core_google_apps_login

Plugin component common to all versions of Google Apps Login.

Defined (1)

The class is defined in the following location(s).

/core/core_google_apps_login.php  
  1. class core_google_apps_login { 
  2.  
  3. protected function __construct() { 
  4. $this->add_actions(); 
  5. register_activation_hook($this->my_plugin_basename(), array( $this, 'ga_activation_hook' ) ); 
  6.  
  7. protected static $gal_cookie_name = 'wordpress_google_apps_login'; 
  8.  
  9. // May be overridden in basic or premium 
  10. public function ga_activation_hook($network_wide) { 
  11. global $gal_core_already_exists; 
  12. if ($gal_core_already_exists) { 
  13. deactivate_plugins( $this->my_plugin_basename() ); 
  14. echo( 'Please Deactivate the free version of Google Apps Login before you activate the new Premium/Enterprise version.' ); 
  15. exit; 
  16.  
  17. public function ga_plugins_loaded() { 
  18. load_plugin_textdomain( 'google-apps-login', false, dirname($this->my_plugin_basename()).'/lang/' ); 
  19.  
  20. protected $newcookievalue = null; 
  21. protected function get_cookie_value() { 
  22. if (!$this->newcookievalue) { 
  23. if (isset($_COOKIE[self::$gal_cookie_name])) { 
  24. $this->newcookievalue = $_COOKIE[self::$gal_cookie_name]; 
  25. else { 
  26. $this->newcookievalue = md5(rand()); 
  27. return $this->newcookievalue; 
  28.  
  29. private $doneIncludePath = false; 
  30. private function setIncludePath() { 
  31. if (!$this->doneIncludePath) { 
  32. set_include_path(get_include_path() . PATH_SEPARATOR . plugin_dir_path(__FILE__)); 
  33. $this->doneIncludePath = true; 
  34.  
  35. protected function createGoogleClient($options, $includeoauth=false) { 
  36. // Another plugin might have already included these files 
  37. // Unfortunately we just have to hope they have a similar enough version 
  38.  
  39. $this->setIncludePath(); 
  40.  
  41. // Google PHP Client obtained from https://github.com/google/google-api-php-client 
  42. // Using modified Google Client to avoid name clashes - rename process: 
  43. // On OSX requires export LC_CTYPE=C and export LANG=C in your ~/.profile 
  44. // find . -type f -exec sed -i '' -e 's/Google_/GoogleGAL_/g' {} + 
  45. // We also updated Google/Auth/AssertionCredentials.php to be able to accept the PEM class 
  46. // We wrote PEM class here: Google/Signer/PEM.php 
  47. // Also wrote our own autoload.php in /core 
  48.  
  49. $client = $this->get_Google_Client(); 
  50.  
  51. $client->setClientId($options['ga_clientid']); 
  52. $client->setClientSecret($options['ga_clientsecret']); 
  53. $client->setRedirectUri($this->get_login_url()); 
  54.  
  55. $hd = $this->get_hd(); 
  56. if ($hd) { 
  57. $client->setHostedDomain($hd); 
  58.  
  59. $scopes = array_unique(apply_filters('gal_gather_scopes', $this->get_default_scopes())); 
  60. $client->setScopes($scopes); 
  61. $client->setApprovalPrompt($options['ga_force_permissions'] ? 'force' : 'auto'); 
  62.  
  63. $oauthservice = null; 
  64. if ($includeoauth) { 
  65. /**if (!class_exists('GoogleGAL_Service_Oauth2')) { 
  66. require_once( 'Google/Service/Oauth2.php' ); 
  67. }*/ 
  68. $oauthservice = new GoogleGAL_Service_Oauth2($client); 
  69.  
  70. return Array($client, $oauthservice); 
  71.  
  72. protected function get_hd() { 
  73. return ''; 
  74.  
  75. protected function get_default_scopes() { 
  76. return Array('openid', 'email', 'https://www.googleapis.com/auth/userinfo.profile'); 
  77.  
  78. public function ga_login_styles() { 
  79. $options = $this->get_option_galogin(); 
  80. wp_enqueue_script('jquery'); 
  81. ?> 
  82. <style type="text/css"> 
  83. form#loginform p.galogin { 
  84. background: none repeat scroll 0 0 #2EA2CC; 
  85. border-color: #0074A2; 
  86. box-shadow: 0 1px 0 rgba(120, 200, 230, 0.5) inset, 0 1px 0 rgba(0, 0, 0, 0.15); 
  87. color: #FFFFFF; 
  88. text-decoration: none; 
  89. text-align: center; 
  90. vertical-align: middle; 
  91. border-radius: 3px; 
  92. padding: 4px; 
  93. height: 27px; 
  94. font-size: 14px; 
  95. margin-bottom: <?php echo $options['ga_poweredby'] ? '6' : '16' ?>px; 
  96.  
  97. form#loginform p.galogin a { 
  98. color: #FFFFFF; 
  99. line-height: 27px; 
  100. font-weight: bold; 
  101.  
  102. form#loginform p.galogin a:hover { 
  103. color: #CCCCCC; 
  104.  
  105. h3.galogin-or { 
  106. text-align: center; 
  107. margin-top: 16px; 
  108. margin-bottom: 16px; 
  109.  
  110. p.galogin-powered { 
  111. font-size: 0.7em; 
  112. font-style: italic; 
  113. text-align: right; 
  114.  
  115. p.galogin-logout { 
  116. background-color: #FFFFFF; 
  117. border: 4px solid #CCCCCC; 
  118. box-shadow: 0 1px 1px 0 rgba(0, 0, 0, 0.1); 
  119. padding: 12px; 
  120. margin: 12px 0; 
  121.  
  122. <?php if ($this->should_hidewplogin($options)) { ?> 
  123.  
  124. div#login form#loginform p label[for=user_login],  
  125. div#login form#loginform p label[for=user_pass],  
  126. div#login form#loginform p label[for=rememberme],  
  127. div#login form#loginform p.submit,  
  128. div#login p#nav { 
  129. display: none; 
  130. }  
  131.  
  132. <?php } ?> 
  133.  
  134. </style> 
  135. <?php } 
  136.  
  137. // public in case widgets want to use it 
  138. public function ga_start_auth_get_url() { 
  139. $options = $this->get_option_galogin(); 
  140. $clients = $this->createGoogleClient($options); 
  141. /** @var GoogleGAL_Client $client */ 
  142. $client = $clients[0]; 
  143.  
  144. // Generate a CSRF token 
  145. $client->setState(urlencode( 
  146. $this->session_indep_create_nonce('google_apps_login-'.$this->get_cookie_value()) 
  147. .'|'.$this->get_redirect_url() 
  148. )); 
  149.  
  150. $authUrl = $client->createAuthUrl(); 
  151. if ($options['ga_clientid'] == '' || $options['ga_clientsecret'] == '') { 
  152. $authUrl = "?error=ga_needs_configuring"; 
  153. return $authUrl; 
  154.  
