url );
                        exit;
                }

                // Unauthenticate if current user not session user.
                if ( 0 !== get_current_user_id() ) {
                        wp_clear_auth_cookie();
                        wp_set_current_user( 0 );
                }

                // Verify nonce.
                if ( null !== $nonce && ! woographql_verify_nonce( $nonce, $nonce_prefix . $session_id ) ) {
                        $this->redirect_to_home();
                }

                do_action( 'woographql_process_auth_request_nonce_verified' );

                // If Session ID is a user ID authenticate as session user.
                if ( 0 !== absint( $session_id ) ) {
                        $user_id = absint( $session_id );
                        wp_clear_auth_cookie();
                        wp_set_current_user( $user_id );
                        wp_set_auth_cookie( $user_id );
                }

                /**
                 * Session object
                 *
                 * @var \WPGraphQL\WooCommerce\Utils\Transfer_Session_Handler $session
                 */
                $session = \WC()->session;

                // Read session data connected to session ID.
                $session_data = $session->get_session( $session_id );

                // We were passed a session ID, yet no session was found. Let's log this and bail.
                if ( ! is_array( $session_data ) || empty( $session_data ) ) {
                        // TODO: Switch to WC Notices.
                        throw new \Exception( 'Could not locate WooCommerce session on checkout' );
                }

                // Reinitialize session and save session cookie before redirect.
                $session->init_session_cookie();

                // Set the session variable.
                foreach ( $session_data as $key => $value ) {
                        $session->set( $key, maybe_unserialize( $value ) );
                }
                $session->set_customer_session_cookie( true );

                // After session has been restored on redirect to destination.
                $redirect_url = $this->get_target_endpoint( (string) $field );
                if ( empty( $redirect_url ) ) {
                        $this->redirect_to_home();
                        return;
                }
                wp_safe_redirect( $redirect_url );
                exit;
        }
}

