Merge pull request #138 from dshanske/expire

Add Bulk Actions and Improve List/Token Generation

Author: dshanske

includes/class-indieauth-authorization-endpoint.php

@@ -63,7 +63,7 @@ public function register_routes() {
 	}
 
 	// Get Scope Descriptions
-	public function scopes( $scope = 'all' ) {
+	public static function scopes( $scope = 'all' ) {
 		$scopes = array(
 			// Micropub Scopes
 			'post'     => __( 'Legacy Scope (Deprecated)', 'indieauth' ),

includes/class-indieauth-token-ui.php

@@ -54,7 +54,13 @@ public function new_token() {
 			exit;
 		}
 		require ABSPATH . 'wp-admin/admin-header.php';
-		$token = self::generate_local_token( $_REQUEST['client_name'] );
+		$client_name = sanitize_text_field( $_REQUEST['client_name'] );
+		$scopes      = trim( implode( ' ', $_REQUEST['scopes'] ) );
+		if ( empty( $scopes ) ) {
+			$scopes = 'create update';
+		}
+		$scopes = sanitize_text_field( $scopes );
+		$token  = self::generate_local_token( $client_name, $scopes );
 		?>
 	<p><?php esc_html_e( 'A token has been generated and appears below. This token will not be stored anywhere. Please copy and store it.', 'indieauth' ); ?></p>
 	<h3><?php echo $token; // phpcs:ignore 
@@ -65,13 +71,13 @@ public function new_token() {
 		exit;
 	}
 
-	private function generate_local_token( $name ) {
+	private function generate_local_token( $name, $scopes ) {
 		$user_id = get_current_user_id();
 		$tokens  = new Token_User( '_indieauth_token_' );
 		$tokens->set_user( $user_id );
 		$token = array(
 			'token_type'  => 'Bearer',
-			'scope'       => 'create update',
+			'scope'       => $scopes,
 			'me'          => get_the_author_meta( 'user_url', $user_id ) ? get_the_author_meta( 'user_url', $user_id ) : get_author_posts_url( $user_id ),
 			'issued_by'   => rest_url( 'indieauth/1.0/token' ),
 			'user'        => $user_id,
@@ -96,22 +102,36 @@ public function options_form() {
 		$codes->check_expires();
 		$token_table = new Token_List_Table();
 		echo '<div class="wrap"><h2>' . esc_html__( 'Manage IndieAuth Tokens', 'indieauth' ) . '</h2>';
+		echo '<form method="get">';
+		echo '<input type="hidden" name="page" value="indieauth_user_token" />';
 		$token_table->prepare_items();
 		$token_table->display();
+		echo '</form>';
 		?>
 		</div>
 		<div> 
 		<h3><?php esc_html_e( 'Add Token', 'indieauth' ); ?></h3>
 		<form method="post" action="admin.php">
 		<label for="client_name"><?php esc_html_e( 'Name for Token', 'indieauth' ); ?></label><input type="text" class="widefat" id="client_name" name="client_name" />
-			<?php wp_nonce_field( 'indieauth_newtoken', 'indieauth_nonce' ); ?>
+		<?php wp_nonce_field( 'indieauth_newtoken', 'indieauth_nonce' ); ?>
 			<input type="hidden" name="action" id="action" value="indieauth_newtoken" />
+			<h4><?php esc_html_e( 'Scopes', 'indieauth' ); ?></h4>
+			<?php echo esc_html( $this->scopes() ); ?>
 			<p><button class="button-primary"><?php esc_html_e( 'Add New Token', 'indieauth' ); ?></button></p>
 		</form>
 		</div>
 		<?php
 	}
 
+	public function scopes() {
+		$scopes = IndieAuth_Authorization_Endpoint::scopes();
+		echo '<ul>';
+		foreach ( $scopes as $scope => $description ) {
+			printf( '<li><input type="checkbox" name="scopes[]" value="%1$s" /><strong>%1$s</strong> - %2$s</li>', esc_attr( $scope ), esc_html( $description ) );
+		}
+		echo '</ul>';
+	}
+
 	/**
 	 * Is prefix in string.
 	 *

includes/class-token-generic.php

@@ -44,7 +44,7 @@ protected function generate_token() {
 	 * @return int Timestamp when this will expire.
 	 */
 	public function expires( $expiration ) {
-		return $this->time() + $expiration;
+		return time() + $expiration;
 	}
 