  155. public function ga_login_form() { 
  156. $options = $this->get_option_galogin(); 
  157.  
  158. $authUrl = $this->ga_start_auth_get_url(); 
  159.  
  160. $do_autologin = false; 
  161.  
  162. if (isset($_GET['gaautologin'])) { // This GET param can always override the option set in admin panel 
  163. $do_autologin = $_GET['gaautologin'] == 'true'; 
  164. elseif ($options['ga_auto_login']) { 
  165. // Respect the option unless GET params mean we should remain on login page (e.g. ?loggedout=true) 
  166. if (count($_GET) == (isset($_GET['redirect_to']) ? 1 : 0)  
  167. + (isset($_GET['reauth']) ? 1 : 0)  
  168. + (isset($_GET['action']) && $_GET['action']=='login' ? 1 : 0)) { 
  169. $do_autologin = true; 
  170. if (isset($_POST['log']) && isset($_POST['pwd'])) { // This was a WP username/password login attempt 
  171. $do_autologin = false; 
  172.  
  173. if ($do_autologin && $options['ga_clientid'] != '' && $options['ga_clientsecret'] != '') { 
  174. if (!headers_sent()) { 
  175. wp_redirect($authUrl); 
  176. exit; 
  177. else { ?> 
  178. <p><b><?php printf( __( 'Redirecting to <a href="%s">Login via Google</a>...' , 'google-apps-login'), $authUrl ); ?></b></p> 
  179. <script type="text/javascript"> 
  180. window.location = "<?php echo $authUrl; ?>"; 
  181. </script> 
  182. <?php  
  183.  
  184. ?> 
  185. <p class="galogin">  
  186. <a href="<?php echo $authUrl; ?>"><?php echo esc_html($this->get_login_button_text()); ?></a> 
  187. </p> 
  188.  
  189. <?php if ($options['ga_poweredby']) { ?> 
  190. <p class='galogin-powered'><?php esc_html_e( 'Powered by ' , 'google-apps-login'); ?><a href='http://wp-glogin.com/?utm_source=Login%20Form&utm_medium=freemium&utm_campaign=LoginForm' target="_blank">wp-glogin.com</a></p> 
  191. <?php } ?> 
  192.  
  193. <script> 
  194. jQuery(document).ready(function() { 
  195. <?php ob_start(); /** Buffer javascript contents so we can run it through a filter */ ?> 
  196.  
  197. var loginform = jQuery('#loginform, #front-login-form'); 
  198. var googlelink = jQuery('p.galogin'); 
  199. var poweredby = jQuery('p.galogin-powered'); 
  200.  
  201. <?php if ($this->should_hidewplogin($options)) { ?> 
  202. loginform.empty(); 
  203. <?php  
  204. } else { 
  205. ?> 
  206. loginform.prepend("<h3 class='galogin-or'><?php esc_html_e( 'or' , 'google-apps-login'); ?></h3>"); 
  207. <?php } ?> 
  208.  
  209. if (poweredby) { 
  210. loginform.prepend(poweredby); 
  211. loginform.prepend(googlelink); 
  212.  
  213. <?php  
  214. $fntxt = ob_get_clean();  
  215. echo apply_filters('gal_login_form_readyjs', $fntxt); 
  216. ?> 
  217. }); 
  218. </script> 
  219. <?php  
  220.  
  221. protected function get_login_button_text() { 
  222. $login_button_text = __('Login with Google', 'google-apps-login'); 
  223. return apply_filters('gal_login_button_text', $login_button_text); 
  224.  
  225. protected function should_hidewplogin($options) { 
  226. return false; 
  227.  
  228. protected function get_redirect_url() { 
  229. $options = $this->get_option_galogin(); 
  230.  
  231. if (array_key_exists('redirect_to', $_REQUEST) && $_REQUEST['redirect_to']) { 
  232. return $_REQUEST['redirect_to']; 
  233. } elseif (is_multisite() && !$options['ga_ms_usesubsitecallback']) { 
  234. return admin_url(); // This is what WordPress would choose as default 
  235. // but we have to specify explicitly since all callbacks go via root site 
  236. return ''; 
  237.  
  238. public function ga_authenticate($user, $username=null, $password=null) { 
  239. if (isset($_REQUEST['error'])) { 
  240. switch ($_REQUEST['error']) { 
  241. case 'access_denied': 
  242. $error_message = __( 'You did not grant access' , 'google-apps-login'); 
  243. break; 
  244. case 'ga_needs_configuring': 
  245. $error_message = __( 'The admin needs to configure Google Apps Login plugin - please follow ' 
  246. .'<a href="http://wp-glogin.com/installing-google-apps-login/#main-settings"' 
  247. .' target="_blank">instructions here</a>' , 'google-apps-login'); 
  248. break; 
  249. case 'ga_user_must_glogin': 
  250. $error_message = sprintf(__( 'The user must use <i>%s</i> to access the site' , 'google-apps-login'),  
  251. htmlentities($this->get_login_button_text())); 
  252. break; 
  253. default: 
  254. $error_message = __( 'Unrecognized error message' , 'google-apps-login'); 
  255. break; 
  256. $user = new WP_Error('ga_login_error', $error_message); 
  257. return $this->displayAndReturnError($user); 
  258.  
  259. $options = $this->get_option_galogin(); 
  260.  
  261. if (isset($_GET['code'])) { 
  262. if (!isset($_REQUEST['state'])) { 
  263. $user = new WP_Error('ga_login_error', __( "Session mismatch - try again, but there could be a problem setting state" , 'google-apps-login') ); 
  264. return $this->displayAndReturnError($user); 
  265.  
  266. $statevars = explode('|', urldecode($_REQUEST['state'])); 
  267. if (count($statevars) != 2) { 
  268. $user = new WP_Error('ga_login_error', __( "Session mismatch - try again, but there could be a problem passing state" , 'google-apps-login') ); 
  269. return $this->displayAndReturnError($user); 
  270. $retnonce = $statevars[0]; 
  271. $retredirectto = $statevars[1]; 
  272.  
  273. if (!$this->session_indep_verify_nonce($retnonce, 'google_apps_login-'.$this->get_cookie_value())) { 
  274. $user = new WP_Error('ga_login_error', __( "Session mismatch - try again, but there could be a problem setting cookies" , 'google-apps-login') ); 
  275. return $this->displayAndReturnError($user); 
  276.  
  277. try { 
  278. $clients = $this->createGoogleClient($options, true); 
  279. /** @var GoogleGAL_Client $client */ 
  280. $client = $clients[0]; 
  281. $oauthservice = $clients[1]; 
  282.  
  283. $client->authenticate($_GET['code']); 
  284.  
  285. /** userinfo example: 
  286. "id": "115886881859296909934",  
  287. "email": "dan@danlester.com",  
  288. "verified_email": true,  
  289. "name": "Dan Lester",  
  290. "given_name": "Dan",  
  291. "family_name": "Lester",  
  292. "link": "https://plus.google.com/115886881859296909934",  
  293. "picture": "https://lh3.googleusercontent.com/-r4WThnaSX8o/AAAAAAAAAAI/AAAAAAAAABE/pEJQwH5wyqM/photo.jpg",  
  294. "gender": "male",  
  295. "locale": "en-GB",  
  296. "hd": "danlester.com" 
  297. */ 
  298. $userinfo = $oauthservice->userinfo->get(); 
  299.  
