wp_is_authorize_application_password_request_valid() WordPress Function

The wp_is_authorize_application_password_request_valid() function is used to check if a given application password request is valid. This is used to make sure that only authorized requests are able to generate new application passwords.

wp_is_authorize_application_password_request_valid( array $request, WP_User $user ) #

Checks if the Authorize Application Password request is valid.

Contents

Parameters

$request

(array)(Required)The array of request data. All arguments are optional and may be empty.

  • 'app_name'
    (string) The suggested name of the application.
  • 'app_id'
    (string) A UUID provided by the application to uniquely identify it.
  • 'success_url'
    (string) The URL the user will be redirected to after approving the application.
  • 'reject_url'
    (string) The URL the user will be redirected to after rejecting the application.

$user

(WP_User)(Required)The user authorizing the application.

Top ↑

Return

(true|WP_Error) True if the request is valid, a WP_Error object contains errors if not.

Top ↑

Source

File: wp-admin/includes/user.php

function wp_is_authorize_application_password_request_valid( $request, $user ) {
	$error = new WP_Error();

	if ( ! empty( $request['success_url'] ) ) {
		$scheme = wp_parse_url( $request['success_url'], PHP_URL_SCHEME );

		if ( 'http' === $scheme ) {
			$error->add(
				'invalid_redirect_scheme',
				__( 'The success URL must be served over a secure connection.' )
			);
		}
	}

	if ( ! empty( $request['reject_url'] ) ) {
		$scheme = wp_parse_url( $request['reject_url'], PHP_URL_SCHEME );

		if ( 'http' === $scheme ) {
			$error->add(
				'invalid_redirect_scheme',
				__( 'The rejection URL must be served over a secure connection.' )
			);
		}
	}

	if ( ! empty( $request['app_id'] ) && ! wp_is_uuid( $request['app_id'] ) ) {
		$error->add(
			'invalid_app_id',
			__( 'The application ID must be a UUID.' )
		);
	}

	/**
	 * Fires before application password errors are returned.
	 *
	 * @since 5.6.0
	 *
	 * @param WP_Error $error   The error object.
	 * @param array    $request The array of request data.
	 * @param WP_User  $user    The user authorizing the application.
	 */
	do_action( 'wp_authorize_application_password_request_errors', $error, $request, $user );

	if ( $error->has_errors() ) {
		return $error;
	}

	return true;
}

Expand full source codeCollapse full source codeView on TracView on GitHub

Top ↑

Top ↑

Uses

Uses
UsesDescription
wp-admin/includes/user.php:wp_authorize_application_password_request_errors

Fires before application password errors are returned.

wp-includes/functions.php:wp_is_uuid()

Validates that a UUID is valid.

wp-includes/http.php:wp_parse_url()

A wrapper for PHP’s parse_url() function that handles consistency in the return values across PHP versions.

wp-includes/l10n.php:__()

Retrieve the translation of $text.

wp-includes/plugin.php:do_action()

Calls the callback functions that have been added to an action hook.

wp-includes/class-wp-error.php:WP_Error::__construct()

Initializes the error.

Show 1 more useHide more uses

Top ↑

Changelog

Changelog
VersionDescription
5.6.0Introduced.
Download the latest version of WordPress from https://wordpress.org/

The content displayed on this page has been created in part by processing WordPress source code files which are made available under the GPLv2 (or a later version) license by theĀ Free Software Foundation. In addition to this, the content includes user-written examples and information. All material is subject to review and curation by the WPPaste.com community.