Issues in class.jetpack-sso-notices.php - New Issues - Inspection of "Do not login in mailchimp connect flow by default" - Automattic/jetpack - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — add/e2e-mailchimp-block-test ( e217db...6066d0 )

by Yaroslav

created 2019-06-27 12:20 UTC

modules/sso/class.jetpack-sso-notices.php (1 issue)

Labels

Unused Code 1

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

if ( ! class_exists( 'Jetpack_SSO_Notices' ) ) :

/**
 * A collection of helper functions used in the SSO module.
 *
 * @since 4.4.0
 */
class Jetpack_SSO_Notices {
	/**
	 * Error message displayed on the login form when two step is required and
	 * the user's account on WordPress.com does not have two step enabled.
	 *
	 * @since 2.7
	 * @param string $message
	 * @return string
	 **/
	public static function error_msg_enable_two_step( $message ) {
		$error = sprintf(
			wp_kses(
				__(
					'Two-Step Authentication is required to access this site. Please visit your <a href="%1$s" rel="noopener noreferrer" target="_blank">Security Settings</a> to configure <a href="%2$s" rel="noopener noreferrer" target="_blank">Two-step Authentication</a> for your account.',
					'jetpack'
				),
				array(  'a' => array( 'href' => array() ) )
			),
			'https://wordpress.com/me/security/two-step',
			'https://support.wordpress.com/security/two-step-authentication/'
		);

		$message .= sprintf( '<p class="message" id="login_error">%s</p>', $error );

		return $message;
	}

	/**
	 * Error message displayed when the user tries to SSO, but match by email
	 * is off and they already have an account with their email address on
	 * this site.
	 *
	 * @param string $message
	 * @return string
	 */
	public static function error_msg_email_already_exists( $message ) {
		$error = sprintf(
			wp_kses(
				__(
					'You already have an account on this site. Please <a href="%1$s">sign in</a> with your username and password and then connect to WordPress.com.',
					'jetpack'
				),
				array(  'a' => array( 'href' => array() ) )
			),
			esc_url_raw( add_query_arg( 'jetpack-sso-show-default-form', '1', wp_login_url() ) )
		);

		$message .= sprintf( '<p class="message" id="login_error">%s</p>', $error );

		return $message;
	}

	/**
	 * Error message that is displayed when the current site is in an identity crisis and SSO can not be used.
	 *
	 * @since 4.3.2
	 *
	 * @param $message
	 *
	 * @return string
	 */
	public static function error_msg_identity_crisis( $message ) {
		$error = esc_html__( 'Logging in with WordPress.com is not currently available because this site is experiencing connection problems.', 'jetpack' );
		$message .= sprintf( '<p class="message" id="login_error">%s</p>', $error );
		return $message;
	}

	/**
	 * Error message that is displayed when we are not able to verify the SSO nonce due to an XML error or
	 * failed validation. In either case, we prompt the user to try again or log in with username and password.
	 *
	 * @since 4.3.2
	 *
	 * @param $message
	 *
	 * @return string
	 */
	public static function error_invalid_response_data( $message ) {
		$error = esc_html__(
			'There was an error logging you in via WordPress.com, please try again or try logging in with your username and password.',
			'jetpack'
		);
		$message .= sprintf( '<p class="message" id="login_error">%s</p>', $error );
		return $message;
	}

	/**
	 * Error message that is displayed when we were not able to automatically create an account for a user
	 * after a user has logged in via SSO. By default, this message is triggered after trying to create an account 5 times.
	 *
	 * @since 4.3.2
	 *
	 * @param $message
	 *
	 * @return string
	 */
	public static function error_unable_to_create_user( $message ) {
		$error = esc_html__(
			'There was an error creating a user for you. Please contact the administrator of your site.',
			'jetpack'
		);
		$message .= sprintf( '<p class="message" id="login_error">%s</p>', $error );
		return $message;
	}

	/**
	 * When the default login form is hidden, this method is called on the 'authenticate' filter with a priority of 30.
	 * This method disables the ability to submit the default login form.
	 *
	 * @param $user
	 *
	 * @return WP_Error
	 */
	public static function disable_default_login_form( $user ) {
		if ( is_wp_error( $user ) ) {
			return $user;
		}

		/**
		 * Since we're returning an error that will be shown as a red notice, let's remove the
		 * informational "blue" notice.
		 */
		remove_filter( 'login_message', array( 'Jetpack_SSO_Notices', 'msg_login_by_jetpack' ) );
		return new WP_Error( 'jetpack_sso_required', self::get_sso_required_message() );