  300. if ($userinfo && is_object($userinfo) && property_exists($userinfo, 'email')  
  301. && property_exists($userinfo, 'verifiedEmail')) { 
  302.  
  303. $google_email = $userinfo->email; 
  304. $google_verified_email = $userinfo->verifiedEmail; 
  305.  
  306. if (!$google_verified_email) { 
  307. $user = new WP_Error('ga_login_error', __( 'Email needs to be verified on your Google Account' , 'google-apps-login') ); 
  308. else { 
  309. $user = get_user_by('email', $google_email); 
  310.  
  311. $userdidnotexist = false; 
  312. if (!$user) { 
  313. $userdidnotexist = true; 
  314. $user = $this->createUserOrError($userinfo, $options); 
  315.  
  316. if ($user && !is_wp_error($user)) { 
  317. // In some versions, check group membership 
  318. $this->check_groups($client, $userinfo, $user, $userdidnotexist); 
  319.  
  320. // Set redirect for wp-login to receive via our own login_redirect callback 
  321. $this->setFinalRedirect($retredirectto); 
  322.  
  323. // Call hook in case another plugin wants to use the user's data 
  324. do_action('gal_user_loggedin', $user, $userinfo, $userdidnotexist, $client, $oauthservice); 
  325. else { 
  326. $user = new WP_Error('ga_login_error', __( "User authenticated OK, but error fetching user details from Google" , 'google-apps-login') ); 
  327. } catch (GoogleGAL_Exception $e) { 
  328. $user = new WP_Error('ga_login_error', $e->getMessage()); 
  329. else { 
  330. $user = $this->checkRegularWPLogin($user, $username, $password, $options); 
  331.  
  332. if (is_wp_error($user)) { 
  333. $this->displayAndReturnError($user); 
  334.  
  335. return $user; 
  336.  
  337. protected function createUserOrError($userinfo, $options) { 
  338. return( new WP_Error('ga_login_error', sprintf( __( 'User %s not registered in Wordpress' , 'google-apps-login'),  
  339. $userinfo->email) ) ); 
  340.  
  341. protected function checkRegularWPLogin($user, $username, $password, $options) { 
  342. return $user; 
  343.  
  344. // Has content in Enterprise 
  345. protected function check_groups($client, $userinfo, $user, $userdidnotexist) { 
  346.  
  347. protected function displayAndReturnError($user) { 
  348. if (is_wp_error($user) && get_bloginfo('version') < 3.7) { 
  349. // Only newer wordpress versions display errors from $user for us 
  350. global $error; 
  351. /** @var WP_Error $user */ 
  352. $error = htmlentities2($user->get_error_message()); 
  353. return $user; 
  354.  
  355. protected $_final_redirect = ''; 
  356.  
  357. protected function setFinalRedirect($redirect_to) { 
  358. $this->_final_redirect = $redirect_to; 
  359.  
  360. protected function getFinalRedirect() { 
  361. return $this->_final_redirect; 
  362.  
  363. public function ga_login_redirect($redirect_to, $request_from, $user) { 
  364. if ($user && !is_wp_error($user)) { 
  365. $final_redirect = $this->getFinalRedirect(); 
  366. if ($final_redirect !== '') { 
  367. return $final_redirect; 
  368. return $redirect_to; 
  369.  
  370. public function ga_init() { 
  371. if (isset($_GET['code']) && isset($_GET['state']) && $_SERVER['REQUEST_METHOD']=='GET') { 
  372. $options = $this->get_option_galogin(); 
  373. if ($options['ga_rememberme']) { 
  374. $_POST['rememberme'] = true; 
  375. if (!isset($_COOKIE[self::$gal_cookie_name]) && apply_filters('gal_set_login_cookie', true)) { 
  376. setcookie(self::$gal_cookie_name, $this->get_cookie_value(), time()+36000, '/', defined(COOKIE_DOMAIN) ? COOKIE_DOMAIN : '' ); 
  377.  
  378. protected function get_login_url() { 
  379. $options = $this->get_option_galogin(); 
  380. $login_url = wp_login_url(); 
  381.  
  382. if (is_multisite() && !$options['ga_ms_usesubsitecallback']) { 
  383. $login_url = network_site_url('wp-login.php'); 
  384. }  
  385.  
  386. if (force_ssl_admin() && strtolower(substr($login_url, 0, 7)) == 'http://') { 
  387. $login_url = 'https://'.substr($login_url, 7); 
  388.  
  389. return apply_filters( 'gal_login_url', $login_url ); 
  390.  
  391. // Build our own nonce functions as wp_create_nonce is user dependent,  
  392. // and our nonce is created when logged-out, then verified when logged-in 
  393.  
  394. protected function session_indep_create_nonce($action = -1) { 
  395. $i = wp_nonce_tick(); 
  396. return substr( wp_hash( $i . '|' . $action, 'nonce' ), -12, 10 ); 
  397.  
  398. protected function session_indep_verify_nonce( $nonce, $action = -1 ) { 
  399. $nonce = (string) $nonce; 
  400. if ( empty( $nonce ) ) { 
  401. return false; 
  402.  
  403. $i = wp_nonce_tick(); 
  404.  
  405. // Nonce generated 0-12 hours ago 
  406. $expected = substr( wp_hash( $i . '|' . $action, 'nonce'), -12, 10 ); 
  407. if ( $this->hash_equals( $expected, $nonce ) ) { 
  408. return 1; 
  409.  
  410. // Nonce generated 12-24 hours ago 
  411. $expected = substr( wp_hash( ( $i - 1 ) . '|' . $action, 'nonce' ), -12, 10 ); 
  412. if ( $this->hash_equals( $expected, $nonce ) ) { 
  413. return 2; 
  414.  
  415. // Invalid nonce 
  416. return false; 
  417.  
  418. private function hash_equals($expected, $nonce) { 
  419. // Global/PHP fn hash_equals didn't exist before WP3.9.2 
  420. if (function_exists('hash_equals')) { 
  421. return hash_equals($expected, $nonce); 
  422. return $expected == $nonce; 
  423.  
  424. // ADMIN AND OPTIONS 
  425. // ***************** 
  426.  
  427. protected function get_options_menuname() { 
  428. return 'galogin_list_options'; 
  429.  
  430. protected function get_options_pagename() { 
  431. return 'galogin_options'; 
  432.  
  433. protected function get_settings_url() { 
  434. return is_multisite() 
  435. ? network_admin_url( 'settings.php?page='.$this->get_options_menuname() ) 
  436. : admin_url( 'options-general.php?page='.$this->get_options_menuname() ); 
  437.  