 	/**
@@ -66,7 +66,7 @@ public function is_expired( $expiration ) {
 		if ( ! is_numeric( $expiration ) ) {
 			return false;
 		}
-		return ( $expiration <= $this->time() );
+		return ( $expiration <= time() );
 	}
 
 

includes/class-token-list-table.php

@@ -7,15 +7,29 @@
 class Token_List_Table extends WP_List_Table {
 	public function get_columns() {
 		return array(
+			'cb'            => '<input type="checkbox" />',
 			'client_name'   => __( 'Client Name', 'indieauth' ),
 			'client_icon'   => __( 'Client Icon', 'indieauth' ),
 			'client_id'     => __( 'Client ID', 'indieauth' ),
 			'scope'         => __( 'Scope', 'indieauth' ),
 			'issued_at'     => __( 'Issue Date', 'indieauth' ),
 			'last_accessed' => __( 'Last Accessed', 'indieauth' ),
+			'expiration'    => __( 'Expires', 'indieauth' ),
 		);
 	}
 
+	public function get_bulk_actions() {
+			  return array(
+				  'revoke'   => __( 'Revoke', 'indieauth' ),
+				  'revoke_year'  => __( 'Revoke Tokens Last Accessed 1 Year Ago or Never', 'indieauth' ),
+				  'revoke_month'  => __( 'Revoke Tokens Last Accessed 1 Month Ago or Never', 'indieauth' ),
+				  'revoke_week'  => __( 'Revoke Tokens Last Accessed 1 Week Ago or Never', 'indieauth' ),
+				  'revoke_day'  => __( 'Revoke Tokens Last Accessed 1 Day Ago or Never', 'indieauth' ),
+				  'revoke_hour'  => __( 'Revoke Tokens Last Accessed 1 Hour Ago or Never', 'indieauth' ),
+				  'cleanup' => __( 'Clean Up Expired Tokens and Authorization Codes', 'indieauth' ),
+			  );
+	}
+
 	public function get_sortable_columns() {
 		return array();
 	}
@@ -32,37 +46,95 @@ public function prepare_items() {
 			$value['token'] = $key;
 			$this->items[]  = $value;
 		}
+
 	}
 
 	public function column_default( $item, $column_name ) {
 		return $item[ $column_name ];
 	}
 
