From a09ef68469c92e646327a5bbaffe6fc2d2740a57 Mon Sep 17 00:00:00 2001 From: Utsav-Ladani <201901076@daiict.ac.in> Date: Fri, 9 Jun 2023 11:45:34 +0530 Subject: [PATCH 1/9] Replace the FILTER_SANITIZE_STRING with FILTER_SANITIZE_FULL_SPECIAL_CHARS to resolve PHP@8.1 deprecation error. --- src/Modules/Login.php | 8 ++++---- src/Modules/OneTapLogin.php | 4 ++-- src/Utils/Helper.php | 2 +- tests/php/Unit/Modules/LoginTest.php | 26 +++++++++++++------------- 4 files changed, 20 insertions(+), 20 deletions(-) diff --git a/src/Modules/Login.php b/src/Modules/Login.php index 5e1a78fe..fc805d09 100644 --- a/src/Modules/Login.php +++ b/src/Modules/Login.php @@ -119,13 +119,13 @@ public function authenticate( $user = null ) { return $user; } - $code = Helper::filter_input( INPUT_GET, 'code', FILTER_SANITIZE_STRING ); + $code = Helper::filter_input( INPUT_GET, 'code', FILTER_SANITIZE_FULL_SPECIAL_CHARS ); if ( ! $code ) { return $user; } - $state = Helper::filter_input( INPUT_GET, 'state', FILTER_SANITIZE_STRING ); + $state = Helper::filter_input( INPUT_GET, 'state', FILTER_SANITIZE_FULL_SPECIAL_CHARS ); $decoded_state = $state ? (array) ( json_decode( base64_decode( $state ) ) ) : null; if ( ! is_array( $decoded_state ) || empty( $decoded_state['provider'] ) || 'google' !== $decoded_state['provider'] ) { @@ -198,7 +198,7 @@ public function redirect_url( string $url ): string { * @return array */ public function state_redirect( array $state ): array { - $redirect_to = Helper::filter_input( INPUT_GET, 'redirect_to', FILTER_SANITIZE_STRING ); + $redirect_to = Helper::filter_input( INPUT_GET, 'redirect_to', FILTER_SANITIZE_FULL_SPECIAL_CHARS ); /** * Filter the default redirect URL in case redirect_to param is not available. * Default to admin URL. @@ -216,7 +216,7 @@ public function state_redirect( array $state ): array { * @return void */ public function login_redirect(): void { - $state = Helper::filter_input( INPUT_GET, 'state', FILTER_SANITIZE_STRING ); + $state = Helper::filter_input( INPUT_GET, 'state', FILTER_SANITIZE_FULL_SPECIAL_CHARS ); if ( ! $state || ! $this->authenticated ) { return; diff --git a/src/Modules/OneTapLogin.php b/src/Modules/OneTapLogin.php index 63251e30..100b638b 100644 --- a/src/Modules/OneTapLogin.php +++ b/src/Modules/OneTapLogin.php @@ -162,7 +162,7 @@ public function one_tap_scripts(): void { */ public function validate_token(): void { try { - $token = Helper::filter_input( INPUT_POST, 'token', FILTER_SANITIZE_STRING ); + $token = Helper::filter_input( INPUT_POST, 'token', FILTER_SANITIZE_FULL_SPECIAL_CHARS ); $verified = $this->token_verifier->verify_token( $token ); if ( ! $verified ) { @@ -179,7 +179,7 @@ public function validate_token(): void { do_action( 'rtcamp.id_token_verified' ); $redirect_to = apply_filters( 'rtcamp.google_default_redirect', admin_url() ); - $state = Helper::filter_input( INPUT_POST, 'state', FILTER_SANITIZE_STRING ); + $state = Helper::filter_input( INPUT_POST, 'state', FILTER_SANITIZE_FULL_SPECIAL_CHARS ); $decoded_state = $state ? (array) ( json_decode( base64_decode( $state ) ) ) : null; if ( is_array( $decoded_state ) && ! empty( $decoded_state['provider'] ) && 'google' === $decoded_state['provider'] ) { diff --git a/src/Utils/Helper.php b/src/Utils/Helper.php index 3961660b..1ef09ef7 100644 --- a/src/Utils/Helper.php +++ b/src/Utils/Helper.php @@ -87,7 +87,7 @@ public static function filter_input( $type, $variable_name, $filter = FILTER_DEF * Use the PHP method and bail out. */ switch ( $filter ) { - case FILTER_SANITIZE_STRING: + case FILTER_SANITIZE_FULL_SPECIAL_CHARS: $sanitized_variable = filter_input( $type, $variable_name, $filter ); break; default: diff --git a/tests/php/Unit/Modules/LoginTest.php b/tests/php/Unit/Modules/LoginTest.php index 94c5b958..b1b900b9 100644 --- a/tests/php/Unit/Modules/LoginTest.php +++ b/tests/php/Unit/Modules/LoginTest.php @@ -146,7 +146,7 @@ public function testAuthenticationForNoCode() { [ INPUT_GET, 'code', - FILTER_SANITIZE_STRING + FILTER_SANITIZE_FULL_SPECIAL_CHARS ] )->andReturn( null ); @@ -168,7 +168,7 @@ public function testAuthenticationForAlreadyAuthenticatedUser() { [ INPUT_GET, 'code', - FILTER_SANITIZE_STRING + FILTER_SANITIZE_FULL_SPECIAL_CHARS ] )->andReturn( null ); @@ -194,7 +194,7 @@ public function testAuthenticationForDifferentProvider() { [ INPUT_GET, 'code', - FILTER_SANITIZE_STRING + FILTER_SANITIZE_FULL_SPECIAL_CHARS ] )->andReturn( 'test_code' ); @@ -202,7 +202,7 @@ public function testAuthenticationForDifferentProvider() { [ INPUT_GET, 'state', - FILTER_SANITIZE_STRING + FILTER_SANITIZE_FULL_SPECIAL_CHARS ] )->andReturn( $state ); @@ -224,7 +224,7 @@ public function testAuthenticationWithForgedState() { [ INPUT_GET, 'code', - FILTER_SANITIZE_STRING + FILTER_SANITIZE_FULL_SPECIAL_CHARS ] )->andReturn( 'abc' ); @@ -232,7 +232,7 @@ public function testAuthenticationWithForgedState() { [ INPUT_GET, 'state', - FILTER_SANITIZE_STRING + FILTER_SANITIZE_FULL_SPECIAL_CHARS ] )->andReturn( 'eyJwcm92aWRlciI6ImdpdGh1YiJ9' ); @@ -251,7 +251,7 @@ public function testAuthenticationWhenUserExists() { [ INPUT_GET, 'code', - FILTER_SANITIZE_STRING + FILTER_SANITIZE_FULL_SPECIAL_CHARS ] )->andReturn( 'abc' ); @@ -259,7 +259,7 @@ public function testAuthenticationWhenUserExists() { [ INPUT_GET, 'state', - FILTER_SANITIZE_STRING + FILTER_SANITIZE_FULL_SPECIAL_CHARS ] )->andReturn( 'eyJwcm92aWRlciI6Imdvb2dsZSIsIm5vbmNlIjoidGVzdG5vbmNlIn0=' ); @@ -310,7 +310,7 @@ public function testAuthenticationCapturesExceptions() { [ INPUT_GET, 'code', - FILTER_SANITIZE_STRING + FILTER_SANITIZE_FULL_SPECIAL_CHARS ] )->andReturn( 'abc' ); @@ -318,7 +318,7 @@ public function testAuthenticationCapturesExceptions() { [ INPUT_GET, 'state', - FILTER_SANITIZE_STRING + FILTER_SANITIZE_FULL_SPECIAL_CHARS ] )->andReturn( 'eyJwcm92aWRlciI6Imdvb2dsZSIsIm5vbmNlIjoidGVzdG5vbmNlIn0=' ); @@ -412,7 +412,7 @@ public function testStateRedirectWithRedirectTo() { [ INPUT_GET, 'redirect_to', - FILTER_SANITIZE_STRING + FILTER_SANITIZE_FULL_SPECIAL_CHARS ] )->andReturn( 'https://example.com/state-page' ); @@ -431,7 +431,7 @@ public function testStateRedirectWithoutRedirectTo() { [ INPUT_GET, 'redirect_to', - FILTER_SANITIZE_STRING + FILTER_SANITIZE_FULL_SPECIAL_CHARS ] )->andReturn( null ); @@ -457,7 +457,7 @@ public function testLoginRedirectWithNotStateAuthenticated() { [ INPUT_GET, 'state', - FILTER_SANITIZE_STRING + FILTER_SANITIZE_FULL_SPECIAL_CHARS ] )->andReturn( [] ); From 4fe8b700103be17fd33c914496f2ab4a704e11a2 Mon Sep 17 00:00:00 2001 From: thelovekesh Date: Mon, 12 Jun 2023 15:25:06 +0530 Subject: [PATCH 2/9] Update phpcs config args to hide progress --- phpcs.xml | 73 +++++++++++++++++++++++++++++-------------------------- 