  438. public function ga_admin_auth_message() { 
  439. echo '<div class="error"><p>'; 
  440. echo sprintf( __('You will need to complete Google Apps Login <a href="%s">Settings</a> in order for the plugin to work', 'google-apps-login'),  
  441. esc_url($this->get_settings_url()) );  
  442. echo '</p></div>'; 
  443.  
  444. public function ga_admin_init() { 
  445. register_setting( $this->get_options_pagename(), $this->get_options_name(), Array($this, 'ga_options_validate') ); 
  446.  
  447. // Admin notice that configuration is required 
  448. $options = $this->get_option_galogin(); 
  449.  
  450. if (current_user_can( is_multisite() ? 'manage_network_options' : 'manage_options' )  
  451. && ($options['ga_clientid'] == '' || $options['ga_clientsecret'] == '')) { 
  452.  
  453. if (!array_key_exists('page', $_REQUEST) || $_REQUEST['page'] != $this->get_options_menuname()) { 
  454. add_action('admin_notices', Array($this, 'ga_admin_auth_message')); 
  455. if (is_multisite()) { 
  456. add_action('network_admin_notices', Array($this, 'ga_admin_auth_message')); 
  457. else { 
  458. $this->set_other_admin_notices(); 
  459.  
  460. add_action('show_user_profile', Array($this, 'ga_personal_options')); 
  461.  
  462. public function ga_personal_options($wp_user) { 
  463. if (is_object($wp_user)) { 
  464. // Display avatar in profile 
  465. $purchase_url = 'http://wp-glogin.com/avatars/?utm_source=Profile%20Page&utm_medium=freemium&utm_campaign=Avatars'; 
  466. $source_text = 'Install <a href="'.$purchase_url.'">Google Profile Avatars</a> to use your Google account\'s profile photo here automatically.'; 
  467. ?> 
  468. <table class="form-table"> 
  469. <tbody><tr> 
  470. <th>Profile Photo</th> 
  471. <td><?php echo get_avatar($wp_user->ID, '48'); ?></td> 
  472. <td><?php echo apply_filters('gal_avatar_source_desc', $source_text, $wp_user); ?></td> 
  473. </tr> 
  474. </tbody> 
  475. </table> 
  476. <?php 
  477.  
  478. // Has content in Basic 
  479. protected function set_other_admin_notices() { 
  480.  
  481. public function ga_admin_menu() { 
  482. if (is_multisite()) { 
  483. add_submenu_page( 'settings.php', __( 'Google Apps Login settings' , 'google-apps-login'), __( 'Google Apps Login' , 'google-apps-login'),  
  484. 'manage_network_options', $this->get_options_menuname(),  
  485. array($this, 'ga_options_do_page')); 
  486. else { 
  487. add_options_page( __( 'Google Apps Login settings' , 'google-apps-login'), __( 'Google Apps Login' , 'google-apps-login'),  
  488. 'manage_options', $this->get_options_menuname(),  
  489. array($this, 'ga_options_do_page')); 
  490.  
  491. public function ga_options_do_page() { 
  492. if (!current_user_can(is_multisite() ? 'manage_network_options' : 'manage_options')) { 
  493. wp_die(); 
  494.  
  495. wp_enqueue_script( 'gal_admin_js', $this->my_plugin_url().'js/gal-admin.js', array('jquery') ); 
  496. wp_enqueue_style( 'gal_admin_css', $this->my_plugin_url().'css/gal-admin.css' ); 
  497.  
  498. $submit_page = is_multisite() ? 'edit.php?action='.$this->get_options_menuname() : 'options.php'; 
  499.  
  500. if (is_multisite()) { 
  501. $this->ga_options_do_network_errors(); 
  502. ?> 
  503.  
  504. <div> 
  505.  
  506. <h2><?php _e('Google Apps Login setup', 'google-apps-login'); ?></h2> 
  507.  
  508. <div id="gal-tablewrapper"> 
  509.  
  510. <div id="gal-tableleft" class="gal-tablecell"> 
  511.  
  512. <p><?php _e( 'To set up your website to enable Google logins, you will need to follow instructions specific to your website.', 'google-apps-login'); ?></p> 
  513.  
  514. <p><a href="<?php echo $this->calculate_instructions_url(); ?>#config" id="gal-personalinstrlink" class="button-secondary" target="gainstr"><?php  
  515. _e( 'Click here to open your personalized instructions in a new window' , 'google-apps-login'); ?></a></p> 
  516.  
  517.  
  518. <?php  
  519. $this->ga_section_text_end(); 
  520. ?> 
  521.  
  522. <h2 id="gal-tabs" class="nav-tab-wrapper"> 
  523. <a href="#main" id="main-tab" class="nav-tab nav-tab-active">Main Setup</a> 
  524. <a href="#domain" id="domain-tab" class="nav-tab">Domain Control</a> 
  525. <a href="#advanced" id="advanced-tab" class="nav-tab">Advanced Options</a> 
  526. <?php $this->draw_more_tabs(); ?> 
  527. </h2> 
  528.  
  529.  
  530. <form action="<?php echo $submit_page; ?>" method="post" id="gal_form" enctype="multipart/form-data" > 
  531.  
  532. <?php  
  533. settings_fields($this->get_options_pagename()); 
  534. $this->ga_mainsection_text(); 
  535. $this->ga_domainsection_text(); 
  536. $this->ga_advancedsection_text(); 
  537. $this->ga_moresection_text(); 
  538. ?> 
  539.  
  540. <p class="submit"> 
  541. <input type="submit" value="<?php esc_attr_e( 'Save Changes' , 'google-apps-login'); ?>" class="button button-primary" id="submit" name="submit"> 
  542. </p> 
  543. </form> 
  544. </div> 
  545.  
  546. <?php $this->ga_options_do_sidebar(); ?> 
  547.  
  548. </div> 
  549.  
  550. </div> <?php 
  551.  
  552. // Extended in premium 
  553. protected function draw_more_tabs() { 
  554.  
  555. // Extended in premium 
  556. protected function ga_moresection_text() { 
  557.  
  558. // Has content in Basic 
  559. protected function ga_options_do_sidebar() { 
  560.  
  561. protected function ga_options_do_network_errors() { 
  562. if (isset($_REQUEST['updated']) && $_REQUEST['updated']) { 
  563. ?> 
  564. <div id="setting-error-settings_updated" class="updated settings-error"> 
  565. <p> 
  566. <strong><?php _e( 'Settings saved.', 'google-apps-login'); ?></strong> 
  567. </p> 
  568. </div> 
  569. <?php 
  570.  
  571. if (isset($_REQUEST['error_setting']) && is_array($_REQUEST['error_setting']) 
  572. && isset($_REQUEST['error_code']) && is_array($_REQUEST['error_code'])) { 
  573. $error_code = $_REQUEST['error_code']; 
  574. $error_setting = $_REQUEST['error_setting']; 
  575. if (count($error_code) > 0 && count($error_code) == count($error_setting)) { 
  576. for ($i=0; $i<count($error_code) ; ++$i) { 
  577. ?> 
  578. <div id="setting-error-settings_<?php echo $i; ?>" class="error settings-error"> 
  579. <p> 
  580. <strong><?php echo htmlentities2($this->get_error_string($error_setting[$i].'|'.$error_code[$i])); ?></strong> 
  581. </p> 
  582. </div> 
  583. <?php 
  584.  