+	public function column_cb( $item ) {
+		return sprintf( '<input type="checkbox" name="tokens[]" value="%s" />', esc_attr( $item['token'] ) );
+	}
+
 	public function process_action() {
-		$tokens = isset( $_GET['tokens'] ) ? $_GET['tokens'] : array(); // phpcs:ignore
+		$tokens = isset( $_REQUEST['tokens'] ) ? $_REQUEST['tokens'] : array(); // phpcs:ignore
 		$t      = new Token_User( '_indieauth_token_', get_current_user_id() );
-		if ( 'revoke' === $this->current_action() ) {
-			if ( is_string( $tokens ) ) {
-				$t->destroy( $tokens );
-			} elseif ( is_array( $tokens ) ) {
-				foreach ( $tokens as $token ) {
-					$t->destroy( $token );
+		switch ( $this->current_action() ) {
+			case 'revoke':
+				if ( is_string( $tokens ) ) {
+					$t->destroy( $tokens );
+				} elseif ( is_array( $tokens ) ) {
+					foreach ( $tokens as $token ) {
+						$t->destroy( $token );
+					}
 				}
-			}
-		}
-		if ( 'retrieve' === $this->current_action() ) {
-			if ( is_string( $tokens ) ) {
-				$token = $t->get( $tokens, false );
-				$info  = new IndieAuth_Client_Discovery( $token['client_id'] );
-				$name  = $info->get_name();
-				if ( isset( $name ) ) {
-					$token['client_name'] = $name;
+				break;
+			case 'cleanup':
+				$t->check_expires();
+				$users = new Token_User( '_indieauth_code_', get_current_user_id() );
+				$users->destroy_all();
+				break;
+			case 'revoke_year':
+				$this->destroy_older_than( $t, 'year' );
+				break;
+			case 'revoke_month':
+				$this->destroy_older_than( $t, 'month' );
+				break;
+			case 'revoke_week':
+				$this->destroy_older_than( $t, 'week' );
+				break;
+			case 'revoke_day':
+				$this->destroy_older_than( $t, 'day' );
+				break;
+			case 'revoke_hour':
+				$this->destroy_older_than( $t, 'hour' );
+				break;
+			case 'retrieve':
+				if ( is_string( $tokens ) ) {
+					$token = $t->get( $tokens, false );
+					$info  = new IndieAuth_Client_Discovery( $token['client_id'] );
+					$name  = $info->get_name();
+					if ( isset( $name ) ) {
+						$token['client_name'] = $name;
+					}
+					$icon = $info->get_icon();
+					if ( isset( $icon ) ) {
+						$token['client_icon'] = $icon;
+					}
+					$t->update( $tokens, $token, true );
 				}
-				$icon = $info->get_icon();
-				if ( isset( $icon ) ) {
-					$token['client_icon'] = $icon;
+				break;
+		}
+	}
+
+	public function destroy_older_than( $t, $older_than = 'day' ) {
+		switch ( strtolower( $older_than ) ) {
+			case 'year':
+				$diff = YEAR_IN_SECONDS;
+				break;
+			case 'month':
+				$diff = MONTH_IN_SECONDS;
+				break;
+			case 'week':
+				$diff = WEEK_IN_SECONDS;
+				break;
+			case 'day':
+				$diff = DAY_IN_SECONDS;
+				break;
+			default:
+				$diff = HOUR_IN_SECONDS;
+		}
+		$tokens = $t->get_all();
+		foreach ( $tokens as $key => $token ) {
+			if ( ! isset( $token['last_accessed'] ) ) {
+				$t->destroy( $key );
+			} else {
+				$time      = (int) $token['last_accessed'];
+				$time_diff = time() - $time;
+				if ( $time_diff > 0 && $time_diff > $diff ) {
+					$t->destroy( $key );
 				}
-				$t->update( $tokens, $token, true );
 			}
 		}
 	}
@@ -99,6 +171,21 @@ public function column_last_accessed( $item ) {
 		return date_i18n( get_option( 'date_format' ), $time );
 	}
 
+
+	public function column_expiration( $item ) {
+		if ( ! isset( $item['expiration'] ) ) {
+			return __( 'Never', 'indieauth' );
+		}
+		$time      = (int) $item['expiration'];
+		$time_diff = time() - $time;
+		if ( $time_diff > 0 && $time_diff < DAY_IN_SECONDS ) {
+			// translators: Human time difference ago
+			return sprintf( __( '%s ago', 'indieauth' ), human_time_diff( $time ) );
+		}
+		return date_i18n( get_option( 'date_format' ), $time );
+	}
+
+
 	public function column_issued_at( $item ) {
 		return date_i18n( get_option( 'date_format' ), $item['issued_at'] );
 	}

includes/class-token-user.php

@@ -68,6 +68,24 @@ public function destroy( $key ) {
 		}
 	}
 
+	/**
+	 * Destroys all tokens
+	 *
+	 * @return boolean Return if successfully destroyed or not
+	 */
+	public function destroy_all() {
+		if ( ! $this->user_id ) {
+			return false;
+		}
+		$meta = get_user_meta( $this->user_id, '' );
+		foreach ( array_keys( $meta ) as $key ) {
+			if ( 0 === strncmp( $key, $this->prefix, strlen( $this->prefix ) ) ) {
+				delete_user_meta( $this->user_id, $key );
+			}
+		}
+	}
+
+
 	/**
 	 * Retrieves all tokens for a user
 	 *