Skip to content

Commit

Permalink
Updated handling of session-error when getting back to landing page
Browse files Browse the repository at this point in the history
  • Loading branch information
mangrose committed Jul 19, 2024
1 parent 934f2e9 commit 507b3fe
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 5 deletions.
7 changes: 7 additions & 0 deletions includes/class-tulo-payway-sso2-api.php
Original file line number Diff line number Diff line change
Expand Up @@ -345,6 +345,7 @@ protected function identify_session() {
$this->common->write_log($payload);

$token = JWT::encode($payload, $client_secret, 'HS256');
$this->common->write_log("identify token: ".$token);
$protocol = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) ? 'https' : 'http';
$continueUrl = sprintf("%s://%s%s", $protocol, $_SERVER["HTTP_HOST"], $_SERVER["REQUEST_URI"]);

Expand Down Expand Up @@ -801,7 +802,13 @@ private function set_sso_session_time() {

protected function set_session_error($error) {
$data = ["error" => $error];
$this->common->write_log("!! Got token error establishing session: ".$error);
$this->set_cookie("tpw_session_error", json_encode($data), time() + 60);
// also remove other cookies that might have been previously set.
$this->delete_cookie("tpw_session_established");
$this->delete_cookie("tpw_sso");
$this->delete_cookie("tpw_id");
$this->delete_cookie("tpw_sso_session_time");
}

public function has_session_error() {
Expand Down
14 changes: 11 additions & 3 deletions landing.php
Original file line number Diff line number Diff line change
Expand Up @@ -33,17 +33,25 @@ function write_log($log) {
if (isset($payload)) {
if (isset($payload->err)) {
write_log("Error in JWT from Payway! Message: ".$payload->err);
$session->register_session_error($payload->err);
$session->register_session_error($payload->err);
if (strpos($redirect_url, "tpw") === false) {
if (strpos($redirect_url, "?") === false) {
$redirect_url .= "?tpw=".time();
} else {
$redirect_url .= "&tpw=".time();
}
}
} else {
write_log("Decode OK, payload: ".json_encode($payload));
$session->register($payload);
}
}
write_log("Redirecting to: ".$redirect_url);
header("Location: ".$redirect_url);
} catch(Firebase\JWT\ExpiredException $e) {
// we land here if the JWT token can not be decoded properly, in this case some claims have expired.
} catch(Exception $e) {
// we land here if the JWT token can not be decoded properly, in this case some claims have expired.
write_log("Could not decode JWT from Payway! Message: ".$e->getMessage());
write_log("Token: ".$token);
}

die();
Expand Down
4 changes: 2 additions & 2 deletions wp-tulo-payway.php
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,13 @@
* that starts the plugin.
*
* @link https://adeprimo.se
* @since 1.2.4.1-beta
* @since 1.2.5.0-cookie-beta2
* @package Tulo_Payway_Server
*
* @wordpress-plugin
* Plugin Name: Tulo Payway Connector for Wordpress
* Description: This plugin integrates with the SSO2 single sign on solution in Tulo Payway. Now with support for Tulo Paywall.
* Version: 1.2.5.0-cookie-beta1
* Version: 1.2.5.0-cookie-beta2
* Author: Adeprimo AB
* Author URI: https://adeprimo.se
* Text Domain: tulo
Expand Down

0 comments on commit 507b3fe

Please sign in to comment.