  585. protected function ga_mainsection_text() { 
  586. echo '<div id="main-section" class="galtab active">'; 
  587. echo '<p>'; 
  588. echo sprintf( __( "The <a href='%s'>instructions</a> above will guide you to Google's Cloud Console where you will enter two URLs, and also obtain two codes (Client ID and Client Secret) which you will need to enter in the boxes below.",  
  589. 'google-apps-login'), $this->calculate_instructions_url()."#config" ); 
  590. echo '</p>'; 
  591.  
  592. $options = $this->get_option_galogin(); // Must be in this order to invoke upgrade code 
  593. $saoptions = $this->get_sa_option(); 
  594.  
  595. echo '<label for="input_ga_clientid" class="textinput big">'.__('Client ID', 'google-apps-login').'</label>'; 
  596. echo "<input id='input_ga_clientid' class='textinput' name='".$this->get_options_name()."[ga_clientid]' size='68' type='text' value='".esc_attr($options['ga_clientid'])."' />"; 
  597. echo '<br class="clear"/><p class="desc big">'; 
  598. printf( __('Normally something like %s', 'google-apps-login'), '1234567890123-w1dwn5pfgjeo96c73821dfbof6n4kdhw.apps.googleusercontent.com' ); 
  599. echo '</p>'; 
  600.  
  601. echo '<label for="input_ga_clientsecret" class="textinput big">'.__('Client Secret', 'google-apps-login').'</label>'; 
  602. echo "<input id='input_ga_clientsecret' class='textinput' name='".$this->get_options_name()."[ga_clientsecret]' size='40' type='text' value='".esc_attr($options['ga_clientsecret'])."' />"; 
  603. echo '<br class="clear" /><p class="desc big">'; 
  604. printf( __('Normally something like %s', 'google-apps-login'), 'sHSfR4_jf_2jsy-kjPjgf2dT' ); 
  605. echo '</p>'; 
  606.  
  607. $serviceacct_plugins = apply_filters('gal_gather_serviceacct_reqs', array()); 
  608.  
  609. echo '<h3>Service Account settings</h3>'; 
  610.  
  611. if (count($serviceacct_plugins) == 0) { 
  612. ?>  
  613. <p>Some Google Apps extensions may require you to set up a Service Account. If you Activate those extension plugins then 
  614. come back to this page, you will see further instructions, including the 'permission scopes' those extensions require.  
  615. However, if you know you need to set up a Service Account in advance, you can click below to reveal the settings.</p> 
  616.  
  617. <p><a href="#" id="gal-show-admin-serviceacct">Show Service Account settings</a></p> 
  618.  
  619. <span id="gal-hide-admin-serviceacct" style="display: none;"> 
  620.  
  621. <?php } ?> 
  622.  
  623. <p>In order for all users to have permissions to access domain-level information from Google, you will need to create 
  624. a Service Account. Please see our  
  625. <a href="https://wp-glogin.com/installing-google-apps-login/service-account-setup/?utm_source=ServiceAccount&utm_medium=freemium&utm_campaign=Login" target="_blank">extended instructions here</a>.</p> 
  626.  
  627. <?php  
  628. if (count($serviceacct_plugins) > 0) { 
  629. $this->ga_show_service_account_reqs($serviceacct_plugins); 
  630.  
  631. echo '<br class="clear">'; 
  632. if ($saoptions['ga_serviceemail'] != '') { 
  633. if ($saoptions['ga_serviceid'] != '') { 
  634. // Display client id 
  635. echo '<label for="input_ga_serviceid" class="textinput">'.__('Service Account Client ID / Name', 'google-apps-login').'</label>'; 
  636. echo "<div class='gal-lowerinput'>"; 
  637. //echo "<span id='input_ga_serviceid'>".htmlentities($saoptions['ga_serviceid'])."</span>"; 
  638. echo "<div id='input_ga_serviceid' class='gal-admin-scopes-list'>".htmlentities($saoptions['ga_serviceid'])."</div>"; 
  639. echo '</div>'; 
  640. echo '<br class="clear">'; 
  641. // Display service email 
  642. echo '<label for="input_ga_serviceemail" class="textinput">'.__('Service Account email address', 'google-apps-login').'</label>'; 
  643. echo "<div class='gal-lowerinput'>"; 
  644. echo "<span id='input_ga_serviceemail'>".htmlentities($saoptions['ga_serviceemail'])."</span>"; 
  645. echo '</div>'; 
  646. echo '<br class="clear">'; 
  647. if ($saoptions['ga_pkey_print'] != '') { 
  648. // Display finger print of key 
  649. echo '<label for="input_ga_pkey_print" class="textinput">'.__('Private key fingerprint', 'google-apps-login').'</label>'; 
  650. echo "<div class='gal-lowerinput'>"; 
  651. echo "<span id='input_ga_pkey_print'>".htmlentities($saoptions['ga_pkey_print'])."</span>"; 
  652. echo '</div>'; 
  653. echo '<br class="clear">'; 
  654.  
  655. echo '<label for="input_ga_keyfileupload" class="textinput gal_jsonkeyfile">'.__('Upload a new Service Account JSON file', 'google-apps-login').'</label>'; 
  656. echo '<label for="input_ga_keyjson" class="textinput gal_jsonkeytext" style="display: none;">'.__('Paste contents of JSON file', 'google-apps-login').'</label>'; 
  657.  
  658. echo "<div class='gal-lowerinput'>"; 
  659. echo "<input type='hidden' name='MAX_FILE_SIZE' value='10240' />"; 
  660. echo "<input type='file' name='ga_keyfileupload' id='input_ga_keyfileupload' class='gal_jsonkeyfile'/>"; 
  661. echo "<a href='#' class='gal_jsonkeyfile'>Problem uploading file?</a>"; 
  662. echo "<textarea name='".$this->get_options_name()."[ga_keyjson]' id='input_ga_keyjson' class='gal_jsonkeytext' style='display: none;'></textarea>"; 
  663. echo "<a href='#' class='gal_jsonkeytext' style='display: none;'>Prefer the file upload?</a>"; 
  664. echo '</div>'; 
  665. echo '<br class="clear">'; 
  666.  
  667. echo '<label for="input_ga_domainadmin" class="textinput">'.__('A Google Apps Domain admin\'s email', 'google-apps-login').'</label>'; 
  668. echo "<input id='input_ga_domainadmin' name='".$this->get_options_name()."[ga_domainadmin]' size='40' type='text' value='".esc_attr($options['ga_domainadmin'])."' class='textinput' />"; 
  669. echo '<br class="clear">'; 
  670.  
  671. if (count($serviceacct_plugins) == 0) { 
  672. ?> 
  673. </span> 
  674. <?php 
  675.  
  676. echo '</div>'; 
  677.  