	}

	/**
	 * Message displayed when the site admin has disabled the default WordPress
	 * login form in Settings > General > Secure Sign On
	 *
	 * @since 2.7
	 * @param string $message
	 *
	 * @return string
	 **/
	public static function msg_login_by_jetpack( $message ) {
		$message .= sprintf( '<p class="message">%s</p>', self::get_sso_required_message() );
		return $message;
	}

	public static function get_sso_required_message() {
		$msg = esc_html__(
			'A WordPress.com account is required to access this site. Click the button below to sign in or create a free WordPress.com account.',
			'jetpack'
		);

		/**
		 * Filter the message displayed when the default WordPress login form is disabled.
		 *
		 * @module sso
		 *
		 * @since 2.8.0
		 *
		 * @param string $msg Disclaimer when default WordPress login form is disabled.
		 */
		return apply_filters( 'jetpack_sso_disclaimer_message', $msg );
	}

	/**
	 * Message displayed when the user can not be found after approving the SSO process on WordPress.com
	 *
	 * @param string $message
	 * @return string
	 */
	public static function cant_find_user( $message ) {
		$error = esc_html__(
			"We couldn't find your account. If you already have an account, make sure you have connected to WordPress.com.",
			'jetpack'
		);
		$message .= sprintf( '<p class="message" id="login_error">%s</p>', $error );

		return $message;
	}

	/**
	 * Error message that is displayed when the current site is in an identity crisis and SSO can not be used.
	 *
	 * @since 4.4.0
	 *
	 * @param $message
	 *
	 * @return string
	 */
	public static function sso_not_allowed_in_staging( $message ) {
		$error = esc_html__(
			'Logging in with WordPress.com is disabled for sites that are in staging mode.',
			'jetpack'
		);
		$message .= sprintf( '<p class="message">%s</p>', $error );
		return $message;
	}
}

endif;


