|
<?php |
|
/* Register to WP from Slack API v1.2.0 */ |
|
/* Slack Command: <COMAND_NAME> [Login ID] [Public ID(Slug)] [E-mail] */ |
|
|
|
require_once( dirname( __FILE__ ) . '/wp-load.php' ); //WP core |
|
require_once( dirname( __FILE__ ) . '/slack_register_config.php' ); //Config |
|
|
|
/* [Function] Check request and sign */ |
|
function checksign(){ |
|
if(!isset($_SERVER['HTTP_X_SLACK_REQUEST_TIMESTAMP'],$_SERVER['HTTP_X_SLACK_SIGNATURE'])) return false; |
|
$data = 'v0:'.$_SERVER['HTTP_X_SLACK_REQUEST_TIMESTAMP'].':'.file_get_contents('php://input'); |
|
return ('v0='.hash_hmac('sha256', $data, SLACK_SECRET) == $_SERVER['HTTP_X_SLACK_SIGNATURE']); |
|
} |
|
|
|
/* [Function] Generate one-time signin URL(token) */ |
|
function generate_login_url($id,$tokenmode = false){ |
|
$token = bin2hex(openssl_random_pseudo_bytes(32)); |
|
$hash = wp_hash_password($token); |
|
$limit = time()+600; |
|
update_user_meta($id,'onetimetoken',$hash); |
|
update_user_meta($id,'onetimetokenlimit',$limit); |
|
if($tokenmode) return $token; |
|
return site_url().'/'.basename(__FILE__).'?auth='.$id.'&token='.$token; |
|
} |
|
|
|
/* [Function] One-time signin */ |
|
function auth(){ |
|
$hash = get_user_meta($_GET['auth'],'onetimetoken',true); |
|
$limit = get_user_meta($_GET['auth'],'onetimetokenlimit',true); |
|
/* Check the hash */ |
|
if(time() <= intval($limit) && wp_check_password($_GET['token'],$hash)){ |
|
/* Check linking to Slack ID */ |
|
if(get_user_meta($_GET['auth'],'slackhash',true)){ |
|
delete_user_meta($_GET['auth'],'onetimetoken'); |
|
delete_user_meta($_GET['auth'],'onetimetokenlimit'); |
|
wp_set_auth_cookie($_GET['auth'],true,true); |
|
wp_redirect(admin_url()); |
|
/* Generate token to link Slack ID */ |
|
}else if(get_current_user_id() == $_GET['auth']){ |
|
echo 'Your WordPress account is not linked to Slack ID.<br> |
|
Please run this command in Slack. The token is disabled after 10 minutes.<br>'.COMMAND_LOGIN.' '. |
|
wp_get_current_user()->user_login.' '.generate_login_url($_GET['auth'],true); |
|
}else{ |
|
echo '<a href="'.wp_logout_url().'">Please login again as the correct user.</a>'; |
|
} |
|
} |
|
exit; |
|
} |
|
|
|
/* [Function] User Activation */ |
|
function submit($parameters){ |
|
/* Array of userdata */ |
|
$userdata = [ |
|
'user_login' => $parameters[0], |
|
'user_nicename' => $parameters[1], |
|
'user_email' => $parameters[2], |
|
'user_pass' => wp_generate_password(PASS_LENGTH,true,true), |
|
'role' => ROLE |
|
]; |
|
/* Insert user */ |
|
$id = wp_insert_user( $userdata ) ; |
|
/* Link to Slack ID */ |
|
if($id){ |
|
update_user_meta($id,'slackhash',wp_hash_password($_POST[user_id])); |
|
/* Success responce */ |
|
return [ |
|
true, |
|
'Login ID: '.$parameters[0], |
|
'Public ID(Slug): '.$parameters[1], |
|
'E-mail: '.$parameters[2], |
|
'Onetime Login(10min.): '.generate_login_url($id), |
|
'If you change the password, please do yourself in wordpress admin.' |
|
]; |
|
} |
|
/* Error responce */ |
|
return [false,'Usage: '.COMMAND_SUBMIT.' [Login ID] [Public ID(Slug)] [E-mail]']; |
|
} |
|
|
|
/* [Function] User login */ |
|
function login($parameters){ |
|
$user = get_user_by('login',$parameters[0]); |
|
if(!$user) return [false, 'Login ID is incorrect.']; |
|
$slackhash = get_user_meta($user->ID,'slackhash',true); |
|
/* Check Slack ID */ |
|
if($slackhash ? wp_check_password($_POST[user_id],$slackhash) : !isset($parameters[1])){ |
|
/* Success responce */ |
|
return [true, 'Onetime Login(10min.): '.generate_login_url($user->ID)]; |
|
/* Check the hash */ |
|
}else if(isset($parameters[1])){ |
|
$hash = get_user_meta($user->ID,'onetimetoken',true); |
|
$limit = get_user_meta($user->ID,'onetimetokenlimit',true); |
|
if(time() <= intval($limit) && wp_check_password($parameters[1],$hash)){ |
|
/* Link to Slack ID */ |
|
update_user_meta($user->ID,'slackhash',wp_hash_password($_POST[user_id])); |
|
/* Success responce */ |
|
return [true, |
|
'Success linking your WordPress account to Slack ID.', |
|
'Onetime Login(10min.): '.generate_login_url($user->ID)]; |
|
}else{ |
|
/* Error responce */ |
|
return [false, 'Login ID or token is incorrect.']; |
|
} |
|
}else{ |
|
/* Error responce */ |
|
return [false, 'Login ID is incorrect.']; |
|
} |
|
} |
|
|
|
/* [Function] Generate JSON to responce for Slack API */ |
|
function generate_json($messages){ |
|
$blocks = []; |
|
foreach ($messages as $m){ |
|
$blocks[] = [ |
|
'type'=>'section', |
|
'text'=>[ |
|
'type'=>'mrkdwn', |
|
'text'=>$m |
|
] |
|
]; |
|
} |
|
return ['blocks' => $blocks]; |
|
} |
|
|
|
/* Function select */ |
|
if(isset($_GET['auth'],$_GET['token'])){ |
|
auth(); |
|
}else if(checksign()){ |
|
$parameters = explode(' ',$_POST['text']); |
|
if(count($parameters) > 2 && $_POST['command'] == COMMAND_SUBMIT) $messages = submit($parameters); |
|
if(count($parameters) && $_POST['command'] == COMMAND_LOGIN) $messages = login($parameters); |
|
}else{ |
|
$messages = [false]; |
|
} |
|
|
|
/* Generate JSON to responce for Slack API */ |
|
$messages[0] = $messages[0] ? 'OK' : 'ERROR'; |
|
$json = generate_json($messages); |
|
|
|
/* Echo JSON */ |
|
header("Content-Type: application/json; charset=utf-8;Access-Control-Allow-Origin: *"); |
|
echo json_encode($json); |
|
|
|
?> |