  678. protected function ga_show_service_account_reqs($serviceacct_plugins) { 
  679. $all_scopes = array(); 
  680. ?> 
  681. <p>A Service Account will be required for the following extensions, and they need the permission scopes listed: 
  682. <table class="gal-admin-service-scopes"> 
  683. <thead> 
  684. <tr> 
  685. <td>Extension Name</td> 
  686. <td>Scopes Requested</td> 
  687. <td>Reason</td> 
  688. </tr> 
  689. </thead> 
  690. <tbody> 
  691. <?php 
  692. foreach ($serviceacct_plugins as $plg) { 
  693. if (is_array($plg) && count($plg) == 2) { 
  694. $i = 0; 
  695. foreach ($plg[1] as $k => $v) { 
  696. echo '<tr>'; 
  697. if ($i==0) { 
  698. echo '<td rowspan="'.count($plg[1]).'">'.htmlentities($plg[0]).'</td>'; 
  699. echo '<td>'.htmlentities($k).'</td>'; 
  700. echo '<td>'.htmlentities($v).'</td>'; 
  701. echo '</tr>'; 
  702. $all_scopes[] = $k; 
  703. ++$i; 
  704. ?> 
  705. </tbody> 
  706. </table> 
  707. </p> 
  708.  
  709. <p>Here is a comma-separated list of API Scopes to copy and paste into your Google Apps admin security page (see instructions). 
  710. <br /> 
  711. <div class="gal-admin-scopes-list"><?php echo htmlentities(implode(', ', array_unique($all_scopes))); ?></div> 
  712. </p> 
  713. <?php 
  714.  
  715.  
  716. // Has content in Basic 
  717. protected function ga_section_text_end() { 
  718.  
  719. // Has content in Premium 
  720. protected function ga_domainsection_text() { 
  721.  
  722. protected function ga_advancedsection_text() { 
  723. echo '<div id="advanced-section" class="galtab">'; 
  724. echo '<p>'; 
  725. printf( __('Once you have the plugin working, you can try these settings to customize the login flow for your users.', 'google-apps-login') 
  726. .' '.__('See <a href="%s" target="gainstr">instructions here</a>.', 'google-apps-login'),  
  727. $this->calculate_instructions_url('a').'#advanced' ); 
  728. echo '</p>'; 
  729.  
  730. $options = $this->get_option_galogin(); 
  731.  
  732. echo "<input id='input_ga_force_permissions' name='".$this->get_options_name()."[ga_force_permissions]' type='checkbox' ".($options['ga_force_permissions'] ? 'checked' : '')." class='checkbox' />"; 
  733. echo '<label for="input_ga_force_permissions" class="checkbox plain">'; 
  734. _e( 'Force user to confirm Google permissions every time' , 'google-apps-login' ); 
  735. echo '</label>'; 
  736.  
  737. echo '<br class="clear" />'; 
  738.  
  739. echo "<input id='input_ga_auto_login' name='".$this->get_options_name()."[ga_auto_login]' type='checkbox' ".($options['ga_auto_login'] ? 'checked' : '')." class='checkbox' />"; 
  740.  
  741. echo '<label for="input_ga_auto_login" class="checkbox plain">'; 
  742. _e( 'Automatically redirect to Google from login page' , 'google-apps-login' ); 
  743. echo '</label>'; 
  744.  
  745. echo '<br class="clear" />'; 
  746.  
  747. echo "<input id='input_ga_rememberme' name='".$this->get_options_name()."[ga_rememberme]' type='checkbox' ".($options['ga_rememberme'] ? 'checked' : '')." class='checkbox' />"; 
  748.  
  749. echo '<label for="input_ga_rememberme" class="checkbox plain">'; 
  750. _e( 'Remember Me - do not log users out at end of browser session' , 'google-apps-login' ); 
  751. echo '</label>'; 
  752.  
  753. echo '<br class="clear" />'; 
  754.  
  755. echo "<input id='input_ga_poweredby' name='".$this->get_options_name()."[ga_poweredby]' type='checkbox' ".($options['ga_poweredby'] ? 'checked' : '')." class='checkbox' />"; 
  756.  
  757. echo '<label for="input_ga_poweredby" class="checkbox plain">'; 
  758. _e( 'Display \'Powered By wp-glogin.com\' on Login form' , 'google-apps-login' ); 
  759. echo '</label>'; 
  760.  
  761. $this->ga_advancedsection_extra(); 
  762.  
  763. echo '<br class="clear" />'; 
  764.  
  765. if (is_multisite()) { 
  766. echo '<h3>'.__( 'Multisite Options' , 'google-apps-login').'</h3><p>'; 
  767. printf( __('This setting is for multisite admins only. See <a href="%s" target="gainstr">instructions here</a>.', 'google-apps-login') 
  768. , $this->calculate_instructions_url('m').'#multisite' ); 
  769. echo '</p>'; 
  770. echo "<input id='input_ga_ms_usesubsitecallback' name='".$this->get_options_name()."[ga_ms_usesubsitecallback]' type='checkbox' ".($options['ga_ms_usesubsitecallback'] ? 'checked' : '')." class='checkbox'/>"; 
  771.  
  772. echo '<label for="input_ga_ms_usesubsitecallback" class="checkbox plain">'.__( 'Use sub-site specific callback from Google' , 'google-apps-login').'</label>'; 
  773. echo '<br class="clear" />'; 
  774.  
  775. echo '<p class="desc">'; 
  776. _e( 'Leave unchecked if in doubt' , 'google-apps-login'); 
  777. echo '</p>'; 
  778.  
  779. echo '</div>'; 
  780.  
  781. // Overridden in Commercial 
  782. protected function ga_advancedsection_extra() { 
  783.  
  784. public function ga_options_validate($input) { 
  785. $newinput = Array(); 
  786. $newinput['ga_clientid'] = isset($input['ga_clientid']) ? trim($input['ga_clientid']) : ''; 
  787. $newinput['ga_clientsecret'] = isset($input['ga_clientsecret']) ? trim($input['ga_clientsecret']) : ''; 
  788. if(!preg_match('/^.{10}.*$/i', $newinput['ga_clientid'])) { 
  789. add_settings_error( 
  790. 'ga_clientid',  
  791. 'tooshort_texterror',  
  792. self::get_error_string('ga_clientid|tooshort_texterror'),  
  793. 'error' 
  794. ); 
  795. if(!preg_match('/^.{10}.*$/i', $newinput['ga_clientsecret'])) { 
  796. add_settings_error( 
  797. 'ga_clientsecret',  
  798. 'tooshort_texterror',  
  799. self::get_error_string('ga_clientsecret|tooshort_texterror'),  
  800. 'error' 
  801. ); 
  802. $newinput['ga_ms_usesubsitecallback'] = isset($input['ga_ms_usesubsitecallback']) ? (boolean)$input['ga_ms_usesubsitecallback'] : false; 
  803. $newinput['ga_force_permissions'] = isset($input['ga_force_permissions']) ? (boolean)$input['ga_force_permissions'] : false; 
  804. $newinput['ga_auto_login'] = isset($input['ga_auto_login']) ? (boolean)$input['ga_auto_login'] : false; 
  805. $newinput['ga_poweredby'] = isset($input['ga_poweredby']) ? (boolean)$input['ga_poweredby'] : false; 
  806. $newinput['ga_rememberme'] = isset($input['ga_rememberme']) ? (boolean)$input['ga_rememberme'] : false; 
  807.  