1	<?php
2	/**
3	* Sets up the auth endpoint
4	*
5	* @package WPGraphQL\WooCommerce\Utils
6	* @since 0.12.5
7	*/
8
9	namespace WPGraphQL\WooCommerce\Utils;
10
11	use WPGraphQL\WooCommerce\WooCommerce_Filters;
12
13	/**
14	* Class Protected_Router
15	*/
16	class Protected_Router {
17	/**
18	* Stores the instance of the Protected_Router class
19	*
20	* @var null\|\WPGraphQL\WooCommerce\Utils\Protected_Router
21	*/
22	private static $instance = null;
23
24	/**
25	* The default route
26	*
27	* @var string
28	*/
29	public static $default_route = 'transfer-session';
30
31	/**
32	* Sets the route to use as the endpoint
33	*
34	* @var string
35	*/
36	public static $route = null;
37
38	/**
39	* Set the default status code to 200.
40	*
41	* @var int
42	*/
43	public static $http_status_code = 200;
44
45	/**
46	* Protected_Router constructor
47	*/
48	private function __construct() {
49	self::$route = woographql_setting( 'authorizing_url_endpoint', apply_filters( 'woographql_authorizing_url_endpoint', self::$default_route ) );	×
50
51	$this->init();	×
52	}
53
54	/**
55	* Initialize the Protected_Router class
56	*
57	* @return void
58	*/
59	private function init() {
60	/**
61	* Create the rewrite rule for the route
62	*/
63	add_action( 'init', [ $this, 'add_rewrite_rule' ], 10 );	×
64
65	/**
66	* Add the query var for the route
67	*/
68	add_filter( 'query_vars', [ $this, 'add_query_var' ], 1, 1 );	×
69
70	/**
71	* Redirects the route to the graphql processor
72	*/
73	add_action( 'pre_get_posts', [ $this, 'resolve_request' ], 1 );	×
74	}
75
76	/**
77	* Returns the Protected_Router singleton instance.
78	*
79	* @return \WPGraphQL\WooCommerce\Utils\Protected_Router
80	*/
81	public static function instance() {
82	if ( is_null( self::$instance ) ) {	4✔
83	self::$instance = new self();	×
84	}
85
86	// Return the Protected_Router Instance.
87	return self::$instance;	4✔
88	}
89
90	/**
91	* Initializes the Protected_Router singleton.
92	*
93	* @return void
94	*/
95	public static function initialize() {
96	self::instance();	×
97	}
98
99	/**
100	* Throw error on object clone.
101	* The whole idea of the singleton design pattern is that there is a single object
102	* therefore, we don't want the object to be cloned.
103	*
104	* @return void
105	*/
106	public function __clone() {
107	// Cloning instances of the class is forbidden.
108	_doing_it_wrong( __FUNCTION__, esc_html__( 'Protected_Router class should not be cloned.', 'wp-graphql-woocommerce' ), esc_html( WPGRAPHQL_WOOCOMMERCE_VERSION ) );	×
109	}
110
111	/**
112	* Disable unserializing of the class.
113	*
114	* @return void
115	*/
116	public function __wakeup() {
117	// De-serializing instances of the class is forbidden.
118	_doing_it_wrong( __FUNCTION__, esc_html__( 'De-serializing instances of the Protected_Router class is not allowed', 'wp-graphql-woocommerce' ), esc_html( WPGRAPHQL_WOOCOMMERCE_VERSION ) );	×
119	}
120
121	/**
122	* Adds rewrite rule for the route endpoint
123	*
124	* @return void
125	*/
126	public function add_rewrite_rule() {
127	add_rewrite_rule(	×
128	self::$route . '/?$',	×
129	'index.php?' . self::$route . '=true',	×
130	'top'	×
131	);	×
132	}
133
134	/**
135	* Adds the query_var for the route
136	*
137	* @param array $query_vars The array of whitelisted query variables.
138	*
139	* @return array
140	*/
141	public function add_query_var( $query_vars ) {
142	$query_vars[] = self::$route;	1✔
143
144	return $query_vars;	1✔
145	}
146
147	/**
148	* Returns true when the current request is a request to download the plugin.
149	*
150	* @return boolean
151	*/
152	public static function is_auth_request() {
153	$is_auth_request = false;	11✔
154	if ( isset( $_GET[ self::$route ] ) ) { // phpcs:ignore WordPress.Security.NonceVerification	11✔
155	$is_auth_request = true;	×
156	} elseif ( isset( $_SERVER['HTTP_HOST'] ) && isset( $_SERVER['REQUEST_URI'] ) ) {	11✔
157	// Check the server to determine if the auth endpoint is being requested.
158	$host = wp_unslash( $_SERVER['HTTP_HOST'] ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized	10✔
