From 0d40cf42c1dacf9daf07ba94f142656bc445fae1 Mon Sep 17 00:00:00 2001 From: Mukesh Panchal Date: Sun, 5 Oct 2025 10:03:48 +0530 Subject: [PATCH 1/3] Refactor application authorization logic and UI --- src/wp-admin/authorize-application.php | 127 +++++++++++-------------- 1 file changed, 53 insertions(+), 74 deletions(-) diff --git a/src/wp-admin/authorize-application.php b/src/wp-admin/authorize-application.php index 8d931f46666a2..367aeec3cba09 100644 --- a/src/wp-admin/authorize-application.php +++ b/src/wp-admin/authorize-application.php @@ -11,29 +11,21 @@ $error = null; $new_password = ''; +$user = wp_get_current_user(); // This is the no-js fallback script. Generally this will all be handled by `auth-app.js`. if ( isset( $_POST['action'] ) && 'authorize_application_password' === $_POST['action'] ) { check_admin_referer( 'authorize_application_password' ); - $success_url = $_POST['success_url']; - $reject_url = $_POST['reject_url']; - $app_name = $_POST['app_name']; - $app_id = $_POST['app_id']; - $redirect = ''; - + $redirect = ''; if ( isset( $_POST['reject'] ) ) { - if ( $reject_url ) { - $redirect = $reject_url; - } else { - $redirect = admin_url(); - } + $redirect = $_POST['reject_url'] ?? admin_url(); } elseif ( isset( $_POST['approve'] ) ) { $created = WP_Application_Passwords::create_new_application_password( - get_current_user_id(), + $user->ID, array( - 'name' => $app_name, - 'app_id' => $app_id, + 'name' => $_POST['app_name'], + 'app_id' => $_POST['app_id'], ) ); @@ -42,14 +34,14 @@ } else { list( $new_password ) = $created; - if ( $success_url ) { + if ( $_POST['success_url'] ) { $redirect = add_query_arg( array( 'site_url' => urlencode( site_url() ), - 'user_login' => urlencode( wp_get_current_user()->user_login ), + 'user_login' => urlencode( $user->user_login ), 'password' => urlencode( $new_password ), ), - $success_url + $_POST['success_url'] ); } } @@ -62,9 +54,6 @@ } } -// Used in the HTML title tag. -$title = __( 'Authorize Application' ); - $app_name = ! empty( $_REQUEST['app_name'] ) ? $_REQUEST['app_name'] : ''; $app_id = ! empty( $_REQUEST['app_id'] ) ? $_REQUEST['app_id'] : ''; $success_url = ! empty( $_REQUEST['success_url'] ) ? $_REQUEST['success_url'] : null; @@ -77,8 +66,6 @@ $reject_url = null; } -$user = wp_get_current_user(); - $request = compact( 'app_name', 'app_id', 'success_url', 'reject_url' ); $is_valid = wp_is_authorize_application_password_request_valid( $request, $user ); @@ -132,11 +119,9 @@ ); require_once ABSPATH . 'wp-admin/admin-header.php'; - ?>
-

- +

-

@@ -163,7 +147,6 @@

- ID, true ); @@ -173,35 +156,33 @@ ?>

the %2$s site in this installation that you have permissions on.', - 'This will grant access to all %2$s sites in this installation that you have permissions on.', - $blogs_count - ); - - if ( is_super_admin() ) { /* translators: 1: URL to my-sites.php, 2: Number of sites the user has. */ $message = _n( - 'This will grant access to the %2$s site on the network as you have Super Admin rights.', - 'This will grant access to all %2$s sites on the network as you have Super Admin rights.', + 'This will grant access to the %2$s site in this installation that you have permissions on.', + 'This will grant access to all %2$s sites in this installation that you have permissions on.', $blogs_count ); - } - printf( - $message, - admin_url( 'my-sites.php' ), - number_format_i18n( $blogs_count ) - ); + if ( is_super_admin() ) { + /* translators: 1: URL to my-sites.php, 2: Number of sites the user has. */ + $message = _n( + 'This will grant access to the %2$s site on the network as you have Super Admin rights.', + 'This will grant access to all %2$s sites on the network as you have Super Admin rights.', + $blogs_count + ); + } + + printf( + $message, + admin_url( 'my-sites.php' ), + number_format_i18n( $blogs_count ) + ); ?>

-