Skip to content

Commit

Permalink
wip: go through our server
Browse files Browse the repository at this point in the history
  • Loading branch information
@ilicfilip
ilicfilip committed Dec 31, 2024
1 parent 6bff7ad commit 73ccf30
Show file tree
Hide file tree
Showing 2 changed files with 43 additions and 31 deletions.
50 changes: 19 additions & 31 deletions classes/admin/class-slack-settings.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,35 +13,39 @@
class Slack_Settings {

/**
* The Slack client ID.
* The Progress Planner API root URL.
*
* @var string
*/
const CLIENT_ID = '3300596017925.8228567943589';
const API_ROOT = 'https://prpl.fyi/api/v1';

/**
* The Slack client secret.
* The Progress Planner OAuth endpoint.
*
* @var string
*/
const CLIENT_SECRET = '79dfe36cd83b4be906d1c8f5906923be';
const OAUTH_ENDPOINT = '/slack/oauth';

/**
* The redirect URI for the Slack OAuth callback.
* Get the authorization URL for Slack OAuth.
*
* @var string
* @return string
*/
public $redirect_uri;
private function get_auth_url() {
$site_url = \admin_url( 'admin.php?page=progress-planner-slack' );
$params = [
'site_url' => \rawurlencode( $site_url ),
'site_name' => \rawurlencode( \get_bloginfo( 'name' ) ),
];

return self::API_ROOT . self::OAUTH_ENDPOINT . '?' . \http_build_query( $params );
}

/**
* Constructor.
*/
public function __construct() {

$this->redirect_uri = \defined( 'PROGRESS_PLANNER_SLACK_DEBUG' ) && \PROGRESS_PLANNER_SLACK_DEBUG
? 'https://a549-146-212-36-44.ngrok-free.app/wp-admin/admin.php?page=progress-planner-slack&slack_oauth=1'
: admin_url( 'admin.php?page=progress-planner-slack&slack_oauth=1' );

// Add the admin submenu page.
\add_action( 'admin_menu', [ $this, 'add_admin_menu_page' ], 99 );
\add_action( 'admin_init', [ $this, 'handle_oauth_callback' ] );
Expand Down Expand Up @@ -71,28 +75,12 @@ public function add_admin_menu_page() {
* Handle the OAuth callback from Slack.
*/
public function handle_oauth_callback() {
if ( ! isset( $_GET['slack_oauth'] ) || ! isset( $_GET['code'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended
if ( ! isset( $_GET['slack_token'] ) ) {
return;
}

$response = wp_remote_post(
'https://slack.com/api/oauth.v2.access',
[
'body' => [
'client_id' => self::CLIENT_ID,
'client_secret' => self::CLIENT_SECRET,
'code' => sanitize_text_field( wp_unslash( $_GET['code'] ) ), // phpcs:ignore WordPress.Security.NonceVerification.Recommended
'redirect_uri' => $this->redirect_uri,
],
]
);

if ( ! is_wp_error( $response ) ) {
$body = json_decode( wp_remote_retrieve_body( $response ), true );
if ( ! empty( $body['access_token'] ) ) {
update_option( 'slack_access_token', $body['access_token'] );
}
}
$token = sanitize_text_field( wp_unslash( $_GET['slack_token'] ) );
update_option( 'slack_access_token', $token );

wp_safe_redirect( admin_url( 'admin.php?page=progress-planner-slack' ) );
exit;
Expand Down Expand Up @@ -136,7 +124,7 @@ public function render_page() {
<?php if ( empty( $access_token ) ) : ?>
<p><?php esc_html_e( 'Not connected to Slack', 'progress-planner' ); ?></p>
<?php
$auth_url = 'https://slack.com/oauth/v2/authorize?client_id=' . self::CLIENT_ID . '&scope=chat:write,channels:read&redirect_uri=' . rawurlencode( $this->redirect_uri );
$auth_url = $this->get_auth_url();
?>
<p>
<a href="<?php echo esc_url( $auth_url ); ?>" class="button button-primary">
Expand Down
24 changes: 24 additions & 0 deletions classes/class-slack-notification.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,12 +20,20 @@ class Slack_Notification {
*/
public static function send_notification( $message ) {
$access_token = get_option( 'slack_access_token' );
$access_token = self::decrypt_token( $access_token );
$channel = get_option( 'slack_channel' );

if ( empty( $access_token ) || empty( $channel ) ) {
return false;
}

// Update last used timestamp on progressplanner.com

Check failure on line 30 in classes/class-slack-notification.php

View workflow job for this annotation

GitHub Actions / Check code style 

Inline comments must end in full-stops, exclamation marks, or question marks
wp_remote_post( 'https://prpl.fyi/api/v1/slack/ping', [

Check failure on line 31 in classes/class-slack-notification.php

View workflow job for this annotation

GitHub Actions / Check code style 

Opening parenthesis of a multi-line function call must be the last content on the line

Check failure on line 31 in classes/class-slack-notification.php

View workflow job for this annotation

GitHub Actions / Check code style 

Only one argument is allowed per line in a multi-line function call
'body' => [
'site_url' => admin_url(),
],
] );

Check failure on line 35 in classes/class-slack-notification.php

View workflow job for this annotation

GitHub Actions / Check code style 

Closing parenthesis of a multi-line function call must be on a line by itself

$response = wp_remote_post(
'https://slack.com/api/chat.postMessage',
[
Expand Down Expand Up @@ -55,4 +63,20 @@ public static function send_notification( $message ) {

return ! empty( $body['ok'] );
}

/**
* Decrypt the stored token.
*
* @param string $encrypted_token The encrypted token.
* @return string
*/
private static function decrypt_token( $encrypted_token ) {
$data = base64_decode( $encrypted_token );
$iv_length = openssl_cipher_iv_length( 'aes-256-cbc' );

$iv = substr( $data, 0, $iv_length );
$encrypted = substr( $data, $iv_length );

return openssl_decrypt( $encrypted, 'aes-256-cbc', ENCRYPTION_KEY, 0, $iv );
}
}

0 comments on commit 73ccf30

Please sign in to comment.