  808. // Service account settings 
  809. $newinput['ga_domainadmin'] = isset($input['ga_domainadmin']) ? trim($input['ga_domainadmin']) : ''; 
  810. if (!preg_match('/^([A-Za-z0-9._%+-]+@([0-9a-z-]+\.)*[0-9a-z-]+\.[a-z]{2, 63})?$/', $newinput['ga_domainadmin'])) { 
  811. add_settings_error( 
  812. 'ga_domainadmin',  
  813. 'invalid_email',  
  814. self::get_error_string('ga_domainadmin|invalid_email'),  
  815. 'error' 
  816. ); 
  817.  
  818. // Submitting a JSON key for Service Account 
  819. if (isset($_FILES['ga_keyfileupload']) || (isset($input['ga_keyjson']) && strlen(trim($input['ga_keyjson'])) > 0)) { 
  820. if (!class_exists('gal_keyfile_uploader')) { 
  821. $this->setIncludePath(); 
  822. require_once( 'keyfile_uploader.php' ); 
  823.  
  824. $saoptions = $this->get_sa_option(); 
  825.  
  826. $kfu = new gal_keyfile_uploader('ga_keyfileupload', isset($input['ga_keyjson']) ? $input['ga_keyjson'] : ''); 
  827. $newemail = $kfu->getEmail(); 
  828. $newid = $kfu->getId(); 
  829. $newkey = $kfu->getKey(); 
  830. $newprint = $kfu->getPrint(); 
  831. if ($newemail != '' && $newkey != '' && $newid != '') { 
  832. $saoptions['ga_serviceemail'] = $newemail; 
  833. $saoptions['ga_serviceid'] = $newid; 
  834. $saoptions['ga_sakey'] = $newkey; 
  835. $saoptions['ga_pkey_print'] = $newprint; 
  836. $this->save_sa_option($saoptions); 
  837. else if (($kfuerror = $kfu->getError()) != '') { 
  838. add_settings_error( 
  839. 'ga_jsonkeyfile',  
  840. $kfuerror,  
  841. self::get_error_string('ga_jsonkeyfile|'.$kfuerror),  
  842. 'error' 
  843. ); 
  844.  
  845. $newinput['ga_version'] = $this->PLUGIN_VERSION; 
  846. return $newinput; 
  847.  
  848. protected function get_error_string($fielderror) { 
  849. $local_error_strings = Array( 
  850. 'ga_clientid|tooshort_texterror' => __('The Client ID should be longer than that', 'google-apps-login') ,  
  851. 'ga_clientsecret|tooshort_texterror' => __('The Client Secret should be longer than that', 'google-apps-login'),  
  852. 'ga_serviceemail|invalid_email' => __('Service Account email must be a valid email addresses', 'google-apps-login'),  
  853. 'ga_domainadmin|invalid_email' => __('Google Apps domain admin must be a valid email address of one of your Google Apps admins', 'google-apps-login'),  
  854. 'ga_jsonkeyfile|file_upload_error' => __('Error with file upload on the server', 'google-apps-login'),  
  855. 'ga_jsonkeyfile|file_upload_error2' => __('Error with file upload on the server - file was too large', 'google-apps-login'),  
  856. 'ga_jsonkeyfile|file_upload_error6' => __('Error with file upload on the server - no temp directory exists', 'google-apps-login'),  
  857. 'ga_jsonkeyfile|file_upload_error7' => __('Error with file upload on the server - failed to write to disk', 'google-apps-login'),  
  858. 'ga_jsonkeyfile|no_content' => __('JSON key file was empty', 'google-apps-login'),  
  859. 'ga_jsonkeyfile|decode_error' => __('JSON key file could not be decoded correctly', 'google-apps-login'),  
  860. 'ga_jsonkeyfile|missing_values' => __('JSON key file does not contain all of client_email, client_id, private_key, and type', 'google-apps-login'),  
  861. 'ga_jsonkeyfile|not_serviceacct' => __('JSON key file does not represent a Service Account', 'google-apps-login'),  
  862. 'ga_jsonkeyfile|bad_pem' => __('Key cannot be coerced into a PEM key - invalid format in private_key of JSON key file', 'google-apps-login') 
  863. ); 
  864. if (isset($local_error_strings[$fielderror])) { 
  865. return $local_error_strings[$fielderror]; 
  866. return __( 'Unspecified error' , 'google-apps-login'); 
  867.  
  868. protected function get_options_name() { 
  869. return 'galogin'; 
  870.  
  871. protected function get_default_options() { 
  872. return Array('ga_version' => $this->PLUGIN_VERSION,  
  873. 'ga_clientid' => '',  
  874. 'ga_clientsecret' => '',  
  875. 'ga_ms_usesubsitecallback' => false,  
  876. 'ga_force_permissions' => false,  
  877. 'ga_auto_login' => false,  
  878. 'ga_poweredby' => false,  
  879. 'ga_rememberme' => false,  
  880. 'ga_sakey' => '',  
  881. 'ga_domainadmin' => ''); 
  882.  
  883. protected $ga_options = null; 
  884. public function get_option_galogin() { 
  885. if ($this->ga_options != null) { 
  886. return $this->ga_options; 
  887.  
  888. $option = get_site_option($this->get_options_name(), Array()); 
  889.  
  890. $default_options = $this->get_default_options(); 
  891. foreach ($default_options as $k => $v) { 
  892. if (!isset($option[$k])) { 
  893. $option[$k] = $v; 
  894.  
  895. $this->ga_options = $option; 
  896. return $this->ga_options; 
  897.  
  898. protected function save_option_galogin($option) { 
  899. update_site_option($this->get_options_name(), $option); 
  900. $this->ga_options = $option; 
  901.  
  902. // Options for service account only 
  903. protected function get_sa_options_name() { 
  904. return 'ga_serviceacct'; 
  905.  
  906. protected $ga_sa_options = null; 
  907. protected function get_sa_option() { 
  908. if ($this->ga_sa_options != null) { 
  909. return $this->ga_sa_options; 
  910.  
  911. $ga_sa_options = get_site_option($this->get_sa_options_name(), Array()); 
  912.  
  913. // Do we need to convert to separate service account settings, from older version? 
  914. if (count($ga_sa_options) == 0) { 
  915. $option = $this->get_option_galogin(); 
  916. if (isset($option['ga_keyfilepath']) || isset($option['ga_serviceemail'])) { 
  917. $this->setIncludePath(); 
  918. if (!function_exists('gal_service_account_upgrade')) { 
  919. require_once( 'service_account_upgrade.php' ); 
  920. gal_service_account_upgrade($option, $this->get_options_name(), $ga_sa_options, $this->get_sa_options_name()); 
  921. // options were updated by reference 
  922. $this->save_option_galogin($option); 
  923. $this->save_sa_option($ga_sa_options); 
  924.  