1			<?php
2
3			if ( ! class_exists( 'Jetpack_SSO_Notices' ) ) :
4
5			/**
6			* A collection of helper functions used in the SSO module.
7			*
8			* @since 4.4.0
9			*/
10			class Jetpack_SSO_Notices {
11			/**
12			* Error message displayed on the login form when two step is required and
13			* the user's account on WordPress.com does not have two step enabled.
14			*
15			* @since 2.7
16			* @param string $message
17			* @return string
18			**/
19			public static function error_msg_enable_two_step( $message ) {
20			$error = sprintf(
21			wp_kses(
22			__(
23			'Two-Step Authentication is required to access this site. Please visit your <a href="%1$s" rel="noopener noreferrer" target="_blank">Security Settings</a> to configure <a href="%2$s" rel="noopener noreferrer" target="_blank">Two-step Authentication</a> for your account.',
24			'jetpack'
25			),
26			array( 'a' => array( 'href' => array() ) )
27			),
28			'https://wordpress.com/me/security/two-step',
29			'https://support.wordpress.com/security/two-step-authentication/'
30			);
31
32			$message .= sprintf( '<p class="message" id="login_error">%s</p>', $error );
33
34			return $message;
35			}
36
37			/**
38			* Error message displayed when the user tries to SSO, but match by email
39			* is off and they already have an account with their email address on
40			* this site.
41			*
42			* @param string $message
43			* @return string
44			*/
45			public static function error_msg_email_already_exists( $message ) {
46			$error = sprintf(
47			wp_kses(
48			__(
49			'You already have an account on this site. Please <a href="%1$s">sign in</a> with your username and password and then connect to WordPress.com.',
50			'jetpack'
51			),
52			array( 'a' => array( 'href' => array() ) )
53			),
54			esc_url_raw( add_query_arg( 'jetpack-sso-show-default-form', '1', wp_login_url() ) )
55			);
56
57			$message .= sprintf( '<p class="message" id="login_error">%s</p>', $error );
58
59			return $message;
60			}
61
62			/**
63			* Error message that is displayed when the current site is in an identity crisis and SSO can not be used.
64			*
65			* @since 4.3.2
66			*
67			* @param $message
68			*
69			* @return string
70			*/
71			public static function error_msg_identity_crisis( $message ) {
72			$error = esc_html__( 'Logging in with WordPress.com is not currently available because this site is experiencing connection problems.', 'jetpack' );
73			$message .= sprintf( '<p class="message" id="login_error">%s</p>', $error );
74			return $message;
75			}
76
77			/**
78			* Error message that is displayed when we are not able to verify the SSO nonce due to an XML error or
79			* failed validation. In either case, we prompt the user to try again or log in with username and password.
80			*
81			* @since 4.3.2
82			*
83			* @param $message
84			*
85			* @return string
86			*/
87			public static function error_invalid_response_data( $message ) {
88			$error = esc_html__(
89			'There was an error logging you in via WordPress.com, please try again or try logging in with your username and password.',
90			'jetpack'
91			);
92			$message .= sprintf( '<p class="message" id="login_error">%s</p>', $error );
93			return $message;
94			}
95
96			/**
97			* Error message that is displayed when we were not able to automatically create an account for a user
98			* after a user has logged in via SSO. By default, this message is triggered after trying to create an account 5 times.
99			*
100			* @since 4.3.2
101			*
102			* @param $message
103			*
104			* @return string
105			*/
106			public static function error_unable_to_create_user( $message ) {
107			$error = esc_html__(
108			'There was an error creating a user for you. Please contact the administrator of your site.',
109			'jetpack'
110			);
111			$message .= sprintf( '<p class="message" id="login_error">%s</p>', $error );
112			return $message;
113			}
114
115			/**
116			* When the default login form is hidden, this method is called on the 'authenticate' filter with a priority of 30.
117			* This method disables the ability to submit the default login form.
118			*
119			* @param $user
120			*
121			* @return WP_Error
122			*/
123			public static function disable_default_login_form( $user ) {
124			if ( is_wp_error( $user ) ) {
125			return $user;
126			}
127
128			/**
129			* Since we're returning an error that will be shown as a red notice, let's remove the
130			* informational "blue" notice.
131			*/
132			remove_filter( 'login_message', array( 'Jetpack_SSO_Notices', 'msg_login_by_jetpack' ) );
133			return new WP_Error( 'jetpack_sso_required', self::get_sso_required_message() );
			0 ignored issues – show Unused Code introduced 2019-06-17 08:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this The call to `WP_Error::__construct()` has too many arguments starting with `'jetpack_sso_required'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
134			}
135
136			/**
137			* Message displayed when the site admin has disabled the default WordPress
138			* login form in Settings > General > Secure Sign On
139			*
140			* @since 2.7
141			* @param string $message
142			*
143			* @return string
144			**/
145			public static function msg_login_by_jetpack( $message ) {
146			$message .= sprintf( '<p class="message">%s</p>', self::get_sso_required_message() );
147			return $message;
148			}
149
150			public static function get_sso_required_message() {
151			$msg = esc_html__(
152			'A WordPress.com account is required to access this site. Click the button below to sign in or create a free WordPress.com account.',
153			'jetpack'
154			);
155
156			/**
157			* Filter the message displayed when the default WordPress login form is disabled.
158			*
159			* @module sso
160			*
161			* @since 2.8.0
162			*
163			* @param string $msg Disclaimer when default WordPress login form is disabled.
164			*/
165			return apply_filters( 'jetpack_sso_disclaimer_message', $msg );
166			}
167
168			/**
169			* Message displayed when the user can not be found after approving the SSO process on WordPress.com
170			*
171			* @param string $message
172			* @return string
173			*/
174			public static function cant_find_user( $message ) {
175			$error = esc_html__(
176			"We couldn't find your account. If you already have an account, make sure you have connected to WordPress.com.",
177			'jetpack'
178			);
179			$message .= sprintf( '<p class="message" id="login_error">%s</p>', $error );
180
181			return $message;
182			}
183
184			/**
185			* Error message that is displayed when the current site is in an identity crisis and SSO can not be used.
186			*
187			* @since 4.4.0
188			*
189			* @param $message
190			*
191			* @return string
192			*/
193			public static function sso_not_allowed_in_staging( $message ) {
194			$error = esc_html__(
195			'Logging in with WordPress.com is disabled for sites that are in staging mode.',
196			'jetpack'
197			);
198			$message .= sprintf( '<p class="message">%s</p>', $error );
199			return $message;
200			}
201			}
202
203			endif;
204

Automattic / jetpack

Push — add/e2e-mailchimp-block-test ( e217db...6066d0 )

modules/sso/class.jetpack-sso-notices.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like