wp_is_authorize_application_password_request_valid() – Checks if the Authorize Application Password request is valid.

You appear to be a bot. Output may be restricted

Description

Checks if the Authorize Application Password request is valid.

Usage

$true|WP_Error = wp_is_authorize_application_password_request_valid( $request, $user );

Parameters

$request
( array ) required – { The array of request data. All arguments are optional and may be empty.
$app_name
( string ) required – The suggested name of the application.
$app_id
( string ) required – A UUID provided by the application to uniquely identify it.
$success_url
( string ) required – The URL the user will be redirected to after approving the application.
$reject_url
( string ) required – The URL the user will be redirected to after rejecting the application. }
$user
( WP_User ) required – The user authorizing the application.

Returns

true|WP_Error True if the request is valid, a WP_Error object contains errors if not.

Source

File name: wordpress/wp-admin/includes/user.php
Lines:

1 to 50 of 50
function wp_is_authorize_application_password_request_valid( $request, $user ) {
  $error    = new WP_Error();
  $is_local = 'local' === wp_get_environment_type();

  if ( ! empty( $request['success_url'] ) ) {
    $scheme = wp_parse_url( $request['success_url'], PHP_URL_SCHEME );

    if ( 'http' === $scheme && ! $is_local ) {
      $error->add(
        'invalid_redirect_scheme',
        __( 'The success URL must be served over a secure connection.' )
      );
    }
  }

  if ( ! empty( $request['reject_url'] ) ) {
    $scheme = wp_parse_url( $request['reject_url'], PHP_URL_SCHEME );

    if ( 'http' === $scheme && ! $is_local ) {
      $error->add(
        'invalid_redirect_scheme',
        __( 'The rejection URL must be served over a secure connection.' )
      );
    }
  }

  if ( ! empty( $request['app_id'] ) && ! wp_is_uuid( $request['app_id'] ) ) {
    $error->add(
      'invalid_app_id',
      __( 'The application ID must be a UUID.' )
    );
  }

  
/**
 * Fires before application password errors are returned.
 *
 * @since 5.6.0
 *
 * @param WP_Error $error   The error object.
 * @param array    $request The array of request data.
 * @param WP_User  $user    The user authorizing the application.
 */
  do_action( 'wp_authorize_application_password_request_errors', $error, $request, $user );

  if ( $error->has_errors() ) {
    return $error;
  }

  return true;
}
 

 View on GitHub View on Trac