159	$uri = wp_unslash( $_SERVER['REQUEST_URI'] ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized	10✔
160
161	if ( ! is_string( $host ) ) {	10✔
162	return false;	×
163	}
164
165	if ( ! is_string( $uri ) ) {	10✔
166	return false;	×
167	}
168
169	$parsed_site_url = wp_parse_url( site_url( self::$route ), PHP_URL_PATH );	10✔
170	$auth_url = ! empty( $parsed_site_url ) ? wp_unslash( $parsed_site_url ) : self::$route;	10✔
171	$parsed_request_url = wp_parse_url( $uri, PHP_URL_PATH );	10✔
172	$request_url = ! empty( $parsed_request_url ) ? wp_unslash( $parsed_request_url ) : '';	10✔
173
174	// Determine if the route is indeed a download request.
175	$is_auth_request = false !== strpos( $request_url, $auth_url );	10✔
176	}//end if
177
178	/**
179	* Filter whether the request is a download request. Default is false.
180	*
181	* @param boolean $is_download_request Whether the request is a request to download the plugin. Default false.
182	*/
183	return apply_filters( 'woographql_is_auth_request', $is_auth_request );	11✔
184	}
185
186	/**
187	* This resolves the http request and ensures that WordPress can respond with the appropriate
188	* response instead of responding with a template from the standard WordPress Template
189	* Loading process
190	*
191	* @return void
192	*/
193	public function resolve_request() {
194	/**
195	* Remove the resolve_request function from the pre_get_posts action
196	* to prevent an infinite loop
197	*/
198	remove_action( 'pre_get_posts', [ $this, 'resolve_request' ], 1 );	×
199
200	/**
201	* Access the $wp_query object
202	*/
203	global $wp_query;	×
204
205	/**
206	* Ensure we're on the registered route for the transfer
207	*/
208	if ( ! $this->is_auth_request() ) {	×
209	return;	×
210	}
211
212	/**
213	* Set is_home to false
214	*/
215	$wp_query->is_home = false;	×
216
217	/**
218	* Process the GraphQL query Request
219	*/
220	$this->process_auth_request();	×
221	}
222
223	/**
224	* Returns the name of all the valid nonce names.
225	*
226	* @return array
227	*/
228	public static function get_nonce_names() {
229	$enabled_authorizing_url_fields = WooCommerce_Filters::enabled_authorizing_url_fields();	4✔
230	if ( empty( $enabled_authorizing_url_fields ) ) {	4✔
231	return [];	×
232	}
233	$nonce_names = [];	4✔
234	foreach ( array_keys( $enabled_authorizing_url_fields ) as $field ) {	4✔
235	$nonce_names[ $field ] = WooCommerce_Filters::get_authorizing_url_nonce_param_name( $field );	4✔
236	}
237
238	return array_filter( $nonce_names );	4✔
239	}
240
241	/**
242	* Returns the nonce action prefix for the provided field.
243	*
244	* @param string $field Field.
245	* @return string\|null
246	*/
247	public function get_nonce_prefix( $field ) {
248	switch ( $field ) {
249	case 'cart_url':	2✔
250	return 'load-cart_';	1✔
251	case 'checkout_url':	2✔
252	return 'load-checkout_';	1✔
253	case 'account_url':	2✔
254	return 'load-account_';	1✔
255	case 'add_payment_method_url':	2✔
256	return 'add-payment-method_';	1✔
257	default:
258	return apply_filters( 'woographql_auth_nonce_prefix', null, $field, $this );	2✔
259	}
260	}
261
262	/**
263	* Returns the target endpoint url for the provided field.
264	*
265	* @todo Add error logging here when WC Page needs to be created.
266	*
267	* @param string $field Field.
268	* @return string\|null
269	*/
270	public function get_target_endpoint( $field ) {
271	switch ( $field ) {
272	case 'cart_url':	1✔
273	$cart_page_id = wc_get_page_id( 'cart' );	1✔
274	$cart_page_url = get_permalink( $cart_page_id );	1✔
275	return $cart_page_url ? $cart_page_url : null;	1✔
276	case 'checkout_url':	1✔
277	return wc_get_endpoint_url( 'checkout' );	1✔
278	case 'account_url':	1✔
279	$account_page_id = get_option( 'woocommerce_myaccount_page_id' );	1✔
280	$account_page_url = get_permalink( $account_page_id );	1✔
281	return $account_page_url ? $account_page_url : null;	1✔
282	case 'add_payment_method_url':	1✔
283	return wc_get_account_endpoint_url( 'add-payment-method' );	1✔
284	default:
285	return apply_filters( 'woographql_auth_target_endpoint', null, $field, $this );	×
286	}
287	}
288
289	/**
290	* Redirects to homepage.