  925. // Set defaults 
  926. foreach (array('ga_sakey', 'ga_serviceemail', 'ga_serviceid', 'ga_pkey_print') as $k) { 
  927. if (!isset($ga_sa_options[$k])) { 
  928. $ga_sa_options[$k] = ''; 
  929.  
  930. $this->ga_sa_options = $ga_sa_options; 
  931. return $this->ga_sa_options; 
  932.  
  933. protected function save_sa_option($saoptions) { 
  934. update_site_option($this->get_sa_options_name(), $saoptions); 
  935. $this->ga_sa_options = $saoptions; 
  936.  
  937. public function ga_save_network_options() { 
  938. check_admin_referer( $this->get_options_pagename().'-options' ); 
  939.  
  940. if (isset($_POST[$this->get_options_name()]) && is_array($_POST[$this->get_options_name()])) { 
  941. $inoptions = $_POST[$this->get_options_name()]; 
  942. $outoptions = $this->ga_options_validate($inoptions); 
  943.  
  944. $error_code = Array(); 
  945. $error_setting = Array(); 
  946. foreach (get_settings_errors() as $e) { 
  947. if (is_array($e) && isset($e['code']) && isset($e['setting'])) { 
  948. $error_code[] = $e['code']; 
  949. $error_setting[] = $e['setting']; 
  950.  
  951. $this->save_option_galogin($outoptions); 
  952.  
  953. // redirect to settings page in network 
  954. wp_redirect( 
  955. add_query_arg( 
  956. array( 'page' => $this->get_options_menuname(),  
  957. 'updated' => true,  
  958. 'error_setting' => $error_setting,  
  959. 'error_code' => $error_code ),  
  960. network_admin_url( 'admin.php' ) 
  961. ); 
  962. exit; 
  963.  
  964. protected function calculate_instructions_url($refresh='n') { 
  965. return add_query_arg( 
  966. array( 'garedirect' => urlencode( $this->get_login_url() ),  
  967. 'gaorigin' => urlencode( (is_ssl() || force_ssl_admin() 
  968. ? 'https://' : 'http://').$_SERVER['HTTP_HOST'] ),  
  969. 'ganotms' => is_multisite() ? 'false' : 'true',  
  970. 'gar' => urlencode( $refresh ),  
  971. 'utm_source' => 'Admin%20Instructions',  
  972. 'utm_medium' => 'freemium',  
  973. 'utm_campaign' => 'Freemium' ),  
  974. $this->get_wpglogincom_baseurl() 
  975. ); 
  976.  
  977. protected function get_wpglogincom_baseurl() { 
  978. return 'http://wp-glogin.com/installing-google-apps-login/basic-setup/'; 
  979.  
  980. // Google Apps Login platform 
  981.  
  982. public function gal_get_clientid() { 
  983. $options = $this->get_option_galogin(); 
  984. return $options['ga_clientid']; 
  985.  
  986. public function get_Auth_AssertionCredentials($scopes, $sub_email='') { 
  987. $options = $this->get_option_galogin(); 
  988. $saoptions = $this->get_sa_option(); 
  989. $this->setIncludePath(); 
  990. if (!class_exists('GoogleGAL_Auth_AssertionCredentials')) { 
  991. require_once( 'Google/Auth/AssertionCredentials.php' ); 
  992.  
  993. if ($saoptions['ga_serviceemail'] == '' || $saoptions['ga_sakey'] == '') { 
  994. throw new GAL_Service_Exception('Please configure Service Account in Google Apps Login setup'); 
  995.  
  996. $cred = new GoogleGAL_Auth_AssertionCredentials( 
  997. // Replace this with the email address from the client. 
  998. $saoptions['ga_serviceemail'],  
  999. // Replace this with the scopes you are requesting. 
  1000. $scopes,  
  1001. $saoptions['ga_sakey'],  
  1002. '' 
  1003. ); 
  1004. $cred->setSignerClass('GoogleGAL_Signer_PEM'); 
  1005.  
  1006. $cred->sub = $sub_email != '' ? $sub_email : $options['ga_domainadmin']; 
  1007.  
  1008. return $cred; 
  1009.  
  1010. public function get_Google_Client() { 
  1011. $this->setIncludePath(); 
  1012. if (!class_exists('GoogleGAL_Client')) { 
  1013. require_once( 'Google/Client.php' ); 
  1014.  
  1015. $client = new GoogleGAL_Client(apply_filters('gal_client_config_ini', null)); 
  1016. $client->setApplicationName("Wordpress Site"); 
  1017. return $client; 
  1018.  
  1019. // PLUGINS PAGE 
  1020.  
  1021. public function ga_plugin_action_links( $links, $file ) { 
  1022. if ($file == $this->my_plugin_basename()) { 
  1023. $settings_link = '<a href="'.$this->get_settings_url().'">'.__( 'Settings' , 'google-apps-login').'</a>'; 
  1024. array_unshift( $links, $settings_link ); 
  1025.  
  1026. return $links; 
  1027.  
  1028. // HOOKS AND FILTERS 
  1029. // ***************** 
  1030.  
  1031. protected function add_actions() { 
  1032. add_action('plugins_loaded', array($this, 'ga_plugins_loaded')); 
  1033.  
  1034. add_action('login_enqueue_scripts', array($this, 'ga_login_styles')); 
  1035. add_action('login_form', array($this, 'ga_login_form')); 
  1036. add_filter('authenticate', array($this, 'ga_authenticate'), 5, 3); 
  1037.  
  1038. add_filter('login_redirect', array($this, 'ga_login_redirect'), 5, 3 ); 
  1039. add_action('init', array($this, 'ga_init'), 1); 
  1040.  
  1041. add_action('admin_init', array($this, 'ga_admin_init'), 5, 0); 
  1042.  
  1043. add_action(is_multisite() ? 'network_admin_menu' : 'admin_menu', array($this, 'ga_admin_menu')); 
  1044.  
  1045. add_filter('gal_get_clientid', Array($this, 'gal_get_clientid') ); 
  1046.  
  1047. if (is_multisite()) { 
  1048. add_filter('network_admin_plugin_action_links', array($this, 'ga_plugin_action_links'), 10, 2 ); 
  1049. add_action('network_admin_edit_'.$this->get_options_menuname(), array($this, 'ga_save_network_options')); 
  1050. else { 
  1051. add_filter( 'plugin_action_links', array($this, 'ga_plugin_action_links'), 10, 2 ); 
  1052.  
  1053. // Abstract 
  1054.  
  1055. protected function my_plugin_basename() { 
  1056. throw new Exception("core_google_apps_login is an abstract class"); 
  1057.  
  1058. protected function my_plugin_url() { 
  1059. throw new Exception("core_google_apps_login is an abstract class"); 
  1060.