1 file changed, 38 insertions(+), 35 deletions(-) diff --git a/phpcs.xml b/phpcs.xml index 9fea8e34..d817028b 100644 --- a/phpcs.xml +++ b/phpcs.xml @@ -1,46 +1,39 @@ - + - src - login-with-google.php + src + login-with-google.php - - - - - - - - - - - + + + + - - tests/* - + + tests/* + - + - - tests/* - + + tests/* + - - - - - - - + + + + + + + @@ -49,12 +42,22 @@ - + + + + + . + + + + + + - */vendor/* - */node_modules/* - /lib/* - */tests/* - */.github/* - */.scripts/* + */vendor/* + */node_modules/* + /lib/* + */tests/* + */.github/* + */.scripts/* From 577d27a69719422b96dd23176b593aac0579cda3 Mon Sep 17 00:00:00 2001 From: thelovekesh Date: Mon, 12 Jun 2023 13:31:46 +0530 Subject: [PATCH 3/9] Add phpcs config with WordPress Coding Standards to be run with PHP 7.4 --- phpcs.wp.xml | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 phpcs.wp.xml diff --git a/phpcs.wp.xml b/phpcs.wp.xml new file mode 100644 index 00000000..30c9306c --- /dev/null +++ b/phpcs.wp.xml @@ -0,0 +1,52 @@ + + + + + + src + login-with-google.php + + + + + + + + + + + + + + + tests/* + + + + + + + + + + + + + + + + + + + + + + + + */vendor/* + */node_modules/* + /lib/* + */tests/* + */.github/* + */.scripts/* + From 703fa48971d4f669287a530ce1f134a6f7ac6b03 Mon Sep 17 00:00:00 2001 From: thelovekesh Date: Mon, 12 Jun 2023 15:41:28 +0530 Subject: [PATCH 4/9] Update PHPCS args --- phpcs.wp.xml | 67 +++++++++++++++++++++++++++------------------------- 1 file changed, 35 insertions(+), 32 deletions(-) diff --git a/phpcs.wp.xml b/phpcs.wp.xml index 30c9306c..14d571ef 100644 --- a/phpcs.wp.xml +++ b/phpcs.wp.xml @@ -1,40 +1,33 @@ - + - - - src - login-with-google.php + - - + src + login-with-google.php - - - - - - - - + + + + - - tests/* - + + tests/* + - + - - - - - - - + + + + + + + @@ -43,10 +36,20 @@ - */vendor/* - */node_modules/* - /lib/* - */tests/* - */.github/* - */.scripts/* + + + . + + + + + + + + */vendor/* + */node_modules/* + /lib/* + */tests/* + */.github/* + */.scripts/* From 061024e7b0f1866cf37595c0122062099f7e4642 Mon Sep 17 00:00:00 2001 From: thelovekesh Date: Mon, 12 Jun 2023 15:42:11 +0530 Subject: [PATCH 5/9] Update wpcs phpcs config file name to phpcs.wpcs.xml --- phpcs.wp.xml => phpcs.wpcs.xml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename phpcs.wp.xml => phpcs.wpcs.xml (100%) diff --git a/phpcs.wp.xml b/phpcs.wpcs.xml similarity index 100% rename from phpcs.wp.xml rename to phpcs.wpcs.xml From 7583691400e33369bd98885a0e9c01a9d93eac84 Mon Sep 17 00:00:00 2001 From: thelovekesh Date: Mon, 12 Jun 2023 13:34:30 +0530 Subject: [PATCH 6/9] Add step in PHPCS workflow to run WPCS with PHP 7.4 --- .github/workflows/phpcs_on_pull_request.yml | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/.github/workflows/phpcs_on_pull_request.yml b/.github/workflows/phpcs_on_pull_request.yml index ba827aa1..c9408198 100644 --- a/.github/workflows/phpcs_on_pull_request.yml +++ b/.github/workflows/phpcs_on_pull_request.yml @@ -5,11 +5,21 @@ jobs: name: Run PHPCS inspection runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 with: ref: ${{ github.event.pull_request.head.sha }} - - name: Run PHPCS inspection + + - name: Run PHPCS inspection with PHP 8.1 uses: rtCamp/action-phpcs-code-review@master env: SKIP_FOLDERS: "tests,.github" GH_BOT_TOKEN: ${{ secrets.RTBOT_TOKEN }} + + # Remove this step once WordPress Coding Standards supports PHP 8.0+. + - name: Run PHPCS inspection with PHP 7.4 + uses: rtCamp/action-phpcs-code-review@master + env: + SKIP_FOLDERS: "tests,.github" + PHPCS_PHP_VERSION: "7.4" + PHPCS_STANDARD_FILE_NAME: "phpcs.wp.xml" + GH_BOT_TOKEN: ${{ secrets.RTBOT_TOKEN }} From 2112ebb2dca9746207c23becf869545e5cac0a1c Mon Sep 17 00:00:00 2001 From: thelovekesh Date: Mon, 12 Jun 2023 15:43:50 +0530 Subject: [PATCH 7/9] Update wpcs phpcs config file name in phpcs workflow --- .github/workflows/phpcs_on_pull_request.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/phpcs_on_pull_request.yml b/.github/workflows/phpcs_on_pull_request.yml index c9408198..b81c19a6 100644 --- a/.github/workflows/phpcs_on_pull_request.yml +++ b/.github/workflows/phpcs_on_pull_request.yml @@ -21,5 +21,5 @@ jobs: env: SKIP_FOLDERS: "tests,.github" PHPCS_PHP_VERSION: "7.4" - PHPCS_STANDARD_FILE_NAME: "phpcs.wp.xml" + PHPCS_STANDARD_FILE_NAME: "phpcs.wpcs.xml" GH_BOT_TOKEN: ${{ secrets.RTBOT_TOKEN }} From 080de0eb7e37f127c33b0c1c4dc897a2508a2ebe Mon Sep 17 00:00:00 2001 From: thelovekesh Date: Mon, 12 Jun 2023 13:32:45 +0530 Subject: [PATCH 8/9] Update main PHPCS config to ignore WordPress CS due to incompatibility with PHP 8.0+ --- phpcs.xml | 47 ++++++++++++++++++++++++----------------------- 1 file changed, 24 insertions(+), 23 deletions(-) diff --git a/phpcs.xml b/phpcs.xml index d817028b..147323e5 100644 --- a/phpcs.xml +++ b/phpcs.xml @@ -8,39 +8,40 @@ src login-with-google.php - - - - + + - - + + - - tests/* - - - - - - - - - + - + + + + tests/* + From eaf0d9c135342e8defa00ae278df3e3339da9ce7 Mon Sep 17 00:00:00 2001 From: Utsav-Ladani <201901076@daiict.ac.in> Date: Tue, 13 Jun 2023 11:10:15 +0530 Subject: [PATCH 9/9] Ignore PHPCS warnings. --- src/Modules/Login.php | 2 +- src/Modules/OneTapLogin.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Modules/Login.php b/src/Modules/Login.php index fc805d09..e4a442d2 100644 --- a/src/Modules/Login.php +++ b/src/Modules/Login.php @@ -126,7 +126,7 @@ public function authenticate( $user = null ) { } $state = Helper::filter_input( INPUT_GET, 'state', FILTER_SANITIZE_FULL_SPECIAL_CHARS ); - $decoded_state = $state ? (array) ( json_decode( base64_decode( $state ) ) ) : null; + $decoded_state = $state ? (array) ( json_decode( base64_decode( $state ) ) ) : null; // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_decode if ( ! is_array( $decoded_state ) || empty( $decoded_state['provider'] ) || 'google' !== $decoded_state['provider'] ) { return $user; diff --git a/src/Modules/OneTapLogin.php b/src/Modules/OneTapLogin.php index 100b638b..9f455008 100644 --- a/src/Modules/OneTapLogin.php +++ b/src/Modules/OneTapLogin.php @@ -180,7 +180,7 @@ public function validate_token(): void { $redirect_to = apply_filters( 'rtcamp.google_default_redirect', admin_url() ); $state = Helper::filter_input( INPUT_POST, 'state', FILTER_SANITIZE_FULL_SPECIAL_CHARS ); - $decoded_state = $state ? (array) ( json_decode( base64_decode( $state ) ) ) : null; + $decoded_state = $state ? (array) ( json_decode( base64_decode( $state ) ) ) : null; // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_decode if ( is_array( $decoded_state ) && ! empty( $decoded_state['provider'] ) && 'google' === $decoded_state['provider'] ) { $redirect_to = $decoded_state['redirect_to'] ?? $redirect_to;