291	*
292	* @return void
293	*/
294	private function redirect_to_home() {
295	status_header( 404 );	×
296	wp_safe_redirect( home_url() );	×
297	exit;	×
298	}
299
300	/**
301	* Send stable version of plugin to download.
302	*
303	* @throws \Exception Session not found.
304	*
305	* @return void
306	*/
307	private function process_auth_request() {
308	// Bail early if session ID or nonce not found.
309	$nonce_names = $this->get_nonce_names();	×
310	if ( empty( $nonce_names ) ) {	×
311	$this->redirect_to_home();	×
312	return;	×
313	}
314
315	/**
316	* Nonce prefix
317	*
318	* @var string $nonce_prefix
319	*/
320	$nonce_prefix = null;	×
321
322	/**
323	* Session ID
324	*
325	* @var string $session_id
326	*/
327	$session_id = null;	×
328
329	/**
330	* Nonce
331	*
332	* @var string $nonce
333	*/
334	$nonce = null;	×
335
336	/**
337	* Field
338	*
339	* @var string $field
340	*/
341	$field = null;	×
342	foreach ( $nonce_names as $possible_field => $nonce_param ) {	×
343	if ( in_array( $nonce_param, array_keys( $_REQUEST ), true ) ) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended	×
344	$field = $possible_field;	×
345	$nonce_prefix = $this->get_nonce_prefix( $field );	×
346	$session_id = isset( $_REQUEST['session_id'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['session_id'] ) ) : null; // phpcs:ignore WordPress.Security.NonceVerification.Recommended	×
347	$nonce = isset( $_REQUEST[ $nonce_param ] ) ? sanitize_text_field( wp_unslash( $_REQUEST[ $nonce_param ] ) ) : null; // phpcs:ignore WordPress.Security.NonceVerification.Recommended	×
348	break;	×
349	}
350	}
351
352	if ( empty( $field ) \|\| empty( $nonce_prefix ) \|\| empty( $session_id ) \|\| empty( $nonce ) ) {	×
353	$this->redirect_to_home();	×
354	return;	×
355	}
356
357	// Bail early if session user already authenticated.
358	if ( 0 !== get_current_user_id() && get_current_user_id() === absint( $session_id ) ) {	×
359	$redirect_url = $this->get_target_endpoint( (string) $field );	×
360	if ( empty( $redirect_url ) ) {	×
361	$this->redirect_to_home();	×
362	return;	×
363	}
364	wp_safe_redirect( $redirect_url );	×
365	exit;	×
366	}
367
368	// Unauthenticate if current user not session user.
369	if ( 0 !== get_current_user_id() ) {	×
370	wp_clear_auth_cookie();	×
371	wp_set_current_user( 0 );	×
372	}
373
374	// Verify nonce.
375	if ( null !== $nonce && ! woographql_verify_nonce( $nonce, $nonce_prefix . $session_id ) ) {	×
376	$this->redirect_to_home();	×
377	}
378
379	do_action( 'woographql_process_auth_request_nonce_verified' );	×
380
381	// If Session ID is a user ID authenticate as session user.
382	if ( 0 !== absint( $session_id ) ) {	×
383	$user_id = absint( $session_id );	×
384	wp_clear_auth_cookie();	×
385	wp_set_current_user( $user_id );	×
386	wp_set_auth_cookie( $user_id );	×
387	}
388
389	/**
390	* Session object
391	*
392	* @var \WPGraphQL\WooCommerce\Utils\Transfer_Session_Handler $session
393	*/
394	$session = \WC()->session;	×
395
396	// Read session data connected to session ID.
397	$session_data = $session->get_session( $session_id );	×
398
399	// We were passed a session ID, yet no session was found. Let's log this and bail.
400	if ( ! is_array( $session_data ) \|\| empty( $session_data ) ) {	×
401	// TODO: Switch to WC Notices.
402	throw new \Exception( 'Could not locate WooCommerce session on checkout' );	×
403	}
404
405	// Reinitialize session and save session cookie before redirect.
406	$session->init_session_cookie();	×
407
408	// Set the session variable.
409	foreach ( $session_data as $key => $value ) {	×
410	$session->set( $key, maybe_unserialize( $value ) );	×
411	}
412	$session->set_customer_session_cookie( true );	×
413
414	// After session has been restored on redirect to destination.
415	$redirect_url = $this->get_target_endpoint( (string) $field );	×
416	if ( empty( $redirect_url ) ) {	×
417	$this->redirect_to_home();	×
418	return;	×
419	}
420	wp_safe_redirect( $redirect_url );	×
421	exit;	×
422	}
423	}

wp-graphql / wp-graphql-woocommerce / 